Patents Examined by Kambiz Zand
-
Patent number: 12197554Abstract: A computer-implemented method for executing a user instruction may include obtaining identification data of a user via a device associated with the user, wherein the identification data comprises at least a password, a user name, and biometric data of the user; determining, via the one or more processors, a login status based on the identification data; demonstrating, to the user, historical account data based on the login status, wherein the historical account data comprises at least historical biometric data associated with one or more historical logins; receiving, via the one or more processors, the user instruction based on the historical account data, wherein the user instruction comprises at least one of revoking a historical login, changing password, or signing out a historical device associated with a historical login of the one or more historical logins; and executing, via the one or more processors, the user instruction.Type: GrantFiled: October 2, 2023Date of Patent: January 14, 2025Assignee: Capital One Services, LLCInventors: Zainab Zaki, Jackson Cheek
-
Patent number: 12199951Abstract: A new container of a pool of containers is spawned in the operating system of the embedded networking device to execute a firewall separate from an operating system of a host device. Each of the containers is generated by a separate toolchain to include custom runtime libraries. The firewall utilizes the custom libraries rather than the host libraries, and wherein user privileges within a container is different from user privileges for the host. The new container executes a firewall instance to inspect data packets processed by the embedded networking device.Type: GrantFiled: March 31, 2022Date of Patent: January 14, 2025Assignee: Fortinet, Inc.Inventors: Wei Wang, Dazhi Li
-
Patent number: 12192386Abstract: Methods and systems are described for facilitating blockchain operations based on network congestion. The system may facilitate blockchain operations by generating recommendations for blockchain operations based on values for one or more blockchain operation characteristics that are determined based on a likelihood that a given blockchain operation will be completed in a timely manner. The system thus ensures accounts for transient congestion in a blockchain network, while also minimizing a burden on a user device attempting to perform a blockchain operation.Type: GrantFiled: March 21, 2022Date of Patent: January 7, 2025Assignee: Coinbase, Inc.Inventor: Yuga Cohler
-
Patent number: 12189821Abstract: This patent disclosure provides various verification techniques to ensure that anonymized surgical procedure videos are indeed free of any personally-identifiable information (PII). In a particular aspect, a process for verifying that an anonymized surgical procedure video is free of PII is disclosed. This process can begin by receiving a surgical video corresponding to a surgery. The process next removes personally-identifiable information (PII) from the surgical video to generate an anonymized surgical video. Next, the process selects a set of verification video segments from the anonymized surgical procedure video. The process subsequently determines whether each segment in the set of verification video segments is free of PII. If so, the process replaces the surgical video with the anonymized surgical video for storage. If not, the process performs additional PII removal steps on the anonymized surgical video to generate an updated anonymized surgical procedure video.Type: GrantFiled: May 18, 2023Date of Patent: January 7, 2025Assignee: Verb Surgical Inc.Inventors: Jagadish Venkataraman, Pablo Garcia Kilroy
-
Patent number: 12192331Abstract: An apparatus comprises a processing device configured to receive, at a web browser from a web-based service running on a web server, a request for signature of one or more messages using at least one cryptographic key pair comprising a public key made accessible to the web-based service running on the web server and a private key maintained in secure storage accessible to the web browser. The processing device is also configured to generate, at the web browser, one or more interface features permitting a given user to accept or deny the request for signature and, responsive to the given user accepting the request for signature of a given message, digitally signing the given message utilizing the private key of the cryptographic key pair. The processing device is further configured to provide, from the web browser to the web-based service, a response comprising the digital signature of the given message.Type: GrantFiled: March 30, 2022Date of Patent: January 7, 2025Assignee: Dell Products L.P.Inventors: Bradley K. Goodman, John Henry Terpstra
-
Patent number: 12192247Abstract: Methods, systems, and computer readable media for network security are described. In some implementations, security tasks and roles can be allocated between an endpoint device and a firewall device based on tag information sent from the endpoint, the tag information including one or more characteristics of a traffic flow, information of resource availability, and/or reputation of a process associated with a traffic flow.Type: GrantFiled: October 9, 2023Date of Patent: January 7, 2025Assignee: Sophos LimitedInventors: Andy Thomas, Nishit Shah, Daniel Stutz
-
Patent number: 12189800Abstract: Described herein are approaches for generating a new queue based on an existing queue. This may include receiving a request to transfer the existing queue from a first device to a second device. A set of move criteria may be evaluated using a playback context, a user profile, a configuration associated with the second device, and/or a level of access constraints. Depending on the results of the evaluation, the existing queue may be completely reformulated to define the new queue. The second device may then be instructed to play the new queue.Type: GrantFiled: March 9, 2022Date of Patent: January 7, 2025Assignee: Amazon Technologies, Inc.Inventors: Benjamin La Schiazza, Christopher McGilliard, David Lawrence Webb, Tim Pritchard, Catherine Du Pont-Thibodeau
-
Patent number: 12185102Abstract: Devices and methods for accessing and for controlling access of a node, called “challenged node”, that has already been authenticated and is provisionally connected to a network of nodes, the network including at least one node, called “challenging node”. The method for controlling access, implemented by a challenging node, includes: defining a personalized test that must be executed by the challenged node; sending the test to the challenged node; receiving, from the challenged node, at least one result of the execution of the test; and authorizing or refusing the access of the challenged node to the network, at least on the basis of the result.Type: GrantFiled: December 20, 2018Date of Patent: December 31, 2024Assignee: ORANGEInventors: Gael Fromentoux, Frederic Fieau
-
Patent number: 12184780Abstract: The present embodiments relate to establishing secure data communication using an Elliptic-curve Diffie-Hellman ephemeral (ECDHE) key agreement procedure. Devices in a network environment can utilize a key agreement procedure to establish secure communication between multiple application layers in a micro service architecture. Particularly, a tunnel can be established between a mobile device and an encryption service by transmitting key information between the mobile device and the encryption service. This can allow for encryption keys to only be accurately generated by the mobile device and encryption service. Accordingly, intermediary nodes may be unable to decrypt the data, allowing for safe and secure transport of sensitive data.Type: GrantFiled: January 3, 2023Date of Patent: December 31, 2024Assignee: United Services Automobile Association (USAA)Inventors: Jason Paul Hendry, Zachary Curtis Wade, Daniel Thane Davidson, Patrick Joseph O'Neal, Justin Armstrong Leonard
-
Patent number: 12177244Abstract: One variation of a method for emulating a known attack on a computer network includes: generating a set of data packets by recombining packet fragments within a packet capture file representing packet fragments transmitted between machines during a prior malicious attack on a second network; defining transmission triggers for transmission of the set of data packets between pairs of agents connected to a target network based on timestamps of packet fragments in the packet capture file; initiating transmission of the set of data packets between the pairs agents according to the set of transmission triggers to simulate the malicious attack on the target network; and, in response to absence of a security event related to the simulation in a log of a security technology deployed on the target network, generating a prompt to reconfigure the security technology to respond to the malicious attack.Type: GrantFiled: December 5, 2023Date of Patent: December 24, 2024Assignee: AttackIQ, Inc.Inventors: Renan Fischer e Silva, Albert López Fernández, Rajesh K. Sharma
-
Patent number: 12177202Abstract: A method of providing login information may include sending, from a service web page executed on a browser, a login request to an authentication web page executed on the browser, executing, by the authentication web page, a single sign on (SSO) agent in an electronic device, sending, by the authentication web page, a request for authentication information of a user to the SSO agent, generating and transmitting, by the SSO agent, a random number to the authentication web page, generating and transmitting an encrypted eigenvalue on an authentication web server based on the random number to the SSO agent, calling, by the SSO agent, an authentication application programming interface (API) server, and transmitting the eigenvalue, validating the eigenvalue on the authentication API server, and receiving, by the SSO agent, a result of the validating from the authentication API server, and transmitting the authentication information to the authentication web server.Type: GrantFiled: November 29, 2022Date of Patent: December 24, 2024Assignee: SAMSUNG ELECTRONICS CO., LTD.Inventors: Seonhyung Lee, Joohyun Kim, Jaewon Lee
-
Patent number: 12177240Abstract: The present invention is generally directed to the detection of an intrusion event in a computer network and a control network. More particularly, the present invention provides a system, framework, architecture, etc. for intrusion detection functions for network elements and control elements used in high demand and/or mission critical environments, including, but not limited to, power stations, sub-stations, intelligent transportation systems (ITS), rail, traffic control systems, chemical, oil & gas, critical manufacturing, and industrial applications.Type: GrantFiled: February 28, 2023Date of Patent: December 24, 2024Assignee: iS5 Communications Inc.Inventor: Tamer Soliman
-
Patent number: 12177672Abstract: Security policies are made dependent on location of a device and the location of a device is determined and the appropriate security policy applied without providing the device's location to a server. A device determine its location and identifies a security policy identifier mapped to a zone including the location. The device requests the security policy corresponding to the identifier from a server and implements it. The device may also store a database of the security policies and implement them according to its location. Devices registered for a user evaluate whether locations detected for the devices correspond to impossible travel by the user. Objects encoding geolocation data of a device may be encrypted with a private key of the device and the public key of another to prevent access by an intermediary server.Type: GrantFiled: October 31, 2023Date of Patent: December 24, 2024Assignee: LOOKOUT INC.Inventors: Brian James Buck, Jeroen Martijn Wijdogen, Kevin Lam, Varun Shimoga Prakash, Michael Joseph Mole, Pradeep Deepak Phatak, Praveen Kumar Mamnani
-
Patent number: 12177362Abstract: An attribute information conversion device includes: a memory; and a processor coupled to the memory and configured to: issue first access information and second access information linked to each other in response to a request upon reception of the request for conversion from attribute information of a first type of a user that may be used in a first service into the attribute information of a second type that may be used in a second service different from the first service; perform, upon acquisition of the attribute information of the user from a terminal through the first access information, conversion of the acquired attribute information from the attribute information of the first type into the attribute information of the second type; and output the converted attribute information to a terminal that has made access through the second access information.Type: GrantFiled: October 19, 2022Date of Patent: December 24, 2024Assignee: FUJITSU LIMITEDInventors: Takuya Sakamoto, Mebae Yamaoka, Takeru Fukuoka
-
Patent number: 12170676Abstract: A service provider provides flexible access to services using an identity provider. The service provider is associated with a custom access policy used by the identity provider to authenticate access requests associated with client devices for services of the client system. The custom access policy describes a set of access levels corresponding to variable levels of access to services of the service provider. The identity provider authenticates access requests by client devices using one or more device signals from the client devices. In some embodiments, the identity provider determines a device trust score for the client device using the one or more device signals. The identity provider provides an authentication response to the client system based on the custom access policy. The client system uses the authentication response to determine an access level for the client device from the set of access levels described by the custom access policy.Type: GrantFiled: May 10, 2023Date of Patent: December 17, 2024Inventors: Dipti Vivek Shiralkar, Arun Thotta Suresh, Mohammad Rahimi, Ankit Garg
-
Patent number: 12170671Abstract: Disclosed are systems and methods for secure selection of a user profile in a shared context. For example, a method may include: determining, by one or more processors, an association between a user device and a shared user profile; determining, by the one or more processors, that the user device is within a predetermined proximity of a multiuser device; determining, by the one or more processors, the shared user profile associated with the user device as a result of determining that the user device is within the predetermined proximity of the multiuser device; receiving, by the one or more processors, biometric verification from the first user; and activating, by the one or more processors, the first specific user profile associated with the first user on the multiuser device as a result of determining that the first user has successfully provided biometric verification.Type: GrantFiled: September 9, 2022Date of Patent: December 17, 2024Assignee: Verizon Patent and Licensing Inc.Inventor: George Fletcher
-
Patent number: 12170662Abstract: Provided is a process for mobile-initiated authentications to web services. Credential values of the user are established within a trusted execution environment of the mobile device and representations are transmitted to a server. The user of the mobile device may authenticate with the mobile device to the server, which may convey access to a web-based service from a relying device that executes a client authentication component to report user sessions to the server. The user may select the relying device from the mobile device to cause the relying device to present credentials to the web-service to login, authenticate, or otherwise obtain user-level permission for the user on the relying device. The user of the mobile device may authenticate with the mobile device to the server, and may initiate the authentication process from the mobile device, without inputting credentials corresponding to the web-service on the relying device.Type: GrantFiled: December 21, 2021Date of Patent: December 17, 2024Assignee: HYPR Corp.Inventors: George Avetisov, Roman Kadinsky, Bojan Simic
-
Patent number: 12166795Abstract: A cyber security system creates a behavioral framework for evaluating the cyber security of an organization's computer systems based on its employees. The system leverages offline and online individual identity information and then translates this data to anonymous identifiers to protect privacy. The identifiers are used to pull data from an identity graph, which includes behavioral data. A business-to-business identity graph correlates the name of an organization that maintains the targeted computer system with the anonymous identifiers of employees. Online activity is gathered by pixels fired from websites accessed by user browsers and gathered by one or more remote servers.Type: GrantFiled: March 8, 2021Date of Patent: December 10, 2024Assignee: LiveRamp, Inc.Inventors: Rachael Boyle, Lucy Huang, Lisa Cramer
-
Patent number: 12166873Abstract: A method of rotating a set of keys, having a media encryption key (MEK) and a current media encryption key encryption key (MEKEK) encrypted and stored in a self-encrypting drive (SED) having data encrypted with the MEK (MEK(data)), includes decrypting the stored MEK and the current MEKEK. A new MEK (MEK?) and a new MEKEK (MEKEK?) are generated. The MEKEK? is encrypted to replace the current encrypted MEKEK. A concatenation of the MEK and the MEK? is encrypted with MEKEK?. The encrypted data MEK(data) is re-encrypted with MEK?.Type: GrantFiled: March 2, 2021Date of Patent: December 10, 2024Assignee: Seagate Technology LLCInventors: Hamza Jeljeli, Kian Beng Lim, Saravanan Nagarajan
-
Patent number: 12166875Abstract: A working method for a key device and a key device, including: a smart key apparatus receives an authentication instruction, determines a type of the authentication instruction, parses a FIDO2 authentication instruction to obtain a credential if the instruction is the FIDO2 authentication instruction, checks whether the credential is complete by using a changing key corresponding to the FIDO2, if a check is successful, the credential is registered in a FIDO2 mode, and the authentication response is generated and returned to the client; and if the check fails, whether the credential is complete is checked by using the changing key corresponding to a U2F, and the credential is registered in a U2F mode if a check is successful, the authentication response is generated and returned to the client, and an error response is returned to the client if the check fails.Type: GrantFiled: September 9, 2021Date of Patent: December 10, 2024Assignee: Feitian Technologies Co., Ltd.Inventors: Zhou Lu, Huazhang Yu