Patents Examined by Kambiz Zand
  • Patent number: 12197554
    Abstract: A computer-implemented method for executing a user instruction may include obtaining identification data of a user via a device associated with the user, wherein the identification data comprises at least a password, a user name, and biometric data of the user; determining, via the one or more processors, a login status based on the identification data; demonstrating, to the user, historical account data based on the login status, wherein the historical account data comprises at least historical biometric data associated with one or more historical logins; receiving, via the one or more processors, the user instruction based on the historical account data, wherein the user instruction comprises at least one of revoking a historical login, changing password, or signing out a historical device associated with a historical login of the one or more historical logins; and executing, via the one or more processors, the user instruction.
    Type: Grant
    Filed: October 2, 2023
    Date of Patent: January 14, 2025
    Assignee: Capital One Services, LLC
    Inventors: Zainab Zaki, Jackson Cheek
  • Patent number: 12199951
    Abstract: A new container of a pool of containers is spawned in the operating system of the embedded networking device to execute a firewall separate from an operating system of a host device. Each of the containers is generated by a separate toolchain to include custom runtime libraries. The firewall utilizes the custom libraries rather than the host libraries, and wherein user privileges within a container is different from user privileges for the host. The new container executes a firewall instance to inspect data packets processed by the embedded networking device.
    Type: Grant
    Filed: March 31, 2022
    Date of Patent: January 14, 2025
    Assignee: Fortinet, Inc.
    Inventors: Wei Wang, Dazhi Li
  • Patent number: 12192386
    Abstract: Methods and systems are described for facilitating blockchain operations based on network congestion. The system may facilitate blockchain operations by generating recommendations for blockchain operations based on values for one or more blockchain operation characteristics that are determined based on a likelihood that a given blockchain operation will be completed in a timely manner. The system thus ensures accounts for transient congestion in a blockchain network, while also minimizing a burden on a user device attempting to perform a blockchain operation.
    Type: Grant
    Filed: March 21, 2022
    Date of Patent: January 7, 2025
    Assignee: Coinbase, Inc.
    Inventor: Yuga Cohler
  • Patent number: 12189821
    Abstract: This patent disclosure provides various verification techniques to ensure that anonymized surgical procedure videos are indeed free of any personally-identifiable information (PII). In a particular aspect, a process for verifying that an anonymized surgical procedure video is free of PII is disclosed. This process can begin by receiving a surgical video corresponding to a surgery. The process next removes personally-identifiable information (PII) from the surgical video to generate an anonymized surgical video. Next, the process selects a set of verification video segments from the anonymized surgical procedure video. The process subsequently determines whether each segment in the set of verification video segments is free of PII. If so, the process replaces the surgical video with the anonymized surgical video for storage. If not, the process performs additional PII removal steps on the anonymized surgical video to generate an updated anonymized surgical procedure video.
    Type: Grant
    Filed: May 18, 2023
    Date of Patent: January 7, 2025
    Assignee: Verb Surgical Inc.
    Inventors: Jagadish Venkataraman, Pablo Garcia Kilroy
  • Patent number: 12192331
    Abstract: An apparatus comprises a processing device configured to receive, at a web browser from a web-based service running on a web server, a request for signature of one or more messages using at least one cryptographic key pair comprising a public key made accessible to the web-based service running on the web server and a private key maintained in secure storage accessible to the web browser. The processing device is also configured to generate, at the web browser, one or more interface features permitting a given user to accept or deny the request for signature and, responsive to the given user accepting the request for signature of a given message, digitally signing the given message utilizing the private key of the cryptographic key pair. The processing device is further configured to provide, from the web browser to the web-based service, a response comprising the digital signature of the given message.
    Type: Grant
    Filed: March 30, 2022
    Date of Patent: January 7, 2025
    Assignee: Dell Products L.P.
    Inventors: Bradley K. Goodman, John Henry Terpstra
  • Patent number: 12192247
    Abstract: Methods, systems, and computer readable media for network security are described. In some implementations, security tasks and roles can be allocated between an endpoint device and a firewall device based on tag information sent from the endpoint, the tag information including one or more characteristics of a traffic flow, information of resource availability, and/or reputation of a process associated with a traffic flow.
    Type: Grant
    Filed: October 9, 2023
    Date of Patent: January 7, 2025
    Assignee: Sophos Limited
    Inventors: Andy Thomas, Nishit Shah, Daniel Stutz
  • Patent number: 12189800
    Abstract: Described herein are approaches for generating a new queue based on an existing queue. This may include receiving a request to transfer the existing queue from a first device to a second device. A set of move criteria may be evaluated using a playback context, a user profile, a configuration associated with the second device, and/or a level of access constraints. Depending on the results of the evaluation, the existing queue may be completely reformulated to define the new queue. The second device may then be instructed to play the new queue.
    Type: Grant
    Filed: March 9, 2022
    Date of Patent: January 7, 2025
    Assignee: Amazon Technologies, Inc.
    Inventors: Benjamin La Schiazza, Christopher McGilliard, David Lawrence Webb, Tim Pritchard, Catherine Du Pont-Thibodeau
  • Patent number: 12185102
    Abstract: Devices and methods for accessing and for controlling access of a node, called “challenged node”, that has already been authenticated and is provisionally connected to a network of nodes, the network including at least one node, called “challenging node”. The method for controlling access, implemented by a challenging node, includes: defining a personalized test that must be executed by the challenged node; sending the test to the challenged node; receiving, from the challenged node, at least one result of the execution of the test; and authorizing or refusing the access of the challenged node to the network, at least on the basis of the result.
    Type: Grant
    Filed: December 20, 2018
    Date of Patent: December 31, 2024
    Assignee: ORANGE
    Inventors: Gael Fromentoux, Frederic Fieau
  • Patent number: 12184780
    Abstract: The present embodiments relate to establishing secure data communication using an Elliptic-curve Diffie-Hellman ephemeral (ECDHE) key agreement procedure. Devices in a network environment can utilize a key agreement procedure to establish secure communication between multiple application layers in a micro service architecture. Particularly, a tunnel can be established between a mobile device and an encryption service by transmitting key information between the mobile device and the encryption service. This can allow for encryption keys to only be accurately generated by the mobile device and encryption service. Accordingly, intermediary nodes may be unable to decrypt the data, allowing for safe and secure transport of sensitive data.
    Type: Grant
    Filed: January 3, 2023
    Date of Patent: December 31, 2024
    Assignee: United Services Automobile Association (USAA)
    Inventors: Jason Paul Hendry, Zachary Curtis Wade, Daniel Thane Davidson, Patrick Joseph O'Neal, Justin Armstrong Leonard
  • Patent number: 12177244
    Abstract: One variation of a method for emulating a known attack on a computer network includes: generating a set of data packets by recombining packet fragments within a packet capture file representing packet fragments transmitted between machines during a prior malicious attack on a second network; defining transmission triggers for transmission of the set of data packets between pairs of agents connected to a target network based on timestamps of packet fragments in the packet capture file; initiating transmission of the set of data packets between the pairs agents according to the set of transmission triggers to simulate the malicious attack on the target network; and, in response to absence of a security event related to the simulation in a log of a security technology deployed on the target network, generating a prompt to reconfigure the security technology to respond to the malicious attack.
    Type: Grant
    Filed: December 5, 2023
    Date of Patent: December 24, 2024
    Assignee: AttackIQ, Inc.
    Inventors: Renan Fischer e Silva, Albert López Fernández, Rajesh K. Sharma
  • Patent number: 12177202
    Abstract: A method of providing login information may include sending, from a service web page executed on a browser, a login request to an authentication web page executed on the browser, executing, by the authentication web page, a single sign on (SSO) agent in an electronic device, sending, by the authentication web page, a request for authentication information of a user to the SSO agent, generating and transmitting, by the SSO agent, a random number to the authentication web page, generating and transmitting an encrypted eigenvalue on an authentication web server based on the random number to the SSO agent, calling, by the SSO agent, an authentication application programming interface (API) server, and transmitting the eigenvalue, validating the eigenvalue on the authentication API server, and receiving, by the SSO agent, a result of the validating from the authentication API server, and transmitting the authentication information to the authentication web server.
    Type: Grant
    Filed: November 29, 2022
    Date of Patent: December 24, 2024
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Seonhyung Lee, Joohyun Kim, Jaewon Lee
  • Patent number: 12177240
    Abstract: The present invention is generally directed to the detection of an intrusion event in a computer network and a control network. More particularly, the present invention provides a system, framework, architecture, etc. for intrusion detection functions for network elements and control elements used in high demand and/or mission critical environments, including, but not limited to, power stations, sub-stations, intelligent transportation systems (ITS), rail, traffic control systems, chemical, oil & gas, critical manufacturing, and industrial applications.
    Type: Grant
    Filed: February 28, 2023
    Date of Patent: December 24, 2024
    Assignee: iS5 Communications Inc.
    Inventor: Tamer Soliman
  • Patent number: 12177672
    Abstract: Security policies are made dependent on location of a device and the location of a device is determined and the appropriate security policy applied without providing the device's location to a server. A device determine its location and identifies a security policy identifier mapped to a zone including the location. The device requests the security policy corresponding to the identifier from a server and implements it. The device may also store a database of the security policies and implement them according to its location. Devices registered for a user evaluate whether locations detected for the devices correspond to impossible travel by the user. Objects encoding geolocation data of a device may be encrypted with a private key of the device and the public key of another to prevent access by an intermediary server.
    Type: Grant
    Filed: October 31, 2023
    Date of Patent: December 24, 2024
    Assignee: LOOKOUT INC.
    Inventors: Brian James Buck, Jeroen Martijn Wijdogen, Kevin Lam, Varun Shimoga Prakash, Michael Joseph Mole, Pradeep Deepak Phatak, Praveen Kumar Mamnani
  • Patent number: 12177362
    Abstract: An attribute information conversion device includes: a memory; and a processor coupled to the memory and configured to: issue first access information and second access information linked to each other in response to a request upon reception of the request for conversion from attribute information of a first type of a user that may be used in a first service into the attribute information of a second type that may be used in a second service different from the first service; perform, upon acquisition of the attribute information of the user from a terminal through the first access information, conversion of the acquired attribute information from the attribute information of the first type into the attribute information of the second type; and output the converted attribute information to a terminal that has made access through the second access information.
    Type: Grant
    Filed: October 19, 2022
    Date of Patent: December 24, 2024
    Assignee: FUJITSU LIMITED
    Inventors: Takuya Sakamoto, Mebae Yamaoka, Takeru Fukuoka
  • Patent number: 12170676
    Abstract: A service provider provides flexible access to services using an identity provider. The service provider is associated with a custom access policy used by the identity provider to authenticate access requests associated with client devices for services of the client system. The custom access policy describes a set of access levels corresponding to variable levels of access to services of the service provider. The identity provider authenticates access requests by client devices using one or more device signals from the client devices. In some embodiments, the identity provider determines a device trust score for the client device using the one or more device signals. The identity provider provides an authentication response to the client system based on the custom access policy. The client system uses the authentication response to determine an access level for the client device from the set of access levels described by the custom access policy.
    Type: Grant
    Filed: May 10, 2023
    Date of Patent: December 17, 2024
    Inventors: Dipti Vivek Shiralkar, Arun Thotta Suresh, Mohammad Rahimi, Ankit Garg
  • Patent number: 12170671
    Abstract: Disclosed are systems and methods for secure selection of a user profile in a shared context. For example, a method may include: determining, by one or more processors, an association between a user device and a shared user profile; determining, by the one or more processors, that the user device is within a predetermined proximity of a multiuser device; determining, by the one or more processors, the shared user profile associated with the user device as a result of determining that the user device is within the predetermined proximity of the multiuser device; receiving, by the one or more processors, biometric verification from the first user; and activating, by the one or more processors, the first specific user profile associated with the first user on the multiuser device as a result of determining that the first user has successfully provided biometric verification.
    Type: Grant
    Filed: September 9, 2022
    Date of Patent: December 17, 2024
    Assignee: Verizon Patent and Licensing Inc.
    Inventor: George Fletcher
  • Patent number: 12170662
    Abstract: Provided is a process for mobile-initiated authentications to web services. Credential values of the user are established within a trusted execution environment of the mobile device and representations are transmitted to a server. The user of the mobile device may authenticate with the mobile device to the server, which may convey access to a web-based service from a relying device that executes a client authentication component to report user sessions to the server. The user may select the relying device from the mobile device to cause the relying device to present credentials to the web-service to login, authenticate, or otherwise obtain user-level permission for the user on the relying device. The user of the mobile device may authenticate with the mobile device to the server, and may initiate the authentication process from the mobile device, without inputting credentials corresponding to the web-service on the relying device.
    Type: Grant
    Filed: December 21, 2021
    Date of Patent: December 17, 2024
    Assignee: HYPR Corp.
    Inventors: George Avetisov, Roman Kadinsky, Bojan Simic
  • Patent number: 12166795
    Abstract: A cyber security system creates a behavioral framework for evaluating the cyber security of an organization's computer systems based on its employees. The system leverages offline and online individual identity information and then translates this data to anonymous identifiers to protect privacy. The identifiers are used to pull data from an identity graph, which includes behavioral data. A business-to-business identity graph correlates the name of an organization that maintains the targeted computer system with the anonymous identifiers of employees. Online activity is gathered by pixels fired from websites accessed by user browsers and gathered by one or more remote servers.
    Type: Grant
    Filed: March 8, 2021
    Date of Patent: December 10, 2024
    Assignee: LiveRamp, Inc.
    Inventors: Rachael Boyle, Lucy Huang, Lisa Cramer
  • Patent number: 12166873
    Abstract: A method of rotating a set of keys, having a media encryption key (MEK) and a current media encryption key encryption key (MEKEK) encrypted and stored in a self-encrypting drive (SED) having data encrypted with the MEK (MEK(data)), includes decrypting the stored MEK and the current MEKEK. A new MEK (MEK?) and a new MEKEK (MEKEK?) are generated. The MEKEK? is encrypted to replace the current encrypted MEKEK. A concatenation of the MEK and the MEK? is encrypted with MEKEK?. The encrypted data MEK(data) is re-encrypted with MEK?.
    Type: Grant
    Filed: March 2, 2021
    Date of Patent: December 10, 2024
    Assignee: Seagate Technology LLC
    Inventors: Hamza Jeljeli, Kian Beng Lim, Saravanan Nagarajan
  • Patent number: 12166875
    Abstract: A working method for a key device and a key device, including: a smart key apparatus receives an authentication instruction, determines a type of the authentication instruction, parses a FIDO2 authentication instruction to obtain a credential if the instruction is the FIDO2 authentication instruction, checks whether the credential is complete by using a changing key corresponding to the FIDO2, if a check is successful, the credential is registered in a FIDO2 mode, and the authentication response is generated and returned to the client; and if the check fails, whether the credential is complete is checked by using the changing key corresponding to a U2F, and the credential is registered in a U2F mode if a check is successful, the authentication response is generated and returned to the client, and an error response is returned to the client if the check fails.
    Type: Grant
    Filed: September 9, 2021
    Date of Patent: December 10, 2024
    Assignee: Feitian Technologies Co., Ltd.
    Inventors: Zhou Lu, Huazhang Yu