Patents Examined by Kenneth W Chang
-
Patent number: 11877149Abstract: Systems and methods of protecting an initial NAS message are described. Depending on whether a security context for a serving PLMN is stored, the UE uses either a public key from the serving PLMN or a key from the security context to encrypt parts of the initial NAS message. An initial NAS message containing the encrypted parts is then sent to an AMF of the serving PLMN. The serving PLMN public key is transmitted via a SIB. Prior to transmission of the initial NAS message or in parallel with it, an RRC message is sent to the base station. The RRC message contains the UE identifier and/or a NSSAI encrypted using the serving PLMN public key.Type: GrantFiled: September 13, 2019Date of Patent: January 16, 2024Assignee: Apple Inc.Inventors: Alexandre Saso Stojanovski, Robert Zaus, Farid Adrangi, Raimund Wloka, Abhijeet Ashok Kolekar, Ahmed Soliman
-
Patent number: 11876830Abstract: A network based hyperlocal authentication system and method is described. After establishing communications between a gateway and a remote network component, and after establishing communications between a wireless client device and the remote network component, the wireless client device requests an exclusive local key from the remote network component. The remote network component generates and transmits the exclusive local key to the gateway. The gateway then transmits the exclusive local key to the client device application with a gateway short range gateway transceiver. The wireless client device receives the exclusive local key from the gateway and then requests and receives a cryptographic material from the remote network component. The wireless client device communicates with the remote network component with the exclusive local key, received from the gateway, and the cryptographic material, received from the network component.Type: GrantFiled: January 23, 2023Date of Patent: January 16, 2024Assignee: LOYALTY IOT, INC.Inventors: Michael A. Kerr, Jesus P. Espinoza
-
Patent number: 11876802Abstract: A command to load or unload data at a storage location is received. In response to the command, a storage integration object associated with the storage location is identified. The storage integration object identifies a cloud identity object that corresponds to a cloud identity that is associated with a proxy identity object corresponding to a proxy identity granted permission to access the storage location. The data is loaded or unloaded at the storage location by assuming the proxy identity.Type: GrantFiled: November 11, 2022Date of Patent: January 16, 2024Assignee: Snowflake Inc.Inventors: Polita Paulus, Peter Povinec, Saurin Shah, Srinidhi Karthik Bisthavalli Srinivasa
-
Patent number: 11870800Abstract: A cyber security risk assessment system is described. In an example implementation, the system may generate an input feature space including data associated with a computing system by collecting the data from a plurality of computer sources. The system may compute a likelihood of data-security breach incidents based on the input feature space using a first computer model, recognize events based on the input feature space using a second computer model, and determine a severity of the data-security breach incident or the event using a third computer model. In some instances, the system may generate risk factor scores based on the determined severity, data-security breach incident, and the event, where the risk factor scores indicate a computer security risk of a certain computer security aspect of the computing system. The system may then perform an action based on the risk factor scores.Type: GrantFiled: October 14, 2022Date of Patent: January 9, 2024Assignee: Cowbell Cyber, Inc.Inventors: Jagannath Y. Kudale, Rajeev Gupta, Prabhakar Reddy, Vaidehi Kedlaya, Harikrishna Prabhu, Nikita Nalawade
-
Patent number: 11832097Abstract: The subject matter describes devices, networks, systems, media, and methods to create secure communications between wireless devices and cellular networks, where the wireless devices communicate with the cellular networks via multi-hopping methods in wireless networks.Type: GrantFiled: June 3, 2021Date of Patent: November 28, 2023Assignee: M87, Inc.Inventors: Vidur Bhargava, Eric Kord Henderson, Peter Matthew Feldman
-
Patent number: 11831609Abstract: This document describes among other things, network security systems that incorporate a feedback loop so as to automatically and dynamically adjust the scope of network traffic that is subject to inspection. Risky traffic can be sent for inspection; risky traffic that is demonstrated to have high rate of threats can be outright blocked without further inspection; traffic that is causing errors due to protocol incompatibility or should not be inspected for regulatory or other reasons can be flagged so it bypasses the security inspection system. The system can operate on a domain by domain basis, IP address basis, or otherwise.Type: GrantFiled: April 18, 2022Date of Patent: November 28, 2023Assignee: Akamai Technologies, Inc.Inventors: Eugene (“John”) Neystadt, Eyal Heiman, Elisha Ben-Zvi, Asaf Nadler
-
Patent number: 11822645Abstract: A method for tracing function execution includes instantiating, by at least one hardware processor of a computing node, a user code runtime configured with access to an operating system (OS) kernel of the computing node. The user code runtime is configured with a first set of filtering policies associated with a first set of allowed system calls. The OS kernel is configured with a second set of filtering policies associated with a second set of allowed system calls. A system call initiated by the user code runtime is detected to violate one or both of the first set of allowed system calls and the second set of allowed system calls. A trace of the system call is initiated based on the detecting.Type: GrantFiled: January 30, 2023Date of Patent: November 21, 2023Assignee: Snowflake Inc.Inventors: Brandon S. Baker, Derek Denny-Brown, Mark M. Manning, Andong Zhan
-
Patent number: 11813953Abstract: Various example embodiments relate to identifying an electric vehicle charging station. An authentication method applicable with any electric vehicle charging station may be provided. In an embodiment, an alert or quarantine of an electric vehicle charging may be triggered based on invalid authentication. Advantageously, improved security may be provided for communication in a charging management system. A computing device, a method and a computer program are disclosed.Type: GrantFiled: December 2, 2021Date of Patent: November 14, 2023Assignee: LIIKENNEVIRTA OY / VIRTA LTDInventor: Jussi Ahtikari
-
Patent number: 11818177Abstract: Methods and systems are also described for an integrated cyber incident management system that may store native data corresponding to fields of cyber incident management system (or other non-integrated systems) and integration data (e.g., viewable through a user interface of the integrated cyber incident management system), which describes a relationship of the native data to the integrated cyber incident management system, at a structure node in the architecture of the integrated cyber incident management system. The structure node may correspond to the convergence of two structures in the architecture of the integrated cyber incident management system. Each structure may itself correspond to a native hierarchal relationship in a non-integrated cyber incident management system.Type: GrantFiled: February 28, 2023Date of Patent: November 14, 2023Assignee: Capital One Services, LLCInventors: Brian Brurok, Mario Cotom, Christopher Euerle, Matthew Anderson, Margo Chanin, Sean Spaniol
-
Patent number: 11805140Abstract: A device may receive training data simulating different types of software-defined network (SDN) attacks or anomalies and may train a machine learning model with the training data to generate a trained machine learning model. The device may receive SDN data from multiple SDN controllers and multiple SDN devices of an SDN network and may perform natural language processing on the SDN data to clean the SDN data and generate clean SDN data. The device may process the clean SDN data, with the trained machine learning model, to identify an attack on the SDN network or one or more anomalies in the SDN data and may perform one or more actions based on the attack on the SDN network or the one or more anomalies in the SDN data.Type: GrantFiled: March 22, 2021Date of Patent: October 31, 2023Assignee: Verizon Patent and Licensing Inc.Inventors: Sonali Sen Baidya, Abhishek Baidya
-
Patent number: 11792222Abstract: Techniques are disclosed for usage-tracking of various information security (InfoSec) entities for tenants/organization onboarded on an instant multi-tenant security assurance platform. The InfoSec entities include policies, procedures, controls and evidence tasks. A policy or procedure is enforced by implementing one or more controls, and the collection of one or more evidence tasks proves/verifies the implementation of a control. The InfoSec entities are linked to each other across the platform and accrue a number of benefits for the tenants. These include generating a security questionnaire response (SQR), defining a readiness project and an audit project, sharing InfoSec entities encompassing the various products of a tenant, automating risk assessment, automatic collection of evidence tasks for verifying the implementation and/or operational state/status of various mitigating controls, etc.Type: GrantFiled: July 20, 2022Date of Patent: October 17, 2023Assignee: OneTrust LLCInventors: Patrick Glenn Murray, Carman Kwong, Christopher Cross, Jose Costa Moreno, Harpreet Shergill, Keegan Callin
-
Patent number: 11792651Abstract: Methods, systems, computer-readable media, and apparatuses for an authentication-based communication link with a peripheral device are presented. In some embodiments, the peripheral device receives, from a host device, and stores, in a memory of the peripheral device, registration data including, for instance, a user credential, a user identifier, and/or a device identifier. Upon a request to pair the peripheral device with the same or a different host device, the peripheral device requests and receives, from such a host device, authentication data including a user credential, a user identifier, and/or a device identifier. The peripheral device determines whether a match exists between the received authentication data and the registration data. If so, a communication link is established with the host device.Type: GrantFiled: July 17, 2020Date of Patent: October 17, 2023Assignee: QUALCOMM IncorporatedInventors: Rajinder Kumar, Naga Chandan Babu Gudivada, Prakash Tiwari, Ravisagar Pyarasani, Pradeep Cherukoori, Phani Vemula, Rajesh Vundavalli
-
Patent number: 11792183Abstract: An authentication system, a user information extraction apparatus, and a user information migration method. The authentication system acquires user information for authenticating a user who uses a device and transmits the acquired user information to the information processing system and the information processing system stores in one or more memory common user information for authenticating a common user who uses the device and another device different from the device, receives the user information from the user information extraction apparatus, and adds the received user information to the common user information stored in the one or more memory.Type: GrantFiled: July 14, 2021Date of Patent: October 17, 2023Assignee: Ricoh Company, Ltd.Inventors: Kazuhiro Sogawa, Sekin Ou
-
Patent number: 11768927Abstract: A system for storing an object includes a card reader configured to receive a card from a user and to determine an identity of the user based on information on the card. The system also includes a secure storage area configured to store a plurality of physical boxes. The plurality of physical boxes includes a first physical box that is assigned to the user. The first physical box is configured to be dispensed from the secure storage area to the user outside of the secure storage area in response to the user requesting to physically receive the first physical box. Dispensing the first physical box includes moving the first physical box along a predetermined path in the secure storage area and presenting the first physical box for removal from the secure storage area.Type: GrantFiled: August 29, 2022Date of Patent: September 26, 2023Assignee: Capital One Services, LLCInventors: Abdelkader M'Hamed Benkreira, Joshua Edwards, Michael Mossoba
-
Patent number: 11765203Abstract: A plant control system and communication method are capable of immediately dealing with wrong address settings created due to a human error during the execution of an opening procedure. In the plant control system, a higher-level device and a plurality of communication terminal devices are connected to each other through a communication path. Prior to the start of communication, a communication opening process of sequentially transmitting a call signal from the higher-level device to the terminal devices and acknowledging response signals therefrom is executed, which is followed by sequentially transmitting a call signal from the higher-level device to the terminal devices and receiving response signals from the terminal devices. The communication terminal devices compare addresses of the response signals returned from the other terminal devices to the higher-level device against an address set for local terminal devices. If a duplicate address exists, communication from the local terminal device is locked.Type: GrantFiled: December 1, 2021Date of Patent: September 19, 2023Assignee: HITACHI, LTD.Inventors: Manabu Kubota, Tatsuyuki Ootani, Katsumi Yoshida
-
Patent number: 11765577Abstract: Disclosed herein are system, method, and computer program product embodiments for identity obscuration of a station (STA) connected to a wireless network to prevent the tracking of the STA. Embodiments include a STA configured to establish a security association with an access point (AP) based on an original long term identity for the station and an identity of the AP. The STA can transmit a new long term identity for the STA to the AP based on the security association. The STA can then transmit a request frame to change the original short term identity assigned to the STA to the AP. The STA can receive a response frame from the AP. The response frame can include a new short term identity assigned to the station by the AP. The STA can then map its new long term identity to its new short term identity assigned by the AP.Type: GrantFiled: May 29, 2020Date of Patent: September 19, 2023Assignee: Apple Inc.Inventors: Yong Liu, Christiaan A. Hartman, Tianyu Wu, Qi Wang, Jarkko L. Kneckt, Jinjing Jiang, Su Khiong Yong, Guoqing Li
-
Patent number: 11750620Abstract: In overview, a computer-implemented method of transmitting data in a data stream from a first device to a second device is disclosed. The data stream is encrypted before transmission from the first device to the second device, and a location of the data in the data stream is indicated to the second device. The location may be a pre-shared location between the first and second devices, or the first device may transmit the location of the data to the second device. The second device decrypts the encrypted data stream, identifies the data in the data stream based on the location, and encrypts the identified data in the data stream.Type: GrantFiled: November 28, 2019Date of Patent: September 5, 2023Assignee: Nagravision SàrlInventors: Fabien Gremaud, Frederic Thomas, Jean-Bernard Fischer
-
Patent number: 11743050Abstract: A computer system (100) for distributed shared execution of one or more shared processes, comprising: first program code for the one or more shared processes that comprises one or more shared code segments (142, 144, 146) shared between a first authorizing node (102) and a second authorizing node (104), wherein the one or more shared code segments (142, 144, 146) are executable by one or more executing nodes (102, 104, 106); a distributed ledger (152, 154, 156) that provides a record of valid code segments of the program code; and second program code comprising instructions that, when executed by the first and/or second authorizing nodes, validates that an anticipated execution result of the one or more shared code segments (142, 144, 146) satisfies shared authorization conditions and, if satisfied, authorizes the execution of the one or more shared code segments by the one or more executing nodes.Type: GrantFiled: February 10, 2021Date of Patent: August 29, 2023Inventors: James Benton Litsios, Simon Meier, Ognjen Maric, Sören Gerhard Bleikertz, Francesco Mazzoli
-
Patent number: 11734442Abstract: A method for detection and use of device identifiers to enhance the security of data transfers between electronic devices. A first electronic device can transmit access data to a second electronic device. The access data can be associated with a first access code that can be generated based at least in part on data representing a device identifier of the first electronic device. A device identifier can uniquely identify the first electronic device from a plurality of electronic devices. Transferring the access data can involve transforming the first access code into a second access code that can include data representing a device identifier associated with the second electronic device. Transforming the first access code into the second access code can facilitate access to a resource associated with the access data for a second user, but not for a first user.Type: GrantFiled: December 30, 2022Date of Patent: August 22, 2023Assignee: Live Nation Entertainment, Inc.Inventors: Samuel Levin, David Scarborough, Fengpei Du, Richard DiStefano, Dennis Denker, Sean Moriarty, Charles Plamondon, Matthew Siegel, Benjamin Marti
-
Patent number: 11736448Abstract: Systems and methods are disclosed for detecting certain online activities associated with a digital identity. A Digital Identity Network may be monitored for potentially fraudulent activities (such as new account openings and certain transactions) related to an enrolled User identification (User ID) without requiring personally identifying information (PII). Corresponding alerts may be generated and sent to inform the associated user of such suspicious activity so that fraudulent account access or transactions may be prevented.Type: GrantFiled: August 31, 2022Date of Patent: August 22, 2023Assignee: LexisNexis Risk Solutions, Inc.Inventors: Peter Joseph Greene, Dean Weinert, David Buchler, Bryan Knauss