Patents Examined by Khalid M Almaghayreh
  • Patent number: 12164652
    Abstract: Techniques are described for analyzing privilege escalation risks within the accounts, roles, and policies that comprise an organization's cloud provider environment. Privilege escalation refers broadly to scenarios in which a principal (e.g., a person or application) is able to gain access to resources or actions in a cloud provider environment that exceed a level intended for that principal. In the context of cloud provider environments, for example, such privilege escalation risks can result from the misconfiguration of policies and permissions attached to identities (e.g., users, groups of users, or roles) within an organization's environment. A multi-layer reasoning framework is used to build an ontology model of an organization's identities and relations among the identities, including defined access relationships, permission mutation relationships, and credential mutation relationships.
    Type: Grant
    Filed: December 9, 2021
    Date of Patent: December 10, 2024
    Assignee: Amazon Technologies, Inc.
    Inventors: Meng Li, Vishal Gori, Zhixing Xu, Niloofar Razavi, Oksana Tkachuk
  • Patent number: 12160419
    Abstract: The exemplary embodiments described herein overcome problems encountered by conventional systems by providing an authenticated messaging environment in which a user can securely message with a programmatic intelligent agent. The user may be authenticated at the prompting of the programmatic intelligent agent, such as the beginning of a messaging session or when the user submits a request that requires access to sensitive or confidential information or requires access to a secure account. The prompt may take the form of a message sent from the programmatic intelligent agent. The message may contain a link for launching code, such as an application, that facilitates authentication of the user's identity. The user may activate the link to launch the code and then perform the steps requested by the code to perform the authentication.
    Type: Grant
    Filed: April 15, 2021
    Date of Patent: December 3, 2024
    Assignee: Capital One Services, LLC
    Inventors: Rocky Guo, Jeffrey Rule, Lukiih Cuan, Gaurang Bhatt
  • Patent number: 12158933
    Abstract: Apparatus and methods for content- and context-based biometric authentication are provided. The apparatus and methods may include using multiple biometric sensors and an authentication engine that decides which sensor(s) to use through a content- and/or context-based analysis. The apparatus and methods may include requesting authentication, analyzing the request to determine which sensor(s) is appropriate, prompting a user to use the sensor(s) and comparing the data received with data stored in a database to provide authentication.
    Type: Grant
    Filed: July 30, 2021
    Date of Patent: December 3, 2024
    Assignee: Bank of America Corporation
    Inventors: Patrick Burgess, Trish Gillis, Taylor Farris, Napangsiri Wanpen
  • Patent number: 12141332
    Abstract: A computation procedure change unit (100) changes a computation procedure, each time a computation execution time arrives to execute computation that uses a learning parameter having a value to be adjusted by machine learning, irregularly to a computation procedure which is different from a pre-change computation procedure and with which the same computation result as a computation result obtained by executing computation in accordance with the pre-change computation procedure is obtained. A computation execution unit (101) executes computation that uses the learning parameter, each time the computation execution time arrives, in accordance with the computation procedure that has been changed by the computation procedure change unit (100).
    Type: Grant
    Filed: May 11, 2022
    Date of Patent: November 12, 2024
    Assignee: Mitsubishi Electric Corporation
    Inventor: Tsunato Nakai
  • Patent number: 12142100
    Abstract: A system is provided for utilizing received weather information, guest temperature preference information, and music preference information, for 1) outputting, via a speaker, an audible notification that indicates an action to take in view of current weather, 2) setting a temperature, and 3) selecting music to play via a speaker.
    Type: Grant
    Filed: October 6, 2023
    Date of Patent: November 12, 2024
    Inventor: Azure Katherine Zilka
  • Patent number: 12143692
    Abstract: A method for securely receiving a multimedia content by a client device operated by one or more operator(s) involving a dedicated provisioning server of a security provider managing symmetric secrets used by the client devices and operators license servers. The provisioning server provides to the client device one or more generations of operator specific unique device secrets, which are then exploited by the various operators' license servers to deliver licenses such that authorized client devices can consume protected multimedia contents.
    Type: Grant
    Filed: September 7, 2023
    Date of Patent: November 12, 2024
    Assignee: NAGRAVISION SARL
    Inventors: Yann Bieber, André Nicoulin
  • Patent number: 12143412
    Abstract: Techniques, methods and/or apparatuses that enable generation of vulnerability vectors of newly identified vulnerabilities (e.g., Common Vulnerability Exposures (CVEs)). Based on the textual description of the vulnerability, vulnerability vectors are generated. The generated vulnerability vectors may represent a prediction of how a third-party vulnerability scorer (e.g., United State National Vulnerability Database (US NVD)) would score the identified vulnerability.
    Type: Grant
    Filed: March 8, 2021
    Date of Patent: November 12, 2024
    Assignee: Tenable, Inc.
    Inventor: Cathal Mullaney
  • Patent number: 12133067
    Abstract: Provided is a communication apparatus comprising a cryptographic circuitry which, in operation, uses a shared cryptographic secret Key and a cryptographic salt to generate a cryptographically encoded Message Integrity Code (MIC) that is computed over the address field of a Wake Up Radio (WUR) frame, and a transmission signal generator which, in operation, generates a secure WUR signal by replacing the address field of the WUR frame with the MIC, and a transmitter which, in operation, transmits the secure WUR signal.
    Type: Grant
    Filed: July 18, 2023
    Date of Patent: October 29, 2024
    Assignee: Panasonic Intellectual Property Corporation of America
    Inventors: Rojan Chitrakar, Lei Huang, Yoshio Urabe
  • Patent number: 12101319
    Abstract: A computing device includes a memory and a processor configured to cooperate with the memory to receive a connection lease and a token from a client device, with the token being generated responsive to the client device completing multi-factor authentication (MFA) with a provider of MFA. The processor further verifies, responsive to unavailability of the provider of MFA, that the client device has previously performed MFA based upon the token, and connect the client device to a computing session with use of the connection lease and responsive to the verification that the client device has performed MFA.
    Type: Grant
    Filed: September 23, 2021
    Date of Patent: September 24, 2024
    Inventors: Georgy Momchilov, Hubert Divoux, Santosh Gummunur Chiranjeevi Sampath, Leo C. Singleton, IV
  • Patent number: 12095812
    Abstract: In one implementation, a gateway include one or more processors configured to obtain network data from one or more entities associated with the gateway, provide the network data to a server, and obtain a set of entity identifiers from the server. The set of entity identifiers may be generated based on at least the network data. The one or more processors may be further configured to filter communications based on the set of entity identifiers.
    Type: Grant
    Filed: March 15, 2022
    Date of Patent: September 17, 2024
    Assignee: NEUSTAR, INC.
    Inventor: Brian R. Knopf
  • Patent number: 12088571
    Abstract: The present application describes a method including one or more steps. One step of the method includes receiving, at a gateway including an encrypted pathway, traffic from a third party originating outside a multi-hop network intended for a client inside the network. Another step of the method includes determining, using a trained machine learning model, a probe of the received traffic attempting to obtain confidential information about the multi-hop network. Yet another step of the method includes flagging the third party based on determined probe.
    Type: Grant
    Filed: August 30, 2021
    Date of Patent: September 10, 2024
    Assignee: CACI, Inc.—Federal
    Inventors: John A. Borak, Eric W. Hsiung, Michael J. Chen
  • Patent number: 12069182
    Abstract: A system for protecting personal information uses a challenge and an encrypted copy of the challenge in the form of a message authentication code (MAC) to provide authentication among multiple parties. The challenge is received by a first party from a second party. The challenge is encrypted by the first party to form the MAC and then both the challenge and the MAC are returned to the second party. The second party authenticates the first party by confirming the challenge. The second party sends the MAC and challenge to the third party. The third party decrypts the MAC using a key shared with the first party. When the decrypted MAC matches the challenge, the first party is authenticated to the third party. The process is applicable to transaction processing to limit compromise of payment instrument details.
    Type: Grant
    Filed: September 12, 2018
    Date of Patent: August 20, 2024
    Assignee: Visa International Service Association
    Inventors: Hari Krishna Annam, Selva Ganesh Vasudevan
  • Patent number: 12069477
    Abstract: An instruction to start communication parameter sharing processing using a Wi-Fi Device Provisioning Protocol is received, processing for sharing a public key to be used in the communication parameter sharing processing is executed, and authentication processing is executed with a provision apparatus, which provides a communication parameter, by using the shared public key. After the authentication processing, a Configuration Request packet indicating a request for information about a communication layer upper than a communication layer of a wireless LAN, in addition to a request for a communication parameter used for connection based on the wireless LAN is generated and transmitted to the provision apparatus.
    Type: Grant
    Filed: March 5, 2021
    Date of Patent: August 20, 2024
    Assignee: CANON KABUSHIKI KAISHA
    Inventor: Fumihide Goto
  • Patent number: 12045321
    Abstract: This disclosure relates to systems and methods for managing protected electronic content that employ relatively efficient messaging schemes. Rights management architectures that provide end-to-end protection of content keys from their point of origination at a content creator and/or content service to end user devices. Certain embodiments further provide for message protocols where fewer messages are sent in connection with a protected content license request process, thereby reducing latency associated with license request and provisioning processes.
    Type: Grant
    Filed: July 24, 2023
    Date of Patent: July 23, 2024
    Assignee: Intertrust Technologies Corporation
    Inventors: Vanishree Rao, Robert Tarjan, Jarl Nilsson
  • Patent number: 12041060
    Abstract: A computing support system is configured to programmatically manage support access to a computing system via a support technician console across multiple levels of support access. The system receives a request to authenticate a user requesting support for the computing system, issues one or more authentication challenges to the user to authenticate the identity of the user, receives one or more corresponding authentication challenge responses from the user based on the authentication challenge, and verifies a level of authentication based on the authentication challenge response, the level of authentication being selected from multiple levels of authentication. The system also determines a level of support access to the computing system based on the verified level of authentication and the identity of the user and programmatically enforces limits on the support access to the computing system via the support technician console based on the determined level of support access.
    Type: Grant
    Filed: January 27, 2022
    Date of Patent: July 16, 2024
    Assignee: MSP Solutions Group LLC
    Inventors: Timothy Mark Conkle, Sage David Driskell, Luke Matthew Glover
  • Patent number: 12034870
    Abstract: Provided is a method for securely diversifying a generic application stored in a secure processor of a terminal, said method comprising: Generating at the request of a manager application hosted in an application processor of said terminal, at the level of a distant server, a server challenge; Sending said server challenge to said application; Generating a first message at said application, said first message being function of said server challenge, an application challenge and an unique identifier of said application; Sending said first message to a Root-Of-Trust service hosted in a secure processor of said terminal, said Root-of-Trust service generating an attestation of said first message, said attestation guaranteeing that said first message has not been modified and originates from said secure processor; and Transmitting said attestation of said first message to said distant server in an enablement request message.
    Type: Grant
    Filed: December 23, 2020
    Date of Patent: July 9, 2024
    Assignee: THALES DIS FRANCE SAS
    Inventors: Guillaume Phan, Emmanuel Lepavec, Nicolas Vienne, Olivier Poncelet, Evangelos Spyropoulos
  • Patent number: 12033048
    Abstract: Techniques for performing anomaly detection are described. An exemplary method includes receiving a request to detect potential anomalies using an anomaly detection system having at least one anomaly scoring model; processing the received data using the anomaly detection system to score the data to determine when the data is potentially anomalous based on one or more thresholds; requesting feedback of at least one determined potential anomaly; receiving feedback on the least one determined potential anomaly; and adjusting at least one of one or more of thresholds used to determine potential anomalies and what is considered an anomaly without adjusting the at least one anomaly scoring model.
    Type: Grant
    Filed: November 30, 2020
    Date of Patent: July 9, 2024
    Assignee: Amazon Technologies, Inc.
    Inventors: Laurent Callot, Jasmeet Chhabra, Lifan Chen, Ming Chen, Tim Januschowski, Andrey Kan, Luyang Kong, Baris Kurt, Pramuditha Perera, Mostafa Rahmani, Parminder Bhatia
  • Patent number: 12010111
    Abstract: A server application can serve a web application to a client device as a client web application from a web application host. The server application can be a secure HTTPS website. The web application on the client device can provide a token over a local network using a HTTP request to a target device on the local network. The token is associated with a secure area of a remote repository. Having received the one or more tokens, the target device can indicate that a link has been established to the secure area by writing to or reading from the secure area as the server application informs the client web application executing in a browser at a client device of the read/write. The target device and client web application can then communicate via the secure area, for example, to store or retrieve data associated with a user.
    Type: Grant
    Filed: October 27, 2021
    Date of Patent: June 11, 2024
    Assignee: ARRIS ENTERPRISES LLC
    Inventor: Paul A. Clancy
  • Patent number: 12010143
    Abstract: Establishing a transfer mode between devices for large bulk records over a TLS protocol by fragmenting an encrypted bulk record into a set of pre-defined block sizes for convenient transfer. The pre-defined block sizes are specifically sized to indicate a beginning and an end of the transfer of the associated blocks making up the large bulk record. A middle box is unaware of the association between the blocks and permits transfer according to the maximum transmission unit of the transport layer security (TLS) protocol. The fragmented bulk record is reconstructed and decrypted for use after the transfer.
    Type: Grant
    Filed: August 25, 2021
    Date of Patent: June 11, 2024
    Assignee: International Business Machines Corporation
    Inventors: Michael W. Gray, Narayana Aditya Madineni, Leigh S. McLean, Luvita Burgess
  • Patent number: 12008083
    Abstract: An information processing apparatus, an information processing method, and an information processing program configured to manage the copyright-related information of content appropriately. The information processing apparatus includes control circuitry to acquire, when there is a plurality of copyright holders relating to one piece of content, consensus information indicating an agreement on a share of respective copyrights of the plurality of copyright holders, and create a transaction for recording the acquired consensus information on a blockchain system.
    Type: Grant
    Filed: March 19, 2020
    Date of Patent: June 11, 2024
    Assignee: Sony Group Corporation
    Inventor: Kenichi Gokan