Patents Examined by Khalil Naghdali
  • Patent number: 10574660
    Abstract: Continuous sensitive content authentication is described. In one example, a request to open content, such as a photograph, spreadsheet, or text-based document, among other types of content, is received. Based on a sensitivity level or access profile rule associated with the content, an individual can be prompted to perform an authentication procedure before the content is displayed. The content can be displayed in response to a verification using the authentication procedure or removed (or not displayed) in response to a rejection using the authentication procedure. Additionally, the authentication procedure can be continuously polled to confirm the verification while the content is displayed. While the content is being displayed, the content can be removed from display at any time if the authentication procedure no longer produces the verification result. In some cases, the content can also be deleted after a rejection is detected using the authentication procedure.
    Type: Grant
    Filed: June 23, 2016
    Date of Patent: February 25, 2020
    Assignee: AirWatch, LLC
    Inventor: Erich Stuntebeck
  • Patent number: 10574663
    Abstract: A method for operating a field device is disclosed, the field device having settings and/or functions classified into different security levels, where one of the settings and/or functions of the field device is selected by a user, at least one security measure is implemented depending upon the security level with which the selected setting and/or function is associated, and the security measure determines whether the selected setting and/or function of the field device is released for the user.
    Type: Grant
    Filed: July 16, 2015
    Date of Patent: February 25, 2020
    Assignee: Endress+Hauser Process Solutions AG
    Inventors: Johannes Sprenger, Thomas Jögel, Holger Eberhard, Marco Colucci
  • Patent number: 10564714
    Abstract: Systems and methods are provided for discerning the intent of a device wearer primarily based on movements of the eyes. The system may be included within unobtrusive headwear that performs eye tracking and controls screen display. The system may also utilize remote eye tracking camera(s), remote displays and/or other ancillary inputs. Screen layout is optimized to facilitate the formation and reliable detection of rapid eye signals. The detection of eye signals is based on tracking physiological movements of the eye that are under voluntary control by the device wearer. The detection of eye signals results in actions that are compatible with wearable computing and a wide range of display devices.
    Type: Grant
    Filed: August 15, 2016
    Date of Patent: February 18, 2020
    Assignee: GOOGLE LLC
    Inventors: Lewis James Marggraff, Nelson George Publicover, Spencer James Connaughton, Nathan Lord, Peter Milford, Ivan Maleev
  • Patent number: 10567381
    Abstract: Security credentials issued by an entity, such as an identity broker, can have a limited lifetime. Access to resources or content under those credentials then can only be obtained for a limited period of time, limiting the ability of an unauthorized entity obtaining the credentials to utilize those credentials for access. Along with the credentials, a refresh token can be issued to a requesting client that can enable the limited lifetime of the credentials to be renewed up to a maximum lifetime of the credentials and/or the token. A service providing access can determine that the client has a valid copy of the refresh token when the credentials are about to expire, and if so can cause the lifetime of the credentials to be extended another credential lifetime. This renewal can be done transparent to a user and without again contacting the identity broker.
    Type: Grant
    Filed: December 17, 2015
    Date of Patent: February 18, 2020
    Inventors: Graeme David Baer, Dmitry Frenkel, Marc R. Barbour
  • Patent number: 10567349
    Abstract: Determining whether to allow access to a message is disclosed. A message is received from a sender. The message is associated with a first time-to-live (TTL) value. A determination is made that the first time-to-live value has not been exceeded. The determination is made at least in part by obtaining an external master clock time. In response to the determination, access is allowed to the message.
    Type: Grant
    Filed: June 24, 2014
    Date of Patent: February 18, 2020
    Assignee: Wickr Inc.
    Inventors: Robert Statica, Christopher A. Howell, Kara Lynn Coppa
  • Patent number: 10554678
    Abstract: A method includes: at a server, obtaining security intelligence data used for classifying whether a data associated with a user activity in a network is undesirable at a first time; classifying whether a first data in the network is undesirable based on the security intelligence data; receiving a request for classifying whether a second data is undesirable based on the security intelligence data; determining whether the server is overloaded with tasks; if the server is determined to be overloaded with tasks: logging the second data in a repository, and tagging the second data to re-visit classification of the second data; and when the server is no longer overloaded, classifying whether the second data is undesirable to produce a second classifying result and re-classifying whether the first data is undesirable based on updated security intelligence data obtained by the server.
    Type: Grant
    Filed: July 26, 2017
    Date of Patent: February 4, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: Jason V. Miller, Adam J. O'Donnell
  • Patent number: 10552622
    Abstract: A method for controlling data access in a data-at-rest system includes executing a link intrusion prevention analysis between multiple layers of the data-at-rest system, introducing a privacy policy at enforcement points that span multiple system layers, and dynamically altering the privacy policy.
    Type: Grant
    Filed: December 9, 2014
    Date of Patent: February 4, 2020
    Assignee: Protegrity Corporation
    Inventor: Ulf Mattsson
  • Patent number: 10547614
    Abstract: In general, techniques are described for supporting bulk delivery of change of authorization data in authentication, authorization, and accounting (AAA) protocols, where delivery is performed as a change of authorization after a subscriber has successfully authenticated and initially authorized. In one example, the techniques are directed to a method including determining, by a RADIUS server for a service provider network, change of authorization data for services to which the subscriber of the service provider network has subscribed. The method further includes generating, by the RADIUS server, RADIUS messages that form a transaction between the RADIUS server and a network access server acting as a RADIUS client. The RADIUS messages provide all of the change of authorization data to the network access server prior to the network access server provisioning the services. The method further includes outputting, by the RADIUS server, the RADIUS messages to the network access server.
    Type: Grant
    Filed: March 30, 2017
    Date of Patent: January 28, 2020
    Assignee: Juniper Networks, Inc.
    Inventors: John Gibbons, Paul Raison, Sunil Madhaorao Gandhewar
  • Patent number: 10547627
    Abstract: Techniques for malicious HTTP cookies detection and clustering are disclosed. In some embodiments, a system, process, and/or computer program product for malicious HTTP cookies detection and clustering includes receiving a sample at a cloud security service; extracting a cookie from network traffic associated with the sample; determining that the cookie is associated with malware; and generating a signature based on the cookie.
    Type: Grant
    Filed: April 28, 2016
    Date of Patent: January 28, 2020
    Assignee: Palo Alto Networks, Inc.
    Inventors: Zhaoyan Xu, Wei Xu, Kyle Sanders
  • Patent number: 10547645
    Abstract: A public-private computing system includes: a public computing portion accessible to a computing device associated with a user, the public computing portion including a Platform-as-a-Service portion, the Platform-as-a-Service portion including a cloud computing platform; a private computing portion; and an Application Program Interface (API) gateway configured to couple the public computing portion and the private computing portion.
    Type: Grant
    Filed: July 7, 2017
    Date of Patent: January 28, 2020
    Assignee: EMC IP Holding Company, LLC
    Inventors: Muzhar Khokhar, Shyam Reddy, Vamshi Challa, Bhaswati Neog
  • Patent number: 10547606
    Abstract: An information processing apparatus includes a signing unit and first and second obtaining units. The signing unit signs a document by using a certificate used for connecting to an access point. The document is obtained via the access point. The first obtaining unit obtains, in response to an access request to access the signed document, identification information concerning the certificate used for signing the signed document. The second obtaining unit obtains identification information concerning a certificate used for connecting to an access point when the access request is received. The display controller performs control so that the sighed document will be displayed if the identification information obtained by the first obtaining unit and the identification information obtained by the second obtaining unit coincide with each other.
    Type: Grant
    Filed: May 8, 2017
    Date of Patent: January 28, 2020
    Assignee: FUJI XEROX CO., LTD.
    Inventor: Koichiro Mino
  • Patent number: 10542045
    Abstract: The secure management of attachments is described. In one example, a message is received by a device management computing environment from a client computing device. The message can include an addressee list, a resource locator to a file, and a schedule associated with an event, for example. The message is intended for distribution to a number of other client devices along with the file according to the addressee list. However, the file is not directly attached to the message. Instead, the distribution of and access to the file is managed separately and securely by the device management computing environment. The device management computing environment can cause the file to be accessible through the client devices using the resource locator based on the schedule associated with the event. Further, after the event, the device management computing environment can cause the file to be inaccessible and/or removed from the client devices.
    Type: Grant
    Filed: February 22, 2017
    Date of Patent: January 21, 2020
    Assignee: AIRWATCH LLC
    Inventors: Sachin Vas, Sushilvas Vasavan, Ramani Panchapakesan, Pavithra Narayanaswamy
  • Patent number: 10542040
    Abstract: The present disclosure relates to an intelligent service (e.g., a smart home, a smart building, a smart car, etc.) based on a 5G communication technology and an IoT related technology. In accordance with an embodiment of the present disclosure, a method is provided for detecting, by a web server in a wireless communication system, a malicious code which is injected into the command stream of a widget miming on a web-based OS in a device. The method includes: analyzing the widget in the web server; determining at least one invariant condition constantly maintained and conserved while the widget is running, on the basis of a result of the analyzing; generating a metadata file including data satisfying the at least one invariant condition; and associating the metadata file with the widget and providing the widget in a state in which the associated metadata file is included in the widget.
    Type: Grant
    Filed: November 17, 2015
    Date of Patent: January 21, 2020
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Evgeny Beskrovny, Maya Maimon, Yaacov Hoch
  • Patent number: 10540297
    Abstract: A method and apparatus for retrieving data from a memory in which data, an associated message authentication code (MAC) and an associated error correction code (ECC) are stored in a memory such that the data, MAC and ECC can be retrieved together in a single read transaction and written in a single write transaction. Additional read transactions may be used to retrieve counters values that enable the retrieved MAC to be compared with a computed MAC. Still further, node value values of an integrity tree may also be retrieved to enable hash values of the integrity tree to be verified. The MAC and ECC may be stored in a metadata region of a memory module, for example.
    Type: Grant
    Filed: August 3, 2017
    Date of Patent: January 21, 2020
    Assignee: Arm Limited
    Inventors: Gururaj Saileshwar, Prakash S. Ramrakhyani, Wendy Arnott Elsasser
  • Patent number: 10541986
    Abstract: Methods, apparatus, and systems for authenticating a user taking into account measurement values of characteristics of the purported environment of the user are described. Specifically, in a preferred embodiment, a device is used that comprises a sensor for making said measurement of the location dependent physical property; a memory component for storing a secret value; and a data processing component for generating an electronic signature over said measurement by cryptographically combining said measurement with a secret key comprised in or derived from said secret value.
    Type: Grant
    Filed: December 31, 2015
    Date of Patent: January 21, 2020
    Assignee: OneSpan North America Inc.
    Inventor: Tom De Wasch
  • Patent number: 10530801
    Abstract: An anomaly detection electronic controller performs anomaly detection processing and is connected to a bus, which a plurality of electronic controllers use for communication to communicate following a Controller Area Network (CAN) protocol. The anomaly detection electronic controller includes an anomaly detection processor that performs anomaly detection processing regarding a data frame. The anomaly detection controller also includes an anomaly detection processing requester that decides an anomaly detection processing timing in accordance with a state of a vehicle in which the bus is installed when receiving the data frame, the anomaly detection processing timing being a reception timing of one or multiple fields in the data frame. The anomaly detection processor further performs the anomaly detection processing regarding the data frame at the anomaly detection processing timing decided by the anomaly detection processing requester.
    Type: Grant
    Filed: April 30, 2019
    Date of Patent: January 7, 2020
    Inventors: Takeshi Kishikawa, Yoshihiro Ujiie, Tomoyuki Haga, Hideki Matsushima
  • Patent number: 10530584
    Abstract: A method for tracking a controlled item can include transforming a genetic code with a cryptographic hash function into a core code. The core code can be associated with a label code and a weight. The weight can be indicative of a produced amount of the strain of the controlled item. An image of a label having an identification portion indicative of the label code and dispensed weight data can be received. The label code can be extracted from the identification portion of the image of the label. The weight associated with the core code can be reduced based upon the dispensed weight data.
    Type: Grant
    Filed: June 29, 2016
    Date of Patent: January 7, 2020
    Inventors: Aram Kovach, Garrett Greenlee, Gabriel Ronai
  • Patent number: 10530573
    Abstract: Wireless network specific (WN-specific) key can be used to provide access protection over the radio access link. A WN-specific key may be associated with (or assigned to) a wireless network, and distributed to access points of the wireless network, as well as to user equipments (UEs) following UE authentication. The WN-specific key is then used to encrypt/decrypt data transported over the radio access link. The WN-specific key can be used in conjunction with the UE-specific keys to provide multi-level access protection. In some embodiments, WN-specific keys are shared between neighboring wireless networks to reduce the frequency of key exchanges during handovers. Service-specific keys may be used to provide access protection to machine to machine (M2M) services. Group-specific keys may be used to provide access protection to traffic communicated between members of a private social network.
    Type: Grant
    Filed: January 16, 2019
    Date of Patent: January 7, 2020
    Assignee: Huawei Technologies Co., Ltd.
    Inventor: Hang Zhang
  • Patent number: 10530792
    Abstract: The present disclosure describes methods, systems, and computer program products for performing a frequency domain analysis of activity data for a computer system. One computer-implemented method receiving time domain activity data for a computer system, wherein the time domain activity data comprise activity records associated with the computer system in a time domain; computing, by a hardware processor, frequency domain activity data based on the time domain activity data; and displaying the frequency domain activity data.
    Type: Grant
    Filed: December 15, 2016
    Date of Patent: January 7, 2020
    Assignee: SAP SE
    Inventors: Kathrin Nos, Volker Guzman, Marvin Klose
  • Patent number: 10530809
    Abstract: The disclosed computer-implemented method for remediating computer stability issues may include (i) determining that a device has experienced a computer stability problem, (ii) obtaining, from the device, one or more computer-generated log lines that potentially include information pertaining to a cause of the computer stability problem, (iii) directly analyzing text included within the computer-generated log lines, (iv) identifying information relating to the computer stability problem based on the direct analysis of the text, and (v) remediating the device to resolve the computer stability problem. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: September 15, 2016
    Date of Patent: January 7, 2020
    Assignee: Symantec Corporation
    Inventors: Michael Hart, Chris Gates