Patents Examined by Linglan Edwards
  • Patent number: 12219060
    Abstract: A method may include accessing a key from a secure storage. A payload may be encrypted using the key. A policy token may be generated. The policy token may include a publicly-readable header including a header identifier of the key and the payload encrypted using the key. The policy token may be sent. The policy token may be received. The publicly-readable header may be read. The key may be identified using the header identifier of the key from the publicly-readable header. The key may be accessed from the secure storage. The payload may be decrypted using the key.
    Type: Grant
    Filed: April 27, 2022
    Date of Patent: February 4, 2025
    Assignee: Ivanti, Inc.
    Inventor: Anthony K. Dyer
  • Patent number: 12212666
    Abstract: The present disclosure relates to deriving cryptographic keys for use in encrypting data based on a plaintext to be encrypted. An example method generally includes receiving, from a querying device, a request for a cryptographic key. The request generally includes data derived from a plaintext value to be encrypted and an indication of a type of the plaintext value to be encrypted. A cryptographic key is generated based, at least in part, on the derived data and the type of the plaintext value to be encrypted. The key deriver transmits the generated cryptographic key to the querying device.
    Type: Grant
    Filed: December 11, 2020
    Date of Patent: January 28, 2025
    Assignee: Intuit Inc.
    Inventors: Gleb Keselman, Ernesto Nebel, Jeffery Weber, Noah Kauhane, Vinu Somayaji, Yaron Sheffer
  • Patent number: 12200011
    Abstract: A system and method to filter potentially unwanted traffic from trackers, third-party cookies, malicious websites or other sources and present the aggregated results of said filtering to the VPN user. One of the embodiments enables a VPN user to opt-in or opt-out from the filtering activities while being able to access the aggregated information about filtering. In another embodiment, the user can choose to customize the filtering parameters to add or remove specific targets from the filtering policies.
    Type: Grant
    Filed: July 18, 2023
    Date of Patent: January 14, 2025
    Assignee: Peakstar Technologies Inc.
    Inventor: Kazimieras Celiesius
  • Patent number: 12182298
    Abstract: A system and method, for the assurance of authenticity, confidentiality and integrity of the executed programs, the analytic models and the processed data used by heterogeneous processing units such as graphic processing units (GPU), neural processing units (NPU) and video processing units (VPU), etc. that are connected to the central processing unit (CPU) through standard open interconnects such as Ethernet, USB and SPI, etc.
    Type: Grant
    Filed: August 14, 2020
    Date of Patent: December 31, 2024
    Assignee: FIDUCIAEDGE TECHNOLOGIES CO., LTD.
    Inventors: John Kar-Kin Zao, Ching-Chun Huang, Ching-Yao Huang
  • Patent number: 12182242
    Abstract: A method for authenticating a user using biometrics and digitized handwritten signature is provided. A biometric stylus performs fingerprint recognition on the user who uses the biometric stylus to create a handwriting pattern on a handwriting input device, and transmits encrypted identification data to the handwriting input device when the fingerprint recognition is successful. The handwriting input device transmits the encrypted identification data and the handwriting pattern to a verification server. The verification server verifies the handwriting pattern, and decrypts the encrypted identification data for verifying an identity of the user when the handwriting pattern is successfully verified.
    Type: Grant
    Filed: October 28, 2022
    Date of Patent: December 31, 2024
    Inventors: William Wang, Yu-Sung Su
  • Patent number: 12182313
    Abstract: A data processing system implements detecting that a first user device associated with a first user has added a first sponsored content item to a host electronic document by adding a first reference to the first sponsored content item to the host electronic document. The first sponsored content item is stored separately in a memory of a cloud-based service from the host electronic document. The data processing system further implements determining that the first user has permission to share the first sponsored content item with other users of the cloud-based service, generating sponsor information to associate the sponsored content item with the host electronic document to permit users having access to the host electronic document to access the sponsored content item, and storing the sponsor information in a sponsored access datastore.
    Type: Grant
    Filed: September 7, 2022
    Date of Patent: December 31, 2024
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Stephen Lincoln Rice, Sean Lamont Grant Livingston, Shiguang Dong, Zhenguang Chen, Vladimir Fesich, Vijay Sharma
  • Patent number: 12169706
    Abstract: A method, system and non-transitory computer readable instructions for application patching comprising, concatenating compressed data or uncompressed data or a mixture of compressed and uncompressed data into a continuous data set into a continuous data set and dividing the continuous data set into variable sized data chunks. Compressing each of the variable sized data chunks and dividing each of the variable sized data chunks into fixed size data blocks. Encrypting the fixed size data blocks to generate encrypted fixed size data blocks and storing the encrypted fixed sized data blocks or sending the encrypted fixed size data blocks over a network.
    Type: Grant
    Filed: April 18, 2022
    Date of Patent: December 17, 2024
    Assignee: SONY INTERACTIVE ENTERTAINMENT LLC
    Inventors: Mark Evan Cerny, Simon Whittaker, Akiyuki Hatakeyama, Jeffrey Litz, Varun Bhadauria
  • Patent number: 12160406
    Abstract: A cybersecurity system for use in a process plant provides whitelisting of device specific and common practice HART read commands in process controllers and safety controllers to perform communications in a process plant that are very secure, but that still enable the implementation of advanced functionality provided in HART devices. A whitelist implementation application applies one or more whitelists in a security gateway device to determine if messages, such as HART messages, should be allowed or processed. A whitelist learning application automatically creates and configures whitelists, and a whitelist configuration application discovers Device Specific and Common Practice HART commands by issuing device description requests to specific devices, parsing the response, and communicating the whitelist configuration information with the parsed command types to the relevant process controllers and safety controllers for use in the whitelists.
    Type: Grant
    Filed: September 16, 2020
    Date of Patent: December 3, 2024
    Assignee: FISHER-ROSEMOUNT SYSTEMS, INC.
    Inventors: Gary K. Law, Sergio Diaz, Godfrey R. Sherriff, Marcos Peluso, Scott N. Hokeness
  • Patent number: 12153693
    Abstract: A gateway device includes a network interface connected to data sources, and computer instructions, that when executed cause a processor to access data portions from the data sources. The processor accesses classification rules, which are configured to classify a data portion of the plurality of data portions as sensitive data in response to the data portion satisfying the rule. Each rule is associated with a significance factor representative of an accuracy of the classification rule. The processor applies each of the set of classification rules to a data portion to obtain an output of whether the data is sensitive data. The output are weighed by significance factors to produce a set of weighted outputs. The processor determines if the data portion is sensitive data by aggregating the set of weighted outputs, and presents the determination in a user interface. Security operations may also be performed on the data portion.
    Type: Grant
    Filed: September 15, 2022
    Date of Patent: November 26, 2024
    Assignee: PROTEGRITY CORPORATION
    Inventors: David Clyde Williamson, Vichai Levy, Hans Meijer, Yigal Rozenberg, Lingling Yan
  • Patent number: 12149507
    Abstract: Systems and methods are provided for maintaining data privacy in a communication system. The method includes: providing a proxy network which creates a plurality of ingress processing elements and a plurality of egress processing elements, wherein the ingress processing elements and the egress processing elements each include at least a private processing unit and a private memory area; receiving a request at a selected ingress processing element from a first server; routing the request from the selected ingress processing element to a selected egress processing element; forwarding the request from the selected egress processing element to a second server; and erasing both the selected ingress processing element and the selected egress processing element.
    Type: Grant
    Filed: June 26, 2018
    Date of Patent: November 19, 2024
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Qiang Li, Hans Thorsen, Martin Ryan, Ola Dahlqvist
  • Patent number: 12143393
    Abstract: Systems and methods are described for recommending security groups using graph-based learning models. A server can create a network graph that illustrates network flows between devices in a network and security groups that the devices belong to. The network graph can include nodes that represent the devices and security groups. The server can apply a graph-based learning model to learn embeddings of the nodes and create vectors using the embeddings. Using vectors of two nodes, the server can calculate a vector that represents an edge between the two nodes. The server can apply a binary classifier determine whether the edge should exist. A “true” classification between two nodes can indicate that they should be able to communicate, and vice versa. A “true” classification between a device node and a security group node can indicate that the device should be assigned to the security group, and vice versa.
    Type: Grant
    Filed: January 24, 2022
    Date of Patent: November 12, 2024
    Assignee: VMware LLC
    Inventors: Karen Hayrapetyan, Sunitha Krishna, Nikash Walia, Margaret Petrus
  • Patent number: 12141273
    Abstract: A computer-based method includes monitoring user activities at an endpoint device on a computer network, determining if one of the user activities at the endpoint device presents a potential threat to network security, creating an alert of the potential threat, and providing, with the alert, a redacted version of a screenshot from the endpoint device. One or more open windows that appeared on the screen of the endpoint device are obscured or removed in the redacted version of the screenshot of the endpoint device.
    Type: Grant
    Filed: September 22, 2020
    Date of Patent: November 12, 2024
    Assignee: Proofpoint, Inc.
    Inventors: Yigal Meshulam, Tamir Pivnik, David Cohen, Alexander Kremer, Mayank Choudhary, Tal Tikotzki, Mike McKee, Nir Barak, Tal Yaffe
  • Patent number: 12132722
    Abstract: Methods, systems, and computer-readable media for a certificate management system with forced certificate renewal are disclosed. The certificate management system may receive a request to renew a digital certificate. The request may be received at a selected time prior to an automatic renewal date for the certificate, and the automatic renewal date may be stored by the certificate management system. The certificate management system may acquire, based at least in part on the request to renew the certificate, a renewed certificate from a certificate authority. The renewed certificate may be obtained prior to the automatic renewal date. The renewed certificate may be exported from the certificate management system and bound to a computing resource (e.g., a server) prior to the automatic renewal date.
    Type: Grant
    Filed: June 28, 2019
    Date of Patent: October 29, 2024
    Assignee: Amazon Technologies, Inc.
    Inventors: Todd Cignetti, Michael S. Slaughter, Dayong Hao
  • Patent number: 12132718
    Abstract: Methods, systems and media for presenting information related to an event based on metadata are provided.
    Type: Grant
    Filed: June 2, 2023
    Date of Patent: October 29, 2024
    Assignee: Google LLC
    Inventors: Eric H C Liu, Charles Goran, Jonathan James Effrat
  • Patent number: 12113779
    Abstract: A method of establishing one or more secure channels between network devices comprises exchanging a base key pair between a first network device and a second network device, and for each of a plurality of policies, providing a nonce corresponding to that policy to the first and second devices. The method further comprises generating, for each of the plurality of policies, a session key that is a function of the base key pair and the policy nonce. The method comprises determining, at the first device, that a data packet matches a rule associated with a policy, encrypting the data with a session key that corresponds to the policy to produce an encrypted packet, and conveying the encrypted packet to the second device. At the second device, determining that the encrypted packet matches the rule associated with the policy, and decrypting the encrypted packet with the session key.
    Type: Grant
    Filed: March 30, 2022
    Date of Patent: October 8, 2024
    Assignee: Certes Networks, Inc.
    Inventors: Sean D. Everson, Ganesh Murugesan
  • Patent number: 12111945
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for allowing suitable digital components to be automatically selected and provided to a client device. Methods can include generating a universal identifier for a digital component that is presented in the application. The application updates a set of universal identifiers that has been created for digital components presented by the application over a specified time period. The application identifies digital components and the corresponding universal identifiers that are blocked and generates a probabilistic data structure representing the set of blocked universal identifiers. The application creates multiple shares of the probabilistic data structure and transmits different shares to different servers.
    Type: Grant
    Filed: December 4, 2020
    Date of Patent: October 8, 2024
    Assignee: Google LLC
    Inventors: Gang Wang, Kevin Wei Li Yeo
  • Patent number: 12107827
    Abstract: A unified network service that connects multiple disparate private networks and end user client devices operating on separate networks is described. The multiple disparate private networks and end user client devices connect to a distributed cloud computing network that provides routing services, security services, and performance services, and that can be controlled consistently regardless of the connection type. The unified network service provides uniform access control at the L3 layer (e.g., at the IP layer) or at a higher layer using user identity information (e.g., a zero-trust model). The disparate private networks are run on top of the distributed cloud computing network. The virtual routing layer of the distributed cloud computing network allows customers of the service to have private resources visible only to client devices (e.g.
    Type: Grant
    Filed: May 31, 2023
    Date of Patent: October 1, 2024
    Assignee: CLOUDFLARE, INC.
    Inventors: Nicholas Alexander Wondra, Igor Postelnik, Michael John Vanderwater, Adam Simon Chalmers, Nuno Miguel Lourenço Diegues, Arég Harutyunyan, Erich Alfred Heine
  • Patent number: 12107844
    Abstract: A user accesses a remote session, the connection to which is managed by a connection broker, according to a single sign-on (SSO) process. The SSO process includes the user entering his or her credentials and being authenticated to the connection broker. In addition to user authentication, the SSO process includes connection broker authentication to confirm that the connection broker is trustworthy. When the connection broker is authenticated, the user credentials are transmitted to the connection broker in a secure manner and the connection broker forwards them onto a machine hosting the remote session so that the user can be logged into the remote session without entering his or her credentials again.
    Type: Grant
    Filed: February 23, 2022
    Date of Patent: October 1, 2024
    Assignee: Omnissa, LLC
    Inventors: Anthony J. Wilkinson, Per Olov Larsson, Ashley Nuttall, Hans Christenson, Tom Elliott, Steven Sigel, Adam Gross
  • Patent number: 12101295
    Abstract: An IPSec tunnel request for establishing an IPSec tunnel from a customer router to an anycast IP address of a distributed cloud computing network is received. The same anycast IP address is shared among compute servers of the distributed cloud computing network. A handshake is performed with the customer router from a first compute server including generating security associations for encrypting and decrypting IPSec traffic. The security associations are propagated to each compute server and are used for encrypting and decrypting traffic.
    Type: Grant
    Filed: October 31, 2022
    Date of Patent: September 24, 2024
    Assignee: CLOUDFLARE, INC.
    Inventors: Michael John Vanderwater, Adam Simon Chalmers, Nuno Miguel Lourenço Diegues, Arég Harutyunyan, Erich Alfred Heine, Nicholas Alexander Wondra
  • Patent number: 12095736
    Abstract: A method for IPSec communication between a source machine and a destination machine is provided. The method includes receiving, at the destination machine, first and second packets from the source machine through first and second VPN tunnels established between a first VTI of the source machine and a second VTI of the destination machine; determining the first packet corresponds to a first SA and the second packet corresponds to a second SA; processing, by a first processing core, the first packet based on the first SA, and processing, by a second processing core, the second packet based on the second SA; and updating, at the second VTI, states of one or more flows based on the first and second packets, the second VTI providing one or more stateful services for the one or more packet flows based on the one or more states.
    Type: Grant
    Filed: March 26, 2021
    Date of Patent: September 17, 2024
    Assignee: VMware LLC
    Inventors: Awan Kumar Sharma, Yong Wang, Sourabh Bhattacharya, Bhargav Puvvada, Sarthak Ray, Mayur Katke