Patents Examined by Lisa Lewis
  • Patent number: 10050935
    Abstract: An API call filtering system filters responses to API call requests received, via a network, from UEs. The API call filtering system is configured to require personalized API call requests wherein each API call (except for some minor exceptions) includes a unique UE identifier (“UEIN”) of the UE making the request. Using the UEIN, the web service or other service protected by the API call filtering system can be secured against excessive request iterations from a set of rogue UEs while allowing for ordinary volumes of requests of requests the UEs, wherein one or more boundaries between what is deemed to be an ordinary volume of requests and what is deemed to be excessive request iterations are determined by predetermined criteria.
    Type: Grant
    Filed: April 20, 2015
    Date of Patent: August 14, 2018
    Assignee: Shape Security, Inc.
    Inventor: Marc Hansen
  • Patent number: 9985956
    Abstract: A client authentication system receives authentication requests associated with a web page in response to a client computing system requesting access to the web page. The authentication system determines whether a storage device contains configurations for the authentication requests. The authentication system configures client authentication for the client authentication requests in view of whether the storage device includes the configurations for the authentication requests. The GUI allows control to change the client authentication configuration for at least one of the authentication requests.
    Type: Grant
    Filed: November 16, 2015
    Date of Patent: May 29, 2018
    Assignee: Red Hat, Inc.
    Inventor: Kai Wolfgang Engert
  • Patent number: 9961061
    Abstract: There is provided a method of operating a node (512, 520, 1102) for use by a first network (502, 504), the first network (502, 504) applies an authentication process to allow a subscriber access to a network, wherein authentication information used in the authentication process is derived using a key associated with a subscriber identity of a subscriber, the key being stored in either a location within the first network (502, 504) or external to the first network (502, 504).
    Type: Grant
    Filed: March 18, 2013
    Date of Patent: May 1, 2018
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Rogier August Caspar Joseph Noldus, Barbara Pareglio, Erik Van Der Velden
  • Patent number: 9954855
    Abstract: The present disclosure is applicable to the field of network communications, and provides a login method and apparatus, and an open platform system. The method includes: receiving an Access Token parameter provided by a login platform after a user is authenticated and authorized; acquiring an open digital identity (OpenID) of the user by using the received Access Token parameter; and generating a corresponding command word according to a browser environment of a third-party page, and returning the command word to the third-party page, the command word including the Access Token parameter and the OpenID of the user.
    Type: Grant
    Filed: August 14, 2017
    Date of Patent: April 24, 2018
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventors: Jinjing Cao, Minghui Wang
  • Patent number: 9948621
    Abstract: Various embodiments include a method for managing a group of devices in communication with each other and sharing a set of keys. The method may include opening a secure channel with each of two devices from the group; providing the set of keys to the two devices from the group, wherein the set of keys include an encryption and an authentication key; indicating to the two devices to begin using the set of keys; and performing an audit process including verifying that nodes within a key group have the same copy of encryption and authentication keys. Embodiments of the method may include synchronization, active/standby redundancy and the ability to manage the network when some nodes perform the data encryption and some node do not, do, or when both encrypted and non-encrypted tunnels and services can work together.
    Type: Grant
    Filed: May 20, 2015
    Date of Patent: April 17, 2018
    Assignee: Alcatel Lucent
    Inventors: Mohammad Reza Rokui, Rajesh Kumar Paida, Carl Rajsic
  • Patent number: 9946851
    Abstract: Systems and methods are disclosed for managing and protecting electronic content and applications. Applications, content, and/or users can be given credentials by one or more credentialing authorities upon satisfaction of a set of requirements. Rights management software/hardware is used to attach and detect these credentials, and to enforce rules that indicate how content and applications may be used if certain credentials are present or absent. In one embodiment an application may condition access to a piece of electronic content upon the content's possession of a credential from a first entity, while the content may condition access upon the application's possession of a credential from a second entity and/or the user's possession of a credential from a third entity. Use of credentials in this manner enables a wide variety of relatively complex and flexible control arrangements to be put in place and enforced with relatively simple rights management technology.
    Type: Grant
    Filed: August 5, 2016
    Date of Patent: April 17, 2018
    Assignee: Intertrust Technologies Corporation
    Inventors: David P. Maher, James M. Rudd, Eric J. Swenson, Richard A. Landsman
  • Patent number: 9946893
    Abstract: An approach is provided for adapting privacy profiles to respond to changes in physiological state. The policy platform may process and/or facilitate a processing of sensor information to determine at least one change in one or more physiological states of at least one user, wherein the at least one user is associated with at least one context, at least one activity, or a combination thereof. Then, the policy platform may cause, at least in part, a modification of at least one privacy profile for at least one device associated with the at least one user based, at least in part, on the at least one change in the one or more physiological states, the at least one context, the at least one activity, or a combination thereof, wherein the modification of the at least one privacy profile includes, at least in part, an enabling or a disabling of one or more privacy services operating at least at least one device.
    Type: Grant
    Filed: November 26, 2013
    Date of Patent: April 17, 2018
    Assignee: Nokia Technologies Oy
    Inventors: Julian Nolan, Matthew John Lawrenson, Debmalya Biswas
  • Patent number: 9942259
    Abstract: Tools, strategies, and techniques are provided for evaluating the identities of different entities to protect individual consumers, business enterprises, and other organizations from identity theft and fraud. Risks associated with various entities can be analyzed and assessed based on analysis of social network data, professional network data, or other networking connections, among other data sources. In various embodiments, the risk assessment may include calculating an authenticity score based on the collected network data.
    Type: Grant
    Filed: December 15, 2016
    Date of Patent: April 10, 2018
    Assignee: Socure Inc.
    Inventors: Sunil Madhu, Giacomo Pallotti, Edward J. Romano, Alexander K. Chavez
  • Patent number: 9934022
    Abstract: When providing a user with native access to at least a portion of device hardware, the user can be prevented from modifying firmware and other configuration information by controlling the mechanisms used to update that information. For example, a clock or a timer mechanism can be used by a network interface card to define a mutability period. During the mutability period, firmware update to a peripheral device can be allowed. Once the mutability period has expired, firmware update to a peripheral device will no longer be allowed.
    Type: Grant
    Filed: September 25, 2015
    Date of Patent: April 3, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Michael David Marr, Matthew T. Corddry, James R. Hamilton
  • Patent number: 9935960
    Abstract: Example systems, methods and storage media to provide a cross-enterprise workflow among clinical systems are disclosed. An example cross-enterprise enabled clinical information system includes a workflow manager to coordinate user workflows with respect to the system and associated content. The system includes an image services manager configured to manage images and associated services for the system and associated content. The workflow manager and image services manager are configured for cross-enterprise content sharing such that the system is to locally authenticate a user at the system and the system is to locally authorize a remote request for access to content at the system from a remote user that has been authenticated remotely. The system is arranged to provide content in response to the remote request after the remote authentication has been received and the system has verified the remote user's authorization for access.
    Type: Grant
    Filed: January 20, 2016
    Date of Patent: April 3, 2018
    Assignee: General Electric Company
    Inventor: Piyush Raizada
  • Patent number: 9921746
    Abstract: An article of manufacture includes a machine-readable medium that stores a multimedia content file in a first format and multiple program sets. Each program set is a version of software that, when executed by a respective electronic system, produces the multimedia content file in a second format for use in the respective electronic system. A first program set is compatible with a first operating system executed by a first electronic system and a second program set is compatible with a second operating system executed by a second electronic system. The second operating system is distinct from the first operating system.
    Type: Grant
    Filed: June 12, 2015
    Date of Patent: March 20, 2018
    Assignee: MO-DV, INC.
    Inventor: Robert D. Widergren
  • Patent number: 9923926
    Abstract: Approaches for managing potentially malicious files using one or more isolated environments. In response to receiving a request to perform an action on a file, a client applies a policy to determine whether the action is deemed trustworthy. The client identifies, without human intervention, an isolated environment, executing or to be executed on the client, in which the action is to be performed based on whether the action is deemed trustworthy. In this way, embodiments allow a user to make use of data deemed untrusted in certain cases without allowing the untrusted data from having unfettered access to the resources of the client. If the requested action is performed in a different isolated environment from which the action was requested, embodiments enable the performance of the action to be performed seamlessly to the user.
    Type: Grant
    Filed: September 24, 2015
    Date of Patent: March 20, 2018
    Assignee: Bromium, Inc.
    Inventors: Gaurav Banga, Sergei Vorobiev, Deepak Khajuria, Vikram Kapoor, Ian Pratt, Simon Crosby
  • Patent number: 9900236
    Abstract: A method of filtering outbound Internet traffic includes connecting an appliance to a network (that includes an end user terminal and a router), altering the flow of network traffic to direct the end user terminal to route outbound Internet traffic through the appliance, and filtering the outbound Internet traffic with the appliance. The outbound Internet traffic is traffic to remote servers from the end user terminal. The appliance may alter the flow of network traffic by issuing a gratuitous ARP packet from the appliance to direct the end user terminal to route the outbound Internet traffic through the appliance instead of the router. The appliance may receive the outbound Internet traffic to remote servers from the end user terminal, monitor the outbound Internet traffic, filter the outbound Internet traffic to form allowed packets for the remote servers, and/or forward the allowed packets to the remote servers.
    Type: Grant
    Filed: April 10, 2017
    Date of Patent: February 20, 2018
    Assignee: Circle Media Labs Inc.
    Inventors: Tiebing Zhang, Yufeng Tu
  • Patent number: 9892255
    Abstract: Technical solutions for presenting service processes are provided. In the solutions, operation instructions are received, and in response to the received operation instructions, a page of a first service process is displayed and the first service process is started; when a page of a second service process is displayed instead of the page of the first service process, execution progress of the first service process is presented through an icon of the first service process.
    Type: Grant
    Filed: May 5, 2015
    Date of Patent: February 13, 2018
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventors: Qiru Chen, Yu Zhang, Xiao Yang, Cheng Liu
  • Patent number: 9894519
    Abstract: The disclosure is directed to a connection modification method in a dual connectivity scenario. In one of the exemplary embodiments, a UE configures a first MCG bearer for communication with a first base station; configures a SCG bearer for communication with a second base station; generates and transmits a first encrypted PDCP SDU by encrypting a first PDCP SDU of the first MCG bearer by using a first security key, a first TX_HFN and a first PDCN SN associated with the first PDCP SDU; generates and transmits a second encrypted PDCP SDU; receives a third bearer configuration re-configuring the SCG bearer as either a second MCG bearer or a split bearer; generates a third encrypted PDCP SDU by encrypting a third PDCP SDU of the SCG bearer and transmits the third encrypted PDCP SDU after the SCG bearer is reconfigured as the second MCG bearer or the split bearer.
    Type: Grant
    Filed: March 13, 2015
    Date of Patent: February 13, 2018
    Assignee: HTC Corporation
    Inventor: Chih-Hsiang Wu
  • Patent number: 9894097
    Abstract: A method and device for identifying an abnormal application are provided. The method includes executing abnormal applications, obtaining dynamic behavior information of the abnormal applications, inputting the dynamic behavior information of the abnormal applications into a preset detection network, obtaining a behavior rule of the dynamic behavior information via the detection network, and identifying a detected application according to the behavior rule to determine whether the detected application is an abnormal application.
    Type: Grant
    Filed: April 30, 2015
    Date of Patent: February 13, 2018
    Assignee: Tencent Technology (Shenzhen) Company Limited
    Inventor: Wenfeng Yu
  • Patent number: 9887993
    Abstract: Embodiments described herein relate to securing the privacy of knowledge used to authenticate a user (i.e., Proof of Knowledge (PoK) test(s)). In some embodiments, a client device is operable to receive a first encryption key and encrypted test(s) from a PoK server. The client device also receives a second encryption key from a Relying Party (RP) server. The client device can decrypt the encrypted test(s) by using the first encryption key and the second encryption key to thereby render decrypted test(s). The client device is further operable to obtain answer(s) for the decrypted test(s), send a communication to the PoK server based on the answer(s), and receive a communication from the RP server that authorizes a user of the client device to access service(s) administered by the RP server.
    Type: Grant
    Filed: October 17, 2016
    Date of Patent: February 6, 2018
    Assignee: Antique Books, Inc.
    Inventors: Robert H. Thibadeau, Sr., Justin D. Donnell
  • Patent number: 9887965
    Abstract: A browser application programming interface is exposed to a web application to verify an identify of a user using user-specific identity information stored by the browser. Cryptographic information associated with the user is transmitted from the browser application programming interface to the web application. User-specific content is provided to the user through the web application if the web application verifies an identify of the user via the browser application programming interface using the cryptographic information.
    Type: Grant
    Filed: July 20, 2012
    Date of Patent: February 6, 2018
    Assignee: GOOGLE LLC
    Inventors: Erik Kay, Aaron S. Boodman, Adam Barth
  • Patent number: 9888039
    Abstract: Aspects of the present disclosure include a system comprising a computer-readable storage medium storing at least one program and a method for managing access permissions associated with data resources. Example embodiments involve evaluating user access permissions with respect to shared data resources of a group of network applications. The method includes receiving a request, from one of the network applications, to access a particular data resource. The request includes an identifier of a requesting user. The method further includes accessing a policy object associated with the data resource that includes policy information specifying operations the user is authorized to perform with respect to the data resource based on satisfaction of one or more conditions. The method further includes evaluating the user's access permissions with respect to the data resource based on the policy object, and communicating a response to the network application that includes the access permission of the user.
    Type: Grant
    Filed: July 7, 2016
    Date of Patent: February 6, 2018
    Assignee: Palantir Technologies Inc.
    Inventors: Mark Elliot, Jason Zhao, Brian Schimpf, Jacob Meacham, Marco Gelmi, Benjamin Duffield, Savino Sguera, James Baker, Neil Rickards, Javier Campanini, Qinfeng Chen, Derek Cicerone, Nathan Ziebart
  • Patent number: 9882825
    Abstract: A first computing device is provided for transmitting one or more volumes via a secured connection. The first computing device includes a volume service that is executable by one or more processors and is configured to instruct a cloud computing device to generate a worker virtual machine. The volume service is also configured to provide, via a connection different from the secured connection, a random number to the worker virtual machine. The volume service is further configured to instruct the cloud computing device to generate one or more target volumes associated with the cloud computing service and to associate the one or more target volumes with the worker virtual machine. The volume service is further instructed to provide, irrespective of the content type of the volumes and the size of the volumes, the one or more volumes to the worker virtual machine via the secured connection.
    Type: Grant
    Filed: March 13, 2015
    Date of Patent: January 30, 2018
    Assignee: Citrix Systems, Inc.
    Inventors: Simon Waterhouse, Donal Lafferty