Patents Examined by Lisa Lewis
-
Patent number: 9819664Abstract: In an example for implementing a process under a superuser privilege within a computing device, a monitor function library for monitoring an executable function is loaded when the process acquires the superuser privilege. When it is detected that the process runs the executable function, the monitor function library may suspend the running of the executable function, and output process monitoring information. If a feedback to the process monitoring information indicates that it is allowable to perform the executable function, a system function library is invoked to perform the executable function the process runs.Type: GrantFiled: June 11, 2015Date of Patent: November 14, 2017Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITEDInventors: Zefeng Huang, Zhanghu Luo, Ze Zhang, Yunfeng Dai, Danhua Li
-
Patent number: 9813415Abstract: Implementations of a system and method of generating and using bilaterally generated variable instant passwords are provided. In some implementations, the Bilaterally Generated Variable Instant Password System is a Password generation and authentication system that may be used to secure electronic transactions (e.g., a stock market transaction). The system works by authenticating a user at the beginning of a session and at the initiation of any subsequent transactions that occur during the same session. The initial password is entered by the user while additional passwords required to authenticate subsequent transactions are generated by the system without any effort on the part of the user. The passwords are used as encryption keys to encrypt each transaction and may be used to limit a user's access to specific portions of a service providers system. A variety of authentication devices may be used to generate system passwords.Type: GrantFiled: June 12, 2015Date of Patent: November 7, 2017Inventor: Abdul Rahman Syed Ibrahim Abdul Hameed Khan
-
Patent number: 9800555Abstract: A system for attribute-based encryption comprises a first encrypter (11) and a second encrypter (12). The first encrypter (11) comprises an input unit (1) for determining a message and a policy over a set of attributes, wherein the policy comprises a plurality of components, and a first cryptographic unit (2) for generating an encrypted representation of the message and an encrypted representation of the plurality of components. The second encrypter (12) comprises a receiving unit (3) for receiving the encrypted representation of the message and the encrypted representation of the plurality of components, and a second cryptographic unit (4) for transforming the encrypted representation of the message and the encrypted representation of the plurality of components into an attribute-based encrypted message associated with the policy.Type: GrantFiled: July 22, 2013Date of Patent: October 24, 2017Assignee: Koninklijke Philips N.V.Inventors: Tanya Ignatenko, Muhammad Asim
-
Patent number: 9781080Abstract: A method for diverse security handling may comprise: maintaining a first connection between a user equipment and a first network node, and a second connection between the user equipment and a second network node which has a third connection with the first network node; setting an indicator in a packet to indicate whether a destination of user data in the packet is the first network node or the second network node; and transmitting the packet from the user equipment to the first network node via the first connection.Type: GrantFiled: April 1, 2013Date of Patent: October 3, 2017Assignee: Nokia Technologies OyInventors: Yang Liu, Da Jiang Zhang
-
Patent number: 9779251Abstract: A system, method, and computer program product are provided for monitoring an execution flow of a function. In use, data associated with a function is identified within a call stack. Additionally, a call stack frame is determined from freed memory in the call stack. Further, an execution flow of the function is monitored, utilizing the call stack frame from the freed memory.Type: GrantFiled: October 28, 2015Date of Patent: October 3, 2017Assignee: McAfee, Inc.Inventor: Gregory William Dalcher
-
Patent number: 9774447Abstract: Systems and methods may provide for online identification and authentication. In one example, the method may include generating a credential to represent a relationship based on a common ground of authenticated communication between a first user and a second user, identifying the second user to the first user, authenticating the relationship of the second user to the first user, and initiating, upon authentication, a communication between the first user and the second user.Type: GrantFiled: April 9, 2012Date of Patent: September 26, 2017Assignee: Intel CorporationInventors: Jesse Walker, Gyan Prakash, David Stanasolovich, James R. Gregg
-
Patent number: 9769155Abstract: The present disclosure is applicable to the field of network communications, and provides a login method and apparatus, and an open platform system. The method includes: receiving an Access Token parameter provided by a login platform after a user is authenticated and authorized; acquiring an open digital identity (OpenID) of the user by using the received Access Token parameter; and generating a corresponding command word according to a browser environment of a third-party page, and returning the command word to the third-party page, the command word including the Access Token parameter and the OpenID of the user.Type: GrantFiled: May 29, 2015Date of Patent: September 19, 2017Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITEDInventors: Jinjing Cao, Minghui Wang
-
Patent number: 9769200Abstract: A method for detecting malware includes the steps of identifying a one or more open network connections of an electronic device, associating one or more executable objects on the electronic device with the one or more open network connections of the electronic device, determining the address of a first network destination that is connected to the open network connections of the electronic device, receiving an evaluation of the first network destination, and identifying one or more of the executable objects as malware executable objects. The evaluation includes an indication that the first network destination is associated with malware. The malware executable objects includes the executable objects that are associated with the open network connections that are connected to the first network destination.Type: GrantFiled: October 12, 2016Date of Patent: September 19, 2017Assignee: McAfee, Inc.Inventor: Ahmed Said Sallam
-
Patent number: 9754311Abstract: The invention provides methods and apparatus for detecting when an online session is compromised. A plurality of device fingerprints may be collected from a user computer that is associated with a designated Session ID. A server may include pages that are delivered to a user for viewing in a browser at which time device fingerprints and Session ID information are collected. By collecting device fingerprints and session information at several locations among the pages delivered by the server throughout an online session, and not only one time or at log-in, a comparison between the fingerprints in association with a Session ID can identify the likelihood of session tampering and man-in-the middle attacks.Type: GrantFiled: November 3, 2015Date of Patent: September 5, 2017Assignee: The 41st Parameter, Inc.Inventor: Ori Eisen
-
Patent number: 9742808Abstract: To verify compliance with a data access policy, a query result including data specified by a requesting entity and a representation of a data access policy is received from a database. Based on the representation of the data access policy included in the query result, it is verified whether the requesting entity is permitted to access the data included in the query result. Transmission of the data included in the query result to the requesting entity is controlled responsive to the verification. Related methods, systems, and computer program products are also discussed.Type: GrantFiled: October 5, 2015Date of Patent: August 22, 2017Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Evgene Vahlis, Paul Giura
-
Patent number: 9736157Abstract: The embodiments of the present invention provide a method and a trusted gateway for a WiFi terminal to access a PS service domain. The method comprises: receiving an accounting request message sent by an authentication, authorization and accounting AAA server or a dynamic host configuration protocol DHCP request message sent by the WiFi terminal; establishing, by a trusted gateway, a first packet data protocol PDP context connection or a first packet data network PDN connection with the PS service domain according to attribute information of the WiFi terminal after receiving the accounting request message or the DHCP request message, so that the WiFi terminal accesses the PS service domain via the wireless local area network, the trusted gateway, and the established first PDP context connection or the first PDN connection.Type: GrantFiled: September 5, 2014Date of Patent: August 15, 2017Assignee: Huawei Technologies Co., Ltd.Inventors: Jian Li, Bing Wang, Leibin Zheng, Aixia Li
-
Patent number: 9734319Abstract: A personal digital ID device provides a digital identifier to a service for a predetermined duration in response to user interaction. The user interaction may include a button press. The personal digital ID device may be in the form of a bracelet, a key fob, or other form factor. The service may be provided by a mobile device, in the cloud, or elsewhere.Type: GrantFiled: June 17, 2015Date of Patent: August 15, 2017Assignee: Tyfone, Inc.Inventors: Siva G. Narendra, Prabhakar Tadepalli, Saurav Chakraborty
-
Patent number: 9705923Abstract: A method of automating security provisioning is provided. The method includes receiving a request to start a virtual application and determining an owner of the virtual application. The method includes determining a workload based on the virtual application, the workload including an application and a virtual machine and assigning the workload to a security container or sub-container, among a plurality of security containers, based on the owner of the virtual application.Type: GrantFiled: September 2, 2014Date of Patent: July 11, 2017Assignee: SYMANTEC CORPORATIONInventor: Deb Banerjee
-
Patent number: 9698984Abstract: In a decryption apparatus according to an embodiment, a holding device pre-holds a verification formula. A determination device performs a calculation based on the verification formula read from the holding device by substituting, into the verification formula, the part of the re-encrypted data received from a re-encryption apparatus and the public key of a re-encryption key generation apparatus and the private key of the decryption apparatus, to determine whether or not the verification formula holds true. An output device outputs verification success when a result of the determination indicates that the verification formula holds true.Type: GrantFiled: September 8, 2014Date of Patent: July 4, 2017Assignees: KABUSHIKI KAISHA TOSHIBA, TOSHIBA SOLUTIONS CORPORATIONInventors: Yoshihiro Fujii, Takuya Yoshida, Koji Okada
-
Patent number: 9684782Abstract: The present invention relates to a system and method for processing a lost password by selectively providing a reset process under the password in the long-term memory of the user. According to the present invention, the system includes a user terminal including: a long-term memory condition registration unit receiving the registration of long-term memory conditions; a long-term condition determination unit determining the long-term memory conditions are satisfied; a user identification unit, after the occurrence of a lost password, authenticating the user through a user identification verification scheme or through a enhanced user identification verification scheme whether or not the password resides in the long-term memory of the user, and a lost state resetting unit cancelling the lost password occurrence state.Type: GrantFiled: August 1, 2013Date of Patent: June 20, 2017Assignee: Rowem Inc.Inventors: Giho Yang, Jaeyeob Hwang
-
Patent number: 9680798Abstract: Network fabric devices capable of participating in an anonymity protocol can be configured to operate as virtual circuit end-points where the node routes packets between a virtual circuit associated with a hidden service address and a port-level channel. Through management of the virtual circuit end-points, the network fabric devices participate as a hop in a virtual circuit, host hidden services, or operate as an interface to hidden services while reducing latency and truly hiding hidden services.Type: GrantFiled: April 13, 2015Date of Patent: June 13, 2017Assignee: Nant Holdings IP, LLCInventors: Thomas Wittenschlaeger, Nicholas J. Witchey
-
Patent number: 9613229Abstract: A method for generating a coordinate point in an embedded system comprises the following steps: obtaining a random number and a first fixed value, and performing a modulo operation on the random number by using the first fixed value as a modulus, so as to obtain first data; selecting each data bit from the first data; obtaining, according to a position of the selected data bit in the first data, an initial point value corresponding to the selected data bit from a pre-stored initial point value list when data in the selected data bit is not zero; and performing a point adding operation on the obtained initial point value and an intermediate point value, and outputting the obtained operation result as result data. In the present invention, by querying in a preset initial point value list, an initial point value in the initial point value list is obtained, and calculation is performed according to the initial point value, thereby greatly improving the speed of generating a coordinate point.Type: GrantFiled: November 27, 2013Date of Patent: April 4, 2017Assignee: Feitian Technologies Co., Ltd.Inventors: Zhou Lu, Huazhang Yu
-
Patent number: 9608813Abstract: A plurality of devices have common access to a cryptographic key. The cryptographic key is rotated by providing the devices simultaneous access to both the cryptographic key and a new cryptographic key and then revoking access to the cryptographic key. Keys stored externally and encrypted under the cryptographic key can be reencrypted under the new cryptographic key. Keys intended for electronic shredding can be left encrypted under the old cryptographic key.Type: GrantFiled: June 13, 2013Date of Patent: March 28, 2017Assignee: Amazon Technologies, Inc.Inventors: Gregory Branchek Roth, Matthew James Wren, Eric Jason Brandwine, Brian Irl Pratt
-
Patent number: 9602513Abstract: A computer-implemented method that monitors the activity of different nodes within a system as well as crowd sourcing activity. The computer-implemented method determines that a first node formed a relationship with a second node, generates an edge based on the relationship between the first node and the second node, stores the edge in a graph index and assigns a privacy setting to the edge based on the relationship between the first and second nodes.Type: GrantFiled: September 2, 2014Date of Patent: March 21, 2017Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Roshan Gamage, Bjornstein Lilleby, Azmil Macksood, Øivind Wang, Bård Kvalheim, Håkon Brugård, Rune Devik, Torbjørn Helvik
-
Patent number: 9588705Abstract: A computer program product for eliminating access to data within a writable storage media cartridge includes a computer readable medium having program instructions embodied therewith. The program instructions are executable by a processing circuit to cause the processing circuit to determine whether a first portion of data on the writable storage media cartridge is encrypted, and determine whether key shredding is enabled. In response to determining that key shredding is not enabled, the processing circuit causes performance of a long erase on at least the encrypted first portion of data, and causes shredding of an encryption key related to said encrypted first portion of data.Type: GrantFiled: March 11, 2016Date of Patent: March 7, 2017Assignee: International Business Machines CorporationInventors: Wayne C. Carlson, Cheryl M. Friauf, Gregory T. Kishi, Duke A. Lee, Jonathan W. Peake