Patents Examined by Longbit Chai
  • Patent number: 10728282
    Abstract: Input signals may be received from monitoring nodes of the industrial asset, each input signal comprising time series data representing current operation. A neutralization engine may transform the input signals into feature vectors in feature space, each feature vector being associated with one of a plurality of overlapping batches of received input signals. A dynamic decision boundary may be generated based on the set of feature vectors, and an abnormal state of the asset may be detected based on the set of feature vectors and a predetermined static decision boundary. An estimated neutralized value for each abnormal feature value may be calculated based on the dynamic decision boundary and the static decision boundary such that a future set of feature vectors will be moved with respect to the static decision boundary. An inverse transform of each estimated neutralized value may be performed to generate neutralized signals comprising time series data that are output.
    Type: Grant
    Filed: May 23, 2018
    Date of Patent: July 28, 2020
    Assignee: General Electric Company
    Inventors: Lalit Keshav Mestha, Olugbenga Anubi, Hema Achanta
  • Patent number: 10728234
    Abstract: Configuring security settings, including: receiving a request to join a security group from a first terminal device; obtaining security setting information for the security group; and sending a response to the first terminal device, the response instructing the first terminal device to join the security group and to configure security settings according to the security setting information.
    Type: Grant
    Filed: February 20, 2018
    Date of Patent: July 28, 2020
    Assignee: Alibaba Group Holding Limited
    Inventors: Yuehua Guo, Honggang Tang
  • Patent number: 10719617
    Abstract: An access control system for managing and enforcing an attribute based access control (ABAC) policy includes: a minimum ABAC implementation that produces a representation access control list in an ABAC policy system; and a local host system that produces a resource repository access control list in the local host system such that the resource repository access control list is based on the representation access control list.
    Type: Grant
    Filed: February 20, 2018
    Date of Patent: July 21, 2020
    Assignee: GOVERNMENT OF THE UNITED STATES OF AMERICA, AS REPRESENTED BY THE SECRETARY OF COMMERCE
    Inventors: David F. Ferraiolo, Gopi Katwala, Serban Gavrila
  • Patent number: 10715543
    Abstract: Information about an electronic message that is from a sender for an intended recipient is received. It is determined whether an electronic message account of the sender of the electronic message is likely an independently controlled account. In response to the determination that the electronic message account of the sender of the electronic message is likely an independently controlled account, the electronic message is analyzed to determine whether the message is an automatically generated message. In response to the determination that the message is an automatically generated message, a security action is performed.
    Type: Grant
    Filed: November 27, 2017
    Date of Patent: July 14, 2020
    Assignee: Agari Data, Inc.
    Inventor: Bjorn Markus Jakobsson
  • Patent number: 10708070
    Abstract: A system and method for utilizing connected devices to enable secure and anonymous electronic interaction in a decentralized manner without the need for usernames and passwords. The method comprises Blockchain, Merkle Trees and Public Key infrastructures and methods that utilize peer-to-peer network protocols. The methods include interactions of two self-sovereign identity groups; persons and devices, with each having their own authorization layer. The devices employ two domains of identity and authorization with each said device having its own self-assigned machine identity. There are three domains of Identity, Authentication and Authorization employed for persons. The final linking of the two groups requires access to be granted by the device in a distributed autonomous manner.
    Type: Grant
    Filed: May 24, 2018
    Date of Patent: July 7, 2020
    Assignee: NXM LABS CANADA INC.
    Inventors: Jay Fallah, Scott Rankine, Josef Zankowicz
  • Patent number: 10701070
    Abstract: A method for providing improved personalized security mechanisms for transferring electronic data is disclosed. In an embodiment, the method comprises generating, at a client computer, a user key pair, wherein the user key pair comprises a user private key and a user public key; transmitting the user public key from the client computer to a server computer; receiving, at the client computer, from the server computer, a user account public key; generating a virtual memory stick (“VMS”) file and including, in the VMS file, one or more keys and one or more passphrases; encrypting the VMS file with a protection passphrase to generate an encrypted VMS file; and transmitting the encrypted VMS file to the server computer.
    Type: Grant
    Filed: May 23, 2018
    Date of Patent: June 30, 2020
    Assignee: VERUM SECURITAS, INC.
    Inventors: Kris Durski, Gustav Metkowski
  • Patent number: 10701057
    Abstract: An assembly management system allows a software service provider (SSP) to compile and upload client-specific client application code into a repository. The SSP deploys a client application comprising non-client-specific code to various clients. When a user logs in, a call is made to a web service, which queries the repository for code specific to the requesting client. If available, the web service sends a response with the name and version of the assembly to which the client is subscribed. If the locally-saved version does not match the version of the assembly in the repository, and if the SSP has permission to write to the client's disk, the web service retrieves the assembly and commits it to the disk. If the SSP does not have permission, the assembly is streamed to the client device and retained and executed in memory for the duration of the login.
    Type: Grant
    Filed: March 18, 2019
    Date of Patent: June 30, 2020
    Assignee: EXPERIAN HEALTH, INC
    Inventors: Michael Peter Ochs, Edmond Chase Pilkington, Thomas Ryan Sears, David Stephen Phoebus
  • Patent number: 10691809
    Abstract: An information processing apparatus, including a function of mandatory access control, includes a storage unit that stores a security policy for managing access by the mandatory access control, an obtaining unit that obtains information on vulnerability of an application, and an updating unit that updates the security policy by a function of a kernel thread in accordance with the information obtained by the obtaining unit.
    Type: Grant
    Filed: February 25, 2016
    Date of Patent: June 23, 2020
    Assignee: Canon Kabushiki Kaisha
    Inventor: Kenichi Okihara
  • Patent number: 10686821
    Abstract: Methods and system are disclosed that analyze a mobile app. In one aspect, an input including a URL address of the mobile app may be received. The URL address may correspond to the mobile app stored on a mobile application distribution platform. The mobile app may be downloaded from the URL address. Upon downloading the mobile app, a static analysis engine may be instantiated to perform static analysis of the mobile app. A dynamic analysis engine may be instantiated to perform a dynamic analysis of the mobile app. A location analysis engine may be instantiated to perform location analysis. Based on the results of the static analysis, dynamic analysis and location analysis, graphical visualizations may be generated. Based on the graphical visualizations, compliance or violation of data protection standards of the mobile app may be determined.
    Type: Grant
    Filed: November 28, 2017
    Date of Patent: June 16, 2020
    Assignee: SAP SE
    Inventors: Mojtaba Eskandari, Maqsood Ahmad, Anderson Santana De Oliveira, Bruno Crispo
  • Patent number: 10681056
    Abstract: Systems and methods for artificial intelligence systems for identity management systems are disclosed. Embodiments may perform outlier detection and risk assessment based on identity management data, including one or more property graphs or peer groups determined from those property graphs, to determine identity management artifacts with ‘abnormal’ patterns when compared to other related identity management artifacts.
    Type: Grant
    Filed: November 22, 2019
    Date of Patent: June 9, 2020
    Assignee: SAILPOINT TECHNOLOGIES, INC.
    Inventors: Mohamed M. Badawy, Jostine Fei Ho
  • Patent number: 10673896
    Abstract: A computer-implemented method of preventing leakage of user credentials to phishing websites may comprise capturing user credentials input to website; updating a stored list of trusted website credentials upon determining that the domain of the URL of the website is present in a stored list of trusted websites; generating a hash of the captured user credentials; determining whether the hashed user credentials matches one of the hashed user credentials in the list of trusted website credentials; and when a match is found, requesting input whether the website is trusted or whether the website is unknown and/or untrusted; sending the URL to a remote computer server when the input indicates that the website is unknown and/or untrusted and disallowing submission of the user credentials to the website; adding the domain of the URL to the stored list of trusted websites, adding the generated hash of the captured user credentials to a stored list of trusted website credentials and allowing submission of the user cred
    Type: Grant
    Filed: April 1, 2019
    Date of Patent: June 2, 2020
    Assignee: VADE SECURE INC.
    Inventors: Sebastien Goutal, Antoine Honore
  • Patent number: 10664613
    Abstract: One or more systems and/or methods for storing personal information within a first device and/or for providing personal information from the first device to the second device are provided. The first device (e.g., a smartphone) may identify a user interface (e.g., a movie streaming website) populated with user specified data (e.g., a password). The user specified data may be evaluated to identify personal information of the user (e.g., a movie streaming website password). The personal information may be stored within the first device. Responsive to determining that a second device (e.g., a smart television) displays a personal information input field (e.g., a movie streaming website password input field), an input event comprising the personal information may be provided from the first device to the second device. The input event may invoke the second device to input the movie streaming website password into the movie streaming website password input field.
    Type: Grant
    Filed: February 25, 2019
    Date of Patent: May 26, 2020
    Assignee: Oath Inc.
    Inventor: Christian Holz
  • Patent number: 10659235
    Abstract: A system sends a request for access to a resource and receives a digital certificate in response to the request. The system simultaneously causes one or more computing devices located in different geographical locations to send a plurality of requests to also access the resource. In response to the plurality of requests, digital certificates are received. The digital certificate is then compared to the plurality of digital certificates received from the plurality of requests sent by the computing devices in different geographical locations. The result of the comparison indicates whether the digital certificate is trustworthy.
    Type: Grant
    Filed: November 27, 2017
    Date of Patent: May 19, 2020
    Assignee: Amazon Technologies, Inc.
    Inventor: Aaron Michael Brown
  • Patent number: 10652015
    Abstract: Systems and methods are provided for confidential communication management. For example, a client computer can determine a client key pair comprising a client private key and a client public key. The client computer can further determine a protected server key identifier, identify a server public key associated with the protected server key identifier, and generating a shared secret using the server public key and the client private key. The client computer can further encrypt message data using the shared secret and sending, to a server computer, a message including the encrypted message data, the protected server key identifier, and the client public key. The protected server key identifier can be associated with the server computer and can be usable by the server computer to identify a server private key to be used in decrypting the encrypted message data.
    Type: Grant
    Filed: January 25, 2019
    Date of Patent: May 12, 2020
    Assignee: Visa International Service Association
    Inventors: Eric Le Saint, Soumendra Bhattacharya
  • Patent number: 10645122
    Abstract: A computer implemented method for monitoring and managing a security policy of a plurality of application specific objects across a plurality of datacenters are provides. The computer implemented method includes following steps: (i) displaying the plurality of application devices managed in a security policy management system in a single pane view; (ii) adding new application devices to a device inventory; (iii) automatically generating a trend line graph to display a configuration changes of the plurality of application specific objects over a period of time; (iv) defining a logic for searching and fetching a plurality of rules and a plurality of policies across the plurality of application devices; (v) defining a new security policy to the plurality of application specific objects; and (vi) implementing the new security policy to modify a plurality of user details and a rule and a policy information associated with the plurality of application specific objects.
    Type: Grant
    Filed: May 22, 2018
    Date of Patent: May 5, 2020
    Inventors: Anand Purusothaman, Muralidharan Palanisamy, Vigneshwar Mohan, Ashok Kumar Gnanam, Nandini Menon Thodenchat
  • Patent number: 10635813
    Abstract: In some embodiments, a method includes processing at least a portion of a received file into a first set of fragments and analyzing each fragment from the first set of fragments using a machine learning model to identify within each fragment first information potentially relevant to whether the file is malicious. The method includes forming a second set of fragments by combining adjacent fragments from the first set of fragments and analyzing each fragment from the second set of fragments using the machine learning model to identify second information potentially relevant to whether the file is malicious. The method includes identifying the file as malicious based on the first information within at least one fragment from the first set of fragments and the second information within at least one fragment from the second set of fragments. The method includes performing a remedial action based on identifying the file as malicious.
    Type: Grant
    Filed: October 6, 2017
    Date of Patent: April 28, 2020
    Assignee: Sophos Limited
    Inventors: Joshua Daniel Saxe, Richard Harang
  • Patent number: 10630671
    Abstract: A method is provided for a multi-tenant system to accept web service calls from third party systems over a computer network. The method includes centrally receiving messages with different endpoint URLs from the third party systems over the computer network and processing each message by parsing an endpoint URL of the message to identify a tenant and an action for a payload of the message and authenticating the message. When the message is authenticated, the method further includes generating an acknowledgment of the message based on the identified tenant and the identified action and sending the acknowledgment over the computer network, routing the payload, the identified tenant, and the identified the action to a queue based on the identified tenant, retrieving the payload, the identified tenant, and the identified action from the queue, determining a user script corresponding to the identified action, and executing the user script on the payload.
    Type: Grant
    Filed: December 20, 2018
    Date of Patent: April 21, 2020
    Assignee: Ivanti, Inc.
    Inventors: Suresh S. Pandian, Udo H. Waibel, Hong Hauw, Andrii Zavgorodnii, Sundarapandian Sabapathy, Shaohua Yao, Randy Jessee, Roland Poklemba
  • Patent number: 10616255
    Abstract: A mobile device generates a first representation, based on a model, of a first content received by the mobile device from a website. An online system receives the representation of the content from the mobile device. The online system receives a second content from the website and generates a representation of the second content using the model. The online system compares the representation of the first content with the representation of the second content to determine a distance between the two representations. The distance indicates a level of similarity between the first content and the second content. The online system compares the distance between the representation of the first content and representation of the second content to determine if the distance exceeds a threshold distance. If the distance exceeds the threshold distance, the online system prevents other mobile devices from accessing the website.
    Type: Grant
    Filed: February 20, 2018
    Date of Patent: April 7, 2020
    Assignee: Facebook, Inc.
    Inventors: Emanuel Alexandre Strauss, Siqi Nie, Zixiao Chang, Hongda Ma
  • Patent number: 10614200
    Abstract: A device may provide a login process to authenticate users prior to admittance to a computing environment. The device may also enable users to adjust various the computing environment, e.g., the language selected for communicating with the user and the user interfaces to be presented to the user, and may store such adjustments in a secured user account. However, if the user account is inaccessible to the device during the login process, the device is unable to adapt the login process to apply the user's adjustments. Instead, the device may be configured to store users' adjustments (including language selection) outside of the user accounts, and to, upon identifying the user during the login process, present login interfaces specified in the user account. Additionally, users may select different login interfaces during login, and the device may retrieve these login interfaces for selection during future login processes for the same user.
    Type: Grant
    Filed: May 6, 2019
    Date of Patent: April 7, 2020
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Adam James Betz, Wade H. Curtiss, Andrew Stuart Glass
  • Patent number: 10609056
    Abstract: Embodiments include methods, systems and computer program products method for online presence interaction using a behavioral certificate. The computer-implemented method includes monitoring, using a processor, one or more online presence interactions by one or more users. The processor determines whether a behavioral certificate exist for the online presence. The processor cross-references one or more authorized inputs, outputs or actions for the online presence based at least in part on an existence of a behavioral certificate for the online presence. The processor transmits the behavioral certificate, wherein the behavioral certificate advises the one or more users how to interact with the online presence.
    Type: Grant
    Filed: May 26, 2017
    Date of Patent: March 31, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Al Chakra, Liam Harpur, Sumit Patel, John Rice