Patents Examined by Luu T Pham
  • Patent number: 10320570
    Abstract: Systems, apparatuses, services, platforms, and methods are discussed herein that provide digital security services and enhance digital security certificate issuance for communication systems. In one example, a digital security platform is presented that includes a client interface service configured to receive requests for digital security certificates from one or more requesting entities. The digital security platform includes a certificate service configured to process the requests against evaluation criteria to select certificate authorities to handle the requests, and handler processes configured to interface with associated ones of the selected certificate authorities for issuance and delivery of the digital security certificates.
    Type: Grant
    Filed: August 30, 2016
    Date of Patent: June 11, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Quentin Cleveland Bracken, Dawn Murphy Lamb
  • Patent number: 10320801
    Abstract: Techniques to provide secure access to a cloud-based service are disclosed. In various embodiments, a request is received from a client app on a device to connect to a security proxy associated with the cloud-based service. A secure tunnel connection between the device and a node with which the security proxy is associated is used to establish the requested connection to the security proxy. Information associated with the secure tunnel is used to determine that the requesting client app is authorized to access the cloud-based service from the device and to obtain from an identity provider associated with the cloud-based service a security token to be used by the client app to authenticate to the cloud-based service.
    Type: Grant
    Filed: September 25, 2018
    Date of Patent: June 11, 2019
    Assignee: MOBILE IRON, INC.
    Inventors: Kumara Das Karunakaran, Vijay Pawar, Jian Liu
  • Patent number: 10313332
    Abstract: A method of performing one-time password (OTP) authentication using a color code is provided. The method includes generating, by an OTP terminal and an authentication server, an OTP using a reference time, generating, by the OTP terminal, a color code corresponding to a binary code representing the OTP, displaying, by a display device, the color code, obtaining, by a camera, the displayed color code, decoding, by the authentication server, the obtained color code into the color code and generating a password which refers to the decoded binary code, and performing, by the authentication server, authentication by comparing the generated OTP and the password.
    Type: Grant
    Filed: August 30, 2016
    Date of Patent: June 4, 2019
    Assignee: Research & Business Foundation Sungkyunkwan University
    Inventors: Kwang-Seok Hong, Sang Min Park
  • Patent number: 10311254
    Abstract: An electronic apparatus and an information access control method thereof are provided. The information access control method includes receiving a user input for a first application on a touch screen, and limiting execution of at least some of remaining applications except for the first application of the electronic apparatus when the user input is a preset first information access control mode input.
    Type: Grant
    Filed: January 19, 2016
    Date of Patent: June 4, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: A. K. M. Fazla Mehrab, Kazy Fayeen Shariar, Sadik Noman
  • Patent number: 10305928
    Abstract: A method comprises receiving, at a network infrastructure device, a flow of packets, determining, using the network infrastructure device and for a first subset of the packets, that the first subset corresponds to a first datagram and determining a first length of the first datagram, determining, using the network infrastructure device and for a second subset of the packets, that the second subset corresponds to a second datagram that was received after the first datagram, and determining a second length of the second datagram, determining, using the network infrastructure device, a duration value between a first arrival time of the first datagram and a second arrival time of the second datagram, sending, to a collector device that is separate from the network infrastructure device, the first length, the second length, and the duration value for analysis.
    Type: Grant
    Filed: August 6, 2015
    Date of Patent: May 28, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: David McGrew, Andrew Zawadowskiy, Donovan O'Hara, Saravanan Radhakrishnan, Tomas Pevny, Daniel G. Wing
  • Patent number: 10306465
    Abstract: Managing data security on a mobile device. Data associated with a mobile device is received; the data includes an identification (ID) of the mobile device and a location of the mobile device relative to one or more location sensor devices. A path is determined, relative to the one or more location sensor devices, through which the mobile device has traveled. An electronic security key is communicated to the mobile device based on determining that the path corresponds to a defined path associated with the mobile device.
    Type: Grant
    Filed: July 18, 2017
    Date of Patent: May 28, 2019
    Assignee: International Business Machines Corporation
    Inventors: Ye Chen, Ruomeng Hao, Ting Jiang, Ning Wang, Shu Xi Wei, Youmiao Zhang
  • Patent number: 10298589
    Abstract: Role based access control (RBAC) identity management tools, computing systems, computer products and methods of abstracting individual users from the role assignment and revalidation process of traditional RBAC. The RBAC tools, products and systems of the present disclosure organize and manage multi-tenanted networks and cloud computing environments by organizing individual users by service providers having a single or unified identity, which are separately managed by the service provider owners. The service provider identities are treated as a single service provider entity applying for one or more roles in the multi-tenant system, allowing for a simplified role revalidation that no longer requires managers of tenants in a multi-tenant network to approve the role assignment of each individual user, because the tenants and tenant managers are unaware of the users identities that make up the service provider identity.
    Type: Grant
    Filed: January 27, 2016
    Date of Patent: May 21, 2019
    Assignee: International Business Machines Corporation
    Inventors: James D. Cleaver, Michael J. McGuire
  • Patent number: 10289826
    Abstract: A system for using an encrypted version of a password or access code which is stored in the open on a computer or other device, which utilizes a hardware token to decrypt the password or access code utilizing a secure secret which is stored inside the device, and which never leaves the device, to allow the owner of the device to have access to the Secure System. The system also provides means whereby the holder of a Master token and the holder of a Grand Master token may also have access to the Secure System as long as the user token was previously registered to the Master token and the Master Token was previously registered to the Grand master token before the secured resource was locked by the user token.
    Type: Grant
    Filed: March 3, 2009
    Date of Patent: May 14, 2019
    Assignee: CybrSecurity Corporation
    Inventors: Roger E. Billings, John A. Billings
  • Patent number: 10291599
    Abstract: A keystroke encryption device (KED) exists between the keyboard and the host computing platform including a host PC. The KED examines keystrokes before they are transmitted to the host PC and asymmetrically encrypts the keystrokes when the KED is turned on. The KED allows the keystrokes to pass through as originally indicated by the user when the KED is turned off. The KED accepts a public key from a server, which decrypts the keystrokes using its own public and private key. The keys and an asymmetric encryption algorithm together provide the means by which each keystroke is encrypted before it enters the host PC.
    Type: Grant
    Filed: July 20, 2016
    Date of Patent: May 14, 2019
    Inventors: William F. Haworth, Nicholas R. Hruch, Mark E. Fishman
  • Patent number: 10282540
    Abstract: Source devices can be secured using a display device filter. When a display device is connected to a source device, a display device filter can identify the display device and determine whether it is a trusted display device. If the display device filter determines that the display device is not trusted, it can take a number of actions to minimize the likelihood of harm to the source device. These actions may include preventing the source device from booting, shutting down the source device, locking the source device, blocking access to other devices, and/or notifying an administrator. In this way, a malicious user can be prevented from gaining access to the source device.
    Type: Grant
    Filed: April 17, 2017
    Date of Patent: May 7, 2019
    Assignee: WYSE TECHNOLOGY L.L.C.
    Inventors: Mohammed Sarfraz, Jenin JohnSimon
  • Patent number: 10284600
    Abstract: A managed container may be configured to manage enterprise applications, manage enterprise information stored on a device, manage a protected storage area used by the managed container to store and reference the enterprise applications during execution, and manage a database storing enterprise rules related to management of the enterprise applications and the enterprise information. The managed container may communicate with an application gateway server to control download and update of the enterprise applications, the enterprise information, and the enterprise rules. The application gateway server may be coupled to a backend enterprise application. At least one of the enterprise applications may be configured to execute in conjunction with the backend enterprise application according to at least one of the enterprise rules, and is configured to, according to another one of the enterprise rules, manage the enterprise information associated with the backend enterprise application.
    Type: Grant
    Filed: May 15, 2017
    Date of Patent: May 7, 2019
    Assignee: Open Text SA ULC
    Inventors: Gregory Beckman, Robert Laird, Alain Gagne
  • Patent number: 10284556
    Abstract: A computer-implemented method for verifying authentication requests using IP addresses may include (i) collecting, by a computing system, data on IP address changes from a set of endpoint devices, (ii) creating, by the computing system using the data on IP address changes, a virtual IP address distance map based on a likelihood of change from at least one origin IP address to at least one destination IP address, (iii) automatically detecting, by the computing system, a change in an IP address of a client device, (iv) determining, by the computing system and based on the virtual IP address distance map, that the change in the IP address of the client device indicates that an authentication request from the client device is suspicious, and (v) performing, by the computing system, a security action to secure the client device. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: November 11, 2016
    Date of Patent: May 7, 2019
    Assignee: Symantec Corporation
    Inventors: Ilya Sokolov, Kevin Jiang
  • Patent number: 10270801
    Abstract: Systems and methods are disclosed for analyzing a plurality of failed login records that correspond to failed login attempts detected by a computing system, to identify suspicious patterns of activity that can facilitate the supplementation of password blacklists for improving account security. To accomplish the foregoing, failed login records that include information associated with failed login attempts are obtained for analysis. The failed login records are analyzed to identify a set of failed login records that show initial characteristics of a suspicious pattern of activity. The information included in the set of failed login records are further analyzed to determine whether a suspicious pattern of activity is actually present. When a suspicious pattern of activity is identified in the set of failed login records, the passwords used in the failed login attempts are stored in password blacklists associated with the account identifier(s) with which the passwords were used.
    Type: Grant
    Filed: January 25, 2016
    Date of Patent: April 23, 2019
    Assignee: Oath Inc.
    Inventors: Lachlan A. Maxwell, Donald J. McQueen, William C. Wakefield, III
  • Patent number: 10264095
    Abstract: Enabling an authenticated user to access content associated with an authenticated user as though the authenticated user had a selected user relationship with the authenticated user. The user relationship may comprise a relationship degree, a relationship category, a relationship rating, and/or the like. An invitation to join an electronic service, such as an online social network, is sent to the unauthenticated user at an address known to the authenticated user. The invitation includes a time-limited token, such as a URL, that includes an invitation identifier, which relates the invitation to the authenticated user content. The token may be encrypted in the invitation. The unauthenticated user returns the token as a request to preview the authenticated user content without first becoming an authenticated user of the electronic service. If the token is still valid, access is granted. The unauthenticated user may also request to establish a connection with the authenticated user.
    Type: Grant
    Filed: November 11, 2013
    Date of Patent: April 16, 2019
    Assignee: EXCALIBUR IP, LLC
    Inventors: Michael La Rotonda, Neal Sample, F. Randall Farmer, Paul Brody, Ellen Sue Perelman
  • Patent number: 10262118
    Abstract: A digital marking module in a first computer memory receives a data file including original media content. The digital marking module accesses, from a second computer memory, identifying information corresponding to a recipient of the data file. The digital marking module generates altered media content to include the identifying information and substantially include the original media content. The data file with the altered media content is transmitted to a recipient device. The altered media content is received by a digital mark reader. The identifying information corresponding to the recipient of the data file is read from the altered media content.
    Type: Grant
    Filed: January 6, 2016
    Date of Patent: April 16, 2019
    Inventor: Robert Antonius Adrianus Van Overbruggen
  • Patent number: 10257705
    Abstract: This document describes, inter alia, techniques for configuring or setting up a wireless device. As an example of the features described herein, a first wireless device may be used to configure a second wireless device as follows: the first wireless device may detect that the second wireless device is available and is configurable; the first wireless device may connect to the second wireless device and transmit configuration information to the second wireless device, where the configuration information includes credentials that may be used to access a wireless network (e.g., a password to access a Wi-Fi network); the first wireless device and the second wireless device may then both connect to the wireless network, using the credentials; once both devices are connected to the wireless network, the first wireless device may verify that the second wireless device has been correctly configured.
    Type: Grant
    Filed: May 28, 2014
    Date of Patent: April 9, 2019
    Assignee: Apple Inc.
    Inventors: Bob Bradley, Andrew W. Burks, Gregg J. Golembeski
  • Patent number: 10248810
    Abstract: A method of automatically modifying a computer data query is disclosed herein. The modification of the computer data query can be performed to restrict access to data. The computer data query can be modified by receiving the computer data query, identifying tables in the query and retrieving providers associated with the tables identified in the query. These providers can be linked to one or several predicates. These predicates can be retrieved and used to modify the query. The modified query can then be used to retrieve data from one or several tables identified within the query.
    Type: Grant
    Filed: January 23, 2018
    Date of Patent: April 2, 2019
    Assignee: Pearson Education, Inc.
    Inventor: Gary J. Bisaga
  • Patent number: 10243948
    Abstract: A communication apparatus enhances security in transmitting electronic mail to a destination mail address without degrading operability. An MFP is connected to an authentication server and a mail server via a network. A user name and password are entered in a user name entry screen. The MFP requests the authentication server to authenticate the entered user name and password. When the user name and password are authenticated, the MFP is operable to acquire an e-mail address, a SMTP authentication user name, and a SMTP authentication password according to SMTP associated with the authenticated user name and password from the authentication server. The MFP requests the mail server to authenticate the acquired SMTP authentication user name and SMTP authentication password according to SMTP. When the SMTP authentication user name and the SMTP authentication password are authenticated, the MFP is operable to transmit e-mail to the mail server.
    Type: Grant
    Filed: November 22, 2013
    Date of Patent: March 26, 2019
    Inventor: Nobuyuki Tonegawa
  • Patent number: 10243928
    Abstract: Various techniques that allow group members to detect the use of stale encryption policy by other group members are disclosed. One method involves receiving a message from a first group member via a network. The message is received by a second group member. The method then detects that the first group member is not using a most recent policy update supplied by a key server, in response to information in the message. In response, a notification message can be sent from the second group member. The notification message indicates that at least one group member is not using the most recently policy update. The notification message can be sent to the key server or towards the first group member.
    Type: Grant
    Filed: January 29, 2016
    Date of Patent: March 26, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Warren Scott Wainner, Sheela D. Rowles, Brian E. Weis, David Arthur McGrew, Scott R. Fluhrer, Kavitha Kamarthy
  • Patent number: 10230564
    Abstract: A single sign-on system accepts master credentials from a user device and/or application, and automatically signs on to supported services using account credentials corresponding to those services. If the user has not created an account used by a particular device or application, the system can automatically interact with the account service to create the account. Similarly, if the device or application that relies on the account has not already been registered with the account, the system automatically interacts with the account to register the device or account.
    Type: Grant
    Filed: April 29, 2011
    Date of Patent: March 12, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Luhui Hu, Jonathan A. Leblang, David J. Zimmer