Patents Examined by Lynn D. Feild
  • Patent number: 10417441
    Abstract: A database activity monitoring service, operating independent of a database server, in response to intercepting a database server response issued by the database server comprising a result set associated with a dynamic database query, extracts a first selection of data from the result set, the first selection of data identifying one or more dynamic query elements of the dynamic database query as constructed by the database server at runtime. The database activity monitoring service determines whether the one or more dynamic query elements comply with one or more security policies. The database activity monitoring service, in response to determining that the one or more dynamic query elements fail to comply with at least one of the one or more security policies, issues a security alert.
    Type: Grant
    Filed: April 29, 2016
    Date of Patent: September 17, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventor: Leonid Rodniansky
  • Patent number: 10419421
    Abstract: Methods, systems, and computer programs are presented for creating a secure network fabric and for adding trusted devices to an existing secure network fabric. One method includes an operation for setting a switch into a provisioning mode where the switch does not enforce secure communications. While the switch is in provisioning mode, the method performs operations including establishing a connection from the switch to a provisioning controller, sending a certificate signing request (CSR) from the switch to the provisioning controller, and receiving, from the provisioning controller, a security certificate generated by a certificate authority. The method further includes an operation for entering a lockdown mode by the switch after receiving the security certificate, where the switch, while in lockdown mode, secures communications utilizing the security certificate.
    Type: Grant
    Filed: August 11, 2016
    Date of Patent: September 17, 2019
    Assignee: Big Switch Networks, Inc.
    Inventors: Andreas Wundsam, Gregor Maier, Carl D. Roth, Jeffrey Townsend, Jason Parraga, Cham Ho Li, Tomasz Klimczyk
  • Patent number: 10419419
    Abstract: Technologies for sensor action verification include a local computing device to receive a request for the local computing device to perform a sensor action from a remote computing device. The local computing device verifies the received request to confirm that the remote computing device is authorized to request the local computing device to perform the sensor action and performs, by a sensor controller of the local computing device, the requested sensor action in response to verification of the received request. The sensor controller manages operation of one or more sensors of the local computing device. The local computing device transmits a response message to the remote computing device indicating whether the requested sensor action has been performed by the sensor controller of the local computing device.
    Type: Grant
    Filed: September 24, 2014
    Date of Patent: September 17, 2019
    Assignee: Intel Corporation
    Inventors: David Kaplan, Shahar Taite, Aviv Ron, Tomer Rider
  • Patent number: 10412100
    Abstract: A secure communication management (SCM) computer device for providing secure data connections in an aviation environment which, includes safety of flight information, is provided. The SCM computer device includes a processor in communication with a memory. The processor is programmed to receive, from a first user computer device, a first data message for a first aircraft. The first data message is in a standardized data format. The processor is also programmed to analyze the first data message for potential cybersecurity threats. If the determination is that the first data message does not contain a cybersecurity threat, the processor is further programmed to convert the first data message into a first data format associated with the first aircraft and transmit the converted first data message to the first aircraft using a first communication protocol associated with the first aircraft.
    Type: Grant
    Filed: August 1, 2016
    Date of Patent: September 10, 2019
    Assignee: THE BOEING COMPANY
    Inventors: Timothy Mitchell, Gordon Edward Letney, Kevin James Luschei, Timothy William Anstey, John Bush, Steve Magnuson
  • Patent number: 10409967
    Abstract: Systems and methods for limiting a user's access to a specific subset of a plurality of software applications installed on a computing device. A method includes the steps of: (i) activating a master application by a master user, where the master application allows access only to the specific subset of the plurality of software applications installed on the computing device, and further where the master application cannot be deactivated without authorization from the master user; (ii) accessing, from within the master application, one or more of the subset of software applications by an authorized user; (iii) returning to the master application or accessing a second of the subset of software applications; and (iv) deactivating the master application, where only the master user can deactivate the master application.
    Type: Grant
    Filed: June 16, 2015
    Date of Patent: September 10, 2019
    Assignee: HAH, Inc.
    Inventor: Heather Ahn
  • Patent number: 10404676
    Abstract: A method and apparatus for coordinating and authenticating requests for data. In one embodiment, the apparatus comprises: a baseboard management controller (BMC); and a request coordinator coupled to the BMC to intercept BMC requests and to provide intercepted requests to the BMC, where the coordination interface comprises a request parser to parse parameters for each of the BMC requests, one or more queues to store the requests while the BMC is servicing another BMC request, and a command submitter to send individual BMC requests to the BMC, wherein the BMC is operable to generate the responses to the BMC requests received from the coordination interface and to send the responses to the coordination interface.
    Type: Grant
    Filed: March 29, 2016
    Date of Patent: September 3, 2019
    Assignee: INTEL CORPORATION
    Inventors: Justin J. Song, Devadatta V. Bodas, Muralidhar Rajappa, Andy Hoffman, Mariusz Oriol, Gopal R. Mundada
  • Patent number: 10404706
    Abstract: A method of detecting, verifying, preventing and correcting or resolving unauthorized use of electronic media content. In one embodiment, the method comprises providing an electronic system that allows auditors to register to audit the use of electronic media content, providing the auditors with information through the electronic system regarding a unique identifier that identifies one or more items of electronic media content, owners of electronic media content or other intellectual property or users who have subscribed to the use of electronic media content, obtaining information from auditors through the electronic system regarding unauthorized use of the electronic media content and verifying that the information received from auditors is complete.
    Type: Grant
    Filed: June 13, 2017
    Date of Patent: September 3, 2019
    Inventors: Wayne D. Lonstein, Julie C. Lonstein
  • Patent number: 10404700
    Abstract: The present disclosure relates to a method for multi-user, at least partially concurrent, electronic circuit design. Embodiments may include storing a lock list at a client computing device, wherein the lock list includes objects associated with an electronic design that have been locked or unlocked. Embodiments may further include receiving a user input corresponding to a lock/unlock request associated with an object of the design, wherein the design is accessible by multiple users in an at least partially concurrent manner. Embodiments may include transmitting the lock/unlock request to a server computing device. Embodiments may further include comparing the user input corresponding to at least one of the lock request or unlock request with the lock list and determining whether to lock or unlock the object based upon, at least in part, the comparison, wherein determining does not include receiving server authorization.
    Type: Grant
    Filed: August 27, 2015
    Date of Patent: September 3, 2019
    Assignee: Cadence Design Systems, Inc.
    Inventors: Patrick Bernard, Sean Bergan, George Malcolm Buzzell
  • Patent number: 10404678
    Abstract: A security object creation and validation system provides an additional factor of authentication. An authentication system as described herein provides secure two-factor authentication, such as for IT resources in an organization. The authentication system can perform generation of a security object (such as an X.509 object, Java object, persistent browser token, or other digital certificate); registration of the generated security object or of an existing security object (such as a near field communication identifier, smart card identifier, OATH token, etc.); validation of the security object as part of an authentication process; and assertion of the identity of the security object to native network resources (such as web resources, network resources, cloud resources, mobile applications, and the like) that may accept the security object. The authentication system may provide user interfaces to allow users and administrators to manage registered device inventory and revoke security objects.
    Type: Grant
    Filed: February 25, 2015
    Date of Patent: September 3, 2019
    Assignee: SecureAuth Corporation
    Inventors: Garret Florian Grajek, Allen Yu Quach, Jeffrey Chiwai Lo, Shu Jen Tung
  • Patent number: 10397220
    Abstract: An account management system establishes an account for a user. The user enters user account information into the account and the account management system establishes a facial template for the user based on an image of the face of the user. The user requests to change user account information at a merchant POS (POS) device. The merchant POS device captures a facial image of the user and transmits the image the account management system, which generates a facial template and compares the generated facial template against the existing facial template associated with user account. If the generated facial template is less than a threshold difference from the existing facial template, the user may update user account information at the merchant POS device, which communicates the updated user account information to the account management system. The account management system associates the updated user account information with the user account.
    Type: Grant
    Filed: April 29, 2016
    Date of Patent: August 27, 2019
    Assignee: GOOGLE LLC
    Inventors: Sashikanth Chandrasekaran, Denise Ho, Dmitry Kalenichenko, Varouj Chitilian, Timothy Raymond Zwiebel, Michal Palczewski
  • Patent number: 10387288
    Abstract: Analyzing a security specification. An embodiment can include identifying a downgrader in a computer program under test. Testing on the downgrader can be performed in a first level of analysis. Responsive to the downgrader not passing the testing performed in the first level of analysis, a counter example for the downgrader can be automatically synthesized. Further, a test unit can be created for the downgrader using the counter example as an input parameter to the downgrader. The test unit can be executed to perform testing on the downgrader in a second level of analysis. Responsive to the downgrader passing the testing performed in the second level of analysis, a user can be prompted to simplify a model of the downgrader.
    Type: Grant
    Filed: August 26, 2014
    Date of Patent: August 20, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Marco Pistoia, Takaaki Tateishi, Omer Tripp
  • Patent number: 10382414
    Abstract: Disclosed are a method, system, and storage medium for service account authentication. A user authentication method includes managing authentication information associated with a service account of a user and social information about the user; and performing user authentication with respect to the service account through a stepwise procedure in which an authentication method using the authentication information and an authentication method using the social information are combined.
    Type: Grant
    Filed: February 26, 2015
    Date of Patent: August 13, 2019
    Assignee: Camp Mobile Corporation
    Inventor: Seung Phill Lim
  • Patent number: 10380365
    Abstract: Techniques are described for managing creation and/or execution of distributed programs, such as for a group of multiple interrelated programs that are part of a service-oriented architecture or that otherwise interact during execution to provide a desired type of functionality. In at least some situations, the described techniques include performing decentralized choreographed distributed execution of a group of related programs, by using executing supervisor components for some or all such programs to manage execution-related behavior of the programs. The execution-related behavior that is managed by supervisor components for a group of programs may include, for example, managing interactions between the programs, managing run-time dependencies and other relationships between at least some of the programs, managing update strategies for updating some or all of the programs of the group while the group continues to provide functionality (e.g.
    Type: Grant
    Filed: June 1, 2016
    Date of Patent: August 13, 2019
    Assignee: Chef Software, Inc.
    Inventors: Adam B. Jacob, Julian C. Dunn, Jamie Winsor, Fletcher Nichol, Alexandre Ethier, Nathan Smith, Ryan Keairns, David Parfitt, Joshua Timberman
  • Patent number: 10382486
    Abstract: Disclosed herein are representative embodiments of methods, apparatus, and systems for processing and managing information from a compliance and configuration control (“CCC”) tool and generating information for a security information and event management (“SIEM”) tool based on the information from the CCC tool. For example, in one exemplary embodiment, information from a CCC tool is transferred to a SIEM tool or logging tool by receiving the information from the CCC tool in a format that is not recognized by the SIEM tool or logging tool, and generating an output message in a message format that is recognized by the SIEM tool or logging tool. In particular embodiments, the message format is a customizable message format that is adaptable to multiple different SIEM tools or logging tools. In further embodiments, the data transferred to the SIEM tool comprises data indicative of compliance policy changes.
    Type: Grant
    Filed: September 28, 2012
    Date of Patent: August 13, 2019
    Assignee: Tripwire, Inc.
    Inventor: Stephen Rivers
  • Patent number: 10382475
    Abstract: A system can connect multiple disparate web products and services through a common interface. Each product can function with or without other plugins as the features are dynamic based on what plugins are available. Desktops for contact centers can provide dynamic adjustment for given usage contexts. Secure electronic communication between parties reduce exposure to a man-in-the-middle attack within a contact center deployment equipped with interactive voice response functionality.
    Type: Grant
    Filed: July 1, 2016
    Date of Patent: August 13, 2019
    Inventors: Benjamin Friend, Marat Irner, Christopher Connolly, Herbert Willi Artur Ristock, Leonid Vymenets, Colin Leonard, Vladimir Mezhibovsky, Josef Eric Eisner
  • Patent number: 10375020
    Abstract: In one embodiment, a browser operating on a host device receives, from a user, a request to access a web server that includes a Uniform Resource Locator (URL) associated with the web server. In response, the browser sends, to a Domain Name System (DNS) server, a request for an Internet Protocol (IP) address correlated with the domain hosting the URL, and receives, from the DNS server, a response that comprises a block policy IP address and an appropriate error code. Based on this IP address and the error code indicated in the response, the browser renders an access denied page indicating that access to the web server associated with the URL is not permitted, wherein at least a portion of the access denied page is stored in memory accessible to the browser prior to sending the request for the IP address correlated with the domain that is hosting the URL.
    Type: Grant
    Filed: January 18, 2017
    Date of Patent: August 6, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Daniel G. Wing, K. Tirumaleswar Reddy, Prashanth Patil
  • Patent number: 10372919
    Abstract: Various systems, methods, and processes to protect virtual machine data in cloud computing environments are disclosed. A request for application data is received. The application data is encrypted, the request is received at an encryption virtual machine, and the encryption virtual machine is configured to receive the request from application virtual machines via loaders. A map file is accessed to identify an application virtual machine for which the application data is requested and the application data is accessed in a storage volume. The storage volume is communicatively coupled to the encryption virtual machine, and the encryption virtual machine is coupled between the application virtual machines and the storage volume. The application data is received from the storage volume and decrypted at the encryption virtual machine. The decrypted application data is sent to the loaders.
    Type: Grant
    Filed: February 12, 2018
    Date of Patent: August 6, 2019
    Assignee: Veritas Technologies LLC
    Inventors: Soumya Tripathy, Subhadeep Ghosh
  • Patent number: 10374804
    Abstract: In a method of controlling an electronic device using a wearable device, the electronic device is paired with the wearable device. A cryptographic key, which corresponds to the electronic device, is stored in a secure storage device included in the wearable device. A distance between the wearable device and the electronic device is estimated by the wearable device. An unlock signal including the cryptographic key, which is stored in the secure storage device, is transmitted from the wearable device to the electronic device when the estimated distance is smaller than a threshold distance. The electronic device is unlocked based on the unlock signal.
    Type: Grant
    Filed: August 27, 2015
    Date of Patent: August 6, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Seung-Ho Lee, Ki-Hyoun Kwon, Jerome Han, Sung-Hoon Son
  • Patent number: 10375051
    Abstract: An example method of decrypting electronic messages includes receiving, by an authentication module of a decryptor device, authentication requests from a plurality of destination clients. The method also includes receiving, by a decryption module of the decryptor device, encrypted electronic messages from the plurality of destination clients. The encrypted electronic messages are derived from a common electronic message sent by a common source client. The method further includes authenticating, based on an authentication table, the plurality of destination clients. The authentication table stores user credentials that are used to authenticate destination clients. The method also includes for each encrypted electronic message received from an authenticated destination client of the plurality of destination clients, decrypting the encrypted electronic message using a common private key and providing the decrypted electronic message to the authenticated destination client.
    Type: Grant
    Filed: November 27, 2017
    Date of Patent: August 6, 2019
    Assignee: Red Hat Israel, Ltd.
    Inventor: Michael Tsirkin
  • Patent number: 10366232
    Abstract: Described is a language-based system for detecting function calls. The system detects missing authorization and authentication functionality in computer software source code via typechecking. New classes of software vulnerability in the computer software source code are detected.
    Type: Grant
    Filed: October 3, 2016
    Date of Patent: July 30, 2019
    Assignee: HRL Laboratories, LLC
    Inventors: George Kuan, Aleksey Nogin, Alexei Kopylov