Patents Examined by Madhuri R Herzog
-
Patent number: 11824870Abstract: Conventional email filtering services are not suitable for recognizing sophisticated malicious emails, and therefore may allow sophisticated malicious emails to reach inboxes by mistake. Introduced here are threat detection platforms designed to take an integrative approach to detecting security threats. For example, after receiving input indicative of an approval from an individual to access past email received by employees of an enterprise, a threat detection platform can download past emails to build a machine learning (ML) model that understands the norms of communication with internal contacts (e.g., other employees) and/or external contacts (e.g., vendors). By applying the ML model to incoming email, the threat detection platform can identify security threats in real time in a targeted manner.Type: GrantFiled: November 4, 2019Date of Patent: November 21, 2023Assignee: Abnormal Security CorporationInventors: Sanjay Jeyakumar, Jeshua Alexis Bratman, Dmitry Chechik, Abhijit Bagri, Evan James Reiser, Sanny Xiao Yang Liao, Yu Zhou Lee, Carlos Daniel Gasperi, Kevin Lau, Kai Jing Jiang, Su Li Debbie Tan, Jeremy Kao, Cheng-Lin Yeh
-
Patent number: 11822640Abstract: Provided are systems and methods for verifying user credentials for performing a search. Verifying user credentials include receiving a search request at a search server, determining, at the search server, whether a set of user credentials of a user has been updated within a threshold period of time. The set of user credentials are received from an identity provider server and cached at the search server. Responsive to determining that the cached set of user credentials have not been updated within the threshold period of time, the identity provider server is queried for a current set of user credentials associated with the user. The current set of user credentials from the identity provider server, and used to determine that the user is authorized to perform the search. The search of the datastore is launched responsive to determining that the user is authorized.Type: GrantFiled: June 14, 2021Date of Patent: November 21, 2023Assignee: Splunk Inc.Inventors: Jagannath Kerai, Rama Gopalan
-
Patent number: 11825001Abstract: A blockchain based numerical value ranking method includes: using, by a first participant, a public key of the first participant to encrypt a private value of the first participant to obtain an encrypted text of the first participant; obtaining encrypted texts of other participants, and generating a challenge value having a preset bit length; based on the challenge value and the private value of the first participant, and the encrypted texts and public keys of the other participants, determining mixed results of the first participant with respect to the other participants; and determining a numerical value ranking result between the first participant and a second participant based on the mixed result of the second participant with respect to the first participant.Type: GrantFiled: September 2, 2021Date of Patent: November 21, 2023Assignee: CHINA UNIONPAY CO., LTD.Inventors: Zhenyao Qiu, Yang Yang, Zhou Chen, Zili Huang, Lu Xiong
-
Patent number: 11818112Abstract: Disclosed are various examples for enrolling a client device and synchronizing user attributes for the client device across multiple directory services. A search request for user attributes can be sent to a first directory service with an identifier for a user account. The first directory service can query for the identifier and send back user attributes. If a global identifier is included in the attributes, another search request for user attributes can be sent to a second directory service with the global identifier. The second directory service can query for the global identifier and send back user attributes.Type: GrantFiled: April 4, 2022Date of Patent: November 14, 2023Assignee: AirWatch, LLCInventors: Kalyan Regula, Shravan Shantharam, Nishita Manjunath, Varun Murthy, Jason Roszak
-
Patent number: 11800364Abstract: This application provides an unmanned aerial vehicle authentication method and an apparatus. The method includes: sending, by a communications device after determining that a type of a terminal is a UAV, authentication information of the terminal to an authentication server, so that the authentication server can perform authentication on the terminal based on the authentication information of the terminal, and therefore, the authentication server completes authentication on the terminal. In addition, the unmanned aerial vehicle is allowed to fly only after authentication on the terminal succeeds. Therefore, flight security of the unmanned aerial vehicle can be improved.Type: GrantFiled: March 4, 2022Date of Patent: October 24, 2023Assignee: Huawei Technologies Co., Ltd.Inventors: Haoren Zhu, Zhixian Xiang, Gang Li, Cuili Ge
-
Patent number: 11799914Abstract: Techniques for cellular Internet of Things (IoT) battery drain prevention in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for cellular IoT battery drain prevention in mobile networks includes monitoring network traffic on a service provider network at a security platform to identify a misbehaving application based on a security policy, wherein the service provider network includes a 4G network or a 5G network; extracting subscription identifier information for network traffic associated with the misbehaving application at the security platform; and enforcing the security policy at the security platform to rate limit paging messages sent to an endpoint device using the subscription identifier information and based on the security policy.Type: GrantFiled: October 19, 2021Date of Patent: October 24, 2023Assignee: Palo Alto Networks, Inc.Inventors: Sachin Verma, Leonid Burakovsky
-
Patent number: 11783062Abstract: Technology for risk-based access to secrets utilizes risk metadata tailored to secrets. Secrets include passwords, security tokens, digital certificates, and other items used for identity authentication, authorization, signing, validation, and other cybersecurity processes. A secret's risk metadata may indicate which controls protect the secret, the deployment scope of the secret or the asset it secures, known exposures of the secret, whether the secret secures other secrets, the impact if the secret is misused, the secret's strength, characteristics of the asset the secret secures, the secret's risk history, and other characteristics of secrets that set them apart. Unlike secrets, typical user-generated digital assets like web pages, documents, image files, and so on have value on their own. An enhanced system distinguishes between secrets and non-secrets when modulating access, making it possible to automatically provide consistent, efficient, and effective risk-based control over access to secrets.Type: GrantFiled: February 16, 2021Date of Patent: October 10, 2023Inventor: Brian Lounsberry
-
Patent number: 11770713Abstract: The technology includes a method performed by a security system of a 5G network. The system can instantiate an agent that monitors and control incoming network traffic at a perimeter of the 5G network in accordance with a security model. The agent can process the incoming network traffic with the security model to output a vulnerability-risk-threat (VRT) score that characterizes the incoming network traffic in relation to a vulnerability parameter, a risk parameter, and a threat parameter. The agent compares the VRT score with a threshold value to determine a likelihood that the incoming network traffic includes VRT traffic. The agent communicates at least an indication of the VRT score and incoming network traffic to a central component, which collects VRT information from multiple agents to generate an update for the security model.Type: GrantFiled: July 6, 2020Date of Patent: September 26, 2023Assignee: T-Mobile USA, Inc.Inventor: Venson Shaw
-
Patent number: 11762984Abstract: A support service application may process a request that contains a hyperlink. The hyperlink may be examined to determine a level of risk associated with accessing a resource referred to by the hyperlink. An execution environment for processing the hyperlink may be identified. The execution environment may comprise a virtual machine drawn from a pool of virtual machines. The resource may be retrieved by a browser process operating within the context of the virtual machine, and a safe version of the resource may be rendered and made available to customer support personnel using the support service application.Type: GrantFiled: October 15, 2019Date of Patent: September 19, 2023Assignee: Amazon Technologies, Inc.Inventors: Gregory Branchek Roth, Matthew Daniel DeMoss, Jonathan Matthew Miller
-
Patent number: 11755719Abstract: The following relates to a hardware security module for usage with manufacturing devices and a method for operating the same is provided. The security module includes: a secure element, which is adapted to detect an operating mode of the hardware security module; a first interface which is adapted to receive commands for controlling the hardware security module; a central processing unit for processing application program code in a secure environment; a second interface which is adapted for receiving configuration data, wherein the second interface is activated and deactivated in dependence of the detected operating mode.Type: GrantFiled: November 14, 2018Date of Patent: September 12, 2023Assignee: SIEMENS AKTIENGESELLSCHAFTInventors: Hans Aschauer, Rainer Falk, Christian Peter Feist, Daniel Schneider
-
Patent number: 11748493Abstract: A system can include a processor having a secure mode and a non-secure mode, and a secure module configured to respond to tokens posted by the processor in the secure mode. Each token can identify a secure asset, and source and destination addresses within secure and public address spaces. The secure module can include a memory storing secure assets identifiable by the tokens and a memory access circuit to read data from source addresses and write processed data to destination addresses. The system can further include a cryptography engine configured to process the read data using identified secure assets. The secure module can respond to tokens posted in the non-secure mode. The memory can store, with each secure asset, a respective rule defining the address spaces where the memory access circuit may read and write data. The secure module can ignore tokens that do not satisfy respective rules.Type: GrantFiled: April 5, 2021Date of Patent: September 5, 2023Assignee: Rambus Inc.Inventors: Gijs Willemse, Marc Van Hoorn, Marcel Van Loon
-
Patent number: 11743729Abstract: The technology includes a method performed by a system of a telecommunications network to manage network traffic of a 5G network. The system can instantiate a security system to sort incoming or outgoing network traffic at a perimeter of the 5G network into multiple groups that are each uniquely associated with multiple traffic types and multiple security levels. The system can inspect segments of data included in the incoming network traffic and sort multiple portions of the network traffic into the groups based in part on the inspection of the segments of the data. The system can dynamically adjust an available bandwidth of the 5G network based on each load of each of the groups and dispatch the portions of the network traffic in accordance with a traffic type and a security level of each of the groups.Type: GrantFiled: July 6, 2020Date of Patent: August 29, 2023Assignee: T-Mobile USA, Inc.Inventor: Venson Shaw
-
Patent number: 11736281Abstract: Systems, apparatuses, methods, and computer program products are disclosed for post-quantum cryptography (PQC). An example method includes generating encrypted data. The example method further includes monitoring a set of data environments comprising the encrypted data, wherein a data environment associated with the set of data environments comprises one or more quantum computing techniques. The example method further includes generating quantum computing (QC) detection data comprising one or more instances of the one or more quantum computing techniques decrypting the encrypted data. The example method further includes, subsequent to the generation of the QC detection data, encrypting data based on the QC detection data, wherein the data is encrypted based on a set of PQC encryption attributes absent from the QC detection data.Type: GrantFiled: December 22, 2021Date of Patent: August 22, 2023Assignee: Wells Fargo Bank, N.A.Inventors: Ravi K. Maganti, Bradford A. Shea, M. Erik Meinholz, Jeff J. Stapleton, Peter Bordow, Pierre Arbajian, Abhijit Rao, Robert L. Carter
-
Patent number: 11727123Abstract: A computing system and method to implement a three-dimensional virtual reality world having user created virtual objects. A platonic object identifies a list of objects as different versions of the platonic object. Each respective object has: a blueprint identifying resource objects that are used to construct the respective object in the virtual reality world; and a provenance node identifying the platonic object of the respective object, a creator of the respective object, and a set of access control parameters of the respective object. A server computer hosting the virtual reality world control access to instances of the platonic object according to access control parameters stored in the tree of provenance nodes for the objects connected via the blueprints and the platonic object.Type: GrantFiled: March 26, 2021Date of Patent: August 15, 2023Assignee: Tilia LLCInventors: Richard Benjamin Trent Nelson, Jeffery Blaine Petersen, Avery Lauren Orman, Donald N. Kjer, Matthew A. Breindel, Jason Wayne Gholston
-
Patent number: 11716628Abstract: Provided are an electronic device and a method for controlling the electronic device.Type: GrantFiled: November 6, 2020Date of Patent: August 1, 2023Assignee: Samsung Electronics Co., Ltd.Inventors: Donguk Kim, Sangwon Gil, Choonghoon Lee
-
Patent number: 11709952Abstract: A method of data access control in an intermediation server includes: storing a record containing: a record identifier; a plurality of sections each containing data; and in association with each section, an owner identifier selected from a set of requester identifiers corresponding to respective requester subsystems; storing access control data corresponding to each requester identifier; wherein the access control data for a given requester identifier indicates which other requester identifiers are permitted to access a section of the record having the given requester identifier associated therewith as the owner identifier; responsive to receiving, from one of the requester subsystems, a request containing the record identifier and an active one of the requester identifiers corresponding to the active requester subsystem: granting access to a subset of the sections according to the active requester identifier, the owner identifiers and the access control data.Type: GrantFiled: November 29, 2019Date of Patent: July 25, 2023Assignee: AMADEUS S.A.S.Inventors: Catherine Bignotti, Bertrand Alberola, Veronique Leroy, Jean-Chafic Hays, Pierre Brun
-
Patent number: 11711398Abstract: A distributed network security service is disclosed. The disclosed platform comprises an external service that facilitates security operations for a private network. Data from nodes of the private network is received and analyzed by the service. An output is automatically generated by the service in response to a detected security event in the analyzed data that facilitates remediating the security event at least at one or more of the nodes of the private network, wherein a latency exists between the security event occurring on the private network and being remediated during which time an entity responsible for the security event has access to the private network before being blocked.Type: GrantFiled: October 25, 2019Date of Patent: July 25, 2023Assignee: Netography, Inc.Inventors: Barrett Lyon, Daniel Murphy
-
Patent number: 11704430Abstract: In an example embodiment, access to a data set in a data lake can be specified using several approaches, based on the metadata and information attached. The metadata may be replicated from the original data source of the underlying data, and additional metadata may be modeled and stored to construct linkage information between data types. This linkage information may be used to automatically grant access to users to additional objects that are linked to objects that the user has explicit access to.Type: GrantFiled: September 10, 2019Date of Patent: July 18, 2023Assignee: SAP SEInventors: Peter Eberlein, Volker Driesen
-
Patent number: 11698986Abstract: Method and system disclosed herein facilitate retrieval of a blockchain key. The method comprises receiving a key store comprising a first encryption method, a second encryption method, and identification information of one or more network nodes storing a plurality of encrypted storage keys; displaying an authentication request and receiving and input form the user in response to the authentication request; upon the input received matching a record within a database, instructing the one or more network nodes to transmit the encrypted key segments; decrypting each encrypted key segment based on the first encryption method; and generating a blockchain key by appending the strings of the key segments based on the second encryption method.Type: GrantFiled: December 11, 2020Date of Patent: July 11, 2023Assignee: Massachusetts Mutual Life Insurance CompanyInventors: Michal Knas, Jiby John, Rick Ferry, Krzysztof Gibadlo
-
Patent number: 11687654Abstract: Implementations describe providing isolation in virtualized systems using trust domains. In one implementation, a processing device includes a memory ownership table (MOT) that is access-controlled against software access. The processing device further includes a processing core to execute a trust domain resource manager (TDRM) to manage a trust domain (TD), maintain a trust domain control structure (TDCS) for managing global metadata for each TD, maintain an execution state of the TD in at least one trust domain thread control structure (TD-TCS) that is access-controlled against software accesses, and reference the MOT to obtain at least one key identifier (key ID) corresponding to an encryption key assigned to the TD, the key ID to allow the processing device to decrypt memory pages assigned to the TD responsive to the processing device executing in the context of the TD, the memory pages assigned to the TD encrypted with the encryption key.Type: GrantFiled: September 15, 2017Date of Patent: June 27, 2023Assignee: Intel CorporationInventors: Ravi L. Sahita, Baiju V. Patel, Barry E. Huntley, Gilbert Neiger, Hormuzd M. Khosravi, Ido Ouziel, David M. Durham, Ioannis T. Schoinas, Siddhartha Chhabra, Carlos V. Rozas, Gideon Gerzon