Patents Examined by Matthew T. Henning
  • Patent number: 10250393
    Abstract: Techniques allow for automatic signing of a digital document in response to some event and/or when the document satisfies some predefined condition. The document may be, for example, an agreement, a technical paper for publication, a press release or marketing materials, or any other digital document that might need to be assented to, approved by, and/or attributed to one or more persons or representatives. The techniques may further provide support for automatic signature tracking and notification in order to assist with auditability. In one example embodiment, the techniques are implemented in the context of an e-signature application or service, which may be installed locally on the user's computer or provided to the user via a network from a server. In one example embodiment, the e-signature service is configured to automatically impress a signer's signature into a given document, if the signer's pre-established auto-sign criteria is met.
    Type: Grant
    Filed: November 29, 2016
    Date of Patent: April 2, 2019
    Assignee: Adobe Inc.
    Inventor: Benjamin D. Follis
  • Patent number: 10235533
    Abstract: A system with an interactive user interface for a plurality of users to author an electronic document simultaneously is described. The system displays visual feedback on the interface to prevent the users from interfering with one another. The system displays data from a remote database linked into the document based on unique identifiers. The data is displayed as an “artifact.” The system monitors and tracks each user's access category level, as well as the access category level of each piece of data pulled from the remote database. The system compares a user's category level to the data from the database to make visible only the portions of the document the user has the appropriate access category level to view and/or modify. The portions of the document that have a higher category level than the user will be hidden from the user either in part or completely. Also, there may be an indicator to the user of such redacted or hidden content from the user's viewer.
    Type: Grant
    Filed: December 1, 2017
    Date of Patent: March 19, 2019
    Assignee: PALANTIR TECHNOLOGIES INC.
    Inventors: Paul Thoren, Benjamin Gazzard, David Meiklejohn, Kevin Ng, Matthew Fedderly, Rhys Brett-Bowen
  • Patent number: 10235648
    Abstract: A method of assessing a risk level of an enterprise using cloud-based services from one or more cloud service providers includes assessing provider risk scores associated with the one or more cloud service providers; assessing cloud service usage behavior and pattern of the enterprise; and generating a risk score for the enterprise based on the provider risk scores and on the cloud service usage behavior and pattern of the enterprise. The risk score is indicative of the risk of the enterprise relating to the use of the cloud-based services from the one or more cloud service providers.
    Type: Grant
    Filed: January 31, 2018
    Date of Patent: March 19, 2019
    Assignee: Skyhigh Networks, LLC
    Inventors: Dejan Curcic, Rajiv Gupta, Kaushik Narayan, Prasad Raghavendra Somasamudram, Sekhar Sarukkai
  • Patent number: 10237078
    Abstract: A proxy server in a cloud-based proxy service receives a secure session request from a client device as a result of a Domain Name System (DNS) request for a domain resolving to the proxy server. The proxy server participates in a secure session negotiation with the client device including transmitting a digital certificate to the client device that is bound to domain and multiple other domains. The proxy server receives an encrypted request from the client device for an action to be performed on a resource that is hosted at an origin server corresponding to the domain. The proxy server decrypts the request and participates in a secure session negotiation with the origin server including receiving a digital certificate from the origin server. The proxy server encrypts the decrypted request using the digital certificate from the origin server and transmits the encrypted request to the origin server.
    Type: Grant
    Filed: April 21, 2015
    Date of Patent: March 19, 2019
    Assignee: CLOUDFLARE, INC.
    Inventors: Matthew Browning Prince, Srikanth N. Rao, Lee Hahn Holloway, Ian Gerald Pye
  • Patent number: 10235519
    Abstract: Visual and non-visual elements associated with the candidate files are analyzed to determine whether the candidate files are malware. A visual element (e.g., icon) is extracted from the candidate file, and the icon's image is compared to a group of reference images associated with trusted entities. If the icon's image matches a reference image, the candidate file may be malware masquerading as trusted software. The non-visual elements associated with the candidate file are used, in combination with the visual elements, to determine whether the candidate file is malware.
    Type: Grant
    Filed: October 27, 2015
    Date of Patent: March 19, 2019
    Assignee: Carbon Black, Inc.
    Inventors: Jeffrey J. Guy, Mark Gilbert
  • Patent number: 10225741
    Abstract: An approach to preemptive mobile data caching is provided, the approach involves retrieving user data associated with a user of a mobile computing device, retrieving external data associated with network service availability, predicting a location the user is travelling to based on the user data retrieved, determining a data security risk profile associated with the location predicted, based on the user data and the external data retrieved, determining data to be prefetched in advance of a user request for the data, wherein the data is determined based on an analysis of the user data retrieved, the location predicted and the data security risk profile and prefetching the data determined in advance of the user request for the data.
    Type: Grant
    Filed: December 12, 2016
    Date of Patent: March 5, 2019
    Assignee: International Business Machines Corporation
    Inventors: Martin J. Gale, Erik H. Katzen
  • Patent number: 10205641
    Abstract: A method and related apparatus for performing inspection of flows within a software defined network includes identifying a security appliance within a software defined network, identifying candidate traffic flows flowing in the software defined network to be inspected, selecting one of the candidate traffic flows for security inspection, and communicating with a software defined network controller to cause the one of the candidate traffic flows to be redirected towards the security appliance for inspection or to cause the one of the candidate traffic flows to be copied and a resulting copy thereof forwarded to the security appliance for inspection.
    Type: Grant
    Filed: July 17, 2015
    Date of Patent: February 12, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: David McGrew, Kenneth S. Beck
  • Patent number: 10206112
    Abstract: Apparatuses, systems and methods for providing a remote user computing system with secure wireless diagnostic and programming access to an IED operatively coupled with electrical substation equipment are disclosed. An exemplary apparatus comprises a portable computer system comprising a processor and one or more non-transitory memory media storing executable instructions and a cellular modem in operative communication with one another. An antenna external to the portable computer system is adapted to be operatively coupled with the cellular modem and physically positionable independently from the portable computer system. A communication interface adapted to establish a physical electronic communication link between the portable computer system and the IED. The portable computer system, the antenna and the communication interface being provided in a human portable kit.
    Type: Grant
    Filed: December 14, 2016
    Date of Patent: February 12, 2019
    Assignee: ABB Schweiz AG
    Inventors: Kenneth James Bryar, Ronald Albert Kupiec
  • Patent number: 10193689
    Abstract: A method begins by a processing module applying a share encoding function on data to produce a plurality of encoded shares and generating a plurality of random numbers. The method continues with the processing module obtaining a set of personalized authenticating values regarding user access to the data and generating a plurality of hidden passwords based on the set of personalized authenticating values. The method continues with the processing module generating an encryption key based on a corresponding one of the plurality of hidden passwords and a corresponding one of the plurality of random numbers and encrypting the encoded share utilizing the encryption key to produce an encrypted share for each encoded share of the plurality of encoded shares. The method continues with the processing module facilitating storage of the plurality of random numbers and each of the encrypted shares.
    Type: Grant
    Filed: August 4, 2011
    Date of Patent: January 29, 2019
    Assignee: International Business Machines Corporation
    Inventors: Jason K. Resch, Gary W. Grube, S. Christopher Gladwin, Thomas Franklin Shirley, Jr., Timothy W. Markison
  • Patent number: 10177913
    Abstract: A semiconductor device may include: a bus; first and second function modules configured to communicate via the bus; a first encryption module configured to encrypt first data output from the first function module using a first encryption key to generate first encrypted data; and/or a second encryption module configured to decrypt the first encrypted data using the first encryption key, to output the decrypted first data to the second function module, and to encrypt second data output from the second function module using a second encryption key to generate second encrypted data. A semiconductor device may include: a bus; first and second modules configured to communicate via the bus; and/or an encryption module configured to use different encryption policies for first data, which is output from the first module and stored in a memory, and second data, which is output from the second module and stored in the memory.
    Type: Grant
    Filed: May 15, 2015
    Date of Patent: January 8, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Heon Soo Lee, Yong Ki Lee, Sang Hyun Park, Mi Jung Noh, Hong Mook Choi, Dong Jin Park, Woo Hyung Chun
  • Patent number: 10171503
    Abstract: A method, non-transitory computer readable medium and device that assists with scaling infrastructure in a mobile application environment obtaining a number of mobile application installations of a mobile application on a plurality of mobile devices. A number of mobile application installations corresponds with a number of backend enterprise web applications online on one or more web applications servers is determined where the backend enterprise web applications are associated with the mobile application. The number of backend enterprise web applications online on the one or more web application servers is modified when the determining indicates the number of mobile application installations does not correspond with the number of backend enterprise web applications.
    Type: Grant
    Filed: July 15, 2015
    Date of Patent: January 1, 2019
    Assignee: F5 Networks, Inc.
    Inventors: Ravi Natarajan, Saxon Amdahl
  • Patent number: 10162964
    Abstract: Systems and methods for protecting memory pages of a computing device using a hypervisor comprise: in response to receiving a hypercall from a trusted program, detecting by the hypervisor a token associated with the trusted program; checking the token associated with the trusted program against a saved token of the hypervisor; in response to detecting that the token associated with the trusted program matches the saved token of the hypervisor, transmitting addresses of a plurality of memory pages from the hypervisor to the trusted program; and performing a checksums verification for data stored in the plurality of memory pages.
    Type: Grant
    Filed: November 23, 2016
    Date of Patent: December 25, 2018
    Assignee: AO KASPERSKY LAB
    Inventors: Nikolay N. Igotti, Mikhail A. Ershov
  • Patent number: 10158487
    Abstract: A server sends information to a client that allows the client to establish a first key at the client. The server then receives a session ID that has been encrypted using the first key. The first key is then established at the server, which can then decrypt the session ID using the first key. After the server validates the session ID, it determines a second key that is different from the first key. The server then receives the session ID encrypted with the second key, and decrypts the session ID encrypted with the second key.
    Type: Grant
    Filed: July 16, 2015
    Date of Patent: December 18, 2018
    Assignee: Cisco Technology, Inc.
    Inventors: James Anil Pramod Kotwal, Christopher Blayne Dreier, David Aaron Wyde, Kellen Mac Arb, David McGrew, Scott Fluhrer
  • Patent number: 10148423
    Abstract: A data security method including creating a token-including plaintext by including a predefined token into a plaintext, generating a cyphertext by encrypting the token-including plaintext using format-preserving encryption, generating a decrypted cyphertext by decrypting an input text, determining whether the decrypted cyphertext includes a first predefined token, if the decrypted cyphertext includes the first predefined token, recreating the plaintext by removing the first predefined token from the decrypted cyphertext, and if the decrypted cyphertext does not include the first predefined token, using the input text as the plaintext.
    Type: Grant
    Filed: July 20, 2015
    Date of Patent: December 4, 2018
    Assignee: International Business Machines Corporation
    Inventors: Ariel Farkash, Abigail Goldsteen, Micha Moffie
  • Patent number: 10146917
    Abstract: A computer-implemented method includes receiving, from a remote communication device and at a server system, information that indicates a unique identifier for a physical item that corresponds to media content, the identifier differing from identifiers for other physical items that correspond to the same content; associating the received information with an account of a first user of a hosted internet service; and subsequently providing, by the hosted internet service, content that matches the content that corresponds to the physical item, based on a determination that the received information authorizes the first user to obtain the content provided by the hosted internet service.
    Type: Grant
    Filed: November 14, 2017
    Date of Patent: December 4, 2018
    Assignee: Google LLC
    Inventors: Joe Freeman Britt, Jr., Richard Scott Bartlett, Eugene Koh, Matthew J. Hershenson
  • Patent number: 10127621
    Abstract: A server system for distributing information securely includes a network interface for receiving, over a network, an information object accompanied by metadata. A repository stores the information object. Metadata is mapped to electronic addresses of trusted recipients. A processor is configured to generate a link for accessing the information object in the repository, acquire an electronic address of a trusted recipient based on the metadata accompanying the information object, insert the link into an electronic message addressed to the electronic address of the trusted recipient, and send the electronic message with the link to the trusted recipient. The processor is further configured to receive, over a second network, a request for the information object sent from a user device in response to an activation of the link, retrieve the information object from the repository, and transmit the information object to a browser of the user device over the second network.
    Type: Grant
    Filed: January 11, 2017
    Date of Patent: November 13, 2018
    Assignee: AWARE, INC.
    Inventors: James Giulio Cialdea, Alexis Tzannes, Adrian Gropper
  • Patent number: 10110386
    Abstract: Methods, systems, and computer programs for using an implicit certificate are disclosed. In some aspects, a message and an implicit certificate are accessed. The implicit certificate is associated with an entity. A modified message is generated by combining the message with a value based on the implicit certificate. A digital signature can be generated based on the modified message and transmitted to a recipient. In some aspects, a digital signature from an entity and a message to be verified based on the digital signature are accessed. An implicit certificate associated with the entity is accessed. A modified message is generated by combining the message with a value based on the implicit certificate. The message is verified based on the digital signature and the modified message.
    Type: Grant
    Filed: May 4, 2012
    Date of Patent: October 23, 2018
    Assignee: Certicom Corp.
    Inventors: Gregory Marc Zaverucha, David William Kravitz, Daniel Richard L. Brown
  • Patent number: 10097541
    Abstract: A method of performing operations by a processor of a computer terminal, includes determining an operation system (OS) speed scaling gain used by the OS to transform mouse movement data, which is received from a mouse device via a device interface circuit, into mouse speed data that controls positioning of a mouse pointer relative to pixel locations on a display device. A computer terminal identifier is generated based on the OS speed scaling gain. A computer identification message containing the computer terminal identifier is communicated through a network interface circuit. Related computer terminals and computer authentication nodes are disclosed.
    Type: Grant
    Filed: May 4, 2016
    Date of Patent: October 9, 2018
    Assignee: CA, Inc.
    Inventors: Himanshu Ashiya, Atmaram Shetye
  • Patent number: 10079673
    Abstract: Systems, methods, software, and combinations thereof for evaluating entropy in a cryptography system are described. In some aspects, sample values are produced by an entropy source system. A typicality can be determined for each of the sample values. A grading is determined for preselected distributions based on the typicalities of the sample values. A subset of the preselected distributions are selected based on the gradings. An entropy of the entropy source system is calculated based on the subset of the plurality of distributions.
    Type: Grant
    Filed: June 27, 2014
    Date of Patent: September 18, 2018
    Assignee: Certicom Corp.
    Inventor: Daniel Richard L. Brown
  • Patent number: 10075555
    Abstract: Targeted content may be provided to a designated set of one or more interconnected resources. Programmatic operations are executed using resources that are private to the one or more interconnected devices. The operations, when executed, cause or result in (i) monitoring activities of one or more users of the designated set; (ii) developing profile information of the one or more users, where the profile information is based at least partially on information determined from monitoring activities of the one or more users; (iii) generating, from the profile information, a set of coded data that represent selection criteria; and (iv) communicating the set of coded data to a programmatic source external to the system, where the represented selection criteria enables programmatic selection of content resources from a content library for the system.
    Type: Grant
    Filed: March 8, 2016
    Date of Patent: September 11, 2018
    Assignee: QUALCOMM Incorporated
    Inventors: Luc Julia, James Behrens, Johan Le Nerriec