Patents Examined by Michael Chao
  • Patent number: 9043870
    Abstract: An automated system for signing up users invited to join a site based on their existing identity includes an invitation generator, an invite processor, a federated authentication module, a user information retrieval module, an account population and creation module, and a user interface module. The automated sign up module is responsive to an invite request. The automated sign up module sends an authorization request, receives the authorization response, verifies the response and retrieves user data. The automated sign up module uses the retrieved data to populate a sign up form and initialize an account. The automated sign up module sends new account information to a user for confirmation. Once confirmation has been received, the automated sign up module creates the new account and allows the user to access the system. The present disclosure includes a method for signing up users invited to join a site based on their existing identity.
    Type: Grant
    Filed: October 11, 2012
    Date of Patent: May 26, 2015
    Assignee: Google Inc.
    Inventors: Tzvi Itzhak Barenholz, Ilan Caron, Gregory Dardyk, Ari Leichtberg, Mor Miller, David Oren, Eric Sachs, Yaniv Shuba
  • Patent number: 9043893
    Abstract: Systems and methods for web application firewall tunneling are disclosed. In one embodiment, the method may include (1) receiving a plurality of characters entered by a user into a field of a HTML page that is executed in a client runtime environment of a client device; (2) executing a client tunneling application to encode at least some of the characters; (3) passing the plurality of characters through the web application firewall; (4) executing a server tunneling application to decode the encoded characters; and (5) providing the plurality of characters, including the decoded characters, to a host application. Parts of the method may be performed by at least one computer processor.
    Type: Grant
    Filed: June 21, 2012
    Date of Patent: May 26, 2015
    Assignee: JPMorgan Chase Bank, N.A.
    Inventors: Glenn Stuart Benson, Christiaan Paul Akre, Russell M. Logar
  • Patent number: 9043944
    Abstract: According to one aspect of the present invention, a system and methodology is provided which controls whether or not content is permitted to be transmitted from a source device depending upon the nature of the content and/or other factors more fully described herein. Source devices may include devices such as mobile phones, tablets, netbooks, laptops, desktop computers, and any other devices which are capable of transmitting content which is resident on such device. As an example, inappropriate photographs may be identified by the system of the present invention, and when a user attempts to transmit one or more of these photographs, the system will prevent the user from doing so.
    Type: Grant
    Filed: January 21, 2013
    Date of Patent: May 26, 2015
    Inventor: Jeffrey Ronaldi
  • Patent number: 9038126
    Abstract: A method for controlling and switching terminals includes a writing step and a logoff step. In the writing step, when there is a connection request from a given terminal, a processor of a switching device writes, into a memory, user identification information, a password, identification information of a communication system, and an IP address and port number so that their information and data are associated with one another. In the logoff step, if the same user identification information, password, and identification information of communication system as the above are already written in the memory, the processor logs off the other terminal that has the IP address and port number that are already so written in the storage unit as to be associated with the user identification information, the password, and the identification information of communication system.
    Type: Grant
    Filed: January 29, 2010
    Date of Patent: May 19, 2015
    Assignee: NEC Platforms, Ltd.
    Inventor: Yasuomi Ooki
  • Patent number: 9032218
    Abstract: Encryption key rotation is performed in computing environments having mirrored volumes by initializing a target storage media with a new key, performing a mirror revive operation from a first storage media to the target storage media, and configuring the first storage media and the target storage media to comprise a mirrored volume.
    Type: Grant
    Filed: January 29, 2010
    Date of Patent: May 12, 2015
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Geoffrey Ignatius Iswandhi, Mihai Damian, Vijaykumar Immanuel
  • Patent number: 9031231
    Abstract: A method of authenticating a device and a user comprises obtaining a device ID for the device, performing a biometric measurement of the user, obtaining helper data for the user, and generating a key from the biometric measurement and helper data. There is then generated a message comprising the key or a component derived from the key, which transmitted to a remote service, and at the service there is carried out the step of authenticating the device and the user with the message. In a preferred embodiment, the generating of the key further comprises generating the key from the device ID.
    Type: Grant
    Filed: April 2, 2010
    Date of Patent: May 12, 2015
    Assignee: Koninklijke Philips N.V.
    Inventors: Muhammad Asim, Jorge Guajardo Merchan, Milan Petkovic
  • Patent number: 9027125
    Abstract: Instrumented networks and platforms having target subjects (devices, transactions, services, users, organizations) are disclosed. A security orchestration service generates runtime operational integrity profiles representing and identifying a level of threat or contextual trustworthiness, at near real time, of subjects and applications on the instrumented target platform. Methods and systems are disclosed for network flow and device/platform remediation in response to reconnaissance-based intelligence correlation based on network monitoring, to accomplish network flow remediation and device/platform remediation. In an embodiment, a system receives system warnings and endpoint threat intelligence. The system correlates risk based on inputs from sensory inputs that monitor network activity, system configuration, resource utilization, and device integrity.
    Type: Grant
    Filed: July 27, 2012
    Date of Patent: May 5, 2015
    Assignee: Taasera, Inc.
    Inventors: Srinivas Kumar, Dennis Pollutro
  • Patent number: 9015308
    Abstract: The independencies of a plurality of layers executing dividingly a transaction can be easily enhanced. Anode (30) assigns to a transaction to anode (30) of a lower layer through a distributed transaction management section. The node (30) shares a predetermined transaction with the node (30) of the lower layer along with other nodes (30). The node (30) shared by the nodes (30) is a read-only node or a node to which data can be written by the characteristic of a function. Thus the node (30) searches for an unused node (30) in lower layers through the distributed transaction management section (34) when the node starts a new transaction. First, second, and third node hosts (3,4,5) check if each node (30) is used for which transaction or if each node (30) is used or not and store the results.
    Type: Grant
    Filed: January 17, 2007
    Date of Patent: April 21, 2015
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Qingjie Du, Shinya Nakagawa
  • Patent number: 9015479
    Abstract: In one embodiment, a host device creates a super-distribution token by encrypting a content encryption key with a super-distribution key and stores the super-distribution token and encrypted content retrieved from a source storage device in a target storage device. In another embodiment, a host device provides a super-distribution token to a server, wherein the server is configured to generate an activation token from the super-distribution token, receive the activation token from the server, retrieve a content encryption key from the activation token, and decrypt encrypted content received from a storage device using the content encryption key retrieved from the activation token.
    Type: Grant
    Filed: December 16, 2011
    Date of Patent: April 21, 2015
    Assignee: SanDisk Technologies Inc.
    Inventors: Fabrice E. Jogand-Coulomb, Henry R. Hutton, Jason T. Lin, Joseph E. Halpern, Rotem Sela
  • Patent number: 9015828
    Abstract: A management system includes a plurality of components within a computer system. A plurality of component resource managers is provided, and each of the components is controlled by at least one of the plurality of component resource managers. A plurality of component management interfaces is also provided. Each of the components communicates with at least one of the controlling component resource managers via one of the component management interfaces. At least one runtime manager autonomously controls operation of the components and the component resource managers.
    Type: Grant
    Filed: June 11, 2007
    Date of Patent: April 21, 2015
    Assignee: Board of Regents, a Body Corporate of the State of Arizona, Acting for and on Behalf of The University of Arizona
    Inventor: Salim Hariri
  • Patent number: 9009488
    Abstract: A security interface system creates plausible deniability, and consists of a security interface device having a port for a releasable connection to a PC and to a memory key containing an encrypted operating system, the interface device containing logic to decrypt the memory key and a plaintext bootloader, and a further port for a memory card containing a key. The key is entirely encrypted and appears as random data when inspected. The interface device may have a port(s) for a keyboard and mouse. An encryption and decryption method is described, for decrypting a ciphertext into one of two plaintexts by choice of a key, the choice of which plaintext depending on whether the secret is to be revealed or remain confidential.
    Type: Grant
    Filed: June 21, 2012
    Date of Patent: April 14, 2015
    Inventors: Dong Liang She, Daniel Charles Shapiro, Jonathan Marc Parri
  • Patent number: 9009841
    Abstract: A system for detecting file upload vulnerabilities in web applications is provided. The system may include a black-box tester configured to upload, via a file upload interface exposed by a web application, a file together with a signature associated with the file. An execution monitor may be configured to receive information provided by instrumentation instructions within the web application during the execution of the web application. The execution monitor may be configured to recognize the signature of the uploaded file as indicating that the uploaded file was uploaded by the black-box tester. The execution monitor may also be configured to use any of the information to make at least one predefined determination assessing the vulnerability of the web application to a file upload exploit.
    Type: Grant
    Filed: March 30, 2012
    Date of Patent: April 14, 2015
    Assignee: International Business Machines Corporation
    Inventors: Yair Amit, Roee Hay, Roi Saltzman
  • Patent number: 9003542
    Abstract: A computer-implemented method for replacing sensitive information stored within non-secure environments with secure references to the same may include (1) identifying sensitive information stored within a non-secure environment on a computing device, (2) removing the sensitive information from the non-secure environment, (3) storing the sensitive information within a secure environment, (4) replacing the sensitive information originally stored within the non-secure environment with a reference that identifies the sensitive information stored within the secure environment, (5) identifying a request to access at least a portion of the sensitive information identified in the reference, (6) determining that at least a portion of the request satisfies a data-loss-prevention policy, and then (7) providing access to at least a portion of the sensitive information via the secure environment. Various other systems, methods, and computer-readable media are also disclosed.
    Type: Grant
    Filed: December 13, 2010
    Date of Patent: April 7, 2015
    Assignee: Symantec Corporation
    Inventors: Paul F. MacKay, Randall R. Cook, Bill G. Bodine
  • Patent number: 8995665
    Abstract: A role based security infrastructure for data encryption that does not require a key management system is provided. For each defined role, a unique key pair is generated. To encrypt a data set, a random encryption key is generated on the fly, and used to encrypt the data. To allow a role access to an encrypted data set, the corresponding encryption key is encrypted with the public key of that role, and stored in association with the encrypted data set. To access an encrypted data set, a private key associated with a role allowed access is used to decrypt the copy of the associated encryption key, which has been encrypted using the corresponding public key and stored in association with the data set. The decrypted encryption key is then used to decrypt the encrypted data set.
    Type: Grant
    Filed: August 20, 2008
    Date of Patent: March 31, 2015
    Assignee: Symantec Corporation
    Inventors: Ynn-Pyng “Anker” Tsaur, William Troy Cochran
  • Patent number: 8990574
    Abstract: Disclosed is a system and method by which a multimedia source device communicates with a display device, allowing the multimedia devices to securely confirm the identity of the devices and confirm their trustworthiness through a trust authority.
    Type: Grant
    Filed: October 6, 2011
    Date of Patent: March 24, 2015
    Assignee: Prima Cinema, Inc.
    Inventor: Shaiwal Priyadarshi
  • Patent number: 8990934
    Abstract: Protection of a computer system against exploits. A computer system has a memory access control arrangement in which at least write and execute privileges are enforced for allocated portions of memory. An association of the process thread and the first portion of memory is recorded. A limited access regime in which one of the write and execute privileges is disabled, is established, and is monitored for any exceptions occurring due to attempted writing or execution in violation thereof. In response to the exception being determined as a write exception, the associated process thread is looked up, and analyzed for a presence of malicious code. In response to the exception type being determined as an execute exception, the first portion of memory is analyzed for a presence of malicious code. In response to detection of a presence of malicious code, execution of the malicious code is prevented.
    Type: Grant
    Filed: October 10, 2012
    Date of Patent: March 24, 2015
    Assignee: Kaspersky Lab ZAO
    Inventor: Mikhail A. Pavlyushchik
  • Patent number: 8977842
    Abstract: A secure component communication management system provides secure, trusted communication between components in a hypervisor based virtual computing environment. A hypervisor security extension generates a container level private key/public key pair. The hypervisor security extension container injects the container level public key into one or more VM(s) that are to securely receive trustworthy data. The hypervisor security extension container encrypts data to transmit to VMs with the container level private key, and injects the encrypted data into one or more target VM(s), such that the injected data is trusted by the VM(s). The one or more VM(s) receive the container level public key and data encrypted with the container level private key, injected by the hypervisor security extension container. These VM(s) use the public key to decrypt injected data encrypted with the private key, such that the decrypted data is trusted.
    Type: Grant
    Filed: February 5, 2010
    Date of Patent: March 10, 2015
    Assignee: Symantec Corporation
    Inventors: Bruce McCorkendale, William E. Sobel
  • Patent number: 8972505
    Abstract: Techniques for synchronizing personal contact information with or from different sources are disclosed. Through a website (i.e., a server or system), all fractional personal contact information is consolidated, synchronized, processed or updated. In return, any of the resources may be synchronized to get a copy of the latest version of the contact information. When contacts in a list by a registered user are also registered with the server, any of the contacts may update their respective contact information that can be timely reflected in the list. As a result, the registered user always has a latest version of the contact information for some or all of his/her contacts without even knowing some has already been changed or updated. Based on the contact information, other features including proof delivery of emails, recycling of deleted contacts, a “black” list, contact relationship levels and anonymous email, short messaging and calls are provided.
    Type: Grant
    Filed: October 7, 2008
    Date of Patent: March 3, 2015
    Inventors: Joe Zheng, Lei Zhang, Yan Yan, Yuanxi Zhu, Lijun Ma, Yong Wang, Xiuna Qu
  • Patent number: 8972745
    Abstract: A computer system includes a first storage area accessible by an operating system and a second storage area accessible by authorized functions only. According to some embodiments of the invention at least one protected storage area is implemented into the second storage area, wherein the operating system installs at least one secret key and/or at least one customized processing function into regions of the at least one protected storage area, wherein the operating system transfers data and/or parameters to process into regions of the at least one protected storage area, wherein the operating system selects one of the customized processing functions to execute, wherein the selected customized processing function is executed and accesses storage regions of the at least one protected storage area to process the data and/or parameters, and wherein resulting process data is read from the at least one protected storage area.
    Type: Grant
    Filed: December 14, 2010
    Date of Patent: March 3, 2015
    Assignee: International Business Machines Corporation
    Inventors: Michael J. Jordan, Angel Nunez Mencias, Joerg Schmidbauer, Klaus Werner
  • Patent number: 8973095
    Abstract: In an embodiment, the present invention includes a method for receiving a request for user authentication of a system, displaying an authentication image on a display of the system using a set of random coordinates, receiving a plurality of gesture input values from the user, and determining whether to authenticate the user based at least in part on the plurality of gesture input values. Other embodiments are described and claimed.
    Type: Grant
    Filed: June 25, 2012
    Date of Patent: March 3, 2015
    Assignee: Intel Corporation
    Inventor: Ned M. Smith