Patents Examined by Michael D Anderson
-
Patent number: 10089500Abstract: A processor of an aspect includes a decode unit to decode a modular exponentiation with obfuscated input information instruction. The modular exponentiation with obfuscated input information instruction is to indicate a plurality of source operands that are to store input information for a modular exponentiation operation. At least some of the input information that is to be stored in the plurality of source operands is to be obfuscated. An execution unit is coupled with the decode unit. The execution unit, in response to the modular exponentiation with obfuscated input information instruction, is to store a modular exponentiation result in a destination storage location that is to be indicated by the modular exponentiation with obfuscated input information instruction. Other processors, methods, systems, and instructions are disclosed.Type: GrantFiled: September 25, 2015Date of Patent: October 2, 2018Assignee: Intel CorporationInventors: Vinodh Gopal, Gilbert M. Wolrich
-
Patent number: 10089450Abstract: A user authentication method and a terminal. The method includes determining first-type authentication information and second-type authentication information that are of a terminal, wherein the first-type authentication information includes specific attribute information that is in specific attribute information of an interaction object corresponding to a specific interaction behavior of the terminal and whose occurrence frequency within a preset time falls in a preset range, and wherein the second-type authentication information is used to interfere with selection, by the user of the terminal, of the first-type authentication information; presenting an authentication challenge set to the user of the terminal; receiving an identification result; and determining an authentication result. According to the user authentication method, authentication information is dynamically generated using information about an interaction object to perform authentication on a user.Type: GrantFiled: October 16, 2015Date of Patent: October 2, 2018Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventor: Zhengde Zhai
-
Patent number: 10083056Abstract: Systems and method for providing for suspension and transfer of remote access sessions. In accordance with the methods, a request to suspend a session may be received at a server tier. The server tier prepares a URL that may be used at a later time by a client to resume the session. The URL is communicated to a client tier from which the request was received and, thereafter, a connection between the client tier and the server tier is closed. At a subsequent time, a request may be received to resume the session at the URL. After receipt of the request to resume the session, a connection with the requesting client tier is established by the server tier, and the session is resumed.Type: GrantFiled: February 26, 2016Date of Patent: September 25, 2018Assignee: Calgary Scientific Inc.Inventors: Monroe M. Thomas, David Christopher Claydon
-
Patent number: 10078758Abstract: This disclosure describes methods and systems for a biometric identity management system capable of being deployed incrementally one organization at a time, and also reversibly, such that any organization can unsubscribe at any time. A biometric processing engine can perform biometric matching between records from a first database and a second database, whereby the databases have been established independently of each other. Each record comprises a biometric record and a corresponding identifier unique across databases. If a biometric record of a first record and a biometric record of a second record are from a same individual, the first record comprising a first unique identifier and the second record comprising a second unique identifier are linked. Using the first or second unique identifiers, access to information about the individual linked to both the first record in the first database and the second record in the second database is provided.Type: GrantFiled: August 18, 2017Date of Patent: September 18, 2018Inventor: Keith J. Hanna
-
Patent number: 10069625Abstract: Embodiments generally relate to data security in a computing system. The present technology discloses techniques that can enable an automatic generation of encryption keys using a service controller in communication with a key management server. By enabling an automatic mechanism for encryption key generation, the present technology can achieve data encryption efficiency for a large number of servers.Type: GrantFiled: September 22, 2015Date of Patent: September 4, 2018Assignee: QUANTA COMPUTER INC.Inventor: Lien-Hsun Chen
-
Patent number: 10061934Abstract: Embodiments disclosed herein provide systems, methods, and computer-readable media for accessing a wearable computing system using randomized input origins for user login. In a particular embodiment, a method provides presenting a user with a first origin on which user login information is based, wherein the first origin is randomly selected from a plurality of possible origins. The method further provides, receiving first motion information from the user indicating a first position relative to the first origin that corresponds to a first element of the user login information. Upon receiving the user login information, the method provides determining whether the user login information authorizes the user to access the wearable computing system.Type: GrantFiled: October 12, 2015Date of Patent: August 28, 2018Assignee: Avaya, Inc.Inventors: Anjur Sundaresan Krishnakumar, Shalini Yajnik
-
Patent number: 10057252Abstract: A system and method provides security features for inter-computer communications. After a user has proved an association with one of several firms, a user identifier of the user that cannot be used to log the user in to a data consolidating system is received by a matching system from the data consolidating system. The validity of the user and the firm is checked at the matching system and, in response to the checking, the user identifier is converted to a different user identifier and the different user identifier is provided to a data providing system by the matching system. The data providing system provides the data of the user in response, and the matching system forwards the data to the data consolidating system.Type: GrantFiled: May 1, 2017Date of Patent: August 21, 2018Assignee: Charles Schwab & Co., Inc.Inventor: William Page
-
Patent number: 10050777Abstract: One embodiment relates to a method of updating, by an electronic device of a first user of a tree of data files and/or folders of the first user stored in a storage server configured to implement a re-encryption mechanism, this tree comprising at least one target folder that the first user has authorized a second user to access by providing the storage server with a re-encryption key for this target folder from the first user to the second user.Type: GrantFiled: November 12, 2014Date of Patent: August 14, 2018Assignee: ORANGEInventors: Sébastien Canard, Julien Devigne
-
Patent number: 10027627Abstract: A network security device (NSD) is connected between a network and an endpoint device configured to host a client application. The client application communicates with the network through the network security device using a request-response protocol. The NSD receives from the client application a request destined for the network and that seeks a response from the network. The request has a context header including context information about the client application. The NSD determines whether the client application or a file accessed thereby has a suspicious nature based on the context information. If it is determined that the client application or the file accessed thereby has a suspicious nature, the NSD blocks the request from the network, and sends to the client application a response indicating the block.Type: GrantFiled: October 7, 2015Date of Patent: July 17, 2018Assignee: Cisco Technology, Inc.Inventors: Vincent E. Parla, Hari Shankar, Constantinos Kleopa, Venkatesh N. Gautam, Gerald N. A. Selvam
-
Patent number: 10020942Abstract: In some implementations, tokens that are representative of sensitive data may be used in place of the sensitive data to maintain the security of the sensitive data. For example, data may be separated into sensitive data and nonsensitive data, and at least the sensitive data is securely delivered to a data storage service. The data storage service generates a token that is representative of the sensitive data and stores the sensitive data as secure data. The data storage service may deliver the token to an entity that also receives the nonsensitive data, and the entity may use the token in place of the sensitive data. In some implementations, different tokens are generated each time the same piece of sensitive data is submitted for storage as secure data. Further, in some implementations, An expiration time may be assigned to sensitive data, and expired data and associated tokens may be deleted.Type: GrantFiled: August 3, 2017Date of Patent: July 10, 2018Assignee: Amazon Technologies, Inc.Inventors: Jonathan Kozolchyk, Darren E. Canavor, Jeffrey J. Fielding, Vaibhav Mallya, Darin Keith McAdams
-
Patent number: 9998460Abstract: A technique redirects a Diameter client command from a first server that has become unavailable to a second server consistent with a Diameter protocol. A method includes identifying a first authentication server as unavailable based on a redirect indication received from a second authentication server via a routing agent in response to a request for authentication of a user to the first authentication server. The method includes authenticating the user by the second authentication server in response to a subsequent request for authentication of the user to the second authentication server. The subsequent request for authentication includes an indication of a failure of the first authentication server. The method may include establishing a first service session in response to authenticating the user by the first authentication server and maintaining the first service session using the IP address of the first service session while the second authentication server authenticates the user.Type: GrantFiled: June 29, 2015Date of Patent: June 12, 2018Assignee: AT&T Intellectual Property I, L.P.Inventors: Bhuvan Modi, Amjad Sandouka, Arun K. Chatterjee
-
Patent number: 9992214Abstract: Techniques for generating malware signatures based on developer fingerprints in debug information are disclosed. In some embodiments, a system, process, and/or computer program product for generating malware signatures based on developer fingerprints in debug information includes receiving a sample, in which the sample includes a binary executable file; matching one or more paths in content of the binary executable file based on a plurality of patterns; extracting meta information from the one or more matched paths; and automatically generating a signature based on the extracted meta information.Type: GrantFiled: March 28, 2016Date of Patent: June 5, 2018Assignee: Palo Alto Networks, Inc.Inventor: Zihang Xiao
-
Patent number: 9984230Abstract: Particular embodiments described herein provide for an electronic device that can be configured to execute an application in a system with an operating system, perform event tracing for the application, analyze each instruction pointer from the event tracing, and determine if an instruction pointer points to an orphan page of memory. The orphan page can be a region of code that is not associated with the application, a region of code that is unidentified, or unusual code that is not associated with the application. In addition, the event tracing can be an embedded application that is part of the operating system.Type: GrantFiled: June 26, 2015Date of Patent: May 29, 2018Assignee: McAfee, LLCInventors: Volodymyr Pikhur, Rachit Mathur
-
Patent number: 9980161Abstract: A wireless security system is provided. The system includes a first wireless device, a second wireless device, an uninstalled wireless device, and an access controller. The first wireless device is disposed within a first security zone having first security provisions within a network configuration. The second wireless device is disposed within a second security zone having second security provisions within the network configuration. The second security provisions are greater than the first security provisions. The access controller communicates with the uninstalled wireless device, and determines a proximity of the uninstalled wireless device relative to the first and second wireless devices, and configures third security provisions for the uninstalled device corresponding to the proximity.Type: GrantFiled: December 30, 2015Date of Patent: May 22, 2018Assignee: ENERNOC, INC.Inventor: Randy C. Willig
-
Patent number: 9967281Abstract: A system and approach having security assurance for a controller relative to outside connections such as internet. The controller may have locked and exposed modes. A locked mode may mean that the system is correctly configured in that security related settings meet minimum standards. For example, the controller is protected through sufficiently strong user accounts and passwords whether entered or by default. Also, there may be an entity, such as person or organization that has responsibility for securing the controller against undesired intrusions. In the exposed mode, where the system may be incorrectly configured, the controller may shut down some or all of the functionality that has relevance to remote access. In the exposed mode, a built-in web server may show one or more screens that allow one to access the controller. There may be security indicators, such as lights that indicate whether the controller is exposed or locked.Type: GrantFiled: July 10, 2014Date of Patent: May 8, 2018Assignee: Honeywell International Inc.Inventors: Philipp A. Roosli, Daniel Heine
-
Patent number: 9967098Abstract: Embodiments of a system for, and method for using, an elliptic curve cryptography integrated circuit are generally described herein. An elliptic curve cryptography (ECC) operation request may be received. One of a plurality of circuit portions may be instructed to perform the ECC operation. The plurality of circuit portions that may be used include a finite field arithmetic circuit portion, an EC point addition and doubler circuit portion, a finite field exponentiation circuit portion, and a point multiplier circuit portion. The result of the ECC operation may then be output.Type: GrantFiled: December 23, 2015Date of Patent: May 8, 2018Assignee: Intel CorporationInventors: Santosh Ghosh, Manoj R Sastry
-
Patent number: 9961064Abstract: Ad hoc communications are established between unknown contacts. For example, in today's mobile communications environment, there are many instances in which a user of smart phone may wish to send a message to an unknown user's smartphone. An ad hoc communication thus allows messaging with an unknown user.Type: GrantFiled: January 25, 2016Date of Patent: May 1, 2018Assignees: AT&T INTELLECTUAL PROPERTY I, L.P., AT&T MOBILITY II LLCInventors: Ginger Chien, Yehoshuva Arasavelli
-
Patent number: 9948611Abstract: Some embodiments provide a novel method for monitoring network requests from a machine. The method captures the network request at various layers of a protocol stack. At a first layer of a protocol stack, the method tags a packet related to the network request with a tag value, maps the tag value to a set of tuples associated with the packet, and sends a first set of data related to the packet to a security engine. At a second layer of the protocol stack, the method determines whether the packet has been modified through the protocol stack, and sends an updated second set of data to the security engine when the packet has been modified.Type: GrantFiled: February 5, 2016Date of Patent: April 17, 2018Assignee: NICIRA, INC.Inventors: Vasantha Kumar, Amit Vasant Patil
-
Patent number: 9939074Abstract: Secured debug of an integrated circuit having a test operation mode and a secure mission operation mode. The integrated circuit has a processing unit, a test interface through which the test operation mode is controllable, an on-chip memory which is accessible in the test operation mode and in the secure mission operation mode, and one or more protected resources inaccessible in the test operation mode. The processing unit is configured, in the test operation mode, to receive an authenticated object through the test interface, and store the received authenticated object in the on-chip memory. The processing unit is moreover configured, upon reset into the secure mission operation mode, to execute a boot procedure to determine that the authenticated object is available in the on-chip memory, authenticate the authenticated object, and—upon successful authentication—render the more protected resources accessible to a debug host external to the integrated circuit.Type: GrantFiled: August 6, 2014Date of Patent: April 10, 2018Assignee: Telefonaktiebolaget LM Ericsson (Publ)Inventor: Peter Svensson
-
Patent number: 9923907Abstract: Methods, computing systems and computer program products implement embodiments of the present invention that include associating a token with a computing device, defining preferences for the computing device, and conveying, by the computing device, the token and the preferences to an event processing system. Upon the event processing system, an event message from a computing system via a one-way firewall and matching the computing device preferences to the event message, the event processing system can convey the token and the event message to a push notification system. In some embodiments, upon the push notification service receiving the token and the event message, the mobile device can be identified based on the token, and the event message can be conveyed to the computing device. The event messages may include a severity level, and the preferences may include a severity threshold and a message detail level.Type: GrantFiled: July 8, 2014Date of Patent: March 20, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Amit Bareket, Michael Keller, Daniel Lereya, Avraham Sabzerou, Moshe Weiss