Patents Examined by Michael Pyzocha
  • Patent number: 11930040
    Abstract: Malicious attacks by certain devices against a radio access network (RAN) can be detected and mitigated, while allowing communication of priority messages. A security management component (SMC) can determine whether a malicious attack against the RAN is occurring based on a defined baseline that indicates whether a malicious attack is occurring. The defined baseline is determined based on respective characteristics associated with respective devices that are determined based on analysis of information relating to the devices. In response to determining there is a malicious attack, SMC determines whether to block connections of devices to the RAN based on respective priority levels associated with respective messages being communicated by the devices.
    Type: Grant
    Filed: January 23, 2023
    Date of Patent: March 12, 2024
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Deon Ogle, Yaron Koral, Cagatay Buyukkoc, Nicholas Arconati, Jitendra Patel, Bogdan Ungureanu
  • Patent number: 11921857
    Abstract: Various embodiments of the present invention relate to an electronic device for providing a service by using a secure element, and an operating method thereof. The electronic device comprises: a processor for acquiring secure state information of the electronic device; and a secure element operating under the control of the processor, receiving the secure state information of the electronic device from the processor, and including a repository for storing the received secure state information of the electronic device, wherein the secure element senses a security-related service request command, acquires the secure state information about the electronic device from the repository, and can process or ignore the sensed security-related service request command on the basis of whether the acquired secure state information of the electronic device satisfies a designated condition. Other embodiments are also possible.
    Type: Grant
    Filed: September 11, 2019
    Date of Patent: March 5, 2024
    Assignee: Samsung Electronics Co., Ltd
    Inventors: Taeckki Lee, Jongsu Kim, Eunyoung Kwon, Dasom Lee, Daehaeng Cho
  • Patent number: 11924185
    Abstract: A method for privacy control in release of protected information includes: storing, in a memory of a first computing system, a plurality of data pairs, each of the plurality of data pairs including at least a decryption key and a registration identifier; receiving, by a receiver of the first computing system, a data request, the data request including at least a user identifier of a user associated with the data being requested in the data request; receiving, by the receiver of the first computing system, a registration identifier of the data being requested in the data request; identifying, by a processor of the first computing system, a data pair based on the registration identifier; and transmitting, by a transmitter of the first computing device, a decryption key of the identified data pair to a second computing system.
    Type: Grant
    Filed: June 16, 2022
    Date of Patent: March 5, 2024
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Alonzo Benavides, Ian Major, Prem Chander Rajamohan, Thomas Hansen, Duygu Gün
  • Patent number: 11914712
    Abstract: A secure update is provided from a server to an end-point device. The server registers digital information, such as a name or a software package, and a verifiable key, such as a cryptographic hash, derived from the digital information. A publicly accessible transaction log stores the verifiable key in a block and provides an identifier of the block to the server. An end-point device receives the digital information and the identifier, and computes a separate verifiable key. The end-point device retrieves the verifiable key from the block of the publicly accessible transaction log, and compares the retrieved verifiable key to the separate verifiable key to determine whether the digital information has been compromised.
    Type: Grant
    Filed: July 28, 2022
    Date of Patent: February 27, 2024
    Inventors: Raouf Boutaba, Woojung Kim, Yuhao Dong
  • Patent number: 11917064
    Abstract: The disclosed technology teaches granular sharing of parts of an authorization token among individual microservices in a microservice chain, including packaging in an encrypted token base information used by the chain, overall, and respective individual portions of information for respective microservices in the chain. Also disclosed is receiving the token, with a service request message, at an entry point to the chain, decrypting the base information and verifying authorization for initiation of the service chain with an authorization service.
    Type: Grant
    Filed: December 3, 2021
    Date of Patent: February 27, 2024
    Assignee: ForgeRock, Inc.
    Inventor: Nicholas P. James
  • Patent number: 11895351
    Abstract: A multiple-identity secure device (MISD) persistently may store an identification code. The identification code may be stored in an integral memory of the device, or on an interchangeable card received in a physical interface of the MISD. The MISD may generate one or more unique identities (e.g., network addresses) from the stored identification code. The generated identities may be dynamically generated or may be securely stored in the MISD for subsequent retrieval. The generated identities may generate in accordance with an addressing scheme, a global/network setting, or as determined from a received data transmission.
    Type: Grant
    Filed: December 7, 2022
    Date of Patent: February 6, 2024
    Assignee: Comcast Cable Communications, LLC
    Inventor: Steven J. Reynolds
  • Patent number: 11895090
    Abstract: A method includes accessing a first intelligence feed including a plurality of cybersecurity incidents. A second intelligence feed is generated including a plurality of technical indicators defined on one or more virtual private network internet point of presence (“VPN internet PoP”) that connects a plurality of VPN tunnels to an internet. The first and second intelligence feeds are compared, a particular incident is determined, and a time frame of the particular incident is determined. Use of a particular VPN internet PoP by a plurality of sources including a plurality of clients is monitored to determine a plurality of time-based behaviors. The plurality of time-based behaviors are compared to the particular incident and to the time frame to determine a match. A particular source is blocked at the particular VPN internet PoP based on the determination of the match.
    Type: Grant
    Filed: October 22, 2021
    Date of Patent: February 6, 2024
    Assignee: Avast Software s.r.o.
    Inventor: Allan Thomson
  • Patent number: 11870809
    Abstract: Typically, clients request a service from a computer hosting multiple services by specifying a destination port number associated with the desired service. In embodiments, the functionality of such a host computer is enhanced by having it condition client access to services available at a particular port number based on client authentication and/or authorization. A host computer can change the service(s) available at a given port number on a client by client basis, enabling access to service(s) for trusted clients unavailable to untrusted clients. Preferably, client trust is based on client authentication via a certificate and a valid, signed transport layer security (TLS) handshake (or similar mechanism in other protocol contexts). In some embodiments, an authorization step can be added following authentication. The systems and methods disclosed herein find wide uses in bundling services on ports, as well as protecting access to services from untrusted and/or malicious clients, among others.
    Type: Grant
    Filed: February 26, 2020
    Date of Patent: January 9, 2024
    Assignee: Akamai Technologies, Inc.
    Inventor: Simon E. Vera-Schockner
  • Patent number: 11861018
    Abstract: A method and system of applying a security vulnerability assessment of a software program. The method comprises directing, from a security assessing server, to a software program under execution, a plurality of attack vectors, diagnosing a set of results associated with the software program under execution as comprising a security vulnerability, the set of results produced based at least in part on the plurality of attack vectors, and assessing a monetary premium of a risk insurance policy merited by an enterprise based at least in part on a level of control ceded to an attacker in accordance with the set of results.
    Type: Grant
    Filed: August 30, 2022
    Date of Patent: January 2, 2024
    Assignee: Ventech Solutions, Inc.
    Inventors: Matthew Canada, Jerry Allen Craig, II, Kathrine Dass, Raja Krishnamurthy, Dipanjan Nag, Eugene Noble, David Anthony Rigsby, Richard Nathan Toney, Stephen J. Veneruso
  • Patent number: 11856028
    Abstract: The described technology provides a capability to perform in-session updates to entitlements associated with a user's access to content served by a web application. The content may be from one or more external servers. The technology provides for automatically detecting changes to entitlements, and without requiring a user of an active session to initiate a new session, updating entitlement data in a memory such that subsequent requests for data made by the client in the same active session are serviced using the updated entitlements.
    Type: Grant
    Filed: April 8, 2021
    Date of Patent: December 26, 2023
    Assignee: NASDAQ, INC.
    Inventor: Vladimir Mitevski
  • Patent number: 11856026
    Abstract: The technology disclosed relates to reducing error in security enforcement by a network security system (abbreviated NSS). The NSS classifies incoming connection access requests as loss prevention inspectable or connection preserving by determining their conformance or non-conformance with semantic and content requirements of HTTP and HTTPs protocols. The NSS forwards the loss prevention inspectable connection access requests to a data inspection and loss prevention appliance (abbreviated DILPA) for deep inspection. The NSS directly sends the connection preserving connection access requests to the destination servers, preventing connection termination and error generation.
    Type: Grant
    Filed: October 26, 2020
    Date of Patent: December 26, 2023
    Assignee: Netskope, Inc.
    Inventors: Ravi Ithal, Krishna Narayanaswamy
  • Patent number: 11848955
    Abstract: Systems, methods, and related technologies for entity visibility are described. In certain aspects, information associated with a type of entity is accessed and a network is scanned for a plurality of entities. One or more entities are selected from plurality of entities based on the type of entity. Properties associated with the one or more selected entities are accessed. The information associated with the one or more selected entities and the one or more properties associated with the selected one or more entities are stored.
    Type: Grant
    Filed: August 30, 2021
    Date of Patent: December 19, 2023
    Assignee: FORESCOUT TECHNOLOGIES, INC.
    Inventors: Anderson Lam, Sharad Singh, Mihael Sudakovitch
  • Patent number: 11847231
    Abstract: A method for detecting an injection vulnerability of a client-side templating system includes receiving a web page, determining that the web page implements an interpreted programming language framework with client-side templating, and extracting a version of the interpreted programming language framework and an interpolation sign from the web page. The method also includes generating an attack payload for at least one injection vulnerability context of the web page based on the version of the interpreted programming language framework and the interpolation sign, instrumenting the web page to inject the attack payload into the at least one injection vulnerability context of the web page, and executing the instrumented web page.
    Type: Grant
    Filed: October 7, 2021
    Date of Patent: December 19, 2023
    Assignee: Google LLC
    Inventors: Sebastian Lekies, Nicolas Golubovic
  • Patent number: 11847248
    Abstract: A smart mirror system includes a screen configured to generate a display for viewing by a user, a mirror positioned in front of the screen, a near-field-communication (NFC) card reader located behind the mirror, a network interface for communicating with a remote health data server, memory configured to store computer-executable instructions, and at least one processor configured to execute the instructions. The instructions include selectively detecting, by the NFC card reader, an NFC chip of a member card placed in proximity to the NFC card reader. The instructions include, in response to detecting the NFC chip, obtaining member information from the detected NFC chip, and authenticating the user to the remote health data server, via the network interface, according, at least in part, to the obtained member information.
    Type: Grant
    Filed: December 16, 2020
    Date of Patent: December 19, 2023
    Assignee: Cigna Intellectual Property, Inc.
    Inventors: Moses Vaughan, Srijit Chandrashekhar Nair, Bill Pham, Harinath Kasina, Christopher M. Myers
  • Patent number: 11822704
    Abstract: A first arithmetic input share and a second arithmetic input share of an initial arithmetically-masked cryptographic value are received. A sequence of operations using the arithmetic input shares and a randomly generated number is performed, where a current operation in the sequence of operations generates a corresponding intermediate value that is used in a subsequent operation. At the end of the sequence of operations, a first Boolean output share and a second Boolean output share are generated. The arithmetic-to-Boolean mask conversion is independent of the input bit length.
    Type: Grant
    Filed: October 28, 2019
    Date of Patent: November 21, 2023
    Assignee: CRYPTOGRAPHY RESEARCH, INC.
    Inventors: Michael Hutter, Michael Tunstall
  • Patent number: 11803619
    Abstract: A verification computer system is provided that provides for content certification and verification using cryptography and a blockchain.
    Type: Grant
    Filed: November 18, 2021
    Date of Patent: October 31, 2023
    Assignee: NASDAQ, INC.
    Inventors: Akbar Ansari, Thomas Fay, Adnan Ali Lone
  • Patent number: 11803666
    Abstract: Described are various embodiments of a hardware security module, hardwired port interconnection matrix, and embedded communication channel resources operable on selected hardware port-specific data communicated via this matrix.
    Type: Grant
    Filed: April 21, 2022
    Date of Patent: October 31, 2023
    Assignee: Crypto4A Technologies Inc.
    Inventors: Bruno Couillard, Bradley Clare Ritchie, James Ross Goodman, Jean-Pierre Fiset
  • Patent number: 11797490
    Abstract: Disclosed are systems, apparatuses and techniques for replicating data between different cloud computing platforms. Examples include storage replicator components operable in different cloud computing platforms. The first storage replicator component may identify the second cloud computing platform as a location to copy a data file in response to an event related to the data file stored in a first cloud computing platform. The first storage replicator component may request a copy of the data file via an application programming interface of the first cloud computing platform. The attributes of the copy of the data file which involve modification to conform to data management conventions of the second cloud computing platform may be determined and modified to comply with conventions of the second cloud computing platform. The modified copy of the data file may be forwarded to the second cloud computing platform for storage.
    Type: Grant
    Filed: June 23, 2021
    Date of Patent: October 24, 2023
    Assignee: Capital One Services, LLC
    Inventors: Timothy Haggerty, Steven Long, Deepa Rao, Eric Henry, Yuting Zhou
  • Patent number: 11777961
    Abstract: The present disclosure relates to methods, systems, and computer program products for generating an asset remediation trend map used in remediating against an attack campaign. The method comprises receiving attack kill chain data. The attack kill chain data comprises steps for executing an attack campaign on one or more assets associated with a computing device. The method further comprises parsing the attack kill chain data to determine one or more attack execution operations for executing the attack campaign on the one or more assets associated with the computing device. The method determines based on the parsing, one or more remediation operations corresponding to the one or more attack execution operations. In addition, the method sequences the one or more remediation operations to form an asset remediation trend map. In one implementation, the asset remediation trend map indicates steps for remediating the attack campaign.
    Type: Grant
    Filed: May 23, 2022
    Date of Patent: October 3, 2023
    Assignee: QUALYS, INC.
    Inventors: Ankur S. Tyagi, Mayuresh Vishwas Dani
  • Patent number: 11768970
    Abstract: A secure computing device having a storage arrangement configured to store a secret. The secure computing device includes a first interface configured to control a display, and a second interface configured to receive an input signal having information which reproduces a prompt to display the secret. The secure computing device is designed to read the secret from the storage arrangement on the basis of the input signal, and to control the display via the first interface in such a way that a display of the secret is effected.
    Type: Grant
    Filed: November 25, 2019
    Date of Patent: September 26, 2023
    Assignee: Infineon Technologies AG
    Inventors: Andrea Hoeller, Walther Pachler