Patents Examined by Michael S McNally
  • Patent number: 11463256
    Abstract: The present disclosure relates to network security software cooperatively configured on plural nodes to authenticate and authorize devices, applications, users, and data protocol in network communications by exchanging nonpublic identification codes, application identifiers, and data type identifiers via pre-established communication pathways and comparing against pre-established values to provide authorized communication and prevent compromised nodes from spreading malware to other nodes.
    Type: Grant
    Filed: June 24, 2019
    Date of Patent: October 4, 2022
    Assignee: Stealthpath, Inc.
    Inventors: Mike Clark, Andrew Gordon, Matt Clark
  • Patent number: 11463458
    Abstract: A server includes a service processor hosted by a baseboard management controller (BMC) and independent of a CPU of the server. The service processor performs a set of monitoring tasks including performing a deep packet analysis on at least a subset of incoming packets. The deep packet analysis includes maintaining state information about the packets, examining the state information to identify an order in which the packets arrived, reassembling the packets into a new arrival sequence that is different from the order in which the packets arrived, matching the new arrival sequence to attack patterns stored in an attack pattern database, and upon the new arrival sequence matching an attack pattern, adding source Internet Protocol (IP) addresses associated with the packets to a blacklist.
    Type: Grant
    Filed: February 1, 2021
    Date of Patent: October 4, 2022
    Assignee: EMC IP Holding Company LLC
    Inventors: Mainak Roy, Chitrak Gupta
  • Patent number: 11457001
    Abstract: A system for encryption includes a message management module (MMM); a restricted secret server (RSS) including a restricted secret server network interface (RSS-NI) connected to the MMM and including at least one very large key (VLK) module. The system uses Terakey™ an encryption system whose intrinsic security can be demonstrated from first principles, without making assumptions about the computational difficulty of mathematical problems, such as factoring large integers or computing logarithms in finite groups. It employs a key that is much larger than the anticipated volume of message traffic. The large size of the key also reduces the risk of side channel attacks and facilitates realistic security measures to maintain a secure chain of custody for the key.
    Type: Grant
    Filed: December 17, 2020
    Date of Patent: September 27, 2022
    Inventor: Arnold G. Reinhold
  • Patent number: 11449628
    Abstract: Systems and methods are provided for data security grading. An exemplary method for data security grading, implementable by a computer, may comprise receiving a request to access a query data field, searching for the query data field from a security level table, in response to finding the query data field from the security level table, obtaining from the security level table a security level corresponding to the query data field, and in response to not finding the query data field from the security level table, determining a security level corresponding to the query data field based at least on a lineage tree and the security level table. The lineage tree may trace the query data field to one or more source data fields, and the security data level table may comprise one or more security levels corresponding to the one or more source data fields.
    Type: Grant
    Filed: January 6, 2021
    Date of Patent: September 20, 2022
    Assignee: Beijing DiDi Infinity Technology and Development Co., Ltd.
    Inventors: Dong Li, Huaiyu Zhu, Jing Chen
  • Patent number: 11451586
    Abstract: A network security attack misdirection line-replaceable unit for installation on an aircraft and connected to an onboard data network include a local network interface to the onboard data network. A local simulation server accepts incoming access requests accompanied by an access credential from an attacker client device, and is responsive thereto with either a simulated access denial response or a simulated access grant response. Delays between receipt of the access request and to the access denial response is progressively increased with each presentation of the access credential.
    Type: Grant
    Filed: August 29, 2018
    Date of Patent: September 20, 2022
    Assignee: PANASONIC AVIONICS CORPORATION
    Inventors: Philip Watson, Steven Bates
  • Patent number: 11451583
    Abstract: A system and method for bot detection utilizing storage variables are presented. The storage variables generated is used to analyze user behavior and distinguish human traffic from bot traffic. The system for detecting bot traffic using storage variables includes a client application, a computer network, a bot detector, a bot computer, a storage variable generator, and a server. The client device enables a user to access information through the client application. The storage variable generator is configured to generates a plurality of storage variables including counter storage variable. The bot detector analyses the presence of bots in incoming traffic.
    Type: Grant
    Filed: March 26, 2019
    Date of Patent: September 20, 2022
    Assignee: Radware Ltd.
    Inventors: Rakesh Thatha, Jyoti Kakatkar
  • Patent number: 11451530
    Abstract: Systems, methods, and apparatuses for implementing super community and community sidechains with consent management for distributed ledger technologies in a cloud based computing environment are described herein.
    Type: Grant
    Filed: January 25, 2021
    Date of Patent: September 20, 2022
    Assignee: salesforce.com, inc.
    Inventors: Prithvi Krishnan Padmanabhan, Sriram Gopalan, Venkata Sarath Maddali, Darpan Dhamija, Jyoti Raj
  • Patent number: 11443040
    Abstract: A method, computer program product, and a system where a secure interface control determines whether an instance of a secure guest image can execute based on metadata. The secure interface control (“SC”) obtains metadata linked to an image of a secure guest of an owner and managed by the hypervisor that includes control(s) that indicates whether the hypervisor is permitted to execute an instance of a secure guest generated with the image in the computing system based on system setting(s) in the computing system. The SC intercepts a command by the hypervisor to initiate the instance. The SC determines the presence or the absence of system setting(s) in the computing system. The SC determines if the hypervisor is permitted to execute the instance. If so, the SC enables initiation of the instance by the hypervisor. If not, the SC ignores the command.
    Type: Grant
    Filed: March 8, 2019
    Date of Patent: September 13, 2022
    Assignee: International Business Machines Corporation
    Inventors: Reinhard T. Buendgen, Jonathan D. Bradbury, Lisa Cranton Heller
  • Patent number: 11436873
    Abstract: A communication system includes a plurality of processors coupled with a network, each of the processors having a predefined encryption method for a communication with a server. Each of the processors configured to determine a primary processor of the processors based on at least one of a processability of the processor, network distance to the processor, or cipher strengths, when the processor is not determined as the primary processor, transfer unencrypted communication data through the network to the primary processor, and when the processor is determined as the primary processor, perform an encryption of unencrypted communication data received, and an encrypted communication with the server by the encryption method of the primary processor.
    Type: Grant
    Filed: December 7, 2020
    Date of Patent: September 6, 2022
    Assignee: TOYOTA JIDOSHA KABUSHIKI KAISHA
    Inventor: Masashi Nakagawa
  • Patent number: 11438159
    Abstract: Examples of the present disclosure describe systems and methods for monitoring the security privileges of a process. In aspects, when a process is created, the corresponding process security token and privilege information is detected and recorded. At subsequent “checkpoints,” the security token is evaluated to determine whether the security token has been replaced, or whether new or unexpected privileges have been granted to the created process. When a modification to the security token is determined, a warning or indication of the modification is generated and the process may be terminated to prevent the use of the modified security token.
    Type: Grant
    Filed: June 17, 2020
    Date of Patent: September 6, 2022
    Assignee: Webroot Inc.
    Inventors: Andrew Sandoval, Eric Klonowski
  • Patent number: 11436376
    Abstract: The present application provides example terminal chips. One example terminal chip includes a security element, an application processor, and an interface module configured to transfer information between the application processor and the security element. The terminal chip includes a first power interface configured to receive power outside the terminal chip. A first power input port of the security element is connected to the first power interface, and at least one of the application processor or the interface module is connected to the first power interface. In the example terminal chip, a power supply port of the security element is connected to a power supply port of the application processor or the interface module of the terminal chip.
    Type: Grant
    Filed: May 15, 2019
    Date of Patent: September 6, 2022
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Feifei Yin, Yu Liu, Jiayin Lu
  • Patent number: 11431696
    Abstract: Systems, methods, and apparatuses for implementing super community and community sidechains with consent management for distributed ledger technologies in a cloud based computing environment are described herein.
    Type: Grant
    Filed: June 30, 2020
    Date of Patent: August 30, 2022
    Assignee: salesforce.com, inc.
    Inventors: Prithvi Krishnan Padmanabhan, Sriram Gopalan, Venkata Sarath Maddali, Darpan Dhamija, Jyoti Raj
  • Patent number: 11431693
    Abstract: Systems, methods, and apparatuses for implementing super community and community sidechains with consent management for distributed ledger technologies in a cloud based computing environment are described herein.
    Type: Grant
    Filed: January 30, 2020
    Date of Patent: August 30, 2022
    Assignee: salesforce.com, inc.
    Inventor: Prithvi Krishnan Padmanabhan
  • Patent number: 11429728
    Abstract: A vulnerability evaluation apparatus includes an input unit configured to input a source code of a program to be evaluated, information indicating assets which are desired to be preserved and an attack accomplishment condition where the assets are not preserved, information indicating an attack determination position at which whether the condition where the assets are not preserved is satisfied can be determined, and input information for the program, an input position designating unit configured to designate an input position indicating a position at which the input information for the program is input, an attack determination position designating unit configured to designate the attack determination position, and an attack path analyzing unit configured to analyze a path from the attack determination position to the input position and specify an attack path where the attack accomplishment condition is satisfied.
    Type: Grant
    Filed: October 19, 2020
    Date of Patent: August 30, 2022
    Assignee: YAZAKI CORPORATION
    Inventors: Yosuke Maekawa, Shigeki Sano, Hiroaki Saji, Yoichi Komatsu, Yutaro Enomoto
  • Patent number: 11429802
    Abstract: Techniques are disclosed to obtain device posture of a third party managed device. In various embodiments, a unique identifier of the third party managed device is embedded in a registration communication sent from a third party managed device to an access node associated with a first party management entity. The registration communication is sent from the third party managed device to the access node. The access node is configured to store data associating the unique identifier with the third party managed device, and to use the unique identifier to obtain from the third party management entity device posture information for the third party managed device.
    Type: Grant
    Filed: September 12, 2019
    Date of Patent: August 30, 2022
    Assignee: MOBILEIRON, INC.
    Inventors: Suresh Kumar Batchu, Mohammad Aamir
  • Patent number: 11418434
    Abstract: Methods, computer readable mediums, and systems for securing network traffic data. The method of securing network traffic data may include obtaining a network traffic data unit, that includes: a payload; forwarding information, that includes: a first forwarding portion; and a second forwarding portion that indicates a network tunnel; encryption type information; and encryption location information; analyzing a first segment of the first forwarding portion to obtain a first forwarding location; modifying the network traffic data unit, based on the encryption type information and the encryption location information, to obtain a modified network traffic data unit; and transmitting the modified network traffic data unit to the first forwarding location.
    Type: Grant
    Filed: October 1, 2019
    Date of Patent: August 16, 2022
    Assignee: Arista Networks, Inc.
    Inventors: Dipankar Bhatt Acharya, Hugh W. Holbrook, François Labonté, Sambath Kumar Balasubramanian
  • Patent number: 11411993
    Abstract: Disclosed herein are methods, systems, and processes for dynamically deploying deception computing systems based on network environment lifecycle. Based on available lifecycle metadata associated with honeypots, a determination is made as to whether honeypot deployment criteria require maintaining a likelihood that a malicious attacker will target a given honeypot and/or preventing the malicious attacker from determining if a target is a protected host or the given honeypot. If a honeypot deployment criteria requires maintaining a likelihood that the malicious attacker will target the given honeypot, a ratio management operation is performed. In addition, if another honeypot deployment criteria requires preventing the malicious attacker from determining if the target is the protected host or the given honeypot, a host replacement operation is performed.
    Type: Grant
    Filed: March 17, 2021
    Date of Patent: August 9, 2022
    Assignee: Rapid7, Inc.
    Inventor: Thomas Eugene Sellers
  • Patent number: 11409848
    Abstract: Some embodiments are directed to a compiler device (400) arranged for obfuscation of a computer program. The compiler device performs a live variable analysis on the computer program representation, and modifies the computer program representation to encode a first variable using at least a second variable as an encoding parameter.
    Type: Grant
    Filed: July 5, 2019
    Date of Patent: August 9, 2022
    Assignee: Koninklijke Philips N.V.
    Inventors: Willem Charles Mallon, Alan Pestrin, Oscar Garcia-Morchon
  • Patent number: 11411747
    Abstract: A device can include a plurality of regions, each region including a plurality of nonvolatile memory cells; a permission store configured to store a set of permission values, including at least one permission value for each region in a nonvolatile fashion; and access control circuits configured to control access to each region according to the permission value for the region, including one or more of requiring authentication to access the region, encrypting data read from the region, and decrypting data for storage in the region. Related methods and systems are also disclosed.
    Type: Grant
    Filed: December 14, 2020
    Date of Patent: August 9, 2022
    Assignee: Infineon Technologies LLC
    Inventors: Hans Van Antwerpen, Clifford Zitlaw, Stephan Rosner, Yoav Yogev, Sandeep Krishnegowda, Steven Wilson
  • Patent number: 11403372
    Abstract: Systems, methods, and storage media for obfuscating a computer program by representing the control flow of the computer program as data that is not source code are disclosed. Exemplary implementations may: receive source code of a computer program; parse the source code; extract the control flow of the source code; represent at least a portion of the control flow as a control flow model using a mathematical modeling language; store the control flow model as control flow data that represents the control flow of the program and is not executable code; and remove the at least a portion of the control flow from the source code, to thereby obfuscate the control flow of the source code and render the source code more resistant to tampering.
    Type: Grant
    Filed: January 29, 2019
    Date of Patent: August 2, 2022
    Assignee: Irdeto Canada Corporation
    Inventors: Robert Durand, Andrew Hoyt