Patents Examined by Mohammad A. Siddiqi
  • Patent number: 10650125
    Abstract: An electronic apparatus operated based on an OS is provided. The electronic apparatus includes a storage to store the OS, a virtual device program capable of generating a virtual device executed based on the OS, and at least one program; and at least one processor to execute the virtual device program to generate the virtual device, and to execute the OS to determine whether a first program having an administration authority assigned by the OS from among the at least one program has access authority to data about the virtual device in response to an attempt to access the data from the first program and to selectively permit the access to the data based on the determined access authority. With this, the electronic apparatus may restrain the access to the virtual device or the data thereabout according to a presence of the access authority, thereby safely protecting the virtual device or the data.
    Type: Grant
    Filed: March 1, 2017
    Date of Patent: May 12, 2020
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Dong-hwa Jeong, Sung-kyu Lee, Hyun-cheol Park, Chang-woo Lee
  • Patent number: 10642452
    Abstract: In various embodiments, authentication stations are distributed within a facility, particularly in spaces where mobile devices are predominantly used—e.g., a hospital's emergency department. Each such station includes a series of authentication devices. Mobile device may run applications for locating the nearest such station and, in some embodiments, pair wirelessly with the station so that authentication thereon will accord a user access to the desired resource via a mobile device.
    Type: Grant
    Filed: August 22, 2018
    Date of Patent: May 5, 2020
    Assignee: IMPRIVATA, INC.
    Inventor: Meinhard Dieter Ullrich
  • Patent number: 10616191
    Abstract: Information is removed from data transmitted over networks and stored in data storage facilities by generating non-informational data as an output from a series of nodes (routers, computing devices or logical routing applications) by using a function that applies random data to the data received at each node. The function may be an XOR and the random data may be a pseudorandom string of the same length as the informational data. The non-informational data may be managed normally without concern for security. When the informational data is needed it can be re-generated using the non-informational data and a cascade of the random data from the series of nodes as inputs to an inverse function (XOR is its own inverse). The random data may be generated from a smaller random seed.
    Type: Grant
    Filed: April 5, 2017
    Date of Patent: April 7, 2020
    Assignee: TFOR LLC
    Inventor: David von Vistauxx
  • Patent number: 10592643
    Abstract: A wireless device enterprise management system and a method for operating the management system in a controlled environment is disclosed. The enterprise management system includes implementing a container-based file system on wireless devices within the controlled environment. Enterprise management system manages and controls the organization of files into one or more containers on each wireless device. Each container is associated with one or more execution rules that allow or restrict execution of files that are located in the container.
    Type: Grant
    Filed: February 12, 2019
    Date of Patent: March 17, 2020
    Assignee: Global Tel*Link Corporation
    Inventor: Stephen L. Hodge
  • Patent number: 10579790
    Abstract: Pairing data associated with a second device may be received at a first device. The pairing data may be received from a server. A first authentication proof may be generated based on the pairing data received from the server. A second authentication proof may be received from the second device. Furthermore, an authentication status of the second device may be updated based on a comparison of the first authentication proof that is based on the pairing data received from the server and the second authentication proof that is received from the second device.
    Type: Grant
    Filed: June 21, 2018
    Date of Patent: March 3, 2020
    Assignee: Cryptography Research, Inc.
    Inventors: Benjamin Che-Ming Jun, Matthew Evan Orzen, Joel Patrick Wittenauer, Steven C. Woo
  • Patent number: 10579800
    Abstract: A system which provides remote attestation of a cloud infrastructure comprises a plurality of attestation servers, a virtual machine (VM), and a VM scheduler arranged to register the VM for attestation and deploy the VM to a VM host within the cloud. More than one of the plurality of attestation servers are selected and mapped to the deployed VM, and each of the more than one mapped attestation servers is arranged to collect perform remote attestations of the deployed VM and its VM host. Performing remote attestations comprises transmitting a request for trust evidence to the VM and VM host, receiving, storing trust evidence transmitted by the VM and VM host and transmitting VM and VM host trust evidence to a cloud user.
    Type: Grant
    Filed: April 11, 2017
    Date of Patent: March 3, 2020
    Assignee: 100 Percent IT Ltd
    Inventor: David Blundell
  • Patent number: 10579339
    Abstract: An apparatus is described. The apparatus includes a plurality of physically unclonable circuits. The apparatus includes circuitry to detect which ones of the physically unclonable circuits are unstable. The apparatus also includes circuitry to couple the unstable physically unclonable circuits to a random number generator circuit.
    Type: Grant
    Filed: April 5, 2017
    Date of Patent: March 3, 2020
    Assignee: Intel Corporation
    Inventors: Vikram B. Suresh, Sanu K. Mathew, Sudhir K. Satpathy
  • Patent number: 10581921
    Abstract: A client-side user agent operates in conjunction with an identity selector to institute and exercise privacy control management over user identities managed by the identity selector. The user agent includes the combination of a privacy enforcement engine, a storage of rulesets expressing user privacy preferences, and a preference editor. The editor enables the user to direct the composition of privacy preferences relative to user identities. The preferences can be applied to individual cards and to categorized groups of attributes. The engine evaluates the proper rulesets against the privacy policy of a service provider. The privacy preferences used by the engine are determined on the basis of specifications in a security policy indicating the attribute requirements for claims that purport to satisfy the security policy.
    Type: Grant
    Filed: August 14, 2018
    Date of Patent: March 3, 2020
    Assignee: OPEN INVENTION NETWORK LLC
    Inventor: Gail-Joon Ahn
  • Patent number: 10579828
    Abstract: A method for neutralizing a pattern of user activity, comprises collecting data corresponding to the user activity, generating a user distribution over a domain comprising a plurality of respective elements based on the collected data, determining a transformation function to neutralize the user distribution, and applying the transformation function to neutralize the user distribution.
    Type: Grant
    Filed: August 1, 2017
    Date of Patent: March 3, 2020
    Assignee: International Business Machines Corporation
    Inventors: Yedendra Shrinivasan, Vijay Ekambaram, Nitin Gupta, Pratyush Kumar
  • Patent number: 10569429
    Abstract: New multi-computer architecture allows for the protection of personal computers to reinforce online security. The disclosed system encompasses intermediate lock-computer and unidirectional internal interfaces based on novel principles providing complete security while sending information to world wide web and reliable filtering of unwanted software while receiving information from the Internet and a secure way to send and receive data through public networks utilizing optical signals and LiFi connections. A key physical principle is the physical separation of dataflow from web-connected computer to intermediate lock-computer to the main personal computer and the counter data flow from main computer to lock-computer to web-connected computer.
    Type: Grant
    Filed: October 21, 2019
    Date of Patent: February 25, 2020
    Inventors: Benjamin Fridel Dorfman, Andrew Joel Swindells
  • Patent number: 10574641
    Abstract: Described is a technology by which a plug-in (e.g., an ActiveX® control) instantiated by a web browser calls functions of a credential service to use a set of credential data (e.g., a card file) for logging into a website. If the credential service determines that a previously used card file for the website exists, a representation of that card file is displayed in the browser, and the data of that card file is used to obtain a token for logging in the user. If not found, an icon is presented instead, by which the user can select a user interface that allows selection of another card file that meets that meet the website's requirements.
    Type: Grant
    Filed: April 13, 2018
    Date of Patent: February 25, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: John Deurbrouck, Caleb G. Baker, Danhua Zhu, Colin Leslie Dellow, Roberto A. Franco
  • Patent number: 10567367
    Abstract: In an example embodiment, a method, system, and program storage device for binding an industrial application to a plurality of services in an Industrial Internet of Things (IIoT) is provided. For each of a plurality of tenants, a service template corresponding to a group in which the corresponding tenant belongs is retrieved and an instance of the industrial application is instantiated for the corresponding tenant. Then, at runtime of an instance of the industrial application, a number of actions are taken. A request by the instance of the industrial application for a service identified by a first service name is detected. Then a credential for the service name is retrieved, with the credential identifying a location where an instance of the service identified by the first service name resides. The service identified by the first service name is then dynamically called using the location.
    Type: Grant
    Filed: December 18, 2018
    Date of Patent: February 18, 2020
    Assignee: General Electric Company
    Inventors: Vineet Banga, Vipul Parmar, Ilya Lipkind
  • Patent number: 10567406
    Abstract: A computer-implemented method according to one embodiment includes identifying a cloud computing environment, establishing a baseline associated with input and output requests within the cloud computing environment, monitoring activity associated with the cloud computing environment, comparing the activity to the baseline, and performing one or more actions, based on the comparing.
    Type: Grant
    Filed: August 16, 2016
    Date of Patent: February 18, 2020
    Assignee: International Business Machines Corporation
    Inventors: Tara Astigarraga, Christopher V. DeRobertis, Louie A. Dickens, Daniel J. Winarski
  • Patent number: 10565130
    Abstract: Technologies for secure memory usage include a computing device having a processor that includes a memory encryption engine and a memory device coupled to the processor. The processor supports multiple processor usages, such as secure enclaves, system management firmware, and a virtual machine monitor. The memory encryption engine is configured to protect a memory region stored in the memory device for a processor usage. The memory encryption engine restricts access to one or more configuration registers to a trusted code base of the processor usage. The processor executes the processor usage and the memory encryption engine protects contents of the memory region during execution. The memory encryption engine may access integrity metadata based on the address of the protected memory region. The memory encryption engine may prepare top-level counter metadata for entering a low-power state. Other embodiments are described and claimed.
    Type: Grant
    Filed: September 25, 2017
    Date of Patent: February 18, 2020
    Assignee: Intel Corporation
    Inventors: Siddhartha Chhabra, Reouven Elbaz, Krishnakumar Narasimhan, Prashant Dewan, David M. Durham
  • Patent number: 10567527
    Abstract: A method for tracking a user's movements between network addresses can include, subsequent to a request for a (current) network address from a user, receiving the network address and an identifier for a region associated with the network address. The method can also include locating a record that contains the identifier for the region and a time that immediately precedes the request for the network address from the user. The record may further contain a prior network address. The method can further include generating an entry for a table that includes the identifier for the region, the current network address, and the prior network address. A server computer or a client computer can generate the entry. Improved accountability and improved user profile accuracy can be obtained with the method. A data processing system readable medium can comprise code that includes instructions for carrying out the method.
    Type: Grant
    Filed: April 23, 2018
    Date of Patent: February 18, 2020
    Assignee: OPEN TEXT SA ULC
    Inventor: Sean M. McCullough
  • Patent number: 10560441
    Abstract: A cryptography service allows for management of cryptographic keys and for the evaluation of security expectations when processing incoming requests. In some contexts, the cryptography service, upon receiving a request to perform a cryptographic operation, evaluates a set of security expectations to determine whether the cryptographic key or keys usable to perform the cryptographic operation should be trusted. A response to the request is dependent on evaluation of the security expectations.
    Type: Grant
    Filed: December 17, 2014
    Date of Patent: February 11, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Gregory Alan Rubin, Gregory Branchek Roth
  • Patent number: 10554674
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for incident response are disclosed. In one aspect, a computer-implemented method includes receiving data identifying two or more groups of actions performed to remediate a computer security threat. The method includes determining first unique paths from a first action of each of the two or more groups of actions to a second action of each of the two or more groups of actions, and determining second unique paths from the second action of each of the two or more groups of actions to a third action of each of the two or more groups of actions. The method also includes combining common paths among the first unique paths and the second unique paths, identifying one of the common paths that appears most frequently, and determining a core path that includes a subset of the actions of the two or more groups of actions based on the one of the common paths that appears most frequently.
    Type: Grant
    Filed: November 17, 2017
    Date of Patent: February 4, 2020
    Assignee: Accenture Global Solutions Limited
    Inventors: Matthew Carver, Mohamed H. El-Sharkawi, Elvis Hovor
  • Patent number: 10554417
    Abstract: Systems and methods of the present invention provide for one or more server computers communicatively coupled to a network and configured to: identify, within a data store: a web page including a script tag; a URL in the script tag referencing a location for a second server hosting a script file; and a first hash data in the script tag generated from the script file using a hash function algorithm. The server computer(s) execute a request that accesses the script file and a second hash generated from the script file and stored on the second server computer. If the second hash data does not match the first hash data, execution of the script tag is disabled, and a notification is generated.
    Type: Grant
    Filed: February 19, 2019
    Date of Patent: February 4, 2020
    Assignee: Go Daddy Operating Company, LLC
    Inventor: Arnold Neil Blinn
  • Patent number: 10546154
    Abstract: Methods, systems and computer program products for layered masking of data are described. A system receives content including personally identifiable information (PII). The system redacts the content by masking the PII. The system identifies the PII in multi-layer processing, where in each layer, the system determines a respective confidence score indicating a probability that a token is PII. If the confidence score is sufficiently high, the system masks the token. Otherwise, the system provides the token to a next layer for processing. The layers can include regular expression based processing, lookup table based processing, and machine learning based processing.
    Type: Grant
    Filed: October 27, 2017
    Date of Patent: January 28, 2020
    Assignee: Yodlee, Inc.
    Inventors: Vunnava Praveen, Syed Abid Hussain
  • Patent number: 10542029
    Abstract: A computer-implemented method for security risk assessment of wireless access point devices, the computer-implemented method comprising: receiving signals from one or more wireless access points by two or more mobile wireless devices visiting said access points, obtaining Basic Service Set Identifiers (BSSID) of visited access points and reporting values derived from BSSID and from an identifier of corresponding mobile device to a first database, receiving a request for a security risk assessment of evaluated wireless access point, said request containing value derived from BSSID of the evaluated access point, searching the first database for one or more entries corresponding to the evaluated access point, and processing search results to assess security risk of the evaluated access point, said processing comprises computing a component of said risk dependent on the count of unique identifiers of mobile devices reported for the evaluated access point.
    Type: Grant
    Filed: May 16, 2017
    Date of Patent: January 21, 2020
    Assignee: Pango Inc.
    Inventor: Eugene Lapidous