Patents Examined by Mohammad Siddiqi
  • Patent number: 10409976
    Abstract: A system for entering a secure Personal Identification Number (PIN) into a mobile computing device includes a mobile computing device and a peripheral device that are connected via a data communication link. The mobile computing device includes a mobile application and a display and the mobile application runs on the mobile computing device and displays a grid on the mobile computing device display. The peripheral device includes a display and an encryption engine, and the peripheral device display displays a grid corresponding to the grid displayed on the mobile computing device display. Positional inputs on the mobile computing device grid are sent to the peripheral device and the peripheral device decodes the positional inputs into PIN digits and generates an encrypted PIN and then sends the encrypted PIN back to the mobile computing device.
    Type: Grant
    Filed: October 19, 2018
    Date of Patent: September 10, 2019
    Assignee: BBPOS LIMITED
    Inventor: Chi Wah Lo
  • Patent number: 10397216
    Abstract: The disclosed computer-implemented method for performing secure backup operations may include (i) identifying a backup server that has been designated to perform a backup task for a backup client, (ii) prior to facilitating the backup task on the backup client (a) identifying both a trust level of the designated backup server and a sensitivity level of the backup task and (b) determining whether the trust level of the designated backup server is appropriate for the sensitivity level of the backup task, and (iii) facilitating the backup task on the backup client based on the determination of whether the trust level of the designated backup server is appropriate for the sensitivity level of the backup task. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: November 18, 2016
    Date of Patent: August 27, 2019
    Assignee: Veritas Technologies LLC
    Inventors: Mukund Agrawal, Gaurav Malhotra, Vikas Kumar, Nachiket Tanksale
  • Patent number: 10382429
    Abstract: The disclosed computer-implemented method for performing secure backup operations may include (i) identifying a group of backup servers with heterogeneous computing environments that provide backup services for a backup client, (ii) determining, for each backup server within the group, a trust level of the backup server by identifying at least one security characteristic of the backup server, (iii) deploying, on each of the backup servers, a signed certificate that enables the backup server to transfer backup data with a security level that corresponds to the trust level of the backup server, and (iv) performing secure backup operations for the backup client by (a) identifying a sensitivity level of a backup task initiated by the backup client and (b) assigning the backup task to a backup server within the group of backup servers that has a signed certificate with a security level appropriate for the sensitivity level of the backup task.
    Type: Grant
    Filed: November 18, 2016
    Date of Patent: August 13, 2019
    Assignee: Veritas Technologies LLC
    Inventors: Mukund Agrawal, Gaurav Malhotra, Vikas Kumar, Nachiket Tanksale
  • Patent number: 10356124
    Abstract: In one embodiment, a device in a network inserts a profile tag into an address request sent by an endpoint node in the network to a lookup service. The lookup service is configured to identify one or more addresses with which the endpoint node is authorized to communicate based on a profile for the endpoint node associated with the inserted profile tag. The device receives an address response sent from the lookup service to the endpoint node that indicates the set of one or more addresses with which the endpoint node is authorized to communicate. The device determines whether a communication between the endpoint node and a particular network address is authorized using the set of one or more addresses with which the endpoint node is authorized to communicate. The device blocks the communication based on a determination that the particular network address is not in the set of one or more addresses with which the endpoint node is authorized to communicate.
    Type: Grant
    Filed: March 1, 2017
    Date of Patent: July 16, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Pascal Thubert, Eric Levy-Abegnoli, Eliot Lear, Brian E. Weis
  • Patent number: 10354060
    Abstract: A method for receiving a first access request from a client computer is described. The method comprises, in response to receiving the first access request, generating a query string comprising a predetermined number of characters, designating, via a unique indicator, a first randomized subset of the predetermined number of characters, wherein the first randomized subset comprises a plurality of the predetermined number of characters, and requesting a first predefined response comprising the first randomized subset of the predetermined number of characters. The method further comprises receiving a first client input from the client computer, determining whether the first client input matches the first predefined response, and accepting the first access request if the first client input matches the first predefined response.
    Type: Grant
    Filed: September 3, 2015
    Date of Patent: July 16, 2019
    Assignee: CA, Inc.
    Inventors: Mohammed Mujeeb Kaladgi, Jameel Ahmed Kaladgi
  • Patent number: 10348488
    Abstract: A method of combining chains of blocks in a network. The method comprising, creating a plurality of birth blocks of a plurality of chains of blocks by a block foundry application in a network, where each birth block is associated with a chain of blocks that records events of a network entity, creating blocks by a plurality of nodes in the network, wherein the current block and the previous block are linked, terminating the chain of blocks by the network entity, wherein the entity sends a termination request to create an end block, creating the end block, wherein the end block is the final block of the chain of blocks, and in response to the creation of the end block, sending a request by the network entity to create a block of a meta-chain of blocks, and creating the block of the meta-chain of blocks by the plurality of nodes.
    Type: Grant
    Filed: August 25, 2017
    Date of Patent: July 9, 2019
    Assignee: Sprint Communications Company L.P.
    Inventors: Lyle W. Paczkowski, Lyle T. Bertz, Mark R. Bales
  • Patent number: 10348769
    Abstract: A user-portable computing device configured as a smart card enables a user to carry identification information and to generate security tokens for use in authenticating the user to a service provider. The device includes memory for storing user identities as information cards that are exported to a host computer, presented to a user in visual form, and then selected for use in the authentication process. A security token service installed on the device issues a security token in response to a token request sent from the host computer that references the selected user identity. The security token service uses user attribute information stored on the user device to compose the claim assertions needed to issue the security token. The token is returned to the host computer and used to facilitate the authentication process.
    Type: Grant
    Filed: March 20, 2017
    Date of Patent: July 9, 2019
    Assignee: OPEN INVENTION NETWORK LLC
    Inventor: Gail-Joon Ahn
  • Patent number: 10341318
    Abstract: Methods, systems and computer readable media for providing skill-based, secure and dynamic contact center agent network access are described.
    Type: Grant
    Filed: November 6, 2015
    Date of Patent: July 2, 2019
    Assignee: Avaya Inc.
    Inventors: Roger Lapuh, Andrew John Rufener, William H. Jolicoeur
  • Patent number: 10341431
    Abstract: A method and apparatus is presented for announcing the existence of cryptographic key pairs within a distributed ledger system in which no central trusted authority is available, consisting of sending a key announcement message by a network connected device to other network connected devices over a peer-to-peer network for inclusion in the distributed ledger. Once a valid key announcement message for a public key is included in the ledger, any future transactions that reference an address associated with the public key or other messages concerning said public key are accepted by other network connected devices on the peer-to-peer network and are included in the distributed ledger. If transactions or other messages reference an address not associated with an announced public key, they may be rejected by the peer-to-peer network and may not be included in the distributed ledger.
    Type: Grant
    Filed: November 5, 2018
    Date of Patent: July 2, 2019
    Inventor: Keir Finlow-Bates
  • Patent number: 10341310
    Abstract: A plurality of system nodes coupled via a dedicated private network is described herein. A user can access data stored in one or more system nodes if a multi-factor authentication is successful. The multi-factor authentication can include using the structure of a person's vein (or artery) as one of the factors used to determine whether to authenticate a user. The structure of a person's vein (or artery) can be captured using a vein reader coupled to or embedded within a user device. For example, the vein reader can be coupled to the user's smartphone or can be embedded within the user's smartphone. Once captured, the vein reader can encode the user's vein structure to produce a vein ID that can then be used for authentication purposes.
    Type: Grant
    Filed: December 12, 2016
    Date of Patent: July 2, 2019
    Assignee: OROCK TECHNOLOGIES, INC.
    Inventor: John Leon
  • Patent number: 10333958
    Abstract: In one embodiment, a device in a network receives a first plurality of measurements for network metrics captured during a first time period. The device determines a first set of correlations between the network metrics using the first plurality of measurements captured during the first time period. The device receives a second plurality of measurements for the network metrics captured during a second time period. The device determines a second set of correlations between the network metrics using the second plurality of measurements captured during the second time period. The device identifies a difference between the first and second sets of correlations between the network metrics as a network anomaly.
    Type: Grant
    Filed: November 14, 2016
    Date of Patent: June 25, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Xinyuan Huang, Sarvesh Ranjan, Olivia Zhang, Yathiraj B. Udupi, Debojyoti Dutta
  • Patent number: 10333716
    Abstract: Systems and methods of the present invention provide for one or more server computers communicatively coupled to a network and configured to: identify, within a data store: a web page including a script tag; and a URL in the script tag referencing a location for a second server hosting a script file. The server computer(s) execute a request that accesses the script file and a signature file generated by a private key, associated with the script file, and stored on the second server computer. If the signature file contains a signature that cannot be authenticated using the public key associated with the private key, execution of the script tag is disabled, and a notification is generated.
    Type: Grant
    Filed: January 17, 2017
    Date of Patent: June 25, 2019
    Assignee: GO DADDY OPERATING COMPANY, LLC
    Inventor: Arnold Blinn
  • Patent number: 10333980
    Abstract: Established user habits in carrying multiple wirelessly detectable devices are used to provide or substantiate authentication. In some embodiments, simply detecting that expected devices are co-located within a limited spatial region is sufficient to establish that the devices are being carried by a single individual. In other embodiments, particularly where the potential for spoofing by multiple individuals is a concern, single-user possession of the devices may be confirmed by various corroborative techniques. This approach affords convenience to users, who may be working at a device that lacks the necessary modality (e.g., a fingerprint or vein reader) for strong authentication.
    Type: Grant
    Filed: November 19, 2015
    Date of Patent: June 25, 2019
    Assignee: IMPRIVATA, INC.
    Inventors: David M. T. Ting, Alain Slak, Kyle Vernest
  • Patent number: 10320823
    Abstract: Data is collected from a database arrangement about behavior of observed entities, wherein the collected data includes one or more features associated with the observed entities. A probabilistic model is determined that correlates the one or more features with malicious and/or benign behavior of the observed entities. Data is collected from the database arrangement for unobserved entities that have at least one common feature with at least one of the observed entities. One of the unobserved entities is determined to be a malicious entity based on the at least one common feature and the probabilistic model. Network policies are applied to packets sent from the malicious entity.
    Type: Grant
    Filed: September 3, 2015
    Date of Patent: June 11, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Vojt{hacek over (e)}ch Létal, Tomá{hacek over (s)} Pevný, Petr Somol
  • Patent number: 10318725
    Abstract: The present disclosure relates to changing a password in a proximity-based authentication system. After a successful proximity-based authentication, a password agent may determine that a password does not comply with an administrative password policy. The password agent may then generate a new password that does comply with the administrative password policy and submit a password change request to an administrator of that password policy, without any input by a user at these steps. The user can then request to view the password for input to a service using the same password, and after passing a biometric challenge may view the password.
    Type: Grant
    Filed: August 16, 2016
    Date of Patent: June 11, 2019
    Assignee: Symantec Corporation
    Inventor: Srinath Venkataramani
  • Patent number: 10305935
    Abstract: The present application is directed a computer-implemented method for enhancing security on a network. The method includes a step of receiving, from user equipment on the network, information including a source IP address and a destination IP address. The method also includes a step of receiving, from a VPN service provider, credentials of a VPN server. The method also includes a step of creating a policy such that traffic associated with the information of the user equipment is routed to the VPN server. The method further includes a step of sending the traffic of the user equipment to the VPN server. The application is also directed to a system and method for securing web traffic on a network.
    Type: Grant
    Filed: September 26, 2016
    Date of Patent: May 28, 2019
    Assignee: LGS Innovations LLC
    Inventor: Michael J. Chen
  • Patent number: 10298396
    Abstract: A method includes verifying the identity of an individual. A virtual passport for the individual is created upon verifying the identity of the individual. The virtual passport uniquely identifies the individual. A public/private key pair associated with the individual is generated. The virtual passport is signed with the private key. The signed virtual passport is entered in a public block chain. The signed virtual passport may be retrieved from the public block chain. The authenticity of the signed virtual passport may be determined via the public key.
    Type: Grant
    Filed: November 10, 2015
    Date of Patent: May 21, 2019
    Assignee: WELLS FARGO BANK, N.A.
    Inventors: Ashish B. Kurani, Wayne Barakat, Martin Barrs, Dominik Vltavsky
  • Patent number: 10277627
    Abstract: A denial of service (DoS) detection and circumvention system is described herein. The DoS detection and circumvention system can track phone calls that are initiated and store a list of phone numbers that are called. The DoS detection and circumvention system can also track the number of carrier congestion messages over a certain time window. Using the list of called phone numbers and the tracked number of carrier congestion messages, the DoS detection and circumvention system can identify excessive congestion. If the DoS detection and circumvention system identifies excessive congestion, the DoS detection and circumvention system can delay calls so as to prevent a possible DoS condition.
    Type: Grant
    Filed: May 8, 2018
    Date of Patent: April 30, 2019
    Assignee: CALLFIRE, INC.
    Inventor: Vijesh Mehta
  • Patent number: 10250389
    Abstract: Systems and methods of the present invention provide for one or more server computers communicatively coupled to a network and configured to: identify, within a data store: a web page including a script tag; a URL in the script tag referencing a location for a second server hosting a script file; and a first hash data in the script tag generated from the script file using a hash function algorithm. The server computer(s) execute a request that accesses the script file and a second hash generated from the script file and stored on the second server computer. If the second hash data does not match the first hash data, execution of the script tag is disabled, and a notification is generated.
    Type: Grant
    Filed: January 17, 2017
    Date of Patent: April 2, 2019
    Assignee: GO DADDY OPERATING COMPANY, LLC
    Inventor: Arnold Blinn
  • Patent number: 10250632
    Abstract: Disclosed is a computer-implemented method and system of inferring a web service infrastructure from a web service hosted on a web server. The method includes: downloading a web service description language (WSDL) file describing the web service from a location on the web server identified by a uniform resource locator (URL); identifying at least one of a web service design technology and a web service design technology provider from character strings indicative of the technology and implementation, respectively, in at least one of the URL and WSDL file; and inferring the web service infrastructure from the identified web service design technology and web service design technology provider. A computer program product having aspects of the method as program code is also disclosed.
    Type: Grant
    Filed: November 8, 2017
    Date of Patent: April 2, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Emmanuel Wurth, Jean-Philippe Delpiroux