Patents Examined by Monjur Rahim
-
Patent number: 12657340Abstract: A system includes a memory configured to store instances of a software application executable on a computing device and a set of sensitive data and a processor operably coupled to the memory and configured to detect an interaction to initiate an execution of user interactions with the set of sensitive data. The processor is further configured to execute one or more generative machine-learning models trained to generatively present sequences of different decoy data to a user in response to an execution of interactions with the different decoy data, partition the set of sensitive data into sets of sharded sensitive data, and transfer the sets of sharded sensitive data to a trusted database and onto a trusted computing node. The processor is further configured to store a log of the generatively presented sequences of different decoy data and the execution of the interactions with the different decoy data.Type: GrantFiled: September 10, 2024Date of Patent: June 16, 2026Assignee: Bank of America CorporationInventors: Vinesh Premji Patel, Manu Jacob Kurian, Michael Robert Young
-
Patent number: 12659140Abstract: Methods, systems, and computer readable medium facilitating encrypted information retrieval. Methods can include receiving a batch of queries that includes queries to special buckets in each database shard. Query results responsive to the batch of queries are transmitted to the client device. The query results includes server-encrypted secret shares obtained from the special buckets. Client-encrypted versions of the secret shares are received. A full set of server-encrypted secret shares is transmitted to the client device, which is encrypted by the client device to create a full set of client-server-encrypted secret shares. The client device is classified based on how many of the secret shares are included in both of the client-encrypted secret shares received from the client device and the full set of client-server-encrypted secret shares received from the client device.Type: GrantFiled: July 16, 2024Date of Patent: June 16, 2026Assignee: Google LLCInventors: Eli Simon Fox-Epstein, Kevin Wei Li Yeo
-
Patent number: 12657337Abstract: Systems, methods, and non-transitory computer readable media including instructions for implementing a runtime virtual barrier for fine grained execution control are disclose. Implementing the runtime virtual barrier for fine grained execution control includes receiving, by an application capable of JavaScript execution, an executable code including an API invocation; intercepting, by a virtual barrier, the API invocation; determining that the API invocation is an invocation for a native API configured for subsequent execution in response to a trigger event; based on the determination that the API invocation is an invocation for a native API configured for subsequent execution, recording an invocation source identifier; and upon occurrence of the trigger event: retrieving the invocation source identifier; and influencing execution of the native API based on the invocation source identifier.Type: GrantFiled: March 21, 2024Date of Patent: June 16, 2026Assignee: Seraphic Algorithms Ltd.Inventor: Avihay Cohen
-
Patent number: 12652300Abstract: The main enabler of the technology is the probabilistic programming based computation strategies that have an outstanding ability to handle uncertainties in discovering anomalous patterns. This new capability to handle uncertainties is particularly relevant for detecting insider threats, as there are usually no clearly defined rules and policies. An insider's behaviors would deviate from normally distributed events and actions in various aspects. The probabilistic model detects this deviation and explains the computational path of the deviation. The result interpretation unit enables organizations to investigate the causes with high accuracy, avoiding costly and embarrassing false alarms. The technology detects and ranks abnormal events. This ranking capability helps prioritize follow-up manual investigation.Type: GrantFiled: June 14, 2021Date of Patent: June 9, 2026Assignee: Virginia Tech Intellectual Properties, Inc.Inventors: Danfeng Yao, Md Salman Ahmed, Ya Xiao
-
Patent number: 12619554Abstract: Rekeying operations can be performed without significantly impacting the execution of software that relies on those keys. In one embodiment, a hardware-based solution connects to a memory controller in a way that hides the rekeying from the software, where the hardware keeps track of which memory addresses in a memory space correspond to new keys. Rekeying can be performed for memory addresses in order, such as from bottom to top addresses in a region table, and a rekeying address can be used to keep track the rekeying process, such that addresses below the rekeying address in the table are to use the new keys and addresses above the rekeying address are to use the current or old key, with the address corresponding to the rekeying address using the prior key for reads and the new key for writes. Keys can then be updated frequently without significant downtime or software modifications.Type: GrantFiled: April 9, 2024Date of Patent: May 5, 2026Assignee: MELLANOX TECHNOLOGIES, LTD.Inventors: Ahmad Atamli, Barry Spinney, Yonatan Cohen, Hillel Chapman
-
Patent number: 12619757Abstract: A security client of a mobile computing platform transmits a request for the secret key to a key server. The request includes environmental data characterizing a current state of the environment of the node and establishes a cryptographic heartbeat with the key server. The security client receives a secret key from the key server, stores the secret key in volatile memory and decrypts the encrypted file using the secret key to create a decrypted file in the volatile memory. The security client monitors a time since a last authenticated heartbeat message was received. Responsive to the time exceeding a predetermined timeout window or responsive to receiving a message from the key server indicating that authorization to the decrypted file is revoked or responsive to determining that the node is not in an authorized environment, the security client deletes the secret key from the volatile memory and closes the decrypted file.Type: GrantFiled: October 18, 2024Date of Patent: May 5, 2026Assignee: NORTHROP GRUMMAN SYSTEMS CORPORATIONInventors: Brian J. Noe, Francis B. Afinidad, Hope Noe, Steven D. Ratts
-
Patent number: 12615145Abstract: Techniques for enabling a customer operator of a cloud service provider (CSP) the ability to disable operator access to resources in a customer cloud environment are disclosed. Operator access may be disabled or suspended by operators of the CSP customer initiating a disable command. Disabling operator access includes (a) terminating existing sessions that provide operators access to the resources, (b) rejecting new requests for credentials to establish sessions that provide operator access, and/or (c) revoking existing credentials used to establish sessions that provide operator access. Disabling operator access may apply to resources in the customer cloud environment or to a subset of resources and/or may apply to some operators but not to other operators. The operators may be of the same or different categories of operators. At the conclusion of a designated period of time, the ability of operator to access the customer cloud environment may be restored.Type: GrantFiled: April 29, 2024Date of Patent: April 28, 2026Assignee: Oracle International CorporationInventors: Nachiketh Rao Potlapally, Karl Miller, Apurv Awasthi, Zachary Gilburd
-
Patent number: 12608322Abstract: In an aspect of the disclosure, a method, a computer-readable medium, and an apparatus are provided. The apparatus is a BMC. The BMC receives data to be written to a storage. The BMC encrypts the data using a stream encrypt engine to generate encrypted data. The BMC writes the encrypted data to the storage. The BMC receives encrypted data read from the storage. The BMC decrypts the encrypted data using a stream decrypt engine to generate decrypted data. The BMC provides the decrypted data to a component of the BMC.Type: GrantFiled: September 19, 2023Date of Patent: April 21, 2026Assignee: AMERICAN MEGATRENDS INTERNATIONAL, LLCInventors: Samvinesh Christopher, Anurag Bhatia, Winston Thangapandian
-
Patent number: 12603913Abstract: Methods and systems for managing operations of a data processing system are disclosed. To manage operations of the data processing system, data may be obtained to be provided to a remote entity. Using a classification schema, a classification may be obtained for the data. A transmission path for the data may be selected based on at least the classification and a rule set keyed to the classification. A channel between the data processing system and the remote entity may be identified for transmission of the data. In a first instance of the identifying in which the channel is an in-band communication channel, the data may be provided to the remote entity via the in-band communication channel. In a second instance of the identifying in which the channel is an out-of-band communication channel, the data may be provided to the remote entity via the out-of-band communication channel.Type: GrantFiled: April 29, 2024Date of Patent: April 14, 2026Assignee: Dell Products L.P.Inventors: Abeye Teshome, Richard M. Tonry, Adolfo Sandor Montero, Bassem El-Azzami, Rajaravi Chandra Kollarapu, Vinodkumar Vasudev Ottar, Luis Antonio Valencia Reyes, Mohit Arora
-
Patent number: 12596840Abstract: A system and method for identifying purge eligible data objects; generating a final purge list based on the purge eligible data objects in an iterative or recursive manner until a combined key file contains no partial shares, including: obtaining relational information associated with the purge eligible data objects; identifying related data objects based on the relational information; identifying purge exemptions associated with the purge eligible data objects; generating the combined key file for the relations associated to each purge eligible object; in response to the combined key file not containing a partial share, generating the final purge list based on the combined key file; identifying account keys from in-scope tables maintained at the computing systems; loading purge keys in a driver table based on the account keys; and joining the in-scope tables maintained at the computing systems with the driver table to purge records of the in-scope tables.Type: GrantFiled: August 28, 2025Date of Patent: April 7, 2026Assignee: Morgan Stanley Services Group Inc.Inventors: Mohan Kumar Tummalapalli, Nand Kishore Jayswal, Nidhi A. Jaiswal, Sumit Khairnar, Raju Ravindran, Madonna Florendo, Arnold DeRama
-
Patent number: 12596807Abstract: Systems and methods for Unified Extensible Firmware Interface (UEFI)-level processing of Out-of-Band (OOB) commands in heterogeneous computing platforms. In some embodiments, an Information Handling System (IHS) may include: a heterogeneous computing platform having a plurality of devices, and an OOB Microcontroller Unit (MCU), Embedded Controller (EC), or networking device integrated into or coupled to the heterogeneous computing platform and distinct from a host processor of the heterogeneous computing platform, where the OOB MCU, EC, or networking device is configured to: receive an OOB packet while the host processor is in a low-power state, and execute an OOB command contained in the OOB packet, by the host processor, at least in part through initialization of UEFI without initialization of any video device.Type: GrantFiled: June 30, 2023Date of Patent: April 7, 2026Assignee: Dell Products L.P.Inventors: Adolfo S. Montero, Abeye Teshome, Alok Pant
-
Patent number: 12598458Abstract: The present disclosure relates to an apparatus for powering an implant for a human patient and a method for powering an implant for a human patient. Wherein said apparatus comprises an implantable energy source for providing energy to the implant, an energy provider connected to the implantable energy source and connected to an energy consuming part of the implant, the energy provider being configured to store energy to provide a burst of energy to the energy consuming part, wherein the energy provider is configured to be charged by the implantable energy source and to provide the energy consuming part with electrical power during startup of the energy consuming part.Type: GrantFiled: February 16, 2024Date of Patent: April 7, 2026Inventor: Peter Forsell
-
Patent number: 12580742Abstract: Various examples are directed to a system for configuring a host device. The host device may comprise a memory system and may be programmed to receive subscriber software for interfacing the host device to a subscription service. The host device may also be programmed to receive from a first assembler secure appliance, first trace data based at least in part on the subscriber software and generate trace-derived data using the first trace data and the memory system identification key. The host device may also be programmed to send a subscription request to a subscription server associated with the subscription service. The subscription request may comprise the trace-derived data. The host device may also be programmed to receive, from the subscription server, subscription data for accessing the subscription service.Type: GrantFiled: May 15, 2024Date of Patent: March 17, 2026Assignee: Micron Technology, Inc.Inventor: Olivier Duval
-
Patent number: 12572671Abstract: A computer can detect a role change associated with an individual of a group of individuals. In response to detecting the role change, execute an automated process for adjusting access of the individual to one or more resources. The automated process can involve automatically interacting with computer systems. The automated process can involve automatically transmitting a first command to an identity management system. The automated process can involve automatically transmitting a second command to a workflow software server. The automated process can involve automatically transmitting a third command to an information asset management server. The automated process can involve automatically transmitting a fourth command to an equipment provisioning server.Type: GrantFiled: November 1, 2023Date of Patent: March 10, 2026Assignee: Truist BankInventor: Kathlene Judd
-
Patent number: 12574214Abstract: Described herein are systems, methods, and software to direct communications for a private network using advertised encryption key information. In one implementation, a first computing element identifies an encrypted communication from a second computing element and identifies a destination computing element from a plurality of destination computing elements based on an application of encryption keys to the encrypted communication. The first computing element further forwards the encrypted communication to the destination computing element.Type: GrantFiled: July 28, 2022Date of Patent: March 10, 2026Assignee: Tailscale Inc.Inventor: David J. Crawshaw
-
Patent number: 12574230Abstract: An arrangement has a random data generator for producing a crypto seed, and may use a secure transport mechanism. The arrangement may produce, through a first cryptographic operation, a cryptographic intermediate product that is deterministically dependent on both the crypto seed and a user's secret received through the secure transport mechanism. This cryptographic intermediate product constitutes a digital identity of the party. A second cryptographic operation uses the digital identity of the party to produce a cryptographic output including the crypto seed in encrypted form. The arrangement transmits at least part of the cryptographic output through the secure transport mechanism.Type: GrantFiled: February 13, 2023Date of Patent: March 10, 2026Assignee: Gurulogic Microsystems OyInventor: Tuomas Kärkkäinen
-
Patent number: 12568358Abstract: A wireless personal area network (PAN) includes a plurality of devices configured to communicate messages encrypted with a first network key across the PAN, and the plurality of devices includes a router. The router receives from the joiner device a join request message encrypted by a second network key and sends to the joiner device a join confirmation message that contains a third network key. The router receives subsequent incoming messages from the joiner device encrypted by the third network key, re-encrypts each subsequent incoming message with the first network key, and transmits the re-encrypted subsequent incoming messages to other devices in the PAN. The router receives, from other devices in the PAN, subsequent outgoing messages for the joiner device encrypted by the first network key, re-encrypts the subsequent outgoing messages with the third network key, and sends the re-encrypted subsequent outgoing messages to the joiner device.Type: GrantFiled: February 21, 2024Date of Patent: March 3, 2026Assignee: NXP USA, Inc.Inventor: Cristian Caciuloiu
-
Patent number: 12561434Abstract: The present application discloses a method, system, and computer system for detecting malicious files. The method includes executing a sample in a virtual environment, and determining whether the sample is malware based at least in part on memory-use artifacts obtained in connection with execution of the sample in the virtual environment.Type: GrantFiled: April 7, 2022Date of Patent: February 24, 2026Assignee: Palo Alto Networks, Inc.Inventors: Sujit Rokka Chhetri, Akshata Krishnamoorthy Rao, Daniel Raygoza, Esmid Idrizovic, William Redington Hewlett, II, Robert Jung
-
Patent number: 12561256Abstract: A computer-implemented method, according to one embodiment, includes: receiving encrypted data at a storage controller, and providing the encrypted data to a secure software container. The secure software container is configured to decrypt the encrypted data, calculate hash values using the decrypted data, and compress the decrypted data. The secure software container is also configured to re-encrypt the decrypted data. The computer-implemented method also includes receiving a new copy of the encrypted data from the secure software container. The new copy of the encrypted data may be compressed, include hash values calculated at the secure software container, or compressed as well as including hash values. The new copy of the encrypted data received may thereby be stored in memory.Type: GrantFiled: July 14, 2023Date of Patent: February 24, 2026Assignee: International Business Machines CorporationInventors: Glen Alan Jaquette, Rahul M. Fiske, Ashish Jagdale, Mohit Chitlange
-
Patent number: 12561467Abstract: Extension of functional capabilities of a file system in a container orchestration system by associating an extended storage class with a functional extension wherein access to data storage volumes belonging to the extended storage class are handled by an extended file system. In response to deployment of an application pod config including definition of an extended volume belonging to the extended storage class, request mounting the extended volume and creating a staging pod for mounting the original data storage volume and causing the container orchestration system to deploy the staging pod. Access by the containers in the application pod to data stored in the extended volume is handled by the extended file system.Type: GrantFiled: August 29, 2022Date of Patent: February 24, 2026Assignee: THALES DIS CPL USA, INC.Inventors: José R. Santos, Partha Sarathi Besagarahalli Lakshmaiah, Steven Pratt, Mahesh Mohan