Patents Examined by Peter Poltorak
  • Patent number: 9325642
    Abstract: Methods, systems, and computer programs for generating random values for encryption operations are described. In some examples, information from a message to be encrypted can be used to refresh the state of a pseudorandom generator. In some aspects, a state parameter of the pseudorandom generator is modified based on information in the message. Modifying the state parameter changes the state parameter from a prior state to a refreshed state based on the information in the message. A random output value is obtained by the pseudorandom generator in the refreshed state. The message is encrypted based on the random output value.
    Type: Grant
    Filed: May 25, 2012
    Date of Patent: April 26, 2016
    Assignee: Certicom Corp.
    Inventors: Gregory Marc Zaverucha, Daniel Richard L. Brown
  • Patent number: 9317670
    Abstract: A method includes receiving usage data associated with a user device. The usage data includes information based on at least one usage activity associated with one or more applications on the user device. The method may also include analyzing the usage data based on predetermined criteria and determining a security question and a corresponding answer based on the usage data. The security question and the corresponding answer are stored in an associated database. The method further includes providing the security question and the corresponding answer in response to a request for the security question and the corresponding answer. Access is provided to a system based on an input of the corresponding answer in response to the security question.
    Type: Grant
    Filed: May 22, 2012
    Date of Patent: April 19, 2016
    Assignee: Verizon Patent and Licensing Inc
    Inventors: Bhaskar R. Gudlavenkatasiva, Nityanand Sharma, Ashraf Yussouff, Premanand Sivakkolundhu
  • Patent number: 9317687
    Abstract: A method for monitoring for malware includes, during a boot process on an electronic device, determining a portion of memory, determining that the portion of memory is reserved for exclusive access by an entity on the electronic device, and, based on the determination that a portion of memory is reserved for exclusive access during the boot process, determining that the reservation is indicative of malware.
    Type: Grant
    Filed: May 21, 2012
    Date of Patent: April 19, 2016
    Assignee: McAfee, Inc.
    Inventors: Jonathan L. Edwards, Aditya Kapoor, Michael S. Hughes
  • Patent number: 9319419
    Abstract: Device identification scoring systems and methods may be provided that can increase the reliability and security of communications between devices and service providers. Users may select and configure additional identification factors that are unique and convenient for them. These factors, along with additional environmental variables, feed into a trust score computation that weights the trustworthiness of the device context requesting communication with a service provider. Service providers rely on the trust score rather than enforce a specific identification routine themselves. A combination of identification factors selected by the user can be aggregated together to produce a trust score high enough to gain access to a given online service provider. A threshold of identification risk may be required to access a service or account provided by the online service provider.
    Type: Grant
    Filed: October 30, 2013
    Date of Patent: April 19, 2016
    Assignee: Wave Systems Corp.
    Inventors: Michael Sprague, Steven Sprague, Robert Thibadeau
  • Patent number: 9311510
    Abstract: A method for protecting a volatile memory against a virus, wherein: rights of writing, reading, or execution are assigned to certain areas of the memory; and a first list of opcodes authorized or forbidden as a content of the areas is associated with each of these areas.
    Type: Grant
    Filed: September 9, 2015
    Date of Patent: April 12, 2016
    Assignee: STMicroelectronics (Rousset) SAS
    Inventor: Yannick Teglia
  • Patent number: 9311487
    Abstract: A management device 200d comprises: a key share generation unit 251d generating a plurality of key shares by decomposing a decryption key, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program; and an output unit 252d outputting each of the key shares to a different one of a plurality of detection modules. The detection modules acquire and store therein the key shares. The protection control module 120d comprises: an acquisition unit 381d acquiring the key shares from the detection modules; a reconstruction unit 382d reconstructing the decryption key by composing the key shares; a decryption unit 383d decrypting the encrypted application program with use of the decryption key; and a deletion unit 384d deleting the decryption key, after the decryption by the decryption unit is completed.
    Type: Grant
    Filed: March 1, 2012
    Date of Patent: April 12, 2016
    Assignee: Panasonic Corporation
    Inventors: Yuji Unagami, Yuichi Futa, Natsume Matsuzaki, Hiroki Shizuya, Shuji Isobe, Atsushi Umeta
  • Patent number: 9305187
    Abstract: Data security management system and methods are provided. First, a first system having a management authority is provided. The first system displays an input interface on an input device. A switch switches the management authority from the first system to a second system, wherein the second system operates with a secure mechanism. When the management authority is switched to the second system, the first system transmits layout information of the input interface and an input device characteristic of the input device to the second system. The second system receives input data via the input device, and decodes the input data according to the layout information and the input device characteristic.
    Type: Grant
    Filed: February 22, 2012
    Date of Patent: April 5, 2016
    Assignee: HTC Corporation
    Inventors: Hsin-Ti Chueh, Ssu-Po Chin
  • Patent number: 9304795
    Abstract: Technologies are provided for function-targeted virtual machine switching. In some examples, function usage times on a virtual machine (VM) may be profiled by a virtual machine manager (VMM) and used to manage VM switching in order to preferentially switch VMs during specific targeted functions. The targeted functions and/or VM switching preferences may be adjusted over time in order to provide switching unpredictability, for example to frustrate side-channel attackers by forcing the attackers to gather data for much longer periods of time (e.g., weeks or months) if they want to detect or attack.
    Type: Grant
    Filed: January 15, 2013
    Date of Patent: April 5, 2016
    Assignee: EMPIRE TECHNOLOGY DEVELOPMENT LLC
    Inventor: Ezekiel Kruglick
  • Patent number: 9300570
    Abstract: Systems and methods for controlling Quality-of-Service (“QoS”) in a Virtual Private Network (“VPN”) in a transport network providing a plurality of QoS bearers. The methods involve: establishing, between two VPN endpoints, a plurality of VPN tunnels through the transport network, including at least a default VPN tunnel associated with a first QoS bearer and an alternate VPN tunnel associated with a second QoS bearer; receiving and analyzing a data block; applying a VPN policy to assign the data block to either default VPN tunnel or alternate VPN tunnel; and encapsulating the data block in a transport data block including at least one indicator. The indicator specifies whether the transport data block is to be communicated by the transport network using the first QoS bearer or second QoS bearer.
    Type: Grant
    Filed: May 22, 2012
    Date of Patent: March 29, 2016
    Assignee: Harris Corporation
    Inventor: Thomas A. Hengeveld
  • Patent number: 9294484
    Abstract: A service providing device includes a requesting unit for receiving, from the device operated by a user, a request for a process of using a service providing system having a different authentication base, and making a request to acquire authorization information for using the service providing system; a substitute authentication unit for acquiring authentication information of the service providing system from a second storage when the authorization information associated with the user is not stored in a first storage, and acquiring the authorization information from the service providing system by using the authentication information; and a providing unit for providing the authorization information stored in the first storage when the authorization information associated with the user is stored in the first storage, and providing the authorization information acquired from the service providing system when the authorization information associated with the user is not stored in the first storage.
    Type: Grant
    Filed: October 29, 2013
    Date of Patent: March 22, 2016
    Assignee: RICOH COMPANY, LTD.
    Inventors: Yasuharu Fukuda, Masato Nakajima, Naotoshi Seo, Kenta Yamano
  • Patent number: 9288213
    Abstract: A disclosed system having a first service providing system providing a service to an apparatus and a second service providing system having an authentication infrastructure different from that of the first service providing system includes a connection destination changing unit receiving a permission request, from an apparatus operated by a first user, of requesting that a second user uses the second service providing system, changes a connection destination of the apparatus to the second service providing system, and causes the second service providing system to perform a permission process; an authority information acquiring unit receiving permission information indicating that the permission request is admitted from the apparatus and acquires post-permission authority information by using the permission information; and an authority information providing unit providing the post-permission authority information associated with the second user based on a request for a process received from another apparatus
    Type: Grant
    Filed: October 29, 2013
    Date of Patent: March 15, 2016
    Assignee: RICOH COMPANY, LTD.
    Inventors: Naotoshi Seo, Masato Nakajima, Yasuharu Fukuda
  • Patent number: 9286126
    Abstract: An information processing apparatus is connectable via a network to service providing devices and a collecting apparatus. The information processing apparatus acquires a selection policy for selecting the devices that lay open to public types of providable services and service level information, and acquires service type information and the service level information from the collecting apparatus which detects the devices and collects the service type information including the types of providable services of the devices and the service level information. The devices capable of providing the accepted type of service are selected according to the selection policy.
    Type: Grant
    Filed: August 22, 2011
    Date of Patent: March 15, 2016
    Assignee: RICOH COMPANY, LTD.
    Inventor: Eijiro Inoue
  • Patent number: 9286187
    Abstract: Implementations of the present disclosure are directed to statically checking conformance of a computer-implemented service at a source code level to requirements specified at a process level and include actions of receiving source code of the computer-implemented service, receiving one or more rules, the one or more rules being generated based on a mapping and including a set of technical requirements that can be checked on the source code level, the mapping associating the requirements with the source code, and processing the source code and the one or more rules using static code analysis (SCA) to generate a result, the result indicating whether the computer-implemented service conforms to the requirements.
    Type: Grant
    Filed: August 30, 2012
    Date of Patent: March 15, 2016
    Assignee: SAP SE
    Inventors: Achim D. Brucker, Isabelle Hang
  • Patent number: 9280674
    Abstract: An information processing apparatus includes a memory and a processor coupled to the memory and configured to receive an instruction to transfer a first application to an execution environment, detect a second application that shares a resource with the first application, the resource being information used upon executing the first application and the second application, provide information for causing a user to determine whether to prohibit transferring the second application to the execution environment when the second application is detected, and invalidate a state in which the second application shares the resource with the first application when instruction to prohibit transferring the second application to the execution environment is received.
    Type: Grant
    Filed: October 29, 2013
    Date of Patent: March 8, 2016
    Assignee: FUJISU LIMITED
    Inventors: Naoya Fujisaki, Kazuaki Nimura
  • Patent number: 9264235
    Abstract: A device and method are provided for a device that authenticates a server over a network. The device and method are operable to contact the server to initiate a handshaking operation. The device receives certificate information and handshaking information from the server. The device completes the handshaking operations to establish the connection with the server. The device downloads the content from the server through the connection before authenticating the server to establish a secure connection. In some aspects, the device may display a portion of the downloaded content before the server is authenticated.
    Type: Grant
    Filed: November 16, 2010
    Date of Patent: February 16, 2016
    Assignee: BlackBerry Limited
    Inventors: Alexander Truskovsky, Neil Patrick Adams, Eli Omen Jackson
  • Patent number: 9258669
    Abstract: In an example embodiment, a test request is sent to a server configured to provide data to the mobile device application. Then a response to the test request is received from the server. The response is analyzed to identify a pattern in the response indicative of a communication sent via a particular communication path. An available communication path between the mobile device application and the server corresponding to the pattern is identified. Then, a mobile device application is registered with the server via the identified communication path.
    Type: Grant
    Filed: October 30, 2013
    Date of Patent: February 9, 2016
    Assignee: SAP SE
    Inventors: Karoly Nyisztor, Csaba Hereb, Andras Palfi, Hans Kedefors, Tamas Jozsa, Karsten Hinrichs
  • Patent number: 9239910
    Abstract: There are disclosed a system and method for preventing the leaking of digital content. The system for preventing the leaking of digital content may include a digital content layer generation unit for generating a digital content layer displaying digital content, a security layer generation unit for generating a security layer including security information based on information about a user terminal, and an information display unit for displaying the security layer generated by the security layer generation unit and the digital content layer generated by the digital content layer generation unit in the display device of the user terminal in an overlapping form so that the security information looks like overlapping with the digital content. Accordingly, the illegal leaking of digital content through photographing or screen capture can be prevented.
    Type: Grant
    Filed: February 28, 2012
    Date of Patent: January 19, 2016
    Assignee: Markany Inc.
    Inventors: Dong Hwa Kim, Chang Hun Yoo, Jin Hyug Choi, Un Yeong Heo, Dong Hwan Shin
  • Patent number: 9237188
    Abstract: A set of techniques is described for enabling a virtual machine based transcoding system. The system enables any transcoding provider to make their transcoding service available to other users over a network. The system can automate the deployment, execution and delivery of the transcoding service on behalf of the transcoding provider and enable other users to use the transcoding services to transcode content. The system receives a virtual machine image, transfers the image to a location where the media content is stored and creates a virtual private network of resources that will perform the transcoding of the media content. The virtual private network may be firewalled or otherwise restricted from opening connections with external clients when transcoding the content in order to prevent malicious use of the media content.
    Type: Grant
    Filed: May 21, 2012
    Date of Patent: January 12, 2016
    Assignee: Amazon Technologies, Inc.
    Inventors: Jacob Gabrielson, Piragash Velummylum, Bradley E. Marshall, Jonathan B. Corley
  • Patent number: 9235722
    Abstract: In one embodiment, a document is marked with an identifier and stored in a memory. Responsive to a request received from a user to perform an operation upon the document or a copy of the document at a requester computer, a database is accessed. The database is a database associating users authorized to access the documents or copies of the documents with operations the users are authorized to perform is accessed. Operation authorization is determined at least in part according to a document threat index. Upon determining the user is an authorized user and determining via the database the requested operation is an authorized operation, an access code is sent to the requester computer to enable the operation.
    Type: Grant
    Filed: April 27, 2012
    Date of Patent: January 12, 2016
    Assignee: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.L
    Inventors: Ketankumar Vyas, Saurav Roy, Abhijit Bhattacharya
  • Patent number: 9230075
    Abstract: Secret values used in a multi-server authentication scheme are updated. Information is authenticated in a system comprising a plurality of processing devices each adaptable for communication with one or more other devices. The information is authenticated by generating at least first and second shares of a first password associated with a first device (such as a client device); storing the first and second shares in respective second and third devices (such as authentication server devices); updating the first and second shares using a secret value T; assigning a version number to the updated first and second shares; and upon submission of additional information associated with the first device to at least one of the second and third devices, the second and third devices utilizing the respective updated first and second shares for a given version number to collectively determine a correspondence of the additional information with the first password.
    Type: Grant
    Filed: August 31, 2012
    Date of Patent: January 5, 2016
    Assignee: EMC Corporation
    Inventors: Peter Robinson, Jaimee Brown, Eric Young