Patents Examined by Peter Poltorak
-
Patent number: 9230075Abstract: Secret values used in a multi-server authentication scheme are updated. Information is authenticated in a system comprising a plurality of processing devices each adaptable for communication with one or more other devices. The information is authenticated by generating at least first and second shares of a first password associated with a first device (such as a client device); storing the first and second shares in respective second and third devices (such as authentication server devices); updating the first and second shares using a secret value T; assigning a version number to the updated first and second shares; and upon submission of additional information associated with the first device to at least one of the second and third devices, the second and third devices utilizing the respective updated first and second shares for a given version number to collectively determine a correspondence of the additional information with the first password.Type: GrantFiled: August 31, 2012Date of Patent: January 5, 2016Assignee: EMC CorporationInventors: Peter Robinson, Jaimee Brown, Eric Young
-
Patent number: 9230092Abstract: A password-hardening system comprises at least first and second servers. The first server is configured to store a plurality of sets of passwords for respective users with each such set comprising at least one valid password for the corresponding user and a plurality of chaff passwords for that user. The second server is configured to generate valid password indication information indicating for each of the sets which of the passwords in that set is a valid password. The valid password indication information comprises index values computed for respective ones of the password sets by the second server to identify respective valid passwords in the respective password sets. The second server may be further configured to compute the index values utilizing a keyed pseudorandom function, and to send the index values to the first server in association with respective values of a user number counter maintained in the second server.Type: GrantFiled: September 25, 2013Date of Patent: January 5, 2016Assignee: EMC CorporationInventor: Ari Juels
-
Patent number: 9218481Abstract: A system or computer usable program product for managing password strength including receiving a password on a data processing system for a user, filtering for personal information about the user from multiple independent data sources accessible across a computer network, computing the password strength by the data processing system using an algorithm which compares the password to the filtered personal information about the user, and presenting feedback to the user through a user interface on a data processing system display regarding the computed password strength.Type: GrantFiled: August 31, 2012Date of Patent: December 22, 2015Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Ella Belisario, Dwayne Dames, Jonathan Palgon, Roberto Vila
-
Patent number: 9208344Abstract: Methods and systems for accessing databases using a common web interface are provided. A method for transmitting data retrieved from an endpoint device to a client device using a common web interface includes providing the common web interface to the client device. The common web interface allows access to a plurality of endpoint devices, each endpoint device comprising a unique endpoint address. The method further includes receiving, by a computer, identification data from the client device, retrieving an endpoint address for one of the plurality of endpoint devices based on the identification data, connecting to the endpoint device corresponding to the endpoint address, retrieving data from the endpoint device, and transmitting the retrieved data to the client device.Type: GrantFiled: September 9, 2011Date of Patent: December 8, 2015Assignee: LexisNexis, A Division of Reed Elsevier Inc.Inventors: Mark McCray, Eric Scott Davis
-
Patent number: 9179306Abstract: Techniques for third-party content delivery via a unique mobile application address are presented. A mobile application on a mobile device of a consumer generates or is assigned a unique address. The consumer uses the mobile application to communicate with an enterprise over a network. The enterprise delegates delivery of content to the mobile application to a third-party service and provides the unique address. The third-party service directly sends the content over the network to the mobile application of the mobile device on behalf of the enterprise.Type: GrantFiled: August 31, 2011Date of Patent: November 3, 2015Assignee: NCR CorporationInventor: Graham West
-
Patent number: 9172694Abstract: An approach is provided to access resources at legacy systems. In this approach, a resource request destined to a legacy system is receiving from a requestor with the resource request including an access token and being on behalf of a resource owner. A validation process is performed on the access token. If the access token is valid, the approach identifies the resource owner and one or more legacy access tokens used to access the legacy system. Another request is formed with the new request including the legacy access tokens. The new request is transmitted to the legacy system and a response is received back from the legacy system. The response received from the legacy system is transmitted back to the requestor.Type: GrantFiled: May 22, 2012Date of Patent: October 27, 2015Assignee: International Business Machines CorporationInventors: Simon Gilbert Canning, Neil Ian Readshaw, Stephen Viselli, Shane Bradley Weeden
-
Patent number: 9154496Abstract: A password-hardening system comprises at least first and second servers. The first server is configured to store a plurality of sets of passwords for respective users with each such set comprising at least one valid password for the corresponding user and a plurality of chaff passwords for that user. The second server is configured to store at least a portion of valid password indication information indicating for each of the sets which of the passwords in that set is a valid password. The first and second servers are further configured to proactively update the sets of passwords and the valid password indication information in each of a plurality of epochs. The valid password indication information may comprise, for example, valid password index values for respective ones of the users, with the index values being stored as a shared secret across the first and second servers.Type: GrantFiled: September 25, 2013Date of Patent: October 6, 2015Assignee: EMC CorporationInventor: Ari Juels
-
Patent number: 9137210Abstract: A browsing process is directed to the generation and management of a browse session at a network computing provider. A client computing device transmits secure requests for network resources to a network computing provider. The network computing provider comprises one or more virtual network computing providers for processing secure communications between a client computing device and a content source. A virtual network computing provider handles the secure communications, decrypting and processing the communications while preventing third parties from accessing the unencrypted communication data. The virtual network computing provider may determine a browse configuration identifying processing actions to perform on the request content.Type: GrantFiled: February 21, 2012Date of Patent: September 15, 2015Assignee: Amazon Technologies, Inc.Inventors: Sachin P. Joglekar, Peter S. Vosshall, Jonathan A. Jenkins
-
Patent number: 9118711Abstract: A system, method, and computer program product are provided for displaying, via at least one user interface, a plurality of techniques of different technique types including a first technique for setting or modifying a policy for mitigating a first occurrence, and a second technique for dropping packets in connection with at least one networked device for mitigating the first occurrence. Based on user input selecting the first technique for setting or modifying the policy for mitigating the first occurrence, the first technique is automatically applied for setting or modifying the policy for mitigating the first occurrence. Based on the user input selecting the second technique for dropping packets in connection with the at least one networked device for mitigating the first occurrence, the second technique is applied for dropping packets in connection with the at least one networked device for mitigating the first occurrence.Type: GrantFiled: September 29, 2014Date of Patent: August 25, 2015Assignee: SecurityProfiling, LLCInventors: Brett M. Oliphant, John P. Blignaut
-
Patent number: 9118709Abstract: A system, method, and computer program product are provided including client and server code configured to cooperate, resulting in display, via at least one user interface, of a plurality of user options for causing different actions of different types in connection with at least one of the networked devices that is actually vulnerable to at least one of a plurality of actual vulnerabilities for at least mitigating an occurrence. The user options include a first user option for causing a first action for dropping packets in connection with the at least one networked device for mitigating the occurrence and a second user option for causing a second action for installation of a patch on the at least one networked device for removing the at least one vulnerability from the at least one networked device.Type: GrantFiled: September 28, 2014Date of Patent: August 25, 2015Assignee: SecurityProfiling, LLCInventors: Brett M. Oliphant, John P. Blignaut
-
Patent number: 9111115Abstract: A method, apparatus, and a computer readable storage medium having computer readable instructions to carry out the steps of the method for anonymous access to a database. Each record of the database has different access control permissions (e.g. attributes, roles, or rights). The method allows users to access the database record while the database does not learn who queries a record. The database does not know which record is being queried: (i) the access control list of that record or (ii) whether a user's attempt to access a record had been successful. The user can only obtain a single record per query and only those records for which he has the correct permissions. The user does not learn any other information about the database structure and the access control lists other than whether he was granted access to the queried record, and if so, the content of the record.Type: GrantFiled: November 4, 2013Date of Patent: August 18, 2015Assignee: International Business Machines CorporationInventors: Jan Leonhard Camenisch, Maria Dubovitskaya, Gregory Neven, Greg Zaverucha
-
Patent number: 9098701Abstract: Provided are an application module injection device, a computing device including an application module injection function, and a recording medium that records a program for executing an application module injection method.Type: GrantFiled: December 8, 2010Date of Patent: August 4, 2015Assignee: FASOO.COM CO., LTDInventors: Jong-Young Kim, Jong-II Lee
-
Patent number: 9098694Abstract: The present disclosure describes techniques and apparatuses for clone-resistant logic. In some aspects, this clone-resistant logic enables computing-device manufacturers to better protect their devices against use of inauthentic accessories.Type: GrantFiled: June 22, 2012Date of Patent: August 4, 2015Assignee: Marvell International Ltd.Inventor: Roy G. Moss
-
Patent number: 9100825Abstract: An approach for enabling multi-factor biometric authentication of a user based on different data capture modalities of a mobile device is described. A biometric enabler receives a request for authentication of a user via a network at a mobile device of the user. The biometric authentication further initiates a capture of media associated with the user at the mobile device based on the request, wherein the capture is based on a capture condition. The biometric enabler also determines, in response to the request, whether the media is associated with different types of biometric information of the user as maintained in association with a resource that requires authentication of the user.Type: GrantFiled: May 31, 2013Date of Patent: August 4, 2015Assignee: Verizon Patent and Licensing Inc.Inventors: Paul T. Schultz, Robert A. Sartini
-
Patent number: 9083730Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to identify an Internet protocol address blacklist boundary. An example method includes identifying a netblock associated with a malicious Internet protocol address, the netblock having a lower boundary and an upper boundary, collecting netflow data associated with a plurality of Internet protocol addresses in the netblock, establishing a first window associated with a lower portion of Internet protocol addresses numerically lower than a candidate Internet protocol address, establishing a second window associated with an upper portion of Internet protocol addresses numerically higher than a candidate Internet protocol address, calculating a breakpoint score based on a comparison between a behavioral profile of the first window and a behavioral profile of the second window, and identifying a first sub-netblock when the breakpoint score exceeds a threshold value.Type: GrantFiled: December 6, 2013Date of Patent: July 14, 2015Assignee: AT&T Intellectual Property I., L.P.Inventors: Baris Coskun, Suhrid Balakrishnan, Suhas Mathur
-
Patent number: 9077813Abstract: A method, an apparatus and an article of manufacture for masking a message on an electronic device. The method includes receiving a message on an electronic device, determining if a message category label is included in the message, mapping the message category to a corresponding masking format if a message category label is included in the message, extracting the content of the message to generate a message category if a message category label is not included in the message, wherein each message category generated corresponds to a masking format, and masking the message on the electronic device by transforming the message into the masking format that corresponds to the message category for the message.Type: GrantFiled: February 29, 2012Date of Patent: July 7, 2015Assignee: International Business Machines CorporationInventors: Sasha P. Caskey, Ossama Emam, Dimitri Kanevsky, Tara N. Sainath
-
Patent number: 9065854Abstract: The present disclosure relates to methods and systems for managing a guest virtual machine executing within a virtualized environment. A daemon is established on a guest virtual machine executing within a virtualized environment. The daemon is configured to communicate with a management service virtual machine executing within the virtualized environment. The daemon receives, from the management service virtual machine via an application layer protocol, a request identifying an action type of a plurality of predetermined action types. The daemon identifies the action type of the plurality of predetermined action types from the received request and performs an action corresponding to the identified action type. In some implementations, the application layer protocol is one of Hypertext Transfer Protocol (HTTP) or Hypertext Transfer Protocol Secure (HTTPS).Type: GrantFiled: October 28, 2013Date of Patent: June 23, 2015Assignee: CITRIX SYSTEMS, INC.Inventors: Raghu Goyal, Sanjay Gupta, Dave Saurabh
-
Patent number: 9053294Abstract: The invention provides the ability to produce long, complex passwords from simple, easy to recall, pictorial selections. The invention features a picture based interface unit, linked to a series of individual process modules. Selecting images contained in the image selection module generates a reference pointer corresponding to coordinates in the reference pointer of the control module which thereby generates a rotor sequence that is passed to the password generator module containing ASCII characters groups. The character groups are processed according to the rotor sequence contents to produce a password that is displayed in a display module for editing and/or use.Type: GrantFiled: April 24, 2012Date of Patent: June 9, 2015Inventor: Vance Burkill
-
Patent number: 9055093Abstract: Method, system and computer program product for detecting at least one of security threats and undesirable computer files are provided. A first method includes receiving a data stream which represents outbound, application layer messages from a first computer process to at least one second computer process. The computer processes are implemented on one or more computers. The method further includes monitoring the data stream to detect a security threat based on a whitelist having entries which contain metadata. The whitelist describes legitimate application layer messages based on a set of heuristics. The method still further includes generating a signal if a security threat is detected. A second method includes comparing a set of computer files with a whitelist which characterizes all legitimate computer files. The whitelist contains one or more entries. Each of the entries describe a plurality of legitimate computer files.Type: GrantFiled: December 18, 2008Date of Patent: June 9, 2015Inventor: Kevin R. Borders
-
Patent number: 9043877Abstract: A root user identifier of a computing system is disabled. Thereafter, and in response to determining that a problem with the computing system requires root privileges to the computing system to solve, a code patch for installation on the computing system is received from a third party. The code patch is installed on the computing system, resulting in a user identifier temporarily having the root privileges to the computing system. The user identifier is different than the root user identifier is. A password for the user identifier is provided to the third party to permit the third party to solve the problem with the computing system using the root privileges, via the user identifier temporarily having the root privileges to the computing system. The code patch is computer code installable on the computing system.Type: GrantFiled: October 6, 2009Date of Patent: May 26, 2015Assignee: International Business Machines CorporationInventors: John J. Auvenshine, Bernhard J. Klingenberg, Neeta Garimella, Thomas K. Clark