Patents Examined by Phy Anh T Vu
  • Patent number: 11663360
    Abstract: A computer implemented method of managing consent for sharing data, the method comprising: storing data sharing preferences for a data subject in relation to data held by a plurality of data controllers; receiving a data share request from a requestor to obtain personal data relating to the data subject and held by one or more of the data controllers; comparing the data share request to the data sharing preferences of the data subject; and for each of the one or more data controllers: instructing the one or more data controllers to share the personal data with the requestor, or rejecting the data share request, in dependence on the comparison.
    Type: Grant
    Filed: February 18, 2021
    Date of Patent: May 30, 2023
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Adeline-Fleur Fleming, Yukiko Lorenzo
  • Patent number: 11663320
    Abstract: Embodiments of the invention are directed to systems, methods, and computer program products for creating an effective baseline for controlling software and programs running on a user device or virtual machine environment of an enterprise network. Historical data may be used to train one or more iterative machine learning processes for intelligently identifying relevant program characteristics and aiding or automating a determination as to a software or program's need, usage, redundancy, or security. Determinations regarding software or program classifications may be used for further review or automated control of software or program execution within a network environment.
    Type: Grant
    Filed: January 12, 2021
    Date of Patent: May 30, 2023
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Eric Joseph DePree, Michael Edward Hunter Dunten, Robert Riley Zink
  • Patent number: 11645402
    Abstract: Methods and devices for determining whether a computing device has been compromised. File tree structure information for the computing device is obtained that details at least a portion of a tree-based structure of folders and files in a memory on the computing device. It is then determined from the file tree structure information that the computing device is compromised and, based on the determination that the computing device has been compromised, an action is taken.
    Type: Grant
    Filed: August 15, 2019
    Date of Patent: May 9, 2023
    Assignee: BlackBerry Limited
    Inventors: Chang Fung Yang, Chi Hing Ng, Robert Joseph Lombardi, Johnathan George White
  • Patent number: 11606194
    Abstract: The present disclosure provides a system for securing wireless data communication. The system includes a launcher and a projectile. The launcher has a random number generator, a launcher memory, a launcher encryption/decryption module, and a launcher transceiver. The projectile has a projectile memory, a projectile encryption/decryption module, and a projectile transceiver. Both the launcher encryption/decryption module and the projectile encryption/decryption module are configured to use the one-time pad to encrypt and to decrypt data. The system is configured to establish a temporary datalink at a point in time in which the projectile and the launcher are substantially collocated so that the one-time pad can be transmitted from random number generator located in the launcher to the projectile memory using the temporary datalink.
    Type: Grant
    Filed: July 31, 2020
    Date of Patent: March 14, 2023
    Assignee: United States Government as represented by the Secretary of the Army
    Inventor: Jonathan N Blakely
  • Patent number: 11601268
    Abstract: A device including a network interface, a memory and a processor. The network interface is configured to communicate with a verifier over a communication network. The memory is configured to store multiple layers of mutable code, the layers identifiable by respective measurements. The processor is configured to generate, for a given boot cycle, a nonce associated uniquely with the given boot cycle, to receive a challenge from the verifier for attestation of a given layer of the mutable code, to calculate an attestation key based on (i) a Unique Device Secret (UDS) stored securely in the device, (ii) a measurement of the given layer taken by another layer, and (iii) the nonce generated for the given boot cycle, to calculate a response for the challenge, by signing the challenge using the attestation key, and to send the response to the verifier for verification of the given layer.
    Type: Grant
    Filed: August 3, 2020
    Date of Patent: March 7, 2023
    Assignee: NUVOTON TECHNOLOGY CORPORATION
    Inventors: Ziv Hershman, Dan Morav
  • Patent number: 11539533
    Abstract: A system for access control includes an interface to receive an access request from a first user application for permission to access a first digital identity wallet application and a processor to: determine whether to grant access for the first user application to the first digital identity wallet application, wherein access is granted for the first user application to the first digital identity wallet application in response to the first user application belonging to a first circle of trust and the first digital identity wallet application belonging to the first circle of trust; and in response to determining to grant access for the first user application to the first digital identity wallet application, provide an access granting indication.
    Type: Grant
    Filed: July 1, 2020
    Date of Patent: December 27, 2022
    Assignee: Workday, Inc.
    Inventors: Bjorn Hamel, Prakash Sundaresan, Krishnan Rajiyah, Marius Maaland, Kamalanathan Thandapani, Lionello G. Lunesu, Aneesh Sandeep Verenkar, Amit Jasuja, Keith Kowal
  • Patent number: 11520916
    Abstract: The present invention permits automated on-screen identification and obfuscation of sensitive data. The protective system receives a user's attempt to access sensitive data in a session, determines the user's level of access to sensitive data, and then obscures any sensitive data for which the user must supply credentials by placing at least one data field block over the sensitive data before the sensitive data is displayed on a desktop. As such the sensitive data cannot be seen by the user. The system can receive at least one credential from the user and compare it to at least one protective analytics rule in order to determine if it should remove the block and allow the user to view the sensitive data.
    Type: Grant
    Filed: September 4, 2019
    Date of Patent: December 6, 2022
    Assignee: Verint Americas Inc.
    Inventor: Senan Burgess
  • Patent number: 11522695
    Abstract: Techniques are disclosed relating to using a device to gain access to another system. In some embodiments, a first mobile device performs a pairing operation with a control unit that controls access to a system, the pairing operation including the first mobile device establishing a first cryptographic key with the control unit. The first mobile device receives a request to enable a second mobile device to communicate with the control unit, and in response to receiving the request, the first mobile device generates a second cryptographic key from the first cryptographic key. The first mobile device provides the second cryptographic key to the second mobile device. The second mobile device is configured to send a beacon including a payload encrypted with the second cryptographic key, and the encrypted payload is usable to authenticate the second mobile device to the control unit.
    Type: Grant
    Filed: March 19, 2019
    Date of Patent: December 6, 2022
    Assignee: Apple Inc.
    Inventors: Sriram Hariharan, Yannick L. Sierra, Frederic Jacobs
  • Patent number: 11507687
    Abstract: A secure enclave may be used to satisfy privacy requirements and audit requirements. Code may be loaded into the secure enclave. The code may generate a predefined report based on data and added noise. The pre-defined report may be subject to audit requirements. The data may be subject to the privacy requirements. The secure enclave may generate an encryption key and a decryption key based on the code. Only the secure enclave may have access to the decryption key. And the secure enclave may allow only a verified copy of the code to access the decryption key. With the added noise, the report may satisfy a pre-defined differential privacy guarantee. Encrypting the code and ensuring that the report satisfies the differential privacy guarantee may satisfy the privacy requirements. Retaining the report, the code, the secure enclave, and the encrypted data may satisfy the audit requirements.
    Type: Grant
    Filed: May 13, 2020
    Date of Patent: November 22, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Sergey Yekhanin, Joshua Stanley Allen, Ankit Srivastava, Ralph Kennedy Johnston, Jr., Janardhan Dattatreya Kulkarni
  • Patent number: 11490255
    Abstract: In a system and a method for providing authentication for Rich Communication Services (RCS) application on a user equipment (UE), a Proxy Call Session Control Function (P-CSCF) of the IMS receives a SIP REGISTER request message sent from an IMS Session Initiation Protocol (SIP) client on the UE as part of an authentication of the IMS SIP client. A Serving Call Session Control Function (S-CSCF) of the IMS or a registration service performs an Authentication and Key Agreement (AKA) challenge with the IMS SIP client as part of the authentication. A Home Subscriber Server (HSS) of the IMS or a Unified Data Management (UDM) function provides, upon successful authentication of the IMS SIP client, an initial authorization grant for the IMS SIP client. The RCS application, after obtaining the initial authorization grant, registers for RCS service with the RCS network, via RCS Application Programming Interface Gateway (API GW).
    Type: Grant
    Filed: October 6, 2020
    Date of Patent: November 1, 2022
    Assignee: Mavenir Networks, Inc.
    Inventors: Anish Sharma, Bejoy Pankajakshan
  • Patent number: 11477194
    Abstract: A networked system for authenticating devices that comprise constrained devices connected in a network either directly to cloud based and/or dedicated servers or though gateways to cloud based and/or dedicated servers.
    Type: Grant
    Filed: February 20, 2020
    Date of Patent: October 18, 2022
    Assignee: TYCO FIRE & SECURITY GMBH
    Inventors: Craig Trivelpiece, Keith A. Roberts, Richard Campero
  • Patent number: 11438180
    Abstract: Systems and method are provided for determining a reliability of a physically unclonable function (PUF) cell of a device. A first signal is provided to a first branch of a PUF cell and a second signal is provided to a second branch of the PUF cell, the first and second signals being provided in synchronization. A base PUF cell value is determined based on an output of the PUF cell produced by the first signal and the second signal. A third signal is provided to the first branch and a fourth signal is provided to the second branch, the third signal and fourth signal being provided out of synchronization. A stressed PUF cell value is determined based on an output of the PUF cell produced by the third signal and the fourth signal. The PUF cell is determined to be unusable based on a difference between the PUF cell value and the stressed PUF cell value.
    Type: Grant
    Filed: February 10, 2020
    Date of Patent: September 6, 2022
    Assignee: Taiwan Semiconductor Manufacturing Company Limited
    Inventors: Shih-Lien Linus Lu, Cheng-En Lee
  • Patent number: 11425566
    Abstract: Embodiments disclosed herein provide for systems and methods for authenticating a mobile device. The systems and methods provide for a wireless, touchless multi-factor authentication process for the mobile device, wherein a first factor of authentication includes providing authentication credentials to the mobile device and a second factor of authentication includes scanning a physical identification at a secure device.
    Type: Grant
    Filed: July 27, 2020
    Date of Patent: August 23, 2022
    Assignee: JPMORGAN CHASE BANK, N.A.
    Inventors: Rocky J. Maufort, Edward P. A. Lawford, Tommy Y. Cheung, Paul Manaloto, Matthew Murphy, Matthew E. Duncan, Dongtao Wang
  • Patent number: 11411751
    Abstract: A privacy-preserving, mutual PUF-based authentication protocol that uses soft data to exchange and correlate Helper Data bitstrings instead of PUF response bitstrings as a means of authenticating chips to prevent attacks.
    Type: Grant
    Filed: June 27, 2019
    Date of Patent: August 9, 2022
    Inventors: James Plusquellic, Matt Areno
  • Patent number: 11405191
    Abstract: Embodiments described herein provide cryptographic techniques to enable a recipient of a signed message containing encrypted data to verify that the signer of the message and the encryptor of the encrypted data are the same party, or at the least, have joint possession of a common set of secret cryptographic material. These techniques can be used to harden an online payment system against interception and resigning of encrypted payment information.
    Type: Grant
    Filed: May 13, 2020
    Date of Patent: August 2, 2022
    Assignee: Apple Inc.
    Inventors: Vishnu Pillai Janardhanan Pillai, Rantao Chen, Gianpaolo Fasoli, Frederic Jacobs, Rupamay Saha, Yannick L. Sierra, Dian Wen, Ka Yang
  • Patent number: 11388597
    Abstract: Disclosed are systems and methods for authenticating a wireless module. A method comprises the steps of: (i) generating (1332), by the wireless module (112A), a first encryption value, and retrieving a unique identifier of the wireless module from memory; (ii) verifying (1334), by the wireless module, the generated first encryption value and retrieved unique identifier; (iii) sending (1336), by the wireless module, the retrieved unique identifier and a second encryption value to the gateway (110A); (iv) verifying (1338), by the gateway, the received unique identifier and second encryption value, wherein verifying the second encryption value authenticates the wireless module; (v) sending (1340), by the gateway, a third encryption value to the wireless module; and (vi) verifying (1342), by the wireless module, the received third encryption value, wherein verifying the third encryption value authenticates the gateway.
    Type: Grant
    Filed: April 12, 2017
    Date of Patent: July 12, 2022
    Assignee: SIGNIFY HOLDING B.V.
    Inventors: Zhizhong Zhang, Howard Que, Shuming Huang, Linchun Du, Junjun Zhang, Mark Henricus Verberkt
  • Patent number: 11379605
    Abstract: Systems, methods, and devices for secure view-based data sharing are disclosed. A method in accordance with embodiments disclosed herein comprises associating, by one or more processors, view privileges of a secure view with one or more of a plurality of underlying details of a share object of a first account such that each of the one or more underlying details of the share object comprises a definition of the secure view. The method further comprises: in response to receiving a request from a second account to access any underlying details of the share object, using a secure projection that does not match any rewrite rule preconditions to rewrite a query plan of the request to prevent expressions that do not originate from the secure view from being pushed down below a boundary of the secure view.
    Type: Grant
    Filed: May 27, 2021
    Date of Patent: July 5, 2022
    Assignee: SNOWFLAKE INC.
    Inventors: Allison Waingold Lee, Peter Povinec, Martin Hentschel, Robert Muglia
  • Patent number: 11356825
    Abstract: A wireless device receives, from a configurator device, a managed object that includes information indicating which of different provisioning techniques is to be used to provision the wireless device. The wireless device determines, based on the information, a particular provisioning technique of the different provisioning techniques to use.
    Type: Grant
    Filed: December 1, 2020
    Date of Patent: June 7, 2022
    Assignee: BlackBerry Limited
    Inventors: Stephen McCann, Michael Peter Montemurro
  • Patent number: 11343108
    Abstract: A system and method for the generation of composite private keys are provided. First and second bitstreams are retrieved from an addressable cryptographic table by deriving addresses in the addressable cryptographic table from an initial instruction, accessing first and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table, and outputting the first bit values as the first bitstream and the second bit values as the second bitstream. The first bitstream is concatenated with data from the first bitstream to form a data stream having a desired length and the second bitstream is concatenated with data from the second bitstream to form a selector stream having the desired length. A first composite encryption key having a length longer than the first and second bitstreams is formed by selecting values of the data stream identified by corresponding bit values of the selector stream.
    Type: Grant
    Filed: June 12, 2020
    Date of Patent: May 24, 2022
    Assignee: ARIZONA BOARD OF REGENTS ON BEHALF OF NORTHERN ARIZONA UNIVERSITY
    Inventors: Dennis D Booher, Bertrand F Cambou
  • Patent number: 11343228
    Abstract: A computer method and system for determining common network security filter settings for one or more clusters of network servers. Network traffic samples are captured which are associated with a plurality of network servers. The captured network traffic samples are collated with regards to each of the plurality of network servers. The collated network traffic is analyzed for each of the plurality of network servers for determining suggested network security filter settings for each network server. One or more clusters of network servers are determined contingent upon the determined suggested network security filter settings for each of the plurality of network servers. Common network security group filter settings are determined for each determined cluster of network servers.
    Type: Grant
    Filed: May 13, 2020
    Date of Patent: May 24, 2022
    Assignee: Arbor Networks, Inc.
    Inventors: Sean O'Hara, Alan Saqui