Patents Examined by Quazi Farooqui
  • Patent number: 10326768
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium for access control for enterprise information. In one aspect, a method includes receiving resources of an enterprise, each resource having a respective access control list specifying access privileges to the resource for one or more members, and the resources including entities related to the enterprise and relationships; identifying entity facts of the entities from the resources; determining, for each entity fact, an entity fact access control list; storing data describing the entities, entity facts and the respective entity fact access control lists, wherein each entity fact is associated with its corresponding entity fact access control list; and providing, to each of the members of the enterprise, access privileges to the data describing the entities and the entity facts according to the respective entity fact access control lists.
    Type: Grant
    Filed: May 28, 2015
    Date of Patent: June 18, 2019
    Assignee: Google LLC
    Inventors: Brent VerWeyst, Martin James Cochran, Muthian Sivathanu
  • Patent number: 10325107
    Abstract: Some embodiments of the present invention include an apparatus for securing data and include a processor, and one or more stored sequences of instructions which, when executed by the processor, cause the processor to set a data download threshold, encrypt data to be downloaded by a user based on detecting size of the data violating the download threshold such that the user receives encrypted downloaded data, and manage a decryption key used to decrypt the encrypted downloaded data. The decryption key may be deconstructed into “N” key fragments and may be reconstructed using “K” key fragments where “N” is equal to “2K?1”.
    Type: Grant
    Filed: September 23, 2015
    Date of Patent: June 18, 2019
    Assignee: salesforce.com, inc.
    Inventors: Prasad Peddada, Jeremy Horwitz
  • Patent number: 10320772
    Abstract: The present invention is directed to solve a problem that time is required for a process related to verification of a public key certificate of a message sender. An in-vehicle device mounted on a vehicle has a memory for holding information of a device which failed in verification of a public key certificate. At the time of performing communication between vehicles or between a vehicle and a roadside device, a check is made to see whether or not information of a device included in a message transmitted matches information of a device which failed and held in the memory. When the information matches, verification of a public key certificate is not performed.
    Type: Grant
    Filed: March 31, 2017
    Date of Patent: June 11, 2019
    Assignee: RENESAS ELECTRONICS CORPORATION
    Inventors: Eriko Ando, Takashi Kawauchi, Toru Owada
  • Patent number: 10313338
    Abstract: The present invention relates to an authentication method and device using a single-use password generated from iris image information. The device comprises: a terminal and a server storing, in respective memories thereof, the iris image information for authentication; a camera attached to and installed on the device to capture the iris image information for authentication; the terminal, which generates the single-use password from the iris image information acquired through the camera, and transmits the single-use password to the server; and the server, which has a built-in algorithm for comparing and determining whether or not the single-use password transmitted from the terminal matches single-use password stored in the server.
    Type: Grant
    Filed: August 23, 2011
    Date of Patent: June 4, 2019
    Assignee: IRITECH, INC.
    Inventors: Dae-hoon Kim, Hyeong-in Choi, Tuyen Nguyen, Dung Pham
  • Patent number: 10305884
    Abstract: A system and method for verifying the identity of internet hotspots, comprising a user device having a processor, memory, and radio transceiver, an internet hotspot, a wireless access point, coupled to the radio transceiver of the user device and the internet hotspot, and a program stored in the memory and adapted to run on the processor of the user device, wherein the program is configured to identify a mobile wireless access point for connection by a user, connect a user to the wireless access point through a login request, query an initial probe request for the identity of the authenticating source of the wireless access point, perform a security check on the wireless access point, verify the validity and authenticity of the wireless access point to prevent transmission of information associated with the user device, and either permit or drop the connection to the wireless access point upon verification.
    Type: Grant
    Filed: December 6, 2013
    Date of Patent: May 28, 2019
    Inventor: Mark Sauther
  • Patent number: 10282312
    Abstract: According to a first aspect of the present disclosure, an integrated circuit is provided which comprises an active shield in a first layer and at least one security-critical component in a second layer, said security-critical component being configured to generate an access key for enabling access to at least a part of said security-critical component, wherein said access key is based on an output value of the active shield. According to a second aspect of the present disclosure, a corresponding method for protecting an integrated circuit is conceived. According to a third aspect of the present disclosure, a corresponding computer program product is provided.
    Type: Grant
    Filed: September 16, 2016
    Date of Patent: May 7, 2019
    Assignee: NXP B.V.
    Inventor: Sebastien Riou
  • Patent number: 10284372
    Abstract: Processing information is disclosed including receiving an application retrieval request sent by a terminal, the application retrieval request including identifying information of the terminal, generating, based on a preset key generation technique, an encryption key based on the identifying information included in the application retrieval request, encrypting, based on the encryption key and a preset encryption technique, designated data in an application to obtain an encrypted application, and sending the encrypted application to the terminal.
    Type: Grant
    Filed: September 23, 2015
    Date of Patent: May 7, 2019
    Assignee: Alibaba Group Holding Limited
    Inventor: Jianwei Fan
  • Patent number: 10275609
    Abstract: According to the present application, systems, devices and methods for sharing media files may promote sharing of media without permitting the media to be downloaded. Such systems, devices and methods for sharing media may further enable lists of files to be shared and responses to be delivered to the media owner during playback by a user. A local device may be utilized to enable the storing and sharing of media that is hosted off the cloud. Streaming from the file sharing system or the local device is facilitated through the system.
    Type: Grant
    Filed: December 4, 2013
    Date of Patent: April 30, 2019
    Inventor: Benedict Ow
  • Patent number: 10255433
    Abstract: A system and method to monitor executing processes are disclosed. A respective starting fingerprint of memory of each executing process within at least one process is determined during a system startup phase that is prior to a device operational phase. A present fingerprint of memory of the selected executing process within the at least one process is determined during the device operational phase and while a selected executing process is executing. A difference between the respective starting fingerprint of the selected executing process and the present fingerprint of the selected executing process is determined and an indication of the difference for the selected executing process is reported based on determining the difference.
    Type: Grant
    Filed: November 6, 2015
    Date of Patent: April 9, 2019
    Assignee: BlackBerry Limited
    Inventors: Kristof Takacs, Jameson Bauer Hyde, Marek Paruzel, Ravi Singh
  • Patent number: 10255413
    Abstract: A microservice join request is received by a first microservice from a second microservice within a microservices system. The microservice join request includes microservice trust relationship information of the second microservice that defines microservice credentials and service description parameters of the second microservice. Using the microservice trust relationship information, a determination is made as to whether a consensus exists among other microservices within the microservices system that the second microservice is authorized to inter-operate within the microservices system. In response to determining that the consensus exists, validated local run-time inter-operational microservice trust relationship information is created. At least one run-time inter-operation request is received that includes a relationship trust token from the second microservice.
    Type: Grant
    Filed: February 4, 2016
    Date of Patent: April 9, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Nitin Gaur, Aaron J. Quirk
  • Patent number: 10242216
    Abstract: Database entries can be protected by indexing the entries using a plurality of indexes, each associated with a level of access rights. A level of access rights can be determined from a search query, and an index can be selected based on the determined level of access rights. A search key can be generated based on the received query, and the selected index can be searched using the search query. Database entries mapped to the values of the selected index returned in response to the search can be outputted. Each index is associated with a different granularity defining the number and/or ambiguity of search results returned in response to searching an index.
    Type: Grant
    Filed: September 6, 2017
    Date of Patent: March 26, 2019
    Assignee: Protegrity Corporation
    Inventors: Yigal Rozenberg, Ulf Mattsson
  • Patent number: 10237738
    Abstract: Methods, systems, apparatuses, and devices are described for access point privacy using media access control (MAC) address randomization. The access point may identify a MAC address for use with over-the-air (OTA) transmissions and a persistent MAC address for backend communications. The access point may communicate the OTA MAC address and the persistent MAC address to a wireless station. The access point and the wireless station may exchange data frames and perform MAC replacement techniques to map the OTA MAC address to the persistent MAC address. The persistent MAC address may provide for data routing, mobility management, etc., whereas the OTA MAC address may provide for privacy for the wireless transmissions.
    Type: Grant
    Filed: November 6, 2015
    Date of Patent: March 19, 2019
    Assignee: QUALCOMM Incorporated
    Inventors: Soo Bum Lee, Jouni Kalevi Malinen, George Cherian, Santosh Paul Abraham, Anand Palanigounder
  • Patent number: 10229067
    Abstract: A computer-implemented method according to one embodiment includes receiving a request for data, where the data is stored in a first format in a first storage area of a system, retrieving the data stored in the first format from the first storage area of the system, converting the data from the first format to a second format, and returning the data in the second format.
    Type: Grant
    Filed: February 8, 2016
    Date of Patent: March 12, 2019
    Assignee: International Business Machines Corporation
    Inventor: Glenn R. Wilcock
  • Patent number: 10216953
    Abstract: An image communication apparatus includes a storage unit including a shared address book area and an individual address book area, a communication unit configured to receive an import file including shared address book data shared among a plurality of users or private address book data limiting users who can utilize the data, and a CPU, and if the import file includes the private address book data and the shared address book area is designated as an import destination, the CPU warns the user that the private address book data may be shared and prevents the user from importing the import file.
    Type: Grant
    Filed: March 27, 2014
    Date of Patent: February 26, 2019
    Assignee: Canon Kabushiki Kaisha
    Inventor: Yasuaki Kawashima
  • Patent number: 10200351
    Abstract: The disclosure describes systems, methods and devices relating to a sign-on and management hub or service for users of multiple internal, external or Software-as-a-Service (SaaS) software applications (Apps), with options for centralized management and sharing of accounts without needing to provide login credentials to individual users.
    Type: Grant
    Filed: December 4, 2013
    Date of Patent: February 5, 2019
    Assignee: Google LLC
    Inventors: Erik Gustavson, Scott Kriz, Aaron Eisenberger, Garrett Brown, Jason Carulli, Andrew Arrow, Prashant Nadarajan, Fong Woh Fai, Chung Weng Wai, Saw Kee Wooi
  • Patent number: 10198592
    Abstract: A method for managing data by an electronic device is provided. The method includes receiving first data inputted from a user, generating second data by encrypting the first data using a public key, generating a query comprising the second data, transmitting the query to a server, receiving third data corresponding to the query from the server, generating fourth data by decrypting the third data using a secret key corresponding to the public key, and outputting the fourth data.
    Type: Grant
    Filed: January 29, 2016
    Date of Patent: February 5, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Jae-Woo Seo, Jung-Hee Cheon, Mi-Ran Kim, Myung-Sun Kim
  • Patent number: 10188134
    Abstract: A server apparatus supporting authenticated encryption in a network, comprising a receiver configured to receive an unencrypted segment, a processor configured to selecting an encryption key, an initialization vector, and an additional authentication data (AAD), encrypt the segment, configuring the segment for transfer in a Dynamic Adaptive Streaming over Hypertext Transfer Protocol (HTTP) (DASH) media, assign a segment number to the encrypted segment, append an authentication tag to the encrypted segment, store the encrypted segment with the appended authentication tag, and update a Media Presentation Description (MPD) associated with the encrypted segment with the appended authentication tag, wherein the MPD comprises an @aadBase attribute with an AAD base value, wherein the AAD value is the sum of the segment number and the @aadBase attribute value, and a transmitter configured to transmit the encrypted segment with the appended authentication tag to a destination.
    Type: Grant
    Filed: October 23, 2015
    Date of Patent: January 29, 2019
    Assignee: FUTUREWEI TECHNOLOGIES, INC.
    Inventor: Alexander Giladi
  • Patent number: 10181056
    Abstract: The present invention discloses a display method and an electronic device. The method is applicable to an electronic device, the electronic device is capable of data transmission with a display device, the electronic device includes a first display unit, and the display device includes a second display unit; and the method includes: when the electronic device obtains information needing to be displayed, determining whether the information needing to be displayed is private information and generating a first determination result; in a case that the information needing to be displayed is private information, transmitting the information needing to be displayed to the first display unit only; and in a case that the information needing to be displayed is not private information, transmitting the information needing to be displayed at least to a second display unit.
    Type: Grant
    Filed: March 31, 2014
    Date of Patent: January 15, 2019
    Assignees: Beijing Lenovo Software Ltd., Lenovo (Beijing) Co., Ltd.
    Inventors: Feng Gao, Naibo Hong, Yanjun Tian
  • Patent number: 10158485
    Abstract: A processing system includes a memory and a cryptographic accelerator module operatively coupled to the memory, the cryptographic accelerator module employed to implement a byte substitute operation by performing: a first mapped affine transformation of an input bit sequence to produce a first intermediate bit sequence, an inverse transformation of the first intermediate bit sequence to produce a second intermediate bit sequence, and a second mapped affine transformation of the second intermediate bit sequence to produce an output bit sequence.
    Type: Grant
    Filed: September 24, 2015
    Date of Patent: December 18, 2018
    Assignee: Intel Corporation
    Inventors: Sudhir K. Satpathy, Sanu K. Mathew, Vinodh Gopal, Kirk S. Yap
  • Patent number: 10154025
    Abstract: One embodiment of seamless device configuration between a network device and an access point sends a device credential associated with the network device to the access point before the network device communicates with the access point. The device credential can be used to verify the identity of the network device and can authenticate the network device with the access point without requiring user interaction. Another embodiment can incorporate a central authority maintaining a database of network devices, access points and associated users. The central authority can determine when one or more network devices can seamlessly be configured for use with a particular access point. The central authority can send the device credential associated with the one or more network devices to the access point before the network device communicates with the access point.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: December 11, 2018
    Assignee: QUALCOMM Incorporated
    Inventors: Peerapol Tinnakornsrisuphap, Olivier Jean Benoit, Rajesh Kumar