Patents Examined by Samuel Ambaye
  • Patent number: 10354074
    Abstract: In an example embodiment, a system analyzes a set of computer routines. The system may perform an analysis including a determination of a likelihood of vulnerability to unexpected behavior for one or more computer routines of the set. Based upon the analysis, the system may identify one or more computer routines of the set having the likelihood of vulnerability. The system may asynchronously and dynamically manipulate at least one of the one or more computer routines through a testing technique. The system may determine unexpected behavior of at least one of the one or more computer routines.
    Type: Grant
    Filed: June 24, 2015
    Date of Patent: July 16, 2019
    Assignee: VIRSEC SYSTEMS, INC.
    Inventor: Satya Vrat Gupta
  • Patent number: 10349274
    Abstract: Aspects of the subject matter described herein relate to a simplified login for mobile devices. In aspects, on a first logon, a mobile device asks a user to enter credentials and a PIN. The credentials and PIN are sent to a server which validates user credentials. If the user credentials are valid, the server encrypts data that includes at least the user credentials and the PIN and sends the encrypted data to the mobile device. In subsequent logons, the user may logon using only the PIN. During login, the mobile device sends the PIN in conjunction with the encrypted data. The server can then decrypt the data and compare the received PIN with the decrypted PIN. If the PINs are equal, the server may grant access to a resource according to the credentials.
    Type: Grant
    Filed: November 27, 2017
    Date of Patent: July 9, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Meir Mendelovich, John Neystadt, Ken Aoyama, Nir Nice, Shay Yehuda Gurman
  • Patent number: 10346640
    Abstract: A system for anonymizing and aggregating protected information (PI) from a plurality of data sources includes a master index server coupled to a data repository. The master index server receives an anonymized records associated with an individual from a plurality of data hashing appliances. The system includes a cluster matching engine that applies a plurality of rules to hashed data elements of the received record for comparing hashed data elements of the record with hashed data elements of a plurality of clusters of anonymized records associated with different individuals stored in the data repository to determine whether the individual associated with the received record corresponds to an individual associated with one of the clusters of anonymized records. When a match is found, the cluster matching engine adds the received record to the cluster of anonymized records associated with that individual.
    Type: Grant
    Filed: November 3, 2017
    Date of Patent: July 9, 2019
    Inventors: Cecil O'Dell Lynch, Dennis James Carroll, Andrew John Truscott, German Acuna
  • Patent number: 10321316
    Abstract: Systems and methods for device-agnostic, multi-factor network authentication are disclosed. In some embodiments, a wireless network connection can authenticate a device over secure authentication means with a certificate that confirms a device identity. After authenticating the device, a user can be prompted to provide credentials in a captive portal. The captive portal can be inaccessible to devices that have not already authenticated using a certificate. After providing approved credentials to the captive portal, the user can access the network. This embodiment and additional embodiments are readily integrated into private wireless networks and others.
    Type: Grant
    Filed: April 19, 2018
    Date of Patent: June 11, 2019
    Assignee: WELLS FARGO BANK, N.A.
    Inventors: Lawrence T. Belton, Jr., Brian Beaty, Timothy H. Morris, Douglas S. Rodgers, Lynn Allen Smith
  • Patent number: 10318765
    Abstract: A system and method for securing a hypervisor and operating systems that execute on a computing device. An encrypted hypervisor is uploaded to a hardware chip. Prior to being executed, the hypervisor is decrypted using a secure security processor and stored in an on-chip memory. When a processor on the hardware chip executes the hypervisor, at least one on-chip component continuously authenticates the hypervisor during execution. A hypervisor configures a processor with access rights associated with an operating system, where the access rights determine access of the operating system to an at least one resource. A transaction filter then uses the access rights associated with the operating system to monitor the access of the operating system to the at least one resource in real-time as the operating system executes on a processor.
    Type: Grant
    Filed: October 31, 2014
    Date of Patent: June 11, 2019
    Assignee: Avago Technologies International Sales Pte. Limited
    Inventors: Stephane Rodgers, Shashank Shekhar, Flaviu Dorin Turean
  • Patent number: 10311347
    Abstract: A network connected secure system for validating electronic certificate codes. The network connected secure computing system is coupled to a network for access by a plurality of users at a plurality of user devices. The system includes a database to store information including at least user accounts, electronic certificates associated with the user accounts, and electronic certificate codes associated with the electronic certificates. The system also includes a downloadable mobile software application. The system is configured to validate the downloaded mobile software application, provide one or more electronic certificates and one or more electronic certificate codes for display at the user devices.
    Type: Grant
    Filed: May 9, 2016
    Date of Patent: June 4, 2019
    Inventors: Mokhtar Ramadan, Peter T. Gorla, Khaled Aboudan, Abed Chawa
  • Patent number: 10306443
    Abstract: In one aspect, a device includes a processor and a memory accessible to the processor. The memory bears instructions executable by the processor to receive at least a first Bluetooth low energy (BLE) signal from a BLE beacon and enable a first function of the first device at least in part in based on receipt of the first BLE signal.
    Type: Grant
    Filed: September 1, 2015
    Date of Patent: May 28, 2019
    Assignee: Lenovo (Singapore) Pte. Ltd.
    Inventors: David Rivera, Peter Hamilton Wetsel, Philip John Jakes, Daniel Justin Hebel, Joseph Nicholas Laltrello
  • Patent number: 10298600
    Abstract: The present disclosure provides a method, an apparatus, and a system for cooperative defense on a network. Alarm information sent by a security device of a first subnet that is being attacked is received by a controller; the controller generates flow table information according to the alarm information, and forwards the flow table information to a switching device of the first subnet and a switching device of at least one second subnet, which is equivalent to that, after detecting an attack, a security device of a subnet generates alarm information, and shares, by using the controller, the alarm information with a switching device of the subnet and a switching device of another subnet that is not being attacked, to form networkwide cooperative defense, thereby enhancing network security.
    Type: Grant
    Filed: December 31, 2015
    Date of Patent: May 21, 2019
    Inventors: Jinming Li, Donghui Wang
  • Patent number: 10298599
    Abstract: In an embodiment, a computer system is configured to improve security of server computers interacting with client computers through an intermediary computer, and comprising: a memory comprising processor logic; one or more processors coupled to the memory, wherein the one or more processors execute the processor logic, which causes the one or more processors to: intercept, from a server computer, one or more original instructions to be sent to a browser being executed on a client computer; inject, into the one or more original instructions, one or more browser detection instructions, which when executed cause one or more operations to be performed by an execution environment on the client computer and send a result that represents an internal state of the execution environment after performing the one or more operations to the intermediary computer; send the one or more original instructions with the one or more browser detection instructions to the browser; receive the result and determine whether the browse
    Type: Grant
    Filed: September 18, 2015
    Date of Patent: May 21, 2019
    Assignee: SHAPE SECURITY, INC.
    Inventors: Bei Zhang, Sergey Shekyan
  • Patent number: 10282560
    Abstract: A security code input may be obfuscated from a thermal imaging device by randomly heating a random set of inputs of an input device. The security code is inputted on an input device, which communicates with a security system to grant or deny access to a user based on an entry of the security code. The input device includes a plurality of hearing elements. The input device may receive an input from the user. A random set of heating elements including one or more heating elements, are generated from the plurality of heating elements. A temperature is determined for the one or more heating elements of the random set of heating elements. The temperature is then applied to the one or more heating elements of the random set of heating elements of the input device.
    Type: Grant
    Filed: August 26, 2015
    Date of Patent: May 7, 2019
    Assignee: International Business Machines Corporation
    Inventor: Brendan Murray
  • Patent number: 10277604
    Abstract: Techniques described herein relate to analyzing executions of content resources within networks of execution client devices, and selecting sets of interactive content resources for execution on particular execution devices based on such analyses. Content resource execution data may be received from various execution client devices on which content resources have been executed and provided to end users. Such data may be analyzed to determine correlations between a first content executor and additional content executors based on the their respective content resource execution data, and the content resource execution data of correlated content executors may be aggregated and analyzed to select particular interactive content resources for the first content executor. Such selections may be provided to first content executor during a content execution session following an authenticated login by the first content executor.
    Type: Grant
    Filed: March 30, 2017
    Date of Patent: April 30, 2019
    Assignee: Pearson Education, Inc.
    Inventors: Anthony Brandon Ross, Xingyu Pan, Stuart Red, Subhodip Biswas
  • Patent number: 10277570
    Abstract: A communication apparatus includes a holding unit, an updating unit, an authentication unit, a mode controller, and a mode acquisition unit. The holding unit holds configuration information used to control the communication apparatus. The updating unit updates the configuration information held in the holding unit with occasional configuration information. The authentication unit performs user authentication in communication with the external apparatus. The mode controller controls the mode of the communication apparatus. The mode acquisition unit acquires the mode of the communication apparatus controlled by the mode controller. The configuration information includes an account configuration used for the authentication unit. Depending on a result of acquisition performed by the mode acquisition unit, the updating unit does not update, with the occasional configuration information, at least part of the account configuration included in the configuration information held in the holding unit.
    Type: Grant
    Filed: January 22, 2016
    Date of Patent: April 30, 2019
    Assignee: Canon Kabushiki Kaisha
    Inventor: Shinjiro Takami
  • Patent number: 10264459
    Abstract: An automobile device transmits data to a server in a communication network. The automobile device records the data received from one or more transmitters located in an automobile. The automobile device transmits a random access preamble on an uplink carrier to a base station when a pre-defined condition is met. The automobile device encrypts the data and transmits the encrypted data to a server via a base station.
    Type: Grant
    Filed: December 4, 2017
    Date of Patent: April 16, 2019
    Assignee: Ofinno Technologies, LLC
    Inventor: Esmael Hejazi Dinan
  • Patent number: 10263994
    Abstract: Systems and methods are described for delegating permissions to enable account access to entities not directly associated with the account. The systems determine a delegation profile associated with a secured account of at least one customer. The delegation profile includes a name, a validation policy that specifies principals which may be external to the account and which are permitted to assume the delegation profile, and an authorization policy that indicates the permitted actions within the account for those principals which are acting within the delegation profile. Once the delegation profile is created, it can be provided to external principals or services. These external principals or services can use the delegation profile to obtain credentials for performing various actions in the account using the credentials of the delegation profile.
    Type: Grant
    Filed: August 3, 2015
    Date of Patent: April 16, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Gregory B Roth, Bradley Jeffery Behm
  • Patent number: 10250522
    Abstract: A system for performing distributed computing. The system comprises a plurality of compute node resources for performing computations for the distributed computing, a management resource for managing each of the compute node resources in the plurality, and a virtual cloud network. The management resource and the plurality of compute node resources are interconnected via the virtual cloud network.
    Type: Grant
    Filed: September 20, 2017
    Date of Patent: April 2, 2019
    Inventor: Neil Anderson
  • Patent number: 10229277
    Abstract: According to an embodiment, a code processing apparatus includes a determining unit, a concealing unit, an instructing unit, and an unconcealing unit. The determining unit is configured to determine, based on relocation information included in first code data that includes a code body and relocation information representing a portion of the code body to be relocated by a linker, a first portion including at least a part of the code body that is other than the portion. The concealing unit is configured to conceal the first portion. The instructing unit is configured to instruct the linker to process the first code data having the first portion concealed. The unconcealing unit is configured to unconceal the concealed portion of second code data that is generated from the first code data by the linker.
    Type: Grant
    Filed: September 8, 2015
    Date of Patent: March 12, 2019
    Assignees: Kabushiki Kaisha Toshiba, TOSHIBA SOLUTIONS CORPORATION
    Inventors: Yurie Shinke, Fukutomo Nakanishi, Hiroyoshi Haruki, Mikio Hashimoto, Fumihiko Sano
  • Patent number: 10225265
    Abstract: Systems and methods for end to end encryption are provided. In example embodiments, a computer accesses an image including a geometric shape. The computer determines that the accessed image includes a candidate shape inside the geometric shape. The computer determines, using the candidate shape, an orientation of the geometric shape. The computer determines a public key of a communication partner device by decoding, based on the determined orientation, data encoded within the geometric shape. The computer receives a message. The computer verifies, based on the public key of the communication partner device, whether the message is from the communication partner device. The computer provides an output including the message and an indication of the communication partner device if the message is verified to be from the communication partner device. The computer provides an output indicating an error if the message is not verified to be from the communication partner device.
    Type: Grant
    Filed: April 15, 2016
    Date of Patent: March 5, 2019
    Assignee: Snap Inc.
    Inventor: Subhash Sankuratripati
  • Patent number: 10223547
    Abstract: One embodiment provides a system for noise addition to enforce data privacy protection in a star network. In operation, participants may add a noise component to a dataset. An aggregator may receive the noise components from the plurality of participants, compute an overall noise term based on the received noise components, and aggregate values using the noise components and overall noise term.
    Type: Grant
    Filed: October 11, 2016
    Date of Patent: March 5, 2019
    Inventors: Shantanu Rane, Vincent Bindschaedler, Alejandro E. Brito, Ersin Uzun, Vanishree Rao
  • Patent number: 10210325
    Abstract: A system that includes a vault management console configured to determine a measurement request for virtual machine operating characteristics metadata. The system further includes a guest virtual machine that includes virtual machine measurement points and a hypervisor control point. The system further includes a hypervisor associated with the guest virtual machine that is configured to communicate the measurement request to the hypervisor control point. The hypervisor is further configured to receive a packet with the virtual machine operating characteristics metadata and to communicate the packet to the virtual vault machine. The hypervisor device driver is configured to receive the packet from the hypervisor and to communicate the virtual machine operating characteristics to an analysis tool.
    Type: Grant
    Filed: May 31, 2016
    Date of Patent: February 19, 2019
    Assignee: Armor Defense Inc.
    Inventors: Jeffery Ray Schilling, Chase Cooper Cunningham, Tawfiq Mohan Shah, Srujan Das Kotikela
  • Patent number: 10205741
    Abstract: A method and an apparatus enabling browsers to perform security scan of devices is described. The method includes receiving a device scan request triggered when a device scan function in a browser is selected by a user. The method further includes injecting a pre-defined device scan program into an engine of the browser according to the received device scan request, running the device scan program, and displaying a scan result on a scan result displaying interface of the browser. A security scan in the prevalent browser application adds different functions to the browser and exempts users from downloading dedicated device checking and management software.
    Type: Grant
    Filed: June 4, 2015
    Date of Patent: February 12, 2019
    Assignee: Tencent Technology (Shenzhen) Company Limited
    Inventors: Yong Tao, Sha Mo