Abstract: A method for operating an apparatus according to various embodiments may comprise the operations of: detecting whether a first signal transmitted from a control device to a storage device includes a designated address; and transmitting a second signal to the control device if the first signal includes the designated address, wherein the first signal may be a signal for transmitting, by the control device, a request for data to the storage device, and the second signal may be a signal for detecting whether uncommon data is included in a signal generated from the first signal.
Type:
Grant
Filed:
October 31, 2016
Date of Patent:
September 21, 2021
Inventors:
Byoungik Kang, Minsoo Kim, Wonjin Kim, Philkoo Yeo, Sangchul Jung, Taedong Jung
Abstract: Systems and methods for end to end encryption are provided. In example embodiments, a computer accesses an image including a geometric shape. The computer determines that the accessed image includes a candidate shape inside the geometric shape. The computer determines, using the candidate shape, an orientation of the geometric shape. The computer determines a public key of a communication partner device by decoding, based on the determined orientation, data encoded within the geometric shape. The computer receives a message. The computer verifies, based on the public key of the communication partner device, whether the message is from the communication partner device. The computer provides an output including the message and an indication of the communication partner device if the message is verified to be from the communication partner device. The computer provides an output indicating an error if the message is not verified to be from the communication partner device.
Abstract: Examples discussed herein disclose, among other things, a method. The method includes, among other things, obtaining a plaintext, obtaining a key from a plurality of keys, and determining whether the plaintext is longer than a predefined threshold length. If the plaintext is longer than the predefined threshold length, the method may encrypt the plaintext with the key to generate a first ciphertext having a length of the plaintext, where the character at a predefined position within the first ciphertext belongs to a first subset of characters. And if the plaintext is not longer than the predefined threshold length, the method may encrypt the plaintext with the key to generate a second ciphertext, which is longer than the plaintext, where the character at the same predefined position in the second ciphertext belongs to a second subset of characters.
Abstract: In an example embodiment, a system analyzes a set of computer routines. The system may perform an analysis including a determination of a likelihood of vulnerability to unexpected behavior for one or more computer routines of the set. Based upon the analysis, the system may identify one or more computer routines of the set having the likelihood of vulnerability. The system may asynchronously and dynamically manipulate at least one of the one or more computer routines through a testing technique. The system may determine unexpected behavior of at least one of the one or more computer routines.
Abstract: Systems, methods, and processing devices for aiding with cyber intrusion investigations that includes capabilities for extracting data from a specified range of a volatile memory of a target processing device, reconstructing data structures and artifacts from the extracted data; and generating and presenting a visualization of the reconstructed data structures and the reconstructed artifacts.
Type:
Grant
Filed:
August 18, 2016
Date of Patent:
August 17, 2021
Assignee:
Volexity, Inc.
Inventors:
Aaron Walters, Michael Ligh, Steven Adair
Abstract: Systems, apparatuses, methods, and computer program products are disclosed for generating behavioral attribute data structures. An example method includes generating a video data structure comprising a video stream captured over a duration of time. The example method further includes generating a sensor data structure comprising a set of sensor data captured over the duration of time and stored in temporal relation to the video stream. The example method further includes generating, based on the video data structure, a biometric attribute data structure comprising a set of biometric attributes of the user derived from the video stream. Subsequently, the example method includes generating, based on the sensor data structure and the biometric attribute data structure, a behavioral attribute data structure comprising a set of behavioral attributes of the user derived from the set of sensor data.
Abstract: Systems and methods for tiered connection pooling are disclosed herein, which may be used in a method of fulfilling user requests in an enterprise computing system. The method involving generating, by a processing unit, a first connection pool comprising one or more previously used authenticated connections with a resource; generating, by the processing unit, a second connection pool comprising one or more unused authenticated connections with the resource; and generating, by the processing unit, a third connection pool comprising one or more unauthenticated connections with the resource; receiving, by the processing unit, a request from the user device to access the resource, the resource requiring authentication for access; and fulfilling, by the processing unit, the request based on a connection from the first, second, or third connection pool.
Abstract: Embodiments of system and methods for providing centralized management of a software defined automation (“SDA”) system are disclosed. The SDA system comprises of a collection of controller nodes and logically centralized and yet physically distributed collection of compute nodes by monitoring activities of the compute nodes. In accordance with some embodiments, one or more components of the system monitor execution, network and security environments of the system to detect an event in a first environment. In response to the detected event, at least one component in the first environment is remediated, the remediation of the first environment creating a trigger to cause remediation of at least one component in each of a second and third environments.
Type:
Grant
Filed:
October 12, 2016
Date of Patent:
August 3, 2021
Assignee:
Schneider Electric Industries SAS
Inventors:
Antonio Chauvet, Philippe Wilhelm, Merrill Harriman, Eric Alfano, Alen Mehmedagic, Andrew Lee David Kling, David Doggett, Vijay Vallala
Abstract: Disclosed are various embodiments for an authentication manager. In one embodiment, the authentication manager performs an identity verification on a network site. The authentication manager determines that a particular portable data store is present in the client computing device, and then reads a security credential from the particular portable data store. The authentication manager automatically sends data encoding the security credential to the network site.
Abstract: A communication method of an electronic device may comprise: a step of wirelessly outputting an advertisement signal at predetermined time intervals when power is supplied; a step of acquiring access information of an access repeater from an external device while outputting the advertisement signal; a step of stopping the output of the advertisement signal and accessing the access repeater on the basis of the access information of the access repeater when the access information of the access repeater is acquired; and a step of stopping the output of the advertisement signal if an elapsed time after the power is supplied is greater than a predetermined reference time.
Abstract: A system and method for international biometric identity verification between two countries; without transferring biometric information between the two countries. The system and method will replace the traditional approach of identification of uniforms and identification cards, which are easily compromised, into a secure approach of leveraging biometric information through a person's identity. This system and method are consistent with the policy of not sharing any biometric information relating to verification of identification of individuals with other countries.
Abstract: In one example in accordance with the present disclosure, a method may receiving a plaintext to be encrypted. The plaintext may include a first block, a second block and a third block. The method may include generating a preliminary ciphertext based on the first block and the second block and generating, using an encryption key, a first ciphertext using an encryption operation receiving the third block and the preliminary ciphertext as inputs. The method may also include generating, using the encryption key, a first finalized ciphertext using the encryption operation receiving the first block and the first ciphertext as inputs and generating, using the encryption key, a second finalized ciphertext using the encryption operation receiving the second block and the first finalized ciphertext as inputs.
Type:
Grant
Filed:
March 24, 2016
Date of Patent:
July 20, 2021
Assignee:
Hewlett Packard Enterprise Development LP
Abstract: A system increases security for personal devices. An authenticating authority receives an authentication request from a personal device. The authenticating authority obtains a current location of the personal device from a location server, where the location server transmits the current location to the authenticating authority. The location server receives location information associated with the personal device, where the location information is transmitted to the location server by a location updating daemon running on the personal device. The authenticating authority compares the current location received from the location server to a zone associated with the personal device to determine processing of the authentication request. The zone is retained by the authenticating authority.
Type:
Grant
Filed:
March 30, 2017
Date of Patent:
July 13, 2021
Assignee:
International Business Machines Corporation
Inventors:
Joseph Celi, Jr., Miriam Margarita Celi
Abstract: It is provided a method performed in a gateway and comprises the steps of: receiving a first client request from the client device, the first client request comprising a first fully qualified domain name, FQDN; transmitting a gateway request to the application server; receiving an application server response from the application server, the application server response indicating a need to provide authentication; generating a second FQDN, based on the first FQDN and an identifier of the client device; generating a client specific shared key based on the second FQDN and a shared key; generating a redirect message comprising the second FQDN, an authentication request, a context identifier and the client specific shared key; transmitting the redirect message to the client device; receiving a second client request from the client device; and generating an authentication response in case the second client request fails to comprise an authentication response.
Type:
Grant
Filed:
September 11, 2015
Date of Patent:
July 13, 2021
Assignee:
TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
Inventors:
Patrik Salmela, Mohit Sethi, Kristian Slavov
Abstract: Example implementations relate to attestation. For example, in an implementation, a target device attestation request is transmitted to a target device, where the target device attestation request includes an identity-based encryption (IBE) ciphertext and a retrieval index. The ciphertext is a nonce encrypted using a trusted platform module (TPM) public key together with an IBE public key. The TPM public key is retrieved from a TPM of the target device, and the IBE public key is an expected value presumed to be stored at the TPM.
Type:
Grant
Filed:
January 29, 2016
Date of Patent:
June 29, 2021
Assignee:
Hewlett Packard Enterprise Development LP
Abstract: Embodiments of an authentication system and a method for authentication using ciphers are described. In the system and method, cryptographic calculations of an encryption algorithm are executed at a base station, in a determined secure environment, to produce a pre-calculated cipher for a subsequent authentication process. The pre-calculated cipher is then used to transmit an authentication request message from the base station and validation of an authentication response message for the subsequent authentication.
Abstract: A security code input may be obfuscated from a thermal imaging device by randomly heating a random set of inputs of an input device. The security code is inputted on an input device, which communicates with a security system to grant or deny access to a user based on an entry of the security code. The input device includes a plurality of hearing elements. The input device may receive an input from the user. A random set of heating elements including one or more heating elements, are generated from the plurality of heating elements. A temperature is determined for the one or more heating elements of the random set of heating elements. The temperature is then applied to the one or more heating elements of the random set of heating elements of the input device.
Type:
Grant
Filed:
April 9, 2019
Date of Patent:
May 18, 2021
Assignee:
International Business Machines Corporation
Abstract: Techniques described herein relate to analyzing executions of content resources within networks of execution client devices, and selecting sets of interactive content resources for execution on particular execution devices based on such analyses. Content resource execution data may be received from various execution client devices on which content resources have been executed and provided to end users. Such data may be analyzed to determine correlations between a first content executor and additional content executors based on the their respective content resource execution data, and the content resource execution data of correlated content executors may be aggregated and analyzed to select particular interactive content resources for the first content executor. Such selections may be provided to first content executor during a content execution session following an authenticated login by the first content executor.
Type:
Grant
Filed:
March 11, 2019
Date of Patent:
May 11, 2021
Assignee:
PEARSON EDUCATION, INC.
Inventors:
Anthony Brandon Ross, Xingyu Pan, Stuart Red, Subhodip Biswas
Abstract: Communication bus enable devices to communicate and exchange information and control signals. There is a growing concern over the security of such types of buses. Since any device can transmit any message, and device on the bus which can be compromised poses a threat for the bus. Described is a system to authenticate the source of messages from various devices on a communication bus.
Type:
Grant
Filed:
July 11, 2018
Date of Patent:
April 6, 2021
Assignee:
Sital Technology And Hardware Engineering (1997) Ltd.