Patents Examined by Sarah Su
  • Patent number: 10135618
    Abstract: Method for using dynamic Public Key Infrastructure to send and receive encrypted messages between software applications.
    Type: Grant
    Filed: March 25, 2016
    Date of Patent: November 20, 2018
    Assignees: Synergex Group (corp.), Pham Holdings, Inc. (corp.)
    Inventor: Thien Van Pham
  • Patent number: 10135843
    Abstract: The present disclosure discloses a system and method for dynamically modifying role based access control for a client based on the activity. Generally, a client device is granted access to a network resource based on a first reputation score assigned to the client device. The activity of the client device is monitored. Responsive to monitoring the activity of the client device, a second reputation score is determined for the client device based on the activity. The access by the client device to the network resource is then modified to be granted based on the second reputation score.
    Type: Grant
    Filed: November 21, 2017
    Date of Patent: November 20, 2018
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Ramesh Ardeli, Hari Krishna Kurmala
  • Patent number: 10122715
    Abstract: In one embodiment, a network element comprises one or more processors, and a memory module communicatively coupled to the processor. The memory module comprises logic instructions which, when executed by the processor, configure the processor to receive, via a first communication channel, a primary authentication request transmitted from a user from a first device, process the primary authentication request to determine whether the user is authorized to access one or more resources, in response to a determination that the user is authorized to access one or more resources, initiate, a secondary authentication request, and transmit the secondary authentication request from the network element to the user via a second communication channel, different from the first communication channel.
    Type: Grant
    Filed: November 28, 2016
    Date of Patent: November 6, 2018
    Assignee: Microsoft Technology Licensing, LLC
    Inventor: Stephen T. Dispensa
  • Patent number: 10111089
    Abstract: The present disclosure relates to a pre-5th-Generation (5G) or 5G communication system to be provided for supporting higher data rates beyond 4th-Generation (4G) communication system such as Long Term Evolution (LTE). A method for downloading profiles in a terminal in a wireless communication system include generating and storing an encryption key at a time point, loading the stored encryption key, when receiving profile download start information from a profile providing server, and downloading an encrypted profile for the electronic device from the profile providing server, via the loaded encryption key, and installing the encrypted profile in the electronic device.
    Type: Grant
    Filed: April 8, 2016
    Date of Patent: October 23, 2018
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Jonghan Park, Duckey Lee, Taesun Yeom, Sangsoo Lee
  • Patent number: 10102385
    Abstract: A method for concealing sensitive information on a portable device via a steganographic image is disclosed. The portable device can be in the form of a card such as a driver's license or credit card and the hidden information may include a person's name or account number.
    Type: Grant
    Filed: February 18, 2016
    Date of Patent: October 16, 2018
    Inventor: Cesar Otero
  • Patent number: 10097525
    Abstract: Apparatus, system and method for authenticating a device for secure network communication. Identification data is configured as a hash of a public key for identifying at least one of the device and/or a user associated with the device. An Internet Protocol (IP) message may be generated, wherein an IP source address in the IP message includes the identification data. The device may register with a server by transmitting the IP message and the public key and subsequently generate and transmit a second IP message, wherein an IP source address of the second IP message includes the identification data. The server may issue a challenge to the device in response to the second IP message, wherein the challenge is based at least in part on the identification data. After receiving the challenge, the device may transmit response data to the server for authenticating the device for secure network communication.
    Type: Grant
    Filed: March 8, 2016
    Date of Patent: October 9, 2018
    Assignee: QUALCOMM Incorporated
    Inventors: Jeffree Froelicher, Darrell Carbajal
  • Patent number: 10097519
    Abstract: Methods and systems are provided for selectable data transmissions. An electronic key may be assigned to authenticated data associated with a particular user, electronic data may be encrypted, using at least part of the electronic key, to generate encrypted data, and a program code that must be executed to decrypt the encrypted data may be incorporating into the encrypted data. The encrypted data may be transmitted to a communications terminal identified by the user, and at least part of the electronic key may be transmitted to the communications terminal to cause decrypting the encrypted data using the at least part of the electronic key. The program code may be configured to cause checking one or more validation criteria associated with the encrypted data, at the communications terminal, during execution of the program code.
    Type: Grant
    Filed: October 24, 2016
    Date of Patent: October 9, 2018
    Assignee: SWISSCOM AG
    Inventors: Marc Danzeisen, Simon Winiker, Jan Linder, Florian Baumgartner
  • Patent number: 10097587
    Abstract: A network environment includes a wireless access point providing access to a corresponding network. One or more mobile communication devices communicate with the wireless access point to access the network. In response to receiving a request from a mobile communication device to establish the wireless communication link, the wireless access point conveys communications between the mobile communication device and a remote server to authenticate the mobile communication device. During authentication, the wireless access point receives a policy assigned to the mobile communication device. The policy specifies how to route subsequent received data traffic from the mobile communication device. Subsequent to authentication, the wireless access point routes the subsequent data traffic received from the mobile communication device in accordance with the received policy.
    Type: Grant
    Filed: November 15, 2016
    Date of Patent: October 9, 2018
    Assignee: Time Warner Cable Enterprises LLC
    Inventors: Arun Manroa, Qiang Zhang
  • Patent number: 10057218
    Abstract: A system for encrypting data and transferring or storing data securely may include a computing device including an encryptor configured to generate an encryption key from a network resource and encrypt data using the encryption key to generate encrypted data, and a decryptor configured to generate a decryption key from the network resource and decrypt the encrypted data to generate the non-encrypted data.
    Type: Grant
    Filed: July 28, 2014
    Date of Patent: August 21, 2018
    Assignee: The Boeing Company
    Inventor: Wayne R. Howe
  • Patent number: 10051059
    Abstract: Methods and apparatus to control communications of endpoints in an industrial enterprise system based on integrity are disclosed. An example apparatus includes an integrity measurement comparator to compare an integrity measurement to a reference value. The integrity measurement is generated by an endpoint in a network of an industrial enterprise system based on a state of the endpoint. The reference value corresponds to a trusted state of the endpoint. The example apparatus also includes an authorization controller to enable communications access for the endpoint on the network based on the comparison of the integrity measurement to the reference value.
    Type: Grant
    Filed: June 5, 2015
    Date of Patent: August 14, 2018
    Inventor: Robert A. Mixer
  • Patent number: 10038672
    Abstract: A system for generating virtual private network (VPN) sessions from VPN server log messages uses and displays a VPN sessions table in which each row contains attributes of a corresponding VPN session. Processing of a log message causes a session to be generated when there is no ACTIVE session in the table for a username extracted from a log message. A time extracted from the log message is stored as the session start time and as a temporary end time associated with the session. If a gap between a temporary end time and a time extracted from a log message for the associated ACTIVE session is less than a threshold amount, the temporary end time is set to the extracted time. If the gap is equal to or exceeds the threshold, the status of the session is changed from ACTIVE to CLOSED, and a new ACTIVE session is generated.
    Type: Grant
    Filed: March 29, 2016
    Date of Patent: July 31, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Kineret Raviv, Carmit Sahar, Eyal Kolman
  • Patent number: 10038673
    Abstract: A system and method for tunneling through a network separation device such as a firewall or a Network Address Translator including a first server receiving an access request from a client device to communicate with a host device, where the host device is behind the network separation device. The first server sending a message to a second server in response to receiving the access request, the message including host data for the host device. The second server is configured to send a notification to the host device, and the notification includes instructions for the host device to initialize a pass-through channel with the first server. The first server receiving a pass-through initialization request from the host device and establishing the pass-through channel for communication between the client device and the host device in response to receiving the pass-through initialization request.
    Type: Grant
    Filed: November 16, 2016
    Date of Patent: July 31, 2018
    Assignee: Progress Software Corporation
    Inventors: John Alan Hensley, Robert Fischer
  • Patent number: 10037432
    Abstract: One embodiment provides a method including: obtaining, using a processor, at least one file; accessing, using a processor, context data associated with the at least one file; evaluating, using a processor, the context data associated with the at least one file against a rule set, wherein the rule set comprises information regarding file security settings; and automatically implementing, using a processor, a file security setting for the at least one file based upon the comparing. Other aspects are described and claimed.
    Type: Grant
    Filed: February 27, 2015
    Date of Patent: July 31, 2018
    Assignee: Lenovo (Singapore) Pte. Ltd.
    Inventors: Goran Hans Wibran, Richard Wayne Cheston, Russell Speight VanBlon, David Rivera
  • Patent number: 10033701
    Abstract: A server is operated to securely convey information to a user via a network by receiving, from the user, a user selected presentation form representing one of a user selected specific voice and a user selected specific background image. Information for presentation to the user is received from another user and incorporated into the user selected presentation form. The information incorporated in the user selected presentation form is transmitted to the user via the network for presentation to the user.
    Type: Grant
    Filed: October 10, 2013
    Date of Patent: July 24, 2018
    Assignee: Early Warning Services, LLC
    Inventor: Andrew Robert Rolfe
  • Patent number: 10027650
    Abstract: Systems and method are provided in accordance with one or more processes that run within an operating system, in which a first process of the one or more processes is an agent that encodes instructions for obtaining an authentication token uniquely associated with the agent. The agent collects security information about a first computer system running the one or more processes according to one or more commands received from a remote security system. The collected information is transmitted to the remote security system on an encrypted communication channel between the agent and the remote security system using the authentication token. Executable instructions are received through the encrypted communication channel at the first computer from the remote server according to a security policy assigned to the agent. The received executable instructions are executed at the first computer system, thereby implementing the assigned security policy.
    Type: Grant
    Filed: May 13, 2016
    Date of Patent: July 17, 2018
    Assignee: CloudPassage, Inc.
    Inventors: Carson Sweet, Vitaliy Geraymovych
  • Patent number: 10021089
    Abstract: Mechanisms and techniques for customized user validation. A login attempt is received from a remote electronic device with one or more computing devices that provide access to one or more resources. The login attempt is analyzed to determine a profile from a plurality of profiles corresponding to the login attempt. The one or more computing devices support the plurality profiles with each profile having a corresponding flow. The flow corresponding to the profile is performed prior to allowing continuation of the login attempt. The login attempt is continued, via the one or more computing devices, after the flow corresponding to the profile is completed. Access is granted to the one or more resources, via the one or more computing devices, in response to a successful completion of the login attempt.
    Type: Grant
    Filed: April 9, 2015
    Date of Patent: July 10, 2018
    Assignee:, inc.
    Inventors: William Charles Mortimore, Jr., Sergio Isaac Koren, Paul Anthony Mason, Alan Vangpat
  • Patent number: 10015143
    Abstract: Methods, non-transitory computer readable media and application management apparatuses, and application management systems that secure one or more entitlement grants includes transmitting a registration license request encrypted with a first public key to a license server. The registration license request comprises a registration identifier and a second public key. A registration license response is received from the license server. The registration license response comprises one or more license entitlement grants, the second public key, and a first secure signature encrypted with a first private key. The one or more license entitlement grants are authenticated when the first decrypted secure signature matches the first check signature.
    Type: Grant
    Filed: June 5, 2015
    Date of Patent: July 3, 2018
    Assignee: F5 Networks, Inc.
    Inventors: Jc Ferguson, Bruce L. Donohue
  • Patent number: 9992053
    Abstract: Encryption/authentication circuitry includes an encryption portion having a first number of encryption lanes, each encryption lane including a plurality of encryption stages, and keyspace circuitry including a plurality of key lanes corresponding to a predetermined maximum number of channels. Each key lane has key storage stages corresponding to the encryption stages, and includes key memories for the predetermined maximum number of channels. Key channel selection circuitry for each stage selects a key from among the key memories at that stage. An authentication portion includes a second number of authentication lanes, hash key storage for the predetermined maximum number of channels, partial hash state storage for the predetermined number of channels, and hash channel selection circuitry.
    Type: Grant
    Filed: February 1, 2017
    Date of Patent: June 5, 2018
    Inventor: Martin Langhammer
  • Patent number: 9979697
    Abstract: The present invention relates to: a packet filtering apparatus that represents a rule set for packet filtering being a technique for preventing a cyber-attack, using a tree structure suitable for calculation of a logical expression, thereby improving processing efficiency; and a packet filtering method thereof. The packet filtering apparatus includes: a rule set containing a rule in which a condition and an action are associated with each other, and a Zero-Suppressed Binary Decision Diagram (ZDD) that represents a logical expression in which the condition of the rule is described using a logical variable; a packet analyzing unit to analyze a packet received from a network and extract collation information being a character string to be collated; and a filtering unit to collate the collation information extracted by the packet analyzing unit with the ZDD, execute the action associated with the condition that the collation information matches, and permit or deny communication of the packet.
    Type: Grant
    Filed: May 15, 2015
    Date of Patent: May 22, 2018
    Inventors: Koichi Shimizu, Teruyoshi Yamaguchi
  • Patent number: 9977884
    Abstract: An authentication server, an application device and a probability-based user authentication system and method are disclosed. To simplify authentication while keeping a high level of security, the authentication server comprises at least an authentication probability evaluation module for determining a probability of requestor identification. The authentication server is configured to at least receive an authentication request from an authenticator, said authentication request comprises at least user identification data. The authentication probability evaluation module is configured upon reception of said user identification data to receive user behavior information, corresponding to the received user identification data from a user information database; and to determine a user probability value by comparing at least said user behavior information with authenticator application data. The requestor is authenticated in dependence of said determined user probability value.
    Type: Grant
    Filed: February 27, 2015
    Date of Patent: May 22, 2018
    Assignee: Plantronics, Inc.
    Inventors: Shantanu Sarkar, Timothy P Johnston, Cary Bran, Joe Burton