Patents Examined by Sharon S Lynch
  • Patent number: 11223626
    Abstract: Service-to-service role mapping systems and methods are disclosed herein. An example role mapping service is positioned between a directory service and a search engine service, the directory service managing user information and permissions for users, the role mapping service mapping one or more search engine service roles to a user based on the user information and permissions received from the directory service.
    Type: Grant
    Filed: June 28, 2018
    Date of Patent: January 11, 2022
    Assignee: Elasticsearch B.V.
    Inventor: Clinton Gormley
  • Patent number: 11196763
    Abstract: Aspects of the disclosure relate to edge-computing (“EC”)-based systems and methods for fraud mitigation. The systems and methods may utilize a multi-layer architecture. The architecture may include a set of N gatekeeper units, and each gatekeeper unit may be associated with an EC device. When a transaction request is received, the request may be processed at a first gatekeeper unit, and, if validated, successively processed by the set of N gatekeeper units. If any gatekeeper unit flags the request as suspicious, the unit may emit an audible alert that may be sensed by the associated EC device. The EC device may transmit a signal to one or more of the other gatekeeper units to perform additional processing for the request. When the request reaches the Nth gatekeeper unit and achieves validation, the transaction may be executed via a central server connected to a transaction network.
    Type: Grant
    Filed: July 2, 2019
    Date of Patent: December 7, 2021
    Assignee: Bank of America Corporation
    Inventor: Christopher L. Rice
  • Patent number: 11190505
    Abstract: A method and apparatus for creating and using a password card and a password hint. The invention allows the user to avoid revealing their password and because of that, the invention provides a better secure way of managing passwords. The user is still able to retrieve their password using the password hint and the password card generated by the system. The invention also allow to encrypt and decrypt the password hint to an external API and this add an extra layer of security protection.
    Type: Grant
    Filed: July 12, 2016
    Date of Patent: November 30, 2021
    Inventor: Patrick Tardif
  • Patent number: 11153343
    Abstract: A device may generate network profile data indicating a set of network parameters detected by the device. The device may encrypt the network profile data and may transmit the encrypted network profile data to a network device, such as a router, or a server. The router or server may analyze the encrypted network profile data to determine if the device is secure. The router of server may perform one or more security measures if the device is not secure.
    Type: Grant
    Filed: January 30, 2020
    Date of Patent: October 19, 2021
    Assignee: Cypress Semiconductor Corporation
    Inventor: Hui Luo
  • Patent number: 11146569
    Abstract: Systems and methods are described for providing escalation-resistant network-accessible services by providing the service through a set of service instances, each executing in an environment with privileges scoped based on a user requesting to access the service. Each service instance can be implemented by code on a serverless code system, executed in response to a user request to access the service. Because the code is executed in an environment with privileges scoped to those of a requesting user, the code itself need not attempt to limit the privileges or a requesting user. For that reason, potential for privilege escalations of the service are reduced, even if vulnerabilities in the code might otherwise allow for such escalations.
    Type: Grant
    Filed: June 28, 2018
    Date of Patent: October 12, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Marc John Brooker, Ajay Nair, Colm MacCárthaigh
  • Patent number: 11122052
    Abstract: A method, computer system, and a computer program product for accessing data in a network is provided. The present invention may include reading a control blockchain, by a non-trusted node, to enable the non-trusted node to read an asset from a trusted node blockchain on a trusted node. The present invention may also include reading the trusted node blockchain by the non-trusted node. The present invention may then include creating, by the non-trusted node, a new block on a temporary blockchain based on the read trusted node blockchain. The present invention may further include transmitting, by the non-trusted node, the created new block to the trusted node, wherein transmitting the created new block causes the created new block to be added to the trusted node blockchain.
    Type: Grant
    Filed: May 30, 2018
    Date of Patent: September 14, 2021
    Assignee: International Business Machines Corporation
    Inventors: Edgar A. Zamora Duran, Franz F. Liebinger Portela, Ryan G. DeJana
  • Patent number: 11102244
    Abstract: In one example, intelligence is gathered about an attacker that is attempting an attack via a malicious exploit message by exploiting the attacker's belief that the attack is succeeding. A received message (e.g., malicious message) sent from a first message account (e.g., attacker) to a second message account (e.g., intended victim) is received. A security risk associated with the received message is determined. It is determined that the security risk associated with the received message meets one or more criteria. Based on the determination that the security risk associated with the received message meets the one or more criteria, a responsive message is sent in response to the received message from a third message account (e.g., security service) to the first message account. The responsive message includes a content reference identified as referring to a content for a user of the first message account.
    Type: Grant
    Filed: May 30, 2018
    Date of Patent: August 24, 2021
    Assignee: Agari Data, Inc.
    Inventors: Bjorn Markus Jakobsson, John M. Wilson, III, Patrick Richard Peterson, SeyedHossein Siadati
  • Patent number: 11070379
    Abstract: Implementations of this specification provide signature verification methods and apparatuses for a blockchain ledger. An example method includes receiving by a server, a signature verification instruction that comprises a verification object parameter and a hash value. The verification object parameter includes a third-party parameter, a platform parameter, or a time service certificate parameter, the verification object parameter indicates a type of a to-be-verified object, and the server is configured to store data by using the blockchain ledger. The server obtains the to-be-verified object based on the verification object parameter and the hash value. The type of the to-be-verified object includes a third-party digital signature, a server digital signature, or a time service certificate. The server sends the to-be-verified object to a client for verification by the client.
    Type: Grant
    Filed: January 30, 2020
    Date of Patent: July 20, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventors: Xinying Yang, Benquan Yu, Yuan Zhang, Yize Li
  • Patent number: 11063912
    Abstract: Method, apparatus and system for communicating between a machine to machine, M2M, device 110 and a device management, DM, server 420 over SMS, comprising: obtaining key material, the key material configured to protect data communicated between the M2M device 110 and the DM server 420. Protecting data to be communicated using the key material. Communicating the protected data between the M2M device 110 and the DM server 420 over SMS.
    Type: Grant
    Filed: March 17, 2020
    Date of Patent: July 13, 2021
    Assignee: VODAFONE IP LICENSING LIMITED
    Inventors: Sophie Bourne, Friedhelm Rodermund
  • Patent number: 11057220
    Abstract: Implementations of this specification provide signature verification methods and apparatuses for a blockchain ledger. An example method includes receiving by a server, a signature verification instruction that comprises a verification object parameter and a hash value. The verification object parameter includes a third-party parameter, a platform parameter, or a time service certificate parameter, the verification object parameter indicates a type of a to-be-verified object, and the server is configured to store data by using the blockchain ledger. The server obtains the to-be-verified object based on the verification object parameter and the hash value. The type of the to-be-verified object includes a third-party digital signature, a server digital signature, or a time service certificate. The server sends the to-be-verified object to a client for verification by the client.
    Type: Grant
    Filed: July 31, 2020
    Date of Patent: July 6, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventors: Xinying Yang, Benquan Yu, Yuan Zhang, Yize Li
  • Patent number: 11050557
    Abstract: A first electronic network node (110) is provided configured for a key exchange (KEX) protocol, the first network node is configured to obtain a shared polynomial (a) shared with a second network node, coefficients of the shared polynomial a being selected modulo a first modulus q, generate a private key polynomial (skI), coefficients of the private key polynomial being bounded in absolute value by a bound (s) generate a public key polynomial (pkI) by computing a polynomial product between the shared polynomial (a) and the private key polynomial (skI) modulo the first modulus (q) and scaling the coefficients of the polynomial product down to a second modulus (p).
    Type: Grant
    Filed: May 2, 2018
    Date of Patent: June 29, 2021
    Assignee: Koninklijke Philips N.V.
    Inventors: Sauvik Bhattacharya, Oscar Garcia Morchon, Ludovicus Marinus Gerardus Maria Tolhuizen, Ronald Rietman
  • Patent number: 11042629
    Abstract: An authentication server in an illustrative embodiment is configured to communicate with one or more client devices over a network. Responsive to a successful login to a user account by a client device, the authentication server provides the client device with a login cookie for the user account for potential utilization in one or more subsequent logins to the user account. The authentication server initializes a cookie-specific counter for the login cookie, and increments the cookie-specific counter for each of one or more unsuccessful logins to the user account made utilizing the login cookie. Responsive to the cookie-specific counter reaching a specified value, the authentication server locks the user account for any subsequent logins to the user account made utilizing the login cookie. The authentication server resets the cookie-specific counter responsive to a successful login to the user account made utilizing the login cookie.
    Type: Grant
    Filed: October 9, 2018
    Date of Patent: June 22, 2021
    Assignee: EMC IP Holding Company LLC
    Inventors: Radia J. Perlman, Benjamin S. Smith
  • Patent number: 11042878
    Abstract: An authentication technique is disclosed that uses a distributed secure listing of transactions that includes encrypted data that can be used to authenticate a principal to a verifier.
    Type: Grant
    Filed: January 19, 2017
    Date of Patent: June 22, 2021
    Assignee: PRIV8PAY, INC.
    Inventors: Ioannis Georgiadis, Gopalakrishnan Hariharan, John K. Thomas
  • Patent number: 11032069
    Abstract: The present disclosure relates to a method and system for securely transferring master keying material between to a slave dongle (12). Each slave dongle (12) is connected to a data transfer system. The slave dongle (12) contains a public key and a private key and the data transfer system holds a master keying material source that contains master keying material to be transferred securely to the slave dongle (12). The slave dongle's public key is transferred to the master keying material source. The master keying material source encrypts the master keying material with the slave dongle's public key to produce an encrypted master keying material. The encrypted master keying material is sent to the slave dongle (12) and the slave dongle (12) decrypts the encrypted master keying material with the slave dongle's private key. This allows multiple users, each having a slave dongle (12a-n) that has been configured in this manner, to use the same master keying material to securely communicate with one another.
    Type: Grant
    Filed: November 6, 2019
    Date of Patent: June 8, 2021
    Assignee: iStorage Limited
    Inventor: John Michael
  • Patent number: 11025424
    Abstract: An external trusted time source is implemented over a network for conditional access system (CAS)/digital rights management (DRM) client devices. A client device includes untrusted software and a trusted execution environment (TEE) for processing an entitlement management message (EMM) that includes an epoch sequence number (ESN) transmitted from an EMM server using a first network connection. A remaining client key set (CKS) lifetime value is stored and updated in the TEE based on the ESN processed.
    Type: Grant
    Filed: April 26, 2019
    Date of Patent: June 1, 2021
    Assignee: ARRIS Enterprises LLC
    Inventors: Alexander Medvinsky, Douglas M. Petty
  • Patent number: 10990377
    Abstract: A method for enhancing dialog systems is disclosed herein. The method comprises maintaining an online marketplace that may include a plurality of dialog system extension elements. Each of the plurality of dialog system extension elements may include at least one of a dialog system plugin, a dialog system add-on, a dialog system update, and a dialog system upgrade. The method may further include receiving a selection of one of the plurality of dialog system extension elements from a software developer. The software developer may be associated with a dialog system. The method may continue with associating the one of the plurality of dialog system extension elements with the dialog system of the software developer.
    Type: Grant
    Filed: June 17, 2019
    Date of Patent: April 27, 2021
    Assignee: GOOGLE LLC
    Inventors: Ilya Gennadyevich Gelfenbeyn, Artem Goncharuk, Pavel Aleksandrovich Sirotin
  • Patent number: 10986095
    Abstract: A computing device obtains a request from a user device to access a network beacon. The computing device obtains a device profile for the user device. The computing device determines whether the user device satisfies an authorization rule based on the state of the user device as indicated by the device profile. The computing device authorizes the user device to access the network beacon responsive to determining that the user device satisfies the authorization rule.
    Type: Grant
    Filed: December 7, 2015
    Date of Patent: April 20, 2021
    Assignee: AirWatch LLC
    Inventors: Erich Stuntebeck, Michelle Burnett
  • Patent number: 10985925
    Abstract: A method and apparatus for a certificate authority system providing authentication to a plurality of devices associated with an organization are described. The method may include receiving, at the certificate authority system, a request from a device to sign authentication information of the device, wherein the device is associated with the organization. The method may also include sending a challenge to the device to perform an action with a system other than the certificate authority system, and receiving the response to the challenge from the device. Furthermore, the method may include verifying that the response was generated correctly based on the challenge, and signing the authentication information of the device with one or more keys of the certificate authority system as an authentication of an identity of the device.
    Type: Grant
    Filed: July 22, 2019
    Date of Patent: April 20, 2021
    Assignee: STRIPE, INC.
    Inventors: Carl Jackson, Bryan Berg, David Terrance Bartley, Evan Broder
  • Patent number: 10965474
    Abstract: Some embodiments of the invention provide a method for authenticating a security device (e.g., a smart card or other highly secured device) to modify a security state (e.g., unlocking, decrypting, etc.) at a target device (e.g., laptop computers, mobile phones, tablets, etc.). In some embodiments, the security device does not have a volatile storage for storing volatile parameters for the particular device to use to perform the authentication process. The method of some embodiments sends an encrypted challenge to the security device, in which the encrypted challenge can only be decrypted by the security device. The method receives a response and modifies accessibility for the target device when the response is a valid response. The method of some embodiments determines that a response is valid based on the decrypted contents of the response and/or based on a period of time between the issuance of the challenge and the received response.
    Type: Grant
    Filed: April 13, 2018
    Date of Patent: March 30, 2021
    Assignee: Apple Inc.
    Inventors: Wade Benson, Arthur Mesh
  • Patent number: 10956618
    Abstract: An ID token includes a sensor, a communication interface, and a first microcontroller. The ID token includes a protected second microcontroller having at least one microcontroller communication interface, which is arranged in a holder of the ID token, wherein the microcontroller communication interface provides a data input and a data output. The first microcontroller is configured as a proxy for switching between the sensing of the measurement data by the sensor and forwarding of the sensed measurement data from the sensor to the first application of the protected second microcontroller by the microcontroller communication interface thereof on the one hand and forwarding of notifications for establishing a connection between the second application and the reading device and/or forwarding of APDUs by the connection between the second application and the reading device on the other hand.
    Type: Grant
    Filed: December 13, 2016
    Date of Patent: March 23, 2021
    Assignee: BUNDESDRUCKEREI GMBH
    Inventors: Frank Morgner, Micha Kraus, Paul Bastian