Patents Examined by Shawnchoy Rahman
  • Patent number: 11516495
    Abstract: A system for broadcasting that includes a watermark payload.
    Type: Grant
    Filed: September 3, 2020
    Date of Patent: November 29, 2022
    Assignee: SHARP KABUSHIKI KAISHA
    Inventors: Sachin G. Deshpande, Kiran Misra
  • Patent number: 11516191
    Abstract: A method of secure data export from an automotive ECU to a requesting entity includes receiving a signed request, the request transmitting a first public encryption key. The signature is verified using a second public key stored in the automotive ECU. Further, the requesting entity is authenticated. Only upon successful verification and authentication the automotive ECU generates a random symmetric key for encrypting the data to be exported. The symmetric key is encrypted using the first public key received in the request, and unencrypted data is deleted. The encrypted data is exported to the requesting entity, which decrypts the symmetric key using a first private key associated with the first public key, and decrypts the data encrypted with the symmetric key.
    Type: Grant
    Filed: April 30, 2021
    Date of Patent: November 29, 2022
    Assignee: CONTINENTAL TEVES AG & CO. OHG
    Inventors: Wen Wang, Marc Sebastian Patric Stöttinger
  • Patent number: 11509480
    Abstract: A method of attestation of a host machine based on runtime configuration of the host machine is provided. The method receives, at an attestation machine, a request from the host machine for attestation of a software executing on the host machine, the request including at least one security-related configuration of the software at launch time and a corresponding runtime behavior of the software when the security-related configuration changes. The method then generates a claim based on evaluating a value associated with the at least one security-related configuration and the corresponding runtime behavior of the software when the value changes. The method also generates an attestation token after a successful attestation of the software and include in the attestation token the generated claim. The method further transmits the attestation token to the host machine.
    Type: Grant
    Filed: June 30, 2020
    Date of Patent: November 22, 2022
    Assignee: VMWARE, INC.
    Inventors: Samyuktha Subramanian, Jesse Pool
  • Patent number: 11509694
    Abstract: Disclosed herein are embodiments of systems and methods that dynamically reconfigure a multi-tiered system of network devices and software applications in response to an ongoing and/or anticipated cyber-attack. The dynamic reconfiguration of the network devices may consist of a wide range of processes, which may include generating new network addresses for individual network devices; reconfiguring the network devices by creating firewalls, changing protocols between the network devices in a multi-tier reconfiguration solution, changing the cloud infrastructure provider of the network devices, even when the underlying network infrastructure ecosystem differs across cloud service providers (CSPs); and maintaining a secure and updated data model of a record of reconfigured network devices and their dependencies to allow legitimate users of the network devices to understand reconfiguration actions that are hidden from malicious users such as hackers and cyber-attackers.
    Type: Grant
    Filed: December 21, 2020
    Date of Patent: November 22, 2022
    Assignee: ARCHITECTURE TECHNOLOGY CORPORATION
    Inventors: Scott Aloisio, Robert Joyce
  • Patent number: 11503465
    Abstract: A novel and useful mechanism for providing security features to a wireless communications system that otherwise does not have such features. Security features including encryption and decryption of communications, secure key exchange, secure pairing, and secure re-pairing are provided. The invention is applicable to wireless communication systems such as IO-Link Wireless. The encryption/decryption mechanism uses AES-256 block cypher with counter mode to generate blocks of cypher bits used to encrypt and decrypt communications between the master and devices. Session keys are generated using a random salt and a counter value. The random salt is generated using a secure random number generator such as the CSPRNG algorithm. A master key (or device key) is also used in generating session keys. Session keys are not permanent and are used to encrypt/decrypt only a finite amount of data. Once exhausted, the session key is replaced by a new one and cypher bits are generated using the new session key.
    Type: Grant
    Filed: February 19, 2020
    Date of Patent: November 15, 2022
    Assignee: Coretigo Ltd.
    Inventors: Nir Efraim Joseph Tal, Dan Wolberg, Alex Regev
  • Patent number: 11503064
    Abstract: Disclosed herein are embodiments of systems, methods, and products comprise an analytic server, which provides a SilverlineRT system that prioritizes and analyzes security alerts and events. The server builds an attack tree based on attack detection rules. The server monitors large-scale distributed systems and receives alerts from various devices. The server determines attacks using the attack tree while excluding false alarms. The server determines impact and risk metrics for attacks in real-time, and calculates an impact score for each attack. The server ranks and prioritizes the attacks based on the impact scores. The server also generates real-time reports. By consider the mission and system specific context in the analysis alert information, the server gives insight into the overall context of problems and potential solutions, improving decision-making. By showing the impacts of alters, the server allows security personnel to prioritize responses and focus on highest value defense activities.
    Type: Grant
    Filed: August 17, 2020
    Date of Patent: November 15, 2022
    Assignee: ARCHITECTURE TECHNOLOGY CORPORATION
    Inventors: Scott Aloisio, Robert Joyce, Judson Powers
  • Patent number: 11496296
    Abstract: A method of authentication for delivery of a product to a recipient. The method includes: a customer generating a public and a private cryptographic key in accordance with an asymmetrical encryption; the customer providing the public cryptographic key for the deliverer; the deliverer generating a message encrypted using the public cryptographic key; transmitting the encrypted message to the recipient for authentication; generating a plain text of the encrypted message in that the recipient decrypts the encrypted message using the private key; transmitting the plain text to the deliverer; and the deliverer authenticating the recipient if the transmitted plain text matches the message.
    Type: Grant
    Filed: February 10, 2021
    Date of Patent: November 8, 2022
    Assignee: Robert Bosch GmbH
    Inventors: Alexander Hegai, Jens Breitbart
  • Patent number: 11489836
    Abstract: A method, an apparatus, and a system for collecting an access control list (ACL), where a second network device receives a first link-state advertisement (LSA) packet flooded by a first network device, where the first LSA packet includes a first network device identifier and first ACL information, and the first network device and the second network device belong to a same Interior Gateway Protocol (IGP) area, and sends an extended first Border Gateway Protocol-Link State (BGP-LS) packet to a controller, where the extended first BGP-LS packet includes the first network device identifier and the first ACL information such that the controller can collect ACL information of the first network device and manage the ACL information of the first network device.
    Type: Grant
    Filed: January 10, 2020
    Date of Patent: November 1, 2022
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Shunwan Zhuang, Peng Zhou, Zhenbin Li, Yuanbin Yin, Jianbin Xu
  • Patent number: 11490258
    Abstract: A method for securing a Wi-Fi link in a wireless communication system includes configuring an existing agent with a controller, wherein the existing agent is configured as a first Basic Service Set (BSS). An enrollee agent is onboarded with a Push Button Configuration (PBC) method to establish an 1905 layer security between the existing agent and the enrollee agent. The enrollee agent is configured with the controller, including the controller transmitting a Device Provisioning Protocol (DPP) Bootstrapping Information Request to the enrollee agent and the controller receiving a DPP Bootstrapping Information Response from the enrollee agent, wherein the enrollee agent is configured as a second BSS.
    Type: Grant
    Filed: April 16, 2020
    Date of Patent: November 1, 2022
    Assignee: NXP USA, Inc.
    Inventors: Jinjing Jiang, Manish Kumar, Huiling Lou
  • Patent number: 11481506
    Abstract: An information processing system includes a first management unit that manages assignment of authority to use a second service to a first user registered for a first service in the individual unit on a user side receiving provision of the first service, and a second management unit that manages a second user having authority to use the second service on a provider side providing the second service, in which the second management unit acquires information regarding the first user not assigned with the authority to use the second service, from the first management unit.
    Type: Grant
    Filed: December 4, 2018
    Date of Patent: October 25, 2022
    Assignee: FUJIFILM Business Innovation Corp.
    Inventor: Yasuyuki Higuchi
  • Patent number: 11481511
    Abstract: A system for storing and managing secure information is disclosed that includes a secure identity and profiling system, which serves as a middleman between a user and an entity requesting personally identifiable information (PII) from the user. The system collects the PII from the user and stores it securely, such as in an alternate blockchain in an encrypted form. The location of the that PII within the alternate blockchain may be indexed using smart contracts in a main blockchain that can only be read with an access token generated and supplied by the user's mobile device. When an entity requests PII from the user that has already been collected and securely stored, the user can provide permission to release that PII by providing the access token. The system will use the access token to locate where the PII is stored and release the PII to the requesting entity.
    Type: Grant
    Filed: November 3, 2017
    Date of Patent: October 25, 2022
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventor: Sumit Amar
  • Patent number: 11470471
    Abstract: Provided are embodiments for performing encryption and decryption in accordance with one or more embodiments. The embodiments include generating a random key address, obtaining a pre-stored key using the random key address, and re-arranging portions of the pre-stored key using the random key address. Embodiments also include selecting a dynamic logic operation based on the random key address, receiving data for encryption, and combining portions of the received data for encryption with the re-arranged portions of the pre-stored key using the dynamic logic operation to produce encrypted data. Embodiments include re-arranging portions of the encrypted data based on the random key address and combining the re-arranged portions of the encrypted data with the random key address into an encrypted data packet for transmission. Also provided are embodiments for a transmitter and receiver for performing the encryption and decryption.
    Type: Grant
    Filed: September 16, 2019
    Date of Patent: October 11, 2022
    Assignee: ROSEMOUNT AEROSPACE, INC.
    Inventors: Pranay Kanti Nath, Pullaiah Dussa
  • Patent number: 11469893
    Abstract: Aspects of the present disclosure include methods, systems, and non-transitory computer readable media that perform the steps of transmitting a token to a gateway, receiving a response token including an encrypted message, decrypting the encrypted message using a decryption key associated with the token to generate a decrypted message, validating content of the decrypted message, transmitting a certificate request in response to successfully validating the content of the decrypted message, receiving a certificate in response to the request, validating the certificate against a certification authority, and transmitting encrypted data via a secured connection in response to successfully validating the certificate.
    Type: Grant
    Filed: November 22, 2019
    Date of Patent: October 11, 2022
    Assignee: JOHNSON CONTROLS TYCO IP HOLDINGS LLP
    Inventors: Rolando Herrero, Jerry Xiaowen Wu
  • Patent number: 11463235
    Abstract: An encryption device includes an encryption unit that encrypts blocks, obtained by dividing a plaintext, with use of an auxiliary variable, a partial checksum generation unit that generates a plurality of partial checksums on the basis of the blocks obtained by dividing the plaintext, a meta checksum generation unit that generates a meta checksum on the basis of the partial checksums generated by the partial checksum generation unit, and a tag generation unit that generates a tag to be used for detecting tampering, on the basis of the meta checksum generated by the meta checksum generation unit. The encryption device outputs a ciphertext encrypted by the encryption unit and the tag generated by the tag generation unit.
    Type: Grant
    Filed: February 21, 2018
    Date of Patent: October 4, 2022
    Assignee: Nec Corporation
    Inventor: Kazuhiko Minematsu
  • Patent number: 11463471
    Abstract: The disclosure relates to methods for establishing a secure communication link between a mobile station and a secondary base station in a mobile communication system. The disclosure is also providing mobile communication system for performing these methods, and computer readable media the instructions of which cause the mobile communication system to perform the methods described herein. Specifically, the disclosure suggests that in response to the detected or signaled potential security breach, the master base station increments a freshness counter for re-initializing the communication between the mobile station and the secondary base station; and the mobile station and the secondary base station re-initialize the communication there between. The re-initialization is performed under the control of the master base station and further includes deriving a same security key based on said incremented freshness counter, and establishing the secure communication link utilizing the same, derived security key.
    Type: Grant
    Filed: October 26, 2020
    Date of Patent: October 4, 2022
    Assignee: Sun Patent Trust
    Inventors: Prateek Basu Mallick, Joachim Loehr
  • Patent number: 11451390
    Abstract: A method, non-transitory computer readable medium and device that minimize error conditions with substantially simultaneously and independently generated secret keys includes synchronizing with a mobile device configured to execute a corresponding key generation process. Data obtained based on at least one shared characteristic with the synchronized mobile device is converted into a plurality of binary numbers. At least one bit for each of the plurality of binary numbers which are at least measurably random is identified. An error condition with any of the determined bits for the plurality of binary numbers is identified. At least a portion of the determined bits for the plurality of binary numbers without the detected error condition are selected. A key is generated based on the selected determined bits for the plurality of binary numbers for use in securing communications with the synchronized mobile device.
    Type: Grant
    Filed: December 22, 2020
    Date of Patent: September 20, 2022
    Assignee: MUNRO DESIGN & TECHNOLOGIES, LLC
    Inventor: James Fredric Munro
  • Patent number: 11444770
    Abstract: Systems and methods for controlling data access through the interaction of a short-range transceiver, such as a contactless card, with a client device are presented. Data access control may be provided in the context of creating and accessing a secure memory block in a client device, including handling requests to obtain create and access a secure memory block via the interaction of a short-range transceiver, such as a contactless card, with a client device such that, once the secure memory block is created in memory of the client device, personal user data may be stored in the secure memory block, and access to the stored personal user data may only be provided to users authorized to review the data.
    Type: Grant
    Filed: June 19, 2020
    Date of Patent: September 13, 2022
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Jeffrey Wieker, Patrick Zearfoss, Clayton Johnson
  • Patent number: 11444787
    Abstract: A method for propagating configuration data using a blockchain includes: storing a blockchain comprised of a plurality of blocks, each being comprised of a block header having a timestamp and one or more configuration transactions; receiving one or more configuration data items; generating a new configuration transaction for each configuration data item; hashing a most recent block identified based on the timestamp included in the respective block header to generate a previous block hash value; hashing a combination of the new configuration transactions and/or data associated therewith to generate a current block hash value; generating a new block header, the new block header including a current timestamp, the previous block hash value, the current block hash value, and a digital signature; generating a new block comprised of the new block header and each new configuration transaction; and updating the blockchain by appending the new block.
    Type: Grant
    Filed: July 9, 2020
    Date of Patent: September 13, 2022
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Simon R. Dix, Steven C. Davis
  • Patent number: 11445337
    Abstract: A method of communicating between a terminal device and a back-end system assigned to the terminal device, the terminal device receives via a direct wireless communication link an authorization code from the mobile communication device. Responsive to receiving the authorization code, the terminal device transmits via the direct wireless communication link to the mobile communication device a terminal report message which includes a message content part and a message addressing part. The mobile communication device transmits the terminal report message in a forwarding message via a telecommunications network to a remote message processing system determined by the addressing part. The remote message processing system determines from the addressing part the back-end system assigned to the electronic terminal device and transfers the content part of the terminal report message to the back-end system.
    Type: Grant
    Filed: June 29, 2020
    Date of Patent: September 13, 2022
    Inventors: Marcel Plüss, Peter Plüss, Michael Würth
  • Patent number: 11436607
    Abstract: The various embodiments described herein relate to systems, methods, and devices associated with distributed ledger systems (e.g., distributed ledger technology implemented on a decentralized network) that can be used to handle and manage the distribution and access of data in a manner that preserves the benefits of distributed ledger technology while enabling the private sharing of data. More specifically, the distributed ledger systems contemplated herein involve distributed ledger technology (DLT)-based data management platforms that can be implemented on nodes of a data management network.
    Type: Grant
    Filed: September 22, 2020
    Date of Patent: September 6, 2022
    Assignees: SYMBIONT.IO, INC., The Vanguard Group, Inc.
    Inventors: Warren B. Pennington, John C. Evans, Mark Smith, Anush Vijayaraghavan, Ron Papanek