Patents Examined by Stephen Gundry
-
Patent number: 9832649Abstract: A secure ID authentication system for authenticating over a multi-channel cellular radio network a response from a user module comprising a SIM card to a request from an application programming interface (API) to authenticate a transaction, in which; a request is sent to an identity application server (IAS) holding a database of user module ID information; the IAS transmits the request over a first channel of the cellular network as a class 2 SMS message to the SIM card; the SIM card causes the request to be displayed on the user module; when a response is entered, the user module encrypts the response and associated data and transmits the encrypted data over a second channel of the cellular network to an over-the-air (OTA) gateway to the IAS; and the IAS decrypts the data and transmits the response to the API.Type: GrantFiled: February 13, 2014Date of Patent: November 28, 2017Assignee: TECHNOLOGY BUSINESS MANAGEMENT, LIMTEDInventors: Keith Curran, Tarlok Nath Teji
-
Patent number: 9825758Abstract: A user device and one or more server computers securely evaluate a k-nearest neighbor model, with reasonable computation speed and bandwidth utilization, using a combination of techniques. The user device encrypts input vectors using a client's public key to keep client information private. The server computer homomorphically computes a distance between the encrypted input vector and vectors stored in the k-nearest neighbor model. The server computer then engages in a minimization process which results in the user device receiving classification vectors corresponding to the k-nearest neighbors.Type: GrantFiled: December 2, 2014Date of Patent: November 21, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Tony Feng, David J. Wu, Michael Naehrig, Kristin Lauter
-
Patent number: 9819652Abstract: An information interaction method and device are provided. In the method, the device establishes a connection with a wearable device. The device sends information to be interacted corresponding to a logged-in ID to the wearable device via the connection. The device receives a first encrypted result returned by the wearable device. The device generates a first verifying factor corresponding to the first encrypted result with a predetermined algorithm. The device sends the information to be interacted and the first verifying factor in an associated manner to a server. The device receives a message indicating that an interaction is finished, where the message is sent if the server determines that a second verifying factor generated with the predetermined algorithm and corresponding to a second encrypted result matches the first verifying factor. The second encrypted result is obtained by encrypting the information by the server with the pre-stored encryption key.Type: GrantFiled: September 8, 2015Date of Patent: November 14, 2017Assignee: Xiaomi Inc.Inventors: Junqi Lin, Yang Zhang, Chenlei Wang
-
Patent number: 9806884Abstract: A system includes a MEMS device and a key generating device formed over the substrate. The key generating device is configured to generate a cryptographic key based on a property of the MEMS device and the MEMS device is configured to output a signal indicative of a sensed parameter. The generated cryptographic key is based on the influenced output signal of the MEMS device.Type: GrantFiled: January 9, 2015Date of Patent: October 31, 2017Assignee: Robert Bosch GmbHInventors: Matthew Lewis, Jorge Guajardo Merchan
-
Patent number: 9787647Abstract: Decision trees can be securely evaluated with reasonable computation speed and bandwidth utilization. A user device encrypts input vectors using a client's public key in an additively homomorphic encryption system. A server computer effectively randomizes the decision tree for each use, such that a value indicative of a path resulting from applying an input vector to the decision tree is different each time the decision tree is used. The server computer homomorphically computes the evaluations of each decision node. The server computer provides the value indicative of the path through the decision tree as one part accessible by the client, and another part accessible by the server. The server computer uses the parts to look up a corresponding output value from a database of output values for each path. In this operation, only the output value corresponding to the combined parts can be retrieved, and only by the intended recipient.Type: GrantFiled: December 2, 2014Date of Patent: October 10, 2017Assignee: Microsoft Technology Licensing, LLCInventors: David J. Wu, Tony Feng, Michael Naehrig, Kristin Lauter
-
Patent number: 9773119Abstract: The present disclosure involves systems and computer implemented methods for protecting portions of electronic documents. An example method includes receiving a request for access to an electronic file having sections, at least one section encrypted using a first key based on a first password. A second key is generated in response to receiving a second password, wherein the second key is generated based on the second password. The second key is compared to the first key. If the second key is identical to the first key, the least one section of the electronic file encrypted using the first key is decrypted using the second key. The electronic file is then presented such that the section(s) previously encrypted using the first cryptographic key is made visible. If the second key is not identical to the first, the electronic file is presented with the encrypted section(s) obscured.Type: GrantFiled: February 25, 2015Date of Patent: September 26, 2017Assignee: SAP SEInventors: Anand Sinha, Vinay Sheel
-
Patent number: 9773288Abstract: A method for interactive visualization of a decision assessment on a graphical user interface, including generating, by a computer processor, that includes generating, by a computer processor, the decision assessment model having a first set of circular sectors on a first ring, a second set of circular sectors on a second ring wherein each of the second set of circular sectors is related to a corresponding first circular sector, and a third set of circular sectors on a third ring wherein each of the third circular sectors is related to a corresponding second circular sector. The first set of circular sectors, the second set of circular sectors and the third set of circular sectors include concentric rings with a common center.Type: GrantFiled: June 29, 2015Date of Patent: September 26, 2017Assignee: ENDERA SYSTEMS, LLCInventors: Raj Ananthanpillai, Aaron Kilinski
-
Patent number: 9769189Abstract: Embodiments relate to systems and methods for behavior-based automated malware analysis and classification. Aspects relate to platforms and techniques which access a set of samples of malware, and extract or capture a set of low-level behavioral artifacts produced by those samples. The low-level artifacts can be used to organize or identify a set of features, based upon which the sample can be classified and/or clustered into different labels, groups, or categories. The artifacts and/or features can be analyzed by one or more selectable algorithms, whose accuracy, efficiency, and other characteristics can be compared to one another for purposes of performing a classification or clustering task. The algorithm(s) can be selected by a user to achieve desired run times, accuracy levels, and/or other effects.Type: GrantFiled: February 21, 2014Date of Patent: September 19, 2017Assignee: VERISIGN, INC.Inventors: Aziz Mohaisen, Omar Alrawi, Matthew Larson
-
Patent number: 9769204Abstract: A system includes one or more “BotMagnet” modules that are exposed to infection by malicious code. The BotMagnets may include one or more virtual machines hosing operating systems in which malicious code may be installed and executed without exposing sensitive data or other parts of a network. In particular, outbound traffic may be transmitted to a Sinkhole module that implements a service requested by the outbound traffic and transmits responses to the malicious code executing within the BotMagnet. The Sinkhole module may implement a proxy mode in which traffic received by the Sinkhole module is transmitted to a destination specified in the traffic but modified to reference the Sinkhole as the source. Events occurring on the BotMagnet and Sinkhole are correlated and used to characterize the malicious code. The characterization may be transmitted to other computer systems in order to detect instances of the malicious code.Type: GrantFiled: August 12, 2014Date of Patent: September 19, 2017Assignee: Attivo Networks Inc.Inventors: Venu Vissamsetty, Shivakumar Buruganahalli
-
Patent number: 9754090Abstract: Methods and systems are described for setting up a security and/or automation system. According to at least one embodiment, a method for setting up the security or automation system includes receiving a communication from a mobile device associated with installing a system peripheral device at a control unit and executing an installation task based on the communication.Type: GrantFiled: May 7, 2014Date of Patent: September 5, 2017Assignee: Vivint, Inc.Inventor: Richard Scott Carlson
-
Patent number: 9749294Abstract: A system for establishing a trusted end-to-end communication link between different NFV networks is disclosed. The system comprises a server operating in a trusted security zone and configured to generate and send a trust ticket, a communication request, and disable communication with the first NFV network. The system further comprises a virtual machine executing virtualized network functions and a session border controller. The session border controller is configured to receive the trust ticket, request, and trusted data from the first server; transmit the trust ticket and request to a second session border controller, wherein the trust ticket and request are transmitted to a second server associated with a second NFV network, and receive a response and second trust ticket from the second NFV network, compare the first and second trust ticket for compatibility, and transmit the trusted data if the trust tickets are compatible.Type: GrantFiled: September 8, 2015Date of Patent: August 29, 2017Assignee: Sprint Communications Company L.P.Inventors: Ronald R. Marquardt, Lyle W. Paczkowski, Arun Rajagopal
-
Patent number: 9722801Abstract: A client device may provide, to a host device, a request to access a website associated with a host domain. The client device may receive, based on the request, verification code that identifies a verification domain and a resource, associated with the verification domain, to be requested to verify a public key certificate. The verification domain may be different from the host domain. The client device may execute the verification code, and may request the resource from the verification domain based on executing the verification code. The client device may determine whether the requested resource was received, and may selectively perform a first action or a second action based on determining whether the requested resource was received. The first action may indicate that the public key certificate is not valid, and the second action may indicate that the public key certificate is valid.Type: GrantFiled: September 30, 2013Date of Patent: August 1, 2017Assignee: Juniper Networks, Inc.Inventor: Kyle Adams
-
Patent number: 9722785Abstract: An apparatus for quantum cryptographic communication includes a light source configured to generate an optical pulse which is transmitted to a plurality of quantum code sending devices, and a quantum entanglement measuring unit configured to receive the optical signal generated from each of the plurality of quantum code sending devices and measure a relation among quantum states of the optical signals received from the plurality of quantum code sending devices; the optical signal being generated by encoding a key to a quantum state of the optical pulse. The apparatus for quantum cryptographic communication may further include a signal direction determining unit, a reflector for reflecting the optical pulse or the optical signal, an arbitrary phase shifter, or a modulator for encoding a digital signal corresponding to the key to the optical pulse.Type: GrantFiled: January 6, 2015Date of Patent: August 1, 2017Assignee: Korea Institute of Science and TechnologyInventors: Yong-Su Kim, Sang Wook Han, Sung Wook Moon, Yujun Choi
-
Patent number: 9723009Abstract: A security solution provides secure communication in a multi-tenant environment which includes a connection-based fabric, storage cells holding data associated with different tenants, database servers which provide a plurality of database services using said data, application servers hosting database service consumers. The fabric is configured into partitions isolating the storage cells from the database service consumers. The application servers securely associate unique database service consumer identities with each database service consumer and all communications with the database servers. The database servers reject all communications from the application servers which do not include an identity and use an access control list to control access from the database service consumers to the database services using address resolution access control, connection establishment access control, and data exchange access control based on said access control list.Type: GrantFiled: September 8, 2015Date of Patent: August 1, 2017Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Vadim Makhervaks, Richard Mousseau, Bjørn Dag Johnsen, Sumanta Chatterjee, Avneesh Pant, Jean De Lavarene, Kant C. Patel, Bhaskar Mathur, Feroz Alam Khan, Sudeep Vatsanath Reguna
-
Patent number: 9723008Abstract: An integrated firewall provides security in a multi-tenant environment having a connection-based switched fabric directly connecting database servers which provide a plurality of database services with application servers hosting database service consumers each having a different database service consumer identity. The firewall functionality integrated into each database server provides access control by discarding communication packets which do not include a database service consumer identity and using the database service consumer identity in combination with an access control list to control access from the database service consumers to the database services. The access control includes address resolution access control, connection establishment access control, and data exchange access control based on said access control list.Type: GrantFiled: September 8, 2015Date of Patent: August 1, 2017Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Vadim Makhervaks, Richard Mousseau, Bjørn Dag Johnsen, Sumanta Chatterjee, Avneesh Pant, Jean De Lavarene, Kant C. Patel, Bhaskar Mathur, Feroz Alam Khan, Sudeep Vatsanath Reguna
-
Patent number: 9710629Abstract: An electronic device is able to alter one or more settings of its imager based on the motion of a user that the device is attempting to authenticate. The electronic device, in one implementation, captures a first set of image data of the user (e.g., a video or still photo of the user), detects motion of the user, alters a setting of the imager based on the motion, captures a second set of image data of the user, and authenticates the user based on the second set of image data. In some implementations, the electronic device has multiple imagers, and activates one or more additional imagers based on the detected motion of the user.Type: GrantFiled: May 13, 2014Date of Patent: July 18, 2017Assignee: Google Technology Holdings LLCInventors: Rachid M Alameh, Jiri Slaby
-
Patent number: 9710672Abstract: System and method of producing a collection of possibilities that agree on information that must be disclosed (disclosable information) and disagree with a sufficient degree of diversity as defined by a policy to protect the sensitive information. A policy defines: what information is possible, what information the recipient would believe, what information is sensitive (to protect), what information is disclosable (to share) and sufficiency conditions that specify the degree of ambiguity required to consider the sensitive information protected. A formalism is utilized that provably achieves these goals for a variety of structured datasets including tabular data such as spreadsheets or databases as well as annotated graphs. The formalism includes the ability to generate a certificate that proves a disclosure adheres to a policy. This certificate is produced either as part of the protection process or separately using an altered process.Type: GrantFiled: September 8, 2015Date of Patent: July 18, 2017Inventor: Uri Jacob Braun
-
Patent number: 9692727Abstract: A context-aware distributed firewall scheme is provided. A firewall engine tasked to provide firewall protection for a set of network addresses applies a reduced set of firewall rules that are relevant to the set of addresses associated with the machine. A hypervisor implements a search structure that allows each virtual machine's filter to quickly identify relevant rules from all of the received rules. The search structure is constructed as a binary prefix tree, each node corresponding to an IP CIDR (Classless Inter-Domain Routing) block. A query for relevant rules traverses nodes of the search structure according to a queried IP address and collect all rules that are associated with the traversed nodes.Type: GrantFiled: December 2, 2014Date of Patent: June 27, 2017Assignee: NICIRA, INC.Inventors: Jingmin Zhou, Anirban Sengupta
-
Patent number: 9672368Abstract: A system and method for providing selective control of information shared from a first device to a second device. The system includes a connection detector to detect a short-range communication between the first device and the second device; a security setter to set or acquire a security setting; a disconnect detector to detect whether the short-range communication between the first device and the second device is terminated; and a wiper to perform data management of information shared via the short-range communication between the first device and the second device based on the security setting.Type: GrantFiled: April 30, 2014Date of Patent: June 6, 2017Assignee: Visteon Global Technologies, Inc.Inventors: Upton Beall Bowden, Theodore Charles Wingrove, Anthony Joseph Ciatti, Yanina Goncharenko
-
Patent number: 9672361Abstract: A Basic Input/Output System (BIOS) of a device is modified to: obtain a first value from a medium interfaced to the device, produce a second value from boot data resident on the medium, compare the first value to the second value, and boot from the boot data of the medium when the first value is equal to the second value.Type: GrantFiled: April 30, 2014Date of Patent: June 6, 2017Assignee: NCR CorporationInventors: Gordon Chisholm, Kevin Horgan, Campbell Benn