Patents Examined by Suman Debnath
  • Patent number: 11520879
    Abstract: A trusted execution environment migration method for a device comprising a multicore processor, the processor operable to execute a rich execution environment (REE) and a trusted execution environment (TEE), the method comprising: executing a TEE scheduler in the REE on a first core of the multicore processor; subsequent to a migration of the TEE scheduler from the first core to a second core, issuing a request, by the TEE scheduler and to a transition submodule in the TEE, to execute an operations submodule in the TEE, wherein the transition submodule is operable to manage the transition of a core of the processor between execution of the REE and execution of the operations submodule in the TEE, and wherein the transition submodule is executed on the same core as the TEE scheduler; upon execution of the operations submodule, determining if the core on which the operations submodule is executing has changed since the previous execution of the operations submodule.
    Type: Grant
    Filed: January 9, 2020
    Date of Patent: December 6, 2022
    Assignee: Trustonic Limited
    Inventors: Olivier Deprez, Lukas Hänel
  • Patent number: 11502995
    Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.
    Type: Grant
    Filed: December 14, 2017
    Date of Patent: November 15, 2022
    Assignee: KYNDRYL, INC.
    Inventors: Constantin Mircea Adam, Richard Jay Cohen, Robert Filepp, Milton H. Hernandez, Brian Peterson, Maja Vukovic, Sai Zeng, Guan Qun Zhang, Bhavna Agrawal
  • Patent number: 11503007
    Abstract: Systems, methods, and use-cases of multi-modal authentications and content distribution are presented. A content consumer can capture a multi-modal digital representation of multiple objects where a juxtaposition of features derived from the digital representation can be used to recognize that at least some of the objects are a valid authentication object. Upon authentication, an authentication agent determines a content access level for content associated with the corresponding to the juxtaposition. The content can then be presented on an electronic device, possibly within a secure virtual machine, according to the content access level.
    Type: Grant
    Filed: October 15, 2020
    Date of Patent: November 15, 2022
    Assignee: Nant Holdings IP, LLC
    Inventor: Patrick Soon-Shiong
  • Patent number: 11495088
    Abstract: A computer-implemented method of authenticating a memory of a gaming machine uses a computing device having a processor communicatively coupled to a memory. The method includes identifying a first subset of the memory including one or more operational data components associated with operating the gaming machine. The method also includes identifying a second subset of the memory. At least some of the second subset of the memory is distinct from the first subset of the memory. The method further includes authenticating the first subset of the memory while the gaming machine is in a disabled state. The method also includes enabling operation of the gaming machine after said authenticating the first subset of the memory if the authentication of the first subset of the memory is successful. The method further includes authenticating the second subset of the memory while the gaming machine is in an enabled state.
    Type: Grant
    Filed: November 18, 2019
    Date of Patent: November 8, 2022
    Assignee: Video Gaming Technologies, Inc.
    Inventor: Michael Oberberger
  • Patent number: 11481227
    Abstract: A method can include evaluating each of a plurality of collaborative systems, using a processor, for suitability hosting an artifact according to at least one attribute of the artifact. A first collaborative system can be selected from the plurality of collaborative systems according to the evaluation. The artifact can be stored in the first collaborative system.
    Type: Grant
    Filed: October 14, 2019
    Date of Patent: October 25, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Thomas J. Burris, Manish Kataria
  • Patent number: 11470029
    Abstract: Machine learning based methods for the analysis and reporting of suspicious email are disclosed. In one aspect, there is a method that includes displaying a user-selectable icon to report a suspicious electronic message. The method further includes receiving selections of the electronic message and the user-selectable icon. The method further includes quarantining the electronic message in response to the selections. The method further includes electronically communicating the electronic message to a processor for performing threat analysis in response to the selections. The method further includes receiving a response message in response to the performed threat analysis, the response message indicating a threat status of the electronic message.
    Type: Grant
    Filed: October 31, 2018
    Date of Patent: October 11, 2022
    Assignee: Edgewave, Inc.
    Inventors: Louis Ryan, Robert Crowe, Steven Christopher Kelley, John Randall, Gang Ding
  • Patent number: 11425164
    Abstract: Distributed storage of a file in edge storage devices that is resilient to eavesdropping adversaries and Byzantine adversaries. Approaches include a cost-efficient approach in which an authorized user has access to the content of all edge storage nodes. In this approach, key blocks and file blocks that are masked with key blocks are saved in the edge storage nodes. Additionally, redundant data for purposes of error correction are also stored. In turn, upon retrieval of all blocks, errors introduced by a Byzantine adversary may be corrected. In a loss resilient approach, redundant data is stored along with masked file partitions. Upon retrieval of blocks from the edge storage nodes, a unique approach to solving for the unknown file partition values is applied with identification of corrupt nodes based on an average residual error value for each storage node.
    Type: Grant
    Filed: August 28, 2020
    Date of Patent: August 23, 2022
    Assignee: SEAGATE TECHNOLOGY LLC
    Inventor: Yasaman Keshtkarjahromi
  • Patent number: 11425118
    Abstract: A centralized gateway server receives a first user request, configured to operate with a first development platform, indicating a first operation to be performed on behalf of a first user. The centralized gateway server generates a first service request for performing the first operation, and transmits the first service request to a server associated with a service, to cause the server to perform the first operation on behalf of the first user. The centralized gateway server also receives a second user request indicating a second operation. The second user request is configured to operate with a second development platform different from the first development platform. The centralized gateway server generates a second service request for performing the second operation, and transmits the second service request to the server to cause the server to perform the second operation.
    Type: Grant
    Filed: August 6, 2018
    Date of Patent: August 23, 2022
    Assignee: Giesecke+Devrient Mobile Security America, Inc.
    Inventor: Mehdi Zadeh Heidari
  • Patent number: 11418677
    Abstract: A method for preventing image modification, an image capturing device and an image verification method are disclosed. The image modification method includes: processing a compressed image of at least one frame to obtain feature data of the compressed image of the at least one frame; encrypting the feature data to generate a checksum; generating supplemental enhancement information, which at least includes a time parameter and the checksum; and transmitting and/or storing the supplemental enhancement information and the compressed image of the at least one frame together so as to verify authenticity of the compressed image of the at least one frame by using the supplemental enhancement information. The time parameter is a counter value of a counter in the image capturing device and the counter value continuously increases. With the above method, authenticity of image data can be verified.
    Type: Grant
    Filed: November 8, 2018
    Date of Patent: August 16, 2022
    Assignee: SIGMASTAR TECHNOLOGY LTD.
    Inventor: Lijing Chen
  • Patent number: 11405420
    Abstract: Distributed storage of a file in edge storage devices that is resilient to eavesdropping adversaries and Byzantine adversaries. Approaches include a cost-efficient approach in which an authorized user has access to the content of all edge storage nodes. In this approach, key blocks and file blocks that are masked with key blocks are saved in the edge storage nodes. Additionally, redundant data for purposes of error correction are also stored. In turn, upon retrieval of all blocks, errors introduced by a Byzantine adversary may be corrected. In a loss resilient approach, redundant data is stored along with masked file partitions. Upon retrieval of blocks from the edge storage nodes, a unique approach to solving for the unknown file partition values is applied with identification of corrupt nodes based on an average residual error value for each storage node.
    Type: Grant
    Filed: August 28, 2020
    Date of Patent: August 2, 2022
    Assignee: SEAGATE TECHNOLOGY LLC
    Inventor: Yasaman Keshtkarjahromi
  • Patent number: 11386216
    Abstract: Embodiments relate to a system, program product, and method for use with a computer platform to support privacy preservation. The platform measures and verifies data privacy provided by a shared resource service provider. An assessment is utilized to support the privacy preservation with respect to a data steward, and associated shared data. It is understood that data associated with a data service has an expected level of privacy. A privacy score directly correlating to a leakage indicator of the service is formed, and an associated data container is populated with inferred entities deemed to at least meet a preferred privacy level. The privacy score effectively certifies the security of the populated data container.
    Type: Grant
    Filed: November 13, 2018
    Date of Patent: July 12, 2022
    Assignee: International Business Machines Corporation
    Inventors: Dimitrios Skourtis, Nathalie Baracaldo Angel, Rui Zhang
  • Patent number: 11381595
    Abstract: Preventing Transport Layer Security session man-in-the-middle attacks is provided. A first security digest generated by an endpoint device is compared with a second security digest received from a peer device. It is determined whether a match exists between the first security digest and the second security digest based on the comparison. In response to determining that a match does not exist between the first security digest and the second security digest, a man-in-the-middle attack is detected and a network connection for a Transport Layer Security session is terminated with the peer device.
    Type: Grant
    Filed: November 9, 2018
    Date of Patent: July 5, 2022
    Assignee: International Business Machines Corporation
    Inventors: Wei-Hsiang Hsiung, Sheng-Tung Hsu, Kuo-Chun Chen, Chih-Hung Chou
  • Patent number: 11381583
    Abstract: A system and associated methods for the detection of anomalous behavior in a system. In some embodiments, time-series data that is obtained from the system (such as log data) may be used as an input to a process that converts the data into greyscale values. The greyscale values are used to construct an “image” of the system operation that is used as an input to a convolutional neural network (CNN). The image is used to train the neural network so that the neural network is able to recognize when other input “images” constructed from time-series data are anomalous or otherwise indicative of a difference between the prior (and presumed normal or acceptable) and the current operation of the system.
    Type: Grant
    Filed: November 1, 2018
    Date of Patent: July 5, 2022
    Assignee: DimensionalMechanics, Inc.
    Inventors: Jason K. Ellis, Rajeev Dutt
  • Patent number: 11328073
    Abstract: Users are authorized to access tagged metadata in a provider network. A revision control and binding mechanism may be applied to tagged metadata that is added or modified by the user. A recommendation pertaining to security and compliance for the computing resource may be determined based on an analysis of the computing resource, scoring criteria, and data pertaining to customer and system data.
    Type: Grant
    Filed: May 9, 2019
    Date of Patent: May 10, 2022
    Assignee: Amazon Technologies, Inc.
    Inventor: Hart Matthew Rossman
  • Patent number: 11329999
    Abstract: Techniques are provided for determining environment parameter values based on rendered emoji analysis, A server computer provides a first set of code that, when executed by a browser application at a client computing device, renders a set of emoji at the client computing device, generates a set of rendered graphic data for the set of emoji at the client computing device, and transmits the set of rendered graphic data for each emoji of the set of emoji from the client computing device to the server computer. The server computer receives the rendered graphic data generated at the client computing device, Based on the set of rendered graphic data for the set of emoji generated at the client computing device, the server computer determines a set values for one or more environment parameters of the client computing device.
    Type: Grant
    Filed: November 15, 2018
    Date of Patent: May 10, 2022
    Assignee: F5, Inc.
    Inventors: Kevin Gibbons, Michael Ficarra
  • Patent number: 11323470
    Abstract: Disclosed embodiments relate to systems and methods for analyzing and addressing least-privilege security threats on a composite basis. Techniques include identifying a permission associated with a secured resource, identifying attributes associated with the permission, weighting the attributes, and, based on the attributes and their weights, creating a normalized score corresponding to the risk presented by the permission. Further techniques include identifying attributes associated with the secured resource, identifying special risk factors, and creating weighted scores based on the resource attributes and special risk factors. Other techniques include aggregating the weighted scores and using the weighted scores to identify insecure areas within the system.
    Type: Grant
    Filed: December 18, 2019
    Date of Patent: May 3, 2022
    Assignee: CyberArk Software Ltd.
    Inventor: Asaf Hecht
  • Patent number: 11323426
    Abstract: Transparently identifying users using a shared VPN tunnel uses an innovative method to detect a user of a shared VPN tunnel, after authenticating the user, using an assigned userid (that may be a virtual IP). The virtual IP is used as a cookie in each request made by the user. This cookie is an authentication token used by the gateway to detect the user behind a specific request for an Internet resource (such as an http/s request). The cookie is stripped by the gateway so the cookie is not sent to the resource.
    Type: Grant
    Filed: October 19, 2017
    Date of Patent: May 3, 2022
    Assignee: CHECK POINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Amnon Perlmutter, Lior Drihem, Yair Ziv, Jeremy Sinai, Tsemach Mizrachi
  • Patent number: 11270267
    Abstract: Information is identified as sensitive and a lapsed time job (Chron Job) is created that will allow the deletion of sensitive information after a period of time. The interval could be set to be longer than vacation or other planned use, and yet short enough to limit the period where risk to the organization or individual is incurred. The Chron Job could be integrated with the user's calendar, such that the Chron Job considers holiday time as a means of delaying execution of the Chron Job which would allow a shorter interval to be selected. In addition to deletion of the information identified as sensitive, additional steps could also be taken, such as the purging of the recycle bin, modification of the FAT, and optionally the deletion of related information. Once information is identified as sensitive, the information and derivative works are tracked and managed.
    Type: Grant
    Filed: December 12, 2007
    Date of Patent: March 8, 2022
    Assignee: Avaya Inc.
    Inventors: David S. Mohler, Jason H. Vick
  • Patent number: 11257393
    Abstract: A system has an evaluation server that includes at least one database storing a plurality of cybersecurity awareness evaluations, the database connected to the server, a plurality of clients connected to the server and configured to run at least one of the cybersecurity awareness evaluations for play by users on user devices, the users performing actions in the evaluation including offensive actions and defensive actions, and an evaluation dashboard including an interface configured to display scoring results of the cybersecurity awareness evaluations as determined by the server, the scoring results including a plurality of offensive component scores for at least one of the users, a plurality of defensive component scores for at least one of the users, at least one composite offensive score for at least one of the users and at least one composite defensive score for at least one of the users, the composite offensive score being determined based on a plurality of the component offensive scores and the composit
    Type: Grant
    Filed: October 26, 2018
    Date of Patent: February 22, 2022
    Inventors: Phillip Atencio, Cassandra Brubaker, George A. Wright, Brandon Dorris, Peter Grundy, Charles A. Hardin
  • Patent number: 11250173
    Abstract: A master digital copy of a registration is transmitted. The registration is proof that a physical object has been registered with a registration authority. A valid peripheral digital copy of the registration is received. The valid peripheral digital copy of the registration was made from the master digital copy of the registration and is incapable of being used to make other valid digital copies of the registration.
    Type: Grant
    Filed: August 26, 2019
    Date of Patent: February 15, 2022
    Assignee: International Business Machines Corporation
    Inventors: Daniel A. Gisolfi, Richard Redpath