Patents Examined by Syed A Zaidi
  • Patent number: 10298581
    Abstract: In one embodiment, an authorized signing authority server receives an authenticity request from a security registrar to vouch for authenticity of a particular device. Based on receiving the authenticity request, the authorized signing authority server may then determine an authenticity state of the particular device, and may also request a device provisioning file for the particular device from a device provisioning server, the device provisioning file defining one or more network security policies for the particular device. Upon receiving the device provisioning file from the device provisioning server, the authorized signing authority server may then return the authenticity state and the device provisioning file for the particular device to the security registrar, causing the security registrar to complete authentication of the particular device based on the authenticity state and the device provisioning file.
    Type: Grant
    Filed: April 28, 2017
    Date of Patent: May 21, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Rashmikant B. Shah, Brian E. Weis, Kannan Kumar, Manoj Kumar Nayak
  • Patent number: 10293785
    Abstract: A control unit, in a disclosed embodiment, includes a transceiver, memory, and a processor. The processor is coupled to the transceiver and memory and executes instructions from the memory to cause the control unit to receive a first transmission containing a certificate, verify the authenticity of the certificate, and, after verifying authenticity of the certificate, execute a public key agreement protocol to generate a first common secret encryption key, receive a second transmission containing an encrypted first public key that is encrypted by the first common secret encryption key, decrypt the encrypted first public key using the first common secret encryption key to determine the first public key, execute a public key agreement protocol to generate a second common secret encryption key, generate an operational key, encrypt the operational key using the second common secret encryption key, and transmit the encrypted operational key.
    Type: Grant
    Filed: June 19, 2018
    Date of Patent: May 21, 2019
    Assignee: TEXAS INSTRUMENTS INCORPORATED
    Inventors: Eric Peeters, Jin-Meng Ho
  • Patent number: 10299128
    Abstract: A network function (NF) entity in a communication network receives authentication data associated with a User Equipment (UE), determines the UE supports a blockchain registration procedure based on the authentication data, exchanges authentication messages with a Blockchain Roaming Broker (BRB) entity over a blockchain network interface, receives a blockchain authentication confirmation from the BRB entity, and registers the UE with the core network based on the blockchain authentication confirmation.
    Type: Grant
    Filed: October 25, 2018
    Date of Patent: May 21, 2019
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Om Prakash Suthar, Ammar Rayes, Michael David Geller, Ian McDowell Campbell, Aeneas Sean Dodd-Noble
  • Patent number: 10298400
    Abstract: Provided is a computer implemented method for performing mutual authentication between an online service server and a service user, including: (a) generating, by an authentication server, a server inspection OTP; (b) generating, by an OTP generator, a verification OTP having the same condition as the server inspection OTP and using the same generation key as an OTP generation key and a calculation condition different from a calculation condition is applied or a generation key different from the OTP generation key is used and the same calculation condition as the calculation condition used for generating the server inspection OTP is applied to generate a user OTP; and (c) generating, by the authentication server, a corresponding OTP having the same condition as the user OTP and comparing whether the generated corresponding OTP and the user OTP match each other to authenticate the service user.
    Type: Grant
    Filed: January 28, 2016
    Date of Patent: May 21, 2019
    Assignee: eStorm Co., LTD
    Inventor: Jong Hyun Woo
  • Patent number: 10291658
    Abstract: Techniques to apply and share remote policies on personal devices are described. In an embodiment, a technique includes contacting an enterprise server from an enterprise application operating on a personal device. The enterprise application may receive policies from the enterprise server. The policies may be applied to the enterprise application. When a second enterprise application on the personal device is launched, the policies may also be applied to the second enterprise application. When a policy is changed on the enterprise server, notification is pushed to the personal device and all related enterprise applications on the personal device may be updated to enforce the policy change. Other embodiments are described and claimed.
    Type: Grant
    Filed: November 9, 2011
    Date of Patent: May 14, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Jonathan Kent, Michael Hamler, Shivakumar Seetharaman, Gregory Bolles
  • Patent number: 10284579
    Abstract: A computer-implemented method of detecting an email spoofing and spear phishing attack may comprise generating a contact model of a sender of emails; determining, by a hardware processor, a statistical dispersion of the generated contact model that is indicative of a spread of a distribution of data in the generated model and receiving, over a computer network, an email from the sender.
    Type: Grant
    Filed: March 22, 2017
    Date of Patent: May 7, 2019
    Assignee: VADE SECURE, INC.
    Inventor: Sebastien Goutal
  • Patent number: 10285050
    Abstract: A method for downloading a profile of an electronic apparatus is provided. The method includes receiving profile information from a profile information transfer server, transmitting a profile request to an identified profile providing server based on the profile information, and receiving a profile installable in a universal integrated circuit card (UICC) of the electronic apparatus from the profile providing server, and an electronic apparatus. Further, the present disclosure may provide a profile information providing server providing the profile information to the electronic apparatus and an operation thereof, and a profile providing server providing a profile to the electronic apparatus and an operation thereof. Further, the present disclosure may provide a method for swapping a profile between apparatuses, a method for acquiring profile information using code information, a method for modifying a profile providing server, and an apparatus performing the same.
    Type: Grant
    Filed: April 12, 2016
    Date of Patent: May 7, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Jonghan Park, Duckey Lee, Sangsoo Lee, Taesun Yeom, Hyewon Lee
  • Patent number: 10270777
    Abstract: A Controlled Environment Secure Media Streaming System manages the delivery of content to Secured Devices. Cloud Services provide content to Integration Hub. The Integration Hub interfaces with various cloud services providers and prepares content for consumption by a resident of a secured facility. Integration Hub utilizes Content Filter to inspect content received from cloud service providers for suitability for use in a secured environment. Once content is retrieved, filtered, formatted, and packaged by Integration Hub, the content is stored in Data Warehouse. Secured Devices request content from the Distribution Hub, the Distribution Hub retrieves the content from the Data Warehouse, and then Distribution Hub manages the transfer of content to the Secured Devices. In some embodiments, Distribution Hub utilizes Content Filter to determine whether or not a particular Secured Device can access particular content.
    Type: Grant
    Filed: February 8, 2018
    Date of Patent: April 23, 2019
    Assignee: Global Tel*Link Corporation
    Inventor: Stephen Lee Hodge
  • Patent number: 10262127
    Abstract: A simulation computer device for securely executing a model includes at least one processor in communication with at least one memory device. The simulation computer device is configured to store a smart container including a model and a usage policy. The simulation computer device is also configured to receive a plurality of inputs for the model and determine whether to validate the model based on the usage policy. The simulation computer device is further configured to execute the model with the plurality of inputs if the model was validated. Moreover, the simulation computer device is configured to transmit at least one output.
    Type: Grant
    Filed: April 5, 2017
    Date of Patent: April 16, 2019
    Assignee: GENERAL ELECTRIC COMPANY
    Inventors: Arun Karthi Subramaniyan, Alexandre Nikolov Iankoulski
  • Patent number: 10264001
    Abstract: Methods, systems, and techniques for network resource attack detection using a client identifier. A server receives from a device the client identifier and user credentials. The client identifier and user credentials are assessed to determine their authenticity. If one or both of the credentials and identifier are inauthentic, the device does not learn from the server which of the identifier and credentials have been found to be inauthentic. When at least one of the identifier and credentials are inauthentic, the device that sent them is assessed to determine whether it is an attacker of the network resource. If the device is determined to be an attacker, one or both of prophylactic and remedial action is taken in response.
    Type: Grant
    Filed: August 12, 2016
    Date of Patent: April 16, 2019
    Assignee: Wizard Tower TechnoServices Ltd.
    Inventors: Michael Peddemors, William Storey
  • Patent number: 10263992
    Abstract: A method for providing a browser using browser processes separated based on access privileges and an apparatus using the method. The method includes acquiring a first address corresponding to a first webpage; acquiring a first set of terminal access privileges based on the first address from a privilege control list and executing a first browser process corresponding to the first set of terminal access privileges; determining whether to allow rendering by comparing the first set of terminal access privileges with a second set of terminal access privileges corresponding to a second webpage when the first browser process attempts to render the second webpage; and if the rendering is not allowed, blocking the first browser process from rendering and rendering the second webpage by executing a second browser process corresponding to the second set of terminal access privileges.
    Type: Grant
    Filed: July 19, 2016
    Date of Patent: April 16, 2019
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Taeho Nam, Seung-hun Han, Jung-hwan Kang, Wook Shin, HyoungChun Kim, ByungJoon Kim, Sung-Jin Kim
  • Patent number: 10242229
    Abstract: A method (100, 400) for managing access to a database is disclosed. The method comprises receiving a database query, (110), executing the query on the database to obtain a result, (120), generating a noise value, (130), perturbing the result with the generated noise value, (140), and outputting the perturbed result, (150). The noise value is generated from a bimodal probability distribution having a minimum probability at zero noise. Also disclosed is an access management processing element, (200, 300, 600) for a database.
    Type: Grant
    Filed: December 20, 2013
    Date of Patent: March 26, 2019
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Saravanan Mohan, Kumaresh Sreedhar
  • Patent number: 10235524
    Abstract: A system, method, and apparatus for identifying and removing malicious applications are disclosed. An example apparatus includes an executable application configured to collect data regarding processes operating on a client device during a time period. The executable application is also configured to purposefully access, during the time period, an application server using a web browser on the client device in an attempt to trigger a malicious application potentially located on the client device. The executable application is configured to transmit, after the time period, the collected data to an analysis server to determine whether the malicious application is located on the client device.
    Type: Grant
    Filed: May 19, 2017
    Date of Patent: March 19, 2019
    Assignee: SUNSTONE INFORMATION DEFENSE, INC.
    Inventor: David K. Ford
  • Patent number: 10237077
    Abstract: A method for protected communication by a vehicle which includes generating a key pair consisting of a private key and a public key and/or of one or more symmetric keys for the vehicle or for a controller of the vehicle in the area of influence of the vehicle manufacturer, generating a first certificate using the key pair, introducing the key pair and the first certificate and/or the symmetric key into the vehicle or the controller, authenticating the vehicle or the controller to a new communication partner by generation of a new key pair for this communication path and sending a signed message together with the certificate, and authenticating a new communication partner to the vehicle or the controller using a signed message and a public key, which are produced by the new communication partner on the basis of a certification by the vehicle manufacturer.
    Type: Grant
    Filed: October 11, 2016
    Date of Patent: March 19, 2019
    Assignee: Volkswagen AG
    Inventors: Timo Winkelvos, Alexander Tschache
  • Patent number: 10235527
    Abstract: Methods, systems, and computer-readable media for monitoring states of application packages deployed on a cloud-based application deployment platform. A notification service retrieves a copy of a deployed application package from the cloud-based deployment platform, and determines libraries of the application package. The notification service can then determine security vulnerabilities in the libraries, and provide notifications on the vulnerabilities of the application package to a user or developer.
    Type: Grant
    Filed: August 11, 2016
    Date of Patent: March 19, 2019
    Inventors: Michael Dalessio, Justin Smith, John Shahid, James Wen, David Jahn, David E. Goddard, Forest Eckhardt, Mark W. Kropf, James Thomas Bayer, Brandon Shroyer, Kelly Gerritz, Samuel E. Smith, Gabriel Ramirez, Justin Archie, Amin Jamali, Daniel George Rosen
  • Patent number: 10237733
    Abstract: Behavioral authentication is described. A mobile device records a first location of the mobile device. The mobile device records a second location of the mobile device. The mobile device determines whether a route from the first location to the second location matches an expected route. The mobile device generates an access-enabling token in response to a determination that the route from the first location to the second location matches the expected route. The mobile device enables access to an entity by a user of the mobile device based on the mobile device providing the access-enabling token to the entity.
    Type: Grant
    Filed: July 20, 2016
    Date of Patent: March 19, 2019
    Assignee: salesforce.com, inc
    Inventor: Vikas Taneja
  • Patent number: 10237057
    Abstract: A method for controlling the exchange of private data, associated with a client device, between an application in execution on or for the device and a serving node in a data network, comprising transmitting a request to the serving node from the application for access to a service requiring use of the private data, receiving challenge data at the application from the serving node, requesting authorization for the use of the private data using a secure user interface of the client device to a trusted information manager on the basis of the challenge data, transmitting an obfuscated version of the private data for use with the service from the trusted information manager to the application on the basis of the authorization.
    Type: Grant
    Filed: August 18, 2014
    Date of Patent: March 19, 2019
    Assignee: Alcatel Lucent
    Inventors: Tommaso Cucinotta, Stephane Betge-Brezetz
  • Patent number: 10230722
    Abstract: The embodiments set forth systems and techniques to authenticate a user device for device services, such as by transferring or extending a trusted device status from a separate and trusted associated user device, which can be paired with the user device. This can be done automatically without requiring the user to sign in at or on behalf of the user device, and the automated process can include verifying a trusted status for the associated user device, receiving data items from both devices, evaluating the data items, and facilitating an authentication of the user device when the evaluating returns a favorable result. Data items can include provisioned machine identifiers, temporally limited one-time user passwords, and a provisioned password reset key. Authentication or trusted device status transfer can be achieved by way of an authentication token that is given to the user device.
    Type: Grant
    Filed: August 27, 2018
    Date of Patent: March 12, 2019
    Assignee: Apple Inc.
    Inventors: James C. Wilson, Lestat Ali, Aniwat Arromratana
  • Patent number: 10225087
    Abstract: Methods and systems for generation of randomized messages for cryptographic hash functions are described herein. The method includes obtaining a random value in a binary bit form for randomizing a message. The method also includes splitting the message into multiple message blocks, where a length of each of the multiple message blocks is based on a length of the random value and a block length of a compression function. The method further includes prepending and appending each of the multiple message blocks with at least a portion of the random value and concatenating the prepended and appended message blocks to obtain a message envelope for generating the randomized message.
    Type: Grant
    Filed: September 14, 2015
    Date of Patent: March 5, 2019
    Assignee: Tata Consultancy Services Limited
    Inventor: Praveen Gauravaram
  • Patent number: 10225268
    Abstract: Systems and methods are provided for automated retrieval, processing, and/or distribution of cyber-threat information using a cyber-threat device. Consistent with disclosed embodiments, the cyber-threat device may receive cyber-threat information in first formats from internal sources of cyber-threat information using an accessing component of the cyber-threat device. The cyber-threat device may receive cyber-threat information second formats from external sources of cyber-threat information using an accessing component of the cyber-threat device. The cyber-threat device may process the received cyber-threat information in the first formats and the second formats into a standard format using a processing component of the cyber-threat device. The cyber-threat device may provide the processed items of cyber-threat information to a distributor using a distributing component of the cyber-threat device.
    Type: Grant
    Filed: April 19, 2016
    Date of Patent: March 5, 2019
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventor: Nathan Weilbacher