Patents Examined by Thanhnga B. Truong
  • Patent number: 10354081
    Abstract: Interprocess communication between processes that run on a host operating system of a computer is performed by way of a protected temporary file. File access operation on the temporary file is hooked to detect writing to the temporary file. When a process writes a message to the temporary file, a verification is performed to determine whether or not the process is authorized to access the temporary file. When the process is authorized to access the temporary file, the process is allowed to write the message to the temporary file. This allows another process that is intended to receive the message to read the message from the temporary file and act on the message. Otherwise, when the process is not authorized to access the temporary file, the process is blocked from writing the message to the temporary file.
    Type: Grant
    Filed: January 5, 2017
    Date of Patent: July 16, 2019
    Inventors: Chuan Jiang, Weichao Dai, Zhifeng Du, Yuncao Tian, Sen Jiang
  • Patent number: 10346636
    Abstract: A privacy enforcement engine conducts a process that evaluates user privacy preferences against the privacy policy of a service provider. The engine works in conjunction with an identity selector. The identity selector filters user identity information cards to determine which ones satisfy the requirements of a security policy. The engine identifies privacy preferences that are relevant to the user identity information specified by the successfully filtered cards. The engine evaluates these privacy preferences against the privacy policy, to provide its own filtering operation relative to the exercise of privacy controls. The cards that pass the filtering operation conducted by the engine are deemed available for disclosure.
    Type: Grant
    Filed: October 25, 2016
    Date of Patent: July 9, 2019
    Inventor: Gail-Joon Ahn
  • Patent number: 10348484
    Abstract: A method for generating a blockchain configured for fast navigation includes: storing a blockchain comprised of a plurality of blocks, each block including a header comprised of a fast track flag, fast track reference, timestamp, and hash value, where the plurality of blocks includes standard blocks having a deactivated fast track flag and fast track blocks having an activated fast track flag; identifying a most recent fast track block based on the timestamp in the fast track blocks; identifying a most recent overall block based on the timestamp included in the plurality of blocks; generating a fast track hash value via hashing the most recent fast track block; generating a chain hash value via hashing the most recent overall block; and writing a new block to the blockchain including a block header comprised of a timestamp, activated fast track flag, the fast track hash value, and the chain hash value.
    Type: Grant
    Filed: October 24, 2016
    Date of Patent: July 9, 2019
    Inventor: David J. King
  • Patent number: 10341347
    Abstract: A method of operating a data store system may include generating a registration key in response to identify a non-responsive processing node in a plurality of processing nodes. The method may further include providing the registration key to the other processing nodes of the plurality of processing nodes excluding the identified non-responsive processing node. The method may further include providing the registration key to a plurality of storage cluster nodes in communication with the plurality of processing nodes over a network. Each storage cluster node may be configured to manage access to a respective set of persistent storage devices. Each processing node provided the registration key may be authorized to access each of the persistent storage devices. A system and computer-readable medium may also be implemented.
    Type: Grant
    Filed: December 30, 2015
    Date of Patent: July 2, 2019
    Assignee: Terdata US, Inc.
    Inventors: Gary Lee Boggs, William Timothy Sanders
  • Patent number: 10341332
    Abstract: Embodiments provide a system and method for network tracking. Through various methods of packet encapsulation or IP option filling, one or more packets of information can be tagged with a unique security tag to prevent unauthorized access. A user agent can be validated by an authentication server through acceptance of one or more user credentials. The authentication server can generate a security token that can be transmitted to the user agent. The user agent can generate a keystream from the security token, and portions of that keystream can be attached to the packets as the security tag. The tagged packets can be forwarded to an authenticator, who can recreate the keystream from a copy of the security token provided by the authentication server. If the tags generated from the authenticator match the tags on the tagged packet, the authenticator can strip the tag from the tagged packet and forward the packet on to its next network address.
    Type: Grant
    Filed: July 26, 2016
    Date of Patent: July 2, 2019
    Assignee: International Business Machines Corporation
    Inventors: Chih-Wen Chao, Cheng-Ta Lee, Wei-Shiau Suen, Ming-Hsun Wu
  • Patent number: 10333720
    Abstract: Method for establishing secure communication between a plurality of IoT devices in one or more vehicles include: provisioning the plurality of IoT devices by providing a unique identification, a digital identity token and a cryptographic key to each of the plurality of IoT devices; establishing a secure communication line between the plurality of IoT devices by authenticating respective communication lines between respective IoT devices and issuing a digital certificate to the respective communication lines; grouping the plurality of IoT devices into different groups based on a predetermined criteria; and including a group membership for a group of the different groups in an attribute certificate indicating group characterization.
    Type: Grant
    Filed: February 6, 2018
    Date of Patent: June 25, 2019
    Assignee: T-CENTRAL, INC.
    Inventors: David W. Kravitz, Donald Houston Graham, III, Josselyn L. Boudett, Russell S. Dietz, Kent William Stacy
  • Patent number: 10334443
    Abstract: A method for configuring a profile of a subscriber authenticating module embedded and installed in a terminal device, and an apparatus using same, are disclosed. The subscriber authenticating module embedded and installed in the terminal device according to an exemplary embodiment includes one or more network access application related data sets and one or more profiles having unique identifiers. The present invention enables an eco-system provider such as a network service provider, a eUICC manufacturer, or a terminal manufacturer to develop an efficient and rapid eUICC and provide a eUICC service.
    Type: Grant
    Filed: July 10, 2017
    Date of Patent: June 25, 2019
    Assignee: KT Corporation
    Inventors: Myoung Hee Seo, Kwan Lae Kim, Chul Hyun Park, Jin Hyoung Lee, Hyung Jin Lee, Youn Pil Jeung
  • Patent number: 10326597
    Abstract: A system that provides responses to requests obtains a key that is used to digitally sign the request. The key is derived from information that is shared with a requestor to which the response is sent. The requestor derives, using the shared information, derives a key usable to verify the digital signature of the response, thereby enabling the requestor to operate in accordance with whether the digital signature of the response matches the response.
    Type: Grant
    Filed: June 27, 2014
    Date of Patent: June 18, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Gregory Branchek Roth, Eric Jason Brandwine
  • Patent number: 10320786
    Abstract: Provided are an electronic apparatus in which a normal operating system (OS) and a secure OS are installed and a method for controlling the electronic apparatus. The method for controlling the electronic apparatus includes searching for at least one external terminal in which a secure OS is installed, selecting a first terminal from among the at least one external terminal in which a secure OS is installed, in response to a first terminal being selected from the retrieved at least one external terminal, performing communication connection with the first terminal, searching for at least one terminal in which only a normal OS is installed, from among at least one external terminal that is capable of being communication-connected to the first terminal, and performing communication with a second terminal of the at least one terminal in which only the normal OS is installed, through the first terminal.
    Type: Grant
    Filed: September 6, 2016
    Date of Patent: June 11, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Jung-kyuen Lee, In-ho Kim, In-hwan We, Jong-tak Lee
  • Patent number: 10320917
    Abstract: A method and apparatus of key negotiation processing, which includes acquiring, by a control network element, a first key negotiation parameter and a second key negotiation parameter, and sending, by the control network element, the first key negotiation parameter and/or the second key negotiation parameter to the first user equipment UE and a second UE such that the first UE and the second UE generate a key according to the first key negotiation parameter and the second key negotiation parameter. Key negotiation may be performed between two UEs that perform proximity communication.
    Type: Grant
    Filed: May 4, 2016
    Date of Patent: June 11, 2019
    Inventors: Bo Zhang, Chengdong He, Lu Gan
  • Patent number: 10303872
    Abstract: Location-based configuration profile toggling may be provided. Configuration profiles associated with user devices may be identified, determinations of whether the user devices are authorized to enable the configuration profiles on the user devices may be made based at least in part on location constraints, and the configuration profiles may be enabled on the user devices if the location constraints are satisfied.
    Type: Grant
    Filed: June 8, 2016
    Date of Patent: May 28, 2019
    Assignee: AirWatch, LLC
    Inventors: Alan Dabbiere, John Marshall, Erich Stuntebeck
  • Patent number: 10296729
    Abstract: There are disclosed methods and apparatus for manufacture of image inventories. A production and packaging machine applies derivations to still images from image products. It assigns metadata to the derivative images. The production and packaging machine then generates a cryptographic hash of the derivative image and the metadata to produce a derivative image product, and writes the hash to a node of a transaction processing network.
    Type: Grant
    Filed: August 23, 2018
    Date of Patent: May 21, 2019
    Assignee: Eight Plus Ventures, LLC
    Inventors: Christoph Bertsch, Rodney Lake, Douglas Sturgeon, Anthony Sziklai
  • Patent number: 10291686
    Abstract: Secure and remote operation of a remote computer from a local computer over a network includes authenticating a remote computer for connection to a computer over the network and/or a local computer for connection to a remote computer over the network; establishing a secure connection therebetween; and integrating a desktop of a remote computer on a display of a local computer. Functions that are performed may include one or more of: integrating a file structure of accessible files accessed at the second or first computer, into a file structure contained at the first or second computer, respectively; at least one of integrating a desktop of the second computer on a display of the first computer and integrating a desktop of the first computer on a display of the second computer; and directly operating the second computer from the first computer or the first computer from the second computer.
    Type: Grant
    Filed: February 12, 2018
    Date of Patent: May 14, 2019
    Assignee: Western Digital Technologies, Inc.
    Inventors: Lambertus Hesselink, Dharmarus Rizal, Eric S. Bjornson
  • Patent number: 10277596
    Abstract: Systems, methods, and computer-readable media are described for a network address block treatment server. The network address block treatment server identifies blocks of network addresses, associates them with treatments, and generates compact representations of the network address blocks. Blocks may be identified based on network activity data or on the treatment of individual network addresses, and treatments may be associated with address blocks based on address-level and/or block-level criteria. Treatments may include, for example, denying service requests, throttling, queueing, issuing a challenge-response, or limiting the number or scope of services. The network address block treatment server may review treatments periodically or upon receipt of additional network activity data. The server may implement treatments in connection with firewall or routing services, or may transmit address block representations and associated treatments to network service providers for implementation.
    Type: Grant
    Filed: March 4, 2016
    Date of Patent: April 30, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Darren Ernest Canavor, Kenneth Grey Richards, William Alexander Strand
  • Patent number: 10257168
    Abstract: A method and system are provided for securing telecommunications traffic data. A method is provided for transmitting messages via a telecommunications network between a number of subscribers by means of a telecommunications service, wherein the telecommunications service receives at least one first message of individual first size from at least one first subscriber to the telecommunications service that is intended for at least one second subscriber of the telecommunications service. In reaction to receiving a message, the telecommunications service sends at least one second message to the at least one second subscriber, wherein the at least one second message obtains a second size. The first size cannot be conclusively deduced from the second size.
    Type: Grant
    Filed: May 6, 2016
    Date of Patent: April 9, 2019
    Assignee: Uniscon Universal Identity Control GmbH
    Inventor: Hubert J├Ąger
  • Patent number: 10257190
    Abstract: A method according to one embodiment includes reading a unique credential identifier of a passive credential device, transmitting the unique credential identifier to a credential management system over a secure wireless connection, receiving credential device data from the credential management system over the secure wireless connection, and transmitting the received credential device data to the passive credential device.
    Type: Grant
    Filed: September 23, 2016
    Date of Patent: April 9, 2019
    Assignee: Schlage Lock Company LLC
    Inventors: David M. Baty, Srikanth Venkateswaran, Paul D. Heal
  • Patent number: 10257171
    Abstract: A method of ensuring the identity of a first processing device to a second processing device allows for secure network communication between the devices. A network resource address including an encoded trusted identifier in a portion of the address excluding the host name of the first processing device are provided to a second processing device by a trusted distribution mechanism. The trusted identifier is derived from a public key of the first processing device. Communication is initiated with the first processing device at the network resource address and a public key purporting to identify the first processing device is received in response to initiating the communication. The trusted identifier is compared to a transformation of at least a portion of the public key to determine a match between the identifier and the transformation. If the trusted identifier and the transformation match, the identity of the first processing device is verified.
    Type: Grant
    Filed: September 4, 2015
    Date of Patent: April 9, 2019
    Assignee: CA, Inc.
    Inventors: Mike Arnold Lyons, Vincent Chan, Richard Jason Refuerzo Raquepo
  • Patent number: 10237291
    Abstract: A method for processing session and a device thereof, a server and a storage medium are provided. The method includes: capturing packets sent from a client associated with the session; reconstituting a packet flow of the session from the captured packets based on quintets of the packets, wherein the quintet comprises a source address, a destination address, a source port, a destination port and a protocol number of the packet; extracting a behavior attribute of the client from the packet flow; determining that the behavior attribute of the client is beyond a baseline; and interrupting the session with the client.
    Type: Grant
    Filed: January 27, 2016
    Date of Patent: March 19, 2019
    Assignee: Tencent Technology (Shenzhen) Company Limited
    Inventors: Xi Chen, Jingtao Bai
  • Patent number: 10230721
    Abstract: The present disclosure discloses an authentication server, an authentication system and an authentication method. The authentication server includes an information acquisition module and an identity authentication module. The information acquisition module obtains telecommunication user information from a telecommunications server, and obtains merchant user information from a merchant server, based on an end-user's cell phone number. The identity authentication module compares the telecommunication user information with the merchant user information according to a predetermined authentication mode, and returns a comparison result to the merchant server. The authentication method of the present disclosure can obtain better security protection, fast authentication, better user experience, and avoid security problem of repeat SMS interception.
    Type: Grant
    Filed: April 12, 2018
    Date of Patent: March 12, 2019
    Inventor: Tai Chiu Chan
  • Patent number: 10212134
    Abstract: Systems and methods for centralized management and enforcement of online privacy policies of a private network are provided. According to one embodiment, existence of private information contained in a data packet originated by a client device of a private network and destined for a server device external to the private network is identified by a network security device protecting the private network by scanning the data packet for information matching a signature contained within a private information signature database. An online privacy policy of the private network is determined by the network security device that is applicable to the private information with reference to a privacy policy set defined by an administrator of the private network. The online privacy policy is enforced by the network security device on the data packet by performing one or more actions specified by the online privacy policy to the data packet.
    Type: Grant
    Filed: August 4, 2016
    Date of Patent: February 19, 2019
    Assignee: Fortinet, Inc.
    Inventor: Upkar Singh Rai