Patents Examined by Theodore C Parsons
-
Patent number: 11868476Abstract: Some embodiments may facilitate boot-specific key access to perform cryptographic operations. A first boot record and a second boot record may be generated independently in response to a request to boot a virtual device. The first and second boot records may be compared and in response to a match between the first boot record and the second boot record, an identify certificate may be obtained. Authorization to access and use a key for cryptographic operations may be obtained in response to a verification of the identity certificate by a cryptographic processor.Type: GrantFiled: June 10, 2021Date of Patent: January 9, 2024Assignee: HYPORI, INC.Inventors: Brian J. Vetter, Phani Achanta, Mohammad Salman Dhedhi, Muhammad Irfan Azam, Terrimane Shon Pritchett
-
Patent number: 11861037Abstract: A unified data fabric for controlling data lifecycles and data flows between trusted data sources and data clients is described herein. A system can include a data ingestion engine and a data delivery engine. The data ingestion engine and the data delivery engine are connected to a data lifecycle engine that maintains data control policies and access control policies. The data ingestion engine is configured to control ingestion of data elements into the unified data fabric based on the data control policies, and the data delivery engine is configured to control access to data elements in the unified data fabric based on access control policies. Each data element from one or more trusted data sources is associated with a global identifier to provide a comprehensive view of information about a constituent from a variety of disparate data sources.Type: GrantFiled: November 4, 2019Date of Patent: January 2, 2024Assignee: Aetna Inc.Inventors: Claus T. Jensen, John A. Pierce, Jr., Igor B. Bord, Dale J. Ianni
-
Patent number: 11856085Abstract: An information using device 300 adds an encryption public key held to a blockchain, an information holding device 200 transmits encrypted information as a result of acquiring the encryption public key from the blockchain 400 and encrypting the target information, the information management device 100 stores the encrypted information received, and transmits a storage destination address, the information holding device 100 adds the storage destination address of the encrypted information received to the blockchain 400, the information using device 300 acquires the storage destination address of the encrypted information, and accesses the storage address, the information management device 100 transmits the encrypted information at the storage destination address, in response to the access from the information using device 300, and the information using device 300 decrypts the encrypted information received, using an encryption secret key held.Type: GrantFiled: March 16, 2020Date of Patent: December 26, 2023Assignee: NOMURA RESEARCH INSTITUTE, LTD.Inventors: Tatsuya Tojima, Takeshi Kondo, Yoshihito Aso, Tatsuya Fuchigami
-
Patent number: 11853458Abstract: Technologies for displaying public and private images includes a display device and one or more user viewing devices. The display device is configured to display or generate a personalized image or video that is viewable by an authorized user viewing device and not viewable by unauthorized viewing devices. To facilitate the display of the personalized images, the display device and the user viewing device(s) may negotiate a display protocol to be used by the display device to display the personalized image in a private manner. In some embodiment, the display device may also display a public image or video that is viewable by unauthorized viewing devices and/or individuals without viewing devices.Type: GrantFiled: December 6, 2022Date of Patent: December 26, 2023Assignee: INTEL CORPORATIONInventors: John C. Weast, Joshua Boelter
-
Patent number: 11849054Abstract: An integrated circuit for a physically unclonable function (PUF) includes a controller configured to generate a control signal with reference to an address table, the address table representing a first mapping relationship between a first PUF cell group and a second PUF cell group having a first predetermined mismatch distance in relation to a PUF cell characteristic, and representing a second mapping relationship between a third PUF cell group and a fourth PUF cell group having a second predetermined mismatch distance in relation to the PUF cell characteristic; and a PUF block configured to provide PUF cell data groups in accordance with the first and second mapping relationships to the controller, in response to the control signal. The controller may be configured to generate an authentication key by respectively comparing the PUF cell data groups with reference data groups.Type: GrantFiled: March 12, 2021Date of Patent: December 19, 2023Assignee: SAMSUNG ELECTRONICS CO., LTD.Inventor: Sung Ung Kwak
-
Patent number: 11848951Abstract: A hybrid-fabric apparatus comprises a black box memory configured to store a plurality of behavior metrics and an anomaly agent coupled to the black box. The anomaly agent determines a baseline vector corresponding to nominal behavior of the fabric, wherein the baseline vector comprises at least two different behavior metrics that are correlated with each other. The anomaly agent disaggregates anomaly detection criteria into a plurality of anomaly criterion to be distributed among network nodes in the fabric, the anomaly detection criteria characterizing a variation from the baseline vector, and each of the plurality of anomaly criterion comprising a function of a measured vector of behavior metrics. The variation can be calculated based on a variation function applied to a vector of measured behavior metrics having elements corresponding to member elements of the baseline vector. Anomaly criterion statuses calculated by at least some of the network nodes are aggregated.Type: GrantFiled: December 13, 2021Date of Patent: December 19, 2023Assignee: Nant Holdings IP, LLCInventor: Thomas M. Wittenschlaeger
-
Patent number: 11847202Abstract: A mobile terminal (1), a switch control method, and a computer readable storage medium. The mobile terminal (1) comprises a hardware security processor (11), a first information input device (12), and a control switch (14); when the control switch (14) is turned on, if first security information currently collected by the first information input device (12) does not match second security information stored in a storage module, or the second security information does not exist in the storage module when the first security information currently collected by the first information input device (12) is obtained, the hardware security processor (11) controls the control switch (14) to be turned off, so as to prevent a second information input device (15) of the mobile terminal (1) from uploading the collected information to a main processor (16) of the mobile terminal (1).Type: GrantFiled: October 14, 2019Date of Patent: December 19, 2023Assignee: XI'AN ZHONGXING NEW SOFTWARE CO., LTD.Inventor: Bing Yu
-
Patent number: 11847225Abstract: A system on chip includes a memory, a main processor that runs an operating system, and first Intellectual Properties (IPs) that perform respective processing operations. The main processor operates to copy target firmware to the memory using a firmware loader, using a hypervisor, block access of the main processor and the first IPs to the target firmware before verification of the target firmware, and using the hypervisor, grant access to the target firmware by a target IP among the first IPs that corresponds to the target firmware after the verification of the target firmware.Type: GrantFiled: October 22, 2020Date of Patent: December 19, 2023Inventors: Siheung Kim, Keunyoung Park, Dongjin Park
-
Patent number: 11818136Abstract: Systems and methods for embodiments of a graph based artificial intelligence systems for identity management are disclosed. Embodiments of the identity management systems disclosed herein may utilize a network graph approach to analyzing identities or entitlements of a distributed networked enterprise computing environment. Specifically, in certain embodiments, an artificial intelligence based identity governance systems may include an intelligent decision support agent to provide an approval or denial recommendation for an access request. To provide an approval or denial recommendation, the intelligent agent may utilize a classifier trained on historical certification data. The intelligent agent may utilize features which represent relevant signals to the approval or denial decision including features that may be associated with a network graph of the identities and entitlements of the enterprise computing environment.Type: GrantFiled: August 2, 2021Date of Patent: November 14, 2023Assignee: SAILPOINT TECHNOLOGIES, INC.Inventors: Mohamed M. Badawy, Jostine Fei Ho, Rajat Kabra
-
Patent number: 11818211Abstract: The present disclosure describes systems and methods for aggregation and management of cloud storage among a plurality of providers via file fragmenting to provide increased reliability and security. In one implementation, fragments or blocks may be distributed among a plurality of cloud storage providers, such that no provider retains a complete copy of a file. Accordingly, even if an individual service is compromised, a malicious actor cannot access the data. In another implementation, file fragmenting may be performed in a non-standard method such that file headers and metadata are divided across separate fragments, obfuscating the original file metadata.Type: GrantFiled: November 19, 2020Date of Patent: November 14, 2023Assignee: Carbonite, Inc.Inventors: Teo Winton Crofton, David Raissipour
-
Patent number: 11811790Abstract: Provided is a system for blocking a phishing attack including a phishing attack prevention storage device, and an agent program which is installed in a user terminal or a service server and performs an interworking operation with the phishing attack prevention storage device when the user terminal or the service server is connected with the phishing attack prevention storage device via a network. According to the embodiment of the present invention, when there is an open request for the file stored in the phishing attack prevention storage device from the user terminal or the service server, the phishing attack prevention storage device may check a storage operation mode and create a fake file other than the open-requested original file when the storage operation mode corresponds to a list-only mode to return the fake file to the user terminal or the service server.Type: GrantFiled: November 27, 2019Date of Patent: November 7, 2023Assignee: NAMUSOFT CO., LTDInventor: Jong Hyun Woo
-
Patent number: 11799875Abstract: A computerized system for complying with critical infrastructure protection (“CIP”) standards concerning system configuration changes. The system can be used to automatically identify and track changes to computers on the network, improving system security and CIP compliance reporting. In certain embodiments, the system collects system information on servers and workstations using built-in commands. The configuration profiles of these computers/devices can be archived for audit purposes.Type: GrantFiled: January 3, 2023Date of Patent: October 24, 2023Assignee: Hoosier Energy Rural Electric Cooperative, Inc.Inventors: Paul Tyler Bonney, Richard Ray Field
-
Patent number: 11790120Abstract: A system for producing and transmitting encrypted data from data encoded on a storage medium comprises an apparatus configured to receive the storage medium and an encryption chip communicatively coupled to the apparatus. The apparatus comprises a processor, a memory, and a network interface. The processor is configured to receive data encoded into the storage medium, and to decode the received data as the storage medium is at least partially inserted into the apparatus. The processor is further configured to transmit the received data to the memory for storage. The encryption chip comprises an encryption processor configured to access the received data stored in the memory of the apparatus and encrypt the received data with an algorithm to produce the encrypted data. The processor then transmits the encrypted data to an external server communicatively connected to a communication network.Type: GrantFiled: March 26, 2021Date of Patent: October 17, 2023Assignee: Bank of America CorporationInventors: Amy L. Arnott, Sarah G. Troxler, Allison Dolores Baker, Michael R. Young
-
Patent number: 11768939Abstract: An embodiment includes activating, responsive to receiving an update notification, an update mode of a mobile device, wherein the activating of the update mode includes disabling a primary communication interface and enabling a secondary communication interface, and wherein the update notification includes notification of a software update available for the mobile device. The embodiment also includes initiating execution of the software update on the mobile device while the mobile device remains in the update mode. The embodiment also includes deactivating, responsive to completing the software update, the update mode of the mobile device, wherein the deactivating of the update mode includes enabling the primary communication interface and disabling the secondary communication interface.Type: GrantFiled: March 25, 2021Date of Patent: September 26, 2023Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Manish Anand Bhide, Madan K Chukka, Phani Kumar V. U. Ayyagari, PurnaChandra Rao Jasti
-
Patent number: 11763004Abstract: An embodiment of a computerized method for detecting bootkits is described. Herein, a lowest level software component within a software stack, such as a lowest software driver within a disk driver stack, is determined. The lowest level software component being in communication with a hardware abstraction layer of a storage device. Thereafter, stored information is extracted from the storage device via the lowest level software component, and representative data based on the stored information, such as execution hashes, are generated. The generated data is analyzed to determine whether the stored information includes a bootkit.Type: GrantFiled: September 27, 2018Date of Patent: September 19, 2023Assignee: FireEye Security Holdings US LLCInventors: Andrew Davis, Frederick House, Ryan Fisher
-
Patent number: 11763040Abstract: A data storage device includes a memory device, an always on (AON) application specific integrated circuit (ASIC), and a controller coupled to the memory device and the AON ASIC. When the data storage device enters a low power state, the controller generates and stores security data associated with context data in a power management integrated circuit (PMIC). The context data is stored in both the memory device and a host memory buffer (HMB). A location of the context data in the HMB is stored in the PMIC with the security data. When the data storage device exits the low power state, the address stored in the PMIC is utilized to retrieve the context data from the HMB. The retrieved context data is verified against the security data by the controller.Type: GrantFiled: April 7, 2021Date of Patent: September 19, 2023Assignee: Western Digital Technologies, Inc.Inventors: Shay Benisty, Judah Gamliel Hahn, Ariel Navon
-
Patent number: 11755747Abstract: An example system on a chip (SoC) includes a security processor configured to store a plurality of key-pairs associated with subsystems of the SoC to a key vault; and an encryption engine configured to: determine a first tweak value based on a first sector address of a storage device; encrypt the first tweak value according to the second key of the key-pair associated with a subsystem; encrypt a first portion of the source data according to a first key of the key-pair and the encrypted first tweak value; determine a second tweak value based on a second sector address of the storage device and encrypt the second tweak value according to the second key prior to completing the encryption of the first portion of the source data; and encrypt a second portion of the source data according to the first key and the encrypted second tweak value.Type: GrantFiled: February 11, 2021Date of Patent: September 12, 2023Assignee: Meta Platforms Technologies, LLCInventors: Sudhir Satpathy, Wojciech Stefan Powiertowski, Nagendra Gupta Modadugu, Neeraj Upasani
-
Patent number: 11757632Abstract: A request to generate one or more random values can be received. In response to receiving the request to generate the one or more random values, a first read operation can be performed on a memory cell of the memory component to retrieve first data and a second read operation can be performed on the same memory cell of the memory component to retrieve second data. The first data can be compared with the second data to identify a difference between the first data and the second data. The difference can be associated with a noise characteristic of the memory cell. The one or more random values can be generated based on the difference between the first data and the second data that is associated with the noise characteristic of the memory cell.Type: GrantFiled: December 19, 2018Date of Patent: September 12, 2023Assignee: Micron Technology, Inc.Inventors: David L. Miller, Michael T. Brady
-
Patent number: 11750598Abstract: Technologies are shown for network attribution tracking for a multi-legged transaction that involve receiving a tracking token registration request from a partner service, generating a tracking token associated with the partner service, adding an entry to an attribution stack for a transaction, where the entry associates the tracking token with the partner service, and returning the tracking token to the partner service. Receiving a tracking token request can include determining whether the tracking token request includes a previously generated tracking token and using the previously generated tracking token to identify the attribution stack for the transaction. Adding an entry to an attribution stack for a transaction can include adding the entry to the attribution stack identified for the transaction. Attribution for a transaction can be obtained by accumulating attribution entities from each entry in the attribution stack identified for the transaction.Type: GrantFiled: July 19, 2019Date of Patent: September 5, 2023Assignee: eBay Inc.Inventors: Gail Anna Rahn Frederick, Tatjana Vlahovic
-
Patent number: 11748520Abstract: An information handling system may include at least one processor; and a memory coupled to the at least one processor. The information handling system may be configured to: execute an application on the at least one processor, wherein at least a portion of data of the application is stored encrypted in a secure enclave region of the memory; and securely transfer execution of the application to a second information handling system by: transmitting platform configuration register (PCR) measurement data to the second information handling system; and transmitting the data of the application to the second information handling system; wherein the PCR measurement data is usable by the second information handling system to perform a remote attestation, the remote attestation including verification of the PCR measurement data to confirm that the data of the application has not been changed.Type: GrantFiled: October 28, 2020Date of Patent: September 5, 2023Assignee: Dell Products L.P.Inventors: Krishnaprasad K, Gobind Vijayakumar, Murugan Sekar