Patents Examined by Tri M Tran
-
Patent number: 11558365Abstract: A method for securing and authorizing sensitive operations is described. A computing device may receive a first authentication factor from a second computing device based on a request from the second computing device to authorize an operation; upon validating the first authentication factor, send to at least the second computing device and a third computing device, a request for a second authentication factor; and authorize the operation based on validating the second authentication factor from the second computing device or from the third computing device, or from both.Type: GrantFiled: October 10, 2017Date of Patent: January 17, 2023Assignee: NortonLifeLock Inc.Inventor: Bruce McCorkendale
-
Patent number: 11552954Abstract: Management of IoT devices through a private cloud. An IoT device is coupled to a gateway. A request from the IoT device to connect to a private cloud, wherein the private cloud is used to manage IoT devices, is received at a private cloud control center agent. An identification of the IoT device is determined. The IoT device is onboarded, using the identification, for management through the private cloud. A device profile of the IoT device is generated. The flow of data to and from the IoT device is regulated through application of IoT rules according to the device profile of the IoT device.Type: GrantFiled: July 23, 2019Date of Patent: January 10, 2023Assignee: Palo Alto Networks, Inc.Inventors: Xu Zou, Jianlin Zeng, Mei Wang
-
Patent number: 11528142Abstract: The described embodiments relate to data protection methods, systems, and computer program products. A process-based encrypted data access policing system is proposed based on methods of encrypted data file management, process authentication and authorization, Trojan detection for authorized processes, encryption key generation and caching, and encrypted-file cache management. The process-based encrypted data access policing system may be implemented as a kernel level file system filter and a user-mode filter companion application, which polices the reading/writing of encrypted data in either a server system or an endpoint computer and protects data from data breaches and known or unknown attacks including ransomware and/or phishing attacks.Type: GrantFiled: October 10, 2017Date of Patent: December 13, 2022Assignee: BICDROID INC.Inventors: En-Hui Yang, Xiang Yu, Jin Meng
-
Patent number: 11528268Abstract: A machine-assisted method for verifying a video presence that includes: receiving, at a computing device of an identity provider, an authentication request initially sent from a requester to access an account managed by a relying party, different from the identity provider; retrieving, from the authentication request, at least a portion of a video stream feed initially from the requester, to the computing device, the portion of video stream feed portraying a face of the requester; extracting the face of the requester from the portion of the video stream feed; providing a directive to the requester soliciting a corresponding gesture; and receiving a response gesture from the requester.Type: GrantFiled: August 3, 2020Date of Patent: December 13, 2022Assignee: IDEMIA IDENTITY & SECURITY USA LLCInventor: Thiagarajan Saravanan
-
Patent number: 11520885Abstract: A method and apparatus for using a dynamic security certificate. The method analyzes a browser to access browser information and generates a dynamic security certificate based on the browser information. The method modifies a configuration file for the browser to cause the browser to trust the dynamic security certificate and inserts the dynamic security certificate into the browser to enable a client application to access encrypted data available to the browser. The method may be performed solely upon a user device or have portions thereof performed by a user device and a server.Type: GrantFiled: December 1, 2021Date of Patent: December 6, 2022Assignee: UAB 360 ITInventor: Margarita Sliachina
-
Patent number: 11522857Abstract: A video gateway device at a worksite (or other location) automatically locates cameras on the network, authenticates the gateway device with the cameras, and initiates streaming of a video stream (and/or other camera sensor data) from the cameras. For example, a worksite with existing cameras from multiple manufacturers, models, and/or capabilities may all be automatically registered with the video gateway devices through a series of automated communication and authentication attempts.Type: GrantFiled: May 27, 2022Date of Patent: December 6, 2022Assignee: Samsara Inc.Inventors: Jason Symons, Karthikram Rajadurai, Kathryn Siegel, Rhea Lin, Kelsey Michelle Lam, Vignesh Bhuvaneshwar Iyer, John Charles Bicket, Seamus Feider-Sullivan, Adam Eric Funkenbusch
-
Patent number: 11507685Abstract: Techniques described herein can allow users to share cached results of an original query with other users while protecting sensitive information. The techniques described herein can check whether the other users have access to the underlying data queried before allowing those users to see the stored query results. That is, the system may perform privilege checks on the shared users before giving them access to the stored query results but without having to re-run the original query.Type: GrantFiled: January 27, 2022Date of Patent: November 22, 2022Assignee: Snowflake Inc.Inventors: Damien Carru, Thierry Cruanes, Subramanian Muralidhar, Nicola Dan Onose, Ryan Michael Thomas Shelly, Brian Smith, Jaeyun Noh
-
Patent number: 11507913Abstract: A system and method for operating a terminal facility handling containers may comprise: a sensor set sensing containers entering and/or exiting the facility for providing container identification data and location data to a relational database; and container handling equipment having a sensor set for providing container identification data and location data to the database when a container is grasped and/or released. Sensors may sense when the equipment grasps and/or releases a container for storing a record thereof in the database, and/or geo-tagged identification data and location data relating to carriers that are to pick up and/or to deliver a container is received and stored as records in the database. The relational database contains records representing the current location of each container and each container handling equipment substantially in real time and can estimate arrival time.Type: GrantFiled: February 20, 2019Date of Patent: November 22, 2022Assignee: AVANTE INTERNATIONAL TECHNOLOGY, INC.Inventor: Kevin Kwong-Tai Chung
-
Patent number: 11494515Abstract: In general, various aspects of the present invention provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for mapping the existence of target data within computing systems in a manner that does not expose the target data to potential data-related incidents. In accordance with various aspects, a method is provided that comprises: receiving a source dataset that comprises a label assigned to a data element used by a data source in handling target data that identifies a type of target data and data samples gathered for the data element; determining, based on the label, that the data samples are to be anonymized; generating supplemental anonymizing data samples associated with the label that comprise fictitious occurrences of the type of the target data; generating a review dataset comprising the supplemental anonymizing data samples intermingled with the data samples; and sending the review dataset to a review computing system.Type: GrantFiled: February 8, 2022Date of Patent: November 8, 2022Assignee: OneTrust, LLCInventors: Kevin Jones, Saravanan Pitchaimani
-
Patent number: 11494498Abstract: A method for securing data in a storage grid is provided. The method includes generating a storage key from key shares of at least two storage clusters of a storage grid having at least three storage clusters and generating a grid key from the storage key and an external secret. The method includes encrypting data with the grid key to yield once encrypted data and encrypting the once encrypted data with the storage key to yield twice encrypted data. The method includes storing the twice encrypted data in a first storage cluster of the storage grid and storing the twice encrypted data in a second storage cluster of the storage grid, wherein at least one method operation is performed by a processor.Type: GrantFiled: April 28, 2020Date of Patent: November 8, 2022Assignee: Pure Storage, Inc.Inventors: Par Botes, John Hayes, Ethan Miller
-
Patent number: 11496377Abstract: An approach for detecting anomalous flows in a network using header field entropy. This can be useful in detecting anomalous or malicious traffic that may attempt to “hide” or inject itself into legitimate flows. A malicious endpoint might attempt to send a control message in underutilized header fields or might try to inject illegitimate data into a legitimate flow. These illegitimate flows will likely demonstrate header field entropy that is higher than legitimate flows. Detecting anomalous flows using header field entropy can help detect malicious endpoints.Type: GrantFiled: April 10, 2020Date of Patent: November 8, 2022Assignee: CISCO TECHNOLOGY, INC.Inventors: Navindra Yadav, Mohammadreza Alizadeh Attar, Shashidhar Gandham, Jackson Ngoc Ki Pang, Roberto Fernando Spadaro
-
Patent number: 11496496Abstract: A method at a network element for monitoring user plane traffic for a user equipment, the method including configuring a set of characteristics and a range of values for each of the set of characteristics for user plane traffic between the user equipment and the network element; monitoring user plane traffic for the user equipment at the network element, the monitoring determining whether at least one characteristic of the user plane traffic falls outside of the configured range of a values, resulting in a characteristic violation; and if the at least one characteristic of the user plane traffic falls outside the configured range of a values, performing an action resulting from the characteristic violation.Type: GrantFiled: April 28, 2020Date of Patent: November 8, 2022Assignee: BlackBerry LimitedInventors: Nicholas Patrick Alfano, Axel Ferrazzini, Dake He
-
Patent number: 11489849Abstract: A cybersecurity solution that includes a system, method, or computer program for detecting and remediating malicious code in a communicating device on a computer network that connects to the Internet through a proxy server. The solution includes an operating system arranged to monitor all computing resource (CR) processes on an operating system kernel on the communicating device, determine process parameters for each CR process, determine whether each CR process is a connecting CR process by determining whether it is connecting to the proxy server, compare at least one of the process parameters for each connecting CR process with a whitelist, generate an event notification when at least one process parameter for a connecting CR process does not match the whitelist, and remediate the connecting CR process that has the at least one process parameter.Type: GrantFiled: January 14, 2020Date of Patent: November 1, 2022Assignee: SAUDI ARABIAN OIL COMPANYInventor: Urfan Ahmed
-
Patent number: 11481517Abstract: Systems, methods, and software products, determine permission profiles for computer executable functions (functions). The systems, methods and software products, utilize both static analysis and dynamic analysis, in order to determine the minimal set of permissions based on the inter-relations between these two analysis methods, i.e., static analysis, and dynamic analysis, to determine the permission profiles for computer executable functions (functions).Type: GrantFiled: May 18, 2020Date of Patent: October 25, 2022Assignee: CHECK POINT SERVERLESS SECURITY LTD.Inventors: Hillel Solow, Shali Mor, Itay Harush, Benny Zemmour, Tsion Gonen
-
Patent number: 11481485Abstract: Methods for detecting insider threats are disclosed. A method includes collecting server access data and application access data, based on the server access data and the application access data, determining nearest neighbors of an employee, and based on the nearest neighbors of the employee, determining a peer group of the employee, determining an average rank distance (ARD) of the nearest neighbors based on a ranking of the nearest neighbors in a plurality of time periods, identifying ARD gaps between the nearest neighbors, and generating scores corresponding to the ARD gaps between the nearest neighbors. One or more employees are identified that represent an internal threat to an organization based on the scores corresponding to the ARD gaps.Type: GrantFiled: January 8, 2020Date of Patent: October 25, 2022Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Yuhang Wu, Yanhong Wu, Hossein Hamooni, Yu-San Lin, Hao Yang
-
Patent number: 11475234Abstract: A cluster visualization apparatus is disclosed. A cluster visualization apparatus according to the present disclosure includes a state detector configured to obtain state information of a cluster configured with a plurality of boxes, a display, and a controller configured to display a three-dimensional model image configured with a plurality of layers corresponding to a plurality of network layers and to display an image corresponding to each of the plurality of boxes over at least one layer of the plurality of layers, based on the state information.Type: GrantFiled: March 13, 2018Date of Patent: October 18, 2022Assignee: Gwangju Institute of Science and TechnologyInventors: Jong Won Kim, Taek Ho Nam
-
Patent number: 11468195Abstract: Embodiments of the present disclosure may provide a data clean room allowing secure data analysis across multiple accounts and across different regions and cloud providers. The data clean room may also restrict which data may be used in the analysis and may restrict the output. The overlap data may be anonymized to prevent sensitive information from being revealed. A version of a provider account can be created that is similar to a client account, such as in the same cloud type or the same region as the client database account. The client account can share data that is replicated to the provider account to complete client requests using an anonymized data and the cross reference table.Type: GrantFiled: December 16, 2021Date of Patent: October 11, 2022Assignee: Snowflake Inc.Inventors: Rachel Frances Blum, Justin Langseth, Michael Earle Rainey
-
Patent number: 11467565Abstract: An attack/abnormality detection device includes: a command extraction unit configured to extract elements having the same command destination as a command destination of an additionally received actual manufacturing command from among each of a set of normal manufacturing commands and a set of actual manufacturing commands, which contain information on a command destination and an arrival order, and are stored in a command storage region; and a detection unit configured to detect an attack or an abnormality by comparing details of the commands with each other for each arrival order of both extracted elements.Type: GrantFiled: January 25, 2017Date of Patent: October 11, 2022Assignee: Mitsubishi Electric CorporationInventors: Masashi Tatedoko, Tsuyoshi Higuchi, Kiyoto Kawauchi, Takeshi Yoneda
-
Patent number: 11463247Abstract: Generator of physically unclonable cryptographic keys (PUF) has two adjustable speed ring oscillators (GPRS, GPRS?), which outputs (o-GPRS, o-GPRS?) are connected to inputs (i1-DF, i2-DF) of a phase detector (DF), which output (o-DF) is connected to control inputs of the adjustable speed ring oscillators (s-GPRS, s-GPRS?) through a control system (US) and is also connected to a output (o-PUF) of the generator of physically unclonable cryptographic keys (PUF) through a sample and compare circuit (URP). Generator has a initializing input (i-UCH) connected to both initializing inputs of the adjustable speed ring oscillators (i-GPRS, GPRS?) and to the first input of the sample and compare circuit (i-URP), which second input (z-URP) is connected to the output (o-GPRS?) of one of adjustable speed ring oscillators (GPRS?).Type: GrantFiled: August 7, 2018Date of Patent: October 4, 2022Assignee: POLITECHNIKA WARSZAWSKAInventors: Krzysztof Golofit, Piotr Wieczorek
-
Patent number: 11461463Abstract: An information processing device according to the present invention includes: a memory; and at least one processor coupled to the memory. The processor performs operations. The operations includes: extracting, based on a first data extraction policy being a policy for extracting first processing data to be used for counting a first frequency related to a transmission source from communication data, the first processing data from the communication data; counting, based on a first counting policy being a policy for counting the first frequency relating to the transmission source in the first processing data, the first frequency related to the transmission source in the first processing data; and extracting, based on a first transmission-source extraction policy being a policy for extracting the transmission source and the first frequency, the transmission source.Type: GrantFiled: December 10, 2018Date of Patent: October 4, 2022Assignee: NEC CORPORATIONInventor: Ayaka Samejima