Patents Examined by Tri M Tran
  • Patent number: 11558365
    Abstract: A method for securing and authorizing sensitive operations is described. A computing device may receive a first authentication factor from a second computing device based on a request from the second computing device to authorize an operation; upon validating the first authentication factor, send to at least the second computing device and a third computing device, a request for a second authentication factor; and authorize the operation based on validating the second authentication factor from the second computing device or from the third computing device, or from both.
    Type: Grant
    Filed: October 10, 2017
    Date of Patent: January 17, 2023
    Assignee: NortonLifeLock Inc.
    Inventor: Bruce McCorkendale
  • Patent number: 11552954
    Abstract: Management of IoT devices through a private cloud. An IoT device is coupled to a gateway. A request from the IoT device to connect to a private cloud, wherein the private cloud is used to manage IoT devices, is received at a private cloud control center agent. An identification of the IoT device is determined. The IoT device is onboarded, using the identification, for management through the private cloud. A device profile of the IoT device is generated. The flow of data to and from the IoT device is regulated through application of IoT rules according to the device profile of the IoT device.
    Type: Grant
    Filed: July 23, 2019
    Date of Patent: January 10, 2023
    Assignee: Palo Alto Networks, Inc.
    Inventors: Xu Zou, Jianlin Zeng, Mei Wang
  • Patent number: 11528142
    Abstract: The described embodiments relate to data protection methods, systems, and computer program products. A process-based encrypted data access policing system is proposed based on methods of encrypted data file management, process authentication and authorization, Trojan detection for authorized processes, encryption key generation and caching, and encrypted-file cache management. The process-based encrypted data access policing system may be implemented as a kernel level file system filter and a user-mode filter companion application, which polices the reading/writing of encrypted data in either a server system or an endpoint computer and protects data from data breaches and known or unknown attacks including ransomware and/or phishing attacks.
    Type: Grant
    Filed: October 10, 2017
    Date of Patent: December 13, 2022
    Assignee: BICDROID INC.
    Inventors: En-Hui Yang, Xiang Yu, Jin Meng
  • Patent number: 11528268
    Abstract: A machine-assisted method for verifying a video presence that includes: receiving, at a computing device of an identity provider, an authentication request initially sent from a requester to access an account managed by a relying party, different from the identity provider; retrieving, from the authentication request, at least a portion of a video stream feed initially from the requester, to the computing device, the portion of video stream feed portraying a face of the requester; extracting the face of the requester from the portion of the video stream feed; providing a directive to the requester soliciting a corresponding gesture; and receiving a response gesture from the requester.
    Type: Grant
    Filed: August 3, 2020
    Date of Patent: December 13, 2022
    Assignee: IDEMIA IDENTITY & SECURITY USA LLC
    Inventor: Thiagarajan Saravanan
  • Patent number: 11520885
    Abstract: A method and apparatus for using a dynamic security certificate. The method analyzes a browser to access browser information and generates a dynamic security certificate based on the browser information. The method modifies a configuration file for the browser to cause the browser to trust the dynamic security certificate and inserts the dynamic security certificate into the browser to enable a client application to access encrypted data available to the browser. The method may be performed solely upon a user device or have portions thereof performed by a user device and a server.
    Type: Grant
    Filed: December 1, 2021
    Date of Patent: December 6, 2022
    Assignee: UAB 360 IT
    Inventor: Margarita Sliachina
  • Patent number: 11522857
    Abstract: A video gateway device at a worksite (or other location) automatically locates cameras on the network, authenticates the gateway device with the cameras, and initiates streaming of a video stream (and/or other camera sensor data) from the cameras. For example, a worksite with existing cameras from multiple manufacturers, models, and/or capabilities may all be automatically registered with the video gateway devices through a series of automated communication and authentication attempts.
    Type: Grant
    Filed: May 27, 2022
    Date of Patent: December 6, 2022
    Assignee: Samsara Inc.
    Inventors: Jason Symons, Karthikram Rajadurai, Kathryn Siegel, Rhea Lin, Kelsey Michelle Lam, Vignesh Bhuvaneshwar Iyer, John Charles Bicket, Seamus Feider-Sullivan, Adam Eric Funkenbusch
  • Patent number: 11507685
    Abstract: Techniques described herein can allow users to share cached results of an original query with other users while protecting sensitive information. The techniques described herein can check whether the other users have access to the underlying data queried before allowing those users to see the stored query results. That is, the system may perform privilege checks on the shared users before giving them access to the stored query results but without having to re-run the original query.
    Type: Grant
    Filed: January 27, 2022
    Date of Patent: November 22, 2022
    Assignee: Snowflake Inc.
    Inventors: Damien Carru, Thierry Cruanes, Subramanian Muralidhar, Nicola Dan Onose, Ryan Michael Thomas Shelly, Brian Smith, Jaeyun Noh
  • Patent number: 11507913
    Abstract: A system and method for operating a terminal facility handling containers may comprise: a sensor set sensing containers entering and/or exiting the facility for providing container identification data and location data to a relational database; and container handling equipment having a sensor set for providing container identification data and location data to the database when a container is grasped and/or released. Sensors may sense when the equipment grasps and/or releases a container for storing a record thereof in the database, and/or geo-tagged identification data and location data relating to carriers that are to pick up and/or to deliver a container is received and stored as records in the database. The relational database contains records representing the current location of each container and each container handling equipment substantially in real time and can estimate arrival time.
    Type: Grant
    Filed: February 20, 2019
    Date of Patent: November 22, 2022
    Assignee: AVANTE INTERNATIONAL TECHNOLOGY, INC.
    Inventor: Kevin Kwong-Tai Chung
  • Patent number: 11494515
    Abstract: In general, various aspects of the present invention provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for mapping the existence of target data within computing systems in a manner that does not expose the target data to potential data-related incidents. In accordance with various aspects, a method is provided that comprises: receiving a source dataset that comprises a label assigned to a data element used by a data source in handling target data that identifies a type of target data and data samples gathered for the data element; determining, based on the label, that the data samples are to be anonymized; generating supplemental anonymizing data samples associated with the label that comprise fictitious occurrences of the type of the target data; generating a review dataset comprising the supplemental anonymizing data samples intermingled with the data samples; and sending the review dataset to a review computing system.
    Type: Grant
    Filed: February 8, 2022
    Date of Patent: November 8, 2022
    Assignee: OneTrust, LLC
    Inventors: Kevin Jones, Saravanan Pitchaimani
  • Patent number: 11494498
    Abstract: A method for securing data in a storage grid is provided. The method includes generating a storage key from key shares of at least two storage clusters of a storage grid having at least three storage clusters and generating a grid key from the storage key and an external secret. The method includes encrypting data with the grid key to yield once encrypted data and encrypting the once encrypted data with the storage key to yield twice encrypted data. The method includes storing the twice encrypted data in a first storage cluster of the storage grid and storing the twice encrypted data in a second storage cluster of the storage grid, wherein at least one method operation is performed by a processor.
    Type: Grant
    Filed: April 28, 2020
    Date of Patent: November 8, 2022
    Assignee: Pure Storage, Inc.
    Inventors: Par Botes, John Hayes, Ethan Miller
  • Patent number: 11496377
    Abstract: An approach for detecting anomalous flows in a network using header field entropy. This can be useful in detecting anomalous or malicious traffic that may attempt to “hide” or inject itself into legitimate flows. A malicious endpoint might attempt to send a control message in underutilized header fields or might try to inject illegitimate data into a legitimate flow. These illegitimate flows will likely demonstrate header field entropy that is higher than legitimate flows. Detecting anomalous flows using header field entropy can help detect malicious endpoints.
    Type: Grant
    Filed: April 10, 2020
    Date of Patent: November 8, 2022
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Navindra Yadav, Mohammadreza Alizadeh Attar, Shashidhar Gandham, Jackson Ngoc Ki Pang, Roberto Fernando Spadaro
  • Patent number: 11496496
    Abstract: A method at a network element for monitoring user plane traffic for a user equipment, the method including configuring a set of characteristics and a range of values for each of the set of characteristics for user plane traffic between the user equipment and the network element; monitoring user plane traffic for the user equipment at the network element, the monitoring determining whether at least one characteristic of the user plane traffic falls outside of the configured range of a values, resulting in a characteristic violation; and if the at least one characteristic of the user plane traffic falls outside the configured range of a values, performing an action resulting from the characteristic violation.
    Type: Grant
    Filed: April 28, 2020
    Date of Patent: November 8, 2022
    Assignee: BlackBerry Limited
    Inventors: Nicholas Patrick Alfano, Axel Ferrazzini, Dake He
  • Patent number: 11489849
    Abstract: A cybersecurity solution that includes a system, method, or computer program for detecting and remediating malicious code in a communicating device on a computer network that connects to the Internet through a proxy server. The solution includes an operating system arranged to monitor all computing resource (CR) processes on an operating system kernel on the communicating device, determine process parameters for each CR process, determine whether each CR process is a connecting CR process by determining whether it is connecting to the proxy server, compare at least one of the process parameters for each connecting CR process with a whitelist, generate an event notification when at least one process parameter for a connecting CR process does not match the whitelist, and remediate the connecting CR process that has the at least one process parameter.
    Type: Grant
    Filed: January 14, 2020
    Date of Patent: November 1, 2022
    Assignee: SAUDI ARABIAN OIL COMPANY
    Inventor: Urfan Ahmed
  • Patent number: 11481517
    Abstract: Systems, methods, and software products, determine permission profiles for computer executable functions (functions). The systems, methods and software products, utilize both static analysis and dynamic analysis, in order to determine the minimal set of permissions based on the inter-relations between these two analysis methods, i.e., static analysis, and dynamic analysis, to determine the permission profiles for computer executable functions (functions).
    Type: Grant
    Filed: May 18, 2020
    Date of Patent: October 25, 2022
    Assignee: CHECK POINT SERVERLESS SECURITY LTD.
    Inventors: Hillel Solow, Shali Mor, Itay Harush, Benny Zemmour, Tsion Gonen
  • Patent number: 11481485
    Abstract: Methods for detecting insider threats are disclosed. A method includes collecting server access data and application access data, based on the server access data and the application access data, determining nearest neighbors of an employee, and based on the nearest neighbors of the employee, determining a peer group of the employee, determining an average rank distance (ARD) of the nearest neighbors based on a ranking of the nearest neighbors in a plurality of time periods, identifying ARD gaps between the nearest neighbors, and generating scores corresponding to the ARD gaps between the nearest neighbors. One or more employees are identified that represent an internal threat to an organization based on the scores corresponding to the ARD gaps.
    Type: Grant
    Filed: January 8, 2020
    Date of Patent: October 25, 2022
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Yuhang Wu, Yanhong Wu, Hossein Hamooni, Yu-San Lin, Hao Yang
  • Patent number: 11475234
    Abstract: A cluster visualization apparatus is disclosed. A cluster visualization apparatus according to the present disclosure includes a state detector configured to obtain state information of a cluster configured with a plurality of boxes, a display, and a controller configured to display a three-dimensional model image configured with a plurality of layers corresponding to a plurality of network layers and to display an image corresponding to each of the plurality of boxes over at least one layer of the plurality of layers, based on the state information.
    Type: Grant
    Filed: March 13, 2018
    Date of Patent: October 18, 2022
    Assignee: Gwangju Institute of Science and Technology
    Inventors: Jong Won Kim, Taek Ho Nam
  • Patent number: 11468195
    Abstract: Embodiments of the present disclosure may provide a data clean room allowing secure data analysis across multiple accounts and across different regions and cloud providers. The data clean room may also restrict which data may be used in the analysis and may restrict the output. The overlap data may be anonymized to prevent sensitive information from being revealed. A version of a provider account can be created that is similar to a client account, such as in the same cloud type or the same region as the client database account. The client account can share data that is replicated to the provider account to complete client requests using an anonymized data and the cross reference table.
    Type: Grant
    Filed: December 16, 2021
    Date of Patent: October 11, 2022
    Assignee: Snowflake Inc.
    Inventors: Rachel Frances Blum, Justin Langseth, Michael Earle Rainey
  • Patent number: 11467565
    Abstract: An attack/abnormality detection device includes: a command extraction unit configured to extract elements having the same command destination as a command destination of an additionally received actual manufacturing command from among each of a set of normal manufacturing commands and a set of actual manufacturing commands, which contain information on a command destination and an arrival order, and are stored in a command storage region; and a detection unit configured to detect an attack or an abnormality by comparing details of the commands with each other for each arrival order of both extracted elements.
    Type: Grant
    Filed: January 25, 2017
    Date of Patent: October 11, 2022
    Assignee: Mitsubishi Electric Corporation
    Inventors: Masashi Tatedoko, Tsuyoshi Higuchi, Kiyoto Kawauchi, Takeshi Yoneda
  • Patent number: 11463247
    Abstract: Generator of physically unclonable cryptographic keys (PUF) has two adjustable speed ring oscillators (GPRS, GPRS?), which outputs (o-GPRS, o-GPRS?) are connected to inputs (i1-DF, i2-DF) of a phase detector (DF), which output (o-DF) is connected to control inputs of the adjustable speed ring oscillators (s-GPRS, s-GPRS?) through a control system (US) and is also connected to a output (o-PUF) of the generator of physically unclonable cryptographic keys (PUF) through a sample and compare circuit (URP). Generator has a initializing input (i-UCH) connected to both initializing inputs of the adjustable speed ring oscillators (i-GPRS, GPRS?) and to the first input of the sample and compare circuit (i-URP), which second input (z-URP) is connected to the output (o-GPRS?) of one of adjustable speed ring oscillators (GPRS?).
    Type: Grant
    Filed: August 7, 2018
    Date of Patent: October 4, 2022
    Assignee: POLITECHNIKA WARSZAWSKA
    Inventors: Krzysztof Golofit, Piotr Wieczorek
  • Patent number: 11461463
    Abstract: An information processing device according to the present invention includes: a memory; and at least one processor coupled to the memory. The processor performs operations. The operations includes: extracting, based on a first data extraction policy being a policy for extracting first processing data to be used for counting a first frequency related to a transmission source from communication data, the first processing data from the communication data; counting, based on a first counting policy being a policy for counting the first frequency relating to the transmission source in the first processing data, the first frequency related to the transmission source in the first processing data; and extracting, based on a first transmission-source extraction policy being a policy for extracting the transmission source and the first frequency, the transmission source.
    Type: Grant
    Filed: December 10, 2018
    Date of Patent: October 4, 2022
    Assignee: NEC CORPORATION
    Inventor: Ayaka Samejima