Patents Examined by Trong Nguyen
  • Patent number: 11488007
    Abstract: Mechanisms are provided for synthesizing a computer implemented neural network. An initially trained neural network is received and modified by introducing a new hidden layer of neurons and new connections that connect the new hidden layer of neurons to an output layer and a previous layer of neurons previously directly connected to the output layer of neurons to generate a modified neural network. The modified neural network is trained through one or more epochs of machine learning to generate modified weight values for the new connections and the new connections are pruned based on the modified weight values to remove a subset of the new connections and leaving remaining connections in the modified neural network. A merge operation is performed on the remaining connections in the modified neural network to generate a custom convolution filter and modified neural network. The modified neural network is then retrained for deployment.
    Type: Grant
    Filed: December 6, 2019
    Date of Patent: November 1, 2022
    Assignee: International Business Machines Corporation
    Inventors: Mihir Choudhury, Atin Sood, Ruchir Puri
  • Patent number: 11321611
    Abstract: Authenticity of Artificial Intelligence (AI) results may be verified by creating, for an AI system, from a plurality of original inputs to form a plurality of original inference results, a plurality of original signatures of representative elements of an internal state of the AI system constructed from each individual original inference result of the plurality of original inference results. During deployment of the AI system, a matching of a plurality of deployment time inference results with a plurality of deployment time signatures, to the plurality of original signatures and the plurality of original inference results, may be verified.
    Type: Grant
    Filed: October 3, 2018
    Date of Patent: May 3, 2022
    Assignee: International Business Machines Corporation
    Inventors: Frank Liu, Bishop Brock, Thomas S. Hubregtsen
  • Patent number: 10129268
    Abstract: A method for verifying trusted communication between an agent device and an application providing apparatus using a registry apparatus. The registry apparatus maintains a device registry comprising authentication information for uniquely authenticating at least one agent device. The method includes the steps of obtaining from the device registry the authentication information for the agent device identified by a device identifier specified in an the authentication request from the agent device, performing verification of the agent device using the authentication information obtained from the device registry, and if the verification is not successful, transmitting to at least one of the agent device and the application providing apparatus revocation information for denying the trusted communication between the agent device and the application providing apparatus.
    Type: Grant
    Filed: September 2, 2015
    Date of Patent: November 13, 2018
    Assignee: ARM Limited
    Inventors: Norbert David, Szymon Sasin
  • Patent number: 10073743
    Abstract: In some examples, a data backup system may comprise a removable data storage item, wherein a manufacturer of the removable data storage item creates and stores an encryption key on the removable data storage item before the removable data storage item is shipped to an end user; a tamper-evident packaging including the removable data storage item, wherein the removable data storage item comprises a decryption key stored on a memory device accessible by disturbing the tamper-evident packaging; and a data transfer device to receive the removable data storage item, read the encryption key from the removable data storage item, encrypt backup data using the encryption key, and store the encrypted backup data on the removable data storage item.
    Type: Grant
    Filed: December 21, 2015
    Date of Patent: September 11, 2018
    Assignee: Hewlett Packard Enterprise Development LP
    Inventor: Andrew Topham
  • Patent number: 10069814
    Abstract: Single sign on technology enables shared access to a protected service, such as an application, from a plurality of dynamically associated computing devices. After logging into the application from one of the computing device, a user may access the application from the other computing devices without re-authentication. A user may also log out from the application from any of the computing device. Unique machine identifications, such as device DNA, for identifying each of the computing devices are used in, for example, a method, apparatus (such as a login server) and computer program product. A single session may be shared across multiple computing devices. The same authentication token, such as a SAML token, may also be used for all of the computing devices having the same user session.
    Type: Grant
    Filed: October 28, 2014
    Date of Patent: September 4, 2018
    Assignee: CA, Inc.
    Inventors: Jameel Ahmed Kaladgi, Mohammed Mujeeb Kaladgi
  • Patent number: 10049227
    Abstract: A computer-implemented method for controlling the expression of a block of data from a sensitive data storage device, the method including the steps of receiving from a software application a request to transfer the block of data from the source sensitive data storage device for expression at a destination device, determining a data mask indicator for the block of data, applying a limited expression format based upon the data mask indicator, and expressing the block of data at the destination device in the limited expression format, such as to facilitate protecting or masking sensitive data. The method may further include allowing a user to request revelation of a masked portion of the block of data, recording in a memory log user activity relating to such revelation request(s) of the user, and providing regular reports and/or administrative alerts relating to such logged user activity.
    Type: Grant
    Filed: September 3, 2015
    Date of Patent: August 14, 2018
    Assignee: State Farm Mutual Automobile Insurance Company
    Inventor: Kirk W. Sampson
  • Patent number: 10039002
    Abstract: Various technologies described herein pertain to utilization of shared Wi-Fi. For instance, network access rights of a Wi-Fi network can be controlled by a mobile device of a point of contact for the Wi-Fi network. Moreover, utilization of a Wi-Fi network can be tracked and usage data indicative of historic utilization of the Wi-Fi network can be retained. Further, groups of users between whom Wi-Fi credentials are shared can be created.
    Type: Grant
    Filed: November 4, 2013
    Date of Patent: July 31, 2018
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Shai Guday, David Neil MacDonald, Tyler Edward Hennessy, Sidharth Nabar, Brent Edward Ford
  • Patent number: 10031679
    Abstract: The systems and methods disclosed herein transparently provide an improved scalable cloud-based dynamically adjustable or configurable storage volume. In one aspect, a gateway provides a dynamically or configurably adjustable storage volume, including a local cache. The storage volume may be transparently adjusted for the amount of data that needs to be stored using available local or cloud-based storage. The gateway may use caching techniques and block clustering to provide gains in access latency compared to existing gateway systems, while providing scalable off-premises storage.
    Type: Grant
    Filed: November 23, 2015
    Date of Patent: July 24, 2018
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini
  • Patent number: 10025944
    Abstract: The variable domain data access control system and method described herein use the same variable domain to describe a data security model and a variable domain data model, such as a product configuration model. A variable domain is a set of resource data that can be described using a logical relationship data structure. The variable domain utilizes logical relationship expressions, such as a Boolean logic language, to define resource data in terms of parts, rules and/or attributes, and any other property that can be accessed for viewing, manipulation, or other purposes. The data security model represents an access control list (ACL) that includes security attributes as resource data and uses the same data structure and logical relationship expressions as an associated variable domain data model. An application, such as a configuration engine, can be used to create controlled access to the variable domain data model using the data security model.
    Type: Grant
    Filed: February 17, 2015
    Date of Patent: July 17, 2018
    Assignee: Versata Development Group, Inc.
    Inventors: Jacy M. Legault, Jon Loyens
  • Patent number: 10019561
    Abstract: Methods and systems for authenticating a user are described. In some embodiments, a series of voice interactions are received from a user during a voiceline session. Each of the voice interactions in the series of voice interaction may be analyzed as each of the voice interactions are received. A confidence level in a verification of an identity of the user may be determined based on the analysis of each of the voice interactions. An access level for the user may be automatically updated based on the confidence level of the verification of the identity of the user after each of the voice interactions is received.
    Type: Grant
    Filed: September 17, 2014
    Date of Patent: July 10, 2018
    Assignee: United Services Automobile Association (USAA)
    Inventors: John Shelton, Michael Wayne Lester, Debra Randall Casillas, Sudarshan Rangarajan, Maland Keith Mortensen
  • Patent number: 10021118
    Abstract: Methods, systems, and computer program products for predicting an account takeover tsunami using dump quakes are disclosed. A computer-implemented method may include analyzing activity for a plurality of user accounts based on detecting an abnormal increase in system activity, determining the abnormal increase in the system activity is associated with account validation attacks performed by an unauthorized party, identifying attributes of a plurality of user accounts associated with the account validation attacks, searching online locations using the identified attributes of the user accounts to find a data breach source, monitoring the online locations periodically based on the identified attributes of the user accounts to detect future publication of a dump of private user data, sending a notification to another organization in advance of the publication of the dump of private user data to allow the other organization to adjust security of one or more other systems in advance.
    Type: Grant
    Filed: September 1, 2015
    Date of Patent: July 10, 2018
    Assignee: PayPal, Inc.
    Inventors: Bradley Wardman, Ryan A. Carrico, Igor Bulavko
  • Patent number: 10021143
    Abstract: A service provider computing environment includes a service provider computing device, which receives tenant secrets policies from tenants. The tenants are tenants of multi-tenant assets of a service provider. One or more data security zones in which the multi-tenant assets are located are identified. A service provider secrets policy includes data security jurisdiction zone secrets policy data for the one or more data security jurisdiction zones. The data security jurisdiction zone secrets policy data is analyzed to determine allowed secrets data with respect to each of the identified data security jurisdiction zones. The service provider computing environment determines of the tenant secrets policies satisfy the requirements of the service provider secrets policy. If the tenant secrets policies satisfy the requirements of the service provider secrets policy, the service provider computing environment allows the tenant secrets policies to be applied to tenant data or information in the multi-tenant assets.
    Type: Grant
    Filed: February 3, 2016
    Date of Patent: July 10, 2018
    Assignee: Intuit Inc.
    Inventors: Luis Felipe Cabrera, M. Shannon Lietz
  • Patent number: 10021121
    Abstract: Techniques for notification of reassembly-free file scanning are described herein. According to one embodiment, a first request for accessing a document provided by a remote node is received from a client. In response to the first request, it is determined whether a second request previously for accessing the document of the remote node indicates that the requested document from the remote node contains offensive data. If the requested document contains offensive data, a message is returned to the client, without accessing the requested document of the remote node, indicating that the requested document is not delivered to the client.
    Type: Grant
    Filed: October 4, 2016
    Date of Patent: July 10, 2018
    Assignee: SonicWALL Inc.
    Inventors: Aleksandr Dubrovsky, Igor Korsunsky, Roman Yanovsky, Boris Yanovsky
  • Patent number: 10015011
    Abstract: The anti-diversity concept for secure communication on a two-link compound channel provides secure communication over two parallel communication channels. The message is split into two separate bit sequences by a source splitter. An error correction encoder (110) is applied to the two bit sequences to provide two code words for two channels (122, 124), such that left and right halves of an error correction code matrix respectively corresponds to the two parallel signal channels (122, 124). For the left half of the error correction code matrix, an upper left matrix block is a random permutation matrix, an upper right block is the identity matrix, and the bottom right matrix block is a random matrix of column and row weight greater than or equal to one. The bottom left matrix block is a column permutation of the bottom right, random matrix block. The right half error correction code matrix is a similar, symmetric structure.
    Type: Grant
    Filed: February 24, 2015
    Date of Patent: July 3, 2018
    Inventors: Joseph Jean Boutros, Volkan Dedeoglu, Matthieu R. Bloch
  • Patent number: 9998492
    Abstract: Provided are a processing method for a Network Address Translation, NAT, technology, an NAT device and a BNG device, the method includes: the NAT device determining whether or not session establishment of a UE reaches a preset threshold, and notifying the BNG device to execute a security strategy for the UE if the session establishment of the UE reaches the preset threshold, wherein the security strategy is used for stopping the attack behavior of the UE and informing the UE of the attack behavior of the UE. In the disclosure, the technical problem in the related art that the user lodges complaints against the operator for the abnormal behavior of the host user is solved, thus by reminding the user to check the security of the host user, the disclosure increases the utilization rate of the NAT device and improves user experience.
    Type: Grant
    Filed: August 27, 2013
    Date of Patent: June 12, 2018
    Assignee: ZTE CORPORATION
    Inventors: Liang Fan, Bo Yuan
  • Patent number: 9996708
    Abstract: A processing system includes a processing core and a hardware accelerator communicatively coupled to the processing core. The hardware accelerator includes a data register having a plurality of data bits and a key register having a plurality of key bits. The hardware accelerator also includes a data mode selector module to select one of an encrypt mode or a decrypt mode for processing the plurality of data bits. The hardware accelerator further includes a key mode selector module to select one of the encrypt mode or the decrypt mode for processing the plurality of key bits.
    Type: Grant
    Filed: June 26, 2015
    Date of Patent: June 12, 2018
    Assignee: Intel Corporation
    Inventors: Sudhir K. Satpathy, Sanu K. Mathew, Kirk S. Yap, Vinodh Gopal
  • Patent number: 9992205
    Abstract: Methods and systems for performing one or more operations on a first computing device are disclosed. A method includes receiving, from a second computing device via a short-range wireless communication, a service session setup request and an identifier of one of the second computing device and an associated user of the second computing device. The method further includes determining whether to authorize the service session setup request based on the identifier. Then in response to determining to authorize the service session setup request, a service session may be established between the first and the second computing devices. The method also includes receiving one or more service instructions that are allowable based on the identifier. The method furthermore includes performing, at the first computing device, the one or more operations based on the service instructions.
    Type: Grant
    Filed: June 2, 2015
    Date of Patent: June 5, 2018
    Assignee: LENOVO ENTERPRISE SOLUTIONS (SINGAPORE) PTE. LTD.
    Inventors: Shiva R. Dasari, William L. Jaeger, Sumeet Kochar, Doug Oliver, William B. Schwartz
  • Patent number: 9984215
    Abstract: A method of obtaining password data for entry to an application running on a device. The method may include running a password manager application on a device. The password manager application may identify one or more applications installed on the device. The password manager application may display the identified applications on a display of the device. The password manager application may receive a user selection of a displayed application. The password manager application may determine whether an entry exists for the selected application in a memory associated with the password manager application. If no entry exists, the password manager application may generate an entry comprising password data for the selected application. If an entry exists, the password manager application may retrieve password data relating to the selected application.
    Type: Grant
    Filed: November 4, 2013
    Date of Patent: May 29, 2018
    Assignee: F-Secure Corporation
    Inventor: Jarno Niemela
  • Patent number: 9985783
    Abstract: An information processing apparatus including a hardware security module includes a verification unit configured to verify whether an encryption key of the hardware security module is usable and a disabling unit configured to disable a user authentication function if the verification unit verifies that the encryption key is not usable.
    Type: Grant
    Filed: August 31, 2015
    Date of Patent: May 29, 2018
    Assignee: Canon Kabushiki Kaisha
    Inventor: Naoya Kakutani
  • Patent number: 9959417
    Abstract: A technique for preventing selected sets of data words from unauthorized transmission out of the secure perimeter of a computer system is disclosed. A set of security rules is applied to an outgoing data message and if one of the set of rules is triggered, at least a portion of the message is transmitted to a central server that is within the secure perimeter, for scanning by another set of security rules. The central server then sends a security command back to the remote device, which executes the security command before transmitting the outgoing message out of the secure perimeter of the computer system.
    Type: Grant
    Filed: June 22, 2015
    Date of Patent: May 1, 2018
    Assignee: Workshare, Ltd.
    Inventors: Scott More, Ilya Beyer