Patents Examined by Vance M Little
  • Patent number: 10411885
    Abstract: A method and system for group-oriented encryption and decryption that supports the implementation of the designation and revocation functions of decryption users in a large-scale group.
    Type: Grant
    Filed: November 5, 2015
    Date of Patent: September 10, 2019
    Assignee: UNIVERSITY OF SCIENCE AND TECHNOLOGY BEIJING
    Inventors: Yan Zhu, Feng Pu, Ruyun Yu, Dandan Li
  • Patent number: 10412099
    Abstract: Various systems, mediums, and methods may involve a data engine with various components. For example, a system with the data engine may include a segmentation component, an asset preparation component, a clustering component, a variable generation component, and classification component. As such, the system may determine a number of assets associated with a number of activities of one or more accounts. Further, the system may determine various links associated with the number of assets. As such, the system may detect an attack and/or an attack trend associated with the one or more accounts based on the various links associated with the number assets. Further, the system may generate a notification that indicates the attack and/or the attack trend detected.
    Type: Grant
    Filed: June 22, 2016
    Date of Patent: September 10, 2019
    Assignee: PayPal, Inc.
    Inventors: Adam Cohen, David Stein, Itzik Levi
  • Patent number: 10404697
    Abstract: The disclosed computer-implemented method for using vehicles as information sources for knowledge-based authentication may include (1) identifying a vehicle belonging to a user who is attempting to authenticate with an identity-verification authority, (2) acquiring analytic information about the vehicle, (3) generating, by analyzing the analytic information about the vehicle, at least one authentication question, where the correct response to the authentication question requires knowledge about the vehicle, (4) presenting the authentication question to the user, and (5) authenticating the identity of the user based on the user responding correctly to the authentication question. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: December 28, 2015
    Date of Patent: September 3, 2019
    Assignee: Symantec Corporation
    Inventors: Kevin Jiang, Ilya Sokolov, Bruce McCorkendale
  • Patent number: 10402109
    Abstract: In some embodiments, an apparatus includes a processor configured to receive an instruction to read a data file within a database and an identifier associated with the data file. The processor is also configured to identify, based on the identifier, a set of logical block identifiers associated with a set of storage locations of the database, and retrieve data stored at each storage location from the set of storage locations using the set of logical block identifiers. The processor is then configured to identify, based on the data stored at each storage location from the set of storage locations, a subset of storage locations from the set of storage locations. The data stored at each storage location from the subset of storage locations pertain to the data file. The processor is configured to compile the data file based on the data within the subset of storage locations.
    Type: Grant
    Filed: September 8, 2016
    Date of Patent: September 3, 2019
    Assignee: OverNest, Inc.
    Inventor: Edward Liang Yu
  • Patent number: 10389751
    Abstract: A mobile vehicle communications system and a method of determining the legitimacy of a wireless sensor signal received by an electronic control unit (ECU) in a vehicle. The method includes the steps of: receiving at the electronic control unit (ECU) a first wireless signal identified as being from a first vehicle sensor; performing a correlation procedure at the ECU using the first wireless signal; and based on the correlation procedure, determining whether the first wireless signal is a legitimate signal sent by the first vehicle sensor.
    Type: Grant
    Filed: May 9, 2015
    Date of Patent: August 20, 2019
    Assignee: GM Global Technology Operations LLC
    Inventors: Moshe Laifenfeld, Gill R. Tsouri
  • Patent number: 10372895
    Abstract: A method for providing a security environment. The method includes detecting user information from an accessory in response to detection of the accessory, performing security authentication with input security information if the user information is detected; and providing the security environment when the security authentication is successful.
    Type: Grant
    Filed: April 18, 2014
    Date of Patent: August 6, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Yung-Kwan Kim, Jong-Seok Kim
  • Patent number: 10375103
    Abstract: An automated scanning service can be configured to dynamically determine potential firewall misconfigurations in a shared resource environment. The scanning service can interrogate one or more application programming interfaces (APIs) to determine the state of the relevant firewall ports. For each firewall port in a permitted state, a test or trace can be run to determine whether the corresponding host port is open. Similarly, information can be obtained indicating which host ports for the allocation are open, and a determination can be made as to whether the corresponding firewall ports are permitted. Once the determinations are made, any mismatch in port state can be reported as a potential misconfiguration.
    Type: Grant
    Filed: September 26, 2016
    Date of Patent: August 6, 2019
    Assignee: AMAZON TECHNOLOGIES, INC.
    Inventor: Eric Jason Brandwine
  • Patent number: 10366224
    Abstract: An information handling system has a secure data storage partition allocation. Access to the secure storage partition is limited to a set of authorized functions authorized to access the secure storage partition. The authorization of a function may be determined by a unique identification corresponding to the function or a reverse trace.
    Type: Grant
    Filed: June 22, 2016
    Date of Patent: July 30, 2019
    Assignee: Dell Products, LP
    Inventors: Yogesh P. Kulkarni, Sundar Dasar, Sumanth Vidyadhara, Wei Liu, Satyajit D. Desai
  • Patent number: 10360097
    Abstract: A method includes receiving a retrieval request regarding an encoded key stream slice of a set of encoded key stream slices and an encoded and encrypted data slice of a set of encoded and encrypted data slices. The method further includes partially dispersed storage error decoding the encoded key stream slice to produce a partially decoded key stream vector. The method further includes partially dispersed storage error decoding the encoded and encrypted data slice to produce a partially decoded and encrypted data vector. The method further includes partially decrypting the partially decoded and encrypted data vector in accordance with the encryption function and based on the partially decoded key stream vector to produce a partially decrypted and decoded data vector. The method further includes sending the partially decrypted and encoded data vector to the requesting computing device.
    Type: Grant
    Filed: August 29, 2016
    Date of Patent: July 23, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jason K. Resch, Greg Dhuse
  • Patent number: 10356114
    Abstract: A method and a system of distinguishing between a human and a machine are disclosed. The method includes: when a request for accessing a designated network service is received, recording information of the request which include a time of receiving the request and information of an access object that sends the request; computing a statistical value of requests sent by the access object in real time based on a record; and determining the access object to be abnormal when the statistical value of the requests sent by the access object falls outside a predetermined normal range. The disclosed system of distinguishing between a human and a machine includes a recording module, a computation module and a determination module. Identification between humans and machines using the disclosed scheme is difficult to be cracked down and can improve an accuracy rate of human-machine identification.
    Type: Grant
    Filed: November 22, 2016
    Date of Patent: July 16, 2019
    Assignee: Alibaba Group Holding Limited
    Inventors: Yingfang Fu, Yudong Zhang, Zhenyuan Zhang, Jian Liu
  • Patent number: 10356612
    Abstract: One embodiment is an authentication method comprising on receiving a request from the web browser of the terminal, the request including a user identifier, obtaining authentication data that is associated with the user identifier and that is stored in a database of the internal network, configuring a proxy server authorizing access via the access security entity to the internal network for a determined set of connection parameters, generating a first application from the connection parameters of the set, which application is protected using at least one determined portion of the authentication data and being configured to, on being executed by the web browser, set up a connection between the terminal and the proxy server using the parameters, this being done in response to the at least determined portion of the authentication data being supplied and transmitting the first application to the web browser of the terminal.
    Type: Grant
    Filed: June 13, 2014
    Date of Patent: July 16, 2019
    Assignee: ORANGE
    Inventors: Ruan He, Jamil Chawki
  • Patent number: 10348737
    Abstract: An embodiment of the invention may include a method, computer program product and system for receiving a request from a user to access a system. The user requesting access has an associated job function. The embodiment of the invention may include determining an access window for the job function of the user. The access window for the job function is a range of time where historical usage of the system by one or more users having the job function is above a threshold amount. The embodiment of the invention may include determining whether a time of access of the request is within the access window. The embodiment of the invention may include granting access to the system based on determining that the time of access of the request is within the access window.
    Type: Grant
    Filed: March 8, 2016
    Date of Patent: July 9, 2019
    Assignee: International Business Machines Corporation
    Inventors: Denise A. Bell, Cristina Bonanni, Patrizia Manganelli, Randa Salem
  • Patent number: 10333713
    Abstract: A computer-implemented method validates Internet of Things (IoT) device firmware levels for peer-to-peer communication in a network using a peer-to-peer registry. Each device in an IoT is registered anonymously by utilizing a unique device identifier and a firmware level in a peer-to-peer registry. Communication rules are provided by the peer-to-peer registry based on the device type and firmware level of each of the devices, in order to validate IoT firmware device levels between the first device and the second device on a network. The first device utilizes a first zero knowledge communication authentication with the second device to get a first assessment and a first proof. The second device utilizes a second zero knowledge communication authentication with the first device to get a second assessment and a second proof. Communication between the first device and the second device via the network is disabled until all assessments are a pass.
    Type: Grant
    Filed: October 11, 2016
    Date of Patent: June 25, 2019
    Assignee: International Business Machines Corporation
    Inventors: Jeb R. Linton, Christopher M. Poulin
  • Patent number: 10326787
    Abstract: An anomaly detection system is provided and includes a processor, a memory and a security application stored in the memory and including instructions. The instructions are for collecting behavior data corresponding to users of an organization accessing cloud applications. The behavior data includes parameters tracked over time for the users. The instructions are for: creating a first model based on the behavior data tracked for the users; creating a second model corresponding to a first user based on the parameters tracked for the users except the first user, where the second model excludes behavior data pertaining to the first user; scoring the second model based on the first model to generate a first score; determining whether the first user is an outlier based on the first score; and removing the behavior data corresponding to the first user from the first model if the first user is an outlier.
    Type: Grant
    Filed: February 15, 2017
    Date of Patent: June 18, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Anton Wolkov, Shai Kaplan, Yonatan Most, Ido Bar Av
  • Patent number: 10326749
    Abstract: A computer-implemented method validates Internet of Things (IoT) device firmware levels for peer-to-peer communication in a network. Communication rules between a first device and a second device are utilized to establish a session to validate IoT device firmware levels between the first device and the second device on a network. The first device utilizes a first zero knowledge communication authentication with the second device to get a first assessment and a first proof. The second device utilizes a second zero knowledge communication authentication with the first device to get a second assessment and a second proof. Communication between the first device and the second device via the network is disabled until all assessments are a pass.
    Type: Grant
    Filed: October 11, 2016
    Date of Patent: June 18, 2019
    Assignee: International Business Machines Corporation
    Inventors: Jeb R. Linton, Christopher M. Poulin
  • Patent number: 10320768
    Abstract: Techniques for multi-protocol peer-to-peer connection are described. An apparatus may comprise a discovery component to discover a remote device using a first protocol, and receive discovery information from the remote device, the discovery information including protocol information. The apparatus may comprise an authentication component to authenticate the remote device. The apparatus may comprise a connection component to establish a peer-to-peer connection with the remote device using a second protocol based on the protocol information. Other embodiments are described and claimed.
    Type: Grant
    Filed: August 7, 2017
    Date of Patent: June 11, 2019
    Assignee: FACEBOOK, INC.
    Inventors: Yael Maguire, Damian Kowalewski, Bin Liu, Wai Davidgeolim Lim, Caitlin Elizabeth Kalinowski
  • Patent number: 10277607
    Abstract: An embodiment of the invention may include a method, computer program product and system for receiving a request from a user to access a system. The user requesting access has an associated job function. The embodiment of the invention may include determining an access window for the job function of the user. The access window for the job function is a range of time where historical usage of the system by one or more users having the job function is above a threshold amount. The embodiment of the invention may include determining whether a time of access of the request is within the access window. The embodiment of the invention may include granting access to the system based on determining that the time of access of the request is within the access window.
    Type: Grant
    Filed: May 31, 2016
    Date of Patent: April 30, 2019
    Assignee: International Business Machines Corporation
    Inventors: Denise A. Bell, Cristina Bonanni, Patrizia Manganelli, Randa Salem
  • Patent number: 10268807
    Abstract: A method for protecting a computer program product, the computer program product being configured for operation in an operating environment (e.g., a virtual operating environment), includes: detecting at least one operating parameter of the operating environment in which the computer program product is executed, the at least one operating parameter having been defined outside of the operating environment; comparing the detected at least one operating parameter to a comparison value stored for each operating parameter; and outputting a warning signal if a plurality of comparison results exceeds a predetermined threshold value, wherein the comparison results indicate an execution of the computer program product in a different operating environment.
    Type: Grant
    Filed: May 3, 2013
    Date of Patent: April 23, 2019
    Assignee: Siemens Aktiengesellschaft
    Inventors: Jörg Bartholdt, Sebastian Dippl
  • Patent number: 10250629
    Abstract: Captcha risk or score technique systems and methods are presented. A method can begin with extracting client information from the service request. The extracted client information may be used to determine if the client device has been identified as a computer bot. A captcha is also selected in response to the service request. Captcha instructions and expected captcha response are generated for the selected captcha. The captcha instructions are sent to the client device for processing and a captcha response from the client device may be received, which is compared to the expected response to determine based on the service policy if the client device is operating under control of a human user or operating autonomously. Risk levels may be associated with likelihood of the client device being a bot computer and operating autonomously or operating under control of a human user.
    Type: Grant
    Filed: May 8, 2015
    Date of Patent: April 2, 2019
    Assignee: A10 Networks, Incorporated
    Inventor: Micheal Thompson
  • Patent number: 10237074
    Abstract: In one implementation, a redactable document signature system includes an encoding engine, a reordering engine, and a signature engine. The encoding engine is to access a plurality of subdocuments of a document, to generate a plurality of commitment values from the plurality of subdocuments, and to generate a plurality of dummy values. Each dummy value is indistinguishable from a commitment value. The reordering engine is to define an order of the plurality of commitment values and the plurality of dummy values independent of an order of the subdocuments. The signature engine is to calculate a signature value for the document using the plurality of commitment values and the plurality of dummy values according to the order.
    Type: Grant
    Filed: April 8, 2014
    Date of Patent: March 19, 2019
    Assignee: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP
    Inventors: Stuart Haber, William G. Horne, Miaomiao Zhang