Patents Examined by Venkat Perungavoor
  • Patent number: 11838330
    Abstract: A system and method are described for information extraction from network traffic traces that are both encrypted and non-encrypted. The system includes a client computer and a remote computer, where the client computer communicates data over a network. The client computer sets a session key log file environment variable, such that when the client computer launches a supported browser, a session key log file (KLF) is created, computer network traffic traces are captured by retrieving data from encrypted traffic, and the KLF and captured traffic are periodically transferred to a remote server. A remote computer performs traffic mining to analyze the captured traffic traces and extract sensitive pieces of information.
    Type: Grant
    Filed: May 16, 2018
    Date of Patent: December 5, 2023
    Assignee: King Fahd University of Petroleum and Minerals
    Inventors: Ahmad Amro, Sultan Ahmad Almuhammadi
  • Patent number: 11838292
    Abstract: In one embodiment, a method is provided. The method includes receive, by a networking device, a request from a first computing device, to connect to the networking device. The method also includes creating a first network. The first network is one of a set of networks of the networking device. The first computing device is one of a set of computing devices that are connected to the network device. Each network of the set of networks is initially isolated from other networks of the set of networks when the network is created. Each network of the set of networks comprises a respective computing device of the set of computing devices. The method further includes assigning the first computing device to the first network.
    Type: Grant
    Filed: March 4, 2021
    Date of Patent: December 5, 2023
    Inventors: Andrew Samuel Cohen, Daniel Curtis Weller, Thomas Wasyl Martz, Kevin Michael Yeich, Raemar Antwarn Horne, Tyler James Bryant
  • Patent number: 11831660
    Abstract: Provided in the embodiments of the present disclosure are a blockchain-based method and system for handling domain name abuse. All network nodes in a public blockchain can report domain name abuse, and all network nodes receiving reported data are entitled to participate in the process of judging whether domain name abuse exists in the reported data. The public blockchain obtains a target judgment result of whether domain name abuse exists by means of integrating first judgment results of multiple identification nodes on whether domain name abuse exists in the reported data and credit value of each identification node. Alternatively, when the number of identification nodes in the public blockchain is less than a preset number of nodes, a consortium blockchain composed of regulatory agencies directly judges whether domain name abuse exists in the reported data, and the judgment result serves as the target judgment result.
    Type: Grant
    Filed: February 18, 2019
    Date of Patent: November 28, 2023
    Inventors: Hongtao Li, Yu Zeng, Guanggang Geng, Zhiwei Yan, Kejun Dong, Yong Chen
  • Patent number: 11799629
    Abstract: An apparatus comprises a processing device configured to determine an asset identifier for an information technology asset, to encrypt the asset identifier utilizing a public key of a first homomorphic encryption key pair, and to evaluate a first homomorphic encryption function for a first homomorphically encrypted access authorization object that takes as input the encrypted asset identifier and provides as output an encrypted access authorization identifier. The processing device is also configured to decrypt the access authorization identifier utilizing a secret key of the first homomorphic encryption key pair and, responsive to validating the access authorization identifier, to evaluate additional homomorphic encryption functions for additional homomorphically encrypted access authorization objects that return encrypted access authorization information.
    Type: Grant
    Filed: October 14, 2021
    Date of Patent: October 24, 2023
    Assignee: Dell Products L.P.
    Inventor: Shibi Panikkar
  • Patent number: 11792192
    Abstract: A method, node, wireless device and installation device are disclosed. In one or more embodiments, a node configured to operate a security virtual local area network (VLAN) and a customer VLAN independent from the security VLAN is provided. The security VLAN is configured to operate using a first network partition different from a second network partition used by the customer VLAN. The node includes processing circuitry configured to receive information from a first device requesting access to the node, determine whether to add a first device to the security VLAN based at least on the received information from the first device meeting a predefined criterion, and configure the first device to access one of the security VLAN and customer VLAN based at least on the determination.
    Type: Grant
    Filed: July 30, 2021
    Date of Patent: October 17, 2023
    Assignee: The ADT Security Corporation
    Inventor: Mark Reimer
  • Patent number: 11792230
    Abstract: Techniques for expressing, communicating, de-conflicting, and enforcing consistent access policies between an IBN architecture and a Cloud-Native architecture. Generally, network administrators and/or users of a Cloud-Native architecture and an IBN architecture express access policies independently for the two different domains or architectures. According to the techniques described herein, a Network Service Endpoint (NSE) of the Cloud-Native architecture may exchange access policies with a network device of the IBN architecture. After exchanging access policies, conflicts between the sets of access policies may be identified, such as differences between allowing or denying communications between microservices and/or applications. The conflicts may be de-conflicted using various types of heuristics or rules, such as always selecting an access policy of the IBN architecture when conflicts arise.
    Type: Grant
    Filed: September 13, 2021
    Date of Patent: October 17, 2023
    Assignee: Cisco Technology, Inc.
    Inventors: Thomas Szigeti, David J. Zacks, Walter Hulick, Shannon McFarland
  • Patent number: 11792193
    Abstract: Methods and systems for providing vendor agnostic captive portal authentication in a network that includes a plurality of network access devices are provided. For instance, one method includes receiving a redirect request for a communication between a first user-terminal and a first network access device, the redirect request including at least one of a vendor-specific item of information of the first network access device and an Internet Protocol (IP) address of the first network access device. The method further includes comparing the at least one of the vendor-specific item of information of the first network access device and the IP address of the first network access device against each of a plurality of entries of a network access device database, and providing the first user-terminal access to a captive portal page in response to an appropriate match.
    Type: Grant
    Filed: November 10, 2021
    Date of Patent: October 17, 2023
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Rajesh Kumar Ganapathy Achari, Anoop Kumaran Nair, Venkatesh Ramachandran, Pattabhi Attaluri, Bhagya Prasad Nittur, Antoni Milton
  • Patent number: 11783071
    Abstract: A multi-tenant computer system authenticates access to a shared datastore by a shared service running on the multi-tenant computer system. The shared service is operable to access the shared datastore to execute requests from a plurality of multi-tenant cloud computing services. The requests include an indication of a particular tenant and a particular tenant grouping indicator. Requests are authenticated by cryptographically verifying the request and verifying that the particular tenant is associated with the particular tenant grouping indicator. In response to authenticating a request, the shared service accesses the shared datastore to execute the first request.
    Type: Grant
    Filed: June 3, 2021
    Date of Patent: October 10, 2023
    Assignee: Salesforce, Inc.
    Inventors: Helen Kwong, Benjamin Busjaeger
  • Patent number: 11777912
    Abstract: A middleware system and corresponding methods are described whereby data communications, either inter-device or intra-device, are coordinated using a set of cryptographic identifiers that correspond to computing elements, such as interfaces, methods, parameters, classes, among others. The cryptographic identifiers are coupled to data messages being sent across the middleware system and processed to indicate adherence to protocol standards and/or to cause transformation of the data messages such that the receiver receives a data message adhering to their acceptable protocol standards.
    Type: Grant
    Filed: May 27, 2021
    Date of Patent: October 3, 2023
    Assignee: STEP SOFTWARE INC.
    Inventors: James Leo Freeman, Robert Jan Nijkamp
  • Patent number: 11775332
    Abstract: Systems and methods for memory isolation are provided. The methods include receiving a request to write a data line to a physical memory address, where the physical memory address includes a key identifier, selecting an encryption key from a key table based on the key identifier of the physical memory address, determining whether the data line is compressible, compressing the data line to generate a compressed line in response to determining that the data line is compressible, where the compressed line includes compression metadata and compressed data, adding encryption metadata to the compressed line, where the encryption metadata is indicative of the encryption key, encrypting a part of the compressed line with the encryption key to generate an encrypted line in response to adding the encryption metadata, and writing the encrypted line to a memory device at the physical memory address. Other embodiments are described and claimed.
    Type: Grant
    Filed: November 22, 2021
    Date of Patent: October 3, 2023
    Inventors: David M. Durham, Siddhartha Chhabra, Michael E. Kounavis
  • Patent number: 11777944
    Abstract: Authentication management by receiving a request to initiate an authentication from a computing device of a user, directing the request to a selected authentication service of a plurality of authentication services, wherein the selected authentication service is determined dynamically based on respective authentication metrics of the plurality of authentication services, receiving authentication information via the selected authentication service, and authenticating the user based on the received authentication information.
    Type: Grant
    Filed: June 29, 2021
    Date of Patent: October 3, 2023
    Assignee: International Business Machines Corporation
    Inventors: Feng Zhang, Peng Hui Jiang, Ting Yin, Jun Su, Zhe Hua Peng
  • Patent number: 11768951
    Abstract: The systems and methods of gesture triggered automatic erasure on a private network, comprising: securely connecting, embedding, sending information within one or more secure objects on the first computing device; detecting, by the first computing device, a signal as a zeroization trigger responsive to a user gesture; and sending, by the first computing device via the private network, a message informing the second computing device of the zeroization trigger, the message causing the second computing device to execute automatic erasure of the one or more secure objects stored on the second computing device; wherein: the second computing device belongs to a zeroization group; the message causing each member computing device belonging to the zeroization group to execute the automatic erasure of the one or more secure objects.
    Type: Grant
    Filed: December 16, 2021
    Date of Patent: September 26, 2023
    Inventor: Billy Gayle Moon
  • Patent number: 11768947
    Abstract: First data from a user device is received on an electronic computing device. The first data is encrypted to generate second data. The second data is fragmented and stored in a plurality of data stores.
    Type: Grant
    Filed: August 20, 2021
    Date of Patent: September 26, 2023
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Rameshchandra Bhaskar Ketharaju, Ravi Babu Bandla, Hem Shankar Karlapalem, Sarath Chava, Rama Rao Yadlapalli, Ajay Kumar Rentala, Vamsi Krishna Geda
  • Patent number: 11765132
    Abstract: An information processing apparatus includes a processor configured to transmit connection information regarding a repay apparatus to a terminal in a case where terminal unique information is received from the terminal subjected to network authentication performed by communication equipment of a carrier, and cause the terminal to connect to the relay apparatus using the connection information regarding the relay apparatus, where the relay apparatus is associated with the terminal unique information as an apparatus to be connected to a local network, and where the relay device is on a public network connected to a mobile carrier network provided by the carrier. If the relay apparatus successfully authenticates the terminal, the terminal and the relay apparatus are connected to each other over a virtual private network.
    Type: Grant
    Filed: May 4, 2021
    Date of Patent: September 19, 2023
    Assignee: FUJIFILM Business Innovation Corp.
    Inventor: Ichiro Sugiyama
  • Patent number: 11736479
    Abstract: One or more embodiments of the present specification relate to a data processing method for binding server accounts. An example method includes, in response to obtaining a binding request, determining a first account, and sending binding request feedback data to a terminal device. In response to obtaining binding object selection data that indicates a selection of candidate binding objects presented by the terminal device, a respective target binding object is determined for each selected candidate binding object, and a respective target server is determined for each target binding object. For each target server, the first account is bound to a second account of the target server.
    Type: Grant
    Filed: December 10, 2021
    Date of Patent: August 22, 2023
    Inventor: Haijian Jiang
  • Patent number: 11736445
    Abstract: The techniques herein are directed generally to personalized secure communication session management, such as for virtual private networks (VPNs). In one embodiment, a user is authenticated at a client device to verify that the user is present at the client device and authorized to access one or more secured resources, and in response, a secure communication session is established for the client device to access the secured resources. At a later time during the secure communication session, it is determined whether the user is still authenticated at the client device, such that if so, access to the one or more secured resources is maintained on the secure communication session, or else access is restricted to the one or more secured resources (e.g., the session is terminated, or access is otherwise limited).
    Type: Grant
    Filed: March 12, 2021
    Date of Patent: August 22, 2023
    Inventors: Michael Joseph Frendo, Robert Taylor Bartlett, Alexander John Shockley, James M. Behmke
  • Patent number: 11736458
    Abstract: A method for managing information handling systems includes obtaining, by a stackable system role (SSR) manager of an information handling system, an SSR instruction, performing an encoding on the SSR instruction using a public key to obtain an encoded instruction value, providing an encoded SSR instruction to a local hardware resource manager of the information handling system, wherein the encoded SSR instruction comprises the SSR instruction and the encoded instruction value, obtaining, from the hardware resource manager, a response, wherein the response specifies whether the encoded SSR instruction is valid, and based on the response, initiating an execution of the SSR instruction.
    Type: Grant
    Filed: April 23, 2021
    Date of Patent: August 22, 2023
    Assignee: Dell Products L.P.
    Inventors: Lucas Avery Wilson, Dharmesh M. Patel
  • Patent number: 11722489
    Abstract: Aspects of the present invention disclose a method, computer program product, and system for management and usage of shared authentication credentials. The method includes one or more processors updating usage information associated with an authentication credential with a media access control address (MAC address) that corresponds to a computing device that corresponds to using the authentication credential. The method further includes one or more processors receiving a login request that includes the authentication credential from a computing device. The method further includes one or more processors fetching a MAC address of the computing device that sent the login request. The method further includes one or more processors validating the authentication credentials and the MAC address.
    Type: Grant
    Filed: December 18, 2020
    Date of Patent: August 8, 2023
    Assignee: KYNDRYL, INC.
    Inventors: Anuj Kumar Garg, Kuntal Dey, Jeffrey Robert Stangeland, Sanju Soman Chathoth Kurungara, Himanshu Gaur
  • Patent number: 11722469
    Abstract: A protocol that is managed by a coordinating network element or third-party intermediary or peer network elements and utilizes tokens prohibits any subset of a union of the coordinating network element or third-party intermediary, if any, and a proper subset of the processors involved in token generation from substantively accessing underlying data. By one approach, processors utilize uniquely-held secrets. By one approach, an audit capability involves a plurality of processors. By one approach, the protocol enables data transference and/or corroboration. By one approach, transferred data is hosted independently of the coordinating network element. By one approach, the coordinating network element or third-party intermediary or a second requesting network element is at least partially blinded from access to tokens submitted by a first requesting network element. By one approach, a third-party intermediary uses a single- or consortium-sourced database.
    Type: Grant
    Filed: January 23, 2023
    Date of Patent: August 8, 2023
    Assignee: Springcoin, Inc.
    Inventors: David William Kravitz, Mollie Zechlin Halverson, Matthew Benjamin Smith
  • Patent number: 11711402
    Abstract: Lawful intercept is supported by providing a network communications device target identifiers in encrypted form. Received encrypted target identifiers are stored in a non-volatile storage device. Before communications interception occurs, one or more encrypted target identifiers are loaded into active memory which is secure and not accessible by a network device operating system administrator. A decryption request is sent to a security device and the result loaded into the secure active memory. Plain text target identifier(s) returned by the security device are loaded directly into the active memory without being stored in the operating system administrator accessible storage device. In the case of a reset resulting in the contents of the active memory being lost, the active memory is repopulated by sending decryption requests using the stored encrypted target identifiers to indicate to the security device the target identifiers which need to be decrypted and reloaded into active memory.
    Type: Grant
    Filed: May 22, 2021
    Date of Patent: July 25, 2023
    Assignee: Charter Communications Operating, LLC
    Inventor: Girard Hoffpauir, IV