Patents Examined by Walter J. Malinowski
  • Patent number: 10778680
    Abstract: Methods, apparatuses, and computer program products are provided in order to protect user information by applying fingerprint signature authentication to a webpage being accessed by user. A method is provided comprising generating a user fingerprint signature in accordance with a user's local cookie information of a current website and original URLs of all webpages of the current web site related to the user to generate encrypted URLs of all webpages of the current website related to the user and having the generated user fingerprint signature; and in response to an access request to the encrypted URLs by the user, verifying the user, wherein verifying the user comprises determining based, at least in part, on the generated user fingerprint signature, whether the user has authority to access the encrypted URLs. A corresponding apparatus and computer program product are also provided.
    Type: Grant
    Filed: June 27, 2014
    Date of Patent: September 15, 2020
    Assignee: ALIBABA GROUP HOLDING LIMITED
    Inventor: Jie Liang
  • Patent number: 10764323
    Abstract: A system, method, and computer program product are provided for isolating services of a communication network in response to a distributed denial of service attack. In use, an indication of a detection of a distributed denial of service (DDoS) attack directed at one or more resources of a communication network is received. Additionally, at least one first network service associated with the communication network that is subject to the DDoS attack is identified. Further, the at least one first network service associated with the communication network that is subject to the DDoS attack is isolated.
    Type: Grant
    Filed: December 21, 2015
    Date of Patent: September 1, 2020
    Assignee: AMDOCS DEVELOPMENT LIMITED
    Inventors: Eyal Felstaine, Ofer Hermoni, Itzik Kitroser, Shmuel Ur
  • Patent number: 10728043
    Abstract: In one example, an apparatus such as an authorization server and method for secure communication between constrained devices issues cryptographic communication rights among a plurality of constrained devices. Each of the plurality of constrained devices comprises no more than one cryptographic algorithm code module per cryptographic function. The method includes receiving a cryptographic communication rights request associated with at least a first of the plurality of constrained devices in response to a cryptographic algorithm update request, and includes providing a response including an identification of a subset of the plurality of constrained devices that have cryptographic communication rights with the identified first of the plurality of constrained devices. A software update server then updates the cryptographic code modules in the sub-set of the plurality of constrained devices.
    Type: Grant
    Filed: July 20, 2016
    Date of Patent: July 28, 2020
    Assignee: Entrust, Inc.
    Inventor: Timothy Edward Moses
  • Patent number: 10701036
    Abstract: A method for containing a threat in network environment using dynamic firewall policies is provided. In one example embodiment, the method can include detecting a threat originating from a first node having a source address in a network, applying a local firewall policy to block connections with the source address, and broadcasting an alert to a second node in the network. In more particular embodiments, an alert may be sent to a network administrator identifying the source address and providing remedial information. In yet other particular embodiments, the method may also include applying a remote firewall policy to the first node blocking outgoing connections from the first node.
    Type: Grant
    Filed: June 27, 2016
    Date of Patent: June 30, 2020
    Assignee: McAfee, LLC
    Inventors: Manabendra Paul, Praveen Ravichandran Sudharma
  • Patent number: 10685131
    Abstract: A method for authenticating a user identity asserted from a client device may include receiving information that asserts a user identity including a user identifier, accessing external data stores to receive data rows that are associated with the user identity, and accessing monitoring systems to receive data vectors. The monitoring systems may monitor transmissions to receiving systems, the data vectors may include numerical target values for the receiving systems, and the data vectors may be accessed using the user identifier. The method may also include determining whether the data rows can be matched to the data vectors, and based on that determination, authenticating the user identity.
    Type: Grant
    Filed: February 5, 2018
    Date of Patent: June 16, 2020
    Assignee: RockLoans Marketplace LLC
    Inventors: Todd Lunsford, Dan Smith, Rodney Golpe
  • Patent number: 10680816
    Abstract: A system for improving the data security during a communication process, including at least one processor and a hardware security module. The communication data is authenticated prior to a transmission process, and the authenticity of the communication data is checked upon being received. The authentication is carried out by the processor, and the authentication check is carried out by the hardware security module, wherein the communication data is car-to-X messages. The processor and the hardware security module are linked via a common secret element such that at least the hardware security module cannot be coupled to another processor.
    Type: Grant
    Filed: March 25, 2015
    Date of Patent: June 9, 2020
    Assignee: Continental Teves AG & Co. oHG
    Inventors: Henrik Antoni, Torsten Martin, Stefan Römmele, Marc Menzel
  • Patent number: 10667134
    Abstract: Embodiments include method, systems and computer program products for credential management. Aspects include obtaining a first biometric information by a first processing device, wherein the first processing device has stored one or more credentials. Then, responsive to obtaining the first biometric information, the method determines whether the first biometric information is valid. The method then creates, via the first processing device, an ad-hoc network based upon the determination that the first biometric information is valid. The method, then receives a second biometric information from a second processing device through the ad-hoc network. And, then the method analyzes the second biometric information to determine whether the second biometric information is valid.
    Type: Grant
    Filed: November 21, 2016
    Date of Patent: May 26, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Debbie A. Anglin, Yu Gu, Su Liu
  • Patent number: 10657241
    Abstract: A method of providing a user with an option to access a protected system by satisfying a reduced security measure is disclosed. An attempt by the user to access the protected system is detected. It is detected that a first security token system is within a first proximity to the protected system. Based on the detecting of the attempt by the user to access the protected system and the detecting that the first security token system is within the first proximity, the user is provided with the option to access the protected system by satisfying the reduced security measure.
    Type: Grant
    Filed: March 6, 2017
    Date of Patent: May 19, 2020
    Assignee: EBAY INC.
    Inventor: Eric J. Farraro
  • Patent number: 10523635
    Abstract: Obtaining, in association with origination of outbound network traffic to be sent by a system, user account information of a user account on behalf of which the outbound network traffic is generated, and performing filtering of the outbound network traffic based on the obtained user account information of the user account on behalf of which the outbound network traffic is generated, where the filtering is further based on one or more rules, and the filtering includes determining whether to block or allow sending of the outbound network traffic from the system.
    Type: Grant
    Filed: June 17, 2016
    Date of Patent: December 31, 2019
    Assignee: ASSURED INFORMATION SECURITY, INC.
    Inventors: Jared Wright, Jacob Torrey
  • Patent number: 10515231
    Abstract: Relationships between data in database tables are obfuscated. An input data set is divided into two database tables with corresponding rows. A key field if created in a second one of the tables, and for each row, the field is populated with a value generated with a one-way function, using a unique value associated with the corresponding row of the first one of the tables as an input. The two tables are stored in a data store, so that the data in corresponding rows may be associated only with access to the one way function, and the unique value associated with a row of the first table.
    Type: Grant
    Filed: November 8, 2013
    Date of Patent: December 24, 2019
    Assignee: SYMCOR INC.
    Inventor: John Wall
  • Patent number: 10489589
    Abstract: In one respect, there is provided a system for training a neural network adapted for classifying one or more scripts. The system may include at least one processor and at least one memory. The memory may include program code that provides operations when executed by the at least one processor. The operations may include: reducing a dimensionality of a plurality of features representative of a file set; determining, based at least on a reduced dimensional representation of the file set, a distance between a file and the file set; and determining, based at least on the distance between the file and the file set, a classification for the file. Related methods and articles of manufacture, including computer program products, are also provided.
    Type: Grant
    Filed: November 21, 2016
    Date of Patent: November 26, 2019
    Assignee: Cylance Inc.
    Inventors: Michael Wojnowicz, Matthew Wolff, Aditya Kapoor
  • Patent number: 10410005
    Abstract: A system and method for electronic signature validation is provided. Embodiments may include analyzing at least one government identification document, wherein analyzing includes authenticating the at least one government identification document. Embodiments may further include extracting personally identifiable information pertaining to a user from the at least one government identification document and displaying a digital copy of a document to be signed to the user. Embodiments may also include capturing an electronic signature of the document by the user and receiving personally identifiable information, wherein the personally identifiable information pertains to the user and enables the user to be uniquely identified. Embodiments may further transmitting a document signing transaction session.
    Type: Grant
    Filed: July 19, 2016
    Date of Patent: September 10, 2019
    Assignee: Notarize, Inc.
    Inventors: Patrick A. Kinsel, Adam Pase
  • Patent number: 10404747
    Abstract: A system for detecting malicious activity in networks, including a deception manager having administrative credentials for a network, planting deceptions within network hosts, and distributing a decoy agent to each endemic decoy host (EDH), each deception including information regarding decoy communication ports of an EDH, each EDH having a group of ports, referred to as decoy ports, for connection by an attacker from a network host that the attacker has breached, wherein each decoy agent is programmed to alert the deception management server, and to proxy communication with the attacker to a trap server, in response to the decoy agent identifying the attacker attempting a connection to the decoy agent's EDH via one of the decoy ports, and a forensic collector that collects, from the breached network host, forensics of the attacker's activity, when the decoy agent acts as a proxy between the attacker and the trap server.
    Type: Grant
    Filed: July 24, 2018
    Date of Patent: September 3, 2019
    Assignee: ILLUSIVE NETWORKS LTD.
    Inventors: Tom Sela, Magal Baz
  • Patent number: 10402621
    Abstract: A system includes a fingerprint sensor, an application processor, and an auxiliary processor. The application processor is operable to arm the fingerprint sensor prior to the application processor entering a low power or sleep mode. The auxiliary processor is to receive a state output from the fingerprint sensor. The state output is to cause activation of one or more functions of the auxiliary processor upon fingerprint authentication while leaving the application processor in the low power or sleep mode.
    Type: Grant
    Filed: October 30, 2017
    Date of Patent: September 3, 2019
    Assignee: Google Technology Holdings LLC
    Inventors: Thomas Y. Merrell, Jeffrey A. Sierawski
  • Patent number: 10348755
    Abstract: The disclosed computer-implemented method for detecting network security deficiencies on endpoint devices may include (i) detecting, at a network device, a request from an endpoint device to automatically connect to a wireless network, (ii) establishing, via the network device, a network connection between the endpoint device and a wireless network that appears to be the wireless network requested by the endpoint device but is not actually the requested wireless network, (iii) determining, based on establishing the network connection between the endpoint device and the wireless network that appears to be the requested wireless network, that the endpoint device is vulnerable to network attacks, and then (iv) facilitating, via the network connection, a security action on the endpoint device to protect the endpoint device against the network attacks. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: June 30, 2016
    Date of Patent: July 9, 2019
    Assignee: Symantec Corporation
    Inventors: Michael Shavell, Kevin Jiang, Jose Reyes
  • Patent number: 10284600
    Abstract: A managed container may be configured to manage enterprise applications, manage enterprise information stored on a device, manage a protected storage area used by the managed container to store and reference the enterprise applications during execution, and manage a database storing enterprise rules related to management of the enterprise applications and the enterprise information. The managed container may communicate with an application gateway server to control download and update of the enterprise applications, the enterprise information, and the enterprise rules. The application gateway server may be coupled to a backend enterprise application. At least one of the enterprise applications may be configured to execute in conjunction with the backend enterprise application according to at least one of the enterprise rules, and is configured to, according to another one of the enterprise rules, manage the enterprise information associated with the backend enterprise application.
    Type: Grant
    Filed: May 15, 2017
    Date of Patent: May 7, 2019
    Assignee: Open Text SA ULC
    Inventors: Gregory Beckman, Robert Laird, Alain Gagne
  • Patent number: 10176323
    Abstract: The present application discloses a method, an apparatus and a terminal for detecting a malware file. One embodiment of the method comprises: obtaining a file to be inspected; determining an entropy vector of the file; and inspecting the entropy vector of the file using a trained inspection model to determine if the file is a malware file, wherein a file type of the file is identical to the file type corresponding to the inspection model. This embodiment extracts the entropy vector of the file and determines if the file is a malware file based on the entropy vector of the file. Therefore, the technical problems existed in the art, such as a low speed, a poor capacity and a low efficiency of detecting and destroying the malware file, are addressed and the efficiency of detecting and destroying the malware file is enhanced.
    Type: Grant
    Filed: December 31, 2015
    Date of Patent: January 8, 2019
    Assignee: IYUNTIAN CO., LTD.
    Inventors: Zhuang Zhang, Changkun Zhao, Liang Cao, Zhiqiang Dong
  • Patent number: 10171648
    Abstract: A mobile device management system that monitors the security state of one or more mobile devices and sets indicators related to such security state. Enterprise network applications, such as an email application, can access the security state information when making access control decisions with respect to a given mobile device.
    Type: Grant
    Filed: September 11, 2014
    Date of Patent: January 1, 2019
    Assignee: MOBILE IRON, INC.
    Inventors: Joshua Glenn Broch, Ratnarekha Singamsetty, Jesse Wagner Lindeman, Suresh Kumar Batchu
  • Patent number: 10171243
    Abstract: A method begins by a first device generating a self-validating message by creating a master key, using the master key to create a message encryption key, encrypting a message using the message encryption key to produce an encrypted message, encrypting the master key using a public key of a second device to produce an encrypted master key, and including a message authentication code of the first device in the self-validating message. The method continues by the second device receiving and decoding the self-validating message by verifying the message authentication code of the first device, and when the message authentication code of the first device is verified, decrypting the encrypted master key using a private key of the second device to recover the master key, using the master key to create the message encryption key, and decrypting the encrypted message using the message encryption key to recover the message.
    Type: Grant
    Filed: June 2, 2017
    Date of Patent: January 1, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Wesley Leggette, Jason K. Resch
  • Patent number: 10171501
    Abstract: A remote wipe message or notification may be sent from a server computer to one or more target client devices associated with a user. A managed container running on a target client device associated with the user and having a managed cache storing content managed by or through the server computer may, in response to the remote wipe message or notification, deleting the managed content or a portion thereof from its managed cache. The managed container may send back an acknowledgement or message to the server computer that it had completed the remote wipe. The remote wipe functionality can avoid having to deal with individual applications running on the client device and therefore can eliminate the complexity of having to deal with individual applications. Furthermore, the remote wipe can be done independently of the local operating system and without affecting non-managed information/applications on the client device.
    Type: Grant
    Filed: September 19, 2014
    Date of Patent: January 1, 2019
    Assignee: Open Text SA ULC
    Inventors: Gregory Beckman, Robert Laird, Alain Gagne