Patents Examined by Wasika Nipa
  • Patent number: 12147573
    Abstract: Protecting sensitive data from unauthorized disclosure is provided. For example, systems, methods, and computer readable storage devices are described that may be operable or configured to tokenize sensitive data attributes that may be included in a data file received from a client. Tokens that are anonymized but representative of the attributes may be generated and mapped to the sensitive data attributes. A tokenized data file may be de-tokenized and re-tokenized to perform processes that require the sensitive data attributes. A document may be transformed to protect the sensitive data attributes while reducing risk of disclosure of the sensitive data.
    Type: Grant
    Filed: December 16, 2021
    Date of Patent: November 19, 2024
    Assignee: REVSPRING, INC.
    Inventors: Lino Etollo Carnesecca, Shawn Michael Mox, Scott Andrew Astheimer, Eric Edward Martin, Cliff Lee Curtis, Jesse Alan Yeager, Miguel Dawson
  • Patent number: 12141313
    Abstract: A computer-implemented method to inject security semantics into database queries. The method includes receiving, by a database system, a query, wherein the query is received from a host and the query is generated by a first user account. The method also includes, generating an access plan for the query. The method further includes, determining a first portion of the access plan matches a first security syntax. The method includes, injecting, in response to determining the first portion of the access plan matches the first security syntax, the first security syntax into the access plan. The method further includes, executing the query. The method includes, returning a set of results of the query to the host.
    Type: Grant
    Filed: August 12, 2020
    Date of Patent: November 12, 2024
    Assignee: International Business Machines Corporation
    Inventors: Shuo Li, Xiaobo Wang, Sheng Yan Sun, Xing Xing Jing
  • Patent number: 12143480
    Abstract: Systems, apparatuses, methods, and computer program products are disclosed for secure communication based on random key derivation. An example method includes receiving an initial symmetric key shared between the key depot device and a host device. The method also includes receiving seed data shared between the key depot device and the host device. The method also includes establishing a connection to a client device. The method also includes generating, by key derivation circuitry of the key depot device, a first symmetric key based at least on a portion of the seed data. The method also includes causing transmission of the first symmetric key to the client device. The method also includes generating a key allocation indication that identifies an authentication target and comprises an indication of the generation of the first symmetric key. The method also includes causing transmission of the key allocation indication to the host device.
    Type: Grant
    Filed: June 13, 2022
    Date of Patent: November 12, 2024
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Peter Bordow, Jeff J. Stapleton
  • Patent number: 12135808
    Abstract: Disclosed herein are system, method, and computer program product embodiments for managing the dissemination of documents using downstream control. A document linking system may facilitate the creation of a document link, graphical document link, and/or a corresponding document token. This link may be distributed downstream via messages, emails, or other applications. The document linking system may track document interactions, trace locations, and/or control individualized downstream access. The document linking system may provide instructions to a document delivery system to integrate a plugin or widget into its corresponding application (e.g., a messaging or email application). A user using the application may select a GUI object to access the document linking system and generate a document link. This link may then be embedded into a message or email and disseminated. The document linking system may also generate graphical document links that may be scanned with a camera to access the document.
    Type: Grant
    Filed: June 21, 2021
    Date of Patent: November 5, 2024
    Assignee: ShelterZoom Corp.
    Inventors: Chao Cheng-Shorland, Amir Homayoun Alishahi
  • Patent number: 12126713
    Abstract: Systems, methods, and computer program products are provided for quantum computing (QC) detection. An example QC detection system includes QC detection data generation circuitry that generates QC detection data. The QC detection system also includes cryptographic circuitry that distorts the QC detection data via a first post-quantum cryptographic (PQC) technique and generates a pair of asymmetric cryptographic keys including a public cryptographic key and a private cryptographic key. The cryptographic circuitry further generates encrypted QC detection data based on the pair of asymmetric cryptographic keys and destroys the private cryptographic key. The QC detection system further includes data monitoring circuitry that monitors a set of data environments for electronic information related to the encrypted QC detection data.
    Type: Grant
    Filed: January 17, 2020
    Date of Patent: October 22, 2024
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Ramanathan Ramanathan, Andrew J. Garner, IV, Abhijit Rao, Pierre Arbajian, Michael Erik Meinholz, Omar B. Khan, Ramesh Yarlagadda
  • Patent number: 12111952
    Abstract: Method, system, and programs provide automatic anonymization of protected data items when a request is associated with authentication via a ticket. Ticket authentication includes sending a ticket to a recipient address. The ticket is included in a request for information. Responsive to receiving a request with a ticket, an example system may determine if the ticket is still valid and, if so, generate mock identifiers for any identifiers in information provided back to the requestor, replace the identifiers with their corresponding mock identifiers, as well as delete any protected information from the information provided back to the requestor. The system may store a mapping of the identifiers with their mock identifiers by session id. These mappings may be deleted after a predetermined time, so that the mapping is valid only for a particular session for a limited time.
    Type: Grant
    Filed: September 24, 2020
    Date of Patent: October 8, 2024
    Assignee: DrFirst.com, Inc.
    Inventor: Christian Nichols
  • Patent number: 12086290
    Abstract: Systems, apparatuses and methods include technology that generates a signature based on one or more characteristics of an artificial intelligence (AI) model. The AI model is in a source code. The technology generates a compiled blob based on the AI model and embeds an identifier based on the signature into a metadata field of the compiled blob.
    Type: Grant
    Filed: August 19, 2021
    Date of Patent: September 10, 2024
    Assignee: Intel Corporation
    Inventors: Yamini Nimmagadda, Akhila Vidiyala, Suryaprakash Shanmugam
  • Patent number: 12086285
    Abstract: A method of providing a data disclosure to a requester can include: receiving a data subject request from a requester, the data subject request including a request for stored personal data; categorizing the element data into one of a plurality of tiers based on a sensitivity level of the element data; assigning an assigned tier to the element data and associated data values; determining a level of detail of the associated data values for each of the element data to provide based on the assigned tier; and providing a data disclosure report to the requester, wherein the data disclosure report includes the level of detail of data values for each of the element data based on the assigned tier.
    Type: Grant
    Filed: June 29, 2020
    Date of Patent: September 10, 2024
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Damien Guenther, Chris McClennen, Joy Middleton-Saulny
  • Patent number: 12074908
    Abstract: This application discloses a cyber threat deception method and system, and a forwarding device. The forwarding device obtains a deception target set, where the deception target set includes a deception target, and the deception target includes an unused internet protocol (IP) address or an unopened port number on a used IP address. The forwarding device receives an IP packet from a host, and determines whether a destination party that the IP packet requests to access belongs to the deception target set. If the destination party that the IP packet requests to access belongs to the deception target set, the forwarding device sends the IP packet to a honeypot management server. The forwarding device receives a response packet, returned by the honeypot management server, of the corresponding IP packet. The forwarding device sends the response packet to the host.
    Type: Grant
    Filed: July 7, 2021
    Date of Patent: August 27, 2024
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Huazhi Yang, Donghui Wang
  • Patent number: 12067149
    Abstract: Use of embedded metadata for data privacy compliance is provided. In a data store, self-managed data is maintained including metadata specifying retention policy data. Responsive to a self-update to scrub PII from the self-managed data being indicated by the retention policy data, the PII is removed from the self-managed data maintained by the data store. Responsive to a self-update to delete the self-managed data from the self-managed data being indicated by the retention policy data, the self-managed data is removed from the data store.
    Type: Grant
    Filed: May 11, 2021
    Date of Patent: August 20, 2024
    Assignee: FORD GLOBAL TECHNOLOGIES, LLC
    Inventors: David Michael Herman, Jon Speigle, Brian Tamm
  • Patent number: 12063226
    Abstract: The present disclosure relates to a system, method, and computer program for graph-based multi-stage attack detection in which alerts are displayed in the context of tactics in an attack framework, such as the MITRE ATT&CK framework. The method enables the detection of cybersecurity threats that span multiple users and sessions and provides for the display of threat information in the context of a framework of attack tactics. Alerts spanning an analysis window are grouped into tactic blocks. Each tactic block is associated with an attack tactic and a time window. A graph is created of the tactic blocks, and threat scenarios are identified from independent clusters of directionally connected tactic blocks in the graph. The threat information is presented in the context of a sequence of attack tactics in the attack framework.
    Type: Grant
    Filed: September 24, 2021
    Date of Patent: August 13, 2024
    Assignee: Exabeam, Inc.
    Inventors: Derek Lin, Domingo Mihovilovic, Sylvain Gil
  • Patent number: 12058176
    Abstract: A connection-based service impersonates request-based security for requests from clients that do not include credentials for the requests (e.g., data plane requests made via a connection-oriented security). A connection between a client and a connection-based service is established based on connection credentials that are based on security credentials from a request-based security service. The credentials are sent by a security component of the service to a local agent of the remote security service to be authenticated by the security service. An impersonation token is returned by the security service and cached by the local agent. Requests from the client to perform operations do not include credentials. For each request, the service passes an identifier for the client and the operation to a local authorization component that calls the agent for authorization of the requested operation. The agent uses the impersonation token to obtain authorization for the requested operation.
    Type: Grant
    Filed: January 28, 2021
    Date of Patent: August 6, 2024
    Assignee: Amazon Technologies, Inc.
    Inventors: Gokul Ramanan Subramanian, Sayantan Chakravorty, Dennis Tighe, Carlos Alessandro Chiconato, Damian Wylie
  • Patent number: 12047496
    Abstract: Noncustodial techniques for granular encryption and decryption are provided. One example method can include receiving a selection of a data object for encryption from a plurality of data objects in a data package via a user interface; receiving a message from a remote server; generating an encryption key for the data object using the message; encrypting the data object with the encryption key to create an encrypted data object; storing the at least one portion of the message associated with the encrypted data object in a metadata file; encrypting the metadata file using a user encryption key to create an encrypted metadata file; and transmitting the encrypted data object and the encrypted metadata file to a database for storage.
    Type: Grant
    Filed: January 24, 2023
    Date of Patent: July 23, 2024
    Assignee: CORSALI, INC.
    Inventors: Anna Kazlauskas, Zachary Donald Hay, Kahtaf Alam, Daniel Rasmuson
  • Patent number: 12034862
    Abstract: A key exchange technique of performing a key exchange among N (?2) parties, which can conceal metadata on communication, is provided. A key exchange method includes: a first key generation step in which a communication device Ui generates a first key; a first anonymous broadcast step in which the communication device Ui anonymously broadcasts the first key with a set R-{Ui} being designated for i?{1, . . . , n} and the communication device Ui anonymously broadcasts the first key with ? being designated for i?{n+1, . . . , N}; a second key generation step in which the communication device Ui generates a second key; a second anonymous broadcast step in which the communication device Ui anonymously broadcasts the second key with the set R-{Ui} being designated for i?{1, . . . , n} and the communication device Ui anonymously broadcasts the second key with ? being designated for i?{n+1, . . . , N}; and a session key generation step in which the communication device Ui generates a session key SK for i?{1, . . .
    Type: Grant
    Filed: June 29, 2022
    Date of Patent: July 9, 2024
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Reo Yoshida, Tetsutaro Kobayashi, Yuto Kawahara, Hitoshi Fuji, Kazuki Yoneyama
  • Patent number: 12003541
    Abstract: Based on analyzing a serverless function associated with a first role, a set of security permissions granted to the serverless function is identified based on the first role and a first attribute of the serverless function. A least privilege role indicating a set of least privilege security permissions for the serverless function is generated based, at least in part, on the first attribute. Based on comparing the least privilege role with the first role, it is determined if the set of security permissions granted to the serverless function is more permissive than the set of least privilege security permissions. Based on determining that the set of security permissions granted to the serverless function is more permissive than the set of least privilege security permissions, the first role is reported as over-permissive.
    Type: Grant
    Filed: July 1, 2018
    Date of Patent: June 4, 2024
    Assignee: Twistlock Ltd.
    Inventors: Avraham Shulman, Ory Segal, Shaked Yosef Zin
  • Patent number: 12003622
    Abstract: The disclosed technology relates to using a blockchain to manage files and ownership thereof for a file sharing and storage service. The blockchain can also record and track edits to the files. The file sharing and storage service can automatically analyze the files to identify various visual features and subjects, and record metadata thereof to the blockchain.
    Type: Grant
    Filed: October 11, 2023
    Date of Patent: June 4, 2024
    Assignee: OSOM PRODUCTS, INC.
    Inventors: Gary Anderson, Nicholas Franco, Jason Sean Gagne-Keats
  • Patent number: 12001557
    Abstract: Example implementations include a method of requesting an instruction block associated with one or more instructions and located at one or more addresses of a system memory, obtaining the instruction block from the system memory, generating a hash of the instruction block, obtaining an expected hash associated with the instruction block, comparing the expected hash with the generated hash, in accordance with a determination that the expected hash matches the generated hash, generating a first validation response associated with the instruction block.
    Type: Grant
    Filed: December 17, 2020
    Date of Patent: June 4, 2024
    Assignee: Renesas Electronics America Inc.
    Inventors: Taimour Wehbe, Marc Adas
  • Patent number: 11989329
    Abstract: A system and method for privacy policy enforcement to ensure reconciliation between users communicating via an open system interconnection (OSI) communication architecture, with receiving of a privacy policy for at least one user's device and a usage policy for at least one user, receiving encryption codes, receiving private data from a first user to be sent to a second user, encrypting by a first server the received data, receiving a privacy policy enforcement vector, and performing selective decryption, by a second server, for each data segment, wherein data segments that correspond to a match between the privacy policy and usage policy are decrypted, and wherein at least one of the first server and the second server is external to the first user and second user.
    Type: Grant
    Filed: May 18, 2021
    Date of Patent: May 21, 2024
    Assignee: Privacy Rating Ltd.
    Inventors: Yoseph Koren, Yehonatan Wasserman
  • Patent number: 11989302
    Abstract: A system, method, and apparatus are provided for securely controlling operations of a data processing system in which security subsystem is activated to provide security services by responding to a security service request, evaluating the request against an adjustable set of system security policies to determine if the security service request is granted access to a protected asset, by generating a response to the security service request using the protected asset if the security service request is granted access to the protected asset, by adjusting a security access policy for the protected asset in the adjustable set of system security policies, and by sending the response from the security subsystem to the external application subsystem.
    Type: Grant
    Filed: June 8, 2021
    Date of Patent: May 21, 2024
    Inventors: Sören Heisrath, Fabrice Poulard, Marius Rotaru
  • Patent number: 11985250
    Abstract: A key exchange technique of performing a key exchange among N (?2) parties, which can conceal metadata on communication, is provided. A key exchange method includes: a first key generation step in which a communication device Ui generates a first key; a first anonymous broadcast step in which the communication device Ui anonymously broadcasts the first key with a set R?{Ui} being designated for i?{1, . . . , n} and the communication device Ui anonymously broadcasts the first key with ? being designated for i?{n+1, . . . , N}; a second key generation step in which the communication device Ui generates a second key; a second anonymous broadcast step in which the communication device Ui anonymously broadcasts the second key with the set R?{Ui} being designated for i?{1, . . . , n} and the communication device Ui anonymously broadcasts the second key with ? being designated for i?{n+1, . . . , N}; and a session key generation step in which the communication device Ui generates a session key SK for i?{1, . . .
    Type: Grant
    Filed: August 14, 2018
    Date of Patent: May 14, 2024
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Reo Yoshida, Tetsutaro Kobayashi, Yuto Kawahara, Hitoshi Fuji, Kazuki Yoneyama