Patents Examined by Wasika Nipa
  • Patent number: 10305683
    Abstract: Disclosed are systems to apply customized permission settings to protect particular portions of a document, and, in particular, documents that are of bitstream datatypes containing multiple channels of audio, encoded or not encoded. The custom access permission settings may be implemented by obfuscating the protected portions of the original bitstream and then embedding “secret,” e.g., hidden and/or encrypted, versions of the obfuscated portions in parts of the data structure of the original file, e.g., in the form of “layers” that are held within audio stream containers such as channels. The content of the individual encrypted audio stream containers may then be decrypted according to each recipient's permissions and layered on top of the obfuscated portions of the encoded media file before being rendered to the recipient.
    Type: Grant
    Filed: December 29, 2017
    Date of Patent: May 28, 2019
    Assignee: Entefy Inc.
    Inventors: Alston Ghafourifar, Vincente Ciancio
  • Patent number: 10291598
    Abstract: A network device decrypts a record, received from a client device, that is associated with an encrypted session between the client device and an application platform. The network device incorporates decrypted record data, from the decrypted record, into a payload field of a transmission control protocol (TCP) packet to be transmitted to another device, identifies a record header in the record, and determines, based on the record header, a record type associated with the decrypted record. Based on the record type, the network device marks the one or more TCP packets as including urgent data by setting a TCP urgent control bit in a header of the one or more TCP packets, and sets a second field, in the header of the TCP packet, to a second value that identifies an end of the urgent data, which corresponds to an end of the decrypted record data in the payload field.
    Type: Grant
    Filed: August 7, 2018
    Date of Patent: May 14, 2019
    Assignee: Juniper Networks, Inc.
    Inventor: Rajeev Chaubey
  • Patent number: 10291651
    Abstract: A device may receive a message associated with initiating a secure socket layer session or a transport layer security session (SSL/TLS session). The device may identify a decryption profile associated with managing encrypted traffic associated with the SSL/TLS session. The device may determine a server indicator included in the message. The device may determine whether the decryption profile includes information associated with the server indicator. The device may selectively manage the encrypted traffic associated with the SSL/TLS session using a first decryption technique or a second decryption technique based on determining whether the decryption profile includes information associated with the server indicator, where the first decryption technique may be different from the second decryption technique.
    Type: Grant
    Filed: June 26, 2015
    Date of Patent: May 14, 2019
    Assignee: Juniper Networks, Inc.
    Inventor: Rajeev Chaubey
  • Patent number: 10275612
    Abstract: In an example embodiment, posterior distribution based percentiles for confidential data submitted to a computer system are computed. Then empirical percentiles are computed for the confidential data. A convex combination factor is computed based on a ratio between a number of valid entries in a cohort of the confidential data values and a combination of the number of valid entries in the cohort and the number of valid entries in a parent cohort of the cohort. Then, for each percentile of interest, a convex combination of the empirical percentile and the posterior distribution based percentile is calculated, using the convex combination factor to weight the empirical percentile.
    Type: Grant
    Filed: March 3, 2017
    Date of Patent: April 30, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Stuart MacDonald Ambler, Krishnaram Kenthapadi
  • Patent number: 10270599
    Abstract: Data verification in federate learning is faster and simpler. As artificial intelligence grows in usage, data verification is needed to prove custody and/or control. Electronic data representing an original version of training data may be hashed to generate one or more digital signatures. The digital signatures may then be incorporated into one or more blockchains for historical documentation. Any auditor may then quickly verify and/or reproduce the training data using the digital signatures. For example, a current version of the training data may be hashed and compared to the digital signatures generated from the current version of the training data. If the digital signatures match, then the training data has not changed since its creation. However, if the digital signatures do not match, then the training data has changed since its creation. The auditor may thus flag the training data for additional investigation and scrutiny.
    Type: Grant
    Filed: April 27, 2017
    Date of Patent: April 23, 2019
    Assignee: Factom, Inc.
    Inventors: Jason Nadeau, Brian Deery, Mahesh Paolini-Subramanya, Paul Snow
  • Patent number: 10262154
    Abstract: In an example embodiment, an anonymized set of confidential data values is obtained for a plurality of combinations of cohorts having a first attribute type and a second attribute type. A matrix of the confidential data values having the first attribute type as a first axis and the second attribute type as the second axis is constructed. A set of candidate low rank approximations of the matrix is calculated using an objective function evaluated using a set of candidate data transformation functions, the objective function having one or more parameters and an error function. One or more parameters that minimize the error function of the objective function are minimized to select one of the candidate low rank approximations of the matrix. Then one or more cells that are missing data, of the selected one of the candidate low rank approximations of the matrix, are inferred.
    Type: Grant
    Filed: June 9, 2017
    Date of Patent: April 16, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Krishnaram Kenthapadi, Stuart MacDonald Ambler
  • Patent number: 10255457
    Abstract: In an example, a submission of a confidential data value of a first confidential data type is received from a first user with one or more attributes. A plurality of previously submitted confidential data values of a first confidential data type for a cohort matching the one or more attributes of the first user are retrieved. Then, one or more intermediate cohorts are derived by generalizing each of the one or more attributes of the cohort up at least one level in a different taxonomy corresponding to each of the one or more attributes. One or more of the intermediate cohorts are selected, and a parameterized distribution is fitted to the previously submitted confidential data values that are contained within the selected one or more of the intermediate cohorts, outputting one or more estimated parameters for each of the selected one or more of the intermediate cohorts. A lower limit for the first confidential data type is then set based on the one or more estimated parameters.
    Type: Grant
    Filed: September 28, 2016
    Date of Patent: April 9, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Krishnaram Kenthapadi, Stuart MacDonald Ambler
  • Patent number: 10237070
    Abstract: A system, apparatus, method, and machine readable medium are described for sharing authentication data.
    Type: Grant
    Filed: December 31, 2016
    Date of Patent: March 19, 2019
    Assignee: Nok Nok Labs, Inc.
    Inventor: Rolf Lindemann
  • Patent number: 10200366
    Abstract: An apparatus and method by which a user device in a home network system transmits home-device-related information is provided. The method includes acquiring, from at least one home device, a unique user identifier (UUID) for a related home device, a peer ID (peer ID) which is managed by a connectivity server for managing a connection between the user device and the related home device and that identifies the related home device, a peer group ID for identifying a group of home devices that have registered with a service server for managing device information on the related home device, and a device token containing key information for authenticating the connection to the related home device, selecting a specific user device which will share the UUID, peerID, peer group ID and device token from among neighboring devices, and transferring the UUID, peerID, peer group ID, and device token to the specific user device on the basis of a predetermined sharing method.
    Type: Grant
    Filed: September 22, 2014
    Date of Patent: February 5, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Jun-Hyung Kim, Se-Hoon Kim, Jai-Ick Chun, Dong-Keon Kong, Eun-Hui Bae
  • Patent number: 10177911
    Abstract: Methods and systems are provided for efficient and secure “Machine-to-Machine” (M2M) between modules and servers. A module can communicate with a server by accessing the Internet, and the module can include a sensor and/or actuator. The module and server can utilize public key infrastructure (PKI) such as public keys to encrypt messages. The module and server can use private keys to generate digital signatures for datagrams sent and decrypt messages received. The module can internally derive pairs of private/public keys using cryptographic algorithms and a set of parameters. A server can use a shared secret key to authenticate the submission of derived public keys with an associated module identity. For the very first submission of a public key derived the module, the shared secret key can comprise a pre-shared secret key which can be loaded into the module using a pre-shared secret key code.
    Type: Grant
    Filed: May 18, 2018
    Date of Patent: January 8, 2019
    Assignee: Network-1 Technologies, Inc.
    Inventor: John A. Nix
  • Patent number: 10129216
    Abstract: Systems, methods, and machine-readable media for low latency server-side redirection of User Datagram Protocol (UDP)-based transport protocols traversing a client-side Network Address Translation (NAT) are provided. A request may be sent from a client for a data resource to a first server. The data resource may be received from a second server that has not been previously connected to the client. Receiving the data resource from the second server may be facilitated by the first server through redirecting the request to the second server and providing for the second server to connect to the client and directly respond to the request. The first server may lack at least one of the requested data resource or resources for providing the requested data resource.
    Type: Grant
    Filed: March 30, 2017
    Date of Patent: November 13, 2018
    Assignee: Google LLC
    Inventors: James Anthony Roskind, Ian Douglas Swett
  • Patent number: 10129021
    Abstract: A photon pair generator includes a light source configured to emit light, and a nonlinear optical element configured to receive the light radiated from the light source and generate a quantum-entangled photon pair through spontaneous parametric down-conversion (SPDC), the nonlinear optical element including a polar material layer and a nonlinear material layer provided on the polar material layer.
    Type: Grant
    Filed: April 13, 2015
    Date of Patent: November 13, 2018
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Heejeong Jeong, Jisoo Kyoung, Changwon Lee, Chanwook Baik, Yeryoung Lee
  • Patent number: 10083296
    Abstract: In an example, there is disclosed a computing apparatus having one or more logic elements providing a security agent operable for: detecting that a first process has launch a second process and placed the second process in a suspended state; detecting that the first process has modified or attempted to modify the second process; classifying the modification as potentially malicious; and taking a remedial action. There is also disclosed one or more computer-readable storage mediums having stored thereon executable instructions for providing the security agent, and a computer-executable method of providing the security agent.
    Type: Grant
    Filed: June 27, 2015
    Date of Patent: September 25, 2018
    Assignee: McAfee, LLC
    Inventors: Aditya Kapoor, Joel R. Spurlock, Jonathan L. Edwards
  • Patent number: 10078760
    Abstract: In an example, a weighted directed graph data structure is constructed from position information and position transition information, the weighted directed graph data structure comprising a plurality of nodes, with each node corresponding to a position in the position information, and a plurality of directed edges between the plurality of nodes, with each directed edge corresponding to a transition occurring from a position corresponding to a node at a beginning of the directed edge to a position corresponding to a node at an end of the directed edge. A value is assigned to each node based on one or more confidential data values associated with a position corresponding to the node. A weight is assigned to each directed edge based on a number of members that transitioned positions on either side of the edge. The values in each node are then updated repeatedly based on neighbor node values until convergence occurs.
    Type: Grant
    Filed: January 5, 2017
    Date of Patent: September 18, 2018
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Krishnaram Kenthapadi, Stuart MacDonald Ambler
  • Patent number: 10063518
    Abstract: A method for reducing data transfer connections is provided. The method may include receiving data requests associated with devices. The method may further include collecting data associated with the devices based on the data requests. Additionally, the method may include identifying applications for receiving the collected data. The method may also include generating datasets based on the collected data and the identified applications, wherein the datasets include collected data that is combined based on a commonality for transmission to one or more common applications. The method may further include generating passwords for the datasets. The method may also include encrypting the passwords. The method may further include generating data blocks, including a dataset, the generated and encrypted passwords, and UUIDs for each application. The method may also include transmitting the data blocks to the identified applications.
    Type: Grant
    Filed: September 27, 2016
    Date of Patent: August 28, 2018
    Assignee: International Business Machines Corporation
    Inventors: Sanehiro Furuichi, Masami Tada, Takahito Tashiro
  • Patent number: 10061939
    Abstract: In an example embodiment, a number of buckets is determined for an empirical histogram of confidential data values submitted to a computer system. The empirical histogram for the confidential data values is computed. Posterior distribution endpoints corresponding to the computed empirical histogram endpoints of the empirical histogram are computed. Then an interval between the posterior distribution endpoints is divided into the determined number of buckets, producing a smoothed histogram based on the posterior distribution. A weight factor is determined based on a ratio between a number of valid entries in a cohort of the confidential data values and a threshold used to determine whether smoothing needs to be performed. Linear interpolation of bucket endpoints is performed for the empirical histogram and the smoothed histogram, using the weight factor to weight the empirical histogram.
    Type: Grant
    Filed: March 3, 2017
    Date of Patent: August 28, 2018
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Stuart MacDonald Ambler, Krishnaram Kenthapadi
  • Patent number: 10055283
    Abstract: A method includes encrypting first data segment using first encryption key (EK1) to produce first encrypted data segment (DS), appending the first encrypted DS with EK2 to produce first encrypted appended DS, and dispersed error encoding the first encrypted appended DS to produce first set of error encoded data slices (EDSs). The method further includes encrypting EK1 using EK2 to produce EK layer1, encrypting second DS using EK3 to produce second encrypted DS, appending the second encrypted DS with EK4 to produce second encrypted appended DS, dispersed error encoding the second encrypted appended DS to produce second set of EDSs, appending EK3 with EK layer1 to produce appended EK layer1, encrypting appended EK layer1 using EK4 to produce EK layer2, generating EK layer-final in accordance with an EK layering scheme and EK layer2, and dispersed error encoding EK layer-final to produce set of error encoded layered key slices.
    Type: Grant
    Filed: October 31, 2017
    Date of Patent: August 21, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Gary W. Grube, Timothy W. Markison
  • Patent number: 10049223
    Abstract: Techniques for processing address book upload requests are provided. A user of a social network service uploads a list of email addresses. The social network service is configured to provide information about members of the social network service whose email addresses match one of the email addresses in the list of email addresses. Before providing that information, the social network service identifies attributes of the list of email addresses, the user, and/or the upload. The social network service analyzes the attributes to determine whether to provide the requested information. In one technique, the social network service creates and trains a model to learn the attributes or features (and their corresponding weights) that are associated with “bad” uploads. Example features include the number of email addresses in an upload and the number of uploads submitted by the user within the last hour.
    Type: Grant
    Filed: April 14, 2015
    Date of Patent: August 14, 2018
    Assignee: Microsoft Technology Licensing, LLC
    Inventor: Jenelle Bray
  • Patent number: 10050944
    Abstract: A process for accessing a data storage device of a CCS through a GCS includes setting up a protected connection over the Internet between a first piece of terminal equipment of the user and the GCS by inputting the URL of the CCS into a program of the piece of terminal equipment, and using the modified DNS for name resolution of the URL, so that the protected connection is set up with the GCS instead of with the CCS; transferring a file over the protected connection from the terminal equipment to the GCS; setting up a session over the network between the GCS and the CCS; encrypting the file by the gateway computer system using the cryptographic key; transferring the encrypted file through the session from the GCS to the CCS; and storing the encrypted file in the data storage device of the CCS.
    Type: Grant
    Filed: October 27, 2014
    Date of Patent: August 14, 2018
    Assignee: BUNDESDRUCKEREI GMBH
    Inventor: Frank Byszio
  • Patent number: 10044761
    Abstract: An authentication apparatus to authenticate a user requesting access to a restricted resource in a computer system comprising: an interface adapted to receive an indication of a user request to access the restricted resource, the request having associated a current user context defining one or more characteristics of the user; a receiver adapted to receive a user selected authentication scheme from a set of authentication schemes for the current user context; a comparator adapted to compare the user selected authentication scheme with a set of user-specific rules, each rule indicating one or more authentication schemes for a user context as preferred authentication schemes; an access controller adapted to permit access to the restricted resource based on the comparison so as to prevent access to the restricted resource when the rules indicate one or more authentication schemes other than the user selected authentication scheme are preferred for the current user context.
    Type: Grant
    Filed: March 17, 2015
    Date of Patent: August 7, 2018
    Assignee: British Telecommunications Public Limited Company
    Inventors: Gery Michel Ducatel, Theo Dimitrakos