Patents Examined by William B Jones
  • Patent number: 10541997
    Abstract: The present disclosure is generally directed a data processing system for authenticating packetized audio signals in a voice activated computer network environment. The data processing system can improve the efficiency and effectiveness of auditory data packet transmission over one or more computer networks by, for example, disabling malicious transmissions prior to their transmission across the network. The present solution can also improve computational efficiency by disabling remote computer processes possibly affected by or caused by the malicious audio signal transmissions. By disabling the transmission of malicious audio signals, the system can reduce bandwidth utilization by not transmitting the data packets carrying the malicious audio signal across the networks.
    Type: Grant
    Filed: December 30, 2016
    Date of Patent: January 21, 2020
    Assignee: Google LLC
    Inventors: Gaurav Bhaya, Robert Stets
  • Patent number: 10541998
    Abstract: The present disclosure is generally directed a data processing system for authenticating packetized audio signals in a voice activated computer network environment. The data processing system can improve the efficiency and effectiveness of auditory data packet transmission over one or more computer networks by, for example, disabling malicious transmissions prior to their transmission across the network. The present solution can also improve computational efficiency by disabling remote computer processes possibly affected by or caused by the malicious audio signal transmissions. By disabling the transmission of malicious audio signals, the system can reduce bandwidth utilization by not transmitting the data packets carrying the malicious audio signal across the networks.
    Type: Grant
    Filed: January 5, 2018
    Date of Patent: January 21, 2020
    Assignee: GOOGLE LLC
    Inventors: Gaurav Bhaya, Robert Stets
  • Patent number: 10534909
    Abstract: Systems and methods for multi-tiered sandbox based network threat detection are provided. According to one embodiment, a file is received by a computer system. The file is caused to exhibit a first set of behaviors by processing the file within a virtualization application based environment of the computer system. The virtualization application based environment is created based on an application to which the file pertains. The file is further caused to exhibit a second set of behaviors by processing the file within a container based environment of the computer system. Differences, if any, between the first set of behaviors and the second set of behaviors. Finally, the file is classified as malicious when the differences are greater than a predefined or configurable threshold.
    Type: Grant
    Filed: March 2, 2017
    Date of Patent: January 14, 2020
    Assignee: Fortinet, Inc.
    Inventor: Michael F. Chalmandrier-Perna
  • Patent number: 10521591
    Abstract: A computer-implemented method is provided for detecting compiler-injected security flaws. The computer-implemented method includes receiving source code, compiling the source code, reverse engineering the compiled source code, comparing operations performed by the source code and the reverse engineered source code, identifying differences between the source code and the reverse engineered source code, and creating a list of differences. The list of differences includes operations that are present in the source code and missing from binary code. Alternatively, the list of differences includes operations that are present in binary code and missing from the source code.
    Type: Grant
    Filed: December 1, 2016
    Date of Patent: December 31, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventor: Steve McDuff
  • Patent number: 10511972
    Abstract: [Object] To provide a communication apparatus, a communication method, and a program, each of which is capable of achieving both security and convenience of communication in transmission of information. [Solution] A communication apparatus, including: an acquisition unit configured to acquire information on a position or external environment of the communication apparatus; and a control unit configured to control transmission of information containing first identification information of the communication apparatus in the case where the information acquired by the acquisition unit satisfies a predetermined condition. A communication method, including: acquiring information on a position or external environment of a communication apparatus; and controlling transmission of information containing first identification information of the communication apparatus in the case where the acquired information satisfies a predetermined condition.
    Type: Grant
    Filed: March 20, 2015
    Date of Patent: December 17, 2019
    Assignee: SONY CORPORATION
    Inventor: Tatsuo Nagamatsu
  • Patent number: 10503895
    Abstract: Runtime non-intrusive container security introspection and remediation is disclosed. For example, a persistent storage associated with a container has a write protected lower system layer and an upper system layer, and a first snapshot of the upper system layer is created. A first request to modify data in the persistent storage is detected. A first requested modification is forwarded to a security inspection service. A threat state of the container based is determined on the first requested modification, where the threat state is one of a threatening state and a non-threatening state. In response to determining that the container is in the non-threatening state, the container is notified that the first requested modification is non-threatening and a second snapshot of the upper system layer is created. In response to determining that the container is in the threatening state, a container engine is instructed to respond to the threatening state.
    Type: Grant
    Filed: April 11, 2017
    Date of Patent: December 10, 2019
    Assignee: Red Hat, Inc.
    Inventor: Huamin Chen
  • Patent number: 10503920
    Abstract: The embodiments herein relate to discrete data containers and, more particularly, to management of data stored in discrete data containers. Embodiments herein disclose methods and systems to update data present within a data container, when a user accessing the data, present within the data container, has updated the data. Embodiments herein disclose a method and system for enabling modifications of data present in data containers, wherein de-containerized data associated with a data container can be modified by at least one user and the modifications by the user can be reflected in real-time to the data in the data container.
    Type: Grant
    Filed: March 15, 2018
    Date of Patent: December 10, 2019
    Assignee: VAULTIZE TECHNOLOGIES PRIVATE LIMITED
    Inventors: Ankur Panchbudhe, Praneeth Siva, Amol Vaikar, Yusuf Batterywala
  • Patent number: 10503913
    Abstract: Techniques for establishing mutual authentication of software layers of an application are described. During initialization of the application, the software layers execute a binding algorithm to exchange secrets to bind the software layers to one another. During subsequent runtime of the software application, the software layers execute a runtime key derivation algorithm to combine the secrets shared during initialization with dynamic time information to generate a data encryption key. The software layers can then securely transfer data with each other by encrypting and decrypting data exchanged between the software layers using the dynamically generated data encryption key.
    Type: Grant
    Filed: March 11, 2016
    Date of Patent: December 10, 2019
    Assignee: Visa International Service Association
    Inventors: Rasta Mansour, Soumendra Bhattacharya, Robert Youdale
  • Patent number: 10496801
    Abstract: An authentication engine for an information handling system includes an event engine that receives authentication information from a plurality of input devices of the information handling system and classifies the authentication information from each input device into a plurality of events, and provides confidence score metadata based upon the authentication information, a confidence module that generates a confidence score based upon the events, and a threshold table that receives the confidence score and determines an authentication state of the information handling system based upon the confidence score.
    Type: Grant
    Filed: January 13, 2016
    Date of Patent: December 3, 2019
    Assignee: Dell Products, LP
    Inventors: Daniel Hamlin, Charles D. Robison, Jr., Carrie Elaine Gates
  • Patent number: 10482263
    Abstract: Methods, systems, apparatuses, and computer program products are provided for processing queries. A data server includes a query processor configured to receive a query from a database application, which was received by the database application from a requestor. The query is directed to data stored at the data server. The query processor includes a deferred evaluation determiner and deferred expression determiner. The deferred evaluation determiner is configured to analyze the query, and to designate the query for deferred evaluation by the database application if a predetermined factor is met, such as the query including an operation on encrypted data that is not supported at the data server. The deferred expression determiner is configured to determine expression evaluation information for evaluating at least a portion of the query at the database application. The query processor provides the encrypted data and the expression evaluation information to the database application for evaluation.
    Type: Grant
    Filed: April 1, 2015
    Date of Patent: November 19, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Panagiotis Antonopoulos, Ajay S. Manchepalli, Kapil Vaswani, Haohai Yu, Michael James Zwilling
  • Patent number: 10484378
    Abstract: A mechanism is described for facilitating context-based access control of resources for according to one embodiment. A method of embodiments, as described herein, includes receiving a first request to access a resource of a plurality of resources. The first request may be associated with one or more contexts corresponding to a user placing the first request at a computing device. The method may further include evaluating the one or more contexts. The evaluation of the one or more contexts may include matching the one or more contexts with one or more access policies associated with the requested resource. The method may further include accepting the first request if the one or more contexts satisfy at least one of the access policies.
    Type: Grant
    Filed: April 14, 2016
    Date of Patent: November 19, 2019
    Assignee: INTEL CORPORATION
    Inventors: Ned M. Smith, Conor P. Cahill, Jason Martin, Abhilasha Bhargav-Spantzel, Sanjay Bakshi
  • Patent number: 10476854
    Abstract: A system implements a QKD-secured logon widget. The system generates a first random quantum key using a first random measurement basis; transmits over a fiber optic network, a first random quantum key to a device, encrypts a logon widget instruction set using the first random quantum key and a first encryption algorithm, resulting in an encrypted message. The system then transmits the encrypted message, and the device receives a second random quantum key from the system, and measures the second random quantum key using a second random measurement basis, where the second random measurement basis is compared to the first random measurement basis, resulting in a comparison basis result. The system uses the comparison basis result to determine a level of anomalies present in the second random quantum key and a shared key, and, based on the level of anomalies, determines whether to render a logon widget at the device.
    Type: Grant
    Filed: April 20, 2017
    Date of Patent: November 12, 2019
    Assignee: BANK OF AMERICA CORPORATION
    Inventor: Ashish Arora
  • Patent number: 10462659
    Abstract: A method for communicating between devices is presented. The method includes dividing a first public key of a first device into at least two partial keys, transmitting the at least two partial keys through at least two communication channels having different physical characteristics, receiving a second public key of a second device through at least one of the at least two communication channels, authenticating the second device based on the received second public key, and performing secure communication with the second device using a public key generated based on the received second public key.
    Type: Grant
    Filed: September 12, 2016
    Date of Patent: October 29, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Soo-Yong Lee, Byung-Moo Lee, Joo-Yeol Lee, Dong He
  • Patent number: 10460098
    Abstract: Methods, systems, and apparatus include computer programs encoded on a computer-readable storage medium, including a method for linking devices. An application, provided to plural devices, is configured to gather account information for services accessed by a given device. Data packages are received from each of a first device and a second different device. Each data package includes a first device identifier and encrypted account information for accounts associated with the device. The account information includes, for a given account, a one-way encrypted account identifier. The encrypted account information associated with the first device is compared with the encrypted account information associated with the second different device to locate one or more matching one-way encrypted identifiers. Based on a comparing, a determination is made that the first device and second different device are associated with a same user, and the first device identifier and second different device identifier are linked.
    Type: Grant
    Filed: August 13, 2015
    Date of Patent: October 29, 2019
    Assignee: Google LLC
    Inventor: Gang Wang
  • Patent number: 10462148
    Abstract: This disclosure relates generally to data masking, and more particularly to method and system for dynamic data masking for mainframe application. In one embodiment, the method includes receiving a request to access a mainframe application from a user profile. A role assigned to the user-profile is fetched from a roles-repository. The role defines rights associated with the user-profile to access information from the mainframe application. Corresponding to the request, an access session is initiated based on the role, and a screen is received. The screen includes a multiple fields, where one or more fields includes sensitive data associated with the mainframe application. Contextual information associated with the plurality of fields is identified corresponding to the session. Rules indicative of the fields to be masked, are fetched corresponding to the screen based on the role. The fields are masked based on the rule and the contextual information associated with the fields.
    Type: Grant
    Filed: March 11, 2016
    Date of Patent: October 29, 2019
    Assignee: Tata Consultancy Services Limited
    Inventors: Rohit Saxena, Amit Prakash Jadhav, Manish Shukla, Vijayanand Mahadeo Banahatti, Sachin Premsukh Lodha
  • Patent number: 10454968
    Abstract: Testing a system against fuzzing attacks includes negating all regular expressions used in the corresponding language, and applying those negated regular expressions to a system interface. Only expressions definitively outside the scope of protocol specification implicate vulnerabilities to fuzzing attacks. The system detects fuzzing attacks by continuously monitoring packets of data and only passing through packets that conform to regular expressions of the language.
    Type: Grant
    Filed: September 12, 2016
    Date of Patent: October 22, 2019
    Assignee: Rockwell Collins, Inc.
    Inventors: Mark A. Bortz, David S. Hardin, James N. Potts, Konrad L. Slind
  • Patent number: 10454931
    Abstract: Methods and systems for securing communications with an enterprise from a remote computing system are disclosed. One method includes initiating a secured connection with a VPN appliance associated with an enterprise using service credentials maintained in a secure applet installed on a remote computing device, and initiating communication with an authentication server within an enterprise via the secured connection. The method also includes receiving specific credentials from the authentication server, terminating the secured connection with the VPN appliance, and initiating a second secured connection with the VPN appliance using the specific credentials, the specific credentials providing access to one or more computing devices within the enterprise being within a same community of interest as the remote computing device and obfuscating one or more other computing systems within the enterprise excluded from the community of interest.
    Type: Grant
    Filed: January 20, 2016
    Date of Patent: October 22, 2019
    Assignee: UNISYS CORPORATION
    Inventors: Ted Hinaman, Steven J Rajcan, Matthew Mohr, William Gunn, Sarah K Inforzato, Robert A Johnson, Gregory J Small, David S Dodgson
  • Patent number: 10447467
    Abstract: In a computer-implemented method for signing a message by a user device of a public key infrastructure (PKI) system, the message and a user public key are sent to at least one attestation server and a server signature on the message is received from the attestation server. The server signature attests the validity of the user public key and is bound to the user public key and the message. The message and the server signature are signed with a user private key, thereby providing a user signature on the message. An attestation server and a related computer program product are also provided.
    Type: Grant
    Filed: May 4, 2016
    Date of Patent: October 15, 2019
    Assignee: International Business Machines Corporation
    Inventors: Marcus Brandenburger, Franz-Stefan Preiss, Kai Samelin, Dieter M. Sommer
  • Patent number: 10437831
    Abstract: A computerized system for recursively detecting anomalies in monitored behavior of entities. The system comprises a storage unit to store monitored events, event deviations and parameters related to each event and to each event deviation. The system comprises a processing unit configured to receive a plurality of input events, construct a plurality of baseline models, receive an input event that occurred during an analyzed timeframe, compare parameters of the received input event to a corresponding baseline model in order to detect an event deviation, and associate an event deviation score to the detected event deviation. Using the detected event deviation as an input event, said operations are repeated until a predetermined condition is satisfied, and an alert is generated, indicating suspicious activity has been detected. A viewer application configured to receive and display alerts relating to the detected event deviation is provided.
    Type: Grant
    Filed: March 13, 2016
    Date of Patent: October 8, 2019
    Assignee: EMC IP Holding Company LLC
    Inventors: Yaron De-Levie, Ori Mendelson, Idan Peretz, Sagi Hilleli, Guy Eisenkot
  • Patent number: 10430582
    Abstract: An information processing apparatus sends a management apparatus execution information about processes that the information processing apparatus has executed while performing a task in response to an instruction from the management apparatus. The management apparatus stores the received execution information in a storage unit. A security detection program monitors the information processing apparatus, and when detecting an alert, sends alert information including information about a process or command being executed by the information processing apparatus, to the management apparatus. The management apparatus receives the alert information, and performs filtering of determining, on the basis of a schedule and the execution information, whether the alert information relates to a task that the management apparatus has instructed the information processing apparatus to perform.
    Type: Grant
    Filed: July 15, 2016
    Date of Patent: October 1, 2019
    Assignee: FUJITSU LIMITED
    Inventors: Toshitsugu Mori, Toru Kitayama, Ryota Kawagata, Akinobu Takaishi, Kiyoshi Kouge, Naoto Ebine