Patents Examined by William Powers
  • Patent number: 10027482
    Abstract: A method and a cryptographic device for encrypting/decrypting an input message by using an algorithm having as entries, said input message, a cryptographic key, and a complementary unique value used as parameter of the algorithm. The output data is formed by the input message decrypted/encrypted by the algorithm using the cryptographic key and the complementary value. The latter is determined on the basis of a unique value physically bound to an electronic device by using a physically unclonable function (PUF) which is inherent to this device and which is used to generate this unique value from a plurality of physical measurements carried out on components integrated in said device.
    Type: Grant
    Filed: June 17, 2014
    Date of Patent: July 17, 2018
    Assignee: Nagravision S.A.
    Inventors: Marco Macchetti, Claudio Favi
  • Patent number: 10015161
    Abstract: A cloud computing system includes a cloud system managing unit, a plurality of sets of devices, where a set of devices includes one or more devices having a common aspect, and a plurality of authentication servers, where an authentication server is associated with one of the plurality of sets of devices based on the common aspect. The cloud computing system functions to establish trust between a corresponding one of the plurality of authentication servers and the one or more devices of one of the plurality of sets of devices, between the corresponding one of the plurality of authentication servers and the cloud system managing unit, and between the cloud system managing unit and the one or more devices. The cloud system managing unit configures the cloud computing system based on the trust between the cloud system managing unit and devices of the plurality of sets of devices.
    Type: Grant
    Filed: September 18, 2017
    Date of Patent: July 3, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Wesley Leggette, Jason K. Resch
  • Patent number: 9992029
    Abstract: A method and apparatus for a certificate authority system providing authentication to a plurality of devices associated with an organization are described. The method may include receiving, at the certificate authority system, a request from a device to sign authentication information of the device, wherein the device is associated with the organization. The method may also include sending a challenge to the device to perform an action with a system other than the certificate authority system, and receiving the response to the challenge from the device. Furthermore, the method may include verifying that the response was generated correctly based on the challenge, and signing the authentication information of the device with one or more keys of the certificate authority system as an authentication of an identity of the device.
    Type: Grant
    Filed: April 5, 2017
    Date of Patent: June 5, 2018
    Assignee: STRIPE, INC.
    Inventors: Carl Jackson, Bryan Berg, David Terrance Bartley, Evan Broder
  • Patent number: 9971881
    Abstract: The disclosure is directed to an access permission system that manages provisioning of access to an electronic resource through various types of access permissions. The access permission system provisions access by provisioning a license entitlement of a specified type. A provisioning optimization technique determines a combination of different types of license entitlements to be provisioned according to an optimization criterion associated with an attribute of a license entitlement. For example, the optimization criterion can based on a “unit cost” associated with a license entitlement, and the provisioning optimization technique can determine various types of license entitlements to be obtained (and therefore to be provisioned) in order to minimize a total cost of the license incurred in satisfying the consumption demand requests.
    Type: Grant
    Filed: May 2, 2017
    Date of Patent: May 15, 2018
    Assignee: Flexera Software LLC
    Inventor: Timothy M. Adam
  • Patent number: 9935926
    Abstract: Methods, apparatus, systems and articles of manufacture to monitor media presentations are disclosed. An example method includes extracting first network packet parameters from a first network packet received at a media device when retrieving a first encrypted web page, storing the first network packet parameters in association with identifying information for the first encrypted web page, extracting second network packet parameters from a second network packet received at the media device from an unknown encrypted web page, when the extension does not collect identifying information for the unknown encrypted web page, comparing the second network packet parameters to the first network packet parameters, and identifying the unknown encrypted web page as the first encrypted web page when the comparison of the second network packet parameters to the first network packet parameters has a similarity above a threshold.
    Type: Grant
    Filed: October 21, 2016
    Date of Patent: April 3, 2018
    Assignee: The Nielsen Company (US), LLC
    Inventors: Robert P. Borland, Jonathon Brett Rubin, Anthony B. Stringer, Adam Schenker, Shailendra Paranjape
  • Patent number: 9888000
    Abstract: Disclosed is a system for delegating authentication of an untrusted application executing on a client device. For delegated authentication, an untrusted application relies on a trusted application executing in the same environment for authentication purposes. The delegated authentication process avoids requiring the user of the untrusted application to provide authentication credentials. The disclosed system for delegating authentication enables any trusted application executing in the same computing environment to authenticate the untrusted application.
    Type: Grant
    Filed: April 10, 2017
    Date of Patent: February 6, 2018
    Assignee: Twitter, Inc.
    Inventors: Jeffrey Seibert, Jr., Michael Ducker
  • Patent number: 9881175
    Abstract: A computer implemented system and method of sharing files between a link sharer and a link recipient over a network. The method comprises generating, in response to a request by a link sharer, a file sharing link to a file set, where the link does not provide a link recipient the ability to modify the contents of the linked file set. In response to receiving an indication that the generated link has been activated by a link recipient, displaying a representation of the linked file set with a display element configured to send a request for modification rights to the linked file set when activated by the link recipient. In response to receiving the request for modification rights, either automatically granting modification rights to the linked file set or sending notice to the link sharer indicating that the link recipient is requesting modification rights to the linked file set.
    Type: Grant
    Filed: January 19, 2017
    Date of Patent: January 30, 2018
    Assignee: Dropbox, Inc.
    Inventors: Ivan Kirigin, Olumakinde Adegboyega Adeagbo
  • Patent number: 9882926
    Abstract: A system for detecting security vulnerabilities in web applications, the system including, a black-box tester configured to provide a payload to a web application during a first interaction with the web application at a computer server, where the payload includes a payload instruction and an identifier, and an execution engine configured to detect the identifier within the payload received during an interaction with the web application subsequent to the first interaction, and determine, responsive to detecting the identifier within the payload, whether the payload instruction underwent a security check prior to execution of the payload instruction.
    Type: Grant
    Filed: October 3, 2016
    Date of Patent: January 30, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Yair Amit, Alexander Landa, Omer Tripp
  • Patent number: 9876816
    Abstract: A system for detecting security vulnerabilities in web applications, the system including, a black-box tester configured to provide a payload to a web application during a first interaction with the web application at a computer server, where the payload includes a payload instruction and an identifier, and an execution engine configured to detect the identifier within the payload received during an interaction with the web application subsequent to the first interaction, and determine, responsive to detecting the identifier within the payload, whether the payload instruction underwent a security check prior to execution of the payload instruction.
    Type: Grant
    Filed: October 3, 2016
    Date of Patent: January 23, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Yair Amit, Alexander Landa, Omer Tripp
  • Patent number: 9871778
    Abstract: Techniques to perform secure authentication to provide mobile access to shared content are disclosed. In various embodiments, a user credential associated with a request to access content is received at a connector node from a mobile application running on a mobile device. The user credential is used to create at the connector node a secure credential token that includes the user credential. The secure credential token is used to provide to the mobile application on the mobile device, via the connector node, access to content on two or more servers residing on a protected network with which the user credential is associated.
    Type: Grant
    Filed: June 18, 2015
    Date of Patent: January 16, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Anand Taralika, Divakara Challa, Srin Kumar, Alok Ojha, Leonard Chung
  • Patent number: 9870469
    Abstract: In an example, a stack protection engine is disclosed for preventing or ameliorating stack corruption attacks. The stack protection engine may operate transparently to user-space processes. After a call to a subroutine from a parent routine, the stack protection engine encodes the return address on the stack, such as with an exclusive or cipher and a key selected from a key array. After the subroutine returns control to the main routine, the stack protection engine decodes the address, and returns control. If a stack corruption attack occurs, the malicious return address is not properly encoded, so that when decoding occurs, the program may simply crash rather than returning control to the malicious code.
    Type: Grant
    Filed: September 26, 2014
    Date of Patent: January 16, 2018
    Assignee: McAfee, Inc.
    Inventor: Simon Crowe
  • Patent number: 9871777
    Abstract: A data and instrument management and interface system comprises a web server hosted on an intranet network having a wireless range. The web server has a processor, and a non-transitory computer memory coupled with the processor and storing processor executable code. The web server can communicate over the intranet network with a web browser running on a handheld user device located within the wireless range of the intranet network, and with an instrument. The processor executable code causes the processor to: receive a first wireless signal over the intranet network, the first wireless signal transmitted by the web browser and indicative of request for data for the instrument; authenticate the handheld user device and a user of the web browser; and transmit a second wireless signal to the web browser indicative of data for the instrument responsive to the handheld user device and the user being authenticated.
    Type: Grant
    Filed: December 4, 2012
    Date of Patent: January 16, 2018
    Assignee: Siemens Healthcare Diagnostics Inc.
    Inventor: Mahalingam Swaminathan
  • Patent number: 9864972
    Abstract: One or more embodiments of techniques or systems for intelligent data presentation are provided herein. Data can be presented on similar devices having different characteristics in different manners. For example, data may be rendered in a first manner on a first device having one monitor, the same data may be rendered in a second manner on a second device having two displays or a different display size. Financial information, sales data, banking information, etc. may be presented in a variety of ways based on capabilities or properties of a device accessing the information or data. Similarly, renderings may be selected based on interaction capabilities or interaction options a user may have with different renderings or presentations. In other embodiments, user interaction with an automated teller machine (ATM), call center, vehicle, or other interface can be based on device properties or device capabilities.
    Type: Grant
    Filed: November 14, 2013
    Date of Patent: January 9, 2018
    Assignee: WELLS FARGO BANK, N.A.
    Inventors: Stephen M. Ellis, Bipin Sahni, David Hatch, Shahid Razzaq
  • Patent number: 9852304
    Abstract: A method for controlling copyright permissions when assembling multiple copyrighted works into a compiled file. The copyright permission level of each file is analyzed, either based on the copyright permission information present in metadata associated with the file or based on the digital file format of the file which reflects the permission level. The compiled file is assigned a permission level which is the same as or more restrictive than all of the permission level of the files in the compilation, and is generated in a format that enforces the assigned permission level. A notification may be displayed to the user to notify the use of the permission level assigned to the compiled file.
    Type: Grant
    Filed: May 7, 2015
    Date of Patent: December 26, 2017
    Assignee: KONICA MINOLTA LABORATORY U.S.A., INC.
    Inventor: Toshiro Fujimori
  • Patent number: 9848218
    Abstract: A source device for transmitting content to a sink device is provided. The source device may include an interface configured to perform high-bandwidth digital content protection (HDCP) authentication with the sink device, and a controller configured to determine an HDCP version supported by the sink device, convert the content so as to be encrypted in the HDCP version supported by the sink device in response to a determination that another HDCP version applied to the content is not supported by the sink device, encrypt the converted content in the HDCP version supported by the sink device, and control the interface to transmit the content to the sink device.
    Type: Grant
    Filed: January 13, 2014
    Date of Patent: December 19, 2017
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventor: Sung-bo Oh
  • Patent number: 9838382
    Abstract: A cloud computing system includes a cloud system managing unit, a plurality of sets of devices, where a set of devices includes one or more devices having a common aspect, and a plurality of authentication servers, where an authentication server is associated with one of the plurality of sets of devices based on the common aspect. The cloud computing system functions to establish trust between a corresponding one of the plurality of authentication servers and the one or more devices of one of the plurality of sets of devices, between the corresponding one of the plurality of authentication servers and the cloud system managing unit, and between the cloud system managing unit and the one or more devices. The cloud system managing unit configures the cloud computing system based on the trust between the cloud system managing unit and devices of the plurality of sets of devices.
    Type: Grant
    Filed: January 6, 2017
    Date of Patent: December 5, 2017
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Wesley Leggette, Jason K. Resch
  • Patent number: 9830460
    Abstract: Methods, apparatus, and systems for characterizing vulnerabilities of an application source code are disclosed. Steps for characterizing vulnerabilities include traversing a representation of the application source code, generating a signature of a potential vulnerability of the application source code, and determining characteristics of the potential vulnerability based on a correlation between the generated signature of the potential vulnerability and previously stored signatures of potential vulnerabilities.
    Type: Grant
    Filed: July 28, 2016
    Date of Patent: November 28, 2017
    Assignee: WHITEHAT SECURITY, INC.
    Inventor: Eric Sheridan
  • Patent number: 9825987
    Abstract: Disclosed is a system for recommending content of a predefined category to an account holder, or account holders based on the account holder application graphs. The system receives information corresponding to applications executing on the client device of the account holders and generates an application graph for each account holder that includes a list of predefined application categories that are preferred by the account holder. For each predefined category, a list of account holders preferring content relevant to that category is predicted based on the set of generated application graphs.
    Type: Grant
    Filed: April 29, 2015
    Date of Patent: November 21, 2017
    Assignee: Twitter, Inc.
    Inventors: Deepak Rao, Argyrios Zymnis, Kelton Lynn, Michael Ducker, Sean Cook
  • Patent number: 9817953
    Abstract: Systems and methods in which multiple key servers operate cooperatively to securely provide authorization codes to requesting devices. In one embodiment, a server cloud receives a device authorization code request and selects an “A server”. The “A server” requests authorization from one or more “B servers” and authorizes the “B servers” to respond. The “B servers” provide authorization to the “A server”, and may provide threshold key inputs to enable decryption of device authorization codes. The “A server” cannot provide the requested device authorization code without authorization from the “B server(s)”, and the “B server(s)” cannot provide the requested server authorization code and threshold inputs without a valid request from the “A server”. After the “A server” receives authorization from the “B server(s)”, it can provide the initially requested device authorization code to the requesting device.
    Type: Grant
    Filed: September 26, 2014
    Date of Patent: November 14, 2017
    Assignee: Rubicon Labs, Inc.
    Inventors: William V. Oxford, Gerald E. Woodcock, III
  • Patent number: 9811242
    Abstract: The present invention provides an eye-controlled password input apparatus, which comprises a display device to display a password menu, an image capturing device to capture an user's eye region image, a memory unit to store at least one preset password and a corresponding account number, a control unit to generate the password menu according to the preset password, and an image processing unit. The image processing unit obtains a plurality of reference objects from the eye image so as to recognize the eye movement direction and to confirm password input. After input a character of the password, the display device generates another password selection menu for the user to input another password character until the password input program is completed.
    Type: Grant
    Filed: February 13, 2015
    Date of Patent: November 7, 2017
    Assignee: Utechzone Co., Ltd.
    Inventors: Chia-Chun Tsou, Po-Tsung Lin