Patents by Inventor Carl J. Persson
Carl J. Persson has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 12015687Abstract: A method of electronic communication via a virtual network function (NFV) implementation of a core network. The method comprises receiving a hypertext transfer protocol (HTTP) content request from a user equipment (UE), wherein the HTTP content request comprises an identification of a content source and determining by an orchestrator service that insufficient NFV processing capacity is available to perform the HTTP content request, where the orchestrator service is an application that executes on a first physical host. The method further comprises dynamically increasing the NFV processing capacity by the orchestrator service, performing the HTTP content request using the increased NFV processing capacity, and returning a HTTP content response to the UE, wherein the HTTP content response does not comprise identification of the content source.Type: GrantFiled: April 19, 2022Date of Patent: June 18, 2024Assignee: T-Mobile Innovations LLCInventors: Ronald R. Marquardt, Lyle W. Paczkowski, Carl J. Persson, Arun Rajagopal
-
Publication number: 20220239757Abstract: A method of electronic communication via a virtual network function (NFV) implementation of a core network. The method comprises receiving a hypertext transfer protocol (HTTP) content request from a user equipment (UE), wherein the HTTP content request comprises an identification of a content source and determining by an orchestrator service that insufficient NFV processing capacity is available to perform the HTTP content request, where the orchestrator service is an application that executes on a first physical host. The method further comprises dynamically increasing the NFV processing capacity by the orchestrator service, performing the HTTP content request using the increased NFV processing capacity, and returning a HTTP content response to the UE, wherein the HTTP content response does not comprise identification of the content source.Type: ApplicationFiled: April 19, 2022Publication date: July 28, 2022Inventors: Ronald R. Marquardt, Lyle W. Paczkowski, Carl J. Persson, Arun Rajagopal
-
Patent number: 11363114Abstract: A method of electronic communication via a virtual network function (NFV) implementation of a core network. The method comprises receiving a hypertext transfer protocol (HTTP) content request from a user equipment (UE), wherein the HTTP content request comprises an identification of a content source and determining by an orchestrator service that insufficient NFV processing capacity is available to perform the HTTP content request, where the orchestrator service is an application that executes on a first physical host. The method further comprises dynamically increasing the NFV processing capacity by the orchestrator service, performing the HTTP content request using the increased NFV processing capacity, and returning a HTTP content response to the UE, wherein the HTTP content response does not comprise identification of the content source.Type: GrantFiled: November 27, 2019Date of Patent: June 14, 2022Assignee: Sprint Communications Company L.P.Inventors: Ronald R. Marquardt, Lyle W. Paczkowski, Carl J. Persson, Arun Rajagopal
-
Patent number: 11005757Abstract: A network interface controller (NIC). The NIC includes a first physical port, a second physical port, a non-transitory memory, a processor coupled to the first and second physical ports, and a data packet grooming application stored in the non-transitory memory. When executed by the processor, the application is configured to parse datagrams encapsulated within data link layer packets received by the first physical port, analyze the encapsulated datagrams based on a processing policy stored in the non-transitory memory, transmit some of the received data link layer packets via the second physical port to a server computer associated with the NIC, and transmit the remainder of the received data link layer packets via the first physical port to a second server computer.Type: GrantFiled: October 28, 2019Date of Patent: May 11, 2021Assignee: Sprint Communications Company L.P.Inventors: Lyle W. Paczkowski, William M. Parsel, Carl J. Persson, Matthew C. Schlesener
-
Patent number: 10686791Abstract: A cloud computing system. The system comprises a network, a data store communicatively coupled to the network, a plurality of compute nodes, at least some of the compute nodes comprising a cloud computing framework agent coupled to an agent gate keeper, where the cloud computing framework agent communicates with the network via the agent gate keeper, an image management component coupled to an image management gate keeper, where the image management component manages images that execute in the compute instances on the compute nodes and communicates with the network via the image management gate keeper, and a security engine coupled to the network that receives a request to initiate an image on a compute instance, analyzes the image to determine an authentication metric, and when the authentication metric matches a validated authentication value, sends the image to the image management component for loading and instantiating in the compute instance.Type: GrantFiled: February 5, 2019Date of Patent: June 16, 2020Assignee: Sprint Communications Company L.P.Inventors: Marouane Balmakhtar, Carl J. Persson, Arun Rajagopal
-
Patent number: 10650159Abstract: An electronic device. The electronic device comprises a memory comprising a confidential information region and a non-confidential information region, a processor, and an application stored in the memory. When executed by the processor, the application determines if a reboot has occurred after a most recent power-off boot, where a reboot takes place without removing power from the processor and memory and, in response to determining that the reboot occurred after the most recent power-off boot, prevents access of applications to the confidential information region in the memory.Type: GrantFiled: April 25, 2018Date of Patent: May 12, 2020Assignee: Sprint Communications Company L.P.Inventors: Lyle W. Paczkowski, William M. Parsel, Carl J. Persson, Matthew C. Schlesener
-
Patent number: 10614212Abstract: A computer system that comprises a processor, a non-transitory memory, and a system application stored in the non-transitory memory. When executed by the processor, the application receives a request to create a software container, creates the container, generates a signature of the container, creates a container security token that comprises the signature and embeds the container security token in the container, and returns the container with the embedded container security token.Type: GrantFiled: July 19, 2018Date of Patent: April 7, 2020Assignee: Sprint Communications Company L.P.Inventors: Ronald R. Marquardt, Lyle W. Paczkowski, Carl J. Persson, Arun Rajagopal
-
Patent number: 10542115Abstract: A method of electronic communication via a virtual network function (NFV) implementation of a core network. The method comprises receiving a hypertext transfer protocol (HTTP) content request from a user equipment (UE), wherein the HTTP content request comprises an identification of a content source and determining by an orchestrator service that insufficient NFV processing capacity is available to perform the HTTP content request, where the orchestrator service is an application that executes on a first physical host. The method further comprises dynamically increasing the NFV processing capacity by the orchestrator service, performing the HTTP content request using the increased NFV processing capacity, and returning a HTTP content response to the UE, wherein the HTTP content response does not comprise identification of the content source.Type: GrantFiled: October 1, 2015Date of Patent: January 21, 2020Assignee: Sprint Communications Company L.P.Inventors: Ronald R. Marquardt, Lyle W. Paczkowski, Carl J. Persson, Arun Rajagopal
-
Patent number: 10243959Abstract: A cloud computing system. The system comprises a network, a data store communicatively coupled to the network, a plurality of compute nodes, at least some of the compute nodes comprising a cloud computing framework agent coupled to an agent gate keeper, where the cloud computing framework agent communicates with the network via the agent gate keeper, an image management component coupled to an image management gate keeper, where the image management component manages images that execute in the compute instances on the compute nodes and communicates with the network via the image management gate keeper, and a security engine coupled to the network that receives a request to initiate an image on a compute instance, analyzes the image to determine an authentication metric, and when the authentication metric matches a validated authentication value, sends the image to the image management component for loading and instantiating in the computer instance.Type: GrantFiled: January 25, 2017Date of Patent: March 26, 2019Assignee: Sprint Communications Company L.P.Inventors: Marouane Balmakhtar, Carl J. Persson, Arun Rajagopal
-
Patent number: 10055578Abstract: A computer system that comprises a processor, a non-transitory memory, and a system application stored in the non-transitory memory. When executed by the processor, the application receives a request to create a software container, creates the container, generates a signature of the container, creates a container security token that comprises the signature and embeds the container security token in the container, and returns the container with the embedded container security token.Type: GrantFiled: May 17, 2016Date of Patent: August 21, 2018Assignee: Sprint Communications Company L.P.Inventors: Ronald R. Marquardt, Lyle W. Paczkowski, Carl J. Persson, Arun Rajagopal
-
Patent number: 9977914Abstract: An electronic device. The electronic device comprises a memory comprising a confidential information region and a non-confidential information region, a processor, and an application stored in the memory. When executed by the processor, the application determines if a reboot has occurred after a most recent power-off boot, where a reboot takes place without removing power from the processor and memory and, in response to determining that the reboot occurred after the most recent power-off boot, prevents access of applications to the confidential information region in the memory.Type: GrantFiled: February 25, 2016Date of Patent: May 22, 2018Assignee: Sprint Communications Company L.P.Inventors: Lyle W. Paczkowski, William M. Parsel, Carl J. Persson, Matthew C. Schlesener
-
Patent number: 9811672Abstract: A method of provisioning a subordinate trusted security zone in a processor having a trusted security zone. The method comprises receiving by a master trusted application executing in a master trusted security zone of the processor a request to provision a subordinate trusted security zone in the processor, wherein the request comprises a master trusted security zone key, wherein the request designates the subordinate trusted security zone, and wherein the request defines an independent key. The method further comprises provisioning by the master trusted application the subordinate trusted security zone to be accessible based on the independent key.Type: GrantFiled: September 15, 2015Date of Patent: November 7, 2017Assignee: Sprint Communications Company L.P.Inventors: Stephen J. Bye, Lyle W. Paczkowski, William M. Parsel, Carl J. Persson, Matthew C. Schlesener, Trevor D. Shipley
-
Patent number: 9779232Abstract: A user equipment. The user equipment comprises a processor, a memory, a trusted security zone, wherein the trusted security zone provides hardware assisted trust, a ticket generator stored in the trusted security zone to generate a plurality of access codes, and a code generator stored in the trusted security zone. The code generator generates a different one-time-password for each of the plurality of access codes, wherein the one-time-password is not displayed on the user equipment, stores the one-time-password in the trusted security zone, and transmits the one-time-password to a trusted server through a trusted channel. Responsive to an associated access code from the plurality of access codes being displayed and upon request of a user of the user equipment, the code generator displays the one-time-password and invalidates the one-time-password promptly after the display ends.Type: GrantFiled: January 14, 2015Date of Patent: October 3, 2017Assignee: Sprint Communications Company L.P.Inventors: Lyle W. Paczkowski, William M. Parsel, Carl J. Persson, Matthew C. Schlesener
-
Patent number: 9619810Abstract: A method for providing dynamically-assembled content targeted to a mobile service subscriber. The method comprises receiving, by a server computer, information about a mobile device that is connecting to the server computer; determining, by the server computer, a mobile service subscriber profile, based on the information; determining, by the server computer, a criteria for selecting content, based on the mobile service subscriber profile; dynamically assembling, by the server computer, content for the mobile service subscriber based on the criteria; providing the dynamically-assembled content to the mobile device; monitoring a response of the mobile service subscriber to receiving the content; and providing information of the response of the mobile service subscriber to a content provider.Type: GrantFiled: October 11, 2011Date of Patent: April 11, 2017Assignee: Sprint Communications Company L.P.Inventors: Robin Dale Katzer, Brian D. Mauer, Carl J. Persson
-
Patent number: 9613208Abstract: An electronic device comprises a processor, a permissive sector, a trusted security zone that is separate from the permissive sector, a hardware driver, a first trusted application, stored in the trusted security zone, that is configured to invoke the hardware driver in response to activation instructions, and a second trusted application, stored in the trusted security zone, that when executed on the processor, configures the processor to: amass information about an uncompromised state of the hardware driver, store the information about the uncompromised state of the hardware driver in the trusted security zone, and compare, in response to receipt of activation instructions by the first trusted application, the information about the uncompromised state of the hardware driver with a current state of the hardware driver, and perform an action in response to a result of the comparison.Type: GrantFiled: March 13, 2013Date of Patent: April 4, 2017Assignee: Sprint Communications Company L.P.Inventors: Lyle W. Paczkowski, William M. Parsel, Carl J. Persson, Matthew C. Schlesener
-
Patent number: 9374363Abstract: Systems and methods disclosed herein relate to the protection of a plurality of protected personas on a protected network that may be isolated from a telecommunication service provider's network that supports a portable electronic device. The plurality of personas may be generated by the owners and/or administrators of the network on which the personas reside. Activating a persona on a device, whether that device is owned and maintained by the business or businesses affiliated with the protected network, enables access to a plurality of data on the business's network and restricts access to at least some of the capabilities and functionality of the device available under the original persona. Data created or modified while the protected persona is activated on the device may not be accessed while the original persona is active and may be uploaded dynamically or manually to the protected network.Type: GrantFiled: March 15, 2013Date of Patent: June 21, 2016Assignee: Sprint Communications Company L.P.Inventors: Lyle W. Paczkowski, William M. Parsel, Carl J. Persson, Matthew C. Schlesener
-
Patent number: 9332107Abstract: A wireless handset for avoiding application interruption is disclosed that comprises a processor, a first component, and a second component. The first component, when executed by the processor, supports an application interruption avoidance feature that promotes preventing an incoming voice call from interrupting an application and forwarding the voice call to a voice mail server. Optionally, the first component also supports alerting a user without interrupting the in-progress application with one of a voice mail notification and an incoming call notification. The second component, when executed by the processor, is configured to receive control inputs to activate the application interruption avoidance feature and to deactivate the application interruption avoidance feature to allow a new voice call to come to the handset.Type: GrantFiled: November 30, 2007Date of Patent: May 3, 2016Assignee: Sprint Communications Company L.P.Inventors: Carl J. Persson, Sarah A. Persson
-
Patent number: 9268959Abstract: A method of trusted data communication. The method comprises executing a data communication application in a trusted security zone of a processor, wherein the processor is a component of a computer, commanding a controller of a peripheral device to execute a control application in a trusted security zone of the controller, wherein the controller is a component of the computer, commanding at least one of another peripheral device or a user interface device to not access a data bus of the computer, verifying that the controller is executing the control application in the trusted security zone of the controller, sending data from the processor to the controller over the data bus of the computer, and the controller one of transmitting the data sent by the processor on an external communication link, reading a memory storage disk, or writing to a memory storage disk.Type: GrantFiled: January 6, 2014Date of Patent: February 23, 2016Assignee: Sprint Communications Company L.P.Inventors: Lyle W. Paczkowski, William M. Parsel, Carl J. Persson, Matthew C. Schlesener
-
Publication number: 20160004876Abstract: A method of provisioning a subordinate trusted security zone in a processor having a trusted security zone. The method comprises receiving by a master trusted application executing in a master trusted security zone of the processor a request to provision a subordinate trusted security zone in the processor, wherein the request comprises a master trusted security zone key, wherein the request designates the subordinate trusted security zone, and wherein the request defines an independent key. The method further comprises provisioning by the master trusted application the subordinate trusted security zone to be accessible based on the independent key.Type: ApplicationFiled: September 15, 2015Publication date: January 7, 2016Inventors: Stephen J. Bye, Lyle W. Paczkowski, William M. Parsel, Carl J. Persson, Matthew C. Schlesener, Trevor D. Shipley
-
Patent number: 9230085Abstract: A method of executing a trusted application on a trusted security zone enabled electronic device. The method comprises responsive to a trusted security subzone not being provisioned on the electronic device, generating, by a server, a temporary trust token, transmitting the temporary trust token to the electronic device, and comparing the temporary trust token with a plurality of trust tokens stored in the electronic device to determine the trustworthiness of the temporary trust token.Type: GrantFiled: July 29, 2014Date of Patent: January 5, 2016Assignee: Sprint Communications Company L.P.Inventors: Lyle W. Paczkowski, William M. Parsel, Carl J. Persson, Matthew C. Schlesener