Patents by Inventor Charles Mortimore
Charles Mortimore has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11841967Abstract: System and methods of the disclosed subject matter provide segregating, at a memory storage coupled to a multitenant database system, first tenant data of a first tenant from at least second tenant data of a second tenant, based on a first tenant identifier. A first encryption key associated with the first tenant may be retrieved from a key cache memory based on the first tenant identifier, to encrypt one or more fragments of the first tenant data. The fragments of the first tenant data may be encrypted based on the retrieved encryption key. Non-encrypted header information may be generated for each of the encrypted fragments of the first tenant data, where the header information may have metadata including the first tenant identifier. The encrypted fragments of the first tenant data and the corresponding non-encrypted header information may be stored in the immutable storage.Type: GrantFiled: December 27, 2021Date of Patent: December 12, 2023Assignee: Salesforce, Inc.Inventors: Terry Chong, Jameison Bear Martin, Thomas Fanghaenel, Andrew Tucker, Nathaniel Wyatt, Raghavendran Hanumantharau, Assaf Ben Gur, William Charles Mortimore, Jr.
-
Patent number: 11720908Abstract: Data to define a travel rewards promotion is received over a network. The travel rewards promotion comprises traveler eligibility criteria and travel rewards criteria. At least one traveler is selected where the travel itinerary of the respective traveler matches traveler eligibility criteria for the promotion. The traveler is notified that he or she is eligible for the travel rewards promotion, the notification comprising a representation of the travel rewards criteria. A travel rewards promotion total is then compiled for the traveler and the traveler is notified of his or her respective promotion rewards total. In one embodiment, the traveler's current context is determined and matched to promotion alert criteria. The traveler is then alerted, over the network, that a travel rewards promotion is available to the respective traveler in the respective traveler's current context, the alert comprising a representation of the travel rewards criteria.Type: GrantFiled: January 30, 2020Date of Patent: August 8, 2023Assignee: Deem, Inc.Inventors: William Charles Mortimore, Jr., Gautam Aggarwal, Jeffrey Low
-
Patent number: 11700112Abstract: Methods, systems, and devices for distributed caching of encrypted encryption keys are described. Some multi-tenant database systems may support encryption of data records. To efficiently handle multiple encryption keys across multiple application servers, the database system may store the encryption keys in a distributed cache accessible by each of the application servers. To securely cache the encryption keys, the database system may encrypt (e.g., wrap) each data encryption key (DEK) using a second encryption key (e.g., a key encryption key (KEK)). The database system may store the DEKs and KEKs in separate caches to further protect the encryption keys. For example, while the encrypted DEKs may be stored in the distributed cache, the KEKs may be stored locally on application servers. The database system may further support “bring your own key” (BYOK) functionality, where a user may upload a tenant secret or tenant-specific encryption key to the database.Type: GrantFiled: April 30, 2020Date of Patent: July 11, 2023Assignee: Salesforce, Inc.Inventors: Alexandre Hersans, John Bracken, Assaf Ben Gur, William Charles Mortimore, Jr., Swaroop Shere
-
Patent number: 11677732Abstract: Techniques are disclosed relating to contextual authentication across different applications based on user communications. In some embodiments, a user is preauthenticated to certain actions on a second application based on the user's communication via a first application. The user's communication via a first application provides contextual information that may be used to preauthenticate a request to perform an action on the second application. Contextual information may include the user's communication itself, communications characteristics that are determined from the user's communications, or both.Type: GrantFiled: May 15, 2020Date of Patent: June 13, 2023Assignee: Salesforce, Inc.Inventors: Josh Alexander, Seth Holloway, Evan Tyler Grim, Ian Glazer, William Charles Mortimore, Jr.
-
Publication number: 20220121766Abstract: System and methods of the disclosed subject matter provide segregating, at a memory storage coupled to a multitenant database system, first tenant data of a first tenant from at least second tenant data of a second tenant, based on a first tenant identifier. A first encryption key associated with the first tenant may be retrieved from a key cache memory based on the first tenant identifier, to encrypt one or more fragments of the first tenant data. The fragments of the first tenant data may be encrypted based on the retrieved encryption key. Non-encrypted header information may be generated for each of the encrypted fragments of the first tenant data, where the header information may have metadata including the first tenant identifier. The encrypted fragments of the first tenant data and the corresponding non-encrypted header information may be stored in the immutable storage.Type: ApplicationFiled: December 27, 2021Publication date: April 21, 2022Inventors: Terry Chong, Jameison Bear Martin, Thomas Fanghaenel, Andrew Tucker, Nathaniel Wyatt, Raghavendran Hanumantharau, Assaf Ben Gur, William Charles Mortimore, JR.
-
Patent number: 11238174Abstract: System and methods of the disclosed subject matter provide segregating, at a memory storage coupled to a multitenant database system, first tenant data of a first tenant from at least second tenant data of a second tenant, based on a first tenant identifier. A first encryption key associated with the first tenant may be retrieved from a key cache memory based on the first tenant identifier, to encrypt one or more fragments of the first tenant data. The fragments of the first tenant data may be encrypted based on the retrieved encryption key. Non-encrypted header information may be generated for each of the encrypted fragments of the first tenant data, where the header information may have metadata including the first tenant identifier. The encrypted fragments of the first tenant data and the corresponding non-encrypted header information may be stored in the immutable storage.Type: GrantFiled: January 31, 2019Date of Patent: February 1, 2022Assignee: salesforce.com, inc.Inventors: Terry Chong, Jameison Bear Martin, Thomas Fanghaenel, Andrew Tucker, Nathaniel Wyatt, Raghavendran Hanumantharau, Assaf Ben-Gur, William Charles Mortimore, Jr.
-
Patent number: 11128624Abstract: Systems, methods, and apparatuses for implementing authentication of a user login to an external website from a community in a cloud based computing environment. An exemplary system having at least a processor and a memory therein includes means for identifying a first domain where a user is to be allowed to login to an external web page hosted thereon, and means for connecting the external web page with a community of a cloud computing environment hosted on a second domain different than the identified first domain, the connecting means handling how the connected community authenticates the user when the user logs into the external web page and providing one of a plurality of login experiences for the user based on conditions determined at run time.Type: GrantFiled: September 24, 2018Date of Patent: September 21, 2021Assignee: salesforce.com, inc.Inventors: Albert Wijaya, Benjamin Chu, William Charles Mortimore, Jr., Ian Glazer, Matthew Bahrenburg, Prashanth Mahalingam Ganesan, Puneet Dhaliwal
-
Publication number: 20210226788Abstract: Disclosed are some implementations of systems, apparatus, methods and computer program products for facilitating the authentication of computing system requests across tenants of at least one multi-tenant database system. Authentication is facilitated using a central registry that is accessible by and independent from the tenants of the multi-tenant database system.Type: ApplicationFiled: February 22, 2021Publication date: July 22, 2021Inventors: Matthew Bahrenburg, Alan Vangpat, Anupam Jain, William Charles Mortimore, JR., Srinath Krishna Ananthakrishnan, Peter S. Wisnovsky
-
Patent number: 11016791Abstract: Methods and systems are provided for configuring for declaratively configuring a user self-registration process and a user self-registration page process for a particular service provider. A graphical user interface is displayed that includes a plurality of options for declaratively configuring different user self-registration processes and corresponding user self-registration pages for the particular service provider. One of the options can be selected, and a type of identifier and a type of verification process can be specified from different types for each. The type of identifier is associated with a user to be verified as part of the user self-registration process, and can be specified to define how the user is identified and looked-up during the user self-registration process. The type of verification process can define how the user will be verified as part of the user self-registration process.Type: GrantFiled: May 28, 2020Date of Patent: May 25, 2021Assignee: salesforce.com, Inc.Inventors: Sergio Isaac Koren, Alan Vangpat, William Charles Mortimore, Jr., Ian Glazer
-
Patent number: 10958431Abstract: Disclosed are some implementations of systems, apparatus, methods and computer program products for facilitating the authentication of computing system requests across tenants of at least one multi-tenant database system. Authentication is facilitated using a central registry that is accessible by and independent from the tenants of the multi-tenant database system.Type: GrantFiled: May 30, 2018Date of Patent: March 23, 2021Assignee: salesforce.com, inc.Inventors: Matthew Bahrenburg, Alan Vangpat, Anupam Jain, William Charles Mortimore, Jr., Srinath Krishna Ananthakrishnan, Peter S. Wisnovsky
-
Publication number: 20200322139Abstract: Methods, systems, and devices for distributed caching of encrypted encryption keys are described. Some multi-tenant database systems may support encryption of data records. To efficiently handle multiple encryption keys across multiple application servers, the database system may store the encryption keys in a distributed cache accessible by each of the application servers. To securely cache the encryption keys, the database system may encrypt (e.g., wrap) each data encryption key (DEK) using a second encryption key (e.g., a key encryption key (KEK)). The database system may store the DEKs and KEKs in separate caches to further protect the encryption keys. For example, while the encrypted DEKs may be stored in the distributed cache, the KEKs may be stored locally on application servers. The database system may further support “bring your own key” (BYOK) functionality, where a user may upload a tenant secret or tenant-specific encryption key to the database.Type: ApplicationFiled: April 30, 2020Publication date: October 8, 2020Inventors: Alexandre Hersans, John Bracken, Assaf Ben Gur, William Charles Mortimore, JR., Swaroop Shere
-
Publication number: 20200293340Abstract: Methods and systems are provided for configuring for declaratively configuring a user self-registration process and a user self-registration page process for a particular service provider. A graphical user interface is displayed that includes a plurality of options for declaratively configuring different user self-registration processes and corresponding user self-registration pages for the particular service provider. One of the options can be selected, and a type of identifier and a type of verification process can be specified from different types for each. The type of identifier is associated with a user to be verified as part of the user self-registration process, and can be specified to define how the user is identified and looked-up during the user self-registration process. The type of verification process can define how the user will be verified as part of the user self-registration process.Type: ApplicationFiled: May 28, 2020Publication date: September 17, 2020Applicant: salesforce.com, Inc.Inventors: Sergio Isaac Koren, Alan Vangpat, William Charles Mortimore, JR., Ian Glazer
-
Publication number: 20200280552Abstract: Techniques are disclosed relating to contextual authentication across different applications based on user communications. In some embodiments, a user is preauthenticated to certain actions on a second application based on the user's communication via a first application. The user's communication via a first application provides contextual information that may be used to preauthenticate a request to perform an action on the second application. Contextual information may include the user's communication itself, communications characteristics that are determined from the user's communications, or both.Type: ApplicationFiled: May 15, 2020Publication date: September 3, 2020Inventors: Josh Alexander, Seth Holloway, Evan Tyler Grim, Ian Glazer, William Charles Mortimore, JR.
-
Patent number: 10764277Abstract: Mechanisms and techniques for customized user validation. A login attempt is received from a remote electronic device with one or more computing devices that provide access to one or more resources. The login attempt is analyzed to determine a profile from a plurality of profiles corresponding to the login attempt. The one or more computing devices support the plurality profiles with each profile having a corresponding flow. The flow corresponding to the profile is performed prior to allowing continuation of the login attempt. The login attempt is continued, via the one or more computing devices, after the flow corresponding to the profile is completed. Access is granted to the one or more resources, via the one or more computing devices, in response to a successful completion of the login attempt.Type: GrantFiled: July 9, 2018Date of Patent: September 1, 2020Assignee: salesforce.com, inc.Inventors: William Charles Mortimore, Jr., Sergio Isaac Koren, Paul Anthony Mason, Alan Vangpat
-
Publication number: 20200250325Abstract: System and methods of the disclosed subject matter provide segregating, at a memory storage coupled to a multitenant database system, first tenant data of a first tenant from at least second tenant data of a second tenant, based on a first tenant identifier. A first encryption key associated with the first tenant may be retrieved from a key cache memory based on the first tenant identifier, to encrypt one or more fragments of the first tenant data. The fragments of the first tenant data may be encrypted based on the retrieved encryption key. Non-encrypted header information may be generated for each of the encrypted fragments of the first tenant data, where the header information may have metadata including the first tenant identifier. The encrypted fragments of the first tenant data and the corresponding non-encrypted header information may be stored in the immutable storage.Type: ApplicationFiled: January 31, 2019Publication date: August 6, 2020Inventors: Terry Chong, Jameison Bear Martin, Thomas Fanghaenel, Andrew Tucker, Nathaniel Wyatt, Raghavendran Hanumantharau, Assaf Ben-Gur, William Charles Mortimore, JR.
-
Patent number: 10705928Abstract: Systems, methods, and apparatuses for implementing tenant-to-tenant failover in a multi-tenant could computing environment. An exemplary system having at least a processor and a memory therein includes means for identifying a first one of a plurality of tenants in a multi-tenant cloud computing system as a primary tenant for providing a function, identifying a second one of the plurality of tenants in the multi-tenant cloud computing system as a secondary tenant for providing the function should the primary tenant become unavailable, providing the function in the multi-tenant cloud computing system via the primary tenant when the primary tenant is available, and switching to providing the function in the multi-tenant cloud computing environment via the secondary tenant when the primary tenant is unavailable and the secondary tenant is available.Type: GrantFiled: August 28, 2018Date of Patent: July 7, 2020Assignee: salesforce.com, inc.Inventors: William Charles Mortimore, Jr., Matthew Wong, Matthew Bahrenburg, Puneet Dhaliwal, Anupam Jain, Steven S. Lawrance
-
Patent number: 10680804Abstract: Methods, systems, and devices for distributed caching of encrypted encryption keys are described. Some multi-tenant database systems may support encryption of data records. To efficiently handle multiple encryption keys across multiple application servers, the database system may store the encryption keys in a distributed cache accessible by each of the application servers. To securely cache the encryption keys, the database system may encrypt (e.g., wrap) each data encryption key (DEK) using a second encryption key (e.g., a key encryption key (KEK)). The database system may store the DEKs and KEKs in separate caches to further protect the encryption keys. For example, while the encrypted DEKs may be stored in the distributed cache, the KEKs may be stored locally on application servers. The database system may further support “bring your own key” (BYOK) functionality, where a user may upload a tenant secret or tenant-specific encryption key to the database.Type: GrantFiled: September 27, 2017Date of Patent: June 9, 2020Assignee: salesforce.com, inc.Inventors: Alexandre Hersans, John Bracken, Assaf Ben Gur, William Charles Mortimore, Jr., Swaroop Shere
-
Publication number: 20200167803Abstract: Data to define a travel rewards promotion is received over a network. The travel rewards promotion comprises traveler eligibility criteria and travel rewards criteria. At least one traveler is selected where the travel itinerary of the respective traveler matches traveler eligibility criteria for the promotion. The traveler is notified that he or she is eligible for the travel rewards promotion, the notification comprising a representation of the travel rewards criteria. A travel rewards promotion total is then compiled for the traveler and the traveler is notified of his or her respective promotion rewards total. In one embodiment, the traveler's current context is determined and matched to promotion alert criteria. The traveler is then alerted, over the network, that a travel rewards promotion is available to the respective traveler in the respective traveler's current context, the alert comprising a representation of the travel rewards criteria.Type: ApplicationFiled: January 30, 2020Publication date: May 28, 2020Inventors: William Charles Mortimore, Gautam Aggarwal, Jeffrey Low
-
Patent number: 10659446Abstract: Techniques are disclosed relating to contextual authentication across different applications based on user communications. In some embodiments, a user is preauthenticated to certain actions on a second application based on the user's communication via a first application. The user's communication via a first application provides contextual information that may be used to preauthenticate a request to perform an action on the second application. Contextual information may include the user's communication itself and/or communications characteristics that are determined from the user's communications.Type: GrantFiled: June 13, 2017Date of Patent: May 19, 2020Assignee: salesforce.com, inc.Inventors: Josh Alexander, Seth Holloway, Evan Tyler Grim, Ian Glazer, William Charles Mortimore, Jr.
-
Publication number: 20200099685Abstract: Systems, methods, and apparatuses for implementing authentication of a user login to an external website from a community in a cloud based computing environment. An exemplary system having at least a processor and a memory therein includes means for identifying a first domain where a user is to be allowed to login to an external web page hosted thereon, and means for connecting the external web page with a community of a cloud computing environment hosted on a second domain different than the identified first domain, the connecting means handling how the connected community authenticates the user when the user logs into the external web page and providing one of a plurality of login experiences for the user based on conditions determined at run time.Type: ApplicationFiled: September 24, 2018Publication date: March 26, 2020Inventors: Albert Wijaya, Benjamin Chu, William Charles Mortimore, JR., Ian Glazer, Matthew Bahrenburg, Prashanth Mahalingam Ganesan, Puneet Dhaliwal