Patents by Inventor Ezra Darshan
Ezra Darshan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240095314Abstract: Various implementations include distributing DRM processing between a DRM key protection system and multiple receiving devices. To that end, a method includes receiving a first encrypted content key associated with a first receiving device, and receiving a second encrypted content key associated with a second receiving device. The method includes processing the first encrypted content key to generate a first decrypted content key, and processing the second encrypted content key to generate a second decrypted content key. The method includes generating a first protected content key based on the first decrypted content key, and generating a second protected content key based on the second decrypted content key. The method includes providing the first protected content key to the first receiving device, and providing the second protected content key to the second receiving device.Type: ApplicationFiled: September 15, 2022Publication date: March 21, 2024Inventors: Ezra Darshan, Thomas Paul Burnley
-
Publication number: 20230132485Abstract: Techniques for enhancing security for thin client devices in hybrid edge cloud systems are described. In accordance with various embodiments, the hybrid system includes a cloud computing platform (e.g., the cloud) and an edge device (e.g., the edge). The cloud extracts key(s) for authentication and session establishment. The cloud also utilizes the key(s) to establish a session between the edge and a client device. The cloud additionally authorizes a content request from the client device for a media content item over the session and extracts a content key upon successful authorization. The edge caches the key(s), obtains the content key at the time of receiving the content request from the client device and transmits the content key and the key(s) with the media content item to the client device.Type: ApplicationFiled: November 2, 2021Publication date: May 4, 2023Inventors: Ezra Darshan, Steven Jason Epstein, Michal Irit Devir, Yosef Tsuria
-
Publication number: 20220417241Abstract: Techniques for server control of client authorization proof of possession are described herein. In various embodiments, a first server provisions client authorization proof of possession for a client device a real-world time, a client public key, and a client private key. The first server generates provisioning response message(s) including the client public key, the client private key, the real-world time, and/or an assertion object, and sends the message(s) to the client device. In various embodiments, a client device obtains an authorization proof token generated based on a client public key, a client private key, and a real-world time provisioned by a first server. The client device generates a request and sends the request to a second server, the request includes the authorization proof token and an assertion object from the first server signed by a server private key and an expiration time and a reference to the client public key.Type: ApplicationFiled: January 26, 2022Publication date: December 29, 2022Inventors: Itai Ephraim Zilbershtein, Moshe Elad, Ezra Darshan, David Livshits, Michael Joseph Burns, Assaf Yosef Tamir
-
Publication number: 20220417028Abstract: Techniques for server control of client authorization proof of possession are described herein. In various embodiments, a first server provisions client authorization proof of possession for a client device a real-world time, a client public key, and a client private key. The first server generates provisioning response message(s) including the client public key, the client private key, the real-world time, and/or an assertion object, and sends the message(s) to the client device. In various embodiments, a client device obtains an authorization proof token generated based on a client public key, a client private key, and a real-world time provisioned by a first server. The client device generates a request and sends the request to a second server, the request includes the authorization proof token and an assertion object from the first server signed by a server private key and an expiration time and a reference to the client public key.Type: ApplicationFiled: January 26, 2022Publication date: December 29, 2022Inventors: Itai Ephraim Zilbershtein, Moshe Elad, Ezra Darshan, David Livshits, Michael Joseph Burns, Assaf Yosef Tamir
-
Publication number: 20210294820Abstract: In one embodiment, a device discovery system includes a data storage medium to store a clustered data structure including device signatures grouped according to clusters. Each device signature includes device information. Each cluster from a sub-set of the clusters has a different device name. The system also includes an input/output sub-system to receive, from a remote device, a first device signature describing information about a first device, and a processor to perform a decision process based on the clustered data structure with the first device signature as input yielding an output including a first device name or an indication that a name associated with the first device signature is unknown. The processor is operative to prepare a response message including data about the output. The input/output sub-system is operative to send the response message to the remote device.Type: ApplicationFiled: June 9, 2021Publication date: September 23, 2021Inventors: Steve EPSTEIN, Ezra DARSHAN, Harel CAIN, Shali MOR
-
Patent number: 10785234Abstract: In one example, a method includes for each one time period of a plurality of time periods performing a weighted random selection of a first set of intrusion detection/protection system rules from a plurality of rules, each rule of the plurality of rules having an associated probability of selection, preparing a packet inspection plan including the first set of intrusion detection/protection system rules, and sending the packet inspection plan to a network distribution device to inspect packets according to the packet inspection plan. Related apparatus and methods are also described.Type: GrantFiled: June 22, 2016Date of Patent: September 22, 2020Assignee: CISCO TECHNOLOGY, INC.Inventors: Hillel Solow, Steve Epstein, Ezra Darshan, Arnold Zucker, Shali Mor, Asaf Cohen
-
Patent number: 10575066Abstract: Techniques for use in determining redress measures for a television (TV) service outage based on impact analysis are described. A TV service outage may be associated with a TV system apparatus including a TV user interface (UI). In one illustrative example, one or more subscribers impacted by the TV service outage are determined. An impact score is determined for each one of the subscribers. A redress measure for each one of the subscribers is then determined in accordance with their corresponding impact scores. An impacted subscriber and/or an impact score may be determined based at least in part on subscriber TV usage data or subscriber TV UI usage data.Type: GrantFiled: January 30, 2019Date of Patent: February 25, 2020Assignee: Synamedia LimitedInventors: Steven Carl Gorretta, Steven Jason Epstein, Marcelo Blatt, Ezra Darshan
-
Publication number: 20190166408Abstract: Techniques for use in determining redress measures for a television (TV) service outage based on impact analysis are described. A TV service outage may be associated with a TV system apparatus including a TV user interface (UI). In one illustrative example, one or more subscribers impacted by the TV service outage are determined. An impact score is determined for each one of the subscribers. A redress measure for each one of the subscribers is then determined in accordance with their corresponding impact scores. An impacted subscriber and/or an impact score may be determined based at least in part on subscriber TV usage data or subscriber TV UI usage data.Type: ApplicationFiled: January 30, 2019Publication date: May 30, 2019Inventors: Steven Carl Gorretta, Steven Jason Epstein, Marcelo Blatt, Ezra Darshan
-
Patent number: 10284588Abstract: In one embodiment, a method for assessing security posture for entities in a computing network is implemented on a computing device and includes: receiving behavior data from one or more of the entities, where the behavior data is associated with at least activity on the computing network by the one or more entities, calculating a risk score for at least one of the entities by comparing the behavior data with a classification model, where the classification model represents at least a baseline for normative network behavior by the entities in a computing network, assessing a security posture for the at least one the entities based on the risk score, and allocating network security resources to the at least one of the entities at least in accordance with the security posture.Type: GrantFiled: September 27, 2016Date of Patent: May 7, 2019Assignee: Cisco Technology, Inc.Inventors: Hillel Solow, Ezra Darshan, Harel Cain, Steve Epstein, Arnold Zucker
-
Patent number: 10250950Abstract: Techniques for use in determining redress measures for a television (TV) service outage based on impact analysis are described. A TV service outage may be associated with a TV system apparatus including a TV user interface (UI). In one illustrative example, one or more subscribers impacted by the TV service outage are determined. An impact score is determined for each one of the subscribers. A redress measure for each one of the subscribers is then determined in accordance with their corresponding impact scores. An impacted subscriber and/or an impact score may be determined based at least in part on subscriber TV usage data or subscriber TV UI usage data.Type: GrantFiled: June 20, 2017Date of Patent: April 2, 2019Assignee: SYNAMEDIA LIMITEDInventors: Steven Carl Gorretta, Steven Jason Epstein, Marcelo Blatt, Ezra Darshan
-
Publication number: 20180192157Abstract: Techniques for use in determining redress measures for a television (TV) service outage based on impact analysis are described. A TV service outage may be associated with a TV system apparatus including a TV user interface (UI). In one illustrative example, one or more subscribers impacted by the TV service outage are determined. An impact score is determined for each one of the subscribers. A redress measure for each one of the subscribers is then determined in accordance with their corresponding impact scores. An impacted subscriber and/or an impact score may be determined based at least in part on subscriber TV usage data or subscriber TV UI usage data.Type: ApplicationFiled: June 20, 2017Publication date: July 5, 2018Inventors: Steven Carl Gorretta, Steven Jason Epstein, Marcelo Blatt, Ezra Darshan
-
Publication number: 20180091540Abstract: In one embodiment, a method for assessing security posture for entities in a computing, network is implemented On a computing device and includes: receiving behavior data from one or more of the entities, where the behavior data is associated with at least activity on the computing network by the one or more entities, calculating a risk score for at least one of the entities by comparing the behavior data with a classification model, where the classification model represents at least a baseline for normative network behavior by the entities in a computing network, assessing a security posture for the at least one the entities based on the risk score, and allocating network security resources to the at least one of the entities at least in accordance with the security posture.Type: ApplicationFiled: September 27, 2016Publication date: March 29, 2018Inventors: Hillel SOLOW, Ezra DARSHAN, Harel CAIN, Steve EPSTEIN, Arnold ZUCKER
-
Publication number: 20170374082Abstract: In one embodiment, a method includes for each one time period of a plurality of time periods performing a weighted random selection of a first set of intrusion detection/protection system rules from a plurality of rules, each rule of the plurality of rules having an associated probability of selection, preparing a packet inspection plan including the first set of intrusion detection/protection system rules, and sending the packet inspection plan to a network distribution device to inspect packets according to the packet inspection plan. Related apparatus and methods are also described.Type: ApplicationFiled: June 22, 2016Publication date: December 28, 2017Inventors: Hillel SOLOW, Steve EPSTEIN, Ezra DARSHAN, Arnold ZUCKER, Shali MOR, Asaf COHEN
-
Publication number: 20170339190Abstract: In one embodiment, a system includes a hardware processor and a memory to store data used by the hardware processor, wherein the hardware processor is operative to calculate, for each one device of a plurality of devices, a device-specific packet inspection plan based on (a) a security vulnerability score for the one device; and (b) a damage score for the one device, wherein for each one device of the plurality of devices, the device-specific packet inspection plan includes at least one of the following (a) a percentage of a plurality of packets, destined for the one device, to be inspected for compliance with at least one intrusion detection/protection system rule and (b) instructions on which intrusion detection/protection system rules to use to inspect a multiplicity of the plurality of packets destined for the one device. Related apparatus and methods are also described.Type: ApplicationFiled: May 23, 2016Publication date: November 23, 2017Inventors: Steve EPSTEIN, Hillel SOLOW, Ezra DARSHAN
-
Publication number: 20170262523Abstract: In one embodiment, a device discovery system includes a data storage medium to store a clustered data structure including device signatures grouped according to clusters. Each device signature includes device information. Each cluster from a sub-set of the clusters has a different device name. The system also includes an input/output sub-system to receive, from a remote device, a first device signature describing information about a first device, and a processor to perform a decision process based on the clustered data structure with the first device signature as input yielding an output including a first device name or an indication that a name associated with the first device signature is unknown. The processor is operative to prepare a response message including data about the output. The input/output sub-system is operative to send the response message to the remote device.Type: ApplicationFiled: March 14, 2016Publication date: September 14, 2017Inventors: Steve EPSTEIN, Ezra DARSHAN, Harel CAIN, Shali MOR
-
Patent number: 9390754Abstract: A method for producing an auxiliary video stream arranged for reverse trick mode playback from a video stream including a plurality of uni-directional predicted frames, the method including producing the auxiliary video stream by performing the following steps copying each uni-directional predicted frame included in the video stream into a memory, thereby producing a plurality of copied frames in the memory, replacing each one of the plurality of copied frames with one corresponding supplemental frame, thereby producing a plurality of corresponding supplemental frames, and producing a copy of the video stream arranged in reverse processing order, the producing a copy including replacing each frame which corresponds to one of the plurality of copied frames with the one corresponding supplemental frame from among the plurality of corresponding supplemental frames. Related methods and systems are also described.Type: GrantFiled: May 12, 2014Date of Patent: July 12, 2016Assignee: Cisco Technology Inc.Inventors: Stephanie Wald, Ezra Darshan, David Fink, Kevin Murray
-
Patent number: 9166713Abstract: A method for providing access to operation information relating to a digital signal, including providing a digital signal encoded, in accordance with a layered encoding scheme, in a plurality of layers, and extracting operation information from a first layer of encoding within the digital signal, and placing the extracted information in a data section in a second layer of encoding within the digital signal. Related methods and apparatus are also described.Type: GrantFiled: June 28, 2005Date of Patent: October 20, 2015Assignee: Cisco Technology Inc.Inventors: Kevin Murray, David Fink, Ezra Darshan
-
Publication number: 20140270720Abstract: A method for producing an auxiliary video stream arranged for reverse trick mode playback from a video stream including a plurality of uni-directional predicted frames, the method including producing the auxiliary video stream by performing the following steps copying each uni-directional predicted frame included in the video stream into a memory, thereby producing a plurality of copied frames in the memory, replacing each one of the plurality of copied frames with one corresponding supplemental frame, thereby producing a plurality of corresponding supplemental frames, and producing a copy of the video stream arranged in reverse processing order, the producing a copy including replacing each frame which corresponds to one of the plurality of copied frames with the one corresponding supplemental frame from among the plurality of corresponding supplemental frames. Related methods and systems are also described.Type: ApplicationFiled: May 12, 2014Publication date: September 18, 2014Inventors: Stephanie Wald, Ezra DARSHAN, David FINK, Kevin MURRAY
-
Patent number: 8787737Abstract: A method for producing an auxiliary video stream arranged for reverse trick mode playback from a video stream including a plurality of uni-directional predicted frames, the method including producing the auxiliary video stream by performing the following steps copying each uni-directional predicted frame included in the video stream into a memory, thereby producing a plurality of copied frames in the memory, replacing each one of the plurality of copied frames with one corresponding supplemental frame, thereby producing a plurality of corresponding supplemental frames, and producing a copy of the video stream arranged in reverse processing order, the producing a copy including replacing each frame which corresponds to one of the plurality of copied frames with the one corresponding supplemental frame from among the plurality of corresponding supplemental frames. Related methods and systems are also described.Type: GrantFiled: June 29, 2006Date of Patent: July 22, 2014Assignee: Cisco Technology Inc.Inventors: Stephanie Wald, Ezra Darshan, David Fink, Kevin Murray
-
Patent number: 8732750Abstract: This invention discloses a method for displaying advertisements transmitted to a user unit, the method includes receiving, at the user unit, at least one advertisement tagged with a delay tag indicating whether display of the at least one advertisement can be delayed and only if the delay tag allows delaying display of the at least one advertisement, storing the at least one advertisement at the user unit, retrieving the at least one advertisement and displaying the at least one advertisement. A billing system for reporting a commercial broadcast to a multiplicity of users is also disclosed.Type: GrantFiled: December 22, 2010Date of Patent: May 20, 2014Assignee: Cisco Technology, Inc.Inventors: Reuven Wachtfogel, Jonathan Maissel, Moshe Kranc, David Richardson, Ezra Darshan, Ron Katz, Yossi Tsuria, Sam Michelson, Mika Krause, Steve Epstein, Moshe Shlissel, Doron Handelman, Shlomo Kipnis, Chaim Shen-Orr