Patents by Inventor Kevin D. Bower

Kevin D. Bower has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11270402
    Abstract: A machine vision system that uses an imager to capture an optical image of a target object that may contain a liquid. The target object is illuminated by an illumination source positioned oppositely from the imager and a predetermined pattern is positioned between the illumination source and the target object so that the imager will capture optical images of the background pattern through any liquid positioned in the target object. A processor is programmed to analyze captured images to detect any distortions of the pattern that are attributable to the presence of a liquid in the target object.
    Type: Grant
    Filed: August 24, 2020
    Date of Patent: March 8, 2022
    Assignee: Novanta Corporation
    Inventors: Mo Chen, Kevin D. Bower
  • Publication number: 20210319039
    Abstract: An apparatus comprises a processing device configured to analyze an unstructured version of a document to read text data contained therein having a nested hierarchical structure comprising two or more levels and to obtain at least one sample item for a given one of the levels in the nested hierarchical structure. The processing device is also configured to determine a list type associated with the at least one sample item, to identify items having the determined list type in the text data as belonging to the given, and to extract portions of the text data corresponding to respective ones of the items having the determined list type. The processing device is further configured to generate a structured version of the document that associates the extracted portions of the text data with the corresponding ones of the items having the determined list type.
    Type: Application
    Filed: April 9, 2020
    Publication date: October 14, 2021
    Inventors: Gregory A. Gerber, JR., Corey J. Carpenter, Kevin D. Bowers
  • Patent number: 11115196
    Abstract: Methods and apparatus are provided for secret sharing with a verifiable reconstruction type. An exemplary method comprises receiving a plurality of shares of a secret generated using a secret splitting scheme; reconstructing the secret if the plurality of shares satisfies a predefined reconstruction threshold; and generating a proof identifying at least one of the plurality of shares used in the reconstruction. The proof is optionally verified by a verifier and the verification is optionally based on auxiliary information derived by the secret splitting scheme used to share the secret. The verifier optionally implements layered access control, for example, based on a rank of the shares used for reconstruction. The reconstructed secret is optionally provided to the verifier. A user can be granted a level of access to a protected resource based on the proof, the reconstructed secret and one or more predefined policies. One or more steps can be proactivized to maintain share freshness.
    Type: Grant
    Filed: December 8, 2015
    Date of Patent: September 7, 2021
    Assignee: EMC IP Holding Company LLC
    Inventors: Nikolaos Triandopoulos, Kevin D. Bowers, Yupeng Zhang
  • Publication number: 20210241231
    Abstract: Techniques are provided for automatically assigning tasks of a collaborative project, such as questions within a risk assessment, to users. One method comprises obtaining a description of multiple tasks of a collaborative project; obtaining a first vector representation of a context of at least one of the tasks; obtaining a second vector representation of a context of at least one user; determining a similarity between one or more first vector representations and one or more second vector representations using one or more similarity criteria. The first and second vector representations may be obtained using natural language processing techniques, word embeddings that translate words into at least one vector, term frequency-inverse document frequency vectorization techniques, and/or a bag-of-words model.
    Type: Application
    Filed: January 31, 2020
    Publication date: August 5, 2021
    Inventors: Brian C. Mullins, Kevin D. Bowers, Victor Malchikov
  • Publication number: 20210056660
    Abstract: A machine vision system that uses an imager to capture an optical image of a target object that may contain a liquid. The target object is illuminated by an illumination source positioned oppositely from the imager and a predetermined pattern is positioned between the illumination source and the target object so that the imager will capture optical images of the background pattern through any liquid positioned in the target object. A processor is programmed to analyze captured images to detect any distortions of the pattern that are attributable to the presence of a liquid in the target object.
    Type: Application
    Filed: August 24, 2020
    Publication date: February 25, 2021
    Applicant: Novanta Corporation
    Inventors: Mo Chen, Kevin D. Bower
  • Patent number: 10635824
    Abstract: Methods and apparatus are provided for private set membership using aggregation for reduced communications. A determination is made as to whether at least one data element of a client is in a data set of a server by: obtaining a transformation of the at least one data element; receiving a response from the server based on the transformation of the at least one data element, wherein the transformation comprises one or more of a Bloom filter-based transformation that employs a Bloom filter comprising a plurality of hash functions and an encryption-based transformation; and determining whether the at least one data element is in the data set based on the response, wherein one or more of the response and the determining is based on a result of at least one aggregation of a plurality of values that depend on the at least one data element and one or more items in the data set.
    Type: Grant
    Filed: March 20, 2015
    Date of Patent: April 28, 2020
    Assignee: EMC IP Holding Company LLC
    Inventors: Nikolaos Triandopoulos, Kevin D. Bowers, James A. Kelley, Alina Oprea, Ronald Rivest
  • Patent number: 10516527
    Abstract: Split-key based cryptography techniques are provided for data protection and synchronization across multiple computing devices of a user. A method performed by a first device of a user comprises encrypting a data using a randomly-generated data encryption key; wrapping the data encryption key with a public key of a second device of the user; and sending the encrypted data and the wrapped data encryption key of the first device wrapped with the public key of the second device to a server. The server sends the encrypted data and the wrapped data encryption key of the first device wrapped with the public key of the second device to the second device. The first device or the second device can access the encrypted data by reconstructing their respective private key using a predefined number of shares obtained using a key splitting scheme.
    Type: Grant
    Filed: September 29, 2015
    Date of Patent: December 24, 2019
    Assignee: EMC IP Holding Company LLC
    Inventors: Salah Machani, Boris Kronrod, Kevin D. Bowers
  • Patent number: 10484419
    Abstract: A method includes extracting one or more code fragments from a first software module and computing fingerprints of the code fragments extracted from the first software module. The method also includes determining a similarity score based on distances between the fingerprints of the code fragments extracted from the first software module and fingerprints of one or more code fragments extracted from at least a second software module, the second software module being classified as a given software module type, each of the fingerprints being computed by application of a fuzzy hash function to a given one of the code fragments. The method further includes classifying the first software module as the given software module type based on the similarity score and modifying access by a given client device to the first software module responsive to classifying the first software module as the given software module type.
    Type: Grant
    Filed: July 31, 2017
    Date of Patent: November 19, 2019
    Assignee: EMC IP Holding Company LLC
    Inventors: Sashka Davis, Kevin Douglas, Kevin D. Bowers
  • Patent number: 10263972
    Abstract: Methods, apparatus and articles of manufacture for authenticating by labeling are provided herein. A method includes identifying each of one or more graphical-based input elements to be associated with a computing device in response to user activity in connection with the computing device; identifying each of one or more graphical-based labels to be assigned to the one or more graphical-based input elements; displaying (i) the one or more graphical-based input elements and (ii) the one or more graphical-based labels via an interface of the computing device; generating a prompt via the computing device interface; and processing input cryptographic information entered via the computing device interface in response to the prompt against (i) the one or more graphical-based input elements and (ii) the one or more graphical-based labels.
    Type: Grant
    Filed: February 16, 2017
    Date of Patent: April 16, 2019
    Assignee: EMC IP Holding Company LLC
    Inventors: Kevin D. Bowers, Salah Machani, Dennis Moreau, Todd A. Morneau, Deepak Pushpakar, Samir Saklikar, Nikolaos Triandopoulos
  • Patent number: 10229260
    Abstract: Methods, apparatus and articles of manufacture for authenticating by labeling are provided herein. A method includes establishing a set of cryptographic information, wherein said set of cryptographic information comprises (i) a set of one or more graphical-based input elements and (ii) one or more graphical-based labels assigned to the set of one or more input elements in accordance with a given arrangement; generating a prompt via a computing device interface in connection with an authentication request to access a protected resource associated with the computing device; processing input cryptographic information entered via the computing device interface in response to the prompt against the set of cryptographic information; and resolving the authentication request based on said processing.
    Type: Grant
    Filed: March 27, 2014
    Date of Patent: March 12, 2019
    Assignee: EMC IP Holding Company LLC
    Inventors: Kevin D. Bowers, Salah Machani, Dennis Moreau, Todd A. Morneau, Deepak Pushpakar, Samir Saklikar, Nikolaos Triandopoulos
  • Patent number: 10129027
    Abstract: A Security Alerting System is provided with dynamic buffer size adaptation. An alert message from a Security Alerting System is transmitted by obtaining the alert message from the Security Alerting System; authenticating the alert message using a secret key known by a server; storing the authenticated alert message in a buffer; transmitting the buffer to the server; and detecting a truncation attack based on generating different cryptographic keys for protection of inserted messages and transmitted buffers, wherein the cryptographic keys for protection of inserted messages are generated in a forward-secure manner in a same order that the messages are inserted in the buffer and wherein the cryptographic keys for protection of transmitted buffers are generated in a forward-secure manner in a same order that the buffers are transmitted over a network.
    Type: Grant
    Filed: February 21, 2018
    Date of Patent: November 13, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Ari Juels, Nikolaos Triandopoulos, Kevin D. Bowers
  • Patent number: 10104104
    Abstract: A security alerting system is provided with a network blockage policy based on alert transmission activity. Alert messages from a Security Alerting System executing on a host indicating a potential compromise of a protected resource are processed by determining if a number of buffer contents received from the host within a predefined time interval satisfies a predefined criteria, the buffer content comprising one or more of the alert messages from the Security Alerting System; and blocking a network connection of the host if the number of buffer contents received from the host within the predefined time interval does not satisfy the predefined criteria. The blocked network connection of the host can optionally be restored when a valid buffer content is received from the host. The predefined criteria is based on the alerting activity of the host.
    Type: Grant
    Filed: June 20, 2013
    Date of Patent: October 16, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Ari Juels, Nikolaos Triandopoulos, Kevin D. Bowers
  • Patent number: 10063562
    Abstract: Techniques of controlling access to a resource involve selecting an authentication scheme for authenticating a user based on an environmental context in which the user is requesting access to the resource. Along these lines, the access control server receives application usage data from a user and separates the data into current environmental factors and current usage factors. In response, the access control server compares the current environmental factors to expected environmental factors for each of multiple predefined environmental contexts. Based on measures of closeness between the current and expected environmental factors, the access control server computes a familiarity score indicative of whether the request to access the resource is recognizable within the particular environmental context.
    Type: Grant
    Filed: March 31, 2016
    Date of Patent: August 28, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Andres D. Molina-Markham, Alina Oprea, Kevin D. Bowers
  • Patent number: 9935770
    Abstract: A Security Alerting System is provided with dynamic buffer size adaptation. An alert message from a Security Alerting System indicating a potential compromise of a protected resource is transmitted by obtaining the alert message from the Security Alerting System; authenticating the alert message using a secret key known by a server, wherein the secret key evolves in a forward-secure manner; storing the authenticated alert message in a buffer, wherein a size of the buffer is based on a connection history of the Security Alerting System; and transmitting the buffer to the server. The alert message can optionally be encrypted. The buffer can be increased in proportion to a duration of a disruption of a connection. The size of the buffer can be increased by adding buffer slots at a location of a current write pointer index. Techniques are also disclosed for detecting truncation attacks and alert message gaps. The alert messages can have a variable size by writing alert message into consecutive buffer slots.
    Type: Grant
    Filed: June 20, 2013
    Date of Patent: April 3, 2018
    Assignee: EMC Corporation
    Inventors: Ari Juels, Nikolaos Triandopoulos, Kevin D. Bowers
  • Patent number: 9838407
    Abstract: A processing device in one embodiment comprises a processor coupled to a memory and is configured to obtain internal log data of a computer network of an enterprise, to extract values of a plurality of designated internal features from the log data, to obtain additional data from one or more external data sources, and to extract values of a plurality of designated external features from the additional data. The extracted values are applied to a regression model based on the internal and external features to generate malicious activity risk scores for respective ones of a plurality of domains, illustratively external domains having fully-qualified domain names (FQDNs). A subset of the domains are identified based on their respective malicious activity risk scores, and one or more proactive security measures are taken against the identified subset of domains. The processing device may be implemented in the computer network or an associated network security system.
    Type: Grant
    Filed: March 30, 2016
    Date of Patent: December 5, 2017
    Assignee: EMC IP Holding Company LLC
    Inventors: Alina M. Oprea, Zhou Li, Robin Norris, Kevin D. Bowers
  • Patent number: 9838355
    Abstract: A method includes receiving a first analytics set performed on a first network security appliance operated internal to a first organization, receiving a second analytics set performed on a second network security appliance operated internal to a second organization, processing the first analytics set and the second analytics set, and responsive to the processing, disseminating to the second network security appliance information indicating that the second analytics set has also been performed on at least the first network security appliance, without revealing an identity of the first organization. In one embodiment at least part of the first analytics set or the second analytics set is hashed.
    Type: Grant
    Filed: September 26, 2016
    Date of Patent: December 5, 2017
    Assignee: EMC IP Holding Company LLC
    Inventors: Yedidya Dotan, Brian P. Girardi, Marcelo Blatt, Oleg Freylafert, Kevin D. Bowers, Michael S. Shreve
  • Patent number: 9817957
    Abstract: A processing device comprises a processor coupled to a memory and is configured to predict or otherwise determine that a user will utilize a target application on a user device in involvement with a particular set of smart objects, to request cryptographic material for activating the smart objects of the set, to receive the cryptographic material responsive to the request, and to utilize the cryptographic material to activate the smart objects. Each of the activated smart objects provides a verifier with a proof of involvement with the user device. The verifier controls user access to the target application based at least in part on the proofs provided by the activated smart objects. The determining, requesting, receiving and utilizing operations in some embodiments are performed by a learning agent running on the processing device. The learning agent illustratively includes functionality for learning target application access behavior of the user over time.
    Type: Grant
    Filed: June 4, 2015
    Date of Patent: November 14, 2017
    Assignee: EMC IP Holding Company LLC
    Inventors: Andres D. Molina-Markham, Kevin D. Bowers, Nikolaos Triandopoulos
  • Patent number: 9740844
    Abstract: Wireless wearable authenticators (WWAs) are provided using attachment to confirm user possession of the WWA. A user is authenticated by receiving authentication information from a wireless, wearable authentication (WWA) device of the user. The authentication information indicates whether the user has substantially continuously worn the WWA since a prior session where the user proved his or her identity to a relying device while wearing the WWA. The user is authenticated based on an evaluation of the authentication information. The authentication information comprises, for example, a credential ? and a current session label J. A value of the current session label J can provide the indication of whether the user has substantially continuously worn the WWA since a prior session where the user proved his or her identity to a relying device while wearing the WWA.
    Type: Grant
    Filed: December 24, 2013
    Date of Patent: August 22, 2017
    Assignee: EMC IP Holding Company LLC
    Inventors: Kevin D. Bowers, Ari Juels, Ronald Rivest
  • Patent number: 9659177
    Abstract: An authentication token configured to generate authentication information comprises an attestation module. The attestation module of the authentication token is configured to receive an attestation generated by an attestation module of a client, to perform a check on the received attestation, and to release the authentication information to a designated entity if the check indicates that the attestation is valid. The designated entity may comprise the client itself or another entity that participates in an authentication process involving at least one of the authentication token and the client. The authentication token in performing the check on the attestation received from the client may determine if the received attestation conforms to a predetermined policy. The attestation may comprise a platform attestation generated by the client for a given instantiated software stack of the client.
    Type: Grant
    Filed: September 24, 2012
    Date of Patent: May 23, 2017
    Assignee: EMC IP Holding Company LLC
    Inventors: Ari Juels, Kevin D. Bowers
  • Patent number: 9621576
    Abstract: There are disclosed techniques for use in detecting malicious websites. In at least one embodiment, there is disclosed a technique for generating a profile in connection with a website. The profile comprising at least one attribute associated with the website. The technique also comprises collecting information relating to the website during a visit to the website. The technique further comprises detecting a change in connection with the website. The detection of the change comprises identifying a variation between the generated profile and the collected information.
    Type: Grant
    Filed: December 31, 2014
    Date of Patent: April 11, 2017
    Assignee: EMC IP Holding Company LLC
    Inventors: Alina Oprea, Sumayah Alrwais, Kevin D. Bowers, Todd S. Leetham, Zhou Li, Ronald L. Rivest