Patents by Inventor Kevin D. Bower
Kevin D. Bower has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11270402Abstract: A machine vision system that uses an imager to capture an optical image of a target object that may contain a liquid. The target object is illuminated by an illumination source positioned oppositely from the imager and a predetermined pattern is positioned between the illumination source and the target object so that the imager will capture optical images of the background pattern through any liquid positioned in the target object. A processor is programmed to analyze captured images to detect any distortions of the pattern that are attributable to the presence of a liquid in the target object.Type: GrantFiled: August 24, 2020Date of Patent: March 8, 2022Assignee: Novanta CorporationInventors: Mo Chen, Kevin D. Bower
-
Publication number: 20210319039Abstract: An apparatus comprises a processing device configured to analyze an unstructured version of a document to read text data contained therein having a nested hierarchical structure comprising two or more levels and to obtain at least one sample item for a given one of the levels in the nested hierarchical structure. The processing device is also configured to determine a list type associated with the at least one sample item, to identify items having the determined list type in the text data as belonging to the given, and to extract portions of the text data corresponding to respective ones of the items having the determined list type. The processing device is further configured to generate a structured version of the document that associates the extracted portions of the text data with the corresponding ones of the items having the determined list type.Type: ApplicationFiled: April 9, 2020Publication date: October 14, 2021Inventors: Gregory A. Gerber, JR., Corey J. Carpenter, Kevin D. Bowers
-
Patent number: 11115196Abstract: Methods and apparatus are provided for secret sharing with a verifiable reconstruction type. An exemplary method comprises receiving a plurality of shares of a secret generated using a secret splitting scheme; reconstructing the secret if the plurality of shares satisfies a predefined reconstruction threshold; and generating a proof identifying at least one of the plurality of shares used in the reconstruction. The proof is optionally verified by a verifier and the verification is optionally based on auxiliary information derived by the secret splitting scheme used to share the secret. The verifier optionally implements layered access control, for example, based on a rank of the shares used for reconstruction. The reconstructed secret is optionally provided to the verifier. A user can be granted a level of access to a protected resource based on the proof, the reconstructed secret and one or more predefined policies. One or more steps can be proactivized to maintain share freshness.Type: GrantFiled: December 8, 2015Date of Patent: September 7, 2021Assignee: EMC IP Holding Company LLCInventors: Nikolaos Triandopoulos, Kevin D. Bowers, Yupeng Zhang
-
Publication number: 20210241231Abstract: Techniques are provided for automatically assigning tasks of a collaborative project, such as questions within a risk assessment, to users. One method comprises obtaining a description of multiple tasks of a collaborative project; obtaining a first vector representation of a context of at least one of the tasks; obtaining a second vector representation of a context of at least one user; determining a similarity between one or more first vector representations and one or more second vector representations using one or more similarity criteria. The first and second vector representations may be obtained using natural language processing techniques, word embeddings that translate words into at least one vector, term frequency-inverse document frequency vectorization techniques, and/or a bag-of-words model.Type: ApplicationFiled: January 31, 2020Publication date: August 5, 2021Inventors: Brian C. Mullins, Kevin D. Bowers, Victor Malchikov
-
Publication number: 20210056660Abstract: A machine vision system that uses an imager to capture an optical image of a target object that may contain a liquid. The target object is illuminated by an illumination source positioned oppositely from the imager and a predetermined pattern is positioned between the illumination source and the target object so that the imager will capture optical images of the background pattern through any liquid positioned in the target object. A processor is programmed to analyze captured images to detect any distortions of the pattern that are attributable to the presence of a liquid in the target object.Type: ApplicationFiled: August 24, 2020Publication date: February 25, 2021Applicant: Novanta CorporationInventors: Mo Chen, Kevin D. Bower
-
Patent number: 10635824Abstract: Methods and apparatus are provided for private set membership using aggregation for reduced communications. A determination is made as to whether at least one data element of a client is in a data set of a server by: obtaining a transformation of the at least one data element; receiving a response from the server based on the transformation of the at least one data element, wherein the transformation comprises one or more of a Bloom filter-based transformation that employs a Bloom filter comprising a plurality of hash functions and an encryption-based transformation; and determining whether the at least one data element is in the data set based on the response, wherein one or more of the response and the determining is based on a result of at least one aggregation of a plurality of values that depend on the at least one data element and one or more items in the data set.Type: GrantFiled: March 20, 2015Date of Patent: April 28, 2020Assignee: EMC IP Holding Company LLCInventors: Nikolaos Triandopoulos, Kevin D. Bowers, James A. Kelley, Alina Oprea, Ronald Rivest
-
Patent number: 10516527Abstract: Split-key based cryptography techniques are provided for data protection and synchronization across multiple computing devices of a user. A method performed by a first device of a user comprises encrypting a data using a randomly-generated data encryption key; wrapping the data encryption key with a public key of a second device of the user; and sending the encrypted data and the wrapped data encryption key of the first device wrapped with the public key of the second device to a server. The server sends the encrypted data and the wrapped data encryption key of the first device wrapped with the public key of the second device to the second device. The first device or the second device can access the encrypted data by reconstructing their respective private key using a predefined number of shares obtained using a key splitting scheme.Type: GrantFiled: September 29, 2015Date of Patent: December 24, 2019Assignee: EMC IP Holding Company LLCInventors: Salah Machani, Boris Kronrod, Kevin D. Bowers
-
Patent number: 10484419Abstract: A method includes extracting one or more code fragments from a first software module and computing fingerprints of the code fragments extracted from the first software module. The method also includes determining a similarity score based on distances between the fingerprints of the code fragments extracted from the first software module and fingerprints of one or more code fragments extracted from at least a second software module, the second software module being classified as a given software module type, each of the fingerprints being computed by application of a fuzzy hash function to a given one of the code fragments. The method further includes classifying the first software module as the given software module type based on the similarity score and modifying access by a given client device to the first software module responsive to classifying the first software module as the given software module type.Type: GrantFiled: July 31, 2017Date of Patent: November 19, 2019Assignee: EMC IP Holding Company LLCInventors: Sashka Davis, Kevin Douglas, Kevin D. Bowers
-
Patent number: 10263972Abstract: Methods, apparatus and articles of manufacture for authenticating by labeling are provided herein. A method includes identifying each of one or more graphical-based input elements to be associated with a computing device in response to user activity in connection with the computing device; identifying each of one or more graphical-based labels to be assigned to the one or more graphical-based input elements; displaying (i) the one or more graphical-based input elements and (ii) the one or more graphical-based labels via an interface of the computing device; generating a prompt via the computing device interface; and processing input cryptographic information entered via the computing device interface in response to the prompt against (i) the one or more graphical-based input elements and (ii) the one or more graphical-based labels.Type: GrantFiled: February 16, 2017Date of Patent: April 16, 2019Assignee: EMC IP Holding Company LLCInventors: Kevin D. Bowers, Salah Machani, Dennis Moreau, Todd A. Morneau, Deepak Pushpakar, Samir Saklikar, Nikolaos Triandopoulos
-
Patent number: 10229260Abstract: Methods, apparatus and articles of manufacture for authenticating by labeling are provided herein. A method includes establishing a set of cryptographic information, wherein said set of cryptographic information comprises (i) a set of one or more graphical-based input elements and (ii) one or more graphical-based labels assigned to the set of one or more input elements in accordance with a given arrangement; generating a prompt via a computing device interface in connection with an authentication request to access a protected resource associated with the computing device; processing input cryptographic information entered via the computing device interface in response to the prompt against the set of cryptographic information; and resolving the authentication request based on said processing.Type: GrantFiled: March 27, 2014Date of Patent: March 12, 2019Assignee: EMC IP Holding Company LLCInventors: Kevin D. Bowers, Salah Machani, Dennis Moreau, Todd A. Morneau, Deepak Pushpakar, Samir Saklikar, Nikolaos Triandopoulos
-
Patent number: 10129027Abstract: A Security Alerting System is provided with dynamic buffer size adaptation. An alert message from a Security Alerting System is transmitted by obtaining the alert message from the Security Alerting System; authenticating the alert message using a secret key known by a server; storing the authenticated alert message in a buffer; transmitting the buffer to the server; and detecting a truncation attack based on generating different cryptographic keys for protection of inserted messages and transmitted buffers, wherein the cryptographic keys for protection of inserted messages are generated in a forward-secure manner in a same order that the messages are inserted in the buffer and wherein the cryptographic keys for protection of transmitted buffers are generated in a forward-secure manner in a same order that the buffers are transmitted over a network.Type: GrantFiled: February 21, 2018Date of Patent: November 13, 2018Assignee: EMC IP Holding Company LLCInventors: Ari Juels, Nikolaos Triandopoulos, Kevin D. Bowers
-
Patent number: 10104104Abstract: A security alerting system is provided with a network blockage policy based on alert transmission activity. Alert messages from a Security Alerting System executing on a host indicating a potential compromise of a protected resource are processed by determining if a number of buffer contents received from the host within a predefined time interval satisfies a predefined criteria, the buffer content comprising one or more of the alert messages from the Security Alerting System; and blocking a network connection of the host if the number of buffer contents received from the host within the predefined time interval does not satisfy the predefined criteria. The blocked network connection of the host can optionally be restored when a valid buffer content is received from the host. The predefined criteria is based on the alerting activity of the host.Type: GrantFiled: June 20, 2013Date of Patent: October 16, 2018Assignee: EMC IP Holding Company LLCInventors: Ari Juels, Nikolaos Triandopoulos, Kevin D. Bowers
-
Patent number: 10063562Abstract: Techniques of controlling access to a resource involve selecting an authentication scheme for authenticating a user based on an environmental context in which the user is requesting access to the resource. Along these lines, the access control server receives application usage data from a user and separates the data into current environmental factors and current usage factors. In response, the access control server compares the current environmental factors to expected environmental factors for each of multiple predefined environmental contexts. Based on measures of closeness between the current and expected environmental factors, the access control server computes a familiarity score indicative of whether the request to access the resource is recognizable within the particular environmental context.Type: GrantFiled: March 31, 2016Date of Patent: August 28, 2018Assignee: EMC IP Holding Company LLCInventors: Andres D. Molina-Markham, Alina Oprea, Kevin D. Bowers
-
Patent number: 9935770Abstract: A Security Alerting System is provided with dynamic buffer size adaptation. An alert message from a Security Alerting System indicating a potential compromise of a protected resource is transmitted by obtaining the alert message from the Security Alerting System; authenticating the alert message using a secret key known by a server, wherein the secret key evolves in a forward-secure manner; storing the authenticated alert message in a buffer, wherein a size of the buffer is based on a connection history of the Security Alerting System; and transmitting the buffer to the server. The alert message can optionally be encrypted. The buffer can be increased in proportion to a duration of a disruption of a connection. The size of the buffer can be increased by adding buffer slots at a location of a current write pointer index. Techniques are also disclosed for detecting truncation attacks and alert message gaps. The alert messages can have a variable size by writing alert message into consecutive buffer slots.Type: GrantFiled: June 20, 2013Date of Patent: April 3, 2018Assignee: EMC CorporationInventors: Ari Juels, Nikolaos Triandopoulos, Kevin D. Bowers
-
Patent number: 9838407Abstract: A processing device in one embodiment comprises a processor coupled to a memory and is configured to obtain internal log data of a computer network of an enterprise, to extract values of a plurality of designated internal features from the log data, to obtain additional data from one or more external data sources, and to extract values of a plurality of designated external features from the additional data. The extracted values are applied to a regression model based on the internal and external features to generate malicious activity risk scores for respective ones of a plurality of domains, illustratively external domains having fully-qualified domain names (FQDNs). A subset of the domains are identified based on their respective malicious activity risk scores, and one or more proactive security measures are taken against the identified subset of domains. The processing device may be implemented in the computer network or an associated network security system.Type: GrantFiled: March 30, 2016Date of Patent: December 5, 2017Assignee: EMC IP Holding Company LLCInventors: Alina M. Oprea, Zhou Li, Robin Norris, Kevin D. Bowers
-
Patent number: 9838355Abstract: A method includes receiving a first analytics set performed on a first network security appliance operated internal to a first organization, receiving a second analytics set performed on a second network security appliance operated internal to a second organization, processing the first analytics set and the second analytics set, and responsive to the processing, disseminating to the second network security appliance information indicating that the second analytics set has also been performed on at least the first network security appliance, without revealing an identity of the first organization. In one embodiment at least part of the first analytics set or the second analytics set is hashed.Type: GrantFiled: September 26, 2016Date of Patent: December 5, 2017Assignee: EMC IP Holding Company LLCInventors: Yedidya Dotan, Brian P. Girardi, Marcelo Blatt, Oleg Freylafert, Kevin D. Bowers, Michael S. Shreve
-
Patent number: 9817957Abstract: A processing device comprises a processor coupled to a memory and is configured to predict or otherwise determine that a user will utilize a target application on a user device in involvement with a particular set of smart objects, to request cryptographic material for activating the smart objects of the set, to receive the cryptographic material responsive to the request, and to utilize the cryptographic material to activate the smart objects. Each of the activated smart objects provides a verifier with a proof of involvement with the user device. The verifier controls user access to the target application based at least in part on the proofs provided by the activated smart objects. The determining, requesting, receiving and utilizing operations in some embodiments are performed by a learning agent running on the processing device. The learning agent illustratively includes functionality for learning target application access behavior of the user over time.Type: GrantFiled: June 4, 2015Date of Patent: November 14, 2017Assignee: EMC IP Holding Company LLCInventors: Andres D. Molina-Markham, Kevin D. Bowers, Nikolaos Triandopoulos
-
Patent number: 9740844Abstract: Wireless wearable authenticators (WWAs) are provided using attachment to confirm user possession of the WWA. A user is authenticated by receiving authentication information from a wireless, wearable authentication (WWA) device of the user. The authentication information indicates whether the user has substantially continuously worn the WWA since a prior session where the user proved his or her identity to a relying device while wearing the WWA. The user is authenticated based on an evaluation of the authentication information. The authentication information comprises, for example, a credential ? and a current session label J. A value of the current session label J can provide the indication of whether the user has substantially continuously worn the WWA since a prior session where the user proved his or her identity to a relying device while wearing the WWA.Type: GrantFiled: December 24, 2013Date of Patent: August 22, 2017Assignee: EMC IP Holding Company LLCInventors: Kevin D. Bowers, Ari Juels, Ronald Rivest
-
Patent number: 9659177Abstract: An authentication token configured to generate authentication information comprises an attestation module. The attestation module of the authentication token is configured to receive an attestation generated by an attestation module of a client, to perform a check on the received attestation, and to release the authentication information to a designated entity if the check indicates that the attestation is valid. The designated entity may comprise the client itself or another entity that participates in an authentication process involving at least one of the authentication token and the client. The authentication token in performing the check on the attestation received from the client may determine if the received attestation conforms to a predetermined policy. The attestation may comprise a platform attestation generated by the client for a given instantiated software stack of the client.Type: GrantFiled: September 24, 2012Date of Patent: May 23, 2017Assignee: EMC IP Holding Company LLCInventors: Ari Juels, Kevin D. Bowers
-
Patent number: 9621576Abstract: There are disclosed techniques for use in detecting malicious websites. In at least one embodiment, there is disclosed a technique for generating a profile in connection with a website. The profile comprising at least one attribute associated with the website. The technique also comprises collecting information relating to the website during a visit to the website. The technique further comprises detecting a change in connection with the website. The detection of the change comprises identifying a variation between the generated profile and the collected information.Type: GrantFiled: December 31, 2014Date of Patent: April 11, 2017Assignee: EMC IP Holding Company LLCInventors: Alina Oprea, Sumayah Alrwais, Kevin D. Bowers, Todd S. Leetham, Zhou Li, Ronald L. Rivest