Patents by Inventor Runting Shi
Runting Shi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 12244711Abstract: Systems, methods, network devices, and machine-readable media disclosed herein include executing a secure algorithm for computing on a plurality of machines in a cluster by receiving a large input message and dividing the large input message into a plurality of initial input messages, computing an encryption of initial input messages, and evaluating a cluster computing circuit using a homomorphic encryption scheme.Type: GrantFiled: July 29, 2021Date of Patent: March 4, 2025Assignees: NTT Research, Inc., Cornell UniversityInventors: Rex Fernando, Ilan Komargodski, Runting Shi
-
Publication number: 20240062193Abstract: An apparatus in one embodiment comprises a processing platform having at least one processing device. The processing platform implements a trusted bridge configured for at least temporary coupling between one or more data sources and a smart contract program of a blockchain. The trusted bridge comprises a secure enclave component and a relay component. Data obtained from a given one of the data sources via the relay component of the trusted bridge is authenticated in the secure enclave component of the trusted bridge. Information based at least in part on the data authenticated in the secure enclave component of the trusted bridge is provided to the smart contract program of the blockchain via the relay component of the trusted bridge. The secure enclave component illustratively receives a request for authenticated data from the blockchain smart contract program via the relay component, and responds to the request via the relay component.Type: ApplicationFiled: October 30, 2023Publication date: February 22, 2024Inventors: Fan Zhang, Ethan Cecchetti, Kyle Croman, Ari Juels, Runting Shi
-
Patent number: 11829998Abstract: An apparatus in one embodiment comprises a processing platform having at least one processing device. The processing platform implements a trusted bridge configured for at least temporary coupling between one or more data sources and a smart contract program of a blockchain. The trusted bridge comprises a secure enclave component and a relay component. Data obtained from a given one of the data sources via the relay component of the trusted bridge is authenticated in the secure enclave component of the trusted bridge. Information based at least in part on the data authenticated in the secure enclave component of the trusted bridge is provided to the smart contract program of the blockchain via the relay component of the trusted bridge. The secure enclave component illustratively receives a request for authenticated data from the blockchain smart contract program via the relay component, and responds to the request via the relay component.Type: GrantFiled: June 6, 2017Date of Patent: November 28, 2023Assignee: Cornell UniversityInventors: Fan Zhang, Ethan Cecchetti, Kyle Croman, Ari Juels, Runting Shi
-
Publication number: 20220173888Abstract: The present invention is direct to a two-mode blockchain consensus protocol and a system implementing such a protocol. The system includes a plurality of node computers (and a communications network connecting the plurality of node computers. The plurality of node computers includes a first node computer, a collecting node computer, a committee of node computers, and one or more node computers that operate based on proof of work algorithms. Each node computer in the plurality includes a blockchain consensus software application running on the processor of the node computer. The blockchain consensus software application is adapted to connect to the plurality of node computers that are connected to the communications network. The blockchain consensus software application implements the two-mode blockchain consensus protocol. Through the software application, the plurality of node computers operate to reach a consensus on adding data to a public ledger.Type: ApplicationFiled: February 16, 2022Publication date: June 2, 2022Inventors: Runting Shi, Rafael Pass, Yue Guo
-
Publication number: 20220129439Abstract: The present invention is directed blockchain systems and censuses protocols that adopt a pipelining technique. The systems and protocols involve a committee of consensus nodes that include proposer nodes and voter nodes. Each proposer node can send two or more unnotarized proposals to the voter nodes, and the voter nodes can vote on an unnotarized proposal when they have the same freshest notarized chain or block. A sequence number is provided to facilitate the operation of the systems and protocols. The sequence number can be used to determine the freshest notarized chain or block and the finalized chain and switch proposer node. The systems and protocols also provide other features such as chain syncer, committee election scheme, and committee reconfiguration. The systems and protocols further provide a simple finalization process and thus have a low finalization time.Type: ApplicationFiled: January 10, 2022Publication date: April 28, 2022Inventors: Runting Shi, Rafael Nat Josef Pass, Taz Hong Hubert Chan, Chang-Zen Tsai, Chia-Hao Lo
-
Patent number: 11271717Abstract: The present invention is direct a two-mode blockchain consensus protocol and a system implementing such a protocol. The system includes a plurality of node computers (and a communications network connecting the plurality of node computers. The plurality of node computers includes a first node computer, a collecting node computer, a committee of node computers, and one or more node computers that operate based on proof of work algorithms. Each node computer in the plurality includes a blockchain consensus software application running on the processor of the node computer. The blockchain consensus software application is adapted to connect to the plurality of node computers that are connected to the communications network. The blockchain consensus software application implements the two-mode blockchain consensus protocol. Through the software application, the plurality of node computers operate to reach a consensus on adding data to a public ledger.Type: GrantFiled: February 20, 2019Date of Patent: March 8, 2022Assignee: Thunder Token Inc.Inventors: Runting Shi, Rafael Pass, Yue Guo
-
Patent number: 11222009Abstract: The present invention is directed blockchain systems and censuses protocols that adopt a pipelining technique. The systems and protocols involve a committee of consensus nodes that include proposer nodes and voter nodes. Each proposer node can send two or more unnotarized proposals to the voter nodes, and the voter nodes can vote on an unnotarized proposal when they have the same freshest notarized chain or block. A sequence number is provided to facilitate the operation of the systems and protocols. The sequence number can be used to determine the freshest notarized chain or block and the finalized chain and switch proposer node. The systems and protocols also provide other features such as chain syncer, committee election scheme, and committee reconfiguration. The systems and protocols further provide a simple finalization process and thus have a low finalization time.Type: GrantFiled: September 27, 2019Date of Patent: January 11, 2022Assignee: Thunder Token Inc.Inventors: Runting Shi, Rafael Nat Josef Pass, Tsz Hong Hubert Chan, Chang-Zen Tsai, Chia-Hao Lo
-
Publication number: 20200134578Abstract: The present blockchain systems and censuses protocols involve a committee of consensus nodes to notarize candidate blocks. The committee includes proposers and votes. A proposer can send an unnotarized proposal to the voters, and the voters can vote on an unnotarized proposal when the voter and the proposer have substantially the same freshest notarized chain. After receiving enough votes for the proposal, the proposal is notarized and added to the blockchain maintained by the systems and protocols. Epoch is provided to facilitate the operation of the systems and protocols. Epoch includes a value identifying a proposer and defines a duration in which the transmission and voting of the proposal can be completed. The time parameter can be used to determine the freshest notarized chain and the finalized chain. The finalized chain is determined by excluding a number of consecutive blocks with consecutive epoch values from the notarized chain.Type: ApplicationFiled: October 25, 2019Publication date: April 30, 2020Inventors: Runting Shi, Rafael Nat Josef Pass, Tsz Hong Hubert CHAN
-
Publication number: 20200104293Abstract: The present invention is directed blockchain systems and censuses protocols that adopt a pipelining technique. The systems and protocols involve a committee of consensus nodes that include proposer nodes and voter nodes. Each proposer node can send two or more unnotarized proposals to the voter nodes, and the voter nodes can vote on an unnotarized proposal when they have the same freshest notarized chain or block. A sequence number is provided to facilitate the operation of the systems and protocols. The sequence number can be used to determine the freshest notarized chain or block and the finalized chain and switch proposer node. The systems and protocols also provide other features such as chain syncer, committee election scheme, and committee reconfiguration. The systems and protocols further provide a simple finalization process and thus have a low finalization time.Type: ApplicationFiled: September 27, 2019Publication date: April 2, 2020Inventors: Runting Shi, Rafael Nat Josef Pass, Tsz Hong Hubert CHAN, Chang-Zen TSAI, Chia-Hao LO
-
Publication number: 20190260574Abstract: The present invention is direct a two-mode blockchain consensus protocol and a system implementing such a protocol. The system includes a plurality of node computers (and a communications network connecting the plurality of node computers. The plurality of node computers includes a first node computer, a collecting node computer, a committee of node computers, and one or more node computers that operate based on proof of work algorithms. Each node computer in the plurality includes a blockchain consensus software application running on the processor of the node computer. The blockchain consensus software application is adapted to connect to the plurality of node computers that are connected to the communications network. The blockchain consensus software application implements the two-mode blockchain consensus protocol. Through the software application, the plurality of node computers operate to reach a consensus on adding data to a public ledger.Type: ApplicationFiled: February 20, 2019Publication date: August 22, 2019Inventors: Runting Shi, Rafael Pass, Yue Guo
-
Publication number: 20170352027Abstract: An apparatus in one embodiment comprises a processing platform having at least one processing device. The processing platform implements a trusted bridge configured for at least temporary coupling between one or more data sources and a smart contract program of a blockchain. The trusted bridge comprises a secure enclave component and a relay component. Data obtained from a given one of the data sources via the relay component of the trusted bridge is authenticated in the secure enclave component of the trusted bridge. Information based at least in part on the data authenticated in the secure enclave component of the trusted bridge is provided to the smart contract program of the blockchain via the relay component of the trusted bridge. The secure enclave component illustratively receives a request for authenticated data from the blockchain smart contract program via the relay component, and responds to the request via the relay component.Type: ApplicationFiled: June 6, 2017Publication date: December 7, 2017Inventors: Fan Zhang, Ethan Cecchetti, Kyle Croman, Ari Juels, Runting Shi
-
Patent number: 9336388Abstract: One embodiment of the present invention provides a system for detecting insider attacks in an organization. During operation, the system collects data describing user activities. The system extracts information from the data that includes user information and user communications. The system then generates a topic-specific graph based on the extracted information. The system analyzes a structure of the graph to determine if one or more rules have been violated. The system may determine that a rule associated with the graph has been violated and signal an alarm in response to detecting the rule violation.Type: GrantFiled: December 10, 2012Date of Patent: May 10, 2016Assignee: PALO ALTO RESEARCH CENTER INCORPORATEDInventors: Oliver Brdiczka, Priya Mahadevan, Runting Shi
-
Publication number: 20140165195Abstract: One embodiment of the present invention provides a system for detecting insider attacks in an organization. During operation, the system collects data describing user activities. The system extracts information from the data that includes user information and user communications. The system then generates a topic-specific graph based on the extracted information. The system analyzes a structure of the graph to determine if one or more rules have been violated. The system may determine that a rule associated with the graph has been violated and signal an alarm in response to detecting the rule violation.Type: ApplicationFiled: December 10, 2012Publication date: June 12, 2014Applicant: Palo Alto Research Center IncorporatedInventors: Oliver Brdiczka, Priya Mahadevan, Runting Shi
-
Patent number: 8555400Abstract: A private stream aggregation (PSA) system contributes a user's data to a data aggregator without compromising the user's privacy. The system can begin by determining a private key for a local user in a set of users, wherein the sum of the private keys associated with the set of users and the data aggregator is equal to zero. The system also selects a set of data values associated with the local user. Then, the system encrypts individual data values in the set based in part on the private key to produce a set of encrypted data values, thereby allowing the data aggregator to decrypt an aggregate value across the set of users without decrypting individual data values associated with the set of users, and without interacting with the set of users while decrypting the aggregate value. The system also sends the set of encrypted data values to the data aggregator.Type: GrantFiled: February 4, 2011Date of Patent: October 8, 2013Assignee: Palo Alto Research Center IncorporatedInventors: Runting Shi, Richard Chow, Tsz Hong Hubert Chan
-
Patent number: 8478768Abstract: A recommender system can generate a predicted item rating for one user by performing collaborative filtering on item ratings from other users. The recommender system can include a client device that interfaces with a server to obtain a predicted item rating for a local user. The client device can generate a standardized ratings vector for the user, and computes a group identifier for the user based on the standardized ratings vector. The system also generates a noisy ratings vector for the local user, and sends a user-ratings snapshot to a recommendation server that includes the group identifier and the noisy ratings vector. The recommender system can also include the recommendation server that generates a predicted item rating for the user by performing collaborative filtering on ratings vectors from a plurality of other users that belong to the same ratings group.Type: GrantFiled: December 8, 2011Date of Patent: July 2, 2013Assignee: Palo Alto Research Center IncorporatedInventors: Manas Ashok Pathak, Richard Chow, Runting Shi, Cong Wang
-
Publication number: 20130151540Abstract: A recommender system can generate a predicted item rating for one user by performing collaborative filtering on item ratings from other users. The recommender system can include a client device that interfaces with a server to obtain a predicted item rating for a local user. The client device can generate a standardized ratings vector for the user, and computes a group identifier for the user based on the standardized ratings vector. The system also generates a noisy ratings vector for the local user, and sends a user-ratings snapshot to a recommendation server that includes the group identifier and the noisy ratings vector. The recommender system can also include the recommendation server that generates a predicted item rating for the user by performing collaborative filtering on ratings vectors from a plurality of other users that belong to the same ratings group.Type: ApplicationFiled: December 8, 2011Publication date: June 13, 2013Applicant: PALO ALTO RESEARCH CENTER INCORPORATEDInventors: Manas Ashok Pathak, Richard Chow, Runting Shi, Cong Wang
-
Patent number: 8312157Abstract: Embodiments of the present disclosure provide a method and system for implicitly authenticating a user to access controlled resources. The system receives a request to access the controlled resources. The system then determines a user behavior score based on a user behavior model, and recent contextual data about the user. The user behavior score facilitates identifying a level of consistency between one or more recent user events and a past user behavior pattern. The recent contextual data, which comprise a plurality of data streams, are collected from one or more user devices without prompting the user to perform an action explicitly associated with authentication. The plurality of data streams provide basis for determining the user behavior score, but a data stream alone provides insufficient basis for the determination of the user behavior score. The system also provides the user behavior score to an access controller of the controlled resource.Type: GrantFiled: July 16, 2009Date of Patent: November 13, 2012Assignee: Palo Alto Research Center IncorporatedInventors: Bjorn Markus Jakobsson, Mark J. Grandcolas, Philippe J. P. Golle, Richard Chow, Runting Shi
-
Patent number: 8266712Abstract: Embodiments of the present disclosure provide a method and system for protecting privacy by generating artificial contextual data. The system collects real contextual data related to a user. The system then generates artificial contextual data, based on the collected real contextual data. The system also groups the generated contextual data into one or more groups. Each group of contextual data corresponds to a persona that can be presented as the user's persona. Subsequently, the system transmits the generated contextual data to an entity, thereby allowing the user to obscure the real contextual data related to the user.Type: GrantFiled: November 3, 2009Date of Patent: September 11, 2012Assignee: Palo Alto Research Center IncorporatedInventors: Richard Chow, Philippe J. P. Golle, Runting Shi
-
Publication number: 20120204026Abstract: A private stream aggregation (PSA) system contributes a user's data to a data aggregator without compromising the user's privacy. The system can begin by determining a private key for a local user in a set of users, wherein the sum of the private keys associated with the set of users and the data aggregator is equal to zero. The system also selects a set of data values associated with the local user. Then, the system encrypts individual data values in the set based in part on the private key to produce a set of encrypted data values, thereby allowing the data aggregator to decrypt an aggregate value across the set of users without decrypting individual data values associated with the set of users, and without interacting with the set of users while decrypting the aggregate value. The system also sends the set of encrypted data values to the data aggregator.Type: ApplicationFiled: February 4, 2011Publication date: August 9, 2012Applicant: PALO ALTO RESEARCH CENTER INCORPORATEDInventors: Runting Shi, Richard Chow, Tsz Hong Hubert Chan
-
Publication number: 20120137340Abstract: Embodiments of the present disclosure provide a method and system for implicitly authenticating a user to access controlled resources. The system first receives a request to access the controlled resource from a user. Then, the system determines whether the user request is inconsistent with regular user behavior by calculating a user behavior measure derived from historical contextual data of past user events. Next, responsive to the determined inconsistency of the user request, the system collects current contextual data of the user from one or more user devices without prompting the user to perform an explicit action for authentication. The system further updates the user behavior measure based on the collected current contextual data, and provides the updated user behavior measure to an access controller of the controlled resource to make an authentication decision based at least on the updated user behavior measure.Type: ApplicationFiled: November 29, 2010Publication date: May 31, 2012Applicant: Palo Alto Research Center IncorporatedInventors: Bjorn Markus Jakobsson, Richard Chow, Runting Shi