Patents by Inventor Ulf Mattsson

Ulf Mattsson has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20220277095
    Abstract: Database entries can be protected by indexing the entries using a plurality of indexes, each associated with a level of access rights. A level of access rights can be determined from a search query, and an index can be selected based on the determined level of access rights. A search key can be generated based on the received query, and the selected index can be searched using the search query. Database entries mapped to the values of the selected index returned in response to the search can be outputted. Each index is associated with a different granularity defining the number and/or ambiguity of search results returned in response to searching an index.
    Type: Application
    Filed: February 9, 2022
    Publication date: September 1, 2022
    Inventors: Yigal Rozenberg, Ulf Mattsson
  • Publication number: 20220247563
    Abstract: Data in various formats can be protected in a distributed tokenization environment. Examples of such formats include date and time data, decimal data, and floating point data. Such data can tokenized by a security device that instantiates a number of tokenization pipelines for parallel tokenization of the data. Characteristics of such data can be used to tokenize the data. For instance, token tables specific to the data format can be used to tokenized the data. Likewise, a type, order, or configuration of the operations within each tokenization pipeline can be selected based on the data format or characteristics of the data format. Each tokenization pipeline performs a set of encoding or tokenization operations in parallel and based at least in part on a value received from another tokenization pipeline. The tokenization pipeline outputs are combined, producing tokenized data, which can be provided to a remote system for storage or processing.
    Type: Application
    Filed: January 21, 2022
    Publication date: August 4, 2022
    Inventors: Ulf Mattsson, Denis Scherbakov
  • Publication number: 20220247564
    Abstract: Data in various formats can be protected in a distributed tokenization environment. Examples of such formats include date and time data, decimal data, and floating point data. Such data can tokenized by a security device that instantiates a number of tokenization pipelines for parallel tokenization of the data. Characteristics of such data can be used to tokenize the data. For instance, token tables specific to the data format can be used to tokenized the data. Likewise, a type, order, or configuration of the operations within each tokenization pipeline can be selected based on the data format or characteristics of the data format. Each tokenization pipeline performs a set of encoding or tokenization operations in parallel and based at least in part on a value received from another tokenization pipeline. The tokenization pipeline outputs are combined, producing tokenized data, which can be provided to a remote system for storage or processing.
    Type: Application
    Filed: January 21, 2022
    Publication date: August 4, 2022
    Inventors: Ulf Mattsson, Denis Scherbakov
  • Publication number: 20220245261
    Abstract: Data in various formats can be protected in a distributed tokenization environment. Examples of such formats include date and time data, decimal data, and floating point data. Such data can tokenized by a security device that instantiates a number of tokenization pipelines for parallel tokenization of the data. Characteristics of such data can be used to tokenize the data. For instance, token tables specific to the data format can be used to tokenized the data. Likewise, a type, order, or configuration of the operations within each tokenization pipeline can be selected based on the data format or characteristics of the data format. Each tokenization pipeline performs a set of encoding or tokenization operations in parallel and based at least in part on a value received from another tokenization pipeline. The tokenization pipeline outputs are combined, producing tokenized data, which can be provided to a remote system for storage or processing.
    Type: Application
    Filed: January 21, 2022
    Publication date: August 4, 2022
    Inventors: Ulf Mattsson, Denis Scherbakov
  • Publication number: 20220124522
    Abstract: The invention relates to methods of providing requested network information from a first core Network Function (NF) to a second NF, and devices performing the methods. In an aspect, a method performed by a first core NF entity of providing requested network information to a second NF entity is provided. The method comprises receiving a request to obtain the network information originating from the second NF entity, determining an expiry time stipulating how long the requested network information is valid, and transmitting, towards the second NF entity, the requested network information and the expiry time.
    Type: Application
    Filed: December 29, 2021
    Publication date: April 21, 2022
    Inventors: Helen Örtenblad, Ulf Mattsson, Miguel Angel Puente Pestaña
  • Publication number: 20220121768
    Abstract: Data in a database can be protected, for instance by tokenizing the entries of the database using one or more token tables. To enable searching data within the database without first detokenizing the tokenized database entries, bigrams of each data entry can also be tokenized and stored in association with the tokenized data entry. When a query term is received, the query term can be parsed into bigrams, and each bigram can be tokenized. The tokenized query bigrams can be used to query the database, and tokenized database entries corresponding to tokenized bigrams that match the tokenized query bigrams can be identified and returned as search results.
    Type: Application
    Filed: October 2, 2021
    Publication date: April 21, 2022
    Inventors: Ulf Mattsson, David Clyde Williamson
  • Publication number: 20220114341
    Abstract: Unicode data can be protected in a distributed tokenization environment. Data to be tokenized can be accessed or received by a security server, which instantiates a number of tokenization pipelines for parallel tokenization of the data. Unicode token tables are accessed by the security server, and each tokenization pipeline uses the accessed token tables to tokenization a portion of the data. Each tokenization pipeline performs a set of encoding or tokenization operations in parallel and based at least in part on a value received from another tokenization pipeline. The outputs of the tokenization pipelines are combined, producing tokenized data, which can be provided to a remote computing system for storage or processing.
    Type: Application
    Filed: February 17, 2021
    Publication date: April 14, 2022
    Inventors: Ulf Mattsson, David Clyde Williamson, Yigal Rozenberg, Vichai Levy, Raul Ortega, Denis Scherbakov, Fredrik Mörtberg
  • Patent number: 11290897
    Abstract: The invention relates to methods of providing requested network information from a first core Network Function (NF) to a second NF, and devices performing the methods. In an aspect, a method performed by a first core NF entity of providing requested network information to a second NF entity is provided. The method comprises receiving a request to obtain the network information originating from the second NF entity, determining an expiry time stipulating how long the requested network information is valid, and transmitting, towards the second NF entity, the requested network information and the expiry time.
    Type: Grant
    Filed: May 15, 2018
    Date of Patent: March 29, 2022
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Helen Örtenblad, Ulf Mattsson, Miguel Angel Puente Pestaña
  • Patent number: 11281792
    Abstract: Database entries can be protected by indexing the entries using a plurality of indexes, each associated with a level of access rights. A level of access rights can be determined from a search query, and an index can be selected based on the determined level of access rights. A search key can be generated based on the received query, and the selected index can be searched using the search query. Database entries mapped to the values of the selected index returned in response to the search can be outputted. Each index is associated with a different granularity defining the number and/or ambiguity of search results returned in response to searching an index.
    Type: Grant
    Filed: July 27, 2020
    Date of Patent: March 22, 2022
    Assignee: PROTEGRITY CORPORATION
    Inventors: Yigal Rozenberg, Ulf Mattsson
  • Publication number: 20220078166
    Abstract: A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and is configured to receive encoded data and a set of operations from the server device in response to a request for cloud services from the client device. The gateway device is configured to decode the encoded data, and to provide the decoded data and the set of operations to the client device. The client device is configured to perform the set of operations on the decoded data, and to incorporate the operation results into an application or interface corresponding to the requested cloud service. The gateway device is configured to encode the operation result data, and to provide the encoded operation result data to the server device for storage.
    Type: Application
    Filed: November 18, 2021
    Publication date: March 10, 2022
    Inventors: Rajnish Jain, Vichai Levy, Ulf Mattsson, Yigal Rozenberg
  • Publication number: 20220070158
    Abstract: A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.
    Type: Application
    Filed: November 11, 2021
    Publication date: March 3, 2022
    Inventors: Ulf Mattsson, Yigal Rozenberg, Vichai Levy
  • Publication number: 20220027515
    Abstract: New tokenization tables are derived at intervals in order to increase the security of tokenized data that is transferred between two endpoints. Generation of the new tokenization tables is based on previous tokenization tables, which advantageously allows the generation process to be performed locally at the two endpoints independently of an external tokenization table provider. New tokenization tables can periodically be distributed to the endpoints as a new starting point for derivation.
    Type: Application
    Filed: October 2, 2021
    Publication date: January 27, 2022
    Inventors: Yigal Rozenberg, Ulf Mattsson
  • Publication number: 20220030089
    Abstract: A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and generates a mapping between portions of data received from a client device and interface fields or data elements of the client device. Upon receiving subsequent data from the client device, the gateway device can access the generated mapping to identify portions of the subsequent data corresponding to particular interface fields or data elements of the client device using the mapping, and can encode the identified portions of the subsequent data, for instance based on data protection techniques defined by a security policy. The encoded data can then be outputted by the gateway device to the server device.
    Type: Application
    Filed: October 2, 2021
    Publication date: January 27, 2022
    Inventors: Vichai Levy, Yigal Rozenberg, Rajnish Jain, Ulf Mattsson
  • Publication number: 20220022090
    Abstract: A method of operation of an OAM node in a 5G system for fulfilling a service level agreement (SLA) for a network slice. The method comprises the OAM node initializing the slice information at a first network entity (NSSF) including the initial number of users allowed for a slice and transmitting information related to KPI for the slice for QoE monitoring; receiving one or more Quality of Experience (QoE) measurements related to one or more users of the slice, using the received one or more QoE measurements to determine whether the KPI for the slice is reached in accordance with the SLA and in response to determining that the KPI for the slice is not in accordance with the SLA, triggering an action in at least one of corresponding Radio Access Network or a Core Network associated with the slice, such as resource reconfiguration or redistribution across different slices.
    Type: Application
    Filed: November 20, 2019
    Publication date: January 20, 2022
    Inventors: Paul SCHLIWA-BERTLING, Ulf MATTSSON, Maria PANCORBO MARCOS
  • Patent number: 11212261
    Abstract: A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and is configured to receive encoded data and a set of operations from the server device in response to a request for cloud services from the client device. The gateway device is configured to decode the encoded data, and to provide the decoded data and the set of operations to the client device. The client device is configured to perform the set of operations on the decoded data, and to incorporate the operation results into an application or interface corresponding to the requested cloud service. The gateway device is configured to encode the operation result data, and to provide the encoded operation result data to the server device for storage.
    Type: Grant
    Filed: December 3, 2019
    Date of Patent: December 28, 2021
    Assignee: Protegrity Corporation
    Inventors: Rajnish Jain, Vichai Levy, Ulf Mattsson, Yigal Rozenberg
  • Patent number: 11206256
    Abstract: A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.
    Type: Grant
    Filed: December 31, 2019
    Date of Patent: December 21, 2021
    Assignee: Protegrity Corporation
    Inventors: Ulf Mattsson, Yigal Rozenberg, Vichai Levy
  • Publication number: 20210385791
    Abstract: Methods and devices of enabling paging of a wireless communication device. In an aspect, a method of a node configured to provide core network user plane functionality in a communications network is provided to enable paging of a wireless communication device being in an idle state.
    Type: Application
    Filed: October 22, 2018
    Publication date: December 9, 2021
    Inventors: Jari VIKBERG, Göran HALL, Ulf MATTSSON, Gunnar MILDH, Göran RUNE
  • Patent number: 11165889
    Abstract: A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and generates a mapping between portions of data received from a client device and interface fields or data elements of the client device. Upon receiving subsequent data from the client device, the gateway device can access the generated mapping to identify portions of the subsequent data corresponding to particular interface fields or data elements of the client device using the mapping, and can encode the identified portions of the subsequent data, for instance based on data protection techniques defined by a security policy. The encoded data can then be outputted by the gateway device to the server device.
    Type: Grant
    Filed: October 12, 2018
    Date of Patent: November 2, 2021
    Assignee: Protegrity Corporation
    Inventors: Vichai Levy, Yigal Rozenberg, Rajnish Jain, Ulf Mattsson
  • Patent number: 11163907
    Abstract: New tokenization tables are derived at intervals in order to increase the security of tokenized data that is transferred between two endpoints. Generation of the new tokenization tables is based on previous tokenization tables, which advantageously allows the generation process to be performed locally at the two endpoints independently of an external tokenization table provider. New tokenization tables can periodically be distributed to the endpoints as a new starting point for derivation.
    Type: Grant
    Filed: March 27, 2020
    Date of Patent: November 2, 2021
    Assignee: Protegrity Corporation
    Inventors: Yigal Rozenberg, Ulf Mattsson
  • Publication number: 20210288886
    Abstract: Methods and systems for Open Network Automation Platform (ONAP) Fifth Generation Core (5GC) interaction for analytics are provided. According to one aspect, a method, performed by a Front End node for receiving patterns extracted from events and current network status data in a telecommunications network, comprises: receiving, from a Session Management Function (SMF) a request for a User Plane Function (UPF) selection recommendation for a user; determining a list of applications associated with the user; sending, to a Data Collection, Analytics, and Events (DCAE) function of an ONAP, a request for a list of Application Server (AS) locations; receiving, from the DCAE function, the list of AS locations; selecting a UPF based on the user's mobility and application usage patterns; and sending, to the SMF, a recommendation identifying the selected UPF.
    Type: Application
    Filed: July 17, 2019
    Publication date: September 16, 2021
    Inventors: Helen Örtenblad, Ulf Mattsson, Miguel Angel Puente Pestaña