Patents by Inventor Xien Yao
Xien Yao has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10574693Abstract: A password breach registry is utilized to secure a service provided by a service provider. The password breach registry is a publicly accessible registry and includes password tokens written by breached service providers. The password tokens indicate passwords used to access breached service providers that may have been breached. A service provider can subscribe to the password breach registry and periodically query the password breach registry to determine if a password token corresponding to a user of a service provided by the service provider has been written to the password breach registry. This may indicate that the user of the service utilizes the same password on other services that have been breached. Upon determining that the password token has been written to the password breach registry, the user can be locked out from the service to prevent a malicious actor from gaining access to the account of the user.Type: GrantFiled: March 14, 2018Date of Patent: February 25, 2020Assignee: CA TECHNOLOGIES, INC.Inventors: Steven Cornelis Versteeg, Nathan Allin Hastings, Xien Yao, John Sinclair Bird
-
Patent number: 10530754Abstract: A registry is utilized to identify personally identifiable information (PII) that has been breached. The registry is a distributed database shared by multiple organizations to track which PII has been breached in other organizations. A first service provider initially receives PII and corresponding signed descriptor from a user. The PII is used to verify an identity of the user and the signed descriptor describes the type of PII that is received. The first service provider queries the registry to determine if the signed descriptor of the user has been written to the registry by a second service provider, indicating that it has been breached at a service provided by the second service provider. If the first service provider uses the breached PII, the breached PII is invalidated by the first service provider.Type: GrantFiled: October 15, 2018Date of Patent: January 7, 2020Assignee: CA, Inc.Inventors: Steven Cornelis Versteeg, Nathan Allin Hastings, Xien Yao, John Sinclair Bird
-
Patent number: 10523705Abstract: A password breach registry is utilized to secure a service provided by a service provider. The password breach registry is a publicly accessible registry and includes password tokens written by breached service providers. The password tokens indicate passwords used to access breached service providers that may have been breached. A service provider can subscribe to the password breach registry and periodically query the password breach registry to determine if a password token corresponding to a user of a service provided by the service provider has been written to the password breach registry. This may indicate that the user of the service utilizes the same password on other services that have been breached. Upon determining that the password token has been written to the password breach registry, the user can be locked out from the service to prevent a malicious actor from gaining access to the account of the user.Type: GrantFiled: October 15, 2018Date of Patent: December 31, 2019Assignee: CA, Inc.Inventors: Steven Cornelis Versteeg, Nathan Allin Hastings, Xien Yao, John Sinclair Bird
-
Publication number: 20190305968Abstract: A method includes identifying a set of computing-resistant puzzles and receiving human-input proposed solutions to at least a subset of the puzzles. The method further includes confirming the validity of the human-input proposed solutions and producing a proof-of-work based on at least a threshold quantity of validated human-input proposed solutions. A new block including the produced proof-of-work is added to a blockchain database.Type: ApplicationFiled: March 27, 2018Publication date: October 3, 2019Inventors: Steven Cornelis VERSTEEG, John Sinclair BIRD, Nathan Allin HASTINGS, Xien YAO, Deborah Anne VETHECAN
-
Patent number: 10331440Abstract: A computer-implemented method is disclosed which detects that new source code linked to a defect identifier has been checked in to a source code repository for a given code branch of a software application. The new source code is automatically checked in to additional code branches of the software application based on the defect identifier. For each additional code branch into which the new source code is automatically checked in, code coverage metrics are determined which indicate an extent to which application source code of the code branch is tested by its corresponding test case source code before and after the automatic check in. If a difference between the code coverage metrics indicates that code coverage for the code branch has decreased by more than a predefined threshold, a notification is transmitted that indicates a test case deficiency for the code branch.Type: GrantFiled: June 13, 2017Date of Patent: June 25, 2019Assignee: CA, Inc.Inventors: Ramanjaneyulu Mallisetty, Naveen Arora, Steven C. Versteeg, Xien Yao
-
Patent number: 10284533Abstract: A registry is utilized to identify personally identifiable information (PII) that has been breached. The registry is a distributed database shared by multiple organizations to track which PII has been breached in other organizations. A first service provider initially receives PII and corresponding signed descriptor from a user. The PII is used to verify an identity of the user and the signed descriptor describes the type of PII that is received. The first service provider queries the registry to determine if the signed descriptor of the user has been written to the registry by a second service provider, indicating that it has been breached at a service provided by the second service provider. If the first service provider uses the breached PII, the breached PII is invalidated by the first service provider.Type: GrantFiled: March 14, 2018Date of Patent: May 7, 2019Assignee: CA, INC.Inventors: Steven Cornelis Versteeg, Nathan Allin Hastings, Xien Yao, John Sinclair Bird
-
Publication number: 20190052614Abstract: A registry is utilized to identify personally identifiable information (PII) that has been breached. The registry is a distributed database shared by multiple organizations to track which PII has been breached in other organizations. A first service provider initially receives PII and corresponding signed descriptor from a user. The PII is used to verify an identity of the user and the signed descriptor describes the type of PII that is received. The first service provider queries the registry to determine if the signed descriptor of the user has been written to the registry by a second service provider, indicating that it has been breached at a service provided by the second service provider. If the first service provider uses the breached PII, the breached PII is invalidated by the first service provider.Type: ApplicationFiled: October 15, 2018Publication date: February 14, 2019Inventors: STEVEN CORNELIS VERSTEEG, NATHAN ALLIN HASTINGS, XIEN YAO, JOHN SINCLAIR BIRD
-
Publication number: 20190052673Abstract: A password breach registry is utilized to secure a service provided by a service provider. The password breach registry is a publicly accessible registry and includes password tokens written by breached service providers. The password tokens indicate passwords used to access breached service providers that may have been breached. A service provider can subscribe to the password breach registry and periodically query the password breach registry to determine if a password token corresponding to a user of a service provided by the service provider has been written to the password breach registry. This may indicate that the user of the service utilizes the same password on other services that have been breached. Upon determining that the password token has been written to the password breach registry, the user can be locked out from the service to prevent a malicious actor from gaining access to the account of the user.Type: ApplicationFiled: October 15, 2018Publication date: February 14, 2019Inventors: STEVEN CORNELIS VERSTEEG, NATHAN ALLIN HASTINGS, XIEN YAO, JOHN SINCLAIR BIRD
-
Patent number: 10089384Abstract: In a computer-implemented method for endpoint management, a plurality of messages communicated between a target endpoint and a client are recorded, in a computer-readable memory. Ones of the messages are clustered into respective groups, where the respective groups correspond to respective operation types of the ones of the messages included therein. For the respective operation types, respective message structures used by the target endpoint are determined based on commonalities among the ones of the messages of the respective groups corresponding to the operation types. For one of the respective operation types, a request to the target endpoint is generated in accordance with a corresponding one of the respective message structures used by the target endpoint. Related computer systems and computer program products are also discussed.Type: GrantFiled: March 12, 2015Date of Patent: October 2, 2018Assignee: CA, INC.Inventors: Nathan Allin Hastings, Steven Cornelis Versteeg, John Sinclair Bird, Xien Yao
-
Patent number: 10084762Abstract: A registry is utilized to identify personally identifiable information (PII) that has been breached. The registry is a distributed database shared by multiple organizations to track which PII has been breached in other organizations. A first service provider initially receives PII and corresponding signed descriptor from a user. The PII is used to verify an identity of the user and the signed descriptor describes the type of PII that is received. The first service provider queries the registry to determine if the signed descriptor of the user has been written to the registry by a second service provider, indicating that it has been breached at a service provided by the second service provider. If the first service provider uses the breached PII, the breached PII is invalidated by the first service provider.Type: GrantFiled: September 1, 2016Date of Patent: September 25, 2018Assignee: CA, INC.Inventors: Steven Cornelis Versteeg, Nathan Allin Hastings, Xien Yao, John Sinclair Bird
-
Patent number: 10079855Abstract: A password breach registry is utilized to secure a service provided by a service provider. The password breach registry is a publicly accessible registry and includes password tokens written by breached service providers. The password tokens indicate passwords used to access breached service providers that may have been breached. A service provider can subscribe to the password breach registry and periodically query the password breach registry to determine if a password token corresponding to a user of a service provided by the service provider has been written to the password breach registry. This may indicate that the user of the service utilizes the same password on other services that have been breached. Upon determining that the password token has been written to the password breach registry, the user can be locked out from the service to prevent a malicious actor from gaining access to the account of the user.Type: GrantFiled: September 1, 2016Date of Patent: September 18, 2018Assignee: CA, INC.Inventors: Steven Cornelis Versteeg, Nathan Allin Hastings, Xien Yao, John Sinclair Bird
-
Publication number: 20180205757Abstract: A password breach registry is utilized to secure a service provided by a service provider. The password breach registry is a publicly accessible registry and includes password tokens written by breached service providers. The password tokens indicate passwords used to access breached service providers that may have been breached. A service provider can subscribe to the password breach registry and periodically query the password breach registry to determine if a password token corresponding to a user of a service provided by the service provider has been written to the password breach registry. This may indicate that the user of the service utilizes the same password on other services that have been breached. Upon determining that the password token has been written to the password breach registry, the user can be locked out from the service to prevent a malicious actor from gaining access to the account of the user.Type: ApplicationFiled: March 14, 2018Publication date: July 19, 2018Inventors: STEVEN CORNELIS VERSTEEG, NATHAN ALLIN HASTINGS, XIEN YAO, JOHN SINCLAIR BIRD
-
Publication number: 20180205712Abstract: A registry is utilized to identify personally identifiable information (PII) that has been breached. The registry is a distributed database shared by multiple organizations to track which PII has been breached in other organizations. A first service provider initially receives PII and corresponding signed descriptor from a user. The PII is used to verify an identity of the user and the signed descriptor describes the type of PII that is received. The first service provider queries the registry to determine if the signed descriptor of the user has been written to the registry by a second service provider, indicating that it has been breached at a service provided by the second service provider. If the first service provider uses the breached PII, the breached PII is invalidated by the first service provider.Type: ApplicationFiled: March 14, 2018Publication date: July 19, 2018Inventors: STEVEN CORNELIS VERSTEEG, NATHAN ALLIN HASTINGS, XIEN YAO, JOHN SINCLAIR BIRD
-
Publication number: 20180191824Abstract: A method, program product, and apparatus for managing profiles in an access management domain. In an embodiment, attribute field mapping rules are generated for an identity profile schema applied to a plurality of identity profiles and an account profile schema applied to a plurality of account profiles. Each of the identity profiles includes one or more identity attribute fields and each of the plurality of account profiles includes one or more account attribute fields. As part of generating attribute field mapping rules, a synchronization manager iteratively compares, using an edit distance function, data in each of the identity attribute fields with data in one or more of each of the account attribute fields. In response to detecting a match between data in a given identity attribute field and data in a given account attribute field, the synchronization manager increments an attribute correlation value that is associated with the given identity attribute field and the given account attribute field.Type: ApplicationFiled: February 28, 2018Publication date: July 5, 2018Inventors: Steven Cornelis Versteeg, Nathan Allin Hastings, Xien Yao, John Sinclair Bird
-
Patent number: 9942321Abstract: A method, program product, and apparatus for managing profiles in an access management domain. In an embodiment, attribute field mapping rules are generated for an identity profile schema applied to a plurality of identity profiles and an account profile schema applied to a plurality of account profiles. Each of the identity profiles includes one or more identity attribute fields and each of the plurality of account profiles includes one or more account attribute fields. As part of generating attribute field mapping rules, a synchronization manager iteratively compares data in each of the identity attribute fields with data in one or more of each of the account attribute fields. In response to detecting a match between data in a given identity attribute field and data in a given account attribute field, the synchronization manager increments an attribute correlation value that is associated with the given identity attribute field and the given account attribute field.Type: GrantFiled: January 6, 2016Date of Patent: April 10, 2018Assignee: CA, Inc.Inventors: Steven Cornelis Versteeg, Nathan Allin Hastings, Xien Yao, John Sinclair Bird
-
Publication number: 20180063099Abstract: A registry is utilized to identify personally identifiable information (PII) that has been breached. The registry is a distributed database shared by multiple organizations to track which PII has been breached in other organizations. A first service provider initially receives PII and corresponding signed descriptor from a user. The PII is used to verify an identity of the user and the signed descriptor describes the type of PII that is received. The first service provider queries the registry to determine if the signed descriptor of the user has been written to the registry by a second service provider, indicating that it has been breached at a service provided by the second service provider. If the first service provider uses the breached PII, the breached PII is invalidated by the first service provider.Type: ApplicationFiled: September 1, 2016Publication date: March 1, 2018Inventors: STEVEN CORNELIS VERSTEEG, NATHAN ALLIN HASTINGS, XIEN YAO, JOHN SINCLAIR BIRD
-
Publication number: 20180063189Abstract: A password breach registry is utilized to secure a service provided by a service provider. The password breach registry is a publicly accessible registry and includes password tokens written by breached service providers. The password tokens indicate passwords used to access breached service providers that may have been breached. A service provider can subscribe to the password breach registry and periodically query the password breach registry to determine if a password token corresponding to a user of a service provided by the service provider has been written to the password breach registry. This may indicate that the user of the service utilizes the same password on other services that have been breached. Upon determining that the password token has been written to the password breach registry, the user can be locked out from the service to prevent a malicious actor from gaining access to the account of the user.Type: ApplicationFiled: September 1, 2016Publication date: March 1, 2018Inventors: STEVEN CORNELIS VERSTEEG, NATHAN ALLIN HASTINGS, XIEN YAO, JOHN SINCLAIR BIRD
-
Publication number: 20170277534Abstract: A computer-implemented method is disclosed which detects that new source code linked to a defect identifier has been checked in to a source code repository for a given code branch of a software application. The new source code is automatically checked in to additional code branches of the software application based on the defect identifier. For each additional code branch into which the new source code is automatically checked in, code coverage metrics are determined which indicate an extent to which application source code of the code branch is tested by its corresponding test case source code before and after the automatic check in. If a difference between the code coverage metrics indicates that code coverage for the code branch has decreased by more than a predefined threshold, a notification is transmitted that indicates a test case deficiency for the code branch.Type: ApplicationFiled: June 13, 2017Publication date: September 28, 2017Inventors: Ramanjaneyulu Mallisetty, Naveen Arora, Steven C. Versteeg, Xien Yao
-
Publication number: 20170195415Abstract: A method, program product, and apparatus for managing profiles in an access management domain. In an embodiment, attribute field mapping rules are generated for an identity profile schema applied to a plurality of identity profiles and an account profile schema applied to a plurality of account profiles. Each of the identity profiles includes one or more identity attribute fields and each of the plurality of account profiles includes one or more account attribute fields. As part of generating attribute field mapping rules, a synchronization manager iteratively compares data in each of the identity attribute fields with data in one or more of each of the account attribute fields. In response to detecting a match between data in a given identity attribute field and data in a given account attribute field, the synchronization manager increments an attribute correlation value that is associated with the given identity attribute field and the given account attribute field.Type: ApplicationFiled: January 6, 2016Publication date: July 6, 2017Inventors: Steven Cornelis Versteeg, Nathan Allin Hastings, Xien Yao, John Sinclair Bird
-
Patent number: 9684507Abstract: A computer-implemented method is disclosed which detects that new source code linked to a defect identifier has been checked in to a source code repository for a given code branch of a software application. The new source code is automatically checked in to additional code branches of the software application based on the defect identifier. For each additional code branch into which the new source code is automatically checked in, code coverage metrics are determined which indicate an extent to which application source code of the code branch is tested by its corresponding test case source code before and after the automatic check in. If a difference between the code coverage metrics indicates that code coverage for the code branch has decreased by more than a predefined threshold, a notification is transmitted that indicates a test case deficiency for the code branch.Type: GrantFiled: March 31, 2015Date of Patent: June 20, 2017Assignee: CA, Inc.Inventors: Ramanjaneyulu Mallisetty, Naveen Arora, Steven C. Versteeg, Xien Yao