Patents Issued in March 7, 2017
-
Patent number: 9589113Abstract: A method of using rights corresponding to broadcast contents in a terminal having a memory card attached thereto. The method according to one embodiment includes checking, by the terminal, whether or not rights corresponding to broadcast contents include a constraint for verifying an existence of the memory card and an existence of the rights within the memory card; and if the rights include the constraint, performing, by the terminal, a procedure for verifying the existence of the memory card and the existence of the rights within the memory card through an SRM Ping protocol, the performing the procedure for verifying including transmitting, from the terminal to the memory card, a request message, receiving, by the terminal, a response message, and continuing/initiating or stopping/not initiating a consumption of the rights. The constraint includes at least one of a synchronized element, a sync Threshold element, and a check Interval element.Type: GrantFiled: January 7, 2015Date of Patent: March 7, 2017Assignee: LG ELECTRONICS INC.Inventors: Younsung Chu, Seungjae Lee
-
Patent number: 9589114Abstract: This document describes policies for digital rights management that enable distribution of full-function versions of applications that, while fully functional, have functions limited by an associated policy. A policy may be replaced or updated, thereby enabling use of previously limited functions without distribution of another version of the application.Type: GrantFiled: January 5, 2010Date of Patent: March 7, 2017Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Clifford P. Strom, Stephen P. DiAcetis, Mark E. Paley
-
Patent number: 9589115Abstract: An obfuscation assisting apparatus assists in the obfuscation of a program. The obfuscation assisting apparatus includes an analyzer which identifies corresponding respective blocks in the source code and in the transformed code generated through the obfuscation of the source code. A browser obtains obfuscation information relating to obfuscation of the respective blocks of the source code and the transformed code, and causes an output device to display the respective parts of the source code and the transformed code, and the obfuscation information in association with each other.Type: GrantFiled: January 17, 2008Date of Patent: March 7, 2017Assignee: PANASONIC INTELLECTUAL PROPERTY MANAGEMENT CO., LTD.Inventors: Kenneth Alexander Nicolson, Rieko Asai, Taichi Sato, Hideki Matsushima
-
Patent number: 9589116Abstract: An information handling system includes a device, a controller, and a license manager subsystem. The controller is configured to determine whether the device has a license assigned and to communicate with the device pursuant to a uniform protocol. The communications include issuing a command to the device to provide an identification and a command to the device to activate itself.Type: GrantFiled: September 26, 2012Date of Patent: March 7, 2017Assignee: DELL PRODUCTS, LPInventors: Michael A. Brundridge, Gang Liu
-
Patent number: 9589117Abstract: A computer security system comprises a security module adapted to control access to a secure computer resource by a user via a client based on verification of a security credential provided by the user. The computer security system also comprises verification data disposed on the client and accessible by the security module. The security module is adapted to enable the user to recover the security credential based on a response received from the user associated with the verification data.Type: GrantFiled: February 17, 2004Date of Patent: March 7, 2017Assignee: Hewlett-Packard Development Company, L.P.Inventors: Valiuddin Ali, Manuel Novoa, Matthew J. Wagner
-
Patent number: 9589118Abstract: A system and method for configuring authentication of a mobile communications device entail detecting user context and device context factors and determining whether a current authentication mode is impractical or unfeasible in view of such factors. User context information of interest includes any indication that the user is driving or in a meeting for example. Context factors of interest include for example such factors as light, noise, or user activities such as driving. Based on this user context and device context, if the currently set authentication mode is impractical or unfeasible, then the device may select an available alternative authentication mode and reconfigure the device for that mode.Type: GrantFiled: August 20, 2014Date of Patent: March 7, 2017Assignee: GOOGLE TECHNOLOGY HOLDINGS LLCInventor: Nidhi Agarwal
-
Patent number: 9589119Abstract: A method of processing customer feedback is provided. The method comprises, associating a plurality of short codes to a plurality of portable electronic devices, each different short code associated with at least one different feedback value, wherein the short codes comprise a first short code and a second short code, and receiving a plurality of messages from a first sub-set of the portable electronic devices addressed to the first short code. The method further comprises receiving a plurality of message from a second sub-set of portable electronic devices addressed to the second short code. The method further comprises automatically analyzing the messages based on the first short code and the second short code. The method further comprises allocating customer care resources to respond to the messages based on the analysis.Type: GrantFiled: September 23, 2010Date of Patent: March 7, 2017Assignee: Sprint Communications Company L.P.Inventors: Michael A. Gailloux, Kenneth W. Samson
-
Patent number: 9589120Abstract: A method, system, and one or more computer-readable storage media for behavior based authentication for touch screen devices are provided herein. The method includes acquiring a number of training samples corresponding to a first action performed on a touch screen of a touch screen device, wherein the first action includes an input of a signature or a gesture by a legitimate user. The method also includes generating a user behavior model based on the training samples and acquiring a test sample corresponding to a second action performed on the touch screen, wherein the second action includes an input of the signature or the gesture by a user. The method further includes classifying the test sample based on the user behavior model, wherein classifying the test sample includes determining whether the user is the legitimate user or an imposter.Type: GrantFiled: April 5, 2013Date of Patent: March 7, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Arjmand Samuel, Muhammad Shahzad
-
Patent number: 9589121Abstract: A computer-implemented method provides power to a fingerprint reader while the remaining components of the information handling system are held in a low power, non-operating state. Placement of a finger across the fingerprint reader is detected with the information handling system in the non-operating state. A fingerprint is read and a corresponding fingerprint image is generated. The fingerprint image is buffered and an embedded controller is triggered to start an authentication device having a secure storage. The fingerprint image is compared to a fingerprint template contained in the secure storage. In response to the fingerprint image matching the fingerprint template, the authentication device signals the embedded controller to activate a user authenticated wake-up cycle to provide power to the other components of the information handling system such that the information handling system activates an operating system and enters a fully powered and user authenticated, operational state.Type: GrantFiled: November 30, 2015Date of Patent: March 7, 2017Assignee: Dell Products, L.P.Inventors: Daniel L. Hamlin, James T. Gillon, Christian L. Critz
-
Patent number: 9589122Abstract: A method and a device are provided in the field of network technology. In the method, a first server receives an operation request including a second server identifier and second account information. According to the second server identifier and the second account information, the first server determines whether associated account information is available in a predetermined three-party associating relationship. Upon determining that the associated account information is available, the first server obtains the associated account information for use as first account information. Based on the first account information, the first server responds to the operation request. During the process of providing services for a terminal by the second server, the first server obtains the first account information according to the second server identifier, the second account information, and the predetermined three-party associating relationship.Type: GrantFiled: December 23, 2014Date of Patent: March 7, 2017Assignee: Tencent Technology (Shenzhen) Company LimitedInventors: Zhigang Song, Ming Chen, Yabei Guan, Jun Zhang
-
Patent number: 9589123Abstract: A method of providing a user with an option to access a protected system by satisfying a reduced security measure is disclosed. An attempt by the user to access the protected system is detected. It is detected that a first security token system is within a first proximity to the protected system. Based on the detecting of the attempt by the user to access the protected system and the detecting that the first security token system is within the first proximity, the user is provided with the option to access the protected system by satisfying the reduced security measure.Type: GrantFiled: October 23, 2015Date of Patent: March 7, 2017Assignee: eBay Inc.Inventor: Eric J. Farraro
-
Patent number: 9589124Abstract: Various features described herein may allow an authorized user to provide a guest with access to a secured location through use of an encoded image containing steganographically encoded access information. The encoded access information may be recognizable by a security system, and the security system may grant access to the secured location when the encoded image is presented to the security system. The authorized user may request the generation of the encoded image on an authorized computing device, and the encoded image may be provided to the guest on a guest computing device. When a monitoring device associated with the security system captures the encoded access information, the security system may, for example, open a door at the secured location.Type: GrantFiled: May 29, 2014Date of Patent: March 7, 2017Assignee: Comcast Cable Communications, LLCInventors: Shawn O'Malley, Mike Rosenwald, Brad Hein
-
Patent number: 9589125Abstract: A 3D graphical password authentication method displays a 3D grid upon a user's request to access a restricted resource. The 3D graphical password authentication method requires the user to enter his or her access password by touching one or more intersections, namely touching the corresponding sensitive areas, on the 3D grid with an input device. A password is then produced as a sequence of the coordinates of the intersections touched along with penup values.Type: GrantFiled: December 31, 2014Date of Patent: March 7, 2017Inventor: Hai Tao
-
Patent number: 9589126Abstract: An electronic device having a lockscreen and a method implementing said lockscreen are disclosed herein, the electronic device including a display, a memory, and one or more processors configured to execute the method, the method including displaying a lockscreen pattern on the display including movable points repositionable in response to a drag input, and fixed points that are stationary, detecting drag inputs moving the movable points within the lockscreen pattern, and unlocking the electronic device if the detected drag inputs moving the movable points matches a pre-specified unlock condition stored in the memory.Type: GrantFiled: April 7, 2015Date of Patent: March 7, 2017Assignee: Samsung Electronics Co., Ltd.Inventor: Michal Lukasz Gajewski
-
Patent number: 9589127Abstract: Systems and methods are disclosed for collaborative authentication of a person based on an interaction with another person. A request for collaborative authentication is sent to the computing device of a person wanting to access a system, including an authentication ID unique to the request. The person collaborates with another person associated with the system and provides the second person with the authentication ID. The second person sends the authentication ID to the system such that the system associates the second person with the first person. Data is sent to the second person in order to challenge the first person. The first person responds to the challenge using the computing device and the system receives the response. The system compares the response to an expected answer and can either allow or deny the first person access to the system based on the comparison. Co-location may also be verified.Type: GrantFiled: February 28, 2014Date of Patent: March 7, 2017Assignee: Open Text SA ULCInventor: Simon Dominic Copsey
-
Patent number: 9589128Abstract: The present invention is notably directed to a method for enabling a computer (101) to boot from a user trusted device (10), the user trusted device (10) comprising a connection interface (12) enabling connection (S2) with said computer (101), the method comprising: enabling (S3) said computer (101) to start booting from the user trusted device (10) upon connection (S2) of the user trusted device with said computer (101) via said connection interface (12); instructing a processor (105) of the computer (101) to execute (S7) virtualization sensitive code and issue (S8) completion data upon completion of execution, which completion data depends on the virtualization sensitive code and its execution by the processor (105); determining (S9-S14), based on said completion data, whether the execution was not performed in a virtualized environment; and enabling (S15) said computer (101) to complete booting from the user trusted device (10) upon determining that the execution was not performed in a virtualized environmType: GrantFiled: November 26, 2013Date of Patent: March 7, 2017Assignee: International Business Machines CorporationInventors: Michael Baentsch, Thomas Gschwind, Andreas Schade
-
Patent number: 9589129Abstract: A source of side-loaded software is determined. An action may be performed in response to the determination of the source. In one case, the handling of an application on a mobile device may be based on whether the source of the application is trusted or untrusted. If a software application being newly-installed on a mobile device of a user is determined to be untrusted, installation or execution is blocked. In one approach, the determination of the source includes: determining whether a first source identifier of a first application matches a white list of source identifiers or a black list of source identifiers; and sending the first source identifier and a first application identifier for the first application to a different computing device.Type: GrantFiled: June 4, 2015Date of Patent: March 7, 2017Assignee: LOOKOUT, INC.Inventors: David Richardson, Ahmed Mohamed Farrakha, William Neil Robinson, Brian James Buck
-
Patent number: 9589130Abstract: Provided are techniques for controlling access to computing resources comprising generating a first fingerprint corresponding to a first executable file; storing the fingerprint in a non-transitory computer-readable storage medium; receiving a request to execute a second executable file on a computing system; generating a second fingerprint corresponding to the second executable file; determining whether or not the first fingerprint matches the second fingerprint; and, in response to determining that the first and second fingerprints match, executing the executable file on the computing system; and, in response to determining that the first and second fingerprints do not match, preventing the executable file from executing on the computing system.Type: GrantFiled: August 20, 2014Date of Patent: March 7, 2017Assignee: White Cloud Security, L.L.C.Inventors: Steven Dale Shanklin, Steven R. Snapp
-
Patent number: 9589131Abstract: A computer device includes a download unit which downloads one or more files into a storage device. A file logging unit records a resource locator identifying a source network location of the file, when the file is downloaded, and associates the resource locator with a first fingerprint of the file. A system policy unit stores the resource locator associated with a process control policy relevant to the file. A process control unit is arranged to obtain a second fingerprint of the file upon launching a process in a runtime execution environment, retrieve the resource locator from the file logging unit by matching the second fingerprint with the first fingerprint, retrieve the process control policy from the system policy unit according to the retrieved resource locator, and selectively apply process execution privileges which determine execution of the process in the runtime execution environment according to the retrieved process control policy.Type: GrantFiled: May 26, 2015Date of Patent: March 7, 2017Assignee: AVECTO LIMITEDInventor: Mark James Austin
-
Patent number: 9589132Abstract: A security system and method efficiently monitors and secures a computer to defend against malicious intrusions, and includes an in-band software monitor disposed within a kernel in communication with an operating system (OS) of the computer. The monitor intercepts system calls made from an MSR (Model Specific Register), to execute monitoring operations, and subsequently returns execution to the OS. An out-of-band hypervisor communicably coupled to the OS, has read shadow means for trapping read requests to the MSR, and write mask means for trapping write requests to the MSR. The hypervisor includes means for responding to the trapped read and write requests so that presence of the monitor is obscured.Type: GrantFiled: April 11, 2016Date of Patent: March 7, 2017Assignee: Barkly Protects, Inc.Inventors: Kirk R. Swidowski, Ryan J. Berg, Stephen C. Carlucci, John J. Danahy
-
Patent number: 9589133Abstract: Preventing return-oriented programming exploits by identifying a set of contiguous computer software instructions extending from a first location within a computer memory to a second location within the computer memory, where the set of computer software instructions includes a return-oriented programming gadget, copying the set of computer software instructions to extend from a third location within the computer memory to a fourth location within the computer memory, placing a branching instruction at the first memory location, where the branching instruction branches to the third location, appending a return branching instruction to the copy of the set of computer software instructions, where the return branching instruction branches to a fifth location within the computer memory that immediately follows the second location, and overwriting at least a portion of the return-oriented programming gadget between the first location and the second location.Type: GrantFiled: August 8, 2014Date of Patent: March 7, 2017Assignee: International Business Machines CorporationInventor: Eldan Ben-Haim
-
Patent number: 9589134Abstract: Processing a downgrader specification by constructing a set of candidate downgrader placement locations found within a computer software application, where each of the candidate downgrader placement locations corresponds to a transition between a different pair of instructions within the computer software application, and where each of the transitions participates in any of a plurality of data flows in a set of security-sensitive data flows within the computer software application, applying a downgrader specification to the set of candidate downgrader placement locations, and determining that the downgrader specification provides full coverage of the set of security-sensitive data flows within the computer software application if at least one candidate downgrader placement location within each of the security-sensitive data flows is a member of the set of candidate downgrader placement locations.Type: GrantFiled: March 17, 2016Date of Patent: March 7, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventor: Omer Tripp
-
Patent number: 9589135Abstract: According to one embodiment, a computerized method comprises, accessing information associated with one or more observed events, wherein one or more of the observed events constitutes an anomalous behavior; accessing a reference model based on a first plurality of events, the reference model comprises a first event of the first plurality of events, a second event of the first plurality of events and a relationship that identifies that the second event of the first plurality of events is based on the first event of the first plurality of events, wherein at least one of the first event and the second event constitutes an anomalous behavior; and comparing the information associated with the one or more observed events with the reference model to determine whether at least one observed event of the one or more observed events matches at least one of the first event of the first plurality of events or the second event of the first plurality of events that constitutes the anomalous behavior is provided.Type: GrantFiled: September 29, 2014Date of Patent: March 7, 2017Assignee: FireEye, Inc.Inventors: Hirendra Rathor, Kaushal Dalal
-
Patent number: 9589136Abstract: Examples of extracting a message format are disclosed. Extracting the message format may include capturing an execution trace of a malicious program client and identifying and analyzing a processing procedure of a message in the execution trace. An input message format is identified based on the analysis, where the input message format is of a communication protocol used by a malicious program. The examples of identifying the message format provide increase extraction efficiency, accurate analysis and positioning, and a reduced rate of false positives.Type: GrantFiled: March 31, 2015Date of Patent: March 7, 2017Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITEDInventors: Zan Zou, Xiaokang Zhang, Zhi Wang, Chunfu Jia, Lu Liu
-
Patent number: 9589137Abstract: An object is to improve detection accuracy of unfair use when a task system is used by using a mobile terminal. There is provided a method for detecting unfair use including: recording a plurality of operation feature quantities which are calculated from an operation log of a user and weights for the plurality of operation feature quantities of the user which are calculated by using a plurality of operation feature quantities of other users, obtaining an operation log of the user of a terminal device, calculating a plurality of operation feature quantities from the operation log, calculating similarity between the calculated plurality of operation feature quantities and the recorded plurality of operation feature quantities of the user in advance, by using the weights for the plurality of operation feature quantities, and detecting unfair use of the terminal device.Type: GrantFiled: March 1, 2013Date of Patent: March 7, 2017Assignee: Hitachi, Ltd.Inventors: Tomohiro Hanai, Katsuro Kikuchi, Tomohiro Nakamura
-
Patent number: 9589138Abstract: Various embodiments are generally directed to authenticating a chain of components of boot software of a computing device. An apparatus comprises a processor circuit and storage storing an initial boot software component comprising instructions operative on the processor circuit to select a first set of boot software components of multiple sets of boot software components, each set of boot software components defines a pathway that branches from the initial boot software component and that rejoins at a latter boot software component; authenticate a first boot software component of the first set of boot software components; and execute a sequence of instructions of the first boot software component to authenticate a second boot software component of the first set of boot software components to form a chain of authentication through a first pathway defined by the first set of boot software components. Other embodiments are described and claimed herein.Type: GrantFiled: September 21, 2015Date of Patent: March 7, 2017Assignee: INTEL CORPORATIONInventors: Jiewen Yao, Vincent J. Zimmer
-
Patent number: 9589139Abstract: Firmware in a computing device is used to administer and alter a Secure Boot process for the computing device while continuing to provide protection from unauthorized third-party code.Type: GrantFiled: March 26, 2015Date of Patent: March 7, 2017Assignee: Insyde Software Corp.Inventor: Jeffery Jay Bobzin
-
Patent number: 9589140Abstract: The invention provides a digital asset authentication system and method. The invention includes a digital asset metadata register storing details of parties enrolled with the system, including at least one end user and at least one digital asset supplier, and details of digital assets available from the digital asset supplier. A security module is provided for producing a unique tag and for creating a digital asset security container for the tag comprising data relating to events involving the tag, and the tag and the security container are stored in a store. A processor executes authentication software in response to a request from said one end user for a respective digital asset to validate the request by reference to the metadata register to verify that the metadata register lists said one end user and the respective digital asset.Type: GrantFiled: March 8, 2011Date of Patent: March 7, 2017Assignee: ARLINGTON TECHNOLOGY HOLDINGS LIMITEDInventor: Lars Wallin
-
Patent number: 9589141Abstract: A method for detecting against unauthorized transmission of digital works comprises the steps of maintaining a registry of information permitting identification of digital copyrighted works, monitoring a network for transmission of at least one packet-based digital signal, extracting at least one feature from the at least one digital signal, comparing the extracted at least one feature with registry information and applying business rules based on the comparison result.Type: GrantFiled: December 23, 2013Date of Patent: March 7, 2017Assignee: Audible Magic CorporationInventor: Richard A. Schmelzer
-
Patent number: 9589142Abstract: A safety communication scheme for a safety-critical system which includes two or more higher level units that have voting capabilities and one or two sets of lower level units that do not have voting capabilities, involves using one channel between the high and low level units for safety and two channels for redundancy.Type: GrantFiled: June 18, 2014Date of Patent: March 7, 2017Assignee: Thales Canada IncInventors: Carl Schwellnus, Martin Krieger
-
Patent number: 9589143Abstract: A system and method provide for shared access to a database in a semi-trusted platform. In the method, for each of a set of users, provision is made for regenerating a respective user key, based on a respective predefined user input, such as a hashed password. One or more of the users is authorized to have access to an encrypted database. For each of these, the method includes encrypting a key for the encrypted database with the respective user's user key to generate an encrypted database key. During a user session, one of the authorized users is provided with access to the encrypted database by decrypting the database key from the encrypted database key with the respective user's user key, and decrypting the database, from the encrypted database, with the database key. The database key and each user's user key are not stored on the platform and are thus inaccessible to platform administrators and unauthorized users between user sessions.Type: GrantFiled: April 17, 2014Date of Patent: March 7, 2017Assignee: XEROX CORPORATIONInventors: Saghar Estehghari, Nicolas Guerin, Nicolas Monet
-
Patent number: 9589144Abstract: Systems and methods for cryptographic suite management are described. A system for cryptographic suite management has a cryptographic suite management unit comprising a series of APIs enabling diverse applications to call cryptographic functions. The system enables: multiple applications on an interface to access shared cryptographic resources; applications across multiple devices to share and license cryptographic resources between devices; encryption, decryption and sharing of data between devices having different cryptographic implementations; the definition, distribution and enforcement of policies governing the terms of use for cryptographic implementations, systems and methods to secure and protect shared and dynamically loaded cryptographic providers; use by an application of multiple cryptographic resources and the management of cryptographic provider bundles and associated policies across one or many cryptographic suite management unit instances.Type: GrantFiled: May 6, 2015Date of Patent: March 7, 2017Assignee: INFOSEC GLOBAL INC.Inventors: Adrian Antipa, Dominic Chorafakis, Brian Neill
-
Patent number: 9589145Abstract: In one set of embodiments, methods, systems, and apparatus are provided to attach one or more quality of service policies to resources in an enterprise system by receiving a first global policy attachment that references an attachment attribute value and a first service policy, receiving a request to access a policy subject associated with a subject attribute value, identifying an effective policy set referenced by the first global policy attachment, the effective policy set including the first service policy if the attachment attribute value equals the subject attribute value, and granting the request to access based upon the at least one effective policy. The at least one effective policy may further include a first service policy referenced by the first global policy attachment if a first policy attachment scope referenced by the first global policy attachment matches or contains a subject scope associated with the policy subject.Type: GrantFiled: May 31, 2011Date of Patent: March 7, 2017Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Jeffrey Jason Bryan, Nickolas Kavantzas, Prakash Yamuna
-
Patent number: 9589146Abstract: An approach for hiding sensitive data in log files is provided. The approach uses a background program embedded within an operating system. The background program intercepts a write operation of an application and, in response to determining that the write operation is for a log file, gets content of the write operation. The background program checks a knowledge base that comprises information for the sensitive data and identifies the sensitive data in the content of the write operation. The background program masks the sensitive data in the content of the write operation, in response to determining that the content of the write operation has the sensitive data to be masked. In the log file, the background program writes modified content in which the sensitive data is masked.Type: GrantFiled: April 22, 2014Date of Patent: March 7, 2017Assignee: International Business Machines CorporationInventors: Ingo J. Averdunk, Gianluca Della Corte, Stefano Proietti, Antonio M. Sgro
-
Patent number: 9589147Abstract: Systems and methods for detecting potential steganography use to hide content in computer files transmitted via electronic communications are provided. An electronic communication associated with a computer file may be identified. The communication and the computer file may be analyzed to determine whether the computer file potentially includes hidden content. To determine whether the computer file potentially includes hidden content, a set of steganographic criteria may be analyzed. If at least a portion of the steganographic criteria are satisfied, then it may be determined that the computer file potentially includes hidden content. If at least a portion of the steganographic criteria are not satisfied, then it may be determined that the computer file does not potentially include hidden content. If the computer file is determined to potentially include hidden content, an individual may be notified of the communication associated with the computer file.Type: GrantFiled: October 20, 2015Date of Patent: March 7, 2017Assignee: Bank of America CorporationInventors: Richard D. Hanner, Sr., Gwendolynne Chaperon-Dewolf, Chris Stott, Joseph Werner
-
Patent number: 9589148Abstract: The systems and methods of the present invention provide a solution that makes data provably secure and accessible—addressing data security at the bit level—thereby eliminating the need for multiple perimeter hardware and software technologies. Data security is incorporated or weaved directly into the data at the bit level. The systems and methods of the present invention enable enterprise communities of interest to leverage a common enterprise infrastructure. Because security is already woven into the data, this common infrastructure can be used without compromising data security and access control. In some applications, data is authenticated, encrypted, and parsed or split into multiple shares prior to being sent to multiple locations, e.g., a private or public cloud. The data is hidden while in transit to the storage location, and is inaccessible to users who do not have the correct credentials for access.Type: GrantFiled: July 29, 2016Date of Patent: March 7, 2017Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini
-
Patent number: 9589149Abstract: A profiling service may determine, local to a device, user profile attributes associated with a device user based on interaction of the device user with the device, based on device-local monitoring of device user interactions with the device, and may store the user profile attributes in a memory. The profiling service may be configured as an augmentation to a device operating system of the device. A profile exposure component may manage exposure of information associated with the user profile attributes to applications operating locally on the device, without exposure to the applications or to third parties of information determined as sensitive to the device user.Type: GrantFiled: November 30, 2012Date of Patent: March 7, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Benjamin Livshits, Andrew Joseph Davidson
-
Patent number: 9589150Abstract: Embodiments of the present application relate to a method, apparatus, and system for managing confidential information. The method includes accessing stored target information comprising a public part and a confidential part, wherein an identifier corresponds to the confidential part of the target information, outputting the public part of the target information and the corresponding identifier, wherein the public part of the target information comprises at least first address information, receiving location information and a to-be-recognized identifier, wherein the location information is associated with a current location of a mobile terminal, determining whether the location information is consistent with the first address information, and in the event that the location information is consistent with the first address information, sending the confidential part of the target information associated with the to-be-recognized identifier to the mobile terminal.Type: GrantFiled: June 10, 2015Date of Patent: March 7, 2017Assignee: Alibaba Group Holding LimitedInventor: Lizhong Li
-
Patent number: 9589151Abstract: An apparatus may include an interface to receive a multiplicity of user information samples at a respective multiplicity of instances; a processor circuit, and an entropy multiplexer for execution on the processor circuit to generate a pseudo random number based upon a pseudo random number seed and pseudo random number algorithm for each user information sample of the multiplicity of user information samples. Other embodiments are described and claimed.Type: GrantFiled: December 23, 2013Date of Patent: March 7, 2017Assignee: INTEL CORPORATIONInventors: William C. Deleeuw, Ned M. Smith
-
Patent number: 9589152Abstract: Data to be exchanged in a transaction is protected by using a hashing function to transform sensitive data into a scrambled form. The hashing function can use as its inputs data derived entirely or in part from portions of the data to be exchanged. The hashing function can also use as its inputs data derived entirely or in part from other locally available data. The output of the hash function is then transmitted to a destination that attempts to recreate the output of the hash function in order to validate the data transmission.Type: GrantFiled: September 18, 2008Date of Patent: March 7, 2017Assignee: Visa U.S.A. Inc.Inventor: John Sheets
-
Patent number: 9589153Abstract: A method for providing integrity and consistency of a cloud storage service to a group of mutually trusted clients may be provided. The cloud storage service may offer a set of operations, such as read, write, update, delete in respect to stored data to the clients, whereby each client only executes its own client operations when consuming one of the set of operations of the cloud storage service, and wherein each client detects data correctness of the cloud storage service based on a protocol providing fork-linearizablity.Type: GrantFiled: July 2, 2015Date of Patent: March 7, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Marcus Brandenburger, Christian Cachin, Nikola Knezevic
-
Patent number: 9589154Abstract: An improved secure programming technique involves reducing the size of bits programmed in on-chip secret non-volatile memory, at the same time enabling the typical secure applications supported by secure devices. A technique for secure programming involves de-coupling chip manufacture from the later process of connecting to ticket servers to obtain tickets. A method according to the technique may involve sending a (manufacturing) server signed certificate from the device prior to any communication to receive tickets. A device according to the technique may include chip-internal non-volatile memory to store the certificate along with the private key, in the manufacturing process.Type: GrantFiled: July 7, 2014Date of Patent: March 7, 2017Assignee: Acer Cloud Technology Inc.Inventors: Pramila Srinivasan, John Princen
-
Patent number: 9589155Abstract: Technologies for verifying hardware components of a computing device include retrieving platform identification data of the computing device, wherein the platform identification data is indicative of one or more reference hardware components of the computing device, accessing hardware component identification data from one or more dual-headed identification devices of the computing device, and comparing the platform identification data to the hardware component identification data to determine whether a hardware component of the computing device has been modified. Each of the one or more dual-headed identification devices is secured to a corresponding hardware component of the computing device, includes identification data indicative of an identity of the corresponding hardware component of the computing device, and is capable of wired and wireless communication.Type: GrantFiled: September 23, 2014Date of Patent: March 7, 2017Assignee: Intel CorporationInventors: Rajesh Poornachandran, Vincent J. Zimmer, Shahrokh Shahidzadeh, Gopinatth Selvaraje
-
Patent number: 9589156Abstract: An information handling system and method performs Unified Extensible Firmware Interface (UEFI) interception and pre-processing of data associated with block input/output (I/O) commands targeting encrypted storage devices. A UEFI interceptor block (IB) I/O driver intercepts each block I/O command targeting block addresses on a storage device and identifies whether any of the target block addresses is encrypted. In response to identifying an encrypted block address among the target block addresses, the UEFI IB I/O driver forwards data associated with the encrypted block address to an encryption-decryption module to perform one of an encryption and a decryption of the data. Final handling of the block I/O command is performed using a block I/O driver chained to the UEFI IB I/O driver. Data associated with I/O commands targeting encrypted block addresses is first processed by the encryption-decryption module before final handling of the I/O command is performed by the block I/O driver.Type: GrantFiled: November 4, 2015Date of Patent: March 7, 2017Assignee: Dell Products, L.P.Inventors: Anand Prakash Joshi, Richard M. Tonry
-
Patent number: 9589157Abstract: A method for protecting an operation sequence executed by a portable data carrier from spying out, wherein the data carrier has at least a processor core, a main memory and a cache memory with a plurality of cache lines. The processor core is able to access, upon executing the operation sequence, at least two data values, with the data values occupying at least one cache line in the cache memory and being respectively divided into several portions so that the occurrence of a cache miss or a cache hit is independent of which data value is accessed. A computer program product and a device have corresponding features. The invention serves to thwart attacks based on an evaluation of the cache accesses during the execution of the operation sequence.Type: GrantFiled: March 3, 2011Date of Patent: March 7, 2017Assignee: Giesecke & Devrient GmbHInventor: Christof Rempel
-
Patent number: 9589158Abstract: Systems comprising a processor and a dynamic random access memory (DRAM). The DRAM comprises a programmable intelligent search memory (PRISM).Type: GrantFiled: August 18, 2015Date of Patent: March 7, 2017Inventor: Ashish A. Pandya
-
Patent number: 9589159Abstract: Two processing elements in a single platform may communicate securely to allow the platform to take advantage of the certain cryptographic functionality in one processing element. A first processing element, such as a bridge, may use its cryptographic functionality to request a key exchange with a second processing element, such as a graphics engine. Each processing element may include a global key which is common to the two processing elements and a unique key which is unique to each processing element. A key exchange may be established during the boot process the first time the system boots and, failing any hardware change, the same key may be used throughout the lifetime of the two processing elements. Once a secure channel is set up, any application wishing to authenticate a processing element without public-private cryptographic function may perform the authentication with the other processing element which shares a secure channel with the first processing element.Type: GrantFiled: June 26, 2009Date of Patent: March 7, 2017Assignee: Intel CorporationInventors: Balaji Vembu, Aditya Navale, Sathyamurthi Sadhasivan
-
Patent number: 9589160Abstract: A working method for a smart card reader, which comprises that: the card reader is powered on and initialized; a system mode is set according to a type of a device which connects to the card reader, and determines the system mode; if the system mode is an APPLE® mode, determine whether an APPLE® authenticating operation is required to be re-performed, if the APPLE® authenticating operation is required to be re-performed, perform the APPLE® authenticating operation, waiting for receiving APPLE® data sent by an APPLE® device, the card reader performs corresponding operation in accordance with a type of an instruction; if the system mode is a USB mode, determine whether a USB data transmission flag is set, enable a USB connection and perform a USB enumeration in a case that the USB data transmission is not set, and when the USB enumeration is finished, the USB data transmission flag is set; waiting for receiving a USB data sent by the upper computer in a case that the USB data transmission flag is set, the cardType: GrantFiled: June 30, 2014Date of Patent: March 7, 2017Assignee: Feitian Technologies Co., Ltd.Inventors: Zhou Lu, Huazhang Yu
-
Patent number: 9589161Abstract: One embodiment is a flat card that includes an electrically non-conductive substrate and a plurality of electrical conductors disposed on a surface of the non-conductive substrate. The conductors are connected together to form patterns of conductive lines connected to conductive geometric shapes located at ends of the conductive lines. A switch is positioned between two of the conductive geometric shapes and switchable between an open state and a closed state.Type: GrantFiled: May 13, 2016Date of Patent: March 7, 2017Assignee: Kazoo Technology (Hong Kong) LimitedInventors: Pak Tao Alan Lau, Kin Chung Kendall Lo
-
Patent number: 9589162Abstract: An inventory system can include radio frequency identification (RFID) tags and RFID tuners that can be brought into interacting proximity with one another to provide input or other information about the location or other condition of movable elements within the inventory system. For example, a closed or at least partially open state of a drawer can be determined based on signals from an RFID tag when the RFID tag and a corresponding RFID tuner are mounted on opposing faces of the drawer and a compartment that receives the drawer.Type: GrantFiled: December 1, 2015Date of Patent: March 7, 2017Assignee: Amazon Technologies, Inc.Inventors: Jules Cook Graybill, Jonathan David Phillips, Wesley Scott Lauka, Ryan Scott Russell