Patents Issued in May 14, 2024
  • Patent number: 11983258
    Abstract: Techniques are described for enabling a user to access a secure system based on vital signs of the user that are collected by a wearable device worn by the user. The vital signs of the user may be used as an extra level of security when accessing the secure system. For example, a computing device may automatically validate that a user requesting access to a secure system is a person and not a robot based on receipt of vital signs of the user. As another example, a computing device may operate as a secure access badge that first analyzes vital signs of a user to confirm that the user is not in distress before sending an access signal to gain access to a secure system. In either example, the computing device may be a wearable device, or be paired to a wearable device to receive the vital signs.
    Type: Grant
    Filed: May 23, 2022
    Date of Patent: May 14, 2024
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Kourtney Eidam, Andrew J. Garner, IV, Dennis Emmanuel Montenegro
  • Patent number: 11983259
    Abstract: A computerized method for voice authentication of a customer in a self-service system is provided. A request for authentication of the customer is received and the customer is enrolled in the self-service system with a text-independent voice print. A passphrase from a plurality of passphrases to transmit to the customer is determined based on comparing each of the plurality of passphrases to a text-dependent or text-independent voice biometric model. The passphrase is transmitted to the customer, and when the customer responds, an audio stream of the passphrase is received. The customer is authenticated by comparing the audio stream of the passphrase against the text-independent voice print. If the customer is authenticated, then storing the audio stream of the passphrase and the topic of the passphrase.
    Type: Grant
    Filed: February 15, 2023
    Date of Patent: May 14, 2024
    Assignee: NICE INC.
    Inventors: Matan Keret, Amnon Buzaglo
  • Patent number: 11983260
    Abstract: A computer platform is disclosed. The computer platform comprises a central processing unit (CPU) including at least one socket having a plurality of tiles and control circuitry to partition the socket into a plurality of sub-sockets and assign a unique identity to each of the plurality of sub-sockets for security verification, wherein each sub-socket comprises at least one of the plurality of tiles to operate as a cluster of resources.
    Type: Grant
    Filed: April 6, 2023
    Date of Patent: May 14, 2024
    Assignee: Intel Corporation
    Inventors: Bharat Pillilli, David W. Palmer, Nikola Radovanovic
  • Patent number: 11983261
    Abstract: The techniques disclosed herein provide an enhanced single sign-on flow for secure computing resources, such as a virtual machine or hosted applications. In some configurations, the techniques process different types of security data, e.g., credentials, tokens, certificates, and reference objects at specific computing entities of a system to provide a single sign-on flow for providing access to secure computing resources from a client computing device. In one illustrative example, a select type of security data, such as a certificate, is generated from a token and a claim at a particular computing resource, such as an agent operating on a virtual machine. In another example, a signed version of the certificate can be stored and verified at the virtual machine. By generating certificates at such particular computing resources, the computing resource can verify a person's credentials using a secure single sign-on flow without requiring the person to provide credentials multiple times.
    Type: Grant
    Filed: April 23, 2021
    Date of Patent: May 14, 2024
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Vladimir Kostadinov Stoyanov, Artem Belkine, Gustavo Hernando Catalano-Fonseca, Christian Cruz Montoya, David Belanger, Clark David Nicholson
  • Patent number: 11983262
    Abstract: According to an aspect of the invention, there is provided a device for generating a unique response to a challenge, the device comprising: a plurality of structures, each structure being able to change from a first distinct state, to a second distinct state, in response to an appropriate input challenge; the device being arranged to facilitate a challenge of the plurality of structures in combination, by changing an input to the plurality of structures in combination, to cause each structure of the plurality of structures to change from the first distinct state, to the second distinct state; as part of the challenge, the device being arranged to facilitate a measurement of an output of the plurality of structures in combination, in response to the input; wherein the unique response is at least indicative of a sequence in which the change in state takes place for each of the plurality of structures, in response to the input.
    Type: Grant
    Filed: May 13, 2020
    Date of Patent: May 14, 2024
    Assignee: QUANTUM BASE LIMITED
    Inventors: Robert James Young, Ramon Bernardo Gavito
  • Patent number: 11983263
    Abstract: In some examples, an electronic device includes a processor to allow installation of an untrusted executable code to a virtual machine, monitor the installation and execution of the untrusted executable code, and, responsive to a determination that an executed amount of the untrusted executable code is less than a threshold amount, prompt a user to continue the execution of the untrusted executable code.
    Type: Grant
    Filed: December 16, 2021
    Date of Patent: May 14, 2024
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventor: Tirath Ramdas
  • Patent number: 11983264
    Abstract: Embodiments herein describe offloading encryption activities to a network interface controller/card (NIC) (e.g., a SmartNIC) which frees up server compute resources to focus on executing customer applications. In one embodiment, the smart NIC includes a system on a chip (SoC) implemented on an integrated circuit (IC) that includes an embedded processor. Instead of executing a transport layer security (TLS) stack entirely in the embedded processor, the embodiments herein offload certain TLS tasks to a Public Key Infrastructure (PKI) accelerator such as generating public-private key pairs.
    Type: Grant
    Filed: December 6, 2021
    Date of Patent: May 14, 2024
    Assignee: XILINX, INC.
    Inventors: Jaideep Dastidar, Aman Gupta, Krishnan Srinivasan, Sagheer Ahmad
  • Patent number: 11983265
    Abstract: Systems and methods of cyber hardening software by modifying one or more assembly source files. In some embodiments, the SME tool transparently and seamlessly integrates into the build process of the assembly source files being modified. For example, upon integration of the disclosed SME tool into the application's development environment, the modifications in the final executable are transparent to the developer and can support other cyber hardening techniques. In some embodiments, the integration of the SME tool into a build can be automated. Simplifying integration, through automated means, can be beneficial for widespread adoption of SME tools in cyberhardening software applications. Automated SME build integrations, e.g., removing manual methods and techniques, can help eliminate human errors and result in faster SME integrations, in comparison to manual integrations of a SME tool.
    Type: Grant
    Filed: April 20, 2020
    Date of Patent: May 14, 2024
    Assignee: RunSafe Security, Inc.
    Inventor: Erik Raymond Lotspeich
  • Patent number: 11983266
    Abstract: Systems and methods are disclosed for event-based application control. A system extension is configured to leverage an endpoint security API for monitoring event activity within operating system kernel processes. The system extension registers with the endpoint security API particular event types for which the system extension would like to receive notifications. In response to receiving notifications regarding detected events corresponding to the registered event types, the system extension determines if the event, and its corresponding process, are safe and allowable to execute. In various embodiments, the system leverages whitelists, blacklists, and rules policies for making a safeness determination regarding the event notification. The system extension transmits this determination to the operating system via the endpoint security API.
    Type: Grant
    Filed: January 17, 2023
    Date of Patent: May 14, 2024
    Assignee: BEYOND TRUST CORPORATION
    Inventors: Omar Jawayd Ikram, Simon Fradkin
  • Patent number: 11983267
    Abstract: A data processing method based on Trojan circuit detection includes controlling a processor, in a testing stage, to perform following steps: obtaining a plurality of characteristic values corresponding to a logic gate circuit; performing a distribution adjustment operation on the characteristic values to generate a plurality of adjusted characteristic values; and performing classification on the adjusted characteristic values to generate a logic identification result.
    Type: Grant
    Filed: November 30, 2021
    Date of Patent: May 14, 2024
    Assignee: INSTITUTE FOR INFORMATION INDUSTRY
    Inventors: Jian Wei Liao, Ting Yu Lin, Kai Chiang Wu, Jung Che Tsai
  • Patent number: 11983268
    Abstract: A service prevents attacks carried out through container escape for silo-based containers. A callback is registered for a function(s) that may be invoked from inside a container and returns an object handle(s). The callback, when triggered by invocation of the function(s), executes for determination of whether requests for access to objects via their handles are issued by suspicious processes. Access to CExecSvc.exe is restricted for processes that request a handle for CExecSvc.exe and are determined to be associated with a container themselves. Processes that escape their container through a technique that evades detection are also blocked from accessing the host system. When a process requests access to an object via invocation of a function that returns a handle, the callback executes for determination of whether the process but not the requested object is associated with a container, in which case the service restricts the process' access to the host system.
    Type: Grant
    Filed: February 15, 2022
    Date of Patent: May 14, 2024
    Assignee: Palo Alto Networks, Inc.
    Inventors: Daniel Prizmant, Ariel M. Zelivansky, Liron Levin, Eran Yanay
  • Patent number: 11983269
    Abstract: There is described a neural network system implemented by one or more computers for determining graph similarity. The neural network system comprises one or more neural networks configured to process an input graph to generate a node state representation vector for each node of the input graph and an edge representation vector for each edge of the input graph; and process the node state representation vectors and the edge representation vectors to generate a vector representation of the input graph. The neural network system further comprises one or more processors configured to: receive a first graph; receive a second graph; generate a vector representation of the first graph; generate a vector representation of the second graph; determine a similarity score for the first graph and the second graph based upon the vector representations of the first graph and the second graph.
    Type: Grant
    Filed: December 22, 2022
    Date of Patent: May 14, 2024
    Assignee: DeepMind Technologies Limited
    Inventors: Yujia Li, Chenjie Gu, Thomas Dullien, Oriol Vinyals, Pushmeet Kohli
  • Patent number: 11983270
    Abstract: An amount of data change associated with a version of a content file with respect to one or more previous versions of the content file is determined. The amount of change associated with the version of the content file is determined using a tree data structure associated with the content file that is stored on a storage cluster. One or more statistics associated with backup snapshot are provided to a server. The server is configured to determine that the amount of data change associated with the version of the content file is anomalous based in part on the one or more statistics associated with the backup snapshot. A notification that data associated with the backup snapshot is potentially infected by malicious software is received from the server. The version of the content file is indicated as being potentially infected by malicious software.
    Type: Grant
    Filed: January 22, 2021
    Date of Patent: May 14, 2024
    Assignee: Cohesity, Inc.
    Inventors: Prashant Gaurav, Sidharth Mishra, Karandeep Singh Chawla, Anubhav Gupta, Sudhir Srinivas, Apurv Gupta, Nagapramod Mandagere
  • Patent number: 11983271
    Abstract: A processor may generate an enforcement point. The enforcement point may include one or more adversarial detection models. The processor may receive user input data. The processor may analyze, at the enforcement point, the user input data. The processor may determine, from the analyzing, whether there is an adversarial attack in the user input data. The processor may generate an alert based on the determining.
    Type: Grant
    Filed: November 19, 2020
    Date of Patent: May 14, 2024
    Assignee: International Business Machines Corporation
    Inventors: Bruno dos Santos Silva, Cheng-Ta Lee, Ron Williams, Bo-Yu Kuo, Chao-Min Chang, Sridhar Muppidi
  • Patent number: 11983272
    Abstract: Privilege escalation monitoring may include initiating a learning mode, recording application attributes of one or more applications on a host system to an application repository, recording process attributes of one or more running processes on the host system to an access repository, recording API calls of the one or more running processes on the host system to an API repository, terminating the learning mode, initializing a protecting mode, identifying running processes on the host system based on records in the application repository, determining whether the identified running processes have system access violations based on the application repository, determining whether the identified running processes have file permission escalations based on the access repository, determining whether the identified running processes have failed privileged API calls based on the API repository, generating an alert and terminating an offending process corresponding to the determinations.
    Type: Grant
    Filed: July 14, 2021
    Date of Patent: May 14, 2024
    Assignee: Saudi Arabian Oil Company
    Inventor: Urfan Ahmed
  • Patent number: 11983273
    Abstract: A trusted orchestrator function subsystem inventory and verification system includes an OS, a BIOS, a management device, and a trusted orchestrator device. In response to presentation of a function subsystem to the OS during runtime, the OS generates a function subsystem detection alert that identifies the function subsystem. In response to the function subsystem detection alert, the BIOS generates and provides a BIOS inventory update that identifies the function subsystem. The management device receives the BIOS inventory update and, in response, forwards the BIOS inventory update. The trusted orchestrator device receives the BIOS inventory update and, in response, determine whether the function subsystem identified in the BIOS inventory update is included in a trusted function subsystem inventory.
    Type: Grant
    Filed: May 31, 2022
    Date of Patent: May 14, 2024
    Assignee: Dell Products L.P.
    Inventors: Srinivas Giri Raju Gowda, Syama Poluri, Gaurav Chawla
  • Patent number: 11983274
    Abstract: Provided are a processing device and a method for secure booting thereof, in which the processing device includes a security core that operates a Root of Trust and sequentially performs an integrity check on first firmware and second firmware through the Root of Trust, a main core that sequentially operates the first firmware and the second firmware, a non-volatile memory storing the first firmware and the second firmware, and a first volatile memory that loads the first firmware and the second firmware from a main core domain of the main core and operates the loaded firmware with the main core.
    Type: Grant
    Filed: November 16, 2023
    Date of Patent: May 14, 2024
    Assignee: REBELLIONS INC.
    Inventor: Myunghoon Choi
  • Patent number: 11983275
    Abstract: An apparatus comprises a processing device configured to determine, utilizing a firmware-based agent running in firmware, a boot flag status during a boot process of the processing device. The processing device is also configured to execute, responsive to the boot flag status being a first value, a system update handler of the firmware-based agent configured for provisioning of a secured runtime operating system on the processing device, wherein the provisioning comprises digitally signing an image of the secured runtime operating system utilizing a hardware-based root of trust key. The processing device is further configured to execute, responsive to the boot flag status being a second value, a secured operating system boot handler of the firmware-based agent configured for validating and loading secured runtime operating system, wherein the validation comprises performing attestation of a signature of the image of the secured runtime operating system utilizing the hardware-based root of trust key.
    Type: Grant
    Filed: January 18, 2022
    Date of Patent: May 14, 2024
    Assignee: Dell Products L.P.
    Inventors: John Henry Terpstra, Jeroen Diederik Cornelis Antonius Mackenbach
  • Patent number: 11983276
    Abstract: A communication system personality provisioning system includes a communication system included in a computing system and coupled to a management system. The communication system stores authentication information in a UEFI database of a UEFI system in the communication system. The communication system receives a first operating software image and application/service from the management system, authenticates the first operating software image and application/service via first secure initialization operations performed by the UEFI system using the authentication information and, in response, installs the first operating software image and application/service on the communication system.
    Type: Grant
    Filed: October 27, 2022
    Date of Patent: May 14, 2024
    Assignee: Dell Products L.P.
    Inventors: Mukund P. Khatri, Jimmy D. Pike, Gaurav Chawla, William Price Dawkins, Elie Jreij, Mark Steven Sanders, Walter A. O'Brien, III, Robert W. Hormuth
  • Patent number: 11983277
    Abstract: Some examples relate to identifying a security vulnerability in a computer system. In an example, via a NAND flash memory, a computer system may be scanned to obtain information related to a software program, based on a rule set defined in a management controller (e.g., baseboard management controller (BMC)) on the computer system. The NAND flash memory may obtain metrics related to the software program via the BMC. The NAND flash memory may analyze the information related to the software program along with the metrics related to the software program to identify a security vulnerability in the computer system. The NAND flash memory may provide the information related to the security vulnerability in the computer system to the BMC.
    Type: Grant
    Filed: July 16, 2019
    Date of Patent: May 14, 2024
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Umesh Markandaya Lakshminarasimha, Mahesh Ramenahalli Mayanna, Naveena Kedlaya
  • Patent number: 11983278
    Abstract: This disclosure relates generally to data anonymization using clustering techniques. In Typically, data anonymization using global recoding can overgeneralize the data. However, preservation of information while anonymization the data is of equal importance as obscuring the relevant information that can be used by the attackers. The disclosed method and system utilized attribute taxonomy tree for generalization to optimize the generalization of the records. The disclosed method uses clustering-based approach and after clustering, each cluster is solved independently using ILP model for K-Anonymization. The ILP model is solved by generalizing the value of the attributes. Sometimes, even after clustering the number of possible patterns is large, thus the disclosed method generates patterns on the fly during multiple iterations.
    Type: Grant
    Filed: August 6, 2021
    Date of Patent: May 14, 2024
    Assignee: Tata Consultancy Services Limited
    Inventors: Saket Saurabh, Arun Ramamurthy, Sutapa Mondal, Mangesh Sharad Gharote, Sachin Premsukh Lodha
  • Patent number: 11983279
    Abstract: A content delivery system (100) comprises a trusted holder of profile data (200) arranged to store information concerning a conscious entity, a content delivery requirement entity (210), a content intermediary entity (226); and a source of content (232). The trusted holder of profile data (200) is arranged to issue (230) profile reference data to the content delivery requirement entity in response to a request (222) therefrom, and to communicate (224) the profile reference data and at least part of the stored information concerning the conscious entity to the content intermediary entity (226), the request for content provision (222) being capable of identifying the conscious entity to the trusted holder of profile data. The content intermediary entity (226) is arranged to source, when in use, relevant content from the source of content (232) using the at least part of the stored information concerning the conscious entity.
    Type: Grant
    Filed: October 13, 2021
    Date of Patent: May 14, 2024
    Assignee: GAIASOFT IP LIMITED
    Inventor: Clive Morel Fourman
  • Patent number: 11983280
    Abstract: Aspects of the present disclosure involve a method and a system to support execution of the method to perform a cryptographic operation involving a first vector and a second vector, by projectively scaling the first vector, performing a first operation involving the scaled first vector and the second vector to obtain a third vector, generating a random number, storing the third vector in a first location, responsive to the random number having a first value, or in a second location, responsive to the random number having a second value, and performing a second operation involving a first input and a second input, wherein, based on the random number having the first value or the second value, the first input is the third vector stored in the first location or the second location and the second input is a fourth vector stored in the second location or the first location.
    Type: Grant
    Filed: January 6, 2020
    Date of Patent: May 14, 2024
    Assignee: Cryptography Research, Inc.
    Inventors: Michael Alexander Hamburg, Michael Tunstall, Michael Hutter
  • Patent number: 11983281
    Abstract: One example method includes receiving, by a backup appliance, a request concerning a dataset, performing, by the backup appliance, an inquiry to determine if end-to-end encryption is enabled for a volume of a target storage array, receiving, by the backup appliance, confirmation from the storage array that end-to-end encryption is enabled for the volume, and based on the confirmation that end-to-end encryption is enabled for the volume, storing the dataset in the volume without performing encryption, compression, or deduplication, of the dataset prior to storage of the dataset in the volume.
    Type: Grant
    Filed: June 9, 2021
    Date of Patent: May 14, 2024
    Assignee: EMC IP HOLDING COMPANY LLC
    Inventors: Jehuda Shemer, Arieh Don, Krishna Deepak Nuthakki
  • Patent number: 11983282
    Abstract: Provided is a data protection method which includes: receiving transaction data which includes a first hash value obtained from history information of a home; obtaining, from a data server, a second hash value computed by the data server performing computation processing on encrypted history information without decrypting the encrypted history information, the encrypted history information being history information of the home encrypted using a secure computation method which enables computation without decrypting the encrypted history information, the encrypted history information being obtained from the home; verifying the transaction data, and determining whether the first hash value and the second hash value match; and when a validity of the transaction data is verified and the first hash value and the second hash value match, recording the transaction data in a distributed ledger.
    Type: Grant
    Filed: November 18, 2022
    Date of Patent: May 14, 2024
    Assignee: Panasonic Intellectual Property Corporation of America
    Inventor: Yuji Unagami
  • Patent number: 11983283
    Abstract: Disclosed herein are system, method, and computer program product embodiments for preemptively evaluating whether roles are over-privileged within an (IAM) identity and access management system. Roles may be over-privileged when they are granted permissions to perform certain actions outside the scope granted to those roles. The evaluation occurs without submitting the certain actions to the IAM system and allows roles to be evaluated on a preemptive basis so that corrective actions may be taken to prevent unauthorized access to resources. Roles may be associated with policies which may each define different permissions for accessing resources. The evaluation may involve generating an effective policy from the policies associated with a role to provide a comprehensive view of all permissions associated with the role.
    Type: Grant
    Filed: January 24, 2023
    Date of Patent: May 14, 2024
    Assignee: Capital One Services, LLC
    Inventors: Matthew A. Ghiold, Gavin McGrew, Devon Powley, Dale Greene, Jr.
  • Patent number: 11983284
    Abstract: The present disclosure relates to a computer-implemented method for controlling access to user data of a user. The method comprises: receiving, by a data controller, an access request requesting access to the user data; determining, by the data controller, a consent status and one or more item of information associated with the user data; encrypting, by the data controller, the user data in an encrypted data package encrypted based on the consent status and one or more item of information; and sending, by the data controller, the encrypted data package in response to the access request.
    Type: Grant
    Filed: January 19, 2021
    Date of Patent: May 14, 2024
    Assignee: Arm Cloud Technology, Inc.
    Inventors: Remy Pottier, Michael Lambertus Hubertus Brouwer, Minsheng Lu
  • Patent number: 11983285
    Abstract: Protecting data privacy in secure multi-party computation and communication is provided. A method of protecting data privacy includes determining a differential privacy configuration, determining a number of iterations based on a first parameter and a second parameter, and for each of the number of iterations generating a random value and a random noise data; generating a first message and a second message; and performing a transfer based on the first message, the second message, and an input data to output one of the first message and the second message. The method also includes generating a first noise data based on the random noise data in each of the number of iterations, generating a first share based on a first dataset and a second dataset, applying the first noise data to the first share, and constructing a result based on the first share and a second share.
    Type: Grant
    Filed: October 20, 2023
    Date of Patent: May 14, 2024
    Assignee: Lemon Inc.
    Inventors: Jian Du, Haohao Qian, Yongjun Zhao, Bo Jiang, Chuyuan Chen, Qiang Yan
  • Patent number: 11983286
    Abstract: Methods, systems, and devices for data processing are described. Some database systems may implement data processing permits to manage data access. A database system may use encryption schemes to tie permits to data (e.g., cryptographically ensuring that the system follows data regulations). To support queries for a database implementing such encryption schemes, the database may implement a proxy. When the system receives a query, the database proxy may intercept and transform the query based on the encryption schema of the database. The database proxy may execute the transformed query at the database, receive encrypted query results in response, and decrypt the results for use by the querying application. Additionally, the system may access relevant data processing permits to support querying operations. For example, the system may use permits when transforming the query, executing the query in the database, preparing query results for the querying application, or any combination thereof.
    Type: Grant
    Filed: April 13, 2020
    Date of Patent: May 14, 2024
    Assignee: Ketch Kloud, Inc.
    Inventors: Yacov Salomon, Seth Yates, Maxwell Anderson, Vivek Vaidya, Anton Winter, Samuel Alexander, Tom Chavez
  • Patent number: 11983287
    Abstract: Systems as described herein may implement non-persistent data caching using a dedicated web server. A non-persistent data caching system may determine that an application, executing on a computing device may require access to secure data located on a remote server external to the computing device. The non-persistent data caching system may initiate a dedicated web server on the computing device, retrieve the secure data from the remote server, and store the secure data in a volatile memory of the computing device. The non-persistent data caching system may subsequently redirect a request for at least a portion of the secure data from the application and to the dedicated web server, and the dedicated web server may send the requested portion to the application.
    Type: Grant
    Filed: December 2, 2020
    Date of Patent: May 14, 2024
    Assignee: Capital One Services, LLC
    Inventor: Riley McCuen
  • Patent number: 11983288
    Abstract: A method prevents unauthorized access to user data files on a computing device. The device receives a request from an application to open a data file (including file name path). The device determines whether the path corresponds to a designated storage location for user data files and determines whether access to the data file has previously been granted for the application. When the file is a user file with no permission for the application, the device uses a volition table to determine whether access volition has been asserted for the data file by the application within a preceding predefined period of time. When access volition has been asserted, the device permits the application to access the data file. When access volition has not been asserted, the device displays a user interface box prompting a user to decide whether or not to grant the application access to the data file.
    Type: Grant
    Filed: December 17, 2021
    Date of Patent: May 14, 2024
    Assignee: Secure Computing, LLC
    Inventors: Karen Heart, Alexander Rasin
  • Patent number: 11983289
    Abstract: A method and a system for managing login information of a computing system during a debugging process are disclosed. The login information is composed according to a number of roles and their associated policies. Some roles have higher authorized levels to view sensitive information. To protect privacy, a technician who access the computing system will not be able to view all content of information. If this restriction prevents the technician to debug the system, the technician can request an upgrade. A new login information with a higher authorized level will be temporarily granted to the technician that allows the technician to view and access more content of information.
    Type: Grant
    Filed: December 28, 2021
    Date of Patent: May 14, 2024
    Assignee: Kyocera Document Solutions Inc.
    Inventor: Tai Yu Chen
  • Patent number: 11983290
    Abstract: A method for supporting identity management of travelers in an airport using a distributed ledger system includes receiving, by a global identity blockchain, a registration request from a traveler via a traveler device. The registration request includes a commitment for identity data that is uploaded by the traveler in a secure cloud storage. The method further includes recording the commitment in the global identity blockchain, receiving, by the global identity blockchain, a result of an identity verification with respect to the traveler from a verifier entity, recording the result in the global identity blockchain, and receiving, by a security blockchain, a ticket registration transaction issued by an airline entity. The ticket registration transaction comprises a unique traveler ID of the traveler. The method further includes issuing, by the security blockchain, an access control list update upon reception of consent by the traveler.
    Type: Grant
    Filed: August 22, 2019
    Date of Patent: May 14, 2024
    Assignee: NEC CORPORATION
    Inventors: Sebastien Andreina, Alessandro Sforzin, Ghassan Karame
  • Patent number: 11983291
    Abstract: Systems and techniques that facilitate policy-driven views of datasets are provided. In various embodiments, a system can comprise a data component that can access a dataset. In various instances, the system can further comprise a view policy component that can respectively correlate a set of security credentials to a set of view instructions associated with the dataset. In various embodiments, the system can further comprise an input component that can receive as input a first security credential that is listed in the set of security credentials. In various aspects, the system can further comprise an output component that can identify a first view instruction that is listed in the set of view instructions associated with the dataset, wherein the first view instruction is respectively correlated to the first security credential. In various cases, the output component can generate as output a view of the dataset based on the first view instruction.
    Type: Grant
    Filed: December 14, 2020
    Date of Patent: May 14, 2024
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Stefano Braghin, Michele Gazzetti, Ioannis Gkoufas, Marco Simioni
  • Patent number: 11983292
    Abstract: Embodiments of the present disclosure enable users of a data sharing system to build native applications that can be shared with other users of the data sharing system. The native applications can be published and discovered in the data sharing system like any other data listing, and consumers can install them in their local data sharing system account to serve their data processing needs. A provider may define an installation script for installing an application and create a share object to which the installation script may be attached. In response to an imported database being created in a consumer account based on the share object, a native application framework may automatically execute the installation script in the consumer account and may create a set of database roles to manage execution of the application in the consumer account.
    Type: Grant
    Filed: February 13, 2023
    Date of Patent: May 14, 2024
    Assignee: Snowflake Inc.
    Inventors: Damien Carru, Jeremy Yujui Chen, Pui Kei Johnston Chu, Thierry Cruanes, Istvan Cseri, Benoit Dageville, Unmesh Jagtap, Subramanian Muralidhar
  • Patent number: 11983293
    Abstract: Systems, computer program products, and methods are described herein for predicting, detecting, and preventing unauthorized access events associated with electronic systems. The systems, computer program products, and methods may be configured to receive, from a first automated teller machine, an alert message including information associated with a first unauthorized access event occurring at the first automated teller machine and determine, based on the information in the alert message, a location of the first automated teller machine. The systems, computer program products, and methods may be configured to identify a second automated teller machine proximate the location of the first automated teller machine and provide, to the second automated teller machine, one or more commands to be executed by the second automated teller machine to prevent a second unauthorized access event from occurring at the second automated teller machine.
    Type: Grant
    Filed: September 23, 2021
    Date of Patent: May 14, 2024
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Sree Krishna Vaishanavy Krishnaswamy Ravindran, Sneha Padiyar, Ravikiran Subramanya Rao
  • Patent number: 11983294
    Abstract: A traffic sensor includes an imaging unit that generates a recognition record by image recognition processing a captured image of a vehicle. The recognition record includes personal-identification data useable to identify the vehicle owner, and additional data not useable to identify the vehicle owner. The traffic sensor also includes an obfuscation unit that generates an obfuscated record from the recognition record by converting the personal-identification data into a unique-identifier. The obfuscated record includes the unique-identifier and the additional data. The traffic sensor further includes a transceiver configured to transmit the obfuscated record to a first off-site server without transmitting the recognition record to the first off-site server.
    Type: Grant
    Filed: September 30, 2021
    Date of Patent: May 14, 2024
    Assignee: Rekor Systems, Inc.
    Inventors: Christopher Allen Kadoch, Jason Skipper, Matthew Anthony Hill
  • Patent number: 11983295
    Abstract: This disclosure relates to method and system for identifying Personally Identifiable Information (PII) through secret patterns. The method includes receiving user data from at least one data source through a plurality of communication channels. The user data includes PII and non-PII. The user data is associated with a user. The PII includes a plurality of personal identifiers. The method further includes identifying the PII in user data through a predictive model. The method further includes generating a secret pattern based on the PII identified through the predictive model. The secret pattern is an identifiable label. The method further includes adding the secret pattern to each of the plurality of personal identifiers in PII. The method further includes identifying each of the plurality of personal identifiers through the secret pattern in real-time, when user data is transmitted from the at least one data source to at least one data destination.
    Type: Grant
    Filed: February 22, 2022
    Date of Patent: May 14, 2024
    Inventors: Simy Chacko, Venkatesh Shankar, Ramesh Gurusamy, Sumathi Babu
  • Patent number: 11983296
    Abstract: Method, system and product for performing private and non-private tasks in Augmented Reality (AR) systems. A privacy policy of a user using an AR device is obtained. A frame sensor is utilized to obtain frames for processing. An overlay display for the frame is generated. The overlay display is generated based on an execution of a non-private task on a non-trusted device and based on an execution of a private task on a trusted device. The private task and the non-private task are determined based on the privacy policy. The overlay display is displayed by an AR device.
    Type: Grant
    Filed: April 24, 2022
    Date of Patent: May 14, 2024
    Assignee: SHMUEL UR INNOVATION LTD
    Inventors: Ziv Glazberg, Shmuel Ur
  • Patent number: 11983297
    Abstract: A candidate attribute combination of a first data set is identified, such that the candidate attribute combination meets a data type similarity criterion with respect to a collection of data types of sensitive information for which the first data set is to be analyzed. A collection of input features is generated for a machine learning model from the candidate attribute combination, including at least one feature indicative of a statistical relationship between the values of the candidate attribute combination and a second data set. An indication of a predicted probability of a presence of sensitive information in the first data set is obtained using the machine learning model.
    Type: Grant
    Filed: January 19, 2023
    Date of Patent: May 14, 2024
    Assignee: Amazon Technologies, Inc.
    Inventors: Aurelian Tutuianu, Daniel Voinea, Petru-Serban Cehan, Silviu Catalin Poede, Adrian Cadar, Marian-Razvan Udrea, Brent Gregory
  • Patent number: 11983298
    Abstract: A system and method are presented to enable computers to communicate and to exchange personal data in a secure system where security is achieved by a computer de-identifying the personal data through the removal of all personal identifiers and subsequently re-identifying the data with an anonymous identifier generated by the computer operated by the data subject. Even though the personal data and the data subject are anonymized, the computers in the present system are able to establish a communications session between the anonymous data subject's computer and the computer system holding information of interest to the data subject and to send that information to its owner.
    Type: Grant
    Filed: April 29, 2020
    Date of Patent: May 14, 2024
    Assignee: MEDICEUS DADOR DE SAÚDE, S.A.
    Inventors: Peter Villax, Ricardo Loura
  • Patent number: 11983299
    Abstract: A system and method for scrubbing data to be shared between organizations to test a joint solution, and for preventing the introduction of unscrubbed data. Each organization captures a subset of data, which may be customer data from a line of business. The first organization scrubs its data according to scrubbing rules, and then passes the scrubbed data to its test environment, while the second organization passes its unscrubbed data to its test environment. The scrubbed data is communicated to the second organization and is applied to the unscrubbed data in order to scrub it, and then communicate it to the first organization. Both organizations use the scrubbed data in their respective test environments to test the joint solution or joint testing. Scrubbing the data may involve scrubbing only specific data fields containing sensitive information.
    Type: Grant
    Filed: October 26, 2022
    Date of Patent: May 14, 2024
    Assignee: State Farm Mutual Automobile Insurance Company
    Inventors: Murali Chittiprolu, George Ross Lewis
  • Patent number: 11983300
    Abstract: An embodiment of the present invention is directed to a market data hub. The innovative system comprises a processing engine that manages contributed content and allows for custom analytics, alerting, reporting, machine learning interfaces, etc., while preserving entitlements controls specific to participants. Moreover, the system disseminates market data to downstream consumers and syndicated entities that are entitled to view the market data.
    Type: Grant
    Filed: April 12, 2019
    Date of Patent: May 14, 2024
    Assignee: JPMORGAN CHASE BANK, N.A.
    Inventors: Ilya Slavin, Gordon J. Taylor
  • Patent number: 11983301
    Abstract: Systems and methods to implement virtual contactless traffic stops. The systems and methods utilize mobile devices or other computer technology commonly carried by law enforcement officers and civilians for other purposes, and use the imaging and communication capabilities of these devices to authenticate digital copies a legal documents pertaining to the civilian, connect a civilian device and a law enforcement officer device during a traffic stop to facilitate digital document exchange, and to provide for remote interaction during the traffic stop, such as by use of video or text chat.
    Type: Grant
    Filed: June 17, 2021
    Date of Patent: May 14, 2024
    Assignee: Redlin Collective Holdings LLC
    Inventor: Nicole Faren Clines
  • Patent number: 11983302
    Abstract: System and method are provided for assigning a service identifier for use by an IHS (Information Handling System), where a new service identifier may be assigned to the IHS due to replacement of hardware of the IHS. The IHS is provisioned with an inventory certificate that identifies hardware components of the IHS, including a service identifier for the IHS. Support provided for the IHS is tracked based on this service identifier. A hardware component of the IHS is removed, where the service identifier is assigned to this removed hardware component. A replacement hardware component is installed in the IHS. An updated inventory certificate is generated that assigns a new service identifier to the replacement hardware component installed in the IHS. The IHS is provisioned with the updated inventory certificate that specifies the new service identifier. Support provided for the IHS is now tracked based on the new service identifier.
    Type: Grant
    Filed: January 21, 2022
    Date of Patent: May 14, 2024
    Assignee: Dell Products, L.P.
    Inventors: Jason Matthew Young, Aaron M. Randall, Charles D. Robison
  • Patent number: 11983303
    Abstract: The intrinsic data generation device of the disclosure includes a modulation control part outputting a modulation control signal for controlling modulation, a modulation part modulating a signal based on the modulation control signal and outputting a modulated modulation signal, a PUF circuit specifying a relationship between input data and output data based on random variation intrinsic to the device and changing the output data based on the modulation signal, a data holding part holding the output data from the PUF circuit in response to the modulation control signal, and an intrinsic data output part outputting intrinsic data based on the output data provided from the data holding part.
    Type: Grant
    Filed: April 24, 2019
    Date of Patent: May 14, 2024
    Assignee: Winbond Electronics Corp.
    Inventor: Yasuhiro Tomita
  • Patent number: 11983304
    Abstract: The present disclosure provides an on-board secure storage system capable of easily and quickly detecting unauthorized access to a storage device and a failure of the storage device, and appropriately using the detection result. the on-board secure storage system includes the storage device that has a controller, a non-volatile memory and an interface, and an electronic control unit that electronically controls a vehicle. After determining that unauthorized access or a failure occurs in the non-volatile memory, the controller performs predetermined processing according to the type of the unauthorized access or failure.
    Type: Grant
    Filed: January 12, 2022
    Date of Patent: May 14, 2024
    Assignee: PANASONIC INTELLECTUAL PROPERTY MANAGEMENT CO., LTD.
    Inventor: Shinji Inoue
  • Patent number: 11983305
    Abstract: A content presentation system, a content presentation device, and a content presentation method that reduce a burden on a user and present suitable contents to the user with high accuracy are provided. The present technology provides a content presentation system including a computer device that holds content information associated with emotion information indicating an emotion of a user, in which the computer device at least includes a machine learning model that, on the basis of a plurality of pieces of content information presented to the user corresponding to desired emotion information indicating emotion information desired by the user and content information selected by the user from the plurality of pieces of content information, performs machine learning so as to present the content information suitable for the emotion information.
    Type: Grant
    Filed: May 19, 2021
    Date of Patent: May 14, 2024
    Assignee: Sony Group Corporation
    Inventors: Takanori Ishikawa, Ryo Sasaki, Yuta Aoki
  • Patent number: 11983306
    Abstract: A system configured to track the location of one or more peripherals operated by a user, the system comprising a tracking unit configured to determine a location of the one or more peripherals in dependence upon images captured by a camera associated with an HMD worn by the user, a generation unit configured to generate, in response to a determination by the tracking unit that one or more of the peripherals is not visible in the images, an array of home points behind the user, the home points being locations defined in dependence upon constraints upon the user's motion, an estimation unit configured to estimate the respective locations of non-visible peripherals in dependence upon the output of one or more inertial measurement units associated with each peripheral, and a selection unit configured to select a home point, from amongst the array of home points, for each of the non-visible peripherals, wherein the tracking unit is configured to generate a location for each non-visible peripheral such that the loc
    Type: Grant
    Filed: December 21, 2022
    Date of Patent: May 14, 2024
    Assignee: Sony Interactive Entertainment Europe Limited
    Inventors: Sharwin Winesh Raghoebardajal, Simon Pilgrim, Steven Tattersall, Jose Rubio
  • Patent number: 11983307
    Abstract: An occlusion detection system to perform operations that include: capturing image data that depicts an environment at a client device, the environment including a target object at a position within the environment; causing display of a presentation of the environment at the client device, the presentation of the environment including a display of the target object at the position within the environment; detecting a first attribute of the display of the target object at the client device; performing a comparison of the first attribute of the display of the target object and a second attribute associated with the target object; and detecting an occlusion based on the comparison.
    Type: Grant
    Filed: March 8, 2023
    Date of Patent: May 14, 2024
    Assignee: Snap Inc.
    Inventors: Piers Cowburn, David Li, Isac Andreas Müller Sandvik, Qi Pan