Copy Protection Or Prevention Patents (Class 380/201)
  • Patent number: 9882902
    Abstract: A system that incorporates the subject disclosure may perform, for example, receiving an over-the-air programming message that includes programming data for use by the mobile communication device, decrypting the over-the-air programming message utilizing a first keyset to generate a decrypted over-the-air programming message, determining a schedule for providing messages from a secure device processor to a secure element of the mobile communication device where the secure device processor is separate from the secure element and in communication with the secure element, and providing the decrypted over-the-air programming message to the secure element according to the schedule. Other embodiments are disclosed.
    Type: Grant
    Filed: February 29, 2016
    Date of Patent: January 30, 2018
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Walter Cooper Chastain, Stephen Emille Chin
  • Patent number: 9882719
    Abstract: This disclosure relates generally to multi-factor authentication, and more particularly to method and system for multi-factor authentication. In one embodiment, the method includes receipt of an audio input at a device, and a plurality of authentication parameters from at least one of the device and a server communicably coupled to the device. The plurality of authentication parameters are encrypted to generate a plurality of encrypted authentication parameters. The plurality of encrypted authentication parameters are embedded as watermarks into the audio input to generate a watermarked audio signal. The watermarked audio signal are encrypted to generate an authentication audio signal. The authentication audio signal is transmitted to an authentication server over an audio communication channel to authenticate the access at the device.
    Type: Grant
    Filed: March 9, 2016
    Date of Patent: January 30, 2018
    Assignee: Tata Consultancy Services Limited
    Inventors: Srinivasa Rao Chalamala, Sankha Subhra Som
  • Patent number: 9882917
    Abstract: Technologies to provide a secure data storage service in a cloud computing environment are generally disclosed. In some examples, a method comprises: partitioning a data resource into data particles, assigning logic groups to the data particles, assigning physical storage groups to the data particles, and/or storing each physical storage group at corresponding storage resource, receiving a request for the data resource, determining whether the request for the data resource is valid, and if the request is valid, transmitting the data particles of the data resource to the client. The method enables improved security for accessing data, and also improves the user experience in cloud computing environments.
    Type: Grant
    Filed: December 3, 2015
    Date of Patent: January 30, 2018
    Assignee: EMPIRE TECHNOLOGY DEVELOPMENT LLC
    Inventors: Xiaodong Wang, Jun Fang
  • Patent number: 9875378
    Abstract: Techniques for encrypting the data in the memory of a computing device are provided. An example method for protecting data in a memory according to the disclosure includes encrypting data associated with a store request using a memory encryption device of the processor to produce encrypted data. Encrypting the data includes: obtaining a challenge value, providing the challenge value to a physically unclonable function module to obtain a response value, and encrypting the data associated with the store request using the response value as an encryption key to generate the encrypted data. The method also includes storing the encrypted data and the challenge value associated with the encrypted data in the memory.
    Type: Grant
    Filed: June 12, 2015
    Date of Patent: January 23, 2018
    Assignee: QUALCOMOM Incorporated
    Inventors: Olivier Jean Benoit, Rosario Cammarota
  • Patent number: 9871820
    Abstract: Technologies for managing network privileges of members of graft-network include detecting a computing device in physical presence with a network infrastructure, determining whether the computing device is a member of the graft-network, and establishing initial network privileges for the computing device if the computing device is not a member, without direct programming of the member. The network privileges of members of the graft-network are updated over time as a function of the length of time for which the computing device is in physical presence of the network infrastructure. A computing device may be in physical presence of the network by physical contacting a communication bus of the network infrastructure or being within a limited communication range of the communication bus. New members to the graft-network may be quarantined to reduce risk to the network.
    Type: Grant
    Filed: December 27, 2014
    Date of Patent: January 16, 2018
    Assignee: Intel Corporation
    Inventors: Jennifer A. Healey, Kenneth T. Anderson, John C. Weast, Tobias M. Kohlenberg
  • Patent number: 9853957
    Abstract: Techniques are disclosed for secure playback of protected multimedia content on a game console using a secret-less application. An SSO model can be used for client authentication at a key server, which eliminates the need of storing or using any secret information in the client application. Further, an encrypted content key generated by a content packager using a public key can be deployed in the key URI of a playlist file, which is sent to the key server. The key server can be configured to decrypt the content key using a corresponding private key. Further, the content key and unencrypted samples are protected in the game console client application from debugging and replay attacks by using additional security checks at both the client and key server. By storing secret information remotely from the game console and using the SSO model, DRM policies can be enforced on an untrusted client application.
    Type: Grant
    Filed: August 25, 2016
    Date of Patent: December 26, 2017
    Assignee: ADOBE Systems Inc.
    Inventors: Viswanathan Swaminathan, Sheng Wei, Joseph Donovan Steele
  • Patent number: 9838494
    Abstract: An intermediary system reduces a delay associated with the compression and transmission of content resources to a user's device. For example, the intermediary system compresses a first content resource, generates a signature of the first content resource, stores the compressed first content resource and the generated signature, and transmits the compressed first content resource to the user's device. When the user's device or another user's device requests a second content resource at a later time, the intermediary system generates a signature of the second content resource and compares it with the signature of the first content resource. If the signatures match (meaning the first and second content resources are very likely identical), then the intermediary system merely transmits the compressed first content resource to the appropriate device instead of first compressing the second content resource and then transmitting the compressed second content resource to the appropriate device.
    Type: Grant
    Filed: June 24, 2014
    Date of Patent: December 5, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Daniel Tomasiewicz, Chao Deng, Gopal Harikumar, Amit Santosh Jain
  • Patent number: 9830566
    Abstract: Methods, systems, and apparatus, including computer program products, for regulating access of consumers (e.g., applications, containers, or VMs) to resources and services (e.g., storage). In one embodiment, this regulation occurs through the use of access or action permits, referred to as permits that the consumer acquires from an intermediate entity—an Action Manager (AM)—prior to accessing the resource or service. Regulating access includes, for example, controlling one or more of the number of concurrent accesses to a particular resource, the rate at which consumers access the resource, the total number of consumers in a group of consumers accessing the resource, and the total rate at which a group of consumers accesses a resource. According to various embodiments, similar regulation is applied to a group of resources (rather than a single resource).
    Type: Grant
    Filed: July 27, 2015
    Date of Patent: November 28, 2017
    Assignee: TURBONOMIC, INC.
    Inventors: Apostolos Dailianas, Vivek Nandavanam, Endre Sara, Danilo Florissi, Shmuel Kliger
  • Patent number: 9830192
    Abstract: Methods, systems, and apparatus, including computer program products, for assuring application performance by matching the supply of resources (e.g., application resources, VM resources, or physical resources) with the fluctuating demand placed on the application. For example, the systems and methods disclosed herein can be used to ensure that the application is allocated sufficient resources when it is initially deployed to handle anticipated demand; dynamically alter the resources allocated to the application during operation by matching the resource requirements to the actual measured application demand; and predict future resource requirements based on planning assumptions related to future application demand.
    Type: Grant
    Filed: July 27, 2015
    Date of Patent: November 28, 2017
    Assignee: Turbonomic, Inc.
    Inventors: Charles Crouchman, Michael Borodiansky, Apostolos Dailianas, Shmuel Kliger
  • Patent number: 9811652
    Abstract: According to an embodiment, an image erasing apparatus includes an accessory information acquiring unit and an execution availability determining unit. The accessory information acquiring unit acquires accessory information related to security of the sheet based on attribute data of a sheet on which an erasable image is formed. The execution availability determining unit each determines execution availability of erase processing for the image on the sheet and execution availability of preservation processing for the image data generated by the readout unit, based on the accessory information.
    Type: Grant
    Filed: September 24, 2014
    Date of Patent: November 7, 2017
    Assignees: KABUSHIKI KAISHA TOSHIBA, TOSHIBA TEC KABUSHIKI KAISHA
    Inventor: Takanori Fukuhara
  • Patent number: 9811789
    Abstract: Secure content transfer systems and methods to operate the same are disclosed. An example system includes a content server to encrypt content according to an encryption key, and to transfer the encrypted content, the encryption key and a license to a client that supports a digital rights management technology. The example system further includes a broadcast system headend to determine the encryption key, wherein the broadcast system headend is physically separate from the content server, and a digital rights management license server to provide the license.
    Type: Grant
    Filed: July 1, 2014
    Date of Patent: November 7, 2017
    Assignee: THE DIRECTV GROUP, INC.
    Inventors: Raynold M. Kahn, Peter M. Klauss, Stephen P. Dulac, David N. Schlacht, Hanno Basse, Thomas H. James
  • Patent number: 9813413
    Abstract: Services from domainless machines are made available in a security domain under a virtual name. Each machine is not joined to the domain but can reach a security domain controller. The controller controls at least one security domain using an authentication protocol, such as a modified Kerberos protocol. One obtains a set of security domain credentials, generates a cluster name secret, gives the cluster a virtual name, and authenticates the machines to the domain controller using these items. In some cases, authentication uses a ticket-based protocol which accepts the cluster name secret in place of a proof of valid security domain membership. In some, the domain controller uses a directory service which is compatible with an active directory service; the cluster virtual name is provisioned as an account in the directory service. The cluster virtual name may concurrently serve clients on different security domains of the directory service.
    Type: Grant
    Filed: September 20, 2015
    Date of Patent: November 7, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Sai Sudhir Anantha Padmanaban, Lokesh Srinivas Koppolu, Andrea D'Amato, Yi Zeng
  • Patent number: 9813784
    Abstract: Techniques are described for providing functionality to allow a viewer of a television show to watch a “previously on” segment of an episode of the television show and be able to watch the scenes from prior episodes referenced in the “previously on” segment.
    Type: Grant
    Filed: March 25, 2015
    Date of Patent: November 7, 2017
    Assignees: A9.com, IMDb.com, Inc.
    Inventors: Adam Carlson, Jeromey Russell Goetz, Ashutosh Vishwas Kulkarni, Douglas Ryan Gray, Danny Ryan Stephens, Colin Jon Taylor, Ismet Zeki Yalniz
  • Patent number: 9807083
    Abstract: To provide for security and robustness in distribution of high value video content such as UHD video, a white list is provided that does not grant default access to content like a revocation listing does, but rather forces a software update on potentially compromised devices to bring them back into copy protection compliance, eliminating, e.g., the use of certain outputs that have been compromised. Prior to outputting content, a source device determines whether the receiving device is on a white list, whether the output is still valid, whether the version number of the receiving device is still valid, and that the receiving device does not have insecure outputs on which it could re-output content.
    Type: Grant
    Filed: June 5, 2015
    Date of Patent: October 31, 2017
    Assignee: Sony Corporation
    Inventors: Brant Candelore, Graham Clift, Steven Richman
  • Patent number: 9798866
    Abstract: A network information system, and a method of operation thereof, includes: an extraction module for extracting a unique device identification for sending to an e-commerce server, wherein the unique device identification is extracted from a network-connected device with a software application installed and not activated on the network-connected device; a settlement process module, coupled to the extraction module, for generating a notification based on the unique device identification for sending to a license server; and a key generation module, coupled to the settlement process module, for generating a product key for the unique device identification based on the notification for activating the software application to run on a computing device.
    Type: Grant
    Filed: December 13, 2016
    Date of Patent: October 24, 2017
    Assignee: ClevX, LLC
    Inventors: Alex Lemelev, Lev M. Bolotin
  • Patent number: 9794231
    Abstract: Systems and methods are disclosed for registering a host computing device at a server and registering a lock device at the server via an application running on a mobile computing device, each being provided host keys from the server that allow communication between the host computing device the lock device. Further, the lock device can only be registered with the server if a current registered device count is less than a maximum registered device threshold.
    Type: Grant
    Filed: March 16, 2015
    Date of Patent: October 17, 2017
    Assignee: Schlage Lock Company LLC
    Inventors: Joseph Wayne Baumgarte, Patrick GrandPre, Matthew Dexter
  • Patent number: 9774679
    Abstract: A method begins by a dispersed storage (DS) processing module selecting storage pools within the DSN with available capacity for storing data of a storage group. The method continues by selecting one or more dispersed storage (DS) units within each of the selected storage pools based on a selection criteria and mapping the one or more DS units to the storage group. The method continues by receiving a write request to store a data object to the storage group and by storing the data object in at least one of the mapped one or more DS units. The method continues with the DS processing module issuing an indication unutilized storage space calculated on a proportionate basis based on storage utilized for the storage group as a percentage of total storage utilized and updating a write proportion value based on received storage utilization responses.
    Type: Grant
    Filed: July 11, 2014
    Date of Patent: September 26, 2017
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Michael Colin Storm, Manish Motwani, Wesley Leggette
  • Patent number: 9774598
    Abstract: According to an embodiment, an information processing device is connected to a management apparatus via a network. The device includes a receiver, an acquisition unit, an MKB processor, and an authentication unit. The receiver is configured to receive communication information. The acquisition unit is configured to acquire a media key block from the management apparatus, in response to receipt of the communication information from a first external device not belonging to a group previously classified on a management unit basis by the management apparatus, the first external device and the information processing device being enabled to derive a first group key based on the media key block. The MKB processor is configured to generate the group key from a device key of the information processing device and the media key block. The authentication unit is configured to perform encrypted communication with the external device based on an authentication method using the group key.
    Type: Grant
    Filed: August 26, 2014
    Date of Patent: September 26, 2017
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Fangming Zhao, Yuichi Komano, Satoshi Ito
  • Patent number: 9755836
    Abstract: Provided are techniques to enable, using broadcast encryption, a device to locate a service offered by a server with the knowledge that the service offered by the server is a trusted service. A signed enhanced Management Key Block (eMKB) includes a trusted service locator (TSL) that includes one or more records, or “trusted service data records” (TSDRs), each identifying a particular service and a corresponding location of the service is generated and transmitted over a network. Devices authorized to access a particular service parse the eMKB for the end point of the service, connect to the appropriate server and transmit a request.
    Type: Grant
    Filed: November 19, 2010
    Date of Patent: September 5, 2017
    Assignee: International Business Machines Corporation
    Inventors: Thomas A. Bellwood, Jeffrey B. Lotspiech, Matthew F. Rutkowski
  • Patent number: 9755835
    Abstract: The present document relates to transcoding of metadata, and in particular to a method and system for transcoding metadata with reduced computational complexity. A transcoder configured to transcode an inbound bitstream comprising an inbound content frame and an associated inbound metadata frame into an outbound bitstream comprising an outbound content frame and an associated outbound metadata frame is described. The inbound content frame is indicative of a signal encoded according to a first codec system and the outbound content frame is indicative of the signal encoded according to a second codec system. The transcoder is configured to identify an inbound block of metadata from the inbound metadata frame, the inbound block of metadata associated with an inbound descriptor indicative of one or more properties of metadata comprised within the inbound block of metadata, and to generate the outbound metadata frame from the inbound metadata frame based on the inbound descriptor.
    Type: Grant
    Filed: January 15, 2014
    Date of Patent: September 5, 2017
    Assignees: Dolby Laboratories Licensing Corporation, Dolby International AB
    Inventors: Andreas Schneider, Christof Fersch, Martin Wolters, Jeffrey Riedmiller, Scott Gregory Norcross, Michael Grant
  • Patent number: 9749813
    Abstract: A wireless station receives a message broadcast by a string broadcast station, which message includes a network information string. The wireless station generates an identifier comprising a tag component and a content component and sends the identifier and the network information string to a datastore. The identifier is stored in association with the network information string in the datastore.
    Type: Grant
    Filed: December 17, 2013
    Date of Patent: August 29, 2017
    Assignee: RADIUS NETWORKS, INC.
    Inventors: Stillman Bradish, Scott A. Smith, Marc Wallace
  • Patent number: 9723344
    Abstract: A media sharing system identifies fingerprints that represent an uploaded video and generates a digest based on the fingerprints. The media sharing system searches for digests of previously processed videos whose digests match the digest of the uploaded video. A previously processed video whose digest matches the digest of the uploaded video is identified as a matching video. For each matching video, the media sharing system retrieves policy information that describes whether the video was found to violate one or more policies of the media sharing system. The media sharing system determines whether to halt processing of the uploaded video based on the retrieved policy information.
    Type: Grant
    Filed: December 29, 2015
    Date of Patent: August 1, 2017
    Assignee: GOOGLE INC.
    Inventors: Johan Georg Granström, Thomas Weich, Vladimir Rychev
  • Patent number: 9723168
    Abstract: An information processing apparatus, which connects to at least one client apparatus via a first network and is connectable to an external apparatus via a second network, includes first and second receiving units, a specifying unit, first and second switching units, and a transmitting unit. The first receiving unit receives client information from the client apparatus via the first network. The specifying unit specifies a device connected to the first network and controllable by the client apparatus. The first switching unit switches connection from the first network to the second network. The second receiving unit receives, based on the client information and the specified device, a control program for controlling the device from the external apparatus via the second network. The second switching unit switches connection from the second network to the first network. The transmitting unit transmits the received control program to the client apparatus via the first network.
    Type: Grant
    Filed: March 2, 2016
    Date of Patent: August 1, 2017
    Assignee: RICOH COMPANY, LTD.
    Inventor: Hirokazu Iida
  • Patent number: 9704131
    Abstract: An information processing apparatus includes: application execution means for executing an application program; metadata storage means for storing metadata corresponding to the application program; input means for receiving a message input by a user based on an operation of the user; selection means for selecting the metadata stored by the metadata storage means, in accordance with an operation of the user; transmission means for transmitting the message received by the input means and the metadata selected by the selection means to another information processing apparatus; reception means for receiving a message and metadata corresponding to an application program from said another information processing apparatus; and information output means for outputting the message and the metadata received by the reception means.
    Type: Grant
    Filed: January 13, 2011
    Date of Patent: July 11, 2017
    Assignee: NINTENDO CO., LTD.
    Inventor: Daiji Imai
  • Patent number: 9672373
    Abstract: A method for preventing photographic capture of a displayed image on an electronically controlled screen using a photographic capture device is provided. The method includes intercepting an image for display; generating a plurality of subset frames based on the intercepted image; dividing the intercepted image into a plurality of subsections; generating a pseudo random number on each of the subsections within the plurality of subsections using a pseudo random number generator; mapping, on each of the subset frames within the plurality of subset frames, a group of subsections within the plurality of subsections that share a common generated pseudo random number; determining a frame rate value for displaying the plurality of subset frames, which enables human visualization of the plurality of subset frames as a single perceived frame; and displaying each subset frame consecutively on the electronically controlled screen based on the determined frame rate.
    Type: Grant
    Filed: March 16, 2016
    Date of Patent: June 6, 2017
    Assignee: International Business Machines Corporation
    Inventors: Douglas J. Griffith, Richard B. Sutton
  • Patent number: 9672375
    Abstract: A physical, non-human readable representation of a digital key may be in a physical key article. The key article may enable a person to generate a signal representing the digital key from a user interface device in communication with a computer by physical manipulation of the key article. Access to digital content via the computer may be unlocked in response to receiving the signal. In addition, a key may be represented by a pattern of unreadable errors in a computer-readable medium.
    Type: Grant
    Filed: January 30, 2015
    Date of Patent: June 6, 2017
    Inventor: Gary Stephen Shuster
  • Patent number: 9660970
    Abstract: An HSM management hub coordinates the distribution and synchronization of cryptographic material across a fleet of connected hardware security modules (“HSMs”). Cryptographic material is exchanged between HSMs in the fleet in a cryptographically protected format. In some examples, the cryptographic material is encrypted using a common fleet key maintained by the HSMs in the fleet. In other examples, the cryptographic material is protected using asymmetric cryptographic keys that are associated with the members of the HSM fleet. The HSM management hub may be used to divide the HSM fleet into subdomains by providing domain keys to subsets of HSMs within the HSM fleet. Cryptographic information that is encrypted with particular domain keys can be distributed across the entire HSM fleet, and restricted to use by authorized HSMs that are in possession of the particular domain keys.
    Type: Grant
    Filed: December 3, 2015
    Date of Patent: May 23, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Gregory Alan Rubin, Benjamin Philip Grubin
  • Patent number: 9660995
    Abstract: The subject matter described herein includes methods, systems, and computer readable media for combating mobile device theft with user notarization. One method includes providing a supplicant video notarization system application executable on a supplicant device for initiating an interactive video call between a supplicant and a notary as a condition to the supplicant accessing a protected electronic resource. The method further includes providing a notary video notarization system application executable on a notary device through which the notary receives the interactive video call and interacts with the supplicant via the interactive video call to confirm the identity of the supplicant and that video of the supplicant provided in the call is live.
    Type: Grant
    Filed: February 20, 2014
    Date of Patent: May 23, 2017
    Assignees: The University of North Carolina at Chapel Hill, Indiana University Research & Technology Corporation
    Inventors: Michael Kendrick Reiter, Apu Chandrasen Kapadia, Alana Libonati
  • Patent number: 9648017
    Abstract: In a method for controlling a device requiring user-related permissions via a mobile terminal using a local data connection between the mobile terminal and the device to be controlled, the control commands requiring user-related permissions for the device to be controlled are generated by means of an interaction between the mobile device and an authentication server and/or a device management server and are transferred to the device to be controlled from the authentication and/or device management server via the mobile terminal. The control commands requiring user-related permissions for the device to be controlled are received by the mobile terminal and are thereafter transferred to the device to be controlled for the purpose of controlling the same and are not stored in the mobile terminal. The control commands received by the device to be controlled are not verified as to the permission of the user to utilize these control commands.
    Type: Grant
    Filed: April 29, 2015
    Date of Patent: May 9, 2017
    Assignee: SKIDATA AG
    Inventors: Christian Wenninger, Bernd Duchac
  • Patent number: 9641910
    Abstract: Techniques for compressing and decompressing license information for Digital Rights Management are described. A method implementation of a technique of creating for a plurality of client devices or client device groups compressed license information comprises the steps of creating a template and a table. The table comprises at least one first license part common to licenses for the plurality of client devices or client device groups and one or more placeholders for one or more second license parts specific for a dedicated client device or client device group. The table comprises, for each client device or client device group and for a given placeholder, replacement information specific for that client device or client device group. The method further comprises sending the template and table for delivery as compressed license information to the client devices or client device groups.
    Type: Grant
    Filed: October 14, 2011
    Date of Patent: May 2, 2017
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventor: Daniel Catrein
  • Patent number: 9628558
    Abstract: Systems and methods may provide for receiving a first request from a remote device for access to content on a second remote device, and invoking a proxy server embedded in an HTML5-compliant browser on a local device. Additionally, the first remote device may be provided with access to the content on the second remote device via the proxy server. Moreover, input may be received from a user interface of the local device, wherein a second request may be transmitted to the first remote device for access to content on a third remote device. In one example, the first remote device is unauthorized with respect to the content on the second remote device, and the local device is unauthorized with respect to the content on the third remote device.
    Type: Grant
    Filed: June 3, 2014
    Date of Patent: April 18, 2017
    Assignee: Intel Corporation
    Inventor: Rita H. Wouhaybi
  • Patent number: 9607160
    Abstract: A method of providing encryption and decryption of plaintext strings in a program file, includes: at a device having one or more processors and memory: marking each of a plurality of plaintext strings in a source file with a respective marking macro (e.g., Decrypt); scanning (e.g., using a reflection tool) for the respective marking macros to identify the plurality of plaintext strings in the source code; generating a respective ciphertext string for each of the plurality plaintext strings that have been identified; and storing the plurality of plaintext strings in a dictionary file, where each plaintext string is indexed by a respective hash value computed from the plaintext string, and where the respective hash value for each of the plaintext strings is used to retrieve the respective ciphertext string of the plaintext string from the dictionary during program execution.
    Type: Grant
    Filed: January 30, 2015
    Date of Patent: March 28, 2017
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventor: Zuke Yang
  • Patent number: 9607131
    Abstract: Methods, devices, and computer program products facilitate the application of a content use policy based on watermarks that are embedded in a content. Watermark extraction and content screening operations, which can include the application of content usage enforcement actions, may be organized such that some or all of the operations can be conducted at different times by different devices. These operations can be conducted by one or more trusted devices that reside in a networked environment. The authenticity of various devices can be verified through the exchange of certificates that can further enable such devices to ascertain capabilities of one another. Based on the ascertained capabilities, an operational configuration for conducting watermark extraction and content screening can be determined.
    Type: Grant
    Filed: April 5, 2011
    Date of Patent: March 28, 2017
    Assignee: Verance Corporation
    Inventors: Joseph M. Winograd, Rade Petrovic, Jian Zhao
  • Patent number: 9608980
    Abstract: The technology described in this document can be embodied in a computer implemented method that includes receiving, at a processing device, information about one or more assets associated with a network of devices. The method also includes generating, for at least one of the assets, a security token that is based at least on a portion of the received information about the corresponding asset. The security token can be configured to identify a home network defined for the asset, and to restrict access to the corresponding asset upon detecting an occurrence of an unauthorized activity involving the asset. The method further includes storing, in a storage device, information about the security token and information linking the security token to the corresponding asset, and initiating integration of the security token with the corresponding asset.
    Type: Grant
    Filed: August 15, 2016
    Date of Patent: March 28, 2017
    Assignee: Document Dynamics, LLC
    Inventor: Robert G. Caffary, Jr.
  • Patent number: 9590971
    Abstract: The technology described in this document can be embodied in a computer implemented method that includes receiving, at a processing device, information about one or more assets associated with a network of devices. The method also includes generating, for at least one of the assets, a security token that is based at least on a portion of the received information about the corresponding asset. The security token can be configured to identify a home network defined for the asset, and to restrict access to the corresponding asset upon detecting an occurrence of an unauthorized activity involving the asset. The method further includes storing, in a storage device, information about the security token and information linking the security token to the corresponding asset, and initiating integration of the security token with the corresponding asset.
    Type: Grant
    Filed: August 15, 2016
    Date of Patent: March 7, 2017
    Assignee: Document Dynamics, LLC
    Inventor: Robert G. Caffary, Jr.
  • Patent number: 9577988
    Abstract: A method, a system, and a non-transitory storage medium for storing user preferences pertaining to a data encryption service that provides on-demand encryption for data in-flight and at rest; receiving data from a user device; determining whether to invoke the data encryption service based on the data and the user preferences; generating a key to encrypt the data based on determining that the data encryption service is to be invoked; generating a first message that includes the data, the key, and data indicating where encrypted data is to be stored; establishing a secure connection with a device; and transmitting the first message to the device via the secure connection.
    Type: Grant
    Filed: September 26, 2014
    Date of Patent: February 21, 2017
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Ravindra J. Rao, Gary R. Francis, Ashay Chaudhary
  • Patent number: 9571280
    Abstract: The present disclosure is directed to application integrity protection via secure interaction and processing. For example, interaction with a user interface in a device may result in input information being generated. Following encryption, the input information may be conveyed to an application executing in a secure processing environment. The encrypted input information may be received, decrypted and processed by the application. An example application may include a secure controller component, a secure model component and a secure view component. The secure controller component may, for example, provide change instructions to the secure model component based on the decrypted input information. The secure model component may then, if necessary, provide a change notification to the secure view component based on the change instructions.
    Type: Grant
    Filed: June 4, 2013
    Date of Patent: February 14, 2017
    Assignee: Intel Corporation
    Inventors: Pradeep M. Pappachan, Reshma Lal
  • Patent number: 9563748
    Abstract: Provided is a technology for improving the efficiency and the accuracy of data security. To this end, protection information provided to data is maintained correct even when it becomes necessary to change the necessity/non-necessity to protect the data depending on the content of a process performed on the data. More specifically, primitive data with protection attributes set thereon is read as the original data, and an operation is performed on the original data to generate derived data. Then, whether to make the derived data inherit the protection attributes of the original data is determined on the basis of a content of the operation performed on the original data.
    Type: Grant
    Filed: March 20, 2014
    Date of Patent: February 7, 2017
    Assignee: HITACHI, LTD.
    Inventors: Takaaki Haruna, Nobuaki Kohinata
  • Patent number: 9536060
    Abstract: A network information system, and a method of operation thereof, includes: an extraction module for extracting a unique device identification for sending to an e-commerce server, wherein the unique device identification is extracted from a network-connected device with a software application installed and not activated on the network-connected device; a settlement process module, coupled to the extraction module, for generating a notification based on the unique device identification for sending to a license server; and a key generation module, coupled to the settlement process module, for generating a product key for the unique device identification based on the notification for activating the software application to run on a computing device.
    Type: Grant
    Filed: February 18, 2015
    Date of Patent: January 3, 2017
    Assignee: ClevX, LLC
    Inventors: Alex Lemelev, Lev M. Bolotin
  • Patent number: 9529733
    Abstract: The disclosed computer-implemented method for securely accessing encrypted data stores may include (1) receiving, from a data storage service, a request to permit authenticated access to an encrypted data store administered by the data storage service, the request including a cryptographic element associated with the encrypted data store that has been encrypted using a public key associated with the authentication device, (2) decrypting the cryptographic element associated with the encrypted data store using a private key associated with the authentication device, (3) encrypting the cryptographic element associated with the encrypted data store using a public key associated with a cryptographic client, and (4) transmitting the encrypted cryptographic element to the cryptographic client to enable the cryptographic client to perform cryptographic operations on the encrypted data store. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: September 18, 2014
    Date of Patent: December 27, 2016
    Assignee: Symantec Corporation
    Inventors: Ilya Sokolov, Brian Powell
  • Patent number: 9510035
    Abstract: Systems and methods are provided for securely providing a media stream from a server device to a remote player via a communications network. A request for a connection is received from the remote player at the server device via the communications network. In response to the request for the connection, an authorization credential is requested from a central server via the communications network. Further, in response to the authorization credential received from the central server, the media stream between the server device and the remote player can be established over the communications network. At least a portion of the media stream may be encrypted based upon the authorization credential.
    Type: Grant
    Filed: September 1, 2015
    Date of Patent: November 29, 2016
    Assignee: Sling Media, Inc.
    Inventor: Padmanabha R. Rao
  • Patent number: 9501658
    Abstract: A method, system and computer program product for protecting access to a computer file are disclosed. In embodiments, the method comprises a user, employing a user computer, selecting a file, and creating a reference file to protect access to this selected file. When a requester uses a computer device to request access to the protected file, the reference file initiates a procedure to determine if the computing device is entitled to access the protected file by validating a series of computer components that uniquely identify the computing device. In embodiments, a set of specified computer configuration data is stored in a specified storage location; and the series of computer components that uniquely identify the computing device are validated by comparing this set of computer configuration data with the series of computer components that uniquely identify the computing device.
    Type: Grant
    Filed: January 8, 2016
    Date of Patent: November 22, 2016
    Assignee: International Business Machines Corporation
    Inventors: Pablo Roberto Millicay Gonzalez, Tiago Pagani, Krzysztof A. Rudek, Vinod A. Valecha
  • Patent number: 9503461
    Abstract: In one embodiment, a computer-implemented method includes, in response to an attempt by a user to perform a transaction using a computing device, accessing a communication device connected to the computing device. A presence of one or more nearby devices, with respect to the computing device, is detected through use of the communication device connected to the computing device. A mapping of nearby devices to trust levels may be applied to the one or more nearby devices. In the mapping, each group of one or more nearby devices maps to a trust level of two or more trust levels. An assigned trust level for the transaction is determined, by a computer processor, based on applying the mapping of nearby devices to trust levels. The mapping of nearby devices to trust levels is modified based on the one or more nearby devices detected. The modified mapping is used for future transactions.
    Type: Grant
    Filed: December 30, 2014
    Date of Patent: November 22, 2016
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Louis T. Fuka, Susann M. Keohane, James R. Kraemer
  • Patent number: 9483217
    Abstract: A printing server includes a registration request reception unit, a registration unit which allocates connection information for connection with the transmission origin of the registration request and an electronic mail address for receiving a printing request to the transmission origin of the registration request, a registration information transmission unit which transmits the registration information which has been allocated, a connection unit which receives the connection information and starts connection, a printing data generation unit which generates printing data, a printing waiting information transmission unit which transmits printing waiting information to the transmission origin of the XMPP connection request using XMPP when the printing data is generated, and a printing data transmission unit which receives an acquisition request for the printing data and transmits the printing data to the transmission origin of the acquisition request for the printing data according to the acquisition request fo
    Type: Grant
    Filed: January 13, 2015
    Date of Patent: November 1, 2016
    Assignee: Seiko Epson Corporation
    Inventors: Yasuhiro Oshima, Hirotaka Akamatsu, Yasuhiro Furuta
  • Patent number: 9467477
    Abstract: Data security jurisdiction zones are identified and data security policy data for the data security jurisdiction zones is obtained. The data security policy data for the data security jurisdiction zones is then automatically analyzed to determine allowed secrets data with respect to each of the identified data security jurisdiction zones. The allowed secrets data with respect to each of the data security jurisdiction zones is then automatically obtained and provided to resources in the respective data security jurisdiction zones, either from a central secrets data store or from an allowed secrets data store associated with each data security jurisdiction zone.
    Type: Grant
    Filed: November 6, 2013
    Date of Patent: October 11, 2016
    Assignee: Intuit Inc.
    Inventors: Luis Felipe Cabrera, M. Shannon Lietz
  • Patent number: 9443097
    Abstract: The systems and methods of the present invention provide a solution that makes data provably secure and accessible—addressing data security at the bit level—thereby eliminating the need for multiple perimeter hardware and software technologies. Data security is incorporated or weaved directly into the data at the bit level. The systems and methods of the present invention enable enterprise communities of interest to leverage a common enterprise infrastructure. Because security is already woven into the data, this common infrastructure can be used without compromising data security and access control. In some applications, data is authenticated, encrypted, and parsed or split into multiple shares prior to being sent to multiple locations, e.g., a private or public cloud. The data is hidden while in transit to the storage location, and is inaccessible to users who do not have the correct credentials for access.
    Type: Grant
    Filed: March 31, 2011
    Date of Patent: September 13, 2016
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini
  • Patent number: 9432190
    Abstract: Methods, apparatuses, computer program products, devices and systems are described that carry out receiving level-one encrypted data including at least one associated encrypted identifier; encrypting with a level-two encryption key at least a part of the level-one encrypted data to produce level-two encrypted data; receiving a hash of the at least one associated encrypted identifier; associating the hash with the level-two encrypted data; and transmitting the level-two encrypted data and associated hash of the at least one associated encrypted identifier.
    Type: Grant
    Filed: March 14, 2013
    Date of Patent: August 30, 2016
    Assignee: Elwha LLC
    Inventors: Marc E. Davis, Matthew G. Dyor, William Gates, Xuedong Huang, Roderick A. Hyde, Edward K. Y. Jung, Jordin T. Kare, Royce A. Levien, Richard T. Lord, Robert W. Lord, Qi Lu, Mark A. Malamud, Nathan P. Myhrvold, Satya Nadella, Danny Allen Reed, Harry Shum, Clarence T. Tegreene, Lowell L. Wood, Jr.
  • Patent number: 9424404
    Abstract: Software revalidation. In one example embodiment, a method for software revalidation may include various steps. For example, the method may include receiving, at a machine on which a software application has been installed and activated, activation rules, from an activation server, that have been updated since the release of the software application to account for new or updated software or hardware with which the software application is configured to be employed. The method may also include periodically applying, at the machine, the updated activation rules to newly-collected machine configuration information from the machine to determine whether a product key remains valid for the newly-collected machine configuration information and, if the product key remains valid for the newly-collected machine configuration information, revalidating, at the machine, the software application to authorize continued access to the software application.
    Type: Grant
    Filed: September 28, 2015
    Date of Patent: August 23, 2016
    Assignee: STORAGECRAFT TECHNOLOGY CORPORATION
    Inventors: Nathan S. Bushman, Douglas Mark Lee
  • Patent number: 9411943
    Abstract: An authentication method authenticates a first party to a second party, where an operation is performed on condition that the authentication succeeds. If the first party is not authenticated, then if the first party qualifies for a sub-authorization, the operation is still performed. Further, a device that includes a first memory area holding a comparison measure, which is associated with time, and which is also used in said authentication procedure, a second memory area holding a limited list of other parties which have been involved in an authentication procedure with the device, and a third memory area, holding compliance certificates concerning parties of said list.
    Type: Grant
    Filed: October 24, 2013
    Date of Patent: August 9, 2016
    Assignee: KONINKLIJKE PHILIPS N.V.
    Inventors: Maurice Jerome Justin Jean-Baptiste Maes, Boris Skoric, Antonius Adriaan Maria Staring, Johan Cornelis Talstra
  • Patent number: 9398082
    Abstract: Broadcasts identifying executed execution states and configurations of a plurality of virtual machines may be received. Each of the broadcasts may be received from a client system of a plurality of client systems. At least two of the virtual machines may be installed on each of the plurality of client systems. A determination may be made as to whether a first virtual machine of the plurality of virtual machines that is installed on a first client system of the plurality of client systems is unauthorized in view of an execution state of the first virtual machine and a configuration of a second virtual machine of the plurality of virtual machine. A control action for the first client system may be generated when the first virtual machine is determined to be unauthorized.
    Type: Grant
    Filed: September 19, 2014
    Date of Patent: July 19, 2016
    Assignee: Red Hat, Inc.
    Inventors: Joseph Boggs, Norman Lee Faus, David P. Huff, Bryan Kearney