Including Authentication Patents (Class 380/229)
  • Patent number: 11429986
    Abstract: Real-time busyness information is for a public place is computed in a privacy-sensitive way, and provided for display in relation to historical busyness information. An aggregate amount of real-time location information available for a particular public place is measured (410), and used to determine (420) whether the public place is privacy-qualified. If the public place is privacy-qualified, real-time busyness information is computed (440) for the public place based on the real-time location information. Further, it is determined (450) whether the computed real-time busyness information is accuracy-qualified, based on a comparison of the real-time busyness information to historical busyness information. If both qualifications are met, the real-time busyness information is output (470) for display or to another application.
    Type: Grant
    Filed: November 4, 2016
    Date of Patent: August 30, 2022
    Assignee: Google LLC
    Inventors: Frank Russo, Luuk Van Dijk, Paul Donnelly, Quang Duong, James Aspinall, Finnegan Southey, Steve Chien
  • Patent number: 11409898
    Abstract: A secure data broker includes a public network interface, an authorization module, a database interface, and an encryption module. The public network interface is configured to receive a database query and authorization information from a client device over a secure connection and return a response to the database query to the client device over the secure connection. The authorization module is configured to authorize the client device based on the authorization information, which was issued to the client device by the public safety platform. The database interface is configured to submit the database query to a secure database in response to the authorization of the client device and to receive the response to the database query from the secure database. The encryption module is configured to encrypt the response to the database query using a broker key.
    Type: Grant
    Filed: December 9, 2019
    Date of Patent: August 9, 2022
    Assignee: RapidDeploy, Inc.
    Inventors: Justin Jensen, Brett Meyerowitz, Ivor Chalton, Cameron Plimsoll
  • Patent number: 11303632
    Abstract: The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of authenticating customers and service agents. The innovation receives a connection request to connect a customer and a service agent. The customer is authenticated for the service agent by matching biometric data of the customer to previously stored biometric data using a biometric recognition algorithm. The service agent is authenticated for the customer by matching a unique identifier to a previously stored unique identifier. A confirmation notification is generated and sent to the service agent and the customer to confirm the authentications. A connection is established between the customer and the service agent according to the authentications and the connection request.
    Type: Grant
    Filed: June 8, 2018
    Date of Patent: April 12, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Vinod Mannattil, Satyavathi Divadari, Sridhara Rao Sidhu, Rameshchandra Bhaskar Ketharaju
  • Patent number: 11178127
    Abstract: Some embodiments of the invention provide a method for a trusted (or originator) device to modify the security state of a target device (e.g., unlocking the device) based on a securing ranging operation (e.g., determining a distance, proximity, etc.). The method of some embodiments exchanges messages as a part of a ranging operation in order to to determine whether the trusted and target devices are within a specified range of each other before allowing the trusted device to modify the security state of the target device. In some embodiments, the messages are derived by both devices based on a shared secret and are used to verify the source of ranging signals used for the ranging operation. In some embodiments, the method is performed using multiple different frequency bands.
    Type: Grant
    Filed: April 26, 2017
    Date of Patent: November 16, 2021
    Assignee: Apple Inc.
    Inventors: Wade Benson, Marc J. Krochmal, Alexander R. Ledwith, John Iarocci, Jerrold V. Hauck, Michael Brouwer, Mitchell D. Adler, Yannick L. Sierra
  • Patent number: 11057377
    Abstract: A biometric token is generated for a user and provided to a user-operated device. A pre-staged transaction is defined by a user and the user supplies the token for association with the pre-staged transaction. Subsequently, a user visits a transaction terminal and a new candidate token is generated from biometric attributes of the user. The candidate token is matched to the token associated with pre-staged transaction to authenticate the user and the pre-staged transaction is processed at the transaction terminal as a completed transaction.
    Type: Grant
    Filed: August 26, 2018
    Date of Patent: July 6, 2021
    Assignee: NCR Corporation
    Inventors: Bruce McBain, Charlie Harrow, Husameldin M Ali Ibrahim
  • Patent number: 11025607
    Abstract: Concepts and technologies disclosed herein are directed to vehicle-to-everything (“V2X”) certificate management. According to one aspect of the concepts and technologies disclosed herein, a system can receive a CRL from a security credential management (“SCM”) system. The CRL can identify one or more certificates that have been determined to be invalid, such as when the certificate(s) has expired. The certificate(s) can be utilized by a vehicle for secure communications, including vehicle-to-vehicle (“V2V”) and vehicle-to-infrastructure (“V2I”) (collectively V2X). The system can format the CRL as a cell broadcast message. The system can then create a cell broadcast request directed to a cell broadcast center (“CBC”). The cell broadcast request can include the CRL formatted as the cell broadcast message. The system can send the cell broadcast request to the CBC to instruct the CBC to broadcast the CRL as the cell broadcast message.
    Type: Grant
    Filed: December 15, 2016
    Date of Patent: June 1, 2021
    Assignees: AT&T Mobility II LLC, AT&T Intellectual Property II, L.P.
    Inventors: Murali Narayanan, Roger Mahler, Paul Nichols, George Murphy, Zachery Carter, Senthil Ramakrishnan, Thomas Becker
  • Patent number: 10965548
    Abstract: Embodiments of the invention provide systems, computer program products, and methods for a network operational decisional engine (NODE) to allow individual users to set resource distribution constraints on various accounts over a number of different networks. By providing a centralized user interface and storing and tracking user configuration and account data, the invention recognizes and filters resource distribution requests based on operational decisions as specified by users in order to provide increased control over the authorization or denial of resource distribution requests. The NODE provides the ability to proactively control resource distribution constraints before requests for resource distribution are initiated, and allows for tailored operational decisions to be easily implemented based on a wide range of user-defined criteria.
    Type: Grant
    Filed: February 25, 2020
    Date of Patent: March 30, 2021
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Joseph Benjamin Castinado, Jeetendra Hukmichand Jain
  • Patent number: 10938622
    Abstract: An interconnection network is provided for managing data transfer between a plurality of nodes of an integrated circuit. The interconnection network has at least one transmission path originating from an upstream location of the interconnection network, each transmission path being arranged to transmit data blocks from the upstream location to an associated downstream location within that transmission path. Digest generation circuitry is used to generate digests for data blocks, and fault detection circuitry provided in association with the upstream location is arranged to determine presence of a fault condition in the interconnection network. The digest generation circuitry is arranged to generate an upstream digest for a given data block at the upstream location, and to generate a corresponding downstream digest for the given data block at the associated downstream location.
    Type: Grant
    Filed: May 28, 2019
    Date of Patent: March 2, 2021
    Assignee: Arm Limited
    Inventors: Julian Jose Hilgemberg Pontes, Andrew David Tune, Sean James Salisbury
  • Patent number: 10833860
    Abstract: Authentication is performed on a plurality of links of a computing environment. One node requests generation of a shared key by a key server coupled to the one node. The one node obtains the shared key and an identifier of the shared key and sends the identifier from the one node to another node. A message encrypted with the shared key is sent from the one node to the other node via one link of the plurality of links. The one node receives via the one link an indication that the other node decrypted the encrypted message using the shared key obtained by the other node. The sending the encrypted message and the receiving the indication that the other node decrypted the encrypted message are repeated on one or more other links of the plurality of links using the shared key previously obtained.
    Type: Grant
    Filed: September 4, 2018
    Date of Patent: November 10, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Patricia G. Driever, Roger G. Hathorn, Christopher Colonna, John Flanagan, George P. Kuch, Richard M. Sczepczenski, Glen Jaquette
  • Patent number: 10826924
    Abstract: Described herein are various methods of securing a computer system. One or more methods include starting a security process after basic functionality on a computer is initiated at startup. The security process performs one or more reviews, such as audits, of the computer to verify that there have not been unauthorized changes to the computer, such as to any settings or executable files.
    Type: Grant
    Filed: April 22, 2020
    Date of Patent: November 3, 2020
    Assignee: Quantum Information Security, LLC
    Inventor: Timothy Fletcher
  • Patent number: 10803116
    Abstract: A system and method that distinguishes between logos and other categories of images, such as natural images, cartoon images, and computer-processed or generated images (“concept images”). The system receives a query image, which may, for example, be intended to be evaluated by an image search and comparison engine to identify matches to a catalog of images. The system evaluates characteristics of the query image, such as the gray-levels in the image, the edge crossings in the image, and the gradient magnitudes in the image, to identify whether the image is a logo. Based on identifying the image is a logo, the logo query image may be excluded from being evaluated by the image search and comparison engine.
    Type: Grant
    Filed: April 22, 2016
    Date of Patent: October 13, 2020
    Assignee: PicScout (Israel) Ltd.
    Inventor: Leonid Brailovsky
  • Patent number: 10777030
    Abstract: The present invention provides a system and method for conditionally selecting biometric modalities for biometric authentication at authentication run time. The system and method employ programmatic logic to identify which biometric modalities to use for authenticating a user. The software module for selecting biometric modalities includes, a plurality of rules or conditional logic for selecting one or more biometric modalities required to authenticate a user requesting a secure action.
    Type: Grant
    Filed: January 14, 2020
    Date of Patent: September 15, 2020
    Assignee: ImageWare Systems, Inc.
    Inventor: David Harding
  • Patent number: 10742764
    Abstract: A method, apparatus and computer program product for displaying a web page. Metadata describing a web page is received by a client data processing system. The metadata defines what the web page looks like without content for the web page. The content needed for the web page based on the metadata is identified by the client data processing system. The content for the web page is obtained by the client data processing system. The web page using the metadata and the content is created by the client data processing system without using a markup language. The web page on a graphical user interface on the client data processing system is displayed by the client data processing system.
    Type: Grant
    Filed: July 27, 2015
    Date of Patent: August 11, 2020
    Assignee: ADP, LLC
    Inventors: Clint Myers, Amit Kumar Sharma, Vinay Shankri, Siju Varghese
  • Patent number: 10742612
    Abstract: In a network that includes a client, a server and one or more proxy entities that intercept network traffic between the client and the server, a computer-implemented method is provided including: establishing trust with a permissioned distributed database; computing hashes from packet payloads of network traffic originated, intercepted or received; storing the hashes to the permissioned distributed database so that the permissioned distributed database maintains hashes computed from packets of the network traffic originated, intercepted or received by the client, server and the one or more proxy entities; and validating the hashes by comparing, with each other, the hashes stored to the permissioned distributed database by the client, server and the one or more proxy entities to determine whether any packet payload of the network traffic was modified in transit.
    Type: Grant
    Filed: October 16, 2017
    Date of Patent: August 11, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: Prashanth Patil, K. Tirumaleswar Reddy, Justin James Muller, Judith Ying Priest, Puneeth Rao Lokapalli
  • Patent number: 10733298
    Abstract: A controller of an information handling system (IHS) performs a method to detect tampering with functional components of IHS. Following a last authorized configuration change of locally-available information handling resources, a unique code is generated and stored with a time-stamped system log entry in a system memory. Prior to transit, a system management audit (SMA) log snapshot is generated and provided to an audit device for separately conveying to a recipient of the IHS. In response to powering up at least the controller of the IHS after transit, a current SMA log snapshot is obtained that includes a current SMA log entry and a current unique code. Access by an audit device is provided to the current SMA log snapshot to enable comparison to the SMA log snapshot created prior to transit for identifying whether there has been tampering with the IHS.
    Type: Grant
    Filed: July 31, 2017
    Date of Patent: August 4, 2020
    Assignee: Dell Products, L.P.
    Inventors: Mukund P. Khatri, Alaric J. N. Silveira
  • Patent number: 10719405
    Abstract: Methods and systems for efficiently capturing snapshots of a computing application or environment over time and transferring the snapshots to an integrated data management and storage system are described. A snapshot agent may detect that one or more electronic files associated with the computing application or environment are greater than a threshold file size and in response perform an incremental backup optimization in which the snapshot agent may identify files that have been touched since a previous snapshot by accessing file system metadata (e.g., last modified timestamps) or utilizing a tracking agent to detect potential file changes that have occurred since the previous snapshot was captured. The snapshot agent may then generate fingerprints for data blocks of the touched files, which may reduce the total number of fingerprints needing to be generated to identify the changed data blocks corresponding with a current snapshot to be transferred.
    Type: Grant
    Filed: December 11, 2017
    Date of Patent: July 21, 2020
    Assignee: RUBRIK, INC.
    Inventors: Jiangbin Luo, Biswaroop Palit, Guilherme Vale Ferreira Menezes
  • Patent number: 10672007
    Abstract: A settlement system includes a mobile terminal including a plurality of payment means for performing the payment process, and a reader/writer including an acquisition unit that sequentially inquires to the mobile terminal about each of a plurality of acceptable payment means and accepting a payment with one payment means specified among payment means confirmed to be present by the settlement acquisition unit by using a settlement unit corresponding to the one payment means, the mobile terminal further including a storage means that stores limitation information, and the reader/writer further includes a limitation information acquisition means that acquires the limitation information stored in the storage means, and an electronic money type narrowing down unit that stops inquiries by the acquisition unit when presence of payment means limited by the limitation information acquired by the limitation information acquisition means is confirmed by the acquisition unit.
    Type: Grant
    Filed: March 16, 2017
    Date of Patent: June 2, 2020
    Assignee: Rakuten, Inc.
    Inventor: Hideki Akashika
  • Patent number: 10652022
    Abstract: An authentication and encryption computer system is disclosed including processing devices, a network interface, and a data store. The authentication and encryption system is configured to maintain in the data store content common to a plurality of entities and content independently specified by each of the plurality of entities. The system is configured to receive a content request from an application executing on a mobile device, the content request comprising a secure access code corresponding to an entity, and the content request encrypted by the mobile device. An interface, comprising the content common to the plurality of entities, is customized to include content independently specified by the entity, wherein the content independently specified by the entity comprises a token value. A user request for an item presented via the interface is received and the token value is transferred to the entity.
    Type: Grant
    Filed: October 10, 2019
    Date of Patent: May 12, 2020
    Assignee: Oasis Medical, Inc.
    Inventor: Norman Craig Delgado
  • Patent number: 10630661
    Abstract: Techniques are described for wireless communication. A method of wireless communication at a transmitting wireless device includes generating a first Message Authentication Code (MAC) for a data packet based at least in part on a first security key used to communicate with a receiving wireless device; generating a second MAC for the data packet based at least in part on a second security key used to communicate with a relay user equipment (UE), in which the relay UE is included in a data routing path between the transmitting wireless device and the receiving wireless device; and transmitting the data packet to the relay UE with at least the first MAC and the second MAC.
    Type: Grant
    Filed: September 15, 2017
    Date of Patent: April 21, 2020
    Assignee: QUALCOMM Incorporated
    Inventors: Soo Bum Lee, Gavin Bernard Horn, Anand Palanigounder
  • Patent number: 10491592
    Abstract: Data from browser requests is added to a vector. If explicit identification information (username, cookie data, etc.) is present, the vector is associated with a pre-existing user record, which is then updated. If not, candidate user records may be identified according to correspondence with values in the vector. This may include comparing hashes of one or more values to identify similarities. Candidate vectors may be eliminated by identifying inconsistency in OS, device, and browser information. Probability assigned to each candidate vector may be adjusted, e.g., reduced, in response to inconsistency in other data relating to a browser, device, or of a more global nature, e.g. time zone, user attributes, etc. Records associated with different devices may be associated with one another by evaluating hashes of data values submitted by a user on the different devices. Where the hash values of two records intersect, they may be merged with one another.
    Type: Grant
    Filed: October 19, 2017
    Date of Patent: November 26, 2019
    Assignee: REFLEKTION, INC.
    Inventors: Ali Mazouchi, Amar Chokhawala
  • Patent number: 10484352
    Abstract: Operating upon encrypted data with a particular data scope. A base encryption key is established and associated with the particular data scope, and then stored in a base encryption key store. That base encryption key store might be managed by an application or service that stores base encryption keys for multiple data scopes. A proxy encryption key acts as a kind of proxy for the base encryption key. The proxy encryption key may be used for frequent operations on encrypted data within the particular data scope. Thus, the principles described herein act as a frequency amplifier that allows key-based operations upon the particular data scope to be performed at much higher frequencies than otherwise would be possible by operating directly using the base encryption key.
    Type: Grant
    Filed: June 7, 2017
    Date of Patent: November 19, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Mitica Manu, Baskar Sridharan, Raghunath Ramakrishnan, Sriram K. Rajamani, Victor V. Boyko, Pushkar Vijay Chitnis, Shastry M. C. Shankara, Ramarathnam Venkatesan
  • Patent number: 10475032
    Abstract: A computer-implemented method for tokenless authentication of a paying consumer during a payment transaction uses a computing device having a processor and a memory. The method includes receiving a plurality of biometric data sets for a plurality of consumers. Each biometric data set includes at least a biometric image of a consumer and an associated payment account identifier. The method also includes receiving, from a first biometric input device communicatively coupled to the processor, a first biometric image of the paying consumer including an iris image. The method further includes determining a payment account associated with the paying consumer based on at least the first biometric image and the plurality of biometric data sets. The method also includes authenticating use of the payment account by the paying consumer for a payment transaction at the retail location by comparing the first biometric image to the plurality of biometric data sets.
    Type: Grant
    Filed: January 26, 2018
    Date of Patent: November 12, 2019
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Debashis Ghosh, Randy Shuken, Mary Elizabeth Lesbirel
  • Patent number: 10425814
    Abstract: An iris biometric recognition module includes technology for capturing images of an iris of an eye of a person, whether the person is moving or stationary. The iris biometric recognition technology can perform an iris matching procedure for, e.g., authentication or identity purposes, by comparing a digital iris image to a reference iris image and, if the digital and reference iris images match, authenticating a person as authorized to access a first device and transmitting a wireless communication from the first device to a second device.
    Type: Grant
    Filed: September 24, 2015
    Date of Patent: September 24, 2019
    Assignee: Princeton Identity, Inc.
    Inventors: Steven N. Perna, Mark A. Clifton, Jongjin Kim, Bobby S. Varma, Stephen J. Piro, Barry E. Mapen, Kevin P. Richards, David Alan Ackerman, Ann-Marie Lanzillotto, David J. Wade, Timothy J. Davis, Michael P. Fleisch, Jitendra J. Bhangley, Glen J. Van Sant
  • Patent number: 10417191
    Abstract: Transmitting filesystem changes over a network is disclosed. A hash of data comprising a chunk of directory elements comprising one or more consecutive directory elements in a set of elements sorted in a canonical order is computed at a client system. One or more directory elements comprising the chunk are sent to a remote server in the event it is determined based at least in part on the computed hash that corresponding directory elements as stored on the remote server are not identical to the directory elements comprising the chunk as stored on the client system.
    Type: Grant
    Filed: December 4, 2015
    Date of Patent: September 17, 2019
    Assignee: EMC IP Holding Company LLC
    Inventors: Mark Huang, Curtis Anderson, R. Hugo Patterson
  • Patent number: 10277577
    Abstract: A processor-implemented method for authenticating a login without a password. The method includes: receiving a request to authenticate a login, the request including a user identifier and excluding a password; based on the user identifier, identifying a device to be used to authenticate the login; and in response to determining that a login confirmation message has been received from the identified device, authenticating the login.
    Type: Grant
    Filed: July 5, 2018
    Date of Patent: April 30, 2019
    Assignee: nadaPASS, Inc.
    Inventor: Jay Lawrence Cox
  • Patent number: 10177918
    Abstract: A user permission check system with less CPU throughput while ensuring non-repudiation is provided. In order to solve the above-described problem, in the present invention firstly, a MAC function that does not require a CPU to have high processing power is utilized. Additionally, a message is encrypted with a plurality of secret keys and the plurality of keys are distributed to a plurality of servers to make them have the keys in order to ensure validity of the message as a proof of non-repudiation. Subsequently, each server proves the validity of the message within its own range and the validity of the message is ensured by aggregating these individual results, thereby implementing the non-repudiation.
    Type: Grant
    Filed: January 12, 2017
    Date of Patent: January 8, 2019
    Assignee: HITACHI, LTD.
    Inventors: Kota Ideguchi, Eriko Ando
  • Patent number: 10092697
    Abstract: A container designed to contain a fluid medicament and adapted to cooperate with a delivery device for delivering the fluid medicament comprises an electrically operable sensor system for measuring at least one physical or chemical parameter value related to the container and/or fluid medicament therein, wherein the sensor system comprises an optical receiver designed to receive optical radiation energy and to transform said optical radiation energy into electrical energy for operating the sensor system.
    Type: Grant
    Filed: October 25, 2013
    Date of Patent: October 9, 2018
    Assignee: Sanofi-Aventis Deutschland GmbH
    Inventors: Christian Nessel, Daniel Auernhammer
  • Patent number: 10097345
    Abstract: Technology, implemented in digital hardware, software, or combination thereof, for completing Secure Hash Algorithm (SHA-2) computation with generating one new hash value at each clock cycle is described. The technology includes: using synchronous logic to store the computed values every alternate clock and combinational logic to process multiple rounds of SHA in each clock; completing hash calculation in unrolled modes; using efficient adders for most 32-bit adders to improve performance.
    Type: Grant
    Filed: April 13, 2016
    Date of Patent: October 9, 2018
    Assignee: PEERNOVA, INC.
    Inventors: Arvind Agrawal, Gangesh Kumar Ganesan
  • Patent number: 10032008
    Abstract: A mobile device may perform authentication with an authenticating entity. The mobile device may comprise a plurality of sensors and a processor. The processor may be configured to: receive an authentication request from the authenticating entity requesting authentication information; and determine if the authentication request satisfies predefined user privacy preferences. If so, the processor may be configured to: retrieve the authentication information from at least one sensor to form a trust vector in response to the authentication request and to command transmission of the trust vector to the authenticating entity for authentication.
    Type: Grant
    Filed: October 24, 2014
    Date of Patent: July 24, 2018
    Assignee: QUALCOMM Incorporated
    Inventors: Jonathan Charles Griffiths, Eliza Yingzi Du, David William Burns, Muhammed Ibrahim Sezan
  • Patent number: 9979721
    Abstract: Disclosed are a method, server, client and system for verifying a verification code. The method includes: sending a verification picture to a client according to a verification request from the client; acquiring from the client voice information that is input by a user according to the verification picture; and processing the voice information and performing verification according to acquired voiceprint information and/or text information. The server includes a sending module, an acquiring module and a verifying module. The client includes a receiving module, an acquiring module and a sending module. The system includes a server and a client. It may be effectively distinguished as whether the verification code is submitted by the user or by others, such that the problem of manual coding is effectively solved, and the operating cost of the server side is reduced and the overhead is saved.
    Type: Grant
    Filed: September 18, 2015
    Date of Patent: May 22, 2018
    Assignee: Tencent Technology (Shenzhen) Company Limited
    Inventors: Jinxing Liu, Jie Tu, Guoping Yan, Jie Zhang, Xiaoqiang Fu, Yuanhui Xie
  • Patent number: 9971879
    Abstract: An authorized user obtains a packaging license that grants permission to use a particular recording device to generate multimedia content in accordance with specified license terms. The packaging license includes a content key that is used to encrypt the multimedia content at the point of capture on the recording device. The encrypted multimedia content can be transmitted via unsecure channels (for example, via electronic mail) to a networked content repository or an intended recipient. For playback, an authorized user obtains a playback license that grants permission to decrypt and playback the multimedia content using a particular playback device. An authorization server and a key management server are used to manage which users are entitled to receive a license, and to define the terms of the granted licenses. A record of the granted authorizations and licenses is maintained, thereby allowing access to a given content item to be audited.
    Type: Grant
    Filed: May 26, 2016
    Date of Patent: May 15, 2018
    Assignee: Adobe Systems Incorporated
    Inventors: Joseph Steele, John Landwehr
  • Patent number: 9935934
    Abstract: A method and system for management access tokens is described. Access tokens for accessing third-party resources are stored and managed in a token repository. An access token may be obtained from a third-party resource. Once a user has authorized the system to access a third-party resource and unless that authorization is revoked, the user is not required to reauthorize the system in a pending or any subsequent interactive session, regardless of which shard of the system and third-party resource the user is connected to. The system can also use the authorization to execute scheduled requests for accessing or obtaining data from the third-party resource.
    Type: Grant
    Filed: March 31, 2015
    Date of Patent: April 3, 2018
    Assignee: MicroStrategy Incorporated
    Inventors: Luis Orozco, Gie Kian Siauw
  • Patent number: 9900308
    Abstract: A user mode control method and system based on iris recognition for mobile terminal are provided. When the mobile terminal receives an operation instruction of a user to start a display screen, iris feature data of the current user are scanned. The iris feature data of the current user are matched with iris feature data of users collected in advance, and the corresponding user mode is started when the match succeeds. The user mode control method and system prevents a stranger from accessing private data, and greatly improves security of the user data.
    Type: Grant
    Filed: September 2, 2014
    Date of Patent: February 20, 2018
    Assignee: HuiZhou TCL Mobile Communication Co., Ltd.
    Inventor: Yan Yang
  • Patent number: 9894055
    Abstract: An authentication request is generated when a user of a client device attempts to initiate a user session with an application managed by a service provider. An authentication response is generated based on credentials received from the user. The authentication response includes an assertion on behalf of the user. A delivery resource locator for the assertion is rewritten to a resource locator of a proxy in order to redirect the assertion to the proxy. The authentication response is sent to the client device together with the resource locator of the proxy in order to cause the client device to send the assertion to the proxy that decodes the re-written resource locator and sends the assertion to the service provider.
    Type: Grant
    Filed: January 29, 2016
    Date of Patent: February 13, 2018
    Assignee: Cisco Technology, Inc.
    Inventors: Vincent E. Parla, David McGrew, Andrzej Kielbasinski
  • Patent number: 9843440
    Abstract: An encryptor/decryptor, an electronic device including the encryptor/decryptor, and a method of operating the encryptor/decryptor are provided. The method of operating the encryptor/decryptor includes distributing an input plaintext stream to a plurality of encryption/decryption cores by pieces of plaintext data; performing a first operation by a first encryption/decryption core from among the plurality of encryption/decryption cores; and encrypting the plaintext data to ciphertext data or decrypting the ciphertext data to the plaintext data by each of the plurality of encryption/decryption cores by using a result of performing the first operation in the first encryption/decryption core.
    Type: Grant
    Filed: July 2, 2015
    Date of Patent: December 12, 2017
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Hong-Mook Choi, Heon-Soo Lee, Sang-hyun Park
  • Patent number: 9814084
    Abstract: Exemplary embodiments of the present invention include a computer-implemented method, comprising: establishing, at a computing device on a network, a communication connection with a setup access point; generating a token identifier, wherein the token identifier includes identification data corresponding to the computing device; transmitting the token identifier; transmitting a query, wherein the query includes a request to establish a new communication connection with the setup access point when the communication connection is terminated; and receiving a communication including a response to the query, wherein the response indicates that a new communication connection has been established with the setup access point, and wherein the new communication connection is established using the token identifier.
    Type: Grant
    Filed: August 7, 2014
    Date of Patent: November 7, 2017
    Assignee: BELKIN INTERNATIONAL INC.
    Inventors: Gursharan Sidhu, Ryan Yong Kim, Venkata Subba Rao Pathuri, Naga Yerramsetti
  • Patent number: 9760708
    Abstract: [Object] To reduce the trouble of the authentication process necessary for cooperation between a plurality of devices or network services. [Solving Means] An information processing apparatus includes a communication unit, a storage unit, and a controller. The communication unit communicates with a first device, a second device, and a service on a network, the service having a resource on a user of the first device. The controller controls the communication unit so that the communication unit transmits, based on a request for obtaining an access right to the resource from the first device and permission information representing permission by the user with respect to the obtaining of the access right, a request for issuing an access token to the service, the access token representing the access right, and receives, from the service, the access token issued by the service.
    Type: Grant
    Filed: January 26, 2013
    Date of Patent: September 12, 2017
    Assignee: SONY CORPORATION
    Inventor: Masato Shimakawa
  • Patent number: 9729529
    Abstract: The present invention provides a device and a method in a device for authenticating the device for use in a network. The method includes requesting a first security context for use in securing a first type of communication, where as part of requesting the first security context, a second security context is jointly requested for use in securing a second type of communication. The first security context is then received and used to provide secure access and communication via the first type of communication. The second security context is then received and used to provide secure access and communication via the second type of communication.
    Type: Grant
    Filed: February 5, 2009
    Date of Patent: August 8, 2017
    Assignee: Google Technology Holdings LLC
    Inventors: Apostolis K Salkintzis, Michael F Coulas
  • Patent number: 9710808
    Abstract: Methods and systems are provided for the exchange of digital cash employing protocols for various entities to separately certify the validity of the parties, values and transactions while maintaining the anonymity of the buyer or user of the digital cash. Encrypted connections are established allowing various parties to enter into transactions to buy, sell, exchange and recover digital cash using a secure method that protects the personal information and identity of the user. The parties exchange tokens for other value in a transaction of financial settlement between themselves and wherein they are the only parties with knowledge of the amount and description of the transaction and in this way mimics a traditional cash transaction.
    Type: Grant
    Filed: September 8, 2014
    Date of Patent: July 18, 2017
    Inventor: Igor V. Slepinin
  • Patent number: 9692591
    Abstract: A method of formatting data for transmission to another party including the step of incorporating in the data a flag indicative of the absence of data for authentication of the sender. An authentication tag length is also included to permit variable length tags to be used.
    Type: Grant
    Filed: May 18, 2015
    Date of Patent: June 27, 2017
    Assignee: Certicom Corp.
    Inventor: Marinus Struik
  • Patent number: 9686257
    Abstract: In response to reception of a request, an authorization server system identifies authorization based on first authorization information received by a reception unit along with the request. The authorization server system gives at least some of the identified authorization to an application, and issues second authorization information for identifying the given authorization.
    Type: Grant
    Filed: September 26, 2013
    Date of Patent: June 20, 2017
    Assignee: CANON KABUSHIKI KAISHA
    Inventor: Yu Tamura
  • Patent number: 9680821
    Abstract: To provide enhanced operation of virtualized computing systems, various systems, apparatuses, methods, and software are provided herein. In a first example, a method of operating a computing system to control access to data resources by virtual machines is provided. The method includes receiving an access token and an instantiation command from an end user system. Responsive to the instantiation command, the method includes instantiating a virtual machine identified by the instantiation command using the access token as user data for the virtual machine during instantiation. The method also includes, in the virtual machine, executing a security module responsive to instantiation that transfers the access token for delivery to an authorization system, receiving credentials responsive to the access token, and accessing a data resource using the credentials.
    Type: Grant
    Filed: October 8, 2014
    Date of Patent: June 13, 2017
    Assignee: Conjur, Inc.
    Inventors: Kevin Gilpin, Elizabeth Lawler
  • Patent number: 9648015
    Abstract: Secure authentication may be facilitated using a biometric-enabled transitory password authentication device. Exemplary implementations may facilitate secure payments and/or authentication via an application running on a user computing platform (e.g., a mobile device) simultaneously coordinating with both a server and the authentication device, which may act in some respects as an external hardware token. Exemplary implementations may rely on combining three parameters to establish a three-factor based approach to authentication in a fraud-free manner for digital wallets, third-party software, and/or other purposes. The three-factor based approach to authentication may require something the user possesses (e.g., the authentication device), something the user is (e.g., a biometric identifier such as a fingerprint), and something the user knows (e.g., an image or numeric based pin used to unlock the authentication device).
    Type: Grant
    Filed: November 11, 2014
    Date of Patent: May 9, 2017
    Assignee: HYPR CORP.
    Inventors: George Avetisov, Roman Kadinsky, Bojan Simic
  • Patent number: 9608977
    Abstract: A tool for credential validation using multiple computing devices. The tool select at least one challenge question. The tool selects two or more user owned devices, wherein selecting the two or more user owned devices includes querying a database for each user owned device associated with a user account. The tool presents the at least one challenge question to the two or more user owned devices. The tool determines whether the at least one response received from the two or more user owned devices is a correct response relative to the at least one challenge question.
    Type: Grant
    Filed: February 17, 2016
    Date of Patent: March 28, 2017
    Assignee: International Business Machines Corporation
    Inventors: Gregory J. Boss, Andrew R. Jones, Charles S. Lingafelt, Kevin C. McConnell, John E. Moore, Jr.
  • Patent number: 9600691
    Abstract: An apparatus and a method for displaying information required to be secured in a wireless communication terminal are provided. The method includes recognizing generation of notification information of one or more processes activated in a first operation mode among a plurality of operation modes including the first operation mode and a second operation mode; and notifying a user of a part of the notification information when a current operation mode is the second operation mode.
    Type: Grant
    Filed: April 24, 2014
    Date of Patent: March 21, 2017
    Assignee: Samsung Electronics Co., Ltd
    Inventors: Younkyu Heo, Youngkyoo Kim, Mooyoung Kim, Minjung Kim, Dongho Jang, Jaebong Chun
  • Patent number: 9600508
    Abstract: Disclosed are various embodiments for a token management application. A data block tokenization call to a data layer service fails when a data store is unavailable. The token management application issues a temporary data token to the service calling the data layer service. The token management application completes the data block tokenization call on behalf of the service to obtain a valid data token. The valid data token is then communicated to services having the temporary data token.
    Type: Grant
    Filed: July 31, 2015
    Date of Patent: March 21, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Yongjuan Zou, Srikanth Murali, Zhengqiang Xu
  • Patent number: 9529512
    Abstract: A wireless server access control system comprising a wireless server generating a local wireless communications network, the wireless server having a processor and a plurality of redundant data memory devices. A first wireless device coupled to the wireless server through the local wireless communications network. An access control system operating on the wireless server, the access control system configured to generate a user control on a user interface of the first wireless device to allow a user to permit or deny access to the processor and the data memory devices of the wireless server by a second wireless device through the local wireless communications network.
    Type: Grant
    Filed: January 27, 2015
    Date of Patent: December 27, 2016
    Assignee: MYTH INNOVATIONS, INC.
    Inventors: James Albert Luckett, Jr., Chad Michael Rowlee, Shengli Fu
  • Patent number: 9501664
    Abstract: Techniques and mechanisms to detect and compensate for drift by a physically uncloneable function (PUF) circuit. In an embodiment, first state information is registered as reference information to be made available for subsequent evaluation of whether drift by PUF circuitry has occurred. The first state information is associated with a first error correction strength. The first state information is generated based on a first PUF value output by the PUF circuitry. In another embodiment, second state information is determined based on a second PUF value that is output by the PUF circuitry. An evaluation of whether drift has occurred is performed based on the first state information and the second state information, the evaluation including determining whether a threshold error correction strength is exceeded concurrent with a magnitude of error being less than the first error correction strength.
    Type: Grant
    Filed: December 15, 2014
    Date of Patent: November 22, 2016
    Assignee: Sandia Corporation
    Inventor: Jason Hamlet
  • Patent number: 9485094
    Abstract: Various embodiments of the invention allow to take advantage of the natural statistical variation of physical properties in a semiconductor device in order to create truly random, repeatable, and hard to detect cryptographic bits. In certain embodiments, this is accomplished by pairing mismatch values of PUF elements so as to ensure that PUF key bits generated thereform remain insensitive to environmental errors, without affecting the utilization rate of available PUF elements.
    Type: Grant
    Filed: September 8, 2014
    Date of Patent: November 1, 2016
    Assignee: Maxim Integrated Products, Inc.
    Inventors: Pirooz Parvarandeh, Sung Ung Kwak
  • Patent number: 9436773
    Abstract: A method for internet communication is presented. An identifier is embedded in an internet-accessible computer readable medium, and an internet address is embedded in the internet-accessible computer readable medium in a relation to the identifier. The identifier is located to provide an identifier location, and the internet address is located based on the identifier location.
    Type: Grant
    Filed: April 20, 2012
    Date of Patent: September 6, 2016
    Assignee: The Boeing Company
    Inventor: James Michael Milstead