Communication System Using Cryptography Patents (Class 380/255)
  • Patent number: 9893884
    Abstract: According to an embodiment, a communication device is connected to another communication device through an optical communication path to generate an identical cryptographic key shared among the communication devices. The communication device includes a key sharing unit, a key distilling unit, a measuring unit, and a varying unit. The key sharing unit is configured to generate a shared bit string through quantum key distribution with the another communication device. The key distilling unit is configured to generate the cryptographic key from the shared bit string by a key distillation process. The measuring unit is configured to measure an error rate occurring in a photon string transmitted and received via a photon communication channel. The varying unit is configured to vary, based on the error rate, a communication function by applying a limitation on the optical data communication of an optical data communication channel or by releasing the limitation.
    Type: Grant
    Filed: March 11, 2015
    Date of Patent: February 13, 2018
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Yoshimichi Tanizawa, Alex Dixon
  • Patent number: 9892089
    Abstract: In various embodiments an arithmetic logical unit array is provided, which may include: at least two data registers for storing data, a plurality of fixed instruction registers for storing machine code instructions, and at least one programmable instruction register for storing instruction data being representative for a machine code instruction. A selection circuit of the arithmetic logical unit array may be configured to select one of the machine code instructions from the fixed instruction registers or the machine code instruction represented by the instruction data. An arithmetic logical unit of the arithmetic logical unit array may be configured to apply an operation in accordance with the machine code instruction selected by the selection circuit to the data stored in the data registers.
    Type: Grant
    Filed: January 3, 2014
    Date of Patent: February 13, 2018
    Assignee: Infineon Technologies AG
    Inventor: Tomaz Felicijan
  • Patent number: 9887978
    Abstract: A system and method for efficiently obtaining user configuration information for a given device. Multiple devices are deployed in an environment and may be storage appliances. A directory service and an authentication service may be used to determine whether a login session attempt on a deployed device is successful. An identity and access manager (IAM) is used to for this determination and to communicate with the directory service and the authentication service. A device of the one or more of the deployed devices does not store user configuration information. Responsive to an attempted login by a user, the device mimics the existence of the user and generates a request for directory lookup and authentication for the user which is conveyed to an external device. If a positive response is received in response to the request, the user is permitted to login to the device and a session is created for the user.
    Type: Grant
    Filed: June 23, 2015
    Date of Patent: February 6, 2018
    Assignee: Veritas Technologies LLC
    Inventor: Vikas Goel
  • Patent number: 9887843
    Abstract: A cryptographically-enabled RFID tag stores a primary secret key and derives secondary keys from the primary key. A secondary key may be derived by combining the primary key with one or more other parameters using one or more algorithms. The tag uses a derived secondary key to encrypt or electronically sign a tag response sent to a verifying entity. The verifying entity does not know the derived secondary key, but knows the tag primary key and the parameters and algorithms used to derive the secondary key and can derive all of the potential secondary keys. The verifying entity can then attempt to authenticate the tag or tag response by trying potential secondary keys.
    Type: Grant
    Filed: December 21, 2016
    Date of Patent: February 6, 2018
    Assignee: IMPINJ, INC.
    Inventors: Matthew Robshaw, Alberto Pesavento, Christopher Diorio
  • Patent number: 9887857
    Abstract: A method for scheduling a management operation on devices in a home network is provided. The method includes identifying at least one device among a plurality of devices in a home network to schedule the management operation by a management server; obtaining log information from the at least one device identified by the management server; determining nature of the management operation on the at least one device identified by the management server; and scheduling the management operation on the at least one device identified by the management server in response to the determined nature and the obtained log information.
    Type: Grant
    Filed: March 23, 2015
    Date of Patent: February 6, 2018
    Assignee: Samsung Electronics Co., Ltd
    Inventors: Chethan Konanakere Puttanna, Bharat Kumar Prathipati, Deepraj Prabhakar Patkar
  • Patent number: 9882807
    Abstract: A computer implemented method and system comprising receiving a data packet from a network source, extracting source and destination data from the received data packet, determining a user from the extracted source and destination data from the received data packet. If a label does not exist for the extracted source and destination data from the received data packet, creating a label for the data packet, the label comprising the extracted source data and historic source data for the determined user, calling a chaotic function with the label for the received data packet. If the chaotic function returns false, calling an alternative function for an output with the label for the received data packet. If the chaotic function returns true, capturing the output of the chaotic function, and updating the label with the output of the chaotic function or with the output of the alternative function.
    Type: Grant
    Filed: November 11, 2015
    Date of Patent: January 30, 2018
    Assignee: International Business Machines Corporation
    Inventors: Luis Campo Giralte, Jose Luis Mujeriego Gomez
  • Patent number: 9882881
    Abstract: A method and system for providing personalized and confidential data management and sharing services to the subscriber are disclosed. The method includes enabling an individual to register with a personalized and confidential data management and sharing system to become a subscriber. The subscriber may enter personalized and confidential data and designate recipients to receive personalized and confidential data and upload photographs of the recipients. The method includes determining the existence of the subscriber by tracking the visiting/login history of the subscriber at regular intervals, transmitting communication messages to the personalized digital account of the subscriber upon identifying the subscriber not logging in to the subscriber account and establishing a voice call with the contact number of the subscriber and/or the affiliates to confirm the demise/existence of the subscriber.
    Type: Grant
    Filed: May 21, 2014
    Date of Patent: January 30, 2018
    Inventors: Jyoth Singh Kohli, Parminder Singh Kohli
  • Patent number: 9876774
    Abstract: A communication security system includes a secure communication application module and a chip module. The communication security system is installed in a mobile device. Accordingly, the communication security system of the present invention allows mobile devices of users to encrypt and decrypt communication data between the users. A communication security method includes the steps of generating keys, requesting a key exchange by a first mobile device, receiving a key exchange by a second mobile device, receiving a key exchange by the first mobile device, activating a key by the second mobile device, activating a key by the first mobile device, and starting secure communication between the first and second devices. Thus, the encrypted communication can avoid theft and unauthorized falsification.
    Type: Grant
    Filed: February 6, 2015
    Date of Patent: January 23, 2018
    Assignee: GOTRUST TECHNOLOGY INC.
    Inventors: Tien-Chi Lee, Jeng Lung Li, Yi-Hsiung Huang
  • Patent number: 9870458
    Abstract: A concealed data matching method for a computer including: registering a first concealed vector obtained by concealing registered data and key data based on a first random number and a linear combination of row vectors of a determination matrix; acquiring a second concealed vector; calculating a remainder vector indicating a remainder obtained by dividing the difference between the first concealed vector and the second concealed vector; determining the similarity between the registered data and the matching data based on the remainder vector; extracting the key data from the remainder vector if it is determined they are similar; calculating an inter-vector distance between the registered data and the matching data; and determining the similarity between the registered data and the matching data based on the magnitude of the inter-vector distance.
    Type: Grant
    Filed: November 16, 2016
    Date of Patent: January 16, 2018
    Assignee: FUJITSU LIMITED
    Inventor: Yuka Jo
  • Patent number: 9871862
    Abstract: A method, system, and computer program product for managing an object related to a plurality of groups of users is disclosed. The method, system, and computer program product include utilizing identifiers of objects so that a requesting user can submit an object-request for access to the object utilizing a chosen identifier of the user. The method, system, and computer program product may work on a number of collaborative systems, file sharing mediums, or operating systems.
    Type: Grant
    Filed: June 30, 2014
    Date of Patent: January 16, 2018
    Assignee: International Business Machines Corporation
    Inventors: Al Chakra, Liam Harpur, John Rice
  • Patent number: 9870273
    Abstract: The present disclosure provides methods, systems, and media for allowing access to quantum ready and/or quantum enabled computers in a distributed computing environment (e.g., the cloud). Such methods and systems may provide optimization and computational services on the cloud. Methods and systems of the present disclosure may enable quantum computing to be relatively and readily scaled across various types of quantum computers and users at various locations, in some cases without the need for users to have a deep understanding of the resources, implementation or the knowledge that may be required for solving optimization problems using a quantum computer. Systems provided herein may include user interfaces that enable users to perform data analysis in a distributed computing environment while taking advantage of quantum technology in the backend.
    Type: Grant
    Filed: April 13, 2017
    Date of Patent: January 16, 2018
    Assignee: 1QB INFORMATION TECHNOLOGIES INC.
    Inventors: Majid Dadashikelayeh, Arman Zaribafiyan
  • Patent number: 9870463
    Abstract: A permission management method, apparatus, and terminal. The permission management method includes obtaining an installation package of a first application program, where the installation package carries a first certificate and permission request information of the first application program, determining, according to the permission request information, a first permission that the first application program requires during running, where the first permission is a system administrator permission of a system, and granting the first permission to the first application program according to the first certificate of the first application program. In this way, the first permission that the first application program requires during running is granted to the first application program.
    Type: Grant
    Filed: February 22, 2017
    Date of Patent: January 16, 2018
    Assignee: HUAWEI DEVICE (DONGGUAN) CO., LTD.
    Inventors: Xi Huang, Huangwei Wu
  • Patent number: 9866372
    Abstract: An encryption apparatus includes a setting generator configured to generate an increasing function parameter regarding a predetermined one-way increasing function and a secret key necessary for encryption, and an encryptor configured to generate a first order-preserving encryption area regarding a plaintext using the one-way increasing function where the increasing function parameter is applied, generate a second encryption area regarding the plain text using the secret key, and generate a ciphertext by concatenating the generated first encryption area and the generated second encryption area.
    Type: Grant
    Filed: February 24, 2015
    Date of Patent: January 9, 2018
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Jae-woo Seo, Yong-ho Hwang
  • Patent number: 9866620
    Abstract: A method of transferring files in a data-processing network using a current node within the network includes reading an outbound content and outbound characteristics of an outbound file. An outbound message is created having outbound strings including a first set of the outbound strings representing the outbound characteristics and a second set of the outbound strings representing the outbound content. The outbound message is sent to a receiver node within the network. An inbound message is received from a sender node within the network. The inbound message has inbound strings including a first set of the inbound strings representing inbound characteristics and a second set of the inbound strings representing inbound content. An inbound file having the inbound content is stored, and the inbound characteristics are applied to the inbound file.
    Type: Grant
    Filed: December 30, 2015
    Date of Patent: January 9, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Vicenzo Dentamaro, Francesco Sardella, Mario Somma
  • Patent number: 9859981
    Abstract: A system includes first signal processing circuitry to transmit a signal including a plurality of data streams over a link. The first signal processing circuitry generates a plurality of composite data streams by overlaying at least one first data signal of the plurality of data signals in a first data layer with at least one second data signal of the plurality of data signals in a second data layer. Second circuitry processes the plurality of composite data streams to associate with each of the plurality of composite data streams a function to provide minimization of a time-bandwidth product of the plurality of composite data streams to enable transmission of each of the plurality of composite data streams on the link at a same time.
    Type: Grant
    Filed: June 26, 2017
    Date of Patent: January 2, 2018
    Assignee: NxGen Partners IP, LLC
    Inventors: Solyman Ashrafi, Roger Linquist, Nima Ashrafi
  • Patent number: 9853741
    Abstract: A fiber optic encryption method is provided. The method includes transmitting an initial security key to a laser receiver apparatus over an out of band (OOB) signaling channel of a plurality of channels of a laser transmitter apparatus. The OOB signaling channel is secured based on the initial security key resulting in a secure OOB signaling channel. A secure bundle is generated. The secure bundle includes the secure OOB signaling channel and a group of channels and associated transmission frequencies. Data is transmitted via the secure bundle and it is determined if any channels do not transmit the data.
    Type: Grant
    Filed: November 30, 2015
    Date of Patent: December 26, 2017
    Assignee: International Business Machines Corporation
    Inventors: Ricardo A. Golcher Ugalde, Franz F. Liebinger Portela
  • Patent number: 9853785
    Abstract: A method for transmitting a control signal, performed by a wireless device. The method according to one embodiment includes allocating resource elements (REs) for a control channel; and transmitting the control signal through the Res. Each RE in the REs for the control channel is associated with one out of two antenna ports. The two antenna ports are included in a plurality of antenna ports used for transmitting demodulation reference signals (DM RS).
    Type: Grant
    Filed: December 24, 2014
    Date of Patent: December 26, 2017
    Assignee: LG ELECTRONICS INC.
    Inventors: Han Byul Seo, Dae Won Lee, Byoung Hoon Kim, Hak Seong Kim, Yu Jin Noh
  • Patent number: 9848002
    Abstract: A system for integrating modules of computer code may include a sandbox validator for receiving a first module and verifying that the first module complies with one or more sandbox constraints. A computing device may execute the first module within a runtime environment. A module integrator may operate within the runtime environment for receiving a request from the first module to access a service provided by a second module and only allowing the first module to access the service when the first module is authorized to access the service according to a service authorization table. The sandbox validator may ensure the first module correctly identifies itself when requesting a service provide by another module and that the first module includes runtime policing functions for non-deterministic operations. A service authorizer may generate an authorization policy for the first module, which is sent to the computing device along with the first module.
    Type: Grant
    Filed: October 11, 2016
    Date of Patent: December 19, 2017
    Assignee: Guest Tek Interactive Entertainment Ltd.
    Inventor: Gary R. Court
  • Patent number: 9843929
    Abstract: A method and system for connecting an Internet of Things (IoT) hub to a wireless network. One embodiment of the method includes establishing a secure communication channel between an IoT hub and an IoT service through a client device using a first secret; generating a second secret on the client device and transmitting it to the IoT hub; encrypting a wireless key using the second secret to generate a first-encrypted key and transmitting it to the IoT service; encrypting the first-encrypted key using the first secret to generate a twice-encrypted key and transmitting it to the IoT hub over the secure communication channel; decrypting the twice-encrypted key at the IoT hub using the first secret to generate the first-encrypted key and decrypting it using the second secret to generate the wireless key usable to establish a secure wireless connection between the IoT hub and the local wireless network.
    Type: Grant
    Filed: August 21, 2015
    Date of Patent: December 12, 2017
    Assignee: Afero, Inc.
    Inventors: Scott Zimmerman, Evan Jeng, Shannon Holland, Clif Liu, Chris Aiuto
  • Patent number: 9838361
    Abstract: Systems, methods, and non-transitory computer-readable medium are provided to secure data centers and cloud computing. A method receives network identifiers for functions, requests a network key for each function, allocates network interfaces, requests a virtual network interface controller allocation, requests a network key for each cloud function, receives storage identifiers for functions, requests a storage key for each cloud function, allocates virtual storage disks, requests a storage interface controller allocation, requests a storage key for each cloud function. Methods secure migration of a virtual machine from a source to a target server. A server includes multiple cores where each core is dedicated to a compute function and a unique key encrypts data of each compute function. A non-transitory computer-readable medium encodes programs that execute the above methods.
    Type: Grant
    Filed: May 11, 2017
    Date of Patent: December 5, 2017
    Inventor: Ari Birger
  • Patent number: 9832103
    Abstract: A method for sending and receiving a data through multiple communication paths and an apparatus for receiving a data through multiple communication paths. A method for receiving a data through multiple communication paths by an apparatus for receiving a data includes receiving at least t (here, 0<t=n and n and t are natural numbers) of n shares generated from one unit data by a threshold encryption scheme by an apparatus for sending a data and sent through multiple communication paths on a network; and recovering the unit data using the at least t shares. According to exemplary embodiments of the present invention, data may be sent and received while ensuring confidentiality, integrity, and availability.
    Type: Grant
    Filed: November 20, 2015
    Date of Patent: November 28, 2017
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Hwan-Jo Heo, Jung-Ho Myung, Nam-Seok Ko
  • Patent number: 9819418
    Abstract: Security is increased in quantum communication (QC) systems lacking a true single-photon laser source by encoding a transmitted optical signal with two or more decoy-states. A variable attenuator or amplitude modulator randomly imposes average photon values onto the optical signal based on data input and the predetermined decoy-states. By measuring and comparing photon distributions for a received QC signal, a single-photon transmittance is estimated. Fiber birefringence is compensated by applying polarization modulation. A transmitter can be configured to transmit in conjugate polarization bases whose states of polarization (SOPs) can be represented as equidistant points on a great circle on the Poincaré sphere so that the received SOPs are mapped to equidistant points on a great circle and routed to corresponding detectors.
    Type: Grant
    Filed: August 16, 2013
    Date of Patent: November 14, 2017
    Assignee: Los Alamos National Security, LLC
    Inventors: Jane E. Nordholt, Charles Glen Peterson, Raymond Thorson Newell, Richard John Hughes
  • Patent number: 9819728
    Abstract: A system, computer-readable storage medium storing at least one program, and a computer-implemented method for facilitating deduplication of operations to be performed is presented. An operation to be performed is received. A mapping function is applied to at least one parameter of the operation to produce a mapping value in a target mapping space, the target mapping space being partitioned between target servers in a set of target servers proportional to resource capacities of the target servers in the set of target servers. A target server in the set of target servers whose portion of the target mapping space includes the mapping value is identified. The operation is issued to the target server.
    Type: Grant
    Filed: April 30, 2013
    Date of Patent: November 14, 2017
    Assignee: GOOGLE INC.
    Inventors: Alex Kesselman, Alexandre Drobychev
  • Patent number: 9817983
    Abstract: A method of printing comprising, at an imaging device, receiving a print-by-reference print request and an encryption key from a mobile device, transmitting the print-by-reference print request and the encryption key to a print service, receiving encrypted print content from the print service, receiving a decryption key from the mobile device, decrypting the encrypted print content, creating decrypted print content, and printing the decrypted print content. A method of printing content requested from a mobile device, comprising receiving a print request and encrypted print content, receiving a decryption key from the mobile device, decrypting the encrypted print content, and printing the decrypted print content.
    Type: Grant
    Filed: August 9, 2012
    Date of Patent: November 14, 2017
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Daniel Revel, Jeremy Bunn
  • Patent number: 9819670
    Abstract: Disclosed are various examples for facilitating distribution of security codes for a two-factor authentication scheme or one-time passwords. Security codes can represent one-time passwords or shared secrets used to seed one-time password algorithms. The security codes can be sent through restricted communications channel to a client device. Rather than using an insecure communication link such as SMS for communication of security codes, the security codes can be sent through the restricted communications channel to reduce the possibility of leakage of the security codes.
    Type: Grant
    Filed: October 7, 2015
    Date of Patent: November 14, 2017
    Assignee: AirWatch LLC
    Inventors: Manjunath Bhat, Subhashish Pattajoshi, Devdutt Rajaram, Nithin Bhaktha
  • Patent number: 9819673
    Abstract: Methods and systems are provided for managing access to a client account related (CAR) resource. When a privilege-constrained (PC) application requests access to an individual client account, a single use authorization (SUA) code is created that is associated with the individual client account. The SUA code is routed to, and returned from, the privilege-constrained (PC) application to authenticate the PC application. The PC application, once authenticated, receives a permitted action token that identifies a limited set of privileges that the PC application is authorized to perform in connection with the CAR resource. The PC application provides the permitted action token to an access service. The access service limits access, by the PC application, to the CAR resource based on the permitted action token.
    Type: Grant
    Filed: June 24, 2015
    Date of Patent: November 14, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Jesper Mikael Johansson, Jon Arron McClintock
  • Patent number: 9811680
    Abstract: The claimed subject matter includes techniques for storing, retrieving and sharing files. An example system includes a key generator module to generate a secret key. The example system also includes a symmetric encryption module to encrypt raw data by symmetric encryption using the secret key. The example system further includes an asymmetric encryption module to encrypt the secret key and symmetric encryption information by asymmetric encryption using a public key to produce a key block. The examples system also further includes a schema module to generate a ciphertext file with predefined schema including asymmetric encryption information, the key-block, and the encrypted raw data. The example system also includes a storage module to send the ciphertext file including the encrypted raw data to a server for storage.
    Type: Grant
    Filed: June 4, 2015
    Date of Patent: November 7, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Guru Balasubramanian, ChenFei Wu, Wenyuan Wang, Jingjing Zhao
  • Patent number: 9792622
    Abstract: A power transmitting device includes a processor circuit. The processor circuit receives messages, such as advertising messages and/or scan response messages, from power receiving devices. The messages include device specific data that pertains to the corresponding power receiving devices that transmitted the messages. The device specific data includes, for example, data pertaining to the hardware, firmware, charging state, and/or device state of the corresponding power receiving device. The processor circuit selects one of the power receiving devices based in part on the device specific data contained in the messages. The processor circuit initiates a wireless power transfer connection to the selected one of the power receiving devices.
    Type: Grant
    Filed: September 5, 2014
    Date of Patent: October 17, 2017
    Assignee: AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD.
    Inventors: Sewook Jung, Joby Paily Aliyath, Lih-Feng Tsaur, Prasad Alva Karinka, Amrit Swarup Devulapalli, Xianbo Chen, Gang He, Charlie Xiao, Erik John Rivard
  • Patent number: 9792374
    Abstract: Embodiments of the present application disclose a method for providing a terminal identifier to a terminal. During operation, a security server receives a registration information set from the terminal, in which the registration information set includes multiple pieces of equipment information from the terminal. The security server then generates a terminal identifier based on the multiple pieces of equipment information in the registration information set. The security server then returns the terminal identifier to the terminal.
    Type: Grant
    Filed: June 18, 2015
    Date of Patent: October 17, 2017
    Assignee: Alibaba Group Holding Limited
    Inventor: Jupeng Xia
  • Patent number: 9787720
    Abstract: Systems and methods of correlating accounts among a plurality of network assets using account lateral movement data is presented in the context of network security. In one embodiment a plurality of authentication audit logs are received from a plurality of assets; the plurality of authentication audit logs are correlated; and a notification is generated based on a comparison of correlation results and a database of permitted account associations.
    Type: Grant
    Filed: February 26, 2015
    Date of Patent: October 10, 2017
    Assignee: Rapid7, Inc.
    Inventors: Matthew Robert Hathaway, Samuel Adams, Jeff Myers, Steven Torance
  • Patent number: 9787794
    Abstract: A client updates a display of a user interface associated with a state-based client-server application in accordance with a client-side cache. The server supplies data for a new state and additional data for one or more subsequent states that possibly follow the new state if appropriate one or more operations are performed. When a client request is generated that indicates an operation that causes the application to transition to the new state, the client updates the display in accordance with the data that corresponds to the new state from the client-side cache, if available from the client-side cache. The new state data is available since the server has previously supplied the new state data.
    Type: Grant
    Filed: June 6, 2016
    Date of Patent: October 10, 2017
    Assignee: Versata Development Group, Inc.
    Inventors: Jude Arvind Britto, Rajasekhar Vinnakota, David Franke, Douglas Stuart Gray, Deepti Gupta
  • Patent number: 9778997
    Abstract: A server backup method and a backup system using the server backup method are provided. The server backup method includes continuously collecting a plurality of dirty pages during a running operation and determining a backup start time point according to a quantity of the collected dirty pages. The server backup method also includes suspending the running operation according to the backup start time point and executing a backup snapshot operation to generate a data backup snapshot corresponding to the dirty pages, and executing a backup transmission operation to transmit the data backup snapshot.
    Type: Grant
    Filed: December 30, 2015
    Date of Patent: October 3, 2017
    Assignee: Industrial Technology Research Institute
    Inventors: Po-Jui Tsao, Yi-Feng Sun, Chuan-Yu Cho, Tzi-Cker Chiueh
  • Patent number: 9775024
    Abstract: The present invention Includes using an embedded SIM (eSIM) associated with a newly-opened mobile network operator (MNO) system and a receiving MNO system, the method performs the steps of: generating a security domain (SD) for a receiving MNO on the basis of a request from the newly-opened MNO system; injecting a prior SD key value; installing a secure applet for key generation and secure arithmetic operations, injecting a new SD key value on the basis of a request from the receiving MNO, and transmitting only a public key to the receiving MNO system after generating key pairs for the receiving MNO; and decoding a receiving MNO profile with a private key corresponding to the public key after receiving the receiving MNO profile from the receiving MNO system or the newly-opened MNO system.
    Type: Grant
    Filed: July 6, 2012
    Date of Patent: September 26, 2017
    Assignee: KT Corporation
    Inventors: Jaemin Park, Jinhyoung Lee, Kwangwuk Lee
  • Patent number: 9768856
    Abstract: A method for sending a service by a first gateway (GW) among multiple GWs includes, upon reception of a request for a service from a terminal, determining whether the first GW is able to provide the service, detecting a second GW that is able to provide the service requested by the terminal among the multiple GWs based on GW management information that includes respective service information regarding services that the multiple GWs are able to provide, if the first GW is not able to provide the service, requesting the second GW to provide the service requested by the terminal, and upon reception of the service from the second GW, forwarding the service to the terminal. The other embodiments, including a gateway and a terminal are also disclosed.
    Type: Grant
    Filed: June 6, 2014
    Date of Patent: September 19, 2017
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Chung-Yong Eom, Hee-Dong Kim, Gye-Young Lee, Dong-Yun Hawng
  • Patent number: 9760721
    Abstract: The invention relates to a transaction method, the method including the steps of: providing a tenninal including a main processor, a graphic processor controlling a display, and a control member, the graphic processor including a memory bank which cannot be accessed from the outside; creating a link between the graphic processor and a secure processor, the link being secured by means of an encryption key shared only by the graphic processor and the secure processor; presenting first data to the user; collecting second data from commands entered by the user by means of the control member, in connection with the first data; transmitting the second data to the secure processor; and, if the user has been authenticated from the second data, carrying out the transaction, the secure link being used to transmit the first and/or second data, and/or to carry out the transaction.
    Type: Grant
    Filed: December 4, 2015
    Date of Patent: September 12, 2017
    Assignee: SKEYECODE
    Inventor: Jean-Luc Leleu
  • Patent number: 9760736
    Abstract: A cloud deployment system is used for obfuscating CPU operation codes in a set of machines operating in a distributed computing environment. A reprogrammable microcode replaces a hardware instruction set, the microcode layer containing a set of original operation codes. A first transform of the set of original operation codes produces a first set of transformed operation codes. A first transformed microcode is created which incorporates the first set of transformed operation codes instead of the original operation codes. An operating system and an application is compiled using the first set of transformed operation codes to produce a first cross compiled operating system and application. The first transformed microcode, the first cross compiled operating system and application are deployed to a respective first one of the set of machines, the first one of the machines equipped with a softcore processor.
    Type: Grant
    Filed: September 29, 2015
    Date of Patent: September 12, 2017
    Assignee: International Business Machines Corporation
    Inventor: Michael Paul Clarke
  • Patent number: 9763089
    Abstract: Managing data security on a mobile device. Data associated with a mobile device is received; the data includes an identification (ID) of the mobile device and a location of the mobile device relative to one or more location sensor devices. A path is determined, relative to the one or more location sensor devices, through which the mobile device has travelled. An electronic security key is communicated to the mobile device based on determining that the path corresponds to a defined path associated with the mobile device.
    Type: Grant
    Filed: June 23, 2015
    Date of Patent: September 12, 2017
    Assignee: International Business Machines Corporation
    Inventors: Ye Chen, Ruomeng Hao, Ting Jiang, Ning Wang, Shu Xi Wei, Youmiao Zhang
  • Patent number: 9753997
    Abstract: Database messages, such as queries, may be managed to process data based at least in part on performance characteristics. For example, a database query associated with a first database format may be received. The first database format may be one of a plurality of database formats. A second database format may be determined based at least in part on a performance characteristic of the second database format being above a threshold. The second database format may be determined as a result of the received database query. Additionally, the second database format may also be one of the plurality of different database formats. Data communicated by the received database query may be processed according to the second database format.
    Type: Grant
    Filed: August 10, 2015
    Date of Patent: September 5, 2017
    Assignee: Amazon Technologies, Inc.
    Inventor: Miles Julian Ward
  • Patent number: 9754091
    Abstract: Systems and techniques are provided for restricted accounts on a mobile platform. A request to create a restricted account may be received. The restricted account may be a user account with a restriction. Credentials for the restricted account may be received. A restriction for the restricted account may be received. The restriction may include an access restriction or a lifetime restriction. An access restriction may prevent an application from accessing the restricted account and a lifetime restriction may limit the lifetime of the restricted account. The restricted account may be stored with the credentials and the restriction. A request may be received for a list of user accounts from an application. The restricted account may be determined to include an access restriction that prevents the application from accessing the restricted account. The list of user accounts may be sent to the application and without an identifier for the restricted account.
    Type: Grant
    Filed: May 21, 2014
    Date of Patent: September 5, 2017
    Assignee: Google Inc.
    Inventors: Ushasree Kode, Carlos Valdivia
  • Patent number: 9749137
    Abstract: Crypto-glasses include systems that implement a method of authentication of users by blinking, the crypto-glasses including a frame configured so as to be worn by a user, a processor, a display device communicating with the processor so as to dynamically display data, and a communication unit, as executed by the processor, to execute the method of authentication by transmitting data to the display device for performing the authentication of the user to interact with the display device. The communication unit is configured to display in an optical unit of the crypto-glasses a key map which correlates data input into the display device with keys of the display device, the key map indicating data different from that of the keys of the display device.
    Type: Grant
    Filed: January 27, 2016
    Date of Patent: August 29, 2017
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Ashish Kundu, Amit A. Nanavati, Danny Soroker
  • Patent number: 9740856
    Abstract: The present invention relates to managing a UNITY file in a mobile platform in order to forestall a UNITY library executable in a mobile platform from being analyzed by reverse engineering and decompiling and provides an apparatus for managing a UNITY file in a mobile platform comprising a file extracting section that extracts a UNITY library file from a UNITY application; an encrypting section that encrypts a programming library file in the UNITY library file thus extracted and creates an encrypted programming library file; a file creating section that creates a decrypting library to decrypt the encrypted programming library file and creates a secured UNITY application using the decrypting library and the encrypted programming library file; and a file executing section that, upon request to execute the secured UNITY application, executes the secured application by decrypting the encrypted programming library file using the decrypting library.
    Type: Grant
    Filed: August 7, 2015
    Date of Patent: August 22, 2017
    Assignee: SEWORKS, Inc.
    Inventors: Min Pyo Hong, Dong Seon Kim, Hyoung Kyu Choi, Chung Hui Kim, Seok Ha Lee
  • Patent number: 9740867
    Abstract: Systems and methods for securely passing user authentication data between a Pre-Boot Authentication (PBA) environment and an Operating System (OS) are described. In some embodiments, an Information Handling System (IHS) may include a processor; and a Basic I/O System (BIOS) coupled to the processor, the BIOS having program instructions stored thereon that, upon execution by the processor, cause the computer system to: identify an encrypted Single-Sign-On (SSO) token and a Trusted Platform Module (TPM) key pair provisioned by an Operating System (OS) and stored in an OS registry; extract a TPM public key from the TPM key pair; encrypt a PBA private key generated by a PBA application with the TPM public key; and store the encrypted PBA private key, the TPM key pair, and the encrypted SSO token in a shadow partition of a self-encrypting hard drive coupled to the IHS.
    Type: Grant
    Filed: November 16, 2015
    Date of Patent: August 22, 2017
    Assignee: Dell Products, L.P.
    Inventors: Amy Christine Nelson, Christohper D. Burchett
  • Patent number: 9736687
    Abstract: The present application discloses a method for synchronizing encryption information between a SCell and UE, which includes that: the SCell transmits a COUNT value of RB established for the UE to a PCell; the PCell transmits the COUNT value received from the SCell to the UE; and the PCell receives a COUNT value of RB established on the SCell that is saved by the UE from the UE. Or, the SCell and the UE may directly exchange the COUNT value of RB. By the present application, the security and correctness of data can be ensured.
    Type: Grant
    Filed: December 30, 2013
    Date of Patent: August 15, 2017
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Hong Wang, Lixiang Xu, Huarui Liang
  • Patent number: 9736169
    Abstract: A determination is made that an authentication mechanism is unable to complete an attempt to authenticate, in association with a user attempting to access an application, user credentials. The user credentials include a user identifier and an additional authentication factor. An access allowance rate for the authentication mechanism is identified. The access allowance rate is based on a plurality of prior completed authentication attempts associated with the user identifier. A determination is made that the access allowance rate satisfies a set of criteria. In response to the determination that the authentication mechanism is unable to complete the authentication attempt and further in response to the determination that the access allowance rate satisfies the set of criteria, the user is allowed access to the application.
    Type: Grant
    Filed: July 2, 2015
    Date of Patent: August 15, 2017
    Assignee: International Business Machines Corporation
    Inventors: Prasanth N. S. Addala, Pranab Agarwal
  • Patent number: 9722789
    Abstract: An approach for improved security protocols in a mobile satellite system is provided. A remote terminal performs a key establishment function, including determination of a first encryption key for encrypting data for transmission over the satellite communications channels, and determination of an authentication key for authenticating entities communicating over the communications channels. The remote terminal receives a security mode command including a key indicator, and determines a second encryption key for enhanced session data security over communications channels. The second encryption key is determined based on the key indicator and a key generation algorithm. The remote terminal further determines a key indicator response and transmits a security mode complete command including the key indicator response to a satellite base station subsystem (SBSS).
    Type: Grant
    Filed: April 29, 2014
    Date of Patent: August 1, 2017
    Assignee: Hughes Network Systems, LLC
    Inventors: Channasandra Ravishankar, Gaguk Zakaria, Nassir Benammar, John Corrigan
  • Patent number: 9720674
    Abstract: A method and system for automating application of software patches to a server system having a virtualization layer. A plurality of software patches are downloaded to a computer system having a first operating system. The software patches to apply to a server console operating system are then determined. The software patches are automatically copied to the server system by executing a first script file. The copied software patches are automatically decompressed by executing a second script file. The decompressed software patches are installed in a specified order by executing the second script file. The console operating system is rebooted only after all software patches are installed.
    Type: Grant
    Filed: May 5, 2008
    Date of Patent: August 1, 2017
    Assignee: Open Invention Network, LLC
    Inventor: Craig A. Spreha
  • Patent number: 9723095
    Abstract: A system for providing a multi-delivery-method policy-controlled client proxy is disclosed. The system may receive a request for a network service from a client. Based on the request for the network service, the system may detect the presence of a client proxy associated with the client. If client proxy is detected, the system may provide a data object that includes information that indicates that the client proxy is a primary source for content that may be requested by the client. The system may redirect, based on the data object, a request for the content received from the client to the client proxy. The system may then obtain, via the client proxy, the content by utilizing a delivery method that is selected based on a policy. Finally, the system may provide, via the client proxy, the content to the client.
    Type: Grant
    Filed: December 5, 2014
    Date of Patent: August 1, 2017
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Vishwa Prasad, Ramana V. Munagala, Gregory J. Smith
  • Patent number: 9716728
    Abstract: A method of managing keys and policies is provided. The method includes communicating policies from a key and policy manager in an enterprise environment to an agent in a cloud environment. The method includes generating keys at the key and policy manager and distributing one or more of the keys to computing or communication devices in the enterprise environment, in accordance with the policies. The method includes enforcing the policies in the cloud environment via an application of the policies by the agent, wherein at least one method operation is executed through a processor.
    Type: Grant
    Filed: September 10, 2013
    Date of Patent: July 25, 2017
    Assignee: Vormetric, Inc.
    Inventor: Derek Tumulak
  • Patent number: 9712507
    Abstract: An improved system and method are disclosed for peer-to-peer communications. In one example, the method enables endpoints to securely send and receive messages to one another within a hybrid peer-to-peer environment.
    Type: Grant
    Filed: September 16, 2015
    Date of Patent: July 18, 2017
    Assignee: DAMAKA, INC.
    Inventors: Sivakumar Chaturvedi, Satish Gundabathula
  • Patent number: 9712320
    Abstract: Techniques are provided for delegating evaluation of pseudorandom functions to a proxy. A delegator delegates evaluation of a pseudorandom function to a proxy, by providing a trapdoor ? to the proxy based on a secret key k and a predicate P using an algorithm T, wherein the predicate P defines a plurality of values for which the proxy will evaluate the pseudorandom function, wherein the plurality of values comprise a subset of a larger domain of values, and wherein the trapdoor ? provides an indication to the proxy of the plurality of values. A proxy evaluates a pseudorandom function delegated by a delegator by receiving a trapdoor ? from the delegator that provides an indication of a plurality of values to be evaluated, wherein the plurality of values comprise a subset of a larger domain of values; and evaluating an algorithm C on the trapdoor ? to obtain the pseudorandom function value for each of the plurality of values.
    Type: Grant
    Filed: June 30, 2013
    Date of Patent: July 18, 2017
    Assignee: EMC IP Holding Company LLC
    Inventors: Aggelos Kiayias, Stavros Papadopoulos, Nikolaos Triandopoulos, Thomas Megas Zacharias