Communication System Using Cryptography Patents (Class 380/255)
  • Patent number: 10694235
    Abstract: The present invention allows the combination and adaptation of a broadcast data reception system with a Conditional Access System which may be embedded in the receiving device, such as a television, or can be provided as a module which is connected to the receiving device and which allows service provider controlled, typically cloud based, interactivity via the same CAS with different Multi Channel video programming distributors (MVPD) service providers.
    Type: Grant
    Filed: November 26, 2015
    Date of Patent: June 23, 2020
    Assignee: ARRIS Global Ltd.
    Inventor: Carmi Bogot
  • Patent number: 10693645
    Abstract: The present invention relates to a security management system for performing a secure transmission of data from a token to a service provider server by means of an identity provider server, wherein said security management system comprises: —said identity provider server which is adapted to: —open with said token a secure messaging channel by means of a General Authentication Procedure using at least one certificate; —receive via said secure messaging channel from said token enciphered data; —transmit to said service provider server said enciphered data; —said service provider server which is adapted to: —receive from said identity provider server enciphered data of said token; —decipher said enciphered data to extract said data; —said token which is adapted to: —encipher data; and—transmit via said secure messaging channel to said identity provider server said enciphered data.
    Type: Grant
    Filed: July 13, 2016
    Date of Patent: June 23, 2020
    Assignee: Thales Dis France SA
    Inventors: Georges Debois, Aline Gouget, Michael Webster
  • Patent number: 10680819
    Abstract: Various embodiments of the invention implement countermeasures designed to withstand attacks by potential intruders who seek partial or full retrieval of elliptic curve secrets by using known methods that exploit system vulnerabilities, including elliptic operation differentiation, dummy operation detection, lattice attacks, and first real operation detection. Various embodiments of the invention provide resistance against side-channel attacks, such as sample power analysis, caused by the detectability of scalar values from information leaked during regular operation flow that would otherwise compromise system security. In certain embodiments, system immunity is maintained by performing elliptic scalar operations that use secret-independent operation flow in a secure Elliptic Curve Cryptosystem.
    Type: Grant
    Filed: August 22, 2017
    Date of Patent: June 9, 2020
    Assignee: Maxim Integrated Products, Inc.
    Inventors: Jeremy Dubeuf, Frank Lhermet, Yann Yves Rene Loisel
  • Patent number: 10664610
    Abstract: A method for searching encrypted data includes identifying, with a client, a plurality of values within a predetermined search range in a search index stored within a memory of the client, each value in the plurality of values being present in a plaintext representation of at least one encrypted file in a plurality of encrypted files stored in a server. The method further includes generating and transmitting at least one search query to the server through a data network, and receiving, with the client, at least one response from the server through the data network, the response including the encrypted keyword corresponding to the value in the plurality of values and an identifier of at least one file in the plurality of encrypted files stored on the server that includes the value.
    Type: Grant
    Filed: February 15, 2018
    Date of Patent: May 26, 2020
    Assignee: Robert Bosch GmbH
    Inventors: Xinxin Fan, Boyang Wang
  • Patent number: 10652038
    Abstract: Systems and methods for detecting and interfering with compromised devices and unauthorized device relocation in a communication network are disclosed. The described embodiments may be deployed in a content delivery network where receivers have been compromised in a manner that renders the conditional access system (CAS) inoperative at controlling the receivers' ability to receive content. In some embodiments, alternate commands not protected by the CAS system may be used to detect hacked devices and interdict same. In some embodiments, service devices in the content delivery network may allow for detection of unauthorized device relocation.
    Type: Grant
    Filed: September 14, 2017
    Date of Patent: May 12, 2020
    Assignee: Maxxian Technology Inc.
    Inventor: Rene Juneau
  • Patent number: 10652217
    Abstract: A decoder deployed in one or more terminals, includes a computer readable storage medium storing program instructions, and a processor executing the program instructions, the processor configured to receiving a noisy message and a noisy hash from the network, searching for a pair of matching candidates for the hash and message from two row spaces of noisy message vectors using a shared secret with an encoder, and outputting, by the decoder, a decoded message if the searching is successful.
    Type: Grant
    Filed: April 28, 2016
    Date of Patent: May 12, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Xin Hu, Wentao Huang, Jiyong Jang, Theodoros Salonidis, Marc Ph Stoecklin, Ting Wang
  • Patent number: 10649757
    Abstract: A method and system for automating application of software patches to a server system having a virtualization layer. A plurality of software patches are downloaded to a computer system having a first operating system. The software patches to apply to a server console operating system are then determined. The software patches are automatically copied to the server system by executing a first script file. The copied software patches are automatically decompressed by executing a second script file. The decompressed software patches are installed in a specified order by executing the second script file. The console operating system is rebooted only after all software patches are installed.
    Type: Grant
    Filed: August 1, 2017
    Date of Patent: May 12, 2020
    Assignee: OPEN INVENTION NETWORK LLC
    Inventor: Craig A. Spreha
  • Patent number: 10643122
    Abstract: A system for using hash keys to preserve privacy across multiple tasks is disclosed. The system may provide training batch(es) of input observations each having a customer request and stored task to an encoder, and assign a hash key(s) to each of the stored tasks. The system may provide a new batch of input observations with a new customer request and new task to the encoder. The encoder may generate a new hash key assigned to the new customer request and determine whether any existing hash key corresponds with the new hash key. If so, the system may associate the new batch of input observations with the corresponding hash key and update the corresponding hash key such that it is also configured to provide access to the new batch of input observations. If not, the system may generate a new stored task and assign the new hash key to it.
    Type: Grant
    Filed: May 6, 2019
    Date of Patent: May 5, 2020
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Omar Florez Choque, Erik Mueller
  • Patent number: 10642550
    Abstract: An information processing apparatus that wirelessly communicates with an external apparatus includes an acquisition unit that acquires a wireless connection start request and wireless communication information about the external apparatus, and a control unit that starts a wireless connection with the external apparatus based on the external apparatus' wireless communication information in a case where the wireless communication information about the external apparatus matches wireless communication information about the information processing apparatus.
    Type: Grant
    Filed: December 20, 2018
    Date of Patent: May 5, 2020
    Assignee: Canon Kabushiki Kaisha
    Inventor: Go Inoue
  • Patent number: 10642758
    Abstract: A data storage device includes a memory and a controller coupled to the memory. The controller is configured to receive a compare command from a host, fetch or generate protection information from the host, fetch protection information from the memory, compare the protection information from the host and from the memory, and post a failure notice to the host when the protection information from the host and from the memory do not match. If the protection information from the host and from the memory does match, the controller is further configured to compare data fetched from the host and data fetched from the memory, and post a success notice to the host when both the protection information from the host and the memory match and the data from the host and the memory match.
    Type: Grant
    Filed: June 20, 2018
    Date of Patent: May 5, 2020
    Assignee: WESTERN DIGITAL TECHNOLOGIES, INC.
    Inventor: Shay Benisty
  • Patent number: 10628561
    Abstract: A technique for enabling nominal flow of an executable file on a client is described. The executable file comprises executable code lacking at least one nominal constant, wherein only the nominal constant enables the nominal flow of the executable file and wherein a server has access to the at least one nominal constant. In a method aspect performed by the client, the method comprises retrieving hardware information of the client, wherein the hardware information is at least substantially unique. The method further comprises transmitting one of the hardware information and information derived therefrom to a server and, in turn, receiving at least one constant that has been transformed based on one of the hardware information and the information derived therefrom. The client then performs, using one of the hardware information and the information derived therefrom, an inverse transformation on the at least one transformed constant to recover the nominal constant.
    Type: Grant
    Filed: October 1, 2018
    Date of Patent: April 21, 2020
    Assignee: DENUVO GMBH
    Inventors: Christopher Gabler, Robert Yates, Leo Rauch, Matthias Moninger
  • Patent number: 10614200
    Abstract: A device may provide a login process to authenticate users prior to admittance to a computing environment. The device may also enable users to adjust various the computing environment, e.g., the language selected for communicating with the user and the user interfaces to be presented to the user, and may store such adjustments in a secured user account. However, if the user account is inaccessible to the device during the login process, the device is unable to adapt the login process to apply the user's adjustments. Instead, the device may be configured to store users' adjustments (including language selection) outside of the user accounts, and to, upon identifying the user during the login process, present login interfaces specified in the user account. Additionally, users may select different login interfaces during login, and the device may retrieve these login interfaces for selection during future login processes for the same user.
    Type: Grant
    Filed: May 6, 2019
    Date of Patent: April 7, 2020
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Adam James Betz, Wade H. Curtiss, Andrew Stuart Glass
  • Patent number: 10609007
    Abstract: A method of controlling transmission of content data includes establishing a communication channel with an external device; transmitting the content data through the communication channel to the external device; verifying a plurality of times whether the content data is transmitted to the external device within an acceptable transmission range to generate a verification result; and determining whether to continue transmitting the content data according to the verification result. The verification is periodically performed according to an amount of the content data to be transmitted.
    Type: Grant
    Filed: February 6, 2017
    Date of Patent: March 31, 2020
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Sang-su Choi, Yang-lim Choi, Jun-bum Shin, So-young Lee, Sun-nam Lee, Ji-young Moon
  • Patent number: 10601897
    Abstract: A method of transferring files in a data-processing network using a current node within the network includes reading an outbound content and outbound characteristics of an outbound file. An outbound message is created having outbound strings including a first set of the outbound strings representing the outbound characteristics and a second set of the outbound strings representing the outbound content. The outbound message is sent to a receiver node within the network. An inbound message is received from a sender node within the network. The inbound message has inbound strings including a first set of the inbound strings representing inbound characteristics and a second set of the inbound strings representing inbound content. An inbound file having the inbound content is stored, and the inbound characteristics are applied to the inbound file.
    Type: Grant
    Filed: December 15, 2017
    Date of Patent: March 24, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Vincenzo Dentamaro, Francesco Sardella, Mario Somma
  • Patent number: 10602094
    Abstract: A top-level service executes a procedure call to at least one dependent service to determine an entitlement result for a user device making a request of the top-level service. A processing device generates an entitlement token comprising the entitlement result, encrypts the entitlement token and sends the entitlement token to the user device. The user device can return the entitlement token when making additional requests of the top-level service to prevent the top-level service from having to make additional procedure calls to the at least one dependent service.
    Type: Grant
    Filed: June 21, 2016
    Date of Patent: March 24, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Chris Longo, Qianghua Lu
  • Patent number: 10592696
    Abstract: A cloud deployment system is used for obfuscating CPU operation codes in a set of machines operating in a distributed computing environment. A reprogrammable microcode replaces a hardware instruction set, the microcode layer containing a set of original operation codes. A first transform of the set of original operation codes produces a first set of transformed operation codes. A first transformed microcode is created which incorporates the first set of transformed operation codes instead of the original operation codes. An operating system and an application is compiled using the first set of transformed operation codes to produce a first cross compiled operating system and application. The first transformed microcode, the first cross compiled operating system and application are deployed to a respective first one of the set of machines, the first one of the machines equipped with a softcore processor.
    Type: Grant
    Filed: July 25, 2017
    Date of Patent: March 17, 2020
    Assignee: International Business Machines Corporation
    Inventor: Michael Paul Clarke
  • Patent number: 10587467
    Abstract: Operating conditions of a blockchain configuration may be dynamic and change automatically under certain circumstances. One example method of operation may include one or more of identifying an existing consensus procedure used in an existing blockchain configuration, identifying current metrics associated with the existing blockchain configuration, comparing the current metrics to predefined rules, identifying one or more deviations based on the current metrics being compared to the predefined rules, and changing the existing consensus procedure to a next consensus procedure for a subsequent block in the existing blockchain configuration responsive to identifying the one or more deviations.
    Type: Grant
    Filed: November 5, 2018
    Date of Patent: March 10, 2020
    Assignee: International Business Machines Corporation
    Inventors: Sheehan Anderson, Konstantinos Christidis, Anna D. Derbakova, Nitin Gaur
  • Patent number: 10581589
    Abstract: A method for the authentication of a first electronic entity (C) by a second electronic entity (H), wherein the first electronic entity (C) implements the following steps: reception of a challenge (HCH) from the second electronic entity (H); generation of a number (CCH) according to a current value of a counter (SQC) and a first secret key (K-ENC); generation of a cryptogram (CAC) according to the challenge (HCH) and a second secret key (S-MAC); and transmission of a response including the cryptogram (CAC) to the second electronic entity (H), without transmission of the number (CCH).
    Type: Grant
    Filed: May 29, 2015
    Date of Patent: March 3, 2020
    Assignee: IDEMIA FRANCE
    Inventors: Emmanuelle Dottax, Florian Galdo, Jean-Philippe Vallieres
  • Patent number: 10581817
    Abstract: A digital security bubble encapsulation is disclosed. A public key and a device identifier of at least one recipient is requested from a first server. A message containing one or more components is encrypted using a symmetric key. The symmetric key is encrypted with a public key received in response to the request. The encrypted message, the encrypted symmetric key, and the device identifier are encapsulated in a digital security bubble encapsulation. The digital security bubble encapsulation is transmitted to a second server.
    Type: Grant
    Filed: February 26, 2018
    Date of Patent: March 3, 2020
    Assignee: Wickr Inc.
    Inventors: Christopher Howell, Robert Statica, Kara Lynn Coppa
  • Patent number: 10581600
    Abstract: A method for quantum key output is disclosed. The method may be implemented by a first quantum key management device. The method may comprise obtaining a first key acquisition request from a first data device, acquiring a first quantum key from a first quantum key distribution device, according to the obtained first key acquisition request, storing the acquired first quantum key in a same management device address range as a corresponding second quantum key acquired by a second quantum key management device, performing a first consistency verification including determining whether the first quantum key is the same as the second quantum key, and sending the first quantum key to the first data device, if the first quantum key is determined to be the same as the second quantum key.
    Type: Grant
    Filed: June 8, 2016
    Date of Patent: March 3, 2020
    Assignee: ALIBABA GROUP HOLDING LIMITED
    Inventors: Yingfang Fu, Shuanlin Liu
  • Patent number: 10574668
    Abstract: Disclosed are various examples of providing analog security for digital data. A first framelet is decrypted. The first framelet includes a first set of subpixels for each pixel of content requested from a network service. A second framelet is also decrypted. The second framelet includes a second set of subpixels for the respective pixel of the content. The first framelet and the second framelet are rendered separately. The first framelet is visually aligned with the second framelet to reproduce the content. A shade of each pixel is reproduced based on the first plurality of subpixels being visually aligned with the second plurality of subpixels.
    Type: Grant
    Filed: February 14, 2019
    Date of Patent: February 25, 2020
    Assignee: AIRWATCH LLC
    Inventor: Ketan Bhardwaj
  • Patent number: 10572677
    Abstract: A method generates, in a higher security domain (SD), public and secret keys using a first homomorphic encryption scheme (HES), passes the public key to a first shared security zone (SSZ) between the higher SD and a lower SD and through the first SSZ to a second entity in the lower SD, passes a plain text query from the higher SD to the first SSZ, encrypts the plain text query using a second HES, passes the encrypted plain text query to the second entity, performs an oblivious query to generate an encrypted result, and passes that from the lower SD to a second SSZ located between the higher and lower SDs, passes the secret key from the higher SD to the second SSZ, and decrypts the encrypted result using the secret key to generate a plain text result, and passes the plain text result to the higher SD.
    Type: Grant
    Filed: July 20, 2018
    Date of Patent: February 25, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Graham A. Bent, Flavio A. Bergamaschi
  • Patent number: 10574606
    Abstract: A method of exchanging messages between users over a network includes receiving a registration request from an organization and provisioning an organizational sub-domain, verifying the registration request according to requirements of a first protocol and provisioning a first user address that is part of the organizational sub-domain, and sending a message from the first user address to a second user address according to the first protocol.
    Type: Grant
    Filed: June 30, 2017
    Date of Patent: February 25, 2020
    Assignee: KNO2 LLC
    Inventor: Therasa Bell
  • Patent number: 10565361
    Abstract: Methods and systems are provided for electronic authentication. A modified electronic image is generated by altering at least a pixel of an electronic image. The electronic image is an image that has been previously viewed by a user during a setup process. In response to receiving an authentication request from the user, the modified electronic image is displayed to the user via an electronic display along with one or more other electronic images. A determination is made as to whether the user is able to recognize the modified electronic image. In response to determination that the user is able to recognize the modified electronic image, the authenticating request is granted.
    Type: Grant
    Filed: October 16, 2017
    Date of Patent: February 18, 2020
    Assignee: PAYPAL, INC.
    Inventor: William Joseph Leddy
  • Patent number: 10567355
    Abstract: Embodiments described herein relate to obtaining a public key for an application of a communication device, including, but not limited to, receiving a request from the communication device to obtain the public key, evaluating the request based on at least one policy, requesting the public key from a public key infrastructure (PKI) in response to determining that the request is authorized, receiving the public key from the PKI, and sending the public key to the communication device.
    Type: Grant
    Filed: April 16, 2018
    Date of Patent: February 18, 2020
    Assignee: FORNETIX LLC
    Inventors: Charles White, Stephen Edwards
  • Patent number: 10560545
    Abstract: A client updates a display of a user interface associated with a state-based client-server application in accordance with a client-side cache. The server supplies data for a new state and additional data for one or more subsequent states that possibly follow the new state if appropriate one or more operations are performed. When a client request is generated that indicates an operation that causes the application to transition to the new state, the client updates the display in accordance with the data that corresponds to the new state from the client-side cache, if available from the client-side cache. The new state data is available since the server has previously supplied the new state data.
    Type: Grant
    Filed: September 11, 2017
    Date of Patent: February 11, 2020
    Assignee: Versata Development Group, Inc.
    Inventors: Jude Arvind Britto, Rajasekhar Vinnakota, David Franke, Douglas Stuart Gray, Deepti Gupta
  • Patent number: 10555135
    Abstract: A terminal device includes at least one processor and a transceiver. The at least one processor is configured to execute computer readable instructions to generate a list of a plurality of other terminal devices located within a threshold range from the terminal device via short-range wireless communication. The transceiver is configured to transmit, in response to selection of a set of terminal devices from among the plurality of other terminal devices included in the list, a request to establish an association with users corresponding to terminal devices in the selected set of terminal devices.
    Type: Grant
    Filed: August 29, 2019
    Date of Patent: February 4, 2020
    Assignee: LINE Corporation
    Inventor: Kenichi Sugimoto
  • Patent number: 10541805
    Abstract: In aspects of variable relinearization in homomorphic encryption, a computing device stores homomorphic encrypted data as a dataset, and implements an encryption application that can perform a multiplication operation on a ciphertext in the homomorphic encrypted data, where the multiplication operation contributes to increase a noise component in the ciphertext. The encryption application can determine a relinearization amount by which to relinearize the ciphertext after the multiplication operation, where the determination is effective to optimize a noise increase in the ciphertext based at least in part on projected subsequent multiplication operations on the ciphertext. The encryption application can then relinearize the ciphertext utilizing the determined relinearization amount that optimizes the noise increase in the ciphertext for optimal relinearization performance.
    Type: Grant
    Filed: June 26, 2017
    Date of Patent: January 21, 2020
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Kim Henry Martin Laine, Hao Chen, Yuhou Xia
  • Patent number: 10540835
    Abstract: An access control system includes a mobile library on a mobile device operable to communicate with the credential service, the mobile library operable to receive the credential from the credential service and a credential module for an access control, the credential module operable to receive virtual card data from the credential, the virtual card data usable to operate the access control.
    Type: Grant
    Filed: December 1, 2015
    Date of Patent: January 21, 2020
    Assignee: Carrier Corporation
    Inventors: Adam Kuenzi, Jonah J. Harkema
  • Patent number: 10536275
    Abstract: In some embodiments, a verification service receives a description for a combination of a set of ranges within content available for download. The set of ranges are not sequentially located in the content that a client device has downloaded. The verification service determines if a first portion of the combination of the set of ranges has been received in a prior request. When the first portion has been received, the verification service retrieves a first set of verification values that represent subsets of content corresponding to the first portion. When at least a second portion of the combination of the set of ranges has not been received, the verification service generates a second set of verification values using subsets of content corresponding to the second portion. One or more of the first set of verification values and the second set of verification values are sent to the client device.
    Type: Grant
    Filed: May 10, 2017
    Date of Patent: January 14, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Alexander Burba, Brandon T. Hunt
  • Patent number: 10530574
    Abstract: Described herein is a method and system for wireless data transmission with network coding which limits encryption operations to a critical set of network coding coefficients in combination with multi-resolution and/or multi-description video coding. Such a method and system achieves hierarchical fidelity levels, robustness against wireless packet loss and efficient security by exploiting the algebraic structure of network coding.
    Type: Grant
    Filed: March 19, 2018
    Date of Patent: January 7, 2020
    Assignee: MASSACHUSETTS INSTITUTE OF TECHNOLOGY
    Inventors: Xiaomeng Shi, Muriel Medard
  • Patent number: 10530572
    Abstract: Provided is a key management method to secure security in an onboard network system having multiple electronic control units storing a shared key. In the key management method of the onboard network system including multiple electronic units (ECUs) that perform communication by frames via a bus, a master ECU stores a shared key to be mutually shared with one or more ECUs. Each of the ECUs acquire a session key by communication with the master ECU based on the stored shared key, and after this acquisition, executes encryption processing regarding a frame transmitted or received via the bus, using this session key. In a case where a vehicle in which the onboard network system is installed is in a particular state, the master ECU executes inspection of a security state of the shared key stored by the ECU or the like.
    Type: Grant
    Filed: July 6, 2016
    Date of Patent: January 7, 2020
    Assignee: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA
    Inventors: Yoshihiro Ujiie, Jun Anzai, Yoshihiko Kitamura, Masato Tanabe, Takeshi Kishikawa
  • Patent number: 10530586
    Abstract: A method of generating a shortcut certificate for authenticating a user digital certificate generated by an issuing certification authority; the method comprising: authenticating the digital certificate of the issuing certification authority; creating the shortcut certificate for the digital certificate of the issuing certification authority when the digital certificate of the issuing certification authority is authenticated; wherein the shortcut certificate comprises a signed entry of an authentication of the issuing certification authority.
    Type: Grant
    Filed: September 22, 2015
    Date of Patent: January 7, 2020
    Assignee: ARM IP Limited
    Inventors: Milosch Meriac, Geraint Luff
  • Patent number: 10523619
    Abstract: Defining a scalable cluster for high volume message delivery and delivering messages between actors is described. Actors are mapped to virtual nodes and virtual nodes to nodes using mathematical algorithms. The mathematical algorithms are further used to determine address information of actors for message delivery.
    Type: Grant
    Filed: December 20, 2013
    Date of Patent: December 31, 2019
    Assignee: ROVIO ENTERTAINMENT LTD.
    Inventors: Juhani Honkala, Ari Talja
  • Patent number: 10523664
    Abstract: Embodiments of the present application relate to a method and device for authentication processing. The method includes obtaining an equipment code that uniquely identifies a terminal, generating a dynamic password based at least in part on the equipment code and an output value of a counter, wherein the dynamic password is a basis for authentication of the terminal by a server, and sending the dynamic password to the server, wherein the server authenticates the dynamic password.
    Type: Grant
    Filed: July 1, 2016
    Date of Patent: December 31, 2019
    Assignee: Alibaba Group Holding Limited
    Inventor: Zeyang Li
  • Patent number: 10516994
    Abstract: Methods, systems, and devices for wireless communication are described. A user equipment (UE) may perform authentication procedures using an alternative identity (e.g., a privacy mobile subscriber identity (PMSI)) instead of an international mobile subscriber identity (IMSI) to protect the privacy of the user. If the UE does not have a PMSI, it may include a request for a PMSI initialization in an attach request. In some cases, the PMSI may be used once, and a new PMSI may be generated for the next attachment procedure. In some cases, a universal subscriber identity module (USIM) of the UE may not support storage of a PMSI. So a privacy module of the UE may communicate with the USIM according to the USIM's capabilities and may maintain a PMSI separately for communication with the network.
    Type: Grant
    Filed: March 3, 2017
    Date of Patent: December 24, 2019
    Assignee: QUALCOMM Incorporated
    Inventors: Soo Bum Lee, Anand Palanigounder, Adrian Edward Escott
  • Patent number: 10516535
    Abstract: A management apparatus according to an embodiment is connected to a measurement apparatus deployed for each user via a first network. The management apparatus is connected to a service providing apparatus via a second network. The management apparatus includes a first communication device, a second communication device and one or more first processors. The first processors generate seed information using a service providing apparatus identifier. The first processors generate a user key using a measurement apparatus individual key, and the seed information. The first communication device transmits the generated seed information to the measurement apparatus via the first network. The second communication device transmits the generated user key to the service providing apparatus via the second network.
    Type: Grant
    Filed: February 9, 2017
    Date of Patent: December 24, 2019
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Naoki Ogura, Toru Kambayashi, Yoshikazu Hanatani, Takahiro Yamada, Takeshi Saito
  • Patent number: 10515366
    Abstract: An improved technique involves generating, from historical transaction data, a relational graph that represents connections between users who initiate transactions and transaction devices used to carry out the transactions. By supplementing traditional relational database models with a tool such as a graph database, a risk analysis server is able to express users and transaction devices as nodes in a graph and the connections between them as edges in the graph. The risk analysis server may then match the topology of the graph in a neighborhood of the user initiating the transaction to a known topology that is linked to an indication of risk. In some arrangements, this topology is an input into a risk model used to compute a risk score for adaptive authentication.
    Type: Grant
    Filed: December 24, 2013
    Date of Patent: December 24, 2019
    Assignee: EMC IP Holding Company LLC
    Inventors: Boris Gorelik, Anatoly Gendelev, Liron Liptz, Alex Zaslavsky, Marcelo Blatt
  • Patent number: 10503912
    Abstract: A context aware relevance engine with a server driven narrative is presented as a system for serving relevant content that includes a wireless device, a server, a positioning module, a user profile module, a content module, a ranking content module, a content delivery module, a wireless display, a responsive input is described. The wireless device wirelessly communicates with a network and the wireless device is configured to run a web browser or download a software application module. The server is communicatively coupled to the wireless device via the network and the server authenticates the wireless device or the web browser.
    Type: Grant
    Filed: October 16, 2014
    Date of Patent: December 10, 2019
    Assignee: NEXRF CORP.
    Inventor: Michael Anthony Kerr
  • Patent number: 10505980
    Abstract: An identity management system prevents users' credential information from being harvested by phishing attackers. The identity management system can installed as a plug in on users' devices. Destinations that solicit users' credential information are verified. For example, web addresses or registered names of websites that receive users' credential information can be verified against known web addresses or registered names to verify their authenticity. When verification of the authenticity of a destination fails, a user is alerted and submission of credential information needs to be confirmed.
    Type: Grant
    Filed: September 6, 2016
    Date of Patent: December 10, 2019
    Assignee: Okta, Inc.
    Inventors: Reman P. Child, Hector Aguilar-Macias
  • Patent number: 10499246
    Abstract: A method, a device, and a non-transitory storage medium are provided to store a hardware identifier that uniquely identifies the IoT device; perform an attachment procedure with a wireless network, wherein the attachment procedure includes authenticating the IoT device by the wireless network and establishing a bearer connection; establish a secure channel with a first network device via the bearer connection, in response to successfully completing the attachment procedure; transmit, to the first network device, a first request to authenticate the IoT device, wherein the first request includes the hardware identifier; receive, from the first network device, a first response that indicates whether the IoT device is authenticated; determine that the IoT device is authenticated based on the first response; and transmit, to the first network device, a second request for a key in response to a determination that the IoT device is authenticated.
    Type: Grant
    Filed: May 17, 2017
    Date of Patent: December 3, 2019
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Feng Li, Dahai Ren, Ming Chen
  • Patent number: 10491385
    Abstract: An information processing system includes a first information processing apparatus, which authenticates second and third information processing apparatuses, acquires first data from the second information processing apparatus, and transmits second data indicating a method of generating a key from the first data, to the second and third information processing apparatuses; the second information processing apparatus, which transmits the first data to the first and third information processing apparatuses, acquires the second data from the first information processing apparatus, generates the key based on the first and second data, and communicates with the third information processing apparatus based on the key; and the third information processing apparatus, which acquires the first data from the second information processing apparatus, acquires the second data from the first information processing apparatus, generates the key based on the first and second data, and communicates with the second information pro
    Type: Grant
    Filed: December 7, 2018
    Date of Patent: November 26, 2019
    Assignee: AdIn Research, Inc.
    Inventors: Nobuharu Suzuki, Koji Sasaki
  • Patent number: 10484363
    Abstract: Disclosed is a method and an apparatus for a first device to perform authentication by using Bluetooth LE (Low Energy). The present invention provides a method and an apparatus comprising exchanging capability information with a second device; generating a random code for first authentication through a user authentication service based on the capability information; transmitting a write request message including the generated random code to the second device; receiving a write response message in response to the write request message from the second device; receiving an authentication indication message from the second device, wherein the authentication indication message includes state information indicating success or failure of the first authentication based on the random code; and transmitting an authentication complete message in response to the authentication indication message.
    Type: Grant
    Filed: May 23, 2017
    Date of Patent: November 19, 2019
    Assignee: LG ELECTRONICS INC.
    Inventors: Jinkwon Lim, Donghyun Kang, Jingu Choi, Minsoo Lee
  • Patent number: 10477389
    Abstract: Disclosed are a communication scheme and a system thereof for converging an IoT technology and a 5G communication system for supporting a high data transmission rate beyond that of a 4G system. A method and an apparatus for configuring a connection with a second device, which provides access to a network, by a first device in a communication system, is provided. The method includes discovering the second device supporting a neighbor awareness network (NAN) and located within a predetermined range from the first device, exchanging an ephemeral key of the first device for identifying the first device and an ephemeral key of the second device for identifying the second device, and performing a secure connection between the first device and the second device.
    Type: Grant
    Filed: March 21, 2016
    Date of Patent: November 12, 2019
    Assignee: Samsung Electronics Co., Ltd
    Inventors: Soo-Yong Lee, Byung-Moo Lee, Joo-Yeol Lee, Dong He
  • Patent number: 10476673
    Abstract: Embodiments are direct to monitoring communication between computers may be using network monitoring computers (NMCs). Network packets that are communicated between the computers may be captured and stored in a data store. If the NMCs identify a secure communication session established between two computers, the NMCs may obtain key information that corresponds to the secure communication session that includes a session key that may be provided by a key provider. Correlation information associated with the secure communication session may be captured by the NMCs. The correlation information may include tuple information associated with the secure communication session. And, the key information and the correlation information may be stored in a key escrow. The key information may be indexed in the key escrow using the correlation information.
    Type: Grant
    Filed: March 22, 2017
    Date of Patent: November 12, 2019
    Assignee: ExtraHop Networks, Inc.
    Inventors: Benjamin Thomas Higgins, Charlotte Ching-Hsing Tan, Jesse Abraham Rothstein
  • Patent number: 10476665
    Abstract: Various embodiments relate to a method performed by a processor of a computing system. An example method includes determining a first cryptographic algorithm utilized in a first block of a first blockchain. The first block of the first blockchain has a first unique block identifier. A second cryptographic algorithm utilized in a second block of the first blockchain is determined. The second block of the first blockchain having a second unique block identifier. A first cryptographic algorithm status transition (“CAST”) event is defined if the second cryptographic algorithm is different than the first cryptographic algorithm. A first CAST record is defined upon occurrence of the first CAST event. The first CAST record includes the second cryptographic algorithm and the second unique block identifier. The first CAST record is digitally signed and stored on a second blockchain. The second blockchain may be referenced out-of-band of the first blockchain.
    Type: Grant
    Filed: January 26, 2017
    Date of Patent: November 12, 2019
    Assignee: WELLS FARGO BANK, N.A.
    Inventors: Phillip H. Griffin, Jeffrey J. Stapleton
  • Patent number: 10476802
    Abstract: A method for routing is disclosed. The method comprises provisioning an endpoint in a network with a reactive path selection policy; monitoring, by the endpoint, current conditions relating to various paths available to said end point for the transmission of traffic; and selectively applying, by the endpoint, at least a portion of the reactive path selection policy based on the current conditions of the available paths.
    Type: Grant
    Filed: March 23, 2017
    Date of Patent: November 12, 2019
    Assignee: Cisco Technology, Inc.
    Inventor: Lars Olof Stefan Olofsson
  • Patent number: 10469492
    Abstract: Systems, methods, and non-transitory computer-readable medium are disclosed includes for secure online credential authentication. One method includes receiving, over an electronic network, identification information from an identity provider; accessing, from a database, previously stored hashed identification information stored in association with a previous identity provider; comparing the identification information to previously stored hashed identification information; and storing the identification information in association with the identity provider that provided the identification information in the database when the hashed identification information does not match previously stored hashed identification information.
    Type: Grant
    Filed: October 14, 2016
    Date of Patent: November 5, 2019
    Assignee: ID.me, Inc.
    Inventor: Blake Hall
  • Patent number: 10461926
    Abstract: Example implementations relate to cryptographic evidence of persisted capabilities. In an example implementation, in response to a request to access a persisted capability stored in a globally shared memory, a system may decide whether to trust the persisted capability by verification of cryptographic evidence accompanying the persisted capability. The system may load the persisted capability upon a decision to trust the persisted capability based on successful verification.
    Type: Grant
    Filed: August 31, 2016
    Date of Patent: October 29, 2019
    Assignee: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP
    Inventors: Chris I. Dalton, Dejan S. Milojicic
  • Patent number: RE47924
    Abstract: Provided are methods and systems for caching network generated security certificates. An example system may include a security gateway node and a storage module. The security gateway node may be operable to receive, from a client, a session request to establish a secure connection with a server. Based on the session request, the security gateway node may establish a first secure session between the client and the security gateway node and a second secure session between the security gateway node and the server. The security gateway node may receive a server certificate from the server. The security gateway node may match the server certificate against a gateway certificate table. Based on the matching, the security gateway node may receive a gateway certificate associated with the gateway certificate entry that matches the server certificate. The gateway certificate may be used for performing the first secure session.
    Type: Grant
    Filed: March 1, 2019
    Date of Patent: March 31, 2020
    Assignee: A10 Networks, Inc.
    Inventors: Ali Golshan, Xuyang Jiang, Yang Yang