Symmetric Key Cryptography Patents (Class 380/259)
  • Patent number: 11178108
    Abstract: The invention comprises a method for filtering data. The method comprises receiving a network request from a client, determining, based on one or more filtering criteria, whether to forward the network request to a server, and based on the determining, forwarding the network request to the server, or preventing the network request from reaching the server and blocking future network requests from the client.
    Type: Grant
    Filed: November 18, 2020
    Date of Patent: November 16, 2021
    Assignee: QIP SOLUTIONS LIMITED
    Inventor: Fiona Kane
  • Patent number: 11115187
    Abstract: The present disclosure relates to a block cipher apparatus and method for real-time data transmission and the block cipher apparatus according to an exemplary embodiment of the present disclosure includes: a block encryption unit which selects a key in accordance with an order of keys having different lengths to encrypt each plaintext block and generate a ciphertext block; and a message authentication unit which generates a message authentication code using a key selected at the time of encrypting a current plaintext block which is encrypted in the block encryption unit and a previous message authentication code generated by a plaintext block before the current plaintext block.
    Type: Grant
    Filed: May 28, 2019
    Date of Patent: September 7, 2021
    Assignee: KOREA UNIVERSITY RESEARCH AND BUSINESS FOUNDATION
    Inventors: Hwangnam Kim, Seounghwan Oh, Seongjoon Park
  • Patent number: 11102248
    Abstract: A remote wipe message or notification may be sent from a server computer to one or more target client devices associated with a user. A managed container running on a target client device associated with the user and having a managed cache storing content managed by or through the server computer may, in response to the remote wipe message or notification, deleting the managed content or a portion thereof from its managed cache. The managed container may send back an acknowledgement or message to the server computer that it had completed the remote wipe. The remote wipe functionality can avoid having to deal with individual applications running on the client device and therefore can eliminate the complexity of having to deal with individual applications. Furthermore, the remote wipe can be done independently of the local operating system and without affecting non-managed information/applications on the client device.
    Type: Grant
    Filed: November 19, 2018
    Date of Patent: August 24, 2021
    Assignee: OPEN TEXT SA ULC
    Inventors: Gregory Beckman, Robert Laird, Alain Gagne
  • Patent number: 11102236
    Abstract: Systems and methods provide for identification and remediation of IoT devices exhibiting anomalous behaviors. An IoT management system can identify IoT devices requiring remediation. The IoT management system may present a first interface including representations of the devices requiring remediation, where each representation can include identifying information for an IoT device, policies applied to the IoT device, and bandwidth/throughput information of the IoT device. The IoT management system can present a second remediation interface representing a detailed representation of a first IoT device. The detailed representation can include user interface elements representing actions to be performed relating to the first IoT device. The IoT management system can perform a first action corresponding to a selection of one of the user interface elements.
    Type: Grant
    Filed: November 19, 2018
    Date of Patent: August 24, 2021
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Mark Stephan Shurtleff, Jerome Henry, Bart Brinckman
  • Patent number: 11102007
    Abstract: A system and method are described that enables mobile devices (e.g. including but not limited to a mobile phone or the like), to intercept and respond to contactless card authentication requests, allowing mobile devices to be used in place of contactless cards. Enabling mobile phone devices to emulate contactless cards decreases issues related to lost or damaged cards, enabling a single device to be used to provide tokens related to multiple different contactless cards, and leverages functionality of the mobile device to provide dual-factor authentication.
    Type: Grant
    Filed: October 1, 2019
    Date of Patent: August 24, 2021
    Assignee: Capital One Services, LLC
    Inventors: Jeffrey Rule, Kevin Osborn
  • Patent number: 11095624
    Abstract: Systems, methods, software and apparatus enable end-to-end encryption of group communications by implementing a pairwise encryption process between a pair of end user devices that are members of a communication group. One end user device in the pairwise encryption process shares a group key with the paired end user device by encrypting the group key using a message key established using the pairwise encryption process. The group key is shared among group members using the pairwise process. When a transmitting member of the group communicates with members, the transmitting member generates a stream key, encrypts stream data using the stream key, encrypts the stream key with the group key, then transmits the encrypted stream key and encrypted stream data to group members. The group key can be updated through the pairwise encryption process. A new stream key can be generated for each transmission of streaming data such as voice communications.
    Type: Grant
    Filed: July 23, 2019
    Date of Patent: August 17, 2021
    Assignee: Orion Labs, Inc.
    Inventor: Greg Albrecht
  • Patent number: 11012245
    Abstract: Disclosed embodiments relate to securely facilitating decentralized management of identity data. Operations may include receiving, from an identity, encrypted data and an index associated with the encrypted data; receiving, from the identity, a first request including: the index, a first part of a first cryptographic key, and a target service cryptographic key; identifying, using the index, the encrypted data; encrypting a copy of the encrypted data using the target service cryptographic key to form a doubly encrypted data; sending a challenge token to the identity; receiving a second request, from a target service, the second request including: the index and a challenge response created based on the challenge token; and sending to the target service the doubly encrypted data and the first part of the first cryptographic key; wherein the target service is operable to decrypt the doubly encrypted data.
    Type: Grant
    Filed: September 10, 2020
    Date of Patent: May 18, 2021
    Assignee: CYBERARK SOFTWARE LTD.
    Inventor: Ofer Rivlin
  • Patent number: 10986175
    Abstract: Methods, systems, and devices for wireless communication are described. A managing device may create a group security configuration for each device of a group of devices managed by the managing device. The group security configuration may include a group security parameter associated with the group of devices and a device-specific security parameter associated with each device in the group of devices. The managing device may provide the group security configuration to one or more devices of the group of devices. The one or more devices may use the group security configuration to directly establish a secure connection for communications between the one or more devices, which may include an establishment of the secure connection without further communications with the managing device during the establishment.
    Type: Grant
    Filed: June 22, 2016
    Date of Patent: April 20, 2021
    Assignee: QUALCOMM Incorporated
    Inventors: Soo Bum Lee, Gavin Bernard Horn
  • Patent number: 10984093
    Abstract: The disclosure describes methods and systems for a storage device that includes one or more memory devices, where the memory devices store a second challenge question and a first response key. The system also includes an interface and a storage controller coupled to the interface and coupled to the memory devices. The storage controller generates an enable signal for enabling access to the memory devices. The system also includes a security module coupled to the storage controller and configured to send and receive challenge requests and challenge responses, where the security module includes a first challenge question and a second response key corresponding to each of the memory devices.
    Type: Grant
    Filed: April 30, 2018
    Date of Patent: April 20, 2021
    Assignee: WESTERN DIGITAL TECHNOLOGIES, INC.
    Inventors: Danny Berler, Judah Gamliel Hahn
  • Patent number: 10984136
    Abstract: A secure memory device for secure data storage and related method are provided. The device may include an accessible data storage area configured to store data, a start location register that points to a start of the accessible data storage area, and a size-related register that allows a size of the accessible data storage area to be determined. A secret area comprises a device secret that is a value unique to the device, and that is not accessible from external to the device, and is accessible under at least one predefined conditions internal to the device, an access control element configured to prevent external access to the secret data. A generator generates a derived secret based on the storage data and the secret data that is usable to authenticate the storage data. The device may also include a memory bus over which the derived secret is communicated.
    Type: Grant
    Filed: August 31, 2017
    Date of Patent: April 20, 2021
    Assignee: Micron Technology, Inc.
    Inventor: Lance W. Dover
  • Patent number: 10986152
    Abstract: Methods and systems are provided for bitrate adaptation of a video asset to be streamed to a client device for playback. The method includes selecting a representation from a manifest which expresses a set of representations available for each chunk of the video asset and generating a dynamic manifest for the video asset in which the representation selected for the at least one chunk is recommended for streaming to the client device. The selection of the representation recommended for the chunk may be based on at least one of historic viewing behavior of previous viewers of the chunk, content analysis information for the chunk, a level of available network bandwidth, a level of available network storage, and data rate utilization information of network resources including current, average, peak, and minimum data rate of network resources.
    Type: Grant
    Filed: December 29, 2016
    Date of Patent: April 20, 2021
    Assignee: ARRIS Enterprises LLC
    Inventors: Bhavan Gandhi, Faisal Ishtiaq, Anthony J. Braskich, Andrew Aftelak
  • Patent number: 10984416
    Abstract: Various embodiments are generally directed to NFC-based mobile currency transfers. A mobile payment may be programmatically initialized when at least two mobile devices come into NFC communications range. A payment card associated with an account used to fund the currency transfer may be tapped to one or more of the devices to allow a server to validate the currency transfer.
    Type: Grant
    Filed: March 20, 2019
    Date of Patent: April 20, 2021
    Assignee: Capital One Services, LLC
    Inventors: Rajko Ilincic, Jeffrey Rule
  • Patent number: 10979226
    Abstract: A system for authenticating a user and his local device to a secured remote service with symmetrical keys, which utilizes a PIN from the user and a unique random value from the local device in such a way that prevents the remote service from ever learning the user's PIN, or a hash of that PIN. The system also provides mutual authentication, verifying to the user and local device that the correct remote service is being used. At the same time, the system protects against PIN guessing attacks by requiring communication with the said remote service in order to verify if the correct PIN is known. Also, the system works in such a way as to change the random value stored on the user's local device after each authentication session.
    Type: Grant
    Filed: April 16, 2019
    Date of Patent: April 13, 2021
    Assignee: CybrSecurity Corporation
    Inventors: Roger E. Billings, John A. Billings
  • Patent number: 10972445
    Abstract: Aspects of the disclosure relate to dynamic crypto key management for mobility in a cloud environment. A computing platform may receive a request to generate a new tenant master key and a new server recovery key. Subsequently, the computing platform may send to a cloud-based key vault server, the new tenant master key and the new server recovery key. The computing platform may send to a tenant database, the encrypted server recovery key. As a result, the computing platform may provision the enrollment servers with the encrypted server recovery key. In some embodiments, the enrollment servers are configured to manage enrollment of policy-managed devices in a policy enforcement scheme and to authenticate with the key update service based on the encrypted server recovery key.
    Type: Grant
    Filed: November 1, 2017
    Date of Patent: April 6, 2021
    Assignee: Citrix Systems, Inc.
    Inventors: Benjamin Elliot Tucker, Timothy Ray Gaylor
  • Patent number: 10965457
    Abstract: Various methods and systems are provided for autonomous orchestration of secrets renewal and distribution across scope boundaries. A cross-scope secrets management service (“SMS”) can be utilized to store, renew and distribute secrets across boundaries in a distributed computing environment such as regional boundaries. In some embodiments, locally scoped secrets management services subscribe to receive updates from the cross-scope secrets management service. As secrets are renewed, they are automatically propagated to a subscribing local scope and distributed by the local secrets management service. In various embodiments, SMS can autonomously rollover storage account keys, track delivery of updated secrets to secrets recipients, deliver secrets using a secure blob, and/or facilitate autonomous rollover using secrets staging. In some embodiments, a service is pinned to the path where the service's secrets are stored.
    Type: Grant
    Filed: March 14, 2018
    Date of Patent: March 30, 2021
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Brian S. Lounsberry, Ashok Chandrasekaran, Chandan R. Reddy, Chuang Wang, Kahren Tevosyan, Mark Eugene Russinovich, Srinivas S. Nidadavolu, Vyom P. Munshi
  • Patent number: 10939413
    Abstract: A communication method and a related apparatus are disclosed. The method is performed by an MME, including: receiving an attach request message from an eNB, where the attach request message is used to request to attach to a network, and the attach request message includes an identity of the UE; sending, to an HSS according to the attach request message, an authentication data request message including the identity of the UE; receiving an authentication data response message including an AV from the HSS, where the authentication data response message is used to indicate that the authorization on the UE succeeds; and determining, according to the authentication data response message, that the UE is allowed to perform a V2X service, and performing authentication on the UE according to the AV. The method can enable a network side to perform authentication on UE during V2V communication, thereby reducing an air-interface resource overhead.
    Type: Grant
    Filed: January 26, 2018
    Date of Patent: March 2, 2021
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventor: Jiangwei Ying
  • Patent number: 10938790
    Abstract: A security system and method for improving the security of a file/data transmitted from a special purpose user computer to a recipient special purpose computer. A special purpose computer having an individualized encryption software application server that runs individualized encryption software is provided, along with an amino acid database generator having an amino acid database storing natural and/or synthetic amino data. The individualized encryption software applicant server sends a request to the secure amino acid database generator producing the mathematical characteristics of the natural and synthetic amino acids. This is used to construct an amino acid base layer. The amino acid base layer is folded into two or three dimensional shapes and have values assigned to them, and a secret key is provided such that the transmission cannot be opened by a recipient unless he or she has the key and the values associated with the folded amino acids.
    Type: Grant
    Filed: April 8, 2019
    Date of Patent: March 2, 2021
    Inventor: Carlos Enrique Brathwaite
  • Patent number: 10931651
    Abstract: A data encryption device obtains at least one piece of data to be encrypted. The data encryption device calculates, for each particular piece of data of the at least one piece of data, a data-specific key corresponding to the particular piece of data, the data-specific key being calculated based on a prestored root key and a data identifier of the particular piece of data using a one-way function, where the one-way function is such that the root key is not uniquely derivable from the data-specific key using the one-way function. The data encryption device generates encrypted data corresponding to the particular piece of data by encrypting the particular piece of data using the data-specific key corresponding to the piece of data.
    Type: Grant
    Filed: February 28, 2020
    Date of Patent: February 23, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventor: Huabing Du
  • Patent number: 10931454
    Abstract: Disclosed embodiments relate to securely facilitating decentralized management of identity data. Operations may include identifying a prompt to perform an attestation process for an identity; receiving, from the identity, a first request including: an index associated with encrypted data, a second part of a first cryptographic key, and a challenge token; generating a challenge response based on the challenge token; sending a second request to a data management hub including: the index and the challenge response; receiving a response to the second request, from the data management hub, the response including: doubly encrypted data formed by encrypting a copy of the encrypted data and a first part of the first cryptographic key; and decrypting the doubly encrypted data.
    Type: Grant
    Filed: September 10, 2020
    Date of Patent: February 23, 2021
    Assignee: CYBERARK SOFTWARE LTD.
    Inventor: Ofer Rivlin
  • Patent number: 10878950
    Abstract: Methods, systems and computer program products for data analytics. An information ecosystem comprises a plurality of participants and a plurality of data sets associated with the participants. An event initiates performance of a computation over different obfuscated data sets to determine an obfuscated computational result. An integrity value pertaining to constituent data of the different obfuscated data sets and, correspondingly, an integrity value pertaining to the computational result itself, is quantified by checking if the earlier offered data set or any constituents thereof are consistent with one or more aspects of later retrieved data. Certain variations of methods, systems and computer program products are used for verifying data accuracy in privacy-preserving computations that are performed in a health ecosystem where the data sets pertain to health information associated with the participants.
    Type: Grant
    Filed: August 9, 2019
    Date of Patent: December 29, 2020
    Inventors: Brian Jun, Jan T. Liphardt
  • Patent number: 10868666
    Abstract: A fully homomorphic encryption method based on modular operation, the method including: acquiring a plaintext of any numerical value data type in an encryption process and converting the plaintext to a corresponding plaintext system plaintext according to an encryption requirement; performing an encryption operation on each number in the system plaintext, and combining ciphertexts acquired by the encryption operation to obtain a corresponding ciphertext combination; performing a ciphertext operation on the ciphertext combination using a ciphertext source code, a ciphertext radix-minus-one complement, and a ciphertext complement code based on modular encryption; and using modular division to decrypt a result of the ciphertext operation to obtain a decrypted plaintext.
    Type: Grant
    Filed: August 21, 2018
    Date of Patent: December 15, 2020
    Assignees: SHENZHEN FHE TECHNOLOGIES CO., LTD
    Inventors: Heping Hu, Yunfeng Liao
  • Patent number: 10841225
    Abstract: Packet forwarding includes creating a first lookup table for mapping packets to nodes based on the number of nodes in a first set of nodes. A received packet is mapped to a mapping value using a predetermined mapping function. The first lookup table is indexed using a first subset of bits comprising the mapping value. A second lookup table is created in response to adding a node to the first set of nodes. A subsequently received packet is mapped to a mapping value using the same predetermined mapping function to index the second lookup table using a second subset of bits comprising the mapping value.
    Type: Grant
    Filed: March 6, 2019
    Date of Patent: November 17, 2020
    Assignee: Arista Networks, Inc.
    Inventor: Peter Lam
  • Patent number: 10831912
    Abstract: A method and system for performing an operation on protected sensitive data. A processor of a data processing system receives, from a computing system: (i) the protected sensitive data, (ii) an identification of an operation that accesses and utilizes the protected sensitive data during performance of the operation, and (iii) a request to perform the operation, wherein the computing system is external to the data processing system. The processor de-protects the received protected sensitive data, which generates unprotected sensitive data from the protected sensitive data. The processor performs the operation, which includes accessing and utilizing the unprotected sensitive data and generating a result. After the operation is performed, the processor re-protects the unprotected sensitive data, which restores the protected sensitive data. The processor sends the result to the computing system.
    Type: Grant
    Filed: February 26, 2019
    Date of Patent: November 10, 2020
    Assignee: International Business Machines Corporation
    Inventor: Holger Karn
  • Patent number: 10819510
    Abstract: The present application describes a method, system, and non-transitory computer-readable medium for exchanging encrypted communications using hybrid cryptography protocol. According to the present disclosure, a first device divides a first communication into at least a first secret and a second secret. The first device encrypts the first secret using a first cipher suite and the second secret using a second cipher suite. The first device generates a first signature of the first encrypted secret and the second encrypted secret according to a first signature generation algorithm associated with the first cipher suite and a second signature of the first encrypted secret and the second encrypted secret according to a second signature generation algorithm associated with the second cipher suite. The first device transmits the first encrypted secret and the second encrypted secret, the first signature, and the second signature to the second device.
    Type: Grant
    Filed: February 6, 2018
    Date of Patent: October 27, 2020
    Assignee: Wickr Inc.
    Inventor: Joël Alwen
  • Patent number: 10805077
    Abstract: Examples of the present disclosure describe systems and methods for partially encrypting conversations using different cryptographic keys. Messages communicated during a conversation session may be encrypted using a cryptographic key. Other conversation participants may then decrypt the messages using the cryptographic key. During the conversation, an event may occur that causes a new cryptographic key to be generated. The conversation participants may then use the new cryptographic key when communicating. As such, previously-encrypted messages may be inaccessible to new members that do not have the old cryptographic key, while newly-encrypted messages may be inaccessible to former members that do not have the new cryptographic key. An isolated collection may store the messages and related cryptographic keys. Relationships may exist within the isolated collection, such that messages may be related to one another and messages may also be related to the cryptographic keys used to encrypt them.
    Type: Grant
    Filed: May 21, 2019
    Date of Patent: October 13, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Christopher L. Mullins, Robert Standefer, III
  • Patent number: 10797859
    Abstract: An apparatus and methodology for securing data exchanged between devices in a NarrowBand IoT (NB-IoT) environment is disclosed. The apparatus embodies a cryptoprocessor having a confidentiality block and an integrity block. The confidentiality and integrity blocks are coupled to a bus interface through data channels via a multiplexer/demultiplexer (MUX) and first-in-first-out transmitter and receiver. The confidentiality and integrity blocks are further coupled to a cipher block through data channels via a MUX. The cipher block is operable to implement at least one stream cipher and at least one block cipher.
    Type: Grant
    Filed: March 22, 2018
    Date of Patent: October 6, 2020
    Assignee: Arm Limited
    Inventors: Luis Cavo Nuñez, Sébastien François Roger Fuhrmann
  • Patent number: 10795658
    Abstract: A method may include generating, via a setup function, public parameters associated with a random updatable function. The method may further include generating, via an initialization function and based at least in part on the public parameters generated by the setup function, a first random element and a first state. The method may further include generating, via an update function and based at least in part on the public parameters generated by the setup function, a third random element and a second state. Inputs of the update function may include the first state generated by the initialization function and a second random element.
    Type: Grant
    Filed: March 20, 2017
    Date of Patent: October 6, 2020
    Assignee: FUJITSU LIMITED
    Inventors: Avradip Mandal, Arnab Roy, Hart Montgomery
  • Patent number: 10798075
    Abstract: A system, an apparatus, a computer program product and a method for obfuscation-based security and authentication. The method comprises: obtaining a different key for each different device; obfuscating an interface layer utilized by components of the device to interact, using the key, to produce an obfuscated interface layer; and providing, directly or indirectly, the two components with the key to allow the two components to utilize the obfuscated interface layer to interact with each other. The system comprises a plurality of devices that are instances of a same device and a server coupled to a memory retaining a plurality of keys, each of which is used to obfuscate interface layers of a different device to produce heterogeneous set of devices instead of a homogenous set of devices. Communications and operations with the plurality of devices are performed in an obfuscated manner through the server.
    Type: Grant
    Filed: January 29, 2018
    Date of Patent: October 6, 2020
    Assignee: International Business Machines Corporation
    Inventors: Fady Copty, Ayman Jarrous, Ronen Levy, Sharon Keidar Barner
  • Patent number: 10785022
    Abstract: A network includes a logical network and a physical network. The logical network includes a plurality of logical nodes. Each logical node is connected to a respective identification core. Each identification core includes at least one semiconductor chip having a physical randomness. Each semiconductor chip generates one of a plurality of pairs of private keys and public keys based on the physical randomness thereof according to an input received by the one of the at least one semiconductor chip under a public key cryptography. One of the public keys is regarded as a logical address of one of the logical nodes, which is connected to one of the identification cores. The physical network includes a plurality of physical nodes. Each identification core is one of components in each physical node. The logical network is uniquely linked to the physical network by the pairs of private keys and public keys.
    Type: Grant
    Filed: September 11, 2017
    Date of Patent: September 22, 2020
    Inventor: Hiroshi Watanabe
  • Patent number: 10778759
    Abstract: A software architecture encoded on a non-transitory computer readable medium, where the software architecture includes a first protocol, wherein the first protocol is configured to form a plurality of groups, wherein each group of the plurality of groups comprises a set of randomly selected nodes from a network. The software architecture further includes a second protocol, wherein the second protocol is configured to randomly select a first group from the plurality of groups formed by the first protocol. Additionally, the software architecture includes a third protocol, wherein the third protocol is configured to designate the first group to sign a first message by generating a first group signature. Furthermore, the software architecture includes a hash function, wherein the hash function is configured to generate a hash value from the first group signature.
    Type: Grant
    Filed: November 20, 2017
    Date of Patent: September 15, 2020
    Assignee: DFINITY Stiftung
    Inventors: Dominic Williams, Timo Hanke
  • Patent number: 10754983
    Abstract: Sensitive data may be anonymized for use in user interfaces by applying a cryptographic hash function to the data. The hashed value may be broken into hash tokens and the hash tokens converted to human readable tokens using a 1:1 conversion function. The human readable tokens can then be concatenated together to provide a human readable identifier of the sensitive data.
    Type: Grant
    Filed: March 31, 2017
    Date of Patent: August 25, 2020
    Assignee: Interset Software Inc.
    Inventors: Josh Christopher Tyler Mahonin, Michael John Cyze, Michael Iles, Shaun Pilkington, Wesley Lawrence, Stephan Jou
  • Patent number: 10721074
    Abstract: Methods and apparatus to authenticate and differentiate virtually identical resources using session chaining are disclosed. In response to a session request from at least one of a management device or a resource, example methods and apparatus locate a session chain stack associated with an identifier of the at least one of the management device or the resource, and determine whether a first nonce at a top of the session chain stack associated with the identifier of the at least one of the management device or the resource is equal to a second nonce associated with the session request from the at least one of the management device or the resource.
    Type: Grant
    Filed: February 11, 2019
    Date of Patent: July 21, 2020
    Assignee: VMware, Inc.
    Inventor: Gregory A. Frascadore
  • Patent number: 10708248
    Abstract: A method of controlling a vehicle that includes a plurality of electronic control units (ECUs), the method including: allocating an order in which at least one ECU among the plurality of ECUs is to be assigned an encryption key, based on a data rate of each ECU; receiving, by the at least one ECU, at least one encryption key that is assigned to the at least one ECU according to the allocated order; and performing, by the at least one ECU and using the assigned at least one encryption key, (i) encryption of data to be transmitted through a Controller Area Network (CAN) communication bus, or (ii) decryption of data that is transmitted through the CAN communication bus.
    Type: Grant
    Filed: February 4, 2019
    Date of Patent: July 7, 2020
    Assignee: LG Electronics Inc.
    Inventors: Cheolseung Kim, Seongsoo Kim, Byeongrim Jo
  • Patent number: 10700874
    Abstract: System and method for providing secure machine to machine, M2M, communications comprising a device management, DM, server configured to obtain credentials of one or more M2M devices and provision the one or more M2M devices with credentials of a virtual private network, VPN. An application programming interface, API. A VPN server comprising a first communications interface configured to communicate API requests and API responses with the API. A second communications interface configured to provide a VPN for the one or more M2M devices. Logic configured to issue an API request, wherein the request includes the credentials of the VPN. Receive an API response from the DM server including an indication of the one or more M2M devices provisioned with the credentials of the VPN. Initiate a VPN over the second interface between the one or more M2M devices and the VPN server.
    Type: Grant
    Filed: July 12, 2016
    Date of Patent: June 30, 2020
    Assignee: VODAFONE IP LICENSING LIMITED
    Inventors: Nicholas Bone, Tim Snape
  • Patent number: 10701039
    Abstract: Various embodiments are generally directed to the providing for mutual authentication and secure distributed processing of multi-party data. In particular, an experiment may be submitted to include the distributed processing of private data owned by multiple distrustful entities. Private data providers may authorize the experiment and securely transfer the private data for processing by trusted computing nodes in a pool of trusted computing nodes.
    Type: Grant
    Filed: September 25, 2015
    Date of Patent: June 30, 2020
    Assignee: INTEL CORPORATION
    Inventors: Vinay Phegade, Huaiyu Liu, Jesse Walker
  • Patent number: 10700701
    Abstract: A method of compression is disclosed in which an input sequence of bits is divided into a plurality of portions. Each portion is sub-divided into a plurality of sub-divisions. Frequency analysis is performed to determine the number of occurrences of each sub-division permutation and new values are assigned, based on the frequency analysis, to each of the sub-division permutations. For each portion a label representing the permutation of bits in that portion is assigned. The label comprises a representation of a combined value resulting from combining the new values associated with the sub-division permutations of that portion. A processed sequence of bits is generated by replacing, within the input sequence of bits, bit portions with the respective label representing the permutation of bits in that portion.
    Type: Grant
    Filed: June 24, 2019
    Date of Patent: June 30, 2020
    Assignee: SISP Technologies Ltd.
    Inventors: Stuart Marlow, Nicholas Stavrinou
  • Patent number: 10685141
    Abstract: The invention relates to a method for storing data blocks from client devices to a cloud storage system, the method includes the steps of: d) storing an encrypted first data block and a challenge of the first data block of a first client device on the cloud storage system, e) determining if a hash of a second data block of a second client device stored on the cloud storage system equals the hash of the first data block, f) if yes, transmitting the challenge of the first data block from the cloud storage system to the second client device, g) extracting, at the second client device, the bits at the positions or at the range contained in the challenge, hashing the extracted bits, encrypting the hashed bits with a public key of the first client device or of the second client device and uploading the encrypted bits from the second client device to the cloud storage system, and h) storing the encrypted bits from the second client device on the cloud storage system.
    Type: Grant
    Filed: February 4, 2019
    Date of Patent: June 16, 2020
    Assignee: ABB Scheiz AG
    Inventors: Johannes Schneider, Matus Harvan, Sebastian Obermeier, Thomas Locher, Yvonne-Anne Pignolet
  • Patent number: 10637838
    Abstract: Systems and methods for secure communications between mobile applications installed on a user's mobile device. In some embodiments, a first application installed on a user's mobile device generates a key and transmits the key and a message to a server, where the message is to be communicated to a second application. According to disclosed embodiments, there is no limit on the size or a type of data included in the message. The server receives the message and the key from the first application. The first application shares the key with the second application which is then transmitted to the server for authenticating the second application. Upon authenticating the second application, the server transmits the message to the second application. In some embodiments, the applications and/or the server exchanges data with goods/services providers associated with the applications.
    Type: Grant
    Filed: July 1, 2016
    Date of Patent: April 28, 2020
    Assignee: moovel North America, LLC
    Inventors: Pedro Larios, Celite Milbrandt
  • Patent number: 10630642
    Abstract: The present disclosure relates to network security software cooperatively configured on plural nodes to authenticate and authorize devices, applications, users, and data protocol in network communications by exchanging nonpublic identification codes, application identifiers, and data type identifiers via pre-established communication pathways and comparing against pre-established values to provide authorized communication and prevent compromised nodes from spreading malware to other nodes.
    Type: Grant
    Filed: October 5, 2018
    Date of Patent: April 21, 2020
    Assignee: Stealthpath, Inc.
    Inventors: Mike Clark, Andrew Gordon, Matt Clark
  • Patent number: 10618775
    Abstract: A method is disclosed of retrofitting an elevator machine with primary and secondary braking, the machine being disposed on a machine support frame in an elevator machine room, and engaging one or more ropes for providing selective movement of an elevator car disposed in an elevator shaft, the machine having a drive sheave including a cylindrical brake drum, and brake components including dual brake arms; the method including: removing the brake components; affixing flanged disc segments about the drum and interlocking the flanged disc segments to form a brake rotor; and mounting respective brake calipers to frame mounts for providing primary and secondary braking to the elevator machine.
    Type: Grant
    Filed: November 18, 2016
    Date of Patent: April 14, 2020
    Assignee: OTIS ELEVATOR COMPANY
    Inventors: Daniel B. Davis, III, Robert K. Williams, John Eschenbrenner, Gregory M. O'Seep, James L. Hubbard, Martin J. Hardesty, Bruce P. Swaybill, Jesse R. Richter, Gary P. Mendrala, Patricia Derwinski, Christopher H. Koenig
  • Patent number: 10616586
    Abstract: A method is provided for encoding at least one image cut into blocks. The method implements, for a current block to be encoded, the acts of: predicting the current block with the aid of at least one predictor block, determining a residual data block representative of the difference between the predictor block and the current block, selecting, according to a predetermined criterion, a pair of mathematical operations including a permutation operation and a transformation operation from among a plurality of permutation operations, and a plurality of transformation operations, applying the permutation operation of said selected pair to the data of the determined residual block, applying the transformation operation of said selected pair to the permuted data, and encoding the data from said applied transformation operation.
    Type: Grant
    Filed: November 27, 2014
    Date of Patent: April 7, 2020
    Assignee: ORANGE
    Inventors: Pierrick Philippe, Hendrik Vorwerk
  • Patent number: 10581850
    Abstract: A method includes transmitting, by a user device, an encrypted user profile to a locking device, the encrypted user profile including a user key and encrypted by a server using a lock key; decrypting, by the locking device, the encrypted user profile using the lock key to generate a decrypted user profile and obtain the user key from the decrypted user profile; generating, by the user device, an encrypted firmware update command, the encrypted firmware update command encrypted using the user key of the user profile; transmitting, by the user device, the encrypted firmware update command to the locking device; decrypting, by the locking device, the encrypted firmware update command using the user key to generate a decrypted firmware update command; and installing, by the locking device, a firmware update in accordance with the decrypted firmware update command in response to successfully decrypting the encrypted firmware update command.
    Type: Grant
    Filed: February 12, 2018
    Date of Patent: March 3, 2020
    Assignee: Master Lock Company LLC
    Inventor: Nathan Conrad
  • Patent number: 10572317
    Abstract: The present technology pertains to responding to a kernel level file event for a content item and presenting a file event window associated with the content item. A client device can detect the kernel level file event for the content item. This can be accomplished using a kernel extension on a client device that is networked with a content management system. The client device can then retrieve data associated with the content item, including an instruction for the content item. The client device can then perform the instruction. This instruction can be to retrieve collaboration data from the content management system and present the collaboration data in a file event window.
    Type: Grant
    Filed: March 31, 2017
    Date of Patent: February 25, 2020
    Assignee: Dropbox, Inc.
    Inventors: Marcio von Muhlen, Vinod Valloppillil, Nils Bunger
  • Patent number: 10572930
    Abstract: A method for providing purchased content is provided. Management data including the identification data of the purchased content data stored in the information processing apparatus is received. Backup data of a user identification associated with the information processing apparatus is updated based on the management data. A request with the user identification associated with the information processing apparatus is received. A determination is made as to whether the request is authorized based on an authentication process. A list of identification data of content data identified in the backup data is provided to the information processing apparatus in response to a determination that the request is authorized. Further, the purchased content data without the fee is provided to the information processing apparatus based on a user selection of the identification data of the purchased content data from the list of the identification data of the content data.
    Type: Grant
    Filed: September 28, 2018
    Date of Patent: February 25, 2020
    Assignee: Sony Corporation
    Inventors: Izuru Tanaka, Hiraku Inoue
  • Patent number: 10574637
    Abstract: A terminal pairing method and a pairing terminal includes acquiring, when a terminal detects a preset pairing trigger event, a pairing hidden value that is of the terminal and that is associated with the preset pairing trigger event; and implementing, by the terminal, pairing with the peer end by using the pairing hidden value of the terminal. Compared with some approaches, in the present disclosure, pairing can be accurately implemented without using an NFC interface, which reduces costs of terminal pairing.
    Type: Grant
    Filed: May 14, 2014
    Date of Patent: February 25, 2020
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Zhiming Ding, Su Lu, Ping Fang, Xiaoxian Li, Ji Chen
  • Patent number: 10554402
    Abstract: An email request is received from a client device, where the email request is intended for an email server and includes a request for an email recipient's certificate. The compliance status of the client device is obtained. If the client device is in compliance, the email request is modified, and the modified email request is sent to the email server while a certificate retrieval request in the email request is redirected to a certificate repository implemented in a server separate from a certificate repository maintained by the email server. The email certificate is retrieved from the certificate repository and combined with information received from the email server to generate a response, which is sent to the client device.
    Type: Grant
    Filed: November 21, 2018
    Date of Patent: February 4, 2020
    Assignee: AirWatch, LLC
    Inventors: Christopher Henretty, William Pinner, Emil Novakov, Anand Patel, David Shaw, Marshall Brown
  • Patent number: 10554640
    Abstract: According to a first aspect of the present disclosure, a method for facilitating secure communication in a network is conceived, comprising: encrypting, by a source node in the network, a cryptographic key using a device key as an encryption key, wherein said device key is based on a device identifier that identifies a destination node in the network; transmitting, by said source node, the encrypted cryptographic key to the destination node. According to a second aspect of the present disclosure, a corresponding non-transitory, tangible computer program product is provided. According to a third aspect of the present disclosure, a corresponding system for facilitating secure communication in a network is provided.
    Type: Grant
    Filed: June 13, 2016
    Date of Patent: February 4, 2020
    Assignee: NXP B.V.
    Inventors: Jurgen Geerlings, Ghiath Al-Kadi, Piotr Polak
  • Patent number: 10535091
    Abstract: In a server serving as an information distribution apparatus and an information communication terminal, contents are managed by using content identifiers (content IDs) managed as IDs conforming to a rule of uniformity. Particularly, in the information communication terminal, a content ripped from a recording medium and stored in storage means is also managed by using a content identifier acquired from the information distribution apparatus. In this way, contents stored in the storage means can be managed by using content IDs each managed as an ID common to the information communication terminal and the information distribution apparatus. In communication between the information communication terminal and the information distribution apparatus, a content identifier conforming to a rule of uniformity identifies a content to which the content identifier is assigned so that the terminal is capable of downloading the content as well as acquiring additional information relevant to the content from the apparatus.
    Type: Grant
    Filed: September 21, 2018
    Date of Patent: January 14, 2020
    Assignee: Sony Corporation
    Inventors: Izuru Tanaka, Hiraku Inoue
  • Patent number: 10511582
    Abstract: Methods and systems for simplified encryption key generation in optical networks use a Transport Layer Security (TLS) protocol to securely generate an encryption key at both endpoints of an optical path provisioned in an optical transport network. Instead of generating yet another key for payload data transmission, the encryption key from TLS is used for encrypting payload data transmission without using the TLS protocol.
    Type: Grant
    Filed: April 7, 2017
    Date of Patent: December 17, 2019
    Assignee: FUJITSU LIMITED
    Inventors: Muhammad Sakhi Sarwar, Abirami Sathyamoorthy, Swati Mittal
  • Patent number: 10491571
    Abstract: A computing system can initiate one or more recording mechanisms to record content within a passenger interior of the vehicle as a driver transports a rider. After the vehicle arrives at a drop-off location, the computing system can dual encrypt the content utilizing a first public key associated with the driver and a second public key associated with the requesting user and store the dually encrypted content in a storage device. Decryption can require a pair of private keys associated with the rider and the driver.
    Type: Grant
    Filed: September 12, 2018
    Date of Patent: November 26, 2019
    Assignee: Uber Technologies, Inc.
    Inventor: Brian McClendon