User-to-user Key Distributed Over Data Link (i.e., No Center) Patents (Class 380/283)
-
Patent number: 12197614Abstract: The present disclosure is directed to a stateless system to enable data breach lookup. The stateless system may include an infrastructure device and a user device. In some aspects, the infrastructure device and the user device may determine whether the private data associated with the user device has been compromised due to a breach. The infrastructure device and/or the user device may utilize a critical combination of one or more of fast hashing algorithms, slow hashing algorithms, secret keys, and salt values to conduct the data breach lookup. In this way, the data breach lookup may be conducted without the user device communicating the private data externally. Various other aspects are contemplated.Type: GrantFiled: April 13, 2024Date of Patent: January 14, 2025Assignee: UAB 360 ITInventors: Vakaris Noreika, Gerrit Stefan Garbereder
-
Patent number: 12132829Abstract: There is herein disclosed a method of communication between a client pair, the client pair including an upstream client and a downstream client, the method being performed over a first optical fiber in an optical fiber pair and including: transmitting a downstream DWDM signal over the first optical fiber, wherein the downstream DWDM signal has a first frequency and contains first data originating from the upstream client, transmitting an upstream DWDM signal over the first optical fiber, wherein the upstream DWDM signal has a second frequency and contains second data originating from the downstream client, wherein the first frequency is different to the second frequency, and performing Quantum Key Distribution over the second optical fiber of the optical fiber pair.Type: GrantFiled: August 18, 2020Date of Patent: October 29, 2024Assignee: British Telecommunications Public Limited CompanyInventor: Andrew Lord
-
Patent number: 12107950Abstract: The present disclosure relates to method of enabling key re-usage for an electronic device. The method comprising: receiving a request message from the electronic device, wherein the request message comprises a first information being indicative of a preference for one of a first key associated with a first network node in a first network or a second key associated with a second network node in a second network; processing the request message to determine the preference indicated in the first information; and transmitting a response message to the electronic device for reusing the first key or second key, the electronic device is configured to derive a third key based on the first key or the second key as indicated in the determined preference, and the second network is able to access to the first key and the second key whereas the first network cannot access the second key.Type: GrantFiled: December 19, 2019Date of Patent: October 1, 2024Assignee: NEC CORPORATIONInventors: Sander De Kievit, Sheeba Backia Mary Baskaran, Anand Raghawa Prasad
-
Patent number: 12088571Abstract: The present application describes a method including one or more steps. One step of the method includes receiving, at a gateway including an encrypted pathway, traffic from a third party originating outside a multi-hop network intended for a client inside the network. Another step of the method includes determining, using a trained machine learning model, a probe of the received traffic attempting to obtain confidential information about the multi-hop network. Yet another step of the method includes flagging the third party based on determined probe.Type: GrantFiled: August 30, 2021Date of Patent: September 10, 2024Assignee: CACI, Inc.—FederalInventors: John A. Borak, Eric W. Hsiung, Michael J. Chen
-
Patent number: 12069473Abstract: Methods and systems for performing wireless communication are presented. In one example, a wireless peripheral device comprises a wireless transceiver configured to receive and transmit data over a primary channel, an optical sensor configured to receive data over an out-of-band channel, and one or more processors configured to: receive, via the wireless transceiver and over the primary channel, wireless signals including first key data from a second device; receive, via the optical sensor, optical signals including verification data from the second device; verify the first key data based on the verification data; and responsive to verifying the first key data based on the verification data, generate a digital security key based on the first key data, the digital security key used for following data transmission between the wireless peripheral device and the second device via the wireless transceiver.Type: GrantFiled: September 29, 2022Date of Patent: August 20, 2024Assignee: Logitech Europe S.A.Inventors: Philippe Chazot, Marc Viredaz, Jiri Holzbecher
-
Patent number: 12069168Abstract: A passive continuous variable quantum key distribution scheme, where Alice splits the output of a thermal source into two beams, measures one locally and transmits the other mode to Bob after applying attenuation. A secure key can be established based on measurements of the two beams without the use of a random number generator or an optical modulator.Type: GrantFiled: February 21, 2022Date of Patent: August 20, 2024Assignee: UT-Battelle, LLCInventors: Bing Qi, Philip G. Evans, Warren P. Grice
-
Patent number: 12061689Abstract: A provisioning system is provided for provisioning a plurality of electronic devices with provisioning data. Each of the plurality of electronic devices is associated with an electronic device type. The provisioning system includes a provisioning control apparatus, and a provisioning equipment configured to be electrically connected with at least one of the plurality of electronic devices for provisioning the at least one electronic device. The provisioning system includes a provisioning security module configured to receive the device type information from the provisioning control apparatus and to generate provisioning data on the basis of the device type information. The provisioning security module transmits the provisioning data to the provisioning equipment for provisioning the at least one electronic device with provisioning data.Type: GrantFiled: November 12, 2021Date of Patent: August 13, 2024Assignee: SECURE THINGZ LTD.Inventors: Tim Hoole, Tim Woodruff
-
Patent number: 12032718Abstract: A system for securely handling and storing customer data without enabling human access to the data receives and processes the customer data for storage where the customer data is granularly encrypting without storing a key for decryption. The granularly-encrypted customer data is transmitted over a secure network to a cloud-based data storage system that has no access to the key for decryption. The system receives a request from the customer to transmit the customer data to an external destination. The system retrieves the granularly-encrypted customer data from the cloud-based data storage system over a secure network and receives the key for decryption from the customer. The system decrypts the granularly-encrypted customer data using the key and discards the key. The system processes the customer data for transmission and transmits the customer data to the external destination over a secure network.Type: GrantFiled: January 22, 2021Date of Patent: July 9, 2024Assignee: Odaseva Technologies SASInventors: Sovane Bin, Saddek Dekoum, Raphaël Fonrouge, Francois Lopitaux
-
Patent number: 12008147Abstract: Devices, networking devices, and switches, among other things, are disclosed. An illustrative switch is disclosed to include a plurality of optical Input/Output (I/O) ports; a multi-chip module (MCM) assembly including switching circuitry and at least one chiplet that is optically coupled with one of the plurality of optical I/O ports; and a controller coupled with the at least one chiplet and configured to couple the at least one chiplet with a Quantum Key Distribution (QKD) device.Type: GrantFiled: November 5, 2021Date of Patent: June 11, 2024Assignee: MELLANOX TECHNOLOGIES, LTD.Inventors: Paraskevas Bakopoulos, Ioannis (Giannis) Patronas, Dimitris Syrivelis, Liron Mula, Aviad Levy, Elad Mentovich
-
Patent number: 11882123Abstract: Disclosed are various examples for kernel level application data protection. In one example, a security label and a list of permitted applications are received. The security label is utilized to limit access to files that embed the security label. A security label map is written within a kernel layer of the client device. The security label map includes the security label and the list of permitted applications. A secured file is generated by embedding the security label within a file stored on the client device.Type: GrantFiled: May 18, 2022Date of Patent: January 23, 2024Assignee: VMware, Inc.Inventors: Akash Pati, Shivam Srivastav, Anirudh Singh Rathore
-
Patent number: 11811948Abstract: Disclosed are methods, devices, and computer-readable media for securing data in motion and at rest in a secure memory device. In one embodiment, a memory device is disclosed comprising a storage medium and a processor, the processor configured to: receive a software image, validate a digital signature associated with the software image, write the software image to the storage medium, receive a request to launch the software image from a host processor, validate the software image, and transmit the software image to the host processor.Type: GrantFiled: April 8, 2021Date of Patent: November 7, 2023Assignee: Micron Technology, Inc.Inventor: Michael Tex Burk
-
Patent number: 11785510Abstract: A communication system is described in which user plane communication and control plane communication for a particular mobile communication device can be split between a base station that operates a small cell and a macro base station. Appropriate security for the user plane and control plane communications is safeguarded by ensuring that each base station is able to obtain or derive the correct security parameters for protecting the user plane or control plane communication for which it is responsible.Type: GrantFiled: August 19, 2022Date of Patent: October 10, 2023Assignee: NEC CORPORATIONInventor: Vivek Sharma
-
Patent number: 11778090Abstract: A system comprising: (a) a compliance server adapted to receive an audio feed of a telephone conversation; (b) an identification module adapted to ascertain IP addresses from which said audio feed originates and identify participants in said telephone conversation using said IP addresses; and (c) an analysis module adapted to ascertain a subject of said telephone conversation.Type: GrantFiled: May 28, 2020Date of Patent: October 3, 2023Inventors: Levi Yitzchak Orbach, David Schwadron
-
Patent number: 11740642Abstract: Examples of the disclosure are directed to dynamic selection of a specific location at a destination for delivery or transfer of an item. A connected speaker can communicate with an autonomous carrier using an audio signal. The audio signal can contain identifying information associated with the specific location. The autonomous carrier can complete delivery of the item at the specific location.Type: GrantFiled: September 14, 2020Date of Patent: August 29, 2023Assignee: VMware, INC.Inventor: Rohit Pradeep Shetty
-
Patent number: 11743720Abstract: A foreign wireless communication system is operated in a local communication network as if the foreign wireless communication system were a local wireless communication system. A data communication link is established between the wireless communication system and a service provider in a local wireless communication network. An outgoing request for authentication information is communicated from the wireless communication system to a remote administration system over the data communication link. The authentication information is received over the data communication link from the administration system and is transmitted over a signal link from the wireless communication system to the service provider. A requested wireless communication service is received at the wireless communication system based on authentication of the wireless communication system by the service provider using the authentication information.Type: GrantFiled: January 24, 2020Date of Patent: August 29, 2023Assignee: Simo Holdings, Inc.Inventors: Jing Liu, Richard Xu, Xiaolei Qin
-
Patent number: 11743241Abstract: A computer-implemented method includes receiving, by a transcoder, second encrypted data. The second encrypted data is data that has been encrypted in a first key to create first encrypted data that is then encrypted in a second key to create the second encrypted data. The method includes receiving the second key and decrypting the second encrypted data using the second key to obtain the first encrypted data. The method includes encrypting the first encrypted data using a third key to create third encrypted data, and sending the third encrypted data to a destination node. A computer-implemented method includes receiving, by a transcoder, a second encrypted key. The second encrypted key is a key that has been encrypted in a first key to create a first encrypted key that is then encrypted in a second key to create the second encrypted key.Type: GrantFiled: December 30, 2020Date of Patent: August 29, 2023Assignee: International Business Machines CorporationInventors: Steven Robert Hetzler, Guerney D. H. Hunt
-
Patent number: 11671248Abstract: A computer system and a method are provided for storage and distribution of encryption keys in sequence. Encryption keys, such as public keys, are provided key pointers as properties, the key pointer indicating another key, to thereby form a sequence. A current key is designated, and the sequence is advanced to a successor key indicated by the key pointer of the current key upon a predetermined succession event. The current key is transmitted upon receipt of a key request. In various embodiments, succession events can include occurrence of an expiration date, or the addition of a new key to the sequence.Type: GrantFiled: November 16, 2020Date of Patent: June 6, 2023Assignee: Wildfi Pty LtdInventor: Mark Rodney Anson
-
Patent number: 11646888Abstract: A system allows a user to store his personally identifiable information (PII) on a personal device. When a third party wants to access the user's PII (e.g., to update the PII or to retrieve the PII), a notification will be presented to the user on the personal device seeking consent to the access. The notification may inform the user as to what information is being requested and which entity is requesting the access. The requested access will be denied unless the user consents to the access. In this manner, the user is given control over the dissemination of his PII. Additionally, the system alters or adjusts the PII that is stored in third-party servers so that even if these servers are breached, the user's actual PII is not exposed.Type: GrantFiled: November 4, 2021Date of Patent: May 9, 2023Assignee: THE PRUDENTIAL INSURANCE COMPANY OF AMERICAInventors: Venkatesh Sarvottamrao Apsingekar, Sahil Vinod Motadoo, Christopher John Schille, James Francis Lavine
-
Patent number: 11632245Abstract: Techniques are described to generate a first security key when a user equipment operating in an inactive state initiates a data transmission or a procedure to resume network connection. The first security key is generated based on a second security key associated with a first network node and a counter value, and the first security key is associated with a second network node and is used to generate user plane security keys to transmit data to or to receive data from one or more network nodes.Type: GrantFiled: January 27, 2021Date of Patent: April 18, 2023Assignee: ZTE CorporationInventors: Jianxun Al, He Huang
-
Patent number: 11606197Abstract: This disclosure relates to method and system for encrypting and decrypting a facial segment in an image with a unique server key. The method includes receiving an image from one of a plurality of users. The image includes a plurality of facial segments. The method further includes, for each facial segment from the plurality of facial segments, identifying a unique user associated with the facial segment using a facial recognition algorithm, encrypting the facial segment with a unique server key, generating a protection frame, unlockable with the unique server key, to cover the facial segment, and decrypting the facial segment while rendering the image for at least one of the plurality of users upon receiving the unique server key from the at least one of the plurality of users.Type: GrantFiled: July 26, 2020Date of Patent: March 14, 2023Assignee: HCL Technologies Italy S.p.A.Inventors: Antonio Secomandi, Viviana Tripodi
-
Patent number: 11606207Abstract: A system, method, and computer program product are provided for sending and receiving messages using a noisy cryptographic system. To send a message, N secret keys are negotiated using a noisy cryptographic system, where K secret keys are expected to be noiseless. A secret polynomial that includes the N secret keys is generated, and K points on the secret polynomial are derived. For each of the N secret keys, a secret key MAC key is derived and a secret key MAC is calculated using the derived secret key MAC key. A secret key MAC header is generated that includes an array of each of the secret key MACs and possibly a corresponding public key. Message integrity plaintext is generated that includes an encrypted message, the secret key MAC header, and an array of the K points on the secret polynomial. A final message that includes the message integrity plaintext is generated for being sent.Type: GrantFiled: January 4, 2022Date of Patent: March 14, 2023Assignee: DIGITAL 14 LLCInventors: Alexander Sherkin, Milap Sheth
-
Patent number: 11546960Abstract: An electronic apparatus includes: a wireless communication unit wirelessly communicating with an external access point; and a processing unit performing communication control for the wireless communication unit. The processing unit performs uninstallation of driver software causing the wireless communication unit to operate and installation of the driver software after the uninstallation, as a self-repair and reboot, when there is an error in wireless connection with the external access point.Type: GrantFiled: March 24, 2021Date of Patent: January 3, 2023Assignee: Seiko Epson CorporationInventor: Junpei Koizumi
-
Patent number: 11522689Abstract: The present invention relates to the field of quantum communication, especially a quantum key distribution device that can be configured with multiple protocols. It uses the simplified Faraday-Michelson interference ring in combination with the intensity modulator to perform timestamp encoding in a chopping manner. The phase modulation is completed with a Sagnac ring device composed of a single-polarization phase modulator, a polarization beam splitter and a Faraday rotator, so as to achieve the purpose of composite encoding and decoding, thus realizing a quantum key distribution device which can be configured with multiple protocols and multiple decoy state schemes. This device can be compatible with multiple protocols including BB84 protocol, the reference frame-independent protocol, the six-state protocol and SARG protocol and is characterized with polarization-independent phase modulation and low system complexity.Type: GrantFiled: January 26, 2022Date of Patent: December 6, 2022Assignee: NANJING UNIVERSITY OF POSTS AND TELECOMMUNICATIONSInventors: Qin Wang, Qingqing Jiang, Huajian Ding, Chunhui Zhang, Jian Li
-
Patent number: 11516659Abstract: There is provided a method for authentication in device to device discovery. A method performed by a Discoverer device, comprises broadcasting a direct discovery request, receiving a direct discovery response from a Discoveree device, the direct discovery response comprising a first token, and the Discoverer device using the first token to verify that the Discoveree device is authorized to respond to the direct discovery request.Type: GrantFiled: June 7, 2018Date of Patent: November 29, 2022Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Vesa Lehtovirta, Karl Norrman, Monica Wifvesson
-
Patent number: 11457000Abstract: An information intermediating apparatus in an information transaction system including an information providing apparatus, an information acquiring apparatus and the information intermediating apparatus connected to a communication network, includes: a first receiver that receives second information, of first and second information necessary for restoring transaction object information, and first feature information indicating a feature of the first information; a second receiver that receives second feature information from the information acquiring apparatus, the second feature information being calculated from the first information transmitted to the information acquiring apparatus from the information providing apparatus; a feature information determination unit that determines whether an identity is present between the first feature information and the second feature information; and a transmitter that transmits the second information to the information acquiring apparatus, when the feature information dType: GrantFiled: July 15, 2019Date of Patent: September 27, 2022Assignees: DENSO CORPORATION, TOHOKU UNIVERSITYInventors: Tsuneo Nakata, Naoki Iwata, Masao Sakai, Masayuki Fukumitsu, Shingo Hasegawa, Shuji Isobe, Junya Iwazaki, Eisuke Koizumi
-
Patent number: 11432039Abstract: A method of authenticating data received from a user device by a service provider may include receiving user credentials from the user device via a secure communication channel; upon verifying the user credentials, providing to the user device via the secure channel a permission token, where the permission token includes at least a shared secret, where a data within the permission token is not observable to the user device and a shared secret data outside the data of the permission token, the shared secret data observable to the user device; and receiving a request from the user device via a non secure communication channel, where the request may include at least the permission token and a hash digest formed using at least a portion of the shared secret data.Type: GrantFiled: August 11, 2021Date of Patent: August 30, 2022Assignee: SYNAMEDIA LIMITEDInventors: Ian Bastable, Gareth Bowen
-
Patent number: 11405220Abstract: In one implementation, the disclosure provides systems and methods for generating a secure signature using a device-specific and group-specific moving target authentication protocol. According to one implementation, generating the secure signature entails determining a state of a first device in association with a select time interval. The state of the first device is defined by one or more time-variable characteristics of the first device. The device computes an output for a signing function that depends upon the determined state of the first device associated with the first time interval.Type: GrantFiled: June 25, 2020Date of Patent: August 2, 2022Assignee: SEAGATE TECHNOLOGY LLCInventors: Vipin Singh Sehrawat, Dmitriy Vassilyev
-
Patent number: 11304054Abstract: A communication method and a device, the method including obtaining, by a terminal device, a security key, where the terminal device performs the obtaining while the terminal device is in a state in which the terminal device has disconnected a radio resource control (RRC) connection from a first network device, and in which the terminal device retains context information for a context, in the first network device, of the terminal device, and sending, by the terminal device, a first message to a second network device, where the first message includes an identifier of the terminal device and at least one of encrypted uplink data or encrypted signaling, the at least one of encrypted uplink data or encrypted signaling is encrypted by using the security key, and where the second network device is different from the first network device.Type: GrantFiled: September 23, 2019Date of Patent: April 12, 2022Assignee: Huawei Technologies Co., Ltd.Inventors: Li Chai, Jian Zhang, Bingzhao Li, Wei Quan
-
Patent number: 11290848Abstract: The controller circuitry is configured to identify one of the plurality of different position assistance information for use by the terminal device to identify a position of the terminal device, and to estimate the position of the terminal device by combining the identified position assistance information with the radio signal received by the position detection receiver circuitry. The position assistance information is identified in accordance with a permission allocated to the terminal device. By providing system information which is unencrypted and other system information which is encrypted, conditional access to the position assistance information can be provided in which a lowest level of position assistance information can provide the least level of position estimation accuracy.Type: GrantFiled: November 15, 2018Date of Patent: March 29, 2022Assignee: SONY CORPORATIONInventors: Vivek Sharma, Hideji Wakabayashi, Yuxin Wei, Shinichiro Tsuda
-
Patent number: 11284322Abstract: An SeNB informs an MeNB that it can configure bearers for the given UE. At this time, the MeNB manages the DRB status, and then sends a key S-KeNB to the SeNB. The MeNB also sends a KSI for the S-KeNB to both of the UE and the SeNB. After this procedure, the MeNB informs an EPC (MME and S-GW) about the new bearer configured at the SeNB, such that the S-GW 50 can start offloading the bearer(s) to the SeNB 30. Prior to the offloading, the EPC network entity (MME or S-GW) performs verification that: 1) whether the request is coming from authenticated source (MeNB); and 2) whether the SeNB is a valid eNB to which the traffic can be offload.Type: GrantFiled: May 16, 2019Date of Patent: March 22, 2022Assignee: NEC CORPORATIONInventors: Xiaowei Zhang, Anand Raghawa Prasad
-
Patent number: 11271739Abstract: A system, method, and computer program product are provided for sending and receiving messages using a noisy cryptographic system. To send a message, N secret keys are negotiated using a noisy cryptographic system, where K secret keys are expected to be noiseless. A secret polynomial that includes the N secret keys is generated, and K points on the secret polynomial are derived. For each of the N secret keys, a secret key MAC key is derived and a secret key MAC is calculated using the derived secret key MAC key. A secret key MAC header is generated that includes an array of each of the secret key MACs and possibly a corresponding public key. Message integrity plaintext is generated that includes an encrypted message, the secret key MAC header, and an array of the K points on the secret polynomial. A final message that includes the message integrity plaintext is generated for being sent.Type: GrantFiled: June 25, 2020Date of Patent: March 8, 2022Assignee: DIGITAL 14 LLCInventors: Alexander Sherkin, Milap Sheth
-
Patent number: 11258611Abstract: Electronically signed data is persistently stored in data storage. After the passage of time, the data may be accessed and presented to a trusted entity for verification of the data. The trusted entity may have access to secret information used to sign the data. The trusted entity may use the secret information to verify an electronic signature of the data. One or more actions may be taken based at least in part on a response provided by the verification system.Type: GrantFiled: January 11, 2019Date of Patent: February 22, 2022Assignee: Amazon Technologies, Inc.Inventors: Benjamin Elias Seidenberg, Gregory Branchek Roth, Benjamin Tillman Farley
-
Patent number: 11234128Abstract: A Method and a system for managing undesired service requests sent from at least one terminal to a network are described, wherein the network comprises a network node for storing trusted service-information. The method comprises the steps of: the network receiving a service request from a terminal, the request comprising service request information; and, sending, preferably via a secure communication channel, a user verification request for requesting the user to verify the service requested by the terminal if at least part of the service request information is not listed in the trusted service-information.Type: GrantFiled: February 6, 2017Date of Patent: January 25, 2022Assignees: Koninklijke KPN N.V., Nederlandse Organisatie voor Toegepast- Natuurwetenschappelijk Onderzoek TNOInventors: Jeroen Laarakkers, Frank Muller, Tim Hartog
-
Patent number: 11228438Abstract: A security device providing a security function for an image, a camera device including the same, and a system on chip (SOC) for controlling the camera device are provided. An image transmitting device may include an image processor configured to process an image to be transmitted to an external device, and a security circuit including a key shared with the external device. The security circuit may be configured to generate a tag used for image authentication by using data of a partial region of the image and the key based on region information for selecting the partial region of the image. The image transmitting device may be configured to transmit the tag, generated to correspond to the image, to the external device with data of the image.Type: GrantFiled: September 28, 2018Date of Patent: January 18, 2022Assignee: SAMSUNG ELECTRONICS CO., LTD.Inventors: Jong-hoon Shin, Ki-seok Bae, Hong-mook Choi, Ji-su Kang, Jae-hyeok Kim, Hye-soo Lee, Hyo-sun Hwang
-
Patent number: 11196547Abstract: A lifecycle management method, system, and computer program product include establishing a public key infrastructure (PKI) for end-to-end encryption of control plane and data plane communications by providing encryption between arbitrary components for applicant execution where an interaction pattern is isolated, secure, and a multi-tenant environment.Type: GrantFiled: March 20, 2019Date of Patent: December 7, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Jayaram Kallapalayam Radhakrishnan, Vinod Muthusamy, Vatche Isahagian, Scott Boag, Benjamin Herta, Atin Sood
-
Patent number: 11176239Abstract: Embodiments as disclosed herein may provide systems and methods for component integration and security. In particular, in one embodiment, a native component that presents a network based interface may be on a device, where that native component may expose a network based interface for access by other components. This native component can then be accessed through the network based interface. To address security concerns and other issues, the native component may be configured to determine if a received request is associated with the same user space and only respond to requests originating from the same user space.Type: GrantFiled: October 3, 2019Date of Patent: November 16, 2021Assignee: Open Text SA ULCInventors: Jonathan Carroll, Michel Gagnon, Gregory Pekofsky, Khanh Tuan Vu
-
Patent number: 11082844Abstract: A method performed by a network server is provided for authentication and key management for a terminal device in a wireless communication network. The method includes authenticating the terminal device during a primary authentication session for the terminal device. The method further includes responsive to a successful authentication of the terminal device, obtaining a first key. The method further includes generating bootstrapping security parameters. The parameters include a second key derived from the first key and a temporary identifier. The temporary identifier identifies the terminal device and the bootstrapping security parameters.Type: GrantFiled: January 26, 2021Date of Patent: August 3, 2021Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Noamen Ben Henda, Helena Vahidi Mazinani, Vesa Lehtovirta
-
Patent number: 11068611Abstract: The disclosed computer-implemented method for preventing data loss from data containers may include (1) identifying, at a computing device, a process running in a data container on the computing device, (2) intercepting an attempt by the process to exfiltrate information from the computing device via at least one of a file system operation or a network operation, and (3) performing a security action to prevent the intercepted attempt. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: July 31, 2018Date of Patent: July 20, 2021Assignee: CA, Inc.Inventor: Sumit Sarin
-
Patent number: 10999068Abstract: An authentication method for a QKD process includes: a sender selects a basis for preparing authentication information according to an algorithm in an algorithms library, and respectively applies different wavelengths to send quantum states of control information and data information according to a preset information format; a receiver filters the received quantum states, employs a basis of measurement corresponding to the algorithm to measure the authentication information quantum state, sends reverse authentication information when the measurement result is in line with the algorithm, and terminates the distribution process otherwise. In addition, the sender terminates the distribution process when its local authentication information is inconsistent with the reverse authentication information.Type: GrantFiled: June 3, 2019Date of Patent: May 4, 2021Assignee: Alibaba Group Holding LimitedInventor: Yingfang Fu
-
Patent number: 10960314Abstract: The present disclosure relates to processing operations configured to efficiently enable a client and a server to establish secure communication upon initial connection between the client and the server. Upon initial connection to with the server, the client provides an encrypted token which serves as both proof of authentication/identity and provides, in the encrypted token, an encryption key that the server can utilize to initiate secure communication with the client. The server is able to trust the encrypted token and the encryption key because the encrypted token is signed and encrypted by an authentication service that has a trusted relationship with the server and because the authentication service has pre-shared decryption and signature verification keys with the server. The server utilizes the encrypted key to secure communications with the client without requiring additional processing to lookup client identity or any further intervention from the authentication service.Type: GrantFiled: July 12, 2019Date of Patent: March 30, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Kyle Schouviller, Scott Guest
-
Patent number: 10938556Abstract: A method of sharing of a reference key (AppKey) between a connected object and at least one server. The method includes the object applying a function (f) to at least one datum (DevEUI, AppEUI, DevNonce) and to a key (KSE) specific to a secure element of the object to generate the reference key, transmitting to the server a join request of the object to a network of connected objects, which include the datum, and the key (KSE) of the secure element not being transmitted to the server. The method further includes obtaining, by the server, of the key (KSE) of the secure element on the basis of the request, the server applying the function (f) to the datum and to the key (KSE) obtained by the server, so as to obtain the reference key.Type: GrantFiled: November 30, 2018Date of Patent: March 2, 2021Assignee: IDEMIA IDENTITY & SECURITY FRANCEInventors: Julien Bringer, Vincent Bouatou
-
Patent number: 10902137Abstract: This application relates to a technique that enables a software application to perform an operation on a file stored on a file system, while enforcing privacy measures. The technique includes receiving, from a file browser, a selection of file made accessible by a file access service. The file access service is associated with the file system storing the file. The file browser executes in a mode that prevents the software application from identifying content displayed within the file browser. The technique also includes, provided the software application is authorized to access the file, communicating a first list of operations for receipt by the software application, in which the software application selects a first subset of operations, to perform on the file. Furthermore, the technique includes establishing, to perform the first subset of operations on the file, a first direct communication link between the software application and the file access service.Type: GrantFiled: November 3, 2017Date of Patent: January 26, 2021Assignee: Apple Inc.Inventors: Jean-Gabriel Morard, Anthony S. Parker, Rony Fadel, Kevin S. Perry
-
Patent number: 10902392Abstract: An improved financial terminal automatically reconfigures into different financial processing terminal types. In one embodiment, the terminal comprises a housing; a card reader configured to accept at least a portion of a card having an integrated circuit; at least one display; at least one processor; and at least one memory configured to store machine readable code, the machine readable code comprising a first kernel corresponding to a first transaction type and a second kernel corresponding to a second transaction type.Type: GrantFiled: November 19, 2019Date of Patent: January 26, 2021Assignee: Everi Payments Inc.Inventors: Timothy Richards, Dale Baltzell, Brian T. Sullivan
-
Patent number: 10896413Abstract: Methods, systems and apparatus are provided for facilitating financial transactions using an IC type financial card via a terminal. A user is provided a list of transaction types, such as PIN-based, signature-based, etc., and a requested transaction is processed via a first selected transaction type. If the transaction is unsuccessful, the terminal automatically presents a list of remaining available transaction types from which the user may select and the transaction is processed by the next selected transaction type. If the transaction is successful, funds are provided to the user, such as in the form of currency/coins or funds transfer.Type: GrantFiled: April 12, 2019Date of Patent: January 19, 2021Assignee: Everi Payments Inc.Inventors: Timothy Richards, Dale Baltzell, Brian T. Sullivan
-
Patent number: 10860744Abstract: A system and method of downloading firmware into an embedded device while maintaining the integrity and confidentiality of the firmware is disclosed. In one embodiment, the process comprises four phases. In the first phase, unauthenticated content is written into the memory of the embedded device. In the second phase, this content is verified. In the third step, a secure connection is established between the host and the embedded device. In the fourth step, the firmware is loaded into the embedded device using this secure connection. The firmware is encrypted as it is transferred from the host to the embedded device and is never accessible outside of the embedded device.Type: GrantFiled: November 20, 2018Date of Patent: December 8, 2020Assignee: Silicon Laboratories, Inc.Inventor: Joshua Jay Norem
-
Patent number: 10812252Abstract: In aspects of string matching in encrypted data, a computing device stores homomorphic encrypted data as a dataset, and implements a string matching application that receives an encrypted query string as a query of the homomorphic encrypted data. The string matching application can then apply algorithms to perform addition and multiplication operations, and determine whether there are matching strings of the encrypted query string in the dataset. The string matching application can compute, for each row of the dataset, a sum of some function of dataset bits and query bits for a row result, and multiply the row results of the computed rows to determine matching strings. Alternatively, the string matching application can compute, for each row of the dataset, a product over some function of the dataset bits and the query bits for a row result, and add the row results of the computed rows to determine matching strings.Type: GrantFiled: June 22, 2017Date of Patent: October 20, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Kim Henry Martin Laine, Hao Chen, Gizem S. Cetin, Yuhou Xia, Peter B. Rindal, Kristin Estella Lauter
-
Patent number: 10742413Abstract: Embodiments of the present invention may provide the capability for performing public-key encryption with proofs of plaintext knowledge using a lattice-based scheme that provides improved efficiency over conventional techniques. For example, in an embodiment, a computer-implemented method of verifying encryption may comprise generating a ciphertext, derived from a plaintext, via an encryption scheme, proving validity of the ciphertext, wherein the proof includes at least one challenge value, and using a decryption procedure that recovers a plaintext by choosing at least one additional challenge value at random from a challenge space.Type: GrantFiled: April 25, 2017Date of Patent: August 11, 2020Assignee: International Business Machines CorporationInventors: Vadim Lyubashevsky, Gregory Neven
-
Patent number: 10721064Abstract: Various embodiments relate to a key protocol exchange that provide a simple but still secure key exchange protocol. Security of key exchange protocols has many aspects; providing and proving all these properties gets harder with more complex protocols. These security properties may include: perfect forward secrecy; forward deniability; key compromise impersonation resistance; security against unknown key share attack; explicit or implicit authentication; key confirmation; protocol is (session-)key independent; key separation (different keys for encryption and MACing); extendable, e.g. against DOS attacks . . . (e.g. using cookies, . . . ); support of early messages; small communication footprint; and support of for public-key and/or password authentication.Type: GrantFiled: May 30, 2018Date of Patent: July 21, 2020Assignee: NXP B.V.Inventor: Bjorn Fay
-
Patent number: RE48643Abstract: Using the same mathematical principle of paring with errors, which can be viewed as an extension of the idea of the LWE problem, this invention gives constructions of a new key exchanges system, a new key distribution system and a new identity-based encryption system. These new systems are efficient and have very strong security property including provable security and resistance to quantum computer attacks.Type: GrantFiled: November 8, 2019Date of Patent: July 13, 2021Inventor: Jintai Ding
-
Patent number: RE48644Abstract: Using the same mathematical principle of paring with errors, which can be viewed as an extension of the idea of the LWE problem, this invention gives constructions of a new key exchanges system, a new key distribution system and a new identity-based encryption system. These new systems are efficient and have very strong security property including provable security and resistance to quantum computer attacks.Type: GrantFiled: November 21, 2019Date of Patent: July 13, 2021Inventor: Jintai Ding