User-to-user Key Distributed Over Data Link (i.e., No Center) Patents (Class 380/283)
  • Patent number: 12197614
    Abstract: The present disclosure is directed to a stateless system to enable data breach lookup. The stateless system may include an infrastructure device and a user device. In some aspects, the infrastructure device and the user device may determine whether the private data associated with the user device has been compromised due to a breach. The infrastructure device and/or the user device may utilize a critical combination of one or more of fast hashing algorithms, slow hashing algorithms, secret keys, and salt values to conduct the data breach lookup. In this way, the data breach lookup may be conducted without the user device communicating the private data externally. Various other aspects are contemplated.
    Type: Grant
    Filed: April 13, 2024
    Date of Patent: January 14, 2025
    Assignee: UAB 360 IT
    Inventors: Vakaris Noreika, Gerrit Stefan Garbereder
  • Patent number: 12132829
    Abstract: There is herein disclosed a method of communication between a client pair, the client pair including an upstream client and a downstream client, the method being performed over a first optical fiber in an optical fiber pair and including: transmitting a downstream DWDM signal over the first optical fiber, wherein the downstream DWDM signal has a first frequency and contains first data originating from the upstream client, transmitting an upstream DWDM signal over the first optical fiber, wherein the upstream DWDM signal has a second frequency and contains second data originating from the downstream client, wherein the first frequency is different to the second frequency, and performing Quantum Key Distribution over the second optical fiber of the optical fiber pair.
    Type: Grant
    Filed: August 18, 2020
    Date of Patent: October 29, 2024
    Assignee: British Telecommunications Public Limited Company
    Inventor: Andrew Lord
  • Patent number: 12107950
    Abstract: The present disclosure relates to method of enabling key re-usage for an electronic device. The method comprising: receiving a request message from the electronic device, wherein the request message comprises a first information being indicative of a preference for one of a first key associated with a first network node in a first network or a second key associated with a second network node in a second network; processing the request message to determine the preference indicated in the first information; and transmitting a response message to the electronic device for reusing the first key or second key, the electronic device is configured to derive a third key based on the first key or the second key as indicated in the determined preference, and the second network is able to access to the first key and the second key whereas the first network cannot access the second key.
    Type: Grant
    Filed: December 19, 2019
    Date of Patent: October 1, 2024
    Assignee: NEC CORPORATION
    Inventors: Sander De Kievit, Sheeba Backia Mary Baskaran, Anand Raghawa Prasad
  • Patent number: 12088571
    Abstract: The present application describes a method including one or more steps. One step of the method includes receiving, at a gateway including an encrypted pathway, traffic from a third party originating outside a multi-hop network intended for a client inside the network. Another step of the method includes determining, using a trained machine learning model, a probe of the received traffic attempting to obtain confidential information about the multi-hop network. Yet another step of the method includes flagging the third party based on determined probe.
    Type: Grant
    Filed: August 30, 2021
    Date of Patent: September 10, 2024
    Assignee: CACI, Inc.—Federal
    Inventors: John A. Borak, Eric W. Hsiung, Michael J. Chen
  • Patent number: 12069473
    Abstract: Methods and systems for performing wireless communication are presented. In one example, a wireless peripheral device comprises a wireless transceiver configured to receive and transmit data over a primary channel, an optical sensor configured to receive data over an out-of-band channel, and one or more processors configured to: receive, via the wireless transceiver and over the primary channel, wireless signals including first key data from a second device; receive, via the optical sensor, optical signals including verification data from the second device; verify the first key data based on the verification data; and responsive to verifying the first key data based on the verification data, generate a digital security key based on the first key data, the digital security key used for following data transmission between the wireless peripheral device and the second device via the wireless transceiver.
    Type: Grant
    Filed: September 29, 2022
    Date of Patent: August 20, 2024
    Assignee: Logitech Europe S.A.
    Inventors: Philippe Chazot, Marc Viredaz, Jiri Holzbecher
  • Patent number: 12069168
    Abstract: A passive continuous variable quantum key distribution scheme, where Alice splits the output of a thermal source into two beams, measures one locally and transmits the other mode to Bob after applying attenuation. A secure key can be established based on measurements of the two beams without the use of a random number generator or an optical modulator.
    Type: Grant
    Filed: February 21, 2022
    Date of Patent: August 20, 2024
    Assignee: UT-Battelle, LLC
    Inventors: Bing Qi, Philip G. Evans, Warren P. Grice
  • Patent number: 12061689
    Abstract: A provisioning system is provided for provisioning a plurality of electronic devices with provisioning data. Each of the plurality of electronic devices is associated with an electronic device type. The provisioning system includes a provisioning control apparatus, and a provisioning equipment configured to be electrically connected with at least one of the plurality of electronic devices for provisioning the at least one electronic device. The provisioning system includes a provisioning security module configured to receive the device type information from the provisioning control apparatus and to generate provisioning data on the basis of the device type information. The provisioning security module transmits the provisioning data to the provisioning equipment for provisioning the at least one electronic device with provisioning data.
    Type: Grant
    Filed: November 12, 2021
    Date of Patent: August 13, 2024
    Assignee: SECURE THINGZ LTD.
    Inventors: Tim Hoole, Tim Woodruff
  • Patent number: 12032718
    Abstract: A system for securely handling and storing customer data without enabling human access to the data receives and processes the customer data for storage where the customer data is granularly encrypting without storing a key for decryption. The granularly-encrypted customer data is transmitted over a secure network to a cloud-based data storage system that has no access to the key for decryption. The system receives a request from the customer to transmit the customer data to an external destination. The system retrieves the granularly-encrypted customer data from the cloud-based data storage system over a secure network and receives the key for decryption from the customer. The system decrypts the granularly-encrypted customer data using the key and discards the key. The system processes the customer data for transmission and transmits the customer data to the external destination over a secure network.
    Type: Grant
    Filed: January 22, 2021
    Date of Patent: July 9, 2024
    Assignee: Odaseva Technologies SAS
    Inventors: Sovane Bin, Saddek Dekoum, Raphaël Fonrouge, Francois Lopitaux
  • Patent number: 12008147
    Abstract: Devices, networking devices, and switches, among other things, are disclosed. An illustrative switch is disclosed to include a plurality of optical Input/Output (I/O) ports; a multi-chip module (MCM) assembly including switching circuitry and at least one chiplet that is optically coupled with one of the plurality of optical I/O ports; and a controller coupled with the at least one chiplet and configured to couple the at least one chiplet with a Quantum Key Distribution (QKD) device.
    Type: Grant
    Filed: November 5, 2021
    Date of Patent: June 11, 2024
    Assignee: MELLANOX TECHNOLOGIES, LTD.
    Inventors: Paraskevas Bakopoulos, Ioannis (Giannis) Patronas, Dimitris Syrivelis, Liron Mula, Aviad Levy, Elad Mentovich
  • Patent number: 11882123
    Abstract: Disclosed are various examples for kernel level application data protection. In one example, a security label and a list of permitted applications are received. The security label is utilized to limit access to files that embed the security label. A security label map is written within a kernel layer of the client device. The security label map includes the security label and the list of permitted applications. A secured file is generated by embedding the security label within a file stored on the client device.
    Type: Grant
    Filed: May 18, 2022
    Date of Patent: January 23, 2024
    Assignee: VMware, Inc.
    Inventors: Akash Pati, Shivam Srivastav, Anirudh Singh Rathore
  • Patent number: 11811948
    Abstract: Disclosed are methods, devices, and computer-readable media for securing data in motion and at rest in a secure memory device. In one embodiment, a memory device is disclosed comprising a storage medium and a processor, the processor configured to: receive a software image, validate a digital signature associated with the software image, write the software image to the storage medium, receive a request to launch the software image from a host processor, validate the software image, and transmit the software image to the host processor.
    Type: Grant
    Filed: April 8, 2021
    Date of Patent: November 7, 2023
    Assignee: Micron Technology, Inc.
    Inventor: Michael Tex Burk
  • Patent number: 11785510
    Abstract: A communication system is described in which user plane communication and control plane communication for a particular mobile communication device can be split between a base station that operates a small cell and a macro base station. Appropriate security for the user plane and control plane communications is safeguarded by ensuring that each base station is able to obtain or derive the correct security parameters for protecting the user plane or control plane communication for which it is responsible.
    Type: Grant
    Filed: August 19, 2022
    Date of Patent: October 10, 2023
    Assignee: NEC CORPORATION
    Inventor: Vivek Sharma
  • Patent number: 11778090
    Abstract: A system comprising: (a) a compliance server adapted to receive an audio feed of a telephone conversation; (b) an identification module adapted to ascertain IP addresses from which said audio feed originates and identify participants in said telephone conversation using said IP addresses; and (c) an analysis module adapted to ascertain a subject of said telephone conversation.
    Type: Grant
    Filed: May 28, 2020
    Date of Patent: October 3, 2023
    Inventors: Levi Yitzchak Orbach, David Schwadron
  • Patent number: 11740642
    Abstract: Examples of the disclosure are directed to dynamic selection of a specific location at a destination for delivery or transfer of an item. A connected speaker can communicate with an autonomous carrier using an audio signal. The audio signal can contain identifying information associated with the specific location. The autonomous carrier can complete delivery of the item at the specific location.
    Type: Grant
    Filed: September 14, 2020
    Date of Patent: August 29, 2023
    Assignee: VMware, INC.
    Inventor: Rohit Pradeep Shetty
  • Patent number: 11743720
    Abstract: A foreign wireless communication system is operated in a local communication network as if the foreign wireless communication system were a local wireless communication system. A data communication link is established between the wireless communication system and a service provider in a local wireless communication network. An outgoing request for authentication information is communicated from the wireless communication system to a remote administration system over the data communication link. The authentication information is received over the data communication link from the administration system and is transmitted over a signal link from the wireless communication system to the service provider. A requested wireless communication service is received at the wireless communication system based on authentication of the wireless communication system by the service provider using the authentication information.
    Type: Grant
    Filed: January 24, 2020
    Date of Patent: August 29, 2023
    Assignee: Simo Holdings, Inc.
    Inventors: Jing Liu, Richard Xu, Xiaolei Qin
  • Patent number: 11743241
    Abstract: A computer-implemented method includes receiving, by a transcoder, second encrypted data. The second encrypted data is data that has been encrypted in a first key to create first encrypted data that is then encrypted in a second key to create the second encrypted data. The method includes receiving the second key and decrypting the second encrypted data using the second key to obtain the first encrypted data. The method includes encrypting the first encrypted data using a third key to create third encrypted data, and sending the third encrypted data to a destination node. A computer-implemented method includes receiving, by a transcoder, a second encrypted key. The second encrypted key is a key that has been encrypted in a first key to create a first encrypted key that is then encrypted in a second key to create the second encrypted key.
    Type: Grant
    Filed: December 30, 2020
    Date of Patent: August 29, 2023
    Assignee: International Business Machines Corporation
    Inventors: Steven Robert Hetzler, Guerney D. H. Hunt
  • Patent number: 11671248
    Abstract: A computer system and a method are provided for storage and distribution of encryption keys in sequence. Encryption keys, such as public keys, are provided key pointers as properties, the key pointer indicating another key, to thereby form a sequence. A current key is designated, and the sequence is advanced to a successor key indicated by the key pointer of the current key upon a predetermined succession event. The current key is transmitted upon receipt of a key request. In various embodiments, succession events can include occurrence of an expiration date, or the addition of a new key to the sequence.
    Type: Grant
    Filed: November 16, 2020
    Date of Patent: June 6, 2023
    Assignee: Wildfi Pty Ltd
    Inventor: Mark Rodney Anson
  • Patent number: 11646888
    Abstract: A system allows a user to store his personally identifiable information (PII) on a personal device. When a third party wants to access the user's PII (e.g., to update the PII or to retrieve the PII), a notification will be presented to the user on the personal device seeking consent to the access. The notification may inform the user as to what information is being requested and which entity is requesting the access. The requested access will be denied unless the user consents to the access. In this manner, the user is given control over the dissemination of his PII. Additionally, the system alters or adjusts the PII that is stored in third-party servers so that even if these servers are breached, the user's actual PII is not exposed.
    Type: Grant
    Filed: November 4, 2021
    Date of Patent: May 9, 2023
    Assignee: THE PRUDENTIAL INSURANCE COMPANY OF AMERICA
    Inventors: Venkatesh Sarvottamrao Apsingekar, Sahil Vinod Motadoo, Christopher John Schille, James Francis Lavine
  • Patent number: 11632245
    Abstract: Techniques are described to generate a first security key when a user equipment operating in an inactive state initiates a data transmission or a procedure to resume network connection. The first security key is generated based on a second security key associated with a first network node and a counter value, and the first security key is associated with a second network node and is used to generate user plane security keys to transmit data to or to receive data from one or more network nodes.
    Type: Grant
    Filed: January 27, 2021
    Date of Patent: April 18, 2023
    Assignee: ZTE Corporation
    Inventors: Jianxun Al, He Huang
  • Patent number: 11606197
    Abstract: This disclosure relates to method and system for encrypting and decrypting a facial segment in an image with a unique server key. The method includes receiving an image from one of a plurality of users. The image includes a plurality of facial segments. The method further includes, for each facial segment from the plurality of facial segments, identifying a unique user associated with the facial segment using a facial recognition algorithm, encrypting the facial segment with a unique server key, generating a protection frame, unlockable with the unique server key, to cover the facial segment, and decrypting the facial segment while rendering the image for at least one of the plurality of users upon receiving the unique server key from the at least one of the plurality of users.
    Type: Grant
    Filed: July 26, 2020
    Date of Patent: March 14, 2023
    Assignee: HCL Technologies Italy S.p.A.
    Inventors: Antonio Secomandi, Viviana Tripodi
  • Patent number: 11606207
    Abstract: A system, method, and computer program product are provided for sending and receiving messages using a noisy cryptographic system. To send a message, N secret keys are negotiated using a noisy cryptographic system, where K secret keys are expected to be noiseless. A secret polynomial that includes the N secret keys is generated, and K points on the secret polynomial are derived. For each of the N secret keys, a secret key MAC key is derived and a secret key MAC is calculated using the derived secret key MAC key. A secret key MAC header is generated that includes an array of each of the secret key MACs and possibly a corresponding public key. Message integrity plaintext is generated that includes an encrypted message, the secret key MAC header, and an array of the K points on the secret polynomial. A final message that includes the message integrity plaintext is generated for being sent.
    Type: Grant
    Filed: January 4, 2022
    Date of Patent: March 14, 2023
    Assignee: DIGITAL 14 LLC
    Inventors: Alexander Sherkin, Milap Sheth
  • Patent number: 11546960
    Abstract: An electronic apparatus includes: a wireless communication unit wirelessly communicating with an external access point; and a processing unit performing communication control for the wireless communication unit. The processing unit performs uninstallation of driver software causing the wireless communication unit to operate and installation of the driver software after the uninstallation, as a self-repair and reboot, when there is an error in wireless connection with the external access point.
    Type: Grant
    Filed: March 24, 2021
    Date of Patent: January 3, 2023
    Assignee: Seiko Epson Corporation
    Inventor: Junpei Koizumi
  • Patent number: 11522689
    Abstract: The present invention relates to the field of quantum communication, especially a quantum key distribution device that can be configured with multiple protocols. It uses the simplified Faraday-Michelson interference ring in combination with the intensity modulator to perform timestamp encoding in a chopping manner. The phase modulation is completed with a Sagnac ring device composed of a single-polarization phase modulator, a polarization beam splitter and a Faraday rotator, so as to achieve the purpose of composite encoding and decoding, thus realizing a quantum key distribution device which can be configured with multiple protocols and multiple decoy state schemes. This device can be compatible with multiple protocols including BB84 protocol, the reference frame-independent protocol, the six-state protocol and SARG protocol and is characterized with polarization-independent phase modulation and low system complexity.
    Type: Grant
    Filed: January 26, 2022
    Date of Patent: December 6, 2022
    Assignee: NANJING UNIVERSITY OF POSTS AND TELECOMMUNICATIONS
    Inventors: Qin Wang, Qingqing Jiang, Huajian Ding, Chunhui Zhang, Jian Li
  • Patent number: 11516659
    Abstract: There is provided a method for authentication in device to device discovery. A method performed by a Discoverer device, comprises broadcasting a direct discovery request, receiving a direct discovery response from a Discoveree device, the direct discovery response comprising a first token, and the Discoverer device using the first token to verify that the Discoveree device is authorized to respond to the direct discovery request.
    Type: Grant
    Filed: June 7, 2018
    Date of Patent: November 29, 2022
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Vesa Lehtovirta, Karl Norrman, Monica Wifvesson
  • Patent number: 11457000
    Abstract: An information intermediating apparatus in an information transaction system including an information providing apparatus, an information acquiring apparatus and the information intermediating apparatus connected to a communication network, includes: a first receiver that receives second information, of first and second information necessary for restoring transaction object information, and first feature information indicating a feature of the first information; a second receiver that receives second feature information from the information acquiring apparatus, the second feature information being calculated from the first information transmitted to the information acquiring apparatus from the information providing apparatus; a feature information determination unit that determines whether an identity is present between the first feature information and the second feature information; and a transmitter that transmits the second information to the information acquiring apparatus, when the feature information d
    Type: Grant
    Filed: July 15, 2019
    Date of Patent: September 27, 2022
    Assignees: DENSO CORPORATION, TOHOKU UNIVERSITY
    Inventors: Tsuneo Nakata, Naoki Iwata, Masao Sakai, Masayuki Fukumitsu, Shingo Hasegawa, Shuji Isobe, Junya Iwazaki, Eisuke Koizumi
  • Patent number: 11432039
    Abstract: A method of authenticating data received from a user device by a service provider may include receiving user credentials from the user device via a secure communication channel; upon verifying the user credentials, providing to the user device via the secure channel a permission token, where the permission token includes at least a shared secret, where a data within the permission token is not observable to the user device and a shared secret data outside the data of the permission token, the shared secret data observable to the user device; and receiving a request from the user device via a non secure communication channel, where the request may include at least the permission token and a hash digest formed using at least a portion of the shared secret data.
    Type: Grant
    Filed: August 11, 2021
    Date of Patent: August 30, 2022
    Assignee: SYNAMEDIA LIMITED
    Inventors: Ian Bastable, Gareth Bowen
  • Patent number: 11405220
    Abstract: In one implementation, the disclosure provides systems and methods for generating a secure signature using a device-specific and group-specific moving target authentication protocol. According to one implementation, generating the secure signature entails determining a state of a first device in association with a select time interval. The state of the first device is defined by one or more time-variable characteristics of the first device. The device computes an output for a signing function that depends upon the determined state of the first device associated with the first time interval.
    Type: Grant
    Filed: June 25, 2020
    Date of Patent: August 2, 2022
    Assignee: SEAGATE TECHNOLOGY LLC
    Inventors: Vipin Singh Sehrawat, Dmitriy Vassilyev
  • Patent number: 11304054
    Abstract: A communication method and a device, the method including obtaining, by a terminal device, a security key, where the terminal device performs the obtaining while the terminal device is in a state in which the terminal device has disconnected a radio resource control (RRC) connection from a first network device, and in which the terminal device retains context information for a context, in the first network device, of the terminal device, and sending, by the terminal device, a first message to a second network device, where the first message includes an identifier of the terminal device and at least one of encrypted uplink data or encrypted signaling, the at least one of encrypted uplink data or encrypted signaling is encrypted by using the security key, and where the second network device is different from the first network device.
    Type: Grant
    Filed: September 23, 2019
    Date of Patent: April 12, 2022
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Li Chai, Jian Zhang, Bingzhao Li, Wei Quan
  • Patent number: 11290848
    Abstract: The controller circuitry is configured to identify one of the plurality of different position assistance information for use by the terminal device to identify a position of the terminal device, and to estimate the position of the terminal device by combining the identified position assistance information with the radio signal received by the position detection receiver circuitry. The position assistance information is identified in accordance with a permission allocated to the terminal device. By providing system information which is unencrypted and other system information which is encrypted, conditional access to the position assistance information can be provided in which a lowest level of position assistance information can provide the least level of position estimation accuracy.
    Type: Grant
    Filed: November 15, 2018
    Date of Patent: March 29, 2022
    Assignee: SONY CORPORATION
    Inventors: Vivek Sharma, Hideji Wakabayashi, Yuxin Wei, Shinichiro Tsuda
  • Patent number: 11284322
    Abstract: An SeNB informs an MeNB that it can configure bearers for the given UE. At this time, the MeNB manages the DRB status, and then sends a key S-KeNB to the SeNB. The MeNB also sends a KSI for the S-KeNB to both of the UE and the SeNB. After this procedure, the MeNB informs an EPC (MME and S-GW) about the new bearer configured at the SeNB, such that the S-GW 50 can start offloading the bearer(s) to the SeNB 30. Prior to the offloading, the EPC network entity (MME or S-GW) performs verification that: 1) whether the request is coming from authenticated source (MeNB); and 2) whether the SeNB is a valid eNB to which the traffic can be offload.
    Type: Grant
    Filed: May 16, 2019
    Date of Patent: March 22, 2022
    Assignee: NEC CORPORATION
    Inventors: Xiaowei Zhang, Anand Raghawa Prasad
  • Patent number: 11271739
    Abstract: A system, method, and computer program product are provided for sending and receiving messages using a noisy cryptographic system. To send a message, N secret keys are negotiated using a noisy cryptographic system, where K secret keys are expected to be noiseless. A secret polynomial that includes the N secret keys is generated, and K points on the secret polynomial are derived. For each of the N secret keys, a secret key MAC key is derived and a secret key MAC is calculated using the derived secret key MAC key. A secret key MAC header is generated that includes an array of each of the secret key MACs and possibly a corresponding public key. Message integrity plaintext is generated that includes an encrypted message, the secret key MAC header, and an array of the K points on the secret polynomial. A final message that includes the message integrity plaintext is generated for being sent.
    Type: Grant
    Filed: June 25, 2020
    Date of Patent: March 8, 2022
    Assignee: DIGITAL 14 LLC
    Inventors: Alexander Sherkin, Milap Sheth
  • Patent number: 11258611
    Abstract: Electronically signed data is persistently stored in data storage. After the passage of time, the data may be accessed and presented to a trusted entity for verification of the data. The trusted entity may have access to secret information used to sign the data. The trusted entity may use the secret information to verify an electronic signature of the data. One or more actions may be taken based at least in part on a response provided by the verification system.
    Type: Grant
    Filed: January 11, 2019
    Date of Patent: February 22, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Benjamin Elias Seidenberg, Gregory Branchek Roth, Benjamin Tillman Farley
  • Patent number: 11234128
    Abstract: A Method and a system for managing undesired service requests sent from at least one terminal to a network are described, wherein the network comprises a network node for storing trusted service-information. The method comprises the steps of: the network receiving a service request from a terminal, the request comprising service request information; and, sending, preferably via a secure communication channel, a user verification request for requesting the user to verify the service requested by the terminal if at least part of the service request information is not listed in the trusted service-information.
    Type: Grant
    Filed: February 6, 2017
    Date of Patent: January 25, 2022
    Assignees: Koninklijke KPN N.V., Nederlandse Organisatie voor Toegepast- Natuurwetenschappelijk Onderzoek TNO
    Inventors: Jeroen Laarakkers, Frank Muller, Tim Hartog
  • Patent number: 11228438
    Abstract: A security device providing a security function for an image, a camera device including the same, and a system on chip (SOC) for controlling the camera device are provided. An image transmitting device may include an image processor configured to process an image to be transmitted to an external device, and a security circuit including a key shared with the external device. The security circuit may be configured to generate a tag used for image authentication by using data of a partial region of the image and the key based on region information for selecting the partial region of the image. The image transmitting device may be configured to transmit the tag, generated to correspond to the image, to the external device with data of the image.
    Type: Grant
    Filed: September 28, 2018
    Date of Patent: January 18, 2022
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Jong-hoon Shin, Ki-seok Bae, Hong-mook Choi, Ji-su Kang, Jae-hyeok Kim, Hye-soo Lee, Hyo-sun Hwang
  • Patent number: 11196547
    Abstract: A lifecycle management method, system, and computer program product include establishing a public key infrastructure (PKI) for end-to-end encryption of control plane and data plane communications by providing encryption between arbitrary components for applicant execution where an interaction pattern is isolated, secure, and a multi-tenant environment.
    Type: Grant
    Filed: March 20, 2019
    Date of Patent: December 7, 2021
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jayaram Kallapalayam Radhakrishnan, Vinod Muthusamy, Vatche Isahagian, Scott Boag, Benjamin Herta, Atin Sood
  • Patent number: 11176239
    Abstract: Embodiments as disclosed herein may provide systems and methods for component integration and security. In particular, in one embodiment, a native component that presents a network based interface may be on a device, where that native component may expose a network based interface for access by other components. This native component can then be accessed through the network based interface. To address security concerns and other issues, the native component may be configured to determine if a received request is associated with the same user space and only respond to requests originating from the same user space.
    Type: Grant
    Filed: October 3, 2019
    Date of Patent: November 16, 2021
    Assignee: Open Text SA ULC
    Inventors: Jonathan Carroll, Michel Gagnon, Gregory Pekofsky, Khanh Tuan Vu
  • Patent number: 11082844
    Abstract: A method performed by a network server is provided for authentication and key management for a terminal device in a wireless communication network. The method includes authenticating the terminal device during a primary authentication session for the terminal device. The method further includes responsive to a successful authentication of the terminal device, obtaining a first key. The method further includes generating bootstrapping security parameters. The parameters include a second key derived from the first key and a temporary identifier. The temporary identifier identifies the terminal device and the bootstrapping security parameters.
    Type: Grant
    Filed: January 26, 2021
    Date of Patent: August 3, 2021
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Noamen Ben Henda, Helena Vahidi Mazinani, Vesa Lehtovirta
  • Patent number: 11068611
    Abstract: The disclosed computer-implemented method for preventing data loss from data containers may include (1) identifying, at a computing device, a process running in a data container on the computing device, (2) intercepting an attempt by the process to exfiltrate information from the computing device via at least one of a file system operation or a network operation, and (3) performing a security action to prevent the intercepted attempt. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: July 31, 2018
    Date of Patent: July 20, 2021
    Assignee: CA, Inc.
    Inventor: Sumit Sarin
  • Patent number: 10999068
    Abstract: An authentication method for a QKD process includes: a sender selects a basis for preparing authentication information according to an algorithm in an algorithms library, and respectively applies different wavelengths to send quantum states of control information and data information according to a preset information format; a receiver filters the received quantum states, employs a basis of measurement corresponding to the algorithm to measure the authentication information quantum state, sends reverse authentication information when the measurement result is in line with the algorithm, and terminates the distribution process otherwise. In addition, the sender terminates the distribution process when its local authentication information is inconsistent with the reverse authentication information.
    Type: Grant
    Filed: June 3, 2019
    Date of Patent: May 4, 2021
    Assignee: Alibaba Group Holding Limited
    Inventor: Yingfang Fu
  • Patent number: 10960314
    Abstract: The present disclosure relates to processing operations configured to efficiently enable a client and a server to establish secure communication upon initial connection between the client and the server. Upon initial connection to with the server, the client provides an encrypted token which serves as both proof of authentication/identity and provides, in the encrypted token, an encryption key that the server can utilize to initiate secure communication with the client. The server is able to trust the encrypted token and the encryption key because the encrypted token is signed and encrypted by an authentication service that has a trusted relationship with the server and because the authentication service has pre-shared decryption and signature verification keys with the server. The server utilizes the encrypted key to secure communications with the client without requiring additional processing to lookup client identity or any further intervention from the authentication service.
    Type: Grant
    Filed: July 12, 2019
    Date of Patent: March 30, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Kyle Schouviller, Scott Guest
  • Patent number: 10938556
    Abstract: A method of sharing of a reference key (AppKey) between a connected object and at least one server. The method includes the object applying a function (f) to at least one datum (DevEUI, AppEUI, DevNonce) and to a key (KSE) specific to a secure element of the object to generate the reference key, transmitting to the server a join request of the object to a network of connected objects, which include the datum, and the key (KSE) of the secure element not being transmitted to the server. The method further includes obtaining, by the server, of the key (KSE) of the secure element on the basis of the request, the server applying the function (f) to the datum and to the key (KSE) obtained by the server, so as to obtain the reference key.
    Type: Grant
    Filed: November 30, 2018
    Date of Patent: March 2, 2021
    Assignee: IDEMIA IDENTITY & SECURITY FRANCE
    Inventors: Julien Bringer, Vincent Bouatou
  • Patent number: 10902137
    Abstract: This application relates to a technique that enables a software application to perform an operation on a file stored on a file system, while enforcing privacy measures. The technique includes receiving, from a file browser, a selection of file made accessible by a file access service. The file access service is associated with the file system storing the file. The file browser executes in a mode that prevents the software application from identifying content displayed within the file browser. The technique also includes, provided the software application is authorized to access the file, communicating a first list of operations for receipt by the software application, in which the software application selects a first subset of operations, to perform on the file. Furthermore, the technique includes establishing, to perform the first subset of operations on the file, a first direct communication link between the software application and the file access service.
    Type: Grant
    Filed: November 3, 2017
    Date of Patent: January 26, 2021
    Assignee: Apple Inc.
    Inventors: Jean-Gabriel Morard, Anthony S. Parker, Rony Fadel, Kevin S. Perry
  • Patent number: 10902392
    Abstract: An improved financial terminal automatically reconfigures into different financial processing terminal types. In one embodiment, the terminal comprises a housing; a card reader configured to accept at least a portion of a card having an integrated circuit; at least one display; at least one processor; and at least one memory configured to store machine readable code, the machine readable code comprising a first kernel corresponding to a first transaction type and a second kernel corresponding to a second transaction type.
    Type: Grant
    Filed: November 19, 2019
    Date of Patent: January 26, 2021
    Assignee: Everi Payments Inc.
    Inventors: Timothy Richards, Dale Baltzell, Brian T. Sullivan
  • Patent number: 10896413
    Abstract: Methods, systems and apparatus are provided for facilitating financial transactions using an IC type financial card via a terminal. A user is provided a list of transaction types, such as PIN-based, signature-based, etc., and a requested transaction is processed via a first selected transaction type. If the transaction is unsuccessful, the terminal automatically presents a list of remaining available transaction types from which the user may select and the transaction is processed by the next selected transaction type. If the transaction is successful, funds are provided to the user, such as in the form of currency/coins or funds transfer.
    Type: Grant
    Filed: April 12, 2019
    Date of Patent: January 19, 2021
    Assignee: Everi Payments Inc.
    Inventors: Timothy Richards, Dale Baltzell, Brian T. Sullivan
  • Patent number: 10860744
    Abstract: A system and method of downloading firmware into an embedded device while maintaining the integrity and confidentiality of the firmware is disclosed. In one embodiment, the process comprises four phases. In the first phase, unauthenticated content is written into the memory of the embedded device. In the second phase, this content is verified. In the third step, a secure connection is established between the host and the embedded device. In the fourth step, the firmware is loaded into the embedded device using this secure connection. The firmware is encrypted as it is transferred from the host to the embedded device and is never accessible outside of the embedded device.
    Type: Grant
    Filed: November 20, 2018
    Date of Patent: December 8, 2020
    Assignee: Silicon Laboratories, Inc.
    Inventor: Joshua Jay Norem
  • Patent number: 10812252
    Abstract: In aspects of string matching in encrypted data, a computing device stores homomorphic encrypted data as a dataset, and implements a string matching application that receives an encrypted query string as a query of the homomorphic encrypted data. The string matching application can then apply algorithms to perform addition and multiplication operations, and determine whether there are matching strings of the encrypted query string in the dataset. The string matching application can compute, for each row of the dataset, a sum of some function of dataset bits and query bits for a row result, and multiply the row results of the computed rows to determine matching strings. Alternatively, the string matching application can compute, for each row of the dataset, a product over some function of the dataset bits and the query bits for a row result, and add the row results of the computed rows to determine matching strings.
    Type: Grant
    Filed: June 22, 2017
    Date of Patent: October 20, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Kim Henry Martin Laine, Hao Chen, Gizem S. Cetin, Yuhou Xia, Peter B. Rindal, Kristin Estella Lauter
  • Patent number: 10742413
    Abstract: Embodiments of the present invention may provide the capability for performing public-key encryption with proofs of plaintext knowledge using a lattice-based scheme that provides improved efficiency over conventional techniques. For example, in an embodiment, a computer-implemented method of verifying encryption may comprise generating a ciphertext, derived from a plaintext, via an encryption scheme, proving validity of the ciphertext, wherein the proof includes at least one challenge value, and using a decryption procedure that recovers a plaintext by choosing at least one additional challenge value at random from a challenge space.
    Type: Grant
    Filed: April 25, 2017
    Date of Patent: August 11, 2020
    Assignee: International Business Machines Corporation
    Inventors: Vadim Lyubashevsky, Gregory Neven
  • Patent number: 10721064
    Abstract: Various embodiments relate to a key protocol exchange that provide a simple but still secure key exchange protocol. Security of key exchange protocols has many aspects; providing and proving all these properties gets harder with more complex protocols. These security properties may include: perfect forward secrecy; forward deniability; key compromise impersonation resistance; security against unknown key share attack; explicit or implicit authentication; key confirmation; protocol is (session-)key independent; key separation (different keys for encryption and MACing); extendable, e.g. against DOS attacks . . . (e.g. using cookies, . . . ); support of early messages; small communication footprint; and support of for public-key and/or password authentication.
    Type: Grant
    Filed: May 30, 2018
    Date of Patent: July 21, 2020
    Assignee: NXP B.V.
    Inventor: Bjorn Fay
  • Patent number: RE48643
    Abstract: Using the same mathematical principle of paring with errors, which can be viewed as an extension of the idea of the LWE problem, this invention gives constructions of a new key exchanges system, a new key distribution system and a new identity-based encryption system. These new systems are efficient and have very strong security property including provable security and resistance to quantum computer attacks.
    Type: Grant
    Filed: November 8, 2019
    Date of Patent: July 13, 2021
    Inventor: Jintai Ding
  • Patent number: RE48644
    Abstract: Using the same mathematical principle of paring with errors, which can be viewed as an extension of the idea of the LWE problem, this invention gives constructions of a new key exchanges system, a new key distribution system and a new identity-based encryption system. These new systems are efficient and have very strong security property including provable security and resistance to quantum computer attacks.
    Type: Grant
    Filed: November 21, 2019
    Date of Patent: July 13, 2021
    Inventor: Jintai Ding