Multiple Key Level Patents (Class 380/45)
  • Patent number: 11449463
    Abstract: A save folder to be used in order for an analysis data acquisition device to save an analysis data file in a storage is created by a creator. When a file determiner determines that the analysis data file is saved in the created save folder, the analysis data file saved in the save folder is registered by a registrator in an analysis database of a database storage device. When an end determiner determines that an instruction for ending registration of the analysis data file in the analysis database has been given, a region processor makes the save folder unavailable for the registration of the analysis data file in the analysis database.
    Type: Grant
    Filed: October 5, 2018
    Date of Patent: September 20, 2022
    Assignee: SHIMADZU CORPORATION
    Inventors: Kazuhito Wakabayashi, Takayuki Nakatani
  • Patent number: 11451528
    Abstract: Representations of authentication objects are provided for selection via an interface. An authentication object may be generated to include information obtained from one or more sensors of a device. A selected authentication object may contain information sufficient for authentication with a corresponding system. The interface may provide multiple representations of authentication objects that are usable with different service providers. The interface, executed by a first device, may be configured to authenticate a second device.
    Type: Grant
    Filed: June 25, 2019
    Date of Patent: September 20, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Jesper Mikael Johansson, Gregory Branchek Roth
  • Patent number: 11429947
    Abstract: Systems, methods, and computer-readable media are provided for mobile-based transaction pre-authorization. One example method comprises receiving, from a device (such as a mobile device), a pre-authorization request including at least selection of a payment method, and generating a pre-authorization for a purchase based on the selected payment method. The method further comprises receiving a transaction request, determining whether the received transaction request is associated with the pre-authorization, and processing the transaction request based on the determination. Systems and computer-readable media implementing the above method are also provided. User interfaces are also provided for enabling the use of such methods, systems, and computer-readable media on, for example, mobile devices.
    Type: Grant
    Filed: July 15, 2019
    Date of Patent: August 30, 2022
    Assignee: Capital One Services, LLC
    Inventor: Thomas Poole
  • Patent number: 11411749
    Abstract: A tie cell includes a first flip-flop having a physically unclonable function (PUF), a second flip-flop that generates a PUF key value, and logic that logically combines the PUF value and the PUF key value to generate an output signal having a constant logical value. The PUF value is based on a power-up value stored in the first flip-flop, which power-up value is generated based on physical and/or electrical characteristics produced from a manufacturing process. The output value is generated to tie digital logic to the constant logical value.
    Type: Grant
    Filed: January 31, 2020
    Date of Patent: August 9, 2022
    Assignee: NXP B.V.
    Inventor: Jan-Peter Schat
  • Patent number: 11374749
    Abstract: An example method facilitates enabling Key Encryption Key (KEK) rotation for a running multi-tenant system without requiring system downtime or interruption. The example method facilitates decrypting a set of one or more DEKs using a preexisting KEK; using a new KEK to re-encode the DEKs using the new KEK, all while simultaneously enabling servicing of tenant requests. This is enabled in part, by strategic caching of tenant DEKs in a secure local memory, wherein the cached tenant DEKs are maintained in the clear and are readily accessible to running processes that are using the DEKs to decrypt and access tenant data, irrespective of the state of a background process used to implement the KEK rotation to the new KEK.
    Type: Grant
    Filed: September 24, 2020
    Date of Patent: June 28, 2022
    Assignee: Oracle International Corporation
    Inventors: Amit Agarwal, Rohit Koul, Srikant Krishnapuram Tirumalai, Jie Wang, Xinnong Wang
  • Patent number: 11354660
    Abstract: Various embodiments relate to a method performed by a processor of a computing system. An example method includes receiving a digitally signed cross-border payment message, the digitally signed cross-border payment message generated by digitally signing a first hash of a cross-border payment message with a first financial institution private key. A first financial institution public key is retrieved, the first financial institution public key of a public/private key pair that includes the first financial institution private key. The first financial institution public key is verified that it is associated with a first financial institution. A second hash of the cross-border payment message is generated.
    Type: Grant
    Filed: April 26, 2018
    Date of Patent: June 7, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Phillip H. Griffin, Ashia Kennon, Catherine Wangari Mwangi, Jal Daruwalla, Joanne Strobel-Cort, Lynnel J. Kresse, Michael Knorr
  • Patent number: 11275869
    Abstract: An operating method for a credit card, the method comprising: step S1, a microprocessor is powered on to perform system initialization; step S2, the microprocessor hibernates and is awakened when a preset interruption is detected so as to execute step S3; and step S3, the microprocessor executes preset interruption processing by entering a preset interruption processing flow, and exits the preset interruption processing flow when the preset interruption processing is finished, then returns to step S2. Alternatively, the method comprises: step s1, the microprocessor is powered on to perform system initialization; step s2, the microprocessor checks whether a preset interruption marker is set, and if so, the preset interruption marker is reset so as to execute the preset interruption processing, otherwise the microprocessor executes step s3; and step s3, the microprocessor hibernates, is awakened when detecting the preset interruption so as to set the preset interruption marker, and then returns to step s2.
    Type: Grant
    Filed: November 28, 2018
    Date of Patent: March 15, 2022
    Assignee: Feitian Technologies Co., Ltd.
    Inventors: Zhou Lu, Huazhang Yu
  • Patent number: 11263144
    Abstract: A method comprising: receiving, at a block device interface, an instruction to write data, the instruction comprising a memory location of the data; copying the data to pinned memory; performing, by a vector processor, one or more invertible transforms on the data; and writing the data from the pinned memory to one or more storage devices asynchronously; wherein the pinned memory of the data corresponds to a location in pinned memory, the pinned memory being accessible by the vector processor and one or more other processors.
    Type: Grant
    Filed: August 30, 2019
    Date of Patent: March 1, 2022
    Assignee: Nyriad Limited
    Inventors: Stuart John Inglis, Timothy Kelly Dawson, Xavier Aldren Simmons, Sheridan John Lambert, Rafael John Patrick Shuker, Dominic Joseph Michael Houston Azaris, Alexander Kingsley St. John
  • Patent number: 11244064
    Abstract: A system and method of data protection that provides the security of field level data protection with the ease of implementation and transparency of system level data protection at various layers is disclosed. The system utilizes blockchain technology to implement improved data protection. A smart contract application is deployed among all devices covered by the data protection system. Ledgers are similarly deployed either on each device or on dedicated ledger nodes to provide a record of all transactions occurring with the protected data. As a device writes data to a storage medium or initiates transmission of the data over a communication medium, the smart contract intercepts the data and applies a desired protection protocol to the data. As a result, enterprise wide security may be deployed that provides field level encryption without requiring modifications to existing applications or development of custom applications.
    Type: Grant
    Filed: June 25, 2019
    Date of Patent: February 8, 2022
    Assignee: American Express Travel Related Services Company, Inc.
    Inventor: Siddhartha Dutta
  • Patent number: 11212092
    Abstract: There is provided a method. The method comprises generating, by the first network node, a new security key; informing, by the first network node, a user equipment of the new security key and when the first network node will start to use the new security key; obtaining, by the first network node, when the user equipment will start to use the new security key; and bringing, by the first network node, the new security key into use.
    Type: Grant
    Filed: April 5, 2016
    Date of Patent: December 28, 2021
    Assignee: NOKIA SOLUTIONS AND NETWORKS OY
    Inventor: Yang Liu
  • Patent number: 11201730
    Abstract: A protected key to be used by a select processor on behalf of an entity unauthorized to use the protected key is created. The creating includes obtaining a system mask and a system key. A clear key is wrapped with the system key to provide a wrapped key. The system mask is applied to the wrapped key to create the protected key.
    Type: Grant
    Filed: March 26, 2019
    Date of Patent: December 14, 2021
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Anthony T. Sofia, Jonathan D. Bradbury
  • Patent number: 11153025
    Abstract: Various embodiments are described that relate to random noise addition to a communication. A first secure network can employ a first encryption scheme and a second secure network can employ a second encryption scheme. In order to communicate between the first secure network and the second secure network such that the schemes are not decipherable, random noise can be added to a communication designated to transfer from the first secure network to the second secure network.
    Type: Grant
    Filed: March 23, 2018
    Date of Patent: October 19, 2021
    Assignee: The Government of the United States, as represented by the Secretary of the Army
    Inventors: Matthew Lazzaro, William Toth
  • Patent number: 11113005
    Abstract: A multi-platform data storage system configured to maintain containers including one or more virtual storage resources. The multi-platform data storage system can, for example, include a storage interface configured to enable access to a plurality of storage platforms that use different storage access and/or management protocols, the plurality of storage platforms storing data objects in physical data storage; and a storage mobility and management layer providing virtual management of virtual storage resources corresponding to one or more data objects stored in the plurality of storage platforms, the storage mobility and management layer including at least a container management sub-system that manages logical containers that contain one or more of the virtual storage resources.
    Type: Grant
    Filed: January 6, 2020
    Date of Patent: September 7, 2021
    Assignee: Arrikto Inc.
    Inventors: Konstantinos Venetsanopoulos, Evangelos Koukis, Christos Stavrakakis, Ilias Tsitsimpis, Dimitrios Aragiorgis, Alexios Pyrgiotis
  • Patent number: 11023419
    Abstract: Disclosed herein are system, method, and computer program product embodiments for generating folder keys and using folder keys to access folder paths. In an embodiment, a computer system may instantiate a graphical user interface (GUI) to display folder and sub-folder contents as well as a folder key. A user may input a folder key as a representation of the displayed sub-folder of the corresponding folder path. The folder key may include one or more symbols that the computer system may store and associate with the folder path. Using the folder key, the computer system may retrieve a particular sub-folder, manage security or permissions related to folders, and/or facilitate navigation between sub-folders. Using a folder key may aid a user in quickly navigating to a particular sub-folder and may allow a computer system to avoid loading unnecessary intermediate sub-folders as a user navigates to a particular desired sub-folder.
    Type: Grant
    Filed: August 13, 2018
    Date of Patent: June 1, 2021
    Assignee: SAP SE
    Inventor: Jackson Mathai
  • Patent number: 11003802
    Abstract: A lock node for storing data and a protected storage unit. The lock node includes an input section which provides a plurality of key maps, each corresponding to one of a plurality of primary keys, respectively, applied to the input section, each key map including at least one main key, a variable lock section producing a derived key from a logical operation on the main keys corresponding to the primary keys applied to the input section, and an output section producing the data in response to the derived key.
    Type: Grant
    Filed: March 24, 2020
    Date of Patent: May 11, 2021
    Assignee: NUTS HOLDINGS, LLC
    Inventor: Yoon Ho Auh
  • Patent number: 10992470
    Abstract: The invention provides implementations of the block cipher in resource-constrained ARM devices that may be applied to both 32-bit and 64-bit versions of side-channel resistant and vectorized code and provides improves both efficiency and compactness by using of algorithmic techniques and features specific to a target platform. Specifically, an unprotected 32-bit implementation improves speed while reducing code size and a vectorized implementation improves performance and speed the implementation of block cipher.
    Type: Grant
    Filed: May 12, 2017
    Date of Patent: April 27, 2021
    Assignees: LG Electronics, Inc., UNICAMP
    Inventors: Rafael Junio Da Cruz, Diego F. Aranha, Julio cesar Lopez Hernandez
  • Patent number: 10949394
    Abstract: A computer program for managing and manipulating archive zip files of a computer. The program includes a system and method for opening, creating, and modifying, and extracting zip archive files. The program is fully integrated into Microsoft Windows Explorer and is accessed via Explorer menus, toolbars, and/or drag and drop operations. An important feature of the program is the archive manager which may be used to open a zip file, create a new zip file, extract zip files, modify zip files, etc. The program is integrated into Microsoft Windows Explorer using the shell name space extension application program interface developed by Microsoft.
    Type: Grant
    Filed: January 22, 2019
    Date of Patent: March 16, 2021
    Assignee: PKWARE, Inc.
    Inventors: Yuri Basin, Michael J Beirne, James C Peterson, Karen L Peterson
  • Patent number: 10929549
    Abstract: A system and method to encrypt digital data is disclosed. Digital data is received from a data source by an encryption system. A first data store is designated to store the received digital data. An encryption key is selectively assigned to encrypt the received digital data. A selective portion of the received digital data is encrypted with the assigned encryption key to create encrypted digital data. The encrypted digital data is stored in the first data store.
    Type: Grant
    Filed: January 5, 2018
    Date of Patent: February 23, 2021
    Assignee: Scaeva Technologies, Inc.
    Inventor: Steven Elliott Curd
  • Patent number: 10893032
    Abstract: Provided is a system of encryption key management, which is used by a service provision server which provides a cloud service. The system comprises a key access server which encrypts the service key using a master key corresponding to the service key and provides the service key in response to a service key request from the service provision server and a master key management server which extracts a plurality of key fragments from the master key, processes the extracted key fragments to be stored in a distributed manner, and provides the master key reconstructed from the key fragments in response to a master key request from the key access server.
    Type: Grant
    Filed: May 31, 2018
    Date of Patent: January 12, 2021
    Assignee: SAMSUNG SDS CO., LTD.
    Inventor: In Seon Yoo
  • Patent number: 10848305
    Abstract: An example non-transitory computer-readable medium includes instructions that, when executed by a processor, cause the processor to receive a request for data. The instructions also cause the processor to determine a region containing the data based on the metadata. The instructions cause the processor to traverse a tree in the metadata to determine key generation information relating a decryption key for the region to a root key.
    Type: Grant
    Filed: March 21, 2016
    Date of Patent: November 24, 2020
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Liqun Chen, Boris Balacheff, Fraser Dickin, Taciano Perez, Wagston Staehler, Craig Walrath, James M Mann
  • Patent number: 10834061
    Abstract: Rules are applied at a network perimeter to outbound network communications that contain file attachments. The rules may, in a variety of circumstances, require wrapping of an outbound file from the endpoint in a portable encrypted container. The network perimeter may be enforced locally at the endpoint, or at any network device between the endpoint and a recipient.
    Type: Grant
    Filed: January 14, 2019
    Date of Patent: November 10, 2020
    Assignee: Sophos Limited
    Inventors: Russell Humphries, Gordon Sullivan, Kenneth D. Ray, Anthony John Merry, Harald Schütz, Andreas Berger
  • Patent number: 10819513
    Abstract: An example method facilitates enabling Key Encryption Key (KEK) rotation for a running multi-tenant system without requiring system downtime or interruption. The example method facilitates decrypting a set of one or more DEKs using a preexisting KEK; using a new KEK to re-encode the DEKs using the new KEK, all while simultaneously enabling servicing of tenant requests. This is enabled in part, by strategic caching of tenant DEKs in a secure local memory, wherein the cached tenant DEKs are maintained in the clear and are readily accessible to running processes that are using the DEKs to decrypt and access tenant data, irrespective of the state of a background process used to implement the KEK rotation to the new KEK.
    Type: Grant
    Filed: April 9, 2018
    Date of Patent: October 27, 2020
    Assignee: Oracle International Corporation
    Inventors: Amit Agarwal, Rohit Koul, Srikant Krishnapuram Tirumalai, Jie Wang, Xinnong Wang
  • Patent number: 10778424
    Abstract: Cryptographic systems and methods are disclosed, including numerous industry applications. Embodiments of the present invention can generate and regenerate the same symmetric key. The cryptographic systems and methods include a key generator configured to use two or more inputs to reproducibly generate the symmetric key and a cryptographic engine configured to use the symmetric key for encrypting and decrypting data.
    Type: Grant
    Filed: February 26, 2018
    Date of Patent: September 15, 2020
    Assignee: CORD3 INNOVATION INC.
    Inventors: Glen Arthur Henderson, Brent Eric Nordin, Daniel Marcel Joseph Seguin, Prateek Srivastava, Ian Hugh Curry
  • Patent number: 10719597
    Abstract: Embodiments of the disclosure are directed to the use of controlled randomization in authorizing virtual reality interactions. More specifically, a user of a virtual reality (VR) device may seek to initiate an interaction within the virtual reality environment. In order for the interaction to be allowed for the user, a processing computer may need the user to supply an additional credential. In some cases, the user may enter the additional credential using a series of virtual keypads that are rendered in the virtual reality environment. These keypads may have varying layouts that are determined in a controlled manner (e.g., pseudo-randomly) using pre-determined mathematical procedures. The layout of a subsequent keypad may be partially based on the user's selection in a preceding keypad. The keypad positions for the user's selections may be provided to the processing computer to solve for the credential which can be used for validation purposes.
    Type: Grant
    Filed: April 4, 2017
    Date of Patent: July 21, 2020
    Assignee: Visa International Service Association
    Inventors: Siddhant Sonkar, Sumiran Aggarwal, Venkata Krishna Prasad Akkapeddi, Prateek Khare, Mohit Choudhary
  • Patent number: 10671764
    Abstract: A lock node for storing data and a protected storage unit. The lock node includes an input section which provides a plurality of key maps, each corresponding to one of a plurality of primary keys, respectively, applied to the input section, each key map including at least one main key, a variable lock section producing a derived key from a logical operation on the main keys corresponding to the primary keys applied to the input section, and an output section producing the data in response to the derived key.
    Type: Grant
    Filed: August 31, 2017
    Date of Patent: June 2, 2020
    Assignee: NUTS HOLDINGS, LLC
    Inventor: Yoon Ho Auh
  • Patent number: 10614236
    Abstract: Embodiments for performing self-contained, consistent data masking in a distributed computing environment by a processor. A data masking operation is performed on one or more datasets in one of a plurality of data formats such that a key of each value of each key-value pair representing a common set of columns or paths for the one or more datasets is masked.
    Type: Grant
    Filed: March 1, 2017
    Date of Patent: April 7, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Spyridon Antonatos, Stefano Braghin, Ioannis Gkoufas, Pol Mac Aonghusa
  • Patent number: 10528290
    Abstract: A multi-platform data storage system configured to maintain containers including one or more virtual storage resources. The multi-platform data storage system can, for example, include a storage interface configured to enable access to a plurality of storage platforms that use different storage access and/or management protocols, the plurality of storage platforms storing data objects in physical data storage; and a storage mobility and management layer providing virtual management of virtual storage resources corresponding to one or more data objects stored in the plurality of storage platforms, the storage mobility and management layer including at least a container management sub-system that manages logical containers that contain one or more of the virtual storage resources.
    Type: Grant
    Filed: February 23, 2018
    Date of Patent: January 7, 2020
    Assignee: Arrikto Inc.
    Inventors: Konstantinos Venetsanopoulos, Evangelos Koukis, Christos Stavrakakis, Ilias Tsitsimpis, Dimitrios Aragiorgis, Alexios Pyrgiotis
  • Patent number: 10423953
    Abstract: A system, method, and computer readable medium (collectively, the “system”) are provided. The system may include a processor configured to perform operations and/or steps comprising storing, by a processor, a session key on a mobile device, wherein the session key is encrypted. The system receiving a transaction request, decrypting the session key, and broadcasting a signal configured for being received by a magnetic stripe reader. Track 1 data and/or track 2 data may be encoded in the signal. The track 1 data and/or the track 2 data may also comprise a dynamically generated value that is generated based on the session key.
    Type: Grant
    Filed: April 11, 2018
    Date of Patent: September 24, 2019
    Assignee: AMERICAN EXPRESS TRAVEL RELATED SERVICES COMPANY, INC.
    Inventors: Manish K. Deliwala, Jonathan Lupton, Ajay B. Maddukuri, John G. McDonald
  • Patent number: 10395230
    Abstract: The present disclosure relates to systems and method for securely entering a confidential access code into a user device. A system for allowing secure entry of a confidential access code into a user device may include one or more memories storing instructions and one or more processors configured to execute instruction to perform operations. The operations may include receiving a request for confidential access, prompting the user, via the user interface, to enter a group of inputs into a single-entry field, receiving a dummy sequence of inputs, receiving or providing an indicator signal, receiving an access sequence of inputs, parsing the group of inputs received to identify the access sequence of inputs based on the location of the indicator signal, comparing the access sequence of inputs to the confidential access code associated with the user, and granting or denying access to the confidential information based on the results.
    Type: Grant
    Filed: July 9, 2018
    Date of Patent: August 27, 2019
    Assignee: Capital One Services, LLC
    Inventors: Abdelkader M'Hamed Benkreira, Michael Mossoba, Joshua Edwards
  • Patent number: 10326597
    Abstract: A system that provides responses to requests obtains a key that is used to digitally sign the request. The key is derived from information that is shared with a requestor to which the response is sent. The requestor derives, using the shared information, derives a key usable to verify the digital signature of the response, thereby enabling the requestor to operate in accordance with whether the digital signature of the response matches the response.
    Type: Grant
    Filed: June 27, 2014
    Date of Patent: June 18, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Gregory Branchek Roth, Eric Jason Brandwine
  • Patent number: 10298551
    Abstract: An apparatus in one embodiment comprises at least one processing device having a processor coupled to a memory. The processing device implements a messaging policy enforcement server that receives from a first client device metadata of an encrypted message to be sent from the first client device to a second client device. The received metadata comprises a first key utilized by the first client device to encrypt the message with the first key being encrypted utilizing a second key associated with the second client device. The messaging policy enforcement server processes the received metadata to determine one or more policies applicable to the encrypted message and to generate a further encrypted version of the encrypted first key utilizing one or more additional keys corresponding to the one or more policies. The further encrypted version of the encrypted first key is sent to the second client device in modified metadata of the encrypted message.
    Type: Grant
    Filed: December 14, 2016
    Date of Patent: May 21, 2019
    Assignee: EMC IP Holding Company LLC
    Inventors: Radia Perlman, Xuan Tang, Charles Kaufman
  • Patent number: 10291396
    Abstract: The positions in a text in which partial character strings in a pattern appear are efficiently detected. A partial-character-string position detecting device 1 takes inputs of a secret text [t] of a text t, a secrete text <p> of a pattern p, a secret text <c> of a vector c, and a secret text <E> of a matrix E and outputs a secret text <H> of a matrix H. A first matrix generating part 20 generates a secret text <F> of a matrix F, in which F[i][j]=E[i][j+i mod n+1] (where it is assumed that E[i][n]=¬c[i]). A second matrix generating part 30 generates a secret text <F?> of a matrix F?, in which F[i][j]=1 is set if c[i]=0 or if c[i]=1 and F[k][j]=1 for every k that is successively c[k]=1, otherwise F[i][j]=0 is set, where k=i, . . . , n?1. A third matrix generating part 40 computes <H[i][j]>=<F[i][j?i mod n+1]>?<c[i]>?¬<c[i?1]> to generate the secrete text <H>.
    Type: Grant
    Filed: October 5, 2015
    Date of Patent: May 14, 2019
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Koki Hamada, Dai Ikarashi, Naoto Kiribuchi
  • Patent number: 10237066
    Abstract: A scalable and efficient cryptographic architecture is provided for processing data using deeply-pipelined algorithms and circuitries. The architecture can be implemented as circuitry in a fixed logic device, or can be configured into a programmable integrated circuit device. The same top-level design may be used for different choices of data channels, processing depth, parallelism level, and/or system throughput. An encryption pipeline processing block performs rounds of processing upon a block of said data using an encryption process and receives a respective round encryption key for each round of processing. An encryption key pipeline block provides the respective round encryption key for each round of processing by selecting, for each round of processing, the respective round encryption key from at least a first round encryption key corresponding to a first channel and a second round encryption key corresponding to a second channel.
    Type: Grant
    Filed: April 8, 2014
    Date of Patent: March 19, 2019
    Assignee: ALTERA CORPORATION
    Inventors: Martin Langhammer, Shawn Nicholl, Cheng Wang
  • Patent number: 10185836
    Abstract: Encrypting data without losing their format is important in computing systems, because many parties using confidential data rely on systems that require specific formatting for data. Information security depends on the systems and methods used to store and transmit data as well as the keys used to encrypt and decrypt those data. A policy broker is disclosed that maintains keys for clients in confidence, while providing cryptographically secure ciphertext as tokens that the clients may use in their systems as though they were the unencrypted data. Tokens are uniquely constructed for each client by the policy broker based on policies set by a receiving client detailing the formatting needs of their systems. Each client may communicate with other clients via the policy broker with the tokens and will send tokens unique to their system that the policy broker will translate into the tokens of the other party.
    Type: Grant
    Filed: October 31, 2017
    Date of Patent: January 22, 2019
    Assignee: Passport Health Communications, Inc.
    Inventor: Christopher Gerhard Busch
  • Patent number: 10181166
    Abstract: A user selection of one or more of a plurality of content is received. The selected content is encrypted by a first encryption key that is remote and unknown to the distribution server. Payment information associated with the user selection is also received and verified. The selected content from is retrieved from a remote database. The first encryption key corresponding to the selected content to decrypt the encrypted content corresponding to the user selection is obtained. Decryption is performed by a hardware-based engine of the distribution server that is isolated from a host processor of the distribution server. The content corresponding to the user selection is encrypted according to a second encryption key that is known to the distribution server.
    Type: Grant
    Filed: March 29, 2018
    Date of Patent: January 15, 2019
    Assignee: Adobe Systems Incorporated
    Inventors: David L. Blankenbeckler, William Almon, Jr.
  • Patent number: 10037317
    Abstract: Techniques for creating a template to be used in connection with automatically generating text. Techniques include creating a template to include human language text and at least a first tag that serves as a placeholder for a text portion referring to at least one referent; and allowing a user to specify multiple options to be used in place of the first tag when generating output text using the created template, the options comprising at least a first referential expression for the at least one referent and at least a first anaphoric expression for the at least one referent.
    Type: Grant
    Filed: July 17, 2013
    Date of Patent: July 31, 2018
    Assignee: YSEOP SA
    Inventors: Alain Kaeser, Emmanuel Vignon, Ludan Stoecklé
  • Patent number: 9992015
    Abstract: An approach is provided for building a scalable service platform by initiating transmission of encrypted data from a public network cache. An access control server platform determines a first authorization key for a user and a second authorization key for a resource, and then encrypts the resource with the second authorization key, and encrypts the second authorization key with the first authorization key. The access control server platform initiates distribution of the encrypted second authorization key with the encrypted resource over a network. The access control server platform further initiates caching the encrypted second authorization key with the encrypted resource that meets a predefined threshold value (e.g., a data size, an access frequency, a modification frequency, or an auditing requirement) in a cache in the network, and initiates transmission of the cached and encrypted second authorization key with the cached and encrypted resource from the cache to at least one authorized entity.
    Type: Grant
    Filed: April 30, 2013
    Date of Patent: June 5, 2018
    Assignee: Nokia Technologies Oy
    Inventors: Yan Fu, Ari M. Vepsalainen, Ari Antero Aarnio, Markku Kalevi Vimpari, Pekka Johannes Laitinen
  • Patent number: 9984236
    Abstract: A client hosted virtualization system (CHVS) includes a processor to execute code, a component, and a non-volatile memory. The non volatile memory includes BIOS code and code to implement a virtualization manager. The virtualization manager is operable to initialize the CHVS, launch a virtual machine on the CHVS, and assign the component to the virtual machine, such that the virtual machine has control of the component. The CHVS is configurable to execute the BIOS and not the virtualization manager, or to execute the virtualization manager and not the BIOS.
    Type: Grant
    Filed: July 31, 2015
    Date of Patent: May 29, 2018
    Assignee: DELL PRODUCTS, LP
    Inventors: Yuan-Chang Lo, Shree Dandekar
  • Patent number: 9959583
    Abstract: A user selection of one or more of a plurality of content is received. The selected content is encrypted by a first encryption key that is remote and unknown to the distribution server. Payment information associated with the user selection is also received and verified. The selected content from is retrieved from a remote database. The first encryption key corresponding to the selected content to decrypt the encrypted content corresponding to the user selection is obtained. Decryption is performed by a hardware-based engine of the distribution server that is isolated from a host processor of the distribution server. The content corresponding to the user selection is encrypted according to a second encryption key that is known to the distribution server.
    Type: Grant
    Filed: May 24, 2016
    Date of Patent: May 1, 2018
    Assignee: Adobe Systems Incorporated
    Inventors: David L. Blankenbeckler, William Almon, Jr.
  • Patent number: 9942211
    Abstract: Performing cryptographic operations such as encryption and decryption may be computationally expensive. In some contexts, initialization vectors and keystreams operable to perform encryption operations are generated and stored in a repository, and later retrieved for use in performing encryption operations. Multiple devices in a distributed system can each generate and store a subset of a larger set of keystreams.
    Type: Grant
    Filed: December 11, 2014
    Date of Patent: April 10, 2018
    Assignee: Amazon Technologies, Inc.
    Inventor: Matthew John Campagna
  • Patent number: 9891823
    Abstract: A system for securely entering particular information includes a mobile device and a background server. The mobile device includes a first area which is a non-secure environment, a second area which is a secure environment and a switching module implementing switchings between the first and second areas. At least one first application module for executing a business function application is provided in the first area. A second application module for executing a particular information entering application and an encryption module for encrypting entered particular information are provided in the second area. If a particular information entering is required by the first application module, the switching module triggers the second application module to perform the particular information entering, and returns, to the first application module, an encryption result obtained by encrypting the entered particular information.
    Type: Grant
    Filed: October 29, 2014
    Date of Patent: February 13, 2018
    Assignee: NEUSOFT CORPORATION
    Inventors: Xishun Feng, Zhijian Zhang, Jun Li, Jun Wang, Qingyang Meng, Fuyang Liu
  • Patent number: 9870559
    Abstract: Methods and systems are provided for supporting electronic transactions, including transactions that are provided with per-user, per-device and per-domain security across domains of multiple service providers.
    Type: Grant
    Filed: June 24, 2011
    Date of Patent: January 16, 2018
    Assignee: MASTERCARD MOBILE TRANSACTIONS SOLUTIONS, INC.
    Inventors: Satyan G. Pitroda, Mehul Desai
  • Patent number: 9864853
    Abstract: A method and structure for authenticating users of a system that prevents theft of passwords and re-use of passwords. The method and structure use one-time passwords and a Secure CPU technology that cryptographically protects a software module known as a Secure Object from other software on a system. The method and structure generate and validate one-time passwords within Secure Objects and use a communications mechanism to securely communicate passwords or information used to generate passwords that makes use of cryptography and the protected and unprotected regions of a Secure Object to provide strong end-to-end security.
    Type: Grant
    Filed: November 30, 2015
    Date of Patent: January 9, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventor: Richard Harold Boivie
  • Patent number: 9830464
    Abstract: Encrypting data without losing their format is important in computing systems, because many parties using confidential data rely on systems that require specific formatting for data. Information security depends on the systems and methods used to store and transmit data as well as the keys used to encrypt and decrypt those data. A policy broker is disclosed that maintains keys for clients in confidence, while providing cryptographically secure ciphertext as tokens that the clients may use in their systems as though they were the unencrypted data. Tokens are uniquely constructed for each client by the policy broker based on policies set by a receiving client detailing the formatting needs of their systems. Each client may communicate with other clients via the policy broker with the tokens and will send tokens unique to their system that the policy broker will translate into the tokens of the other party.
    Type: Grant
    Filed: January 21, 2016
    Date of Patent: November 28, 2017
    Assignee: PASSPORT HEALTH COMMUNICATIONS, INC.
    Inventor: Christopher Gerhard Busch
  • Patent number: 9768959
    Abstract: Static security credentials are replaced by pseudonyms and session-specific passwords to increase security associated with user login attempts, and specifically to defeat keylogging attacks. For each login event, the system generates unique, session-specific credentials by randomly replacing characters within a given username and password. The random character generation ensures that system login attempts use different combinations of characters, thereby producing a new username and password for every user session. The client side of the system requires only the capability to display an image file, with specialized software/hardware limited to the server side, thereby facilitating the use of the system by a wide range of client devices.
    Type: Grant
    Filed: March 10, 2015
    Date of Patent: September 19, 2017
    Assignee: Acxiom Corporation
    Inventors: Gon Yi, William C. Smith, Connie Marie Ardwin
  • Patent number: 9729941
    Abstract: A system and method to watermark a compressed content encrypted by at least one content key, said content key as well as pre-marking data forming Conditional Access System (CAS) data, said CAS Data being encrypted by a transmission key and comprising at least one signature to authenticate all or part of the CAS Data, said compressed content being received by a client device comprising: a Descrambler having an input to receive the encrypted compressed content and an output to produce an compressed content, a Watermark (WM) inserter directly connected to the output of the Descrambler, said Descrambler and said WM inserter being connected with a Conditioner, said Conditioner executing the following steps: receiving the CAS Data, decrypting the CAS Data with the transmission key, verifying the signature of the CAS Data, and if the signature is valid, transferring the content key to the descrambler and the pre-marking data to the WM inserter, and watermarking by the WM inserter, the decrypted content received by t
    Type: Grant
    Filed: April 28, 2014
    Date of Patent: August 8, 2017
    Assignee: NAGRAVISION S.A.
    Inventors: Didier Hunacek, Patrick Servet, Minh Son Tran, Pierre Sarda
  • Patent number: 9716696
    Abstract: An encryption key management system and method implements enterprise managed encryption key for an enterprise using encryption for cloud-based services. In some embodiments, the enterprise deploys a key agent on the enterprise data network to distribute encryption key material to the network intermediary on a periodic basis. The network intermediary receives the encryption key material from the enterprise and stores the encryption key material in temporary storage and uses the received encryption key material to derive a data encryption key to perform the encryption of the enterprise's data. In this manner, the enterprise can be provided with the added security assurance of maintaining and managing its own encryption key while using cloud-based data storage services. The encryption key management system and method can be applied to ensure that the enterprise's one or more encryption keys do not leave the enterprise's premises.
    Type: Grant
    Filed: July 7, 2016
    Date of Patent: July 25, 2017
    Assignee: Skyhigh Networks, Inc.
    Inventors: Kaushik Narayan, Paul Grubbs
  • Patent number: 9697512
    Abstract: Methods and systems are provided for supporting electronic transactions, including transactions that are provided with per-user, per-device and per-domain security across domains of multiple service providers.
    Type: Grant
    Filed: June 24, 2011
    Date of Patent: July 4, 2017
    Assignee: MASTERCARD MOBILE TRANSACTIONS SOLUTIONS, INC.
    Inventors: Satyan G. Pitroda, Mehul Desai
  • Patent number: 9697359
    Abstract: A first time software is loaded for execution by a device, the software stored in non-secure storage is authenticated. Authenticating the software may involve a cryptographic operation over the software and a digital signature of the software. A verification tag may be generated for the software if authentication of the software is successful, the verification tag based on the software and at least a device-specific secret data. The verification tag may be stored within the device. Each subsequent time the software is loaded for execution it may be verified (not authenticated) by using the verification tag to confirm that the software being loaded is the same as the one used to generate the verification tag while avoiding authentication of the software.
    Type: Grant
    Filed: April 15, 2015
    Date of Patent: July 4, 2017
    Assignee: QUALCOMM Incorporated
    Inventors: Alexander Gantman, David Merrill Jacobson
  • Patent number: 9684781
    Abstract: Embodiments disclosed herein relate to determining authorization of a software product based on a first authorization item and a second authorization item. Each authorization item may be a file or a registry key. A processor 104 may determine whether use of the software product is authorized at a particular time period by comparing a first authorization item and a second authorization item.
    Type: Grant
    Filed: November 12, 2010
    Date of Patent: June 20, 2017
    Assignee: Hewlett Packard Enterprise Development LP
    Inventor: Calvin L. Selig