Privileged Access (707/9) Patents (Class 707/999.009)
  • Patent number: 10705919
    Abstract: An information processing apparatus, backup method, and program product that enable efficient differential backup. In one embodiment, an information processing apparatus for files stored in a storage device includes: a metadata management unit for managing metadata of files stored in the storage device; a map generation unit for generating a map which indicates whether metadata associated with an identification value uniquely identifying a file in the storage device is present or absent; and a backup management unit for scanning the metadata to detect files that have been created, modified, or deleted since the last backup, and storing at least a data block and the metadata for a detected file in a backup storage device as backup information in association with the identification value.
    Type: Grant
    Filed: November 21, 2017
    Date of Patent: July 7, 2020
    Assignee: International Business Machines Corporation
    Inventors: Norie Iwasaki, Sosuke Matsui, Tsuyoshi Miyamura, Terue Watanabe, Noriko Yamamoto
  • Patent number: 10706170
    Abstract: Implementations include providing a database system that a plurality of tenant systems interact with, providing a shared database schema and a plurality of tenant database schemas, the shared database schema including a shared table, and each tenant database schema being assigned to a respective tenant and including a view into the shared table, which includes a tenant specification field, and a row visibility field, the tenant specification field indicating a tenant, to which a respective row is assigned, and the row visibility field indicating visibility of a respective row to respective tenants.
    Type: Grant
    Filed: March 16, 2017
    Date of Patent: July 7, 2020
    Assignee: SAP SE
    Inventors: Juergen Specht, Volker Driesen
  • Patent number: 10693862
    Abstract: A method is disclosed that includes receiving a notification about an activity pertaining to a user, the notification being directed to a first application and a second application, and identity of the user being associated with a token. The method also includes identifying a first instance of the first application and a first instance of the second application at a user device of the user, and determining the first instance of the first application and the first instance of the second application are associated with the token. The method further includes selecting one of the first instance of the first application or the first instance of the second application to provide the notification at the user device based on the token, and providing the notification to the selected one of the first instance of the first application or the first instance of the second application at the user device.
    Type: Grant
    Filed: December 13, 2017
    Date of Patent: June 23, 2020
    Assignee: Google LLC
    Inventors: Benoît de Boursetty, Nathan Hunt
  • Patent number: 10685338
    Abstract: A system, apparatus, and method for expediting the authorization of an electronic payment transaction. Authorization of a transaction at a node of an authorization network is the result of inferring the trustworthiness of a customer to the transaction using data obtained from a different node of the authorization network. The authorization process is expedited by relying on the previous authentication decision of another node, where the previous decision may have been made based on a different payment device or different user inputs. The invention uses a decision made by a first node in the authorization network as a proxy for the authorization decision at a different node, thereby transferring the trustworthiness of a consumer, consumer's device, payment device, or other aspect of the transaction from the first node to the second.
    Type: Grant
    Filed: August 5, 2019
    Date of Patent: June 16, 2020
    Assignee: Visa International Service Association
    Inventor: Ayman Hammad
  • Patent number: 10678661
    Abstract: Provided are a computer program product, system, and method for processing a recall request for data migrated from a primary storage system having data mirrored to a secondary storage system mirroring data from the primary storage system to the at least one secondary storage system. The primary storage system receives a recall request to recall a data object that was migrated from the primary storage system to a remote storage location. The recall request is transmitted to each of the at least one secondary storage system to cause each of the at least one secondary storage system receiving the recall request to directly retrieve the data object from the remote storage location. The primary storage system retrieves the data object from the remote storage location in response to the recall request. The primary storage system returns complete to the recall request in response to the data object being confirmed as restored to the primary storage system and the at least one secondary storage system.
    Type: Grant
    Filed: March 20, 2017
    Date of Patent: June 9, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Gregory E. McBride, Carol S. Mellgren, David C. Reed
  • Patent number: 10673836
    Abstract: Method, system, and programs for performing two-factor authentication for a controlled access application via one or more third-party host verification servers. An example method includes receiving a request to a controlled access application after a user has successfully logged into an enterprise system with a first Identifier (ID) factor, the controlled access application requiring additional authentication with a second ID factor, obtaining first information to complete the second ID factor, at least some of the first information being obtained from the user, and generating a first web form using the first information. The method also includes submitting the first web form to a host verification server, receiving an indication of successful verification from the host verification server; and initiating, in response to receiving the indication of successful verification, access to the controlled access application.
    Type: Grant
    Filed: April 30, 2018
    Date of Patent: June 2, 2020
    Assignee: DRFIRST.COM, INC.
    Inventor: Zilong Tang
  • Patent number: 10663956
    Abstract: An I/O-abstracted configuration is defined for a field device that has not yet been assigned or allocated to communicate via a particular I/O device or I/O network within a plant, and this configuration is stored in a device placeholder object in a back-end environment of the plant. Thereafter other objects, modules, applications, user interfaces, etc., that are to execute in the back-end environment of the plant to communicate with the field device during on-line operation of the plant may be designed, built, configured, and tested using the device placeholder object without any actual communications with the field device and without assigning the device placeholder object to a particular I/O channel or I/O network.
    Type: Grant
    Filed: October 12, 2016
    Date of Patent: May 26, 2020
    Assignee: FISHER-ROSEMOUNT SYSTEMS, INC.
    Inventors: Larry O. Jundt, Gary K. Law, Cristopher Ian S. Uy, Deborah R. Colclazier, Sergio Diaz, Julian K. Naidoo, Neil J. Peterson, Kent A. Burr, Daniel R. Strinden
  • Patent number: 10657273
    Abstract: A dynamic data minimization server implements minimization protocols to entity-specific information based on access rights (e.g., privacy rights) of a requesting entity. The minimization may be applied on the fly (e.g., as the entity-specific information is requested) and the level, type, protocol, etc., of encryption (or other minimization process) may be selected based on a particular type of a data item. The dynamic data minimization server may determine and apply transformation functions, such as encryption, to items of protected information, transforming those items of protected information into items of minimized information. If a requesting entity has appropriate rights, the dynamic data minimization server may selectively apply a reverse transformation function, such as decryption, to recover the original information.
    Type: Grant
    Filed: March 5, 2018
    Date of Patent: May 19, 2020
    Assignee: Palantir Technologies Inc.
    Inventors: Kyle Erickson, Nicholas Miyake, Dominique Alessi
  • Patent number: 10652332
    Abstract: Systems and methods are provided for dynamically authorizing access to content stored on a front-end system by one or more applications hosted on a remote back-end system. The content stored on the front-end system may be static files. The front-end system may store content in distinct content storage locations. Each content storage location may correspond to a respective application hosted by the back-end system. In one embodiment, there may be multiple back-end systems each hosting one or more applications. Each application on the back-end system may employ operation logic to determine authorization to a content storage location associated with the application.
    Type: Grant
    Filed: July 9, 2018
    Date of Patent: May 12, 2020
    Assignee: Oracle International Corporation
    Inventors: Darrel Laursen, Yang Liu, Antonia M. Garcia, Xia Rao
  • Patent number: 10623408
    Abstract: Aspects of the present disclosure relate to the generation and delivery of content including unique and shared components. A content delivery network service provider can obtain requests for content from client computing devices. Based on information provided in the request or otherwise managed by executable code on the client computing device, the CDN service provider obtains one or more pieces of content that may be shared by more than one user or client computing devices. Additionally, the CDN service provider obtains one or more pieces of content that will not be shared by more than one user or more than one client computing device. Responsive to the content request, the CDN service provider can combine the one or more pieces of shared content and the one or more pieces of unique content and deliver the combined content to the requested client computing device.
    Type: Grant
    Filed: April 2, 2012
    Date of Patent: April 14, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Bradley E. Marshall, Tal Saraf, Craig W. Howard, David Alexander Dunlap, Nicholas J. Maniscalco
  • Patent number: 10616280
    Abstract: Embodiments of the present invention provide an automated network security system for dynamically managing network security rules. The system uses a cognitive engine to capture network traffic and analyze behavioral data about said network traffic. Based on analysis of the behavioral data, the system may identify one or more vulnerabilities in the network security system and determine one or more changes to the network security rules to remedy the one or more vulnerabilities. The system further uses a robotic process automation system to test, simulate, and implement the one or more changes to the network security rules for the network.
    Type: Grant
    Filed: October 25, 2017
    Date of Patent: April 7, 2020
    Assignee: BANK OF AMERICA CORPORATION
    Inventor: Sasidhar Purushothaman
  • Patent number: 10592650
    Abstract: Some embodiments include a method of providing security and privacy for a message sender. The method can include a messaging application determining that a messaging interface of the computing device is active and is revealing or about to reveal the electronic message. The messaging application can identify a recipient account of a messaging server system that is associated with the electronic message according to the electronic message or the messaging server system. The messaging application can then monitor a data feed from a sensor of the computing device to detect a biometric pattern that matches against a biometric profile model associated with the recipient account utilizing a biometric recognition process. In response to determining that the detected biometric pattern does not match the biometric profile model associated with the recipient account, the messaging application can activate a privacy shield to prevent content of the electronic message from being revealed.
    Type: Grant
    Filed: October 17, 2017
    Date of Patent: March 17, 2020
    Assignee: FaceToFace Biometrics, Inc.
    Inventors: Eric Leuthardt, Scott Stern
  • Patent number: 10585822
    Abstract: A method of operating a storage device controller which controls a storage device includes receiving a debugging data request command through a peripheral component interconnect express (PCIe) interface of the storage device controller from outside of the storage device controller, and storing debugging data in a register included in the PCIe interface.
    Type: Grant
    Filed: July 13, 2018
    Date of Patent: March 10, 2020
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Chul-Woo Lee, Wonhee Cho
  • Patent number: 10586618
    Abstract: Among other things, a user of a browser is exposed simultaneously to three interfaces: A viewing interface for at least one image of a subject that is stored on a device on which the browser is running, a decision support interface that aids the user in determining the state of the subject based on the image, and a template interface that aids the user in capturing uniform descriptive information about the state of the subject. At least two of the viewing interface, the decision support interface, and the template interface operate cooperatively so that actions of the user with respect to one of the two interfaces causes changes in content exposed by the other of the two interfaces.
    Type: Grant
    Filed: May 7, 2014
    Date of Patent: March 10, 2020
    Assignee: LIFETRACK MEDICAL SYSTEMS PRIVATE LTD.
    Inventors: Eric Schulze, Brendan Philip Rees, Dennis Mejia
  • Patent number: 10560455
    Abstract: Authentication systems and methods can selectively authenticate a request to access a resource data store storing access rights associated with a user device. The systems and methods can scalably execute challenges workflows as part of the authentication process. For example, a request to access one or more access rights stored in the data store can be received from the user device. The user device can be authenticated using challenge workflows selected based on a device identifier of the user device. The selected challenge workflows can be executed to determine whether or not to grant access to the access rights stored in the resource data store.
    Type: Grant
    Filed: January 18, 2019
    Date of Patent: February 11, 2020
    Assignee: Live Nation Entertainment, Inc.
    Inventors: Dan Cernoch, Ajay Pondicherry, David Refsland, Kenneth Ives-Halperin
  • Patent number: 10554769
    Abstract: Among other disclosures, a method may include collecting historical communication data and personal data relating to a portion of a plurality of communications, a sender of one or more of the communications or one or more recipients of the communications. The method may include depositing the collected data into a repository of historical communication data and personal data. The method may include presenting one or more items in the repository on a mobile device, in response to user behavior.
    Type: Grant
    Filed: July 1, 2017
    Date of Patent: February 4, 2020
    Assignee: OATH INC.
    Inventors: Matthew Brezina, Adam Smith, Jeffrey Bonforte
  • Patent number: 10536853
    Abstract: A method for network authentication of wireless devices at a gateway is provided that includes scanning a wireless network by the gateway to discover unjoined wireless devices, joining a discovered wireless device to the gateway using a non-internet protocol implemented by the wireless device, wherein the joining results in an encrypted connection between the gateway and the wireless device, and authenticating the discovered wireless device to the gateway via the encrypted connection, wherein authentication is performed according to an authentication protocol of a network protocol management layer of the gateway.
    Type: Grant
    Filed: March 3, 2017
    Date of Patent: January 14, 2020
    Assignee: TEXAS INSTRUMENTS INCORPORATED
    Inventors: Ramanuja Vedantham, Alejandro Martin Lampropulos, Arvind Kandhalu Raghu
  • Patent number: 10536950
    Abstract: A method for detecting interferences in wireless networks is disclosed. A salient idea is to use a first access point for detecting an interference disturbing a wireless device associated with a second access point, wherein the device at the origin of the interference is in the range of the first access point, but not in the range of the second access point. Leveraging on the difference of coverage between different wireless networking technologies, the first access point is capable of detecting both a data traffic of a second access point and a short-range interfering device in a same frequency channel.
    Type: Grant
    Filed: February 12, 2018
    Date of Patent: January 14, 2020
    Assignee: INTERDIGITAL CE PATENT HOLDINGS
    Inventors: Thierry Filoche, Ghislaine Pondaven, Pascal Le Guyadec, Christoph Neumann
  • Patent number: 10530774
    Abstract: Disclosed is a system for delegating authentication of an untrusted application executing on a client device. For delegated authentication, an untrusted application relies on a trusted application executing in the same environment for authentication purposes. The delegated authentication process avoids requiring the user of the untrusted application to provide authentication credentials. The disclosed system for delegating authentication enables any trusted application executing in the same computing environment to authenticate the untrusted application.
    Type: Grant
    Filed: February 5, 2018
    Date of Patent: January 7, 2020
    Assignee: Twitter, Inc.
    Inventors: Jeffrey Seibert, Jr., Michael Ducker
  • Patent number: 10510061
    Abstract: A method, electronic device, and computer readable storage medium, for capturing user inputs in a fillable electronic form into an electronic wallet. A method includes: populating fields in a fillable electronic form with secured information from record fields in an electronic wallet at the electronic device while in an online transaction with an online vendor's server; receiving user input entering changes into the fields in the fillable electronic form overwriting the secured information to changed information in the fillable electronic form; upon determining that changes have been made in any field in the fillable electronic form, copying the changed information from the fields in the fillable electronic form and writing the changed information into corresponding record fields as secured information in the electronic wallet; and continuing with the online transaction using the fillable electronic form with the online vendor's server.
    Type: Grant
    Filed: September 22, 2017
    Date of Patent: December 17, 2019
    Assignee: BlackBerry Limited
    Inventor: Eric Chan
  • Patent number: 10498769
    Abstract: A method, comprising: obtaining a current version of a policy associated with an application or website; comparing the current version against a previous version to identify differences in key words or phrases, each difference corresponding to interactions of the application or website, the interactions comprising use of computing device functionality or personal information; for each difference previously associated with a particular level of privacy risk, retrieving the particular level from a database; for each difference not previously associated with the particular level: generating a respective level of privacy risk associated with particular interactions of the application or website corresponding to the difference; associating the respective level to the difference; and storing in the database the difference and the respective level associated with the difference; generating a current privacy risk score based on each of the particular levels and on each of the respective levels associated with the one
    Type: Grant
    Filed: April 9, 2018
    Date of Patent: December 3, 2019
    Assignee: The Privacy Factor, LLC
    Inventor: Mark A. Sartor
  • Patent number: 10499453
    Abstract: A method and a device for Bluetooth connection control for multiple playing devices, and a music playing system are provided. The method includes the following. A broadcast message is sent after a playing device is turned on, where the broadcast message is configured to inquire whether a Bluetooth function is enabled in other playing devices within the same music playing system of the playing device. Whether a response returned by the other playing devices is detected according to the broadcast message is received, where the response is configured to indicate that a playing device that returned the response has enabled the Bluetooth function. The Bluetooth function of the playing device is disabled when the response is received by the playing device. The Bluetooth function of the playing device is enabled when no response is received by the playing device.
    Type: Grant
    Filed: November 20, 2018
    Date of Patent: December 3, 2019
    Assignee: Guangdong Oppo Mobile Telecommunications Corp., Ltd.
    Inventor: Shangbo Lin
  • Patent number: 10482281
    Abstract: Techniques for providing a real-time service that protects personal data of clients from customer service agents are provided. Customer data that includes personal data indicative of sensitive information of a customer can be received from the customer. The personal data within the received customer data can be detected and a token that does not include the sensitive information of the customer can be generated. The personal data and the generated token can be stored along with data indicating a relationship between the token and the personal data. The personal data in the received customer data can be replaced by the token to form modified customer data. The modified customer data can be provided to a customer service representative. The token within the modified customer data can later be detected and associated with the personal data without revealing the personal data to the customer service representative.
    Type: Grant
    Filed: October 8, 2018
    Date of Patent: November 19, 2019
    Assignee: Capital One Services, LLC
    Inventors: Fardin Abdi Taghi Abad, Austin Grant Walters, Jeremy Edward Goodsitt, Reza Farivar, Vincent Pham, Mark Louis Watson, Kenneth Taylor, Anh Truong
  • Patent number: 10445493
    Abstract: An information processing system made up of a plurality of controllers in a vehicle has a tamperproof configuration by including, in a specific controller among the plurality of controllers: a starter putting the specific controller among the plurality of controllers in a executable state which enables the specific controller among the plurality of controllers to execute a preset program; a determiner determining, before the specific controller among the plurality of controllers is put in the executable state, whether software that is memorized in a preset memory area and at least includes the preset program is tampered; and an outputter outputting, to one of processing devices outside the vehicle. In such manner, the tampering of the software is quickly detectable while preventing an increase of communication load of a communication network and/or the information processing system.
    Type: Grant
    Filed: March 15, 2017
    Date of Patent: October 15, 2019
    Assignee: DENSO CORPORATION
    Inventors: Hiroki Suzuki, Tomohisa Kishigami
  • Patent number: 10437503
    Abstract: A data alignment (DA) computing device is communicatively coupled to a first and a second data storage device. The first data storage device stores an array of partitions including a first subset and a second subset of partitions, and metadata associated with the array that includes a reference pointer for each partition. The DA computing device updates the metadata to remove the reference pointers for the second subset of partitions and thereby remove the second subset from the array, stores a partition table defining the first subset within the first data storage device and the second subset within the second data storage device, stores the metadata associated with the array within the second data storage device, updates the second data storage device to include the second subset of partitions, and updates the metadata stored by the data storage devices to link the second subset of partitions to the array.
    Type: Grant
    Filed: August 2, 2017
    Date of Patent: October 8, 2019
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Wesley Alan Szwarc, Gerard Tierney
  • Patent number: 10430609
    Abstract: A method and system are provided. The method includes separating initial user-inputted data into terms. The method further includes determining which terms are identity-related terms relating to an identity of a user, and which terms are clarity-related terms relating to subject-matter clarity. The method also includes calculating a population. The population is a number of individuals satisfying the identity-related terms. The method additionally includes assigning, for each clarity-related term, a clarity level, representing a respective amount of clarity for a respective one of the clarity-related terms. The method further includes creating amended user-inputted data by amending the initial user-inputted data such that the population is greater than or equal to a first threshold, and such that the clarity level, assigned for each clarity-related term, is greater than or equal to a second threshold.
    Type: Grant
    Filed: September 23, 2016
    Date of Patent: October 1, 2019
    Assignee: International Business Machines Corporation
    Inventors: Kohichi Kamijoh, Masaki Ono
  • Patent number: 10404460
    Abstract: The present invention provides a data management method, a computer program for the same, a recording medium thereof, a user client for executing the method, and a security policy server. The method is executed by a user client that is network-linked to a DB server and a security policy server, the method including: 1) recognizing a user ID through a user authentication; 2) detecting whether a DB control application is executed; 3) determining whether the application is allowed to be used for the user ID; 4) determining whether the DB server is allowed to be accessed by the user ID when determining that the application is allowed to be used; 5) allowing access to the DB server when determining that the DB server is allowed to be accessed; and 6) when data is transmitted from the DB server, encrypting and managing the data according to a preset user right policy.
    Type: Grant
    Filed: August 26, 2015
    Date of Patent: September 3, 2019
    Assignee: FASOO. COM CO., LTD
    Inventors: Kyugon Cho, Ohseung Kwon, Junghyun Cho
  • Patent number: 10394482
    Abstract: Systems and methods for replicating a snapshot of a volume are described. In one embodiment, a storage controller of a storage system may be operable to initialize a first replication process between a first storage volume of the first storage system and a second storage volume of a second storage system, copy content from a first system snapshot of the first storage volume to a second system snapshot of the first storage volume, and copy content from a first user snapshot of the first storage volume to the first system snapshot of the first storage volume. In some cases, a system snapshot is not accessible to a user and a user snapshot is accessible to the user. In some cases, at least one of the system snapshot and the user snapshot include a point in time capture of data on the first storage volume.
    Type: Grant
    Filed: April 14, 2016
    Date of Patent: August 27, 2019
    Assignee: SEAGATE TECHNOLOGY LLC
    Inventors: Douglas W. Dewey, Kenneth F. Day, Ian R. Davies
  • Patent number: 10394797
    Abstract: An exemplary embodiment of the present disclosure discloses a management method of a main memory database which is performed in a computing apparatus including one or more processors and a main memory which stores commands executable in the processors. The management method of the main memory database includes: generating a first log including information of change, which includes at least one of a data insert, an update, and a deletion of data recorded in the main memory, in the main memory; recording the first log in a permanent storing device to generate a first log file; and performing log compaction on the first log to generate a second log including only effective change information among change information on data in order to reduce a size of the log.
    Type: Grant
    Filed: March 30, 2016
    Date of Patent: August 27, 2019
    Assignee: TmaxData Co., Ltd.
    Inventor: Se Hoon Seo
  • Patent number: 10397307
    Abstract: A request for content is received at a content server via a first network connection from a client device. The content includes a set of individual portions represented within a root document that are each configurable within the root document with syntactically assigned download constraints that specify network characteristics under which the portions of the content are downloadable. A determination to defer at least one portion of the content for download is made based upon a network characteristic of the first network connection not satisfying a configured download constraint syntactically assigned within the root document to the at least one portion of the content. The root document is sent with each deferred portion replaced with a content stub that each syntactically identifies the respective deferred portion of the content as a deferred content portion and includes a deferred content portion identifier of the respective deferred portion of the content.
    Type: Grant
    Filed: May 16, 2016
    Date of Patent: August 27, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Ronald P. Doyle, David L. Kaminsky
  • Patent number: 10380550
    Abstract: A method, system and computer program product for allowing a user to easily collaborate with users from different organizations. In response to authenticating the user to access the environment of the user's home organization, a list of outside organizations where the user has visitor status is obtained. Outside organization(s) in the list of outside organizations that have content to be viewed by the user are identified. An object associated with the user's home organization, objects associated with the outside organizations where the user has visitor status as well as indications (e.g., star) associated with those outside organizations that have content to be shared with the user are displayed on the user interface of the user's computing device. In this manner, the user will be able to collaborate with an outside organization that has content to be shared in response to selecting the object associated with the outside organization.
    Type: Grant
    Filed: July 12, 2018
    Date of Patent: August 13, 2019
    Assignee: International Business Machines Corporation
    Inventors: Mustansir Banatwala, David A. Brooks, David L. Durazzano, Amy D. Travis
  • Patent number: 10380334
    Abstract: The user of an application may query a data storage system with a request to access a dataset from a database of the system. The system identifies at least one data access rule that is applicable to the dataset, with the at least one data access rule specifying at least one user group authorized to access a restricted portion of the dataset. The system identifies an authorized access group associated with the application user and compares it to the at least one user group authorized to access the restricted portion of the dataset. If the authorized access group associated with the user does not match one of the at least one user group authorized to access the restricted portion of the dataset, the system assembles a modified dataset based on the dataset and the at least one data access rule and transmits the modified dataset to the application.
    Type: Grant
    Filed: November 6, 2015
    Date of Patent: August 13, 2019
    Assignee: SAP SE
    Inventors: Ajalesh P. Gopi, Tenzin Choegyen, Santosh V, Sharath Jois, Axel Herbst
  • Patent number: 10360296
    Abstract: Systems and methods of improving the operation of a transaction network and transaction network devices are disclosed. An online purchase autofill plugin includes various modules and engines. The fields of online forms may be identified and the fields of online forms may be automatically filled. The user experience may be improved, and data security enhanced so that the transaction network more properly functions according to approved parameters, such as protecting the integrity of sensitive data.
    Type: Grant
    Filed: January 7, 2016
    Date of Patent: July 23, 2019
    Assignee: AMERICAN EXPRESS TRAVEL RELATED SERVICES COMPANY, INC.
    Inventor: Hans-Jurgen Greiner
  • Patent number: 10356110
    Abstract: Systems and methods are disclosed for identifying resources responsible for events. In one embodiment, a method may include determining a number of unique actors in a plurality of actors that have accessed the resource. The method may further include identifying from the plurality of actors a set of affected actors that has been affected by an event and identifying from the set of affected actors a subset of resource-affected actors that accessed the resource prior to being affected by the event. The method may further include determining a number of resource-affected actors in the subset of resource-affected actors and, based on the number of unique actors and the number of resource-affected actors, determining an event score for the resource. The event score may be a lower bound of a confidence interval of a binomial proportion of the number of resource-affected actors to the number of unique actors.
    Type: Grant
    Filed: December 26, 2017
    Date of Patent: July 16, 2019
    Assignee: Capital One Services, LLC
    Inventors: Chris Moradi, Jacob Sisk, Evan Bloom, Craig Gimby, Xin Sun
  • Patent number: 10354048
    Abstract: A control device including a simulation unit to simulate behaviors of a virtual mechanical system, and a drive control unit to control driving of servomotors based on the simulation results, is provided. The virtual mechanical system includes a first drive module, a first main shaft module connected to the first drive module, and a plurality of power transmission subsystems, each of which is connected to the first main shaft module and is associated with one of the servomotors respectively. Each of the power transmission subsystems includes an output module. The servomotor associated with the power transmission subsystem is driven according to a simulated result of input into the output module.
    Type: Grant
    Filed: June 2, 2014
    Date of Patent: July 16, 2019
    Assignee: KOKUSAI KEISOKUKI KABUSHIKI KAISHA
    Inventors: Sigeru Matsumoto, Hiroshi Miyashita, Kazuyoshi Tashiro, Kazuhiro Murauchi
  • Patent number: 10346609
    Abstract: A method to establish virtual security perimeters for classified electronic documents on a computer system. The security perimeters are based upon a full classification determination of all informational content of an electronic document file. The full classification determination is uniquely coded to identify a classification value, the classification regime used to classify the information as well as ownership of the electronic information of the electronic document, and is embedded in the electronic document. The classification determination code is matrixed with identification codes for elements of a file management system and used to control computer events initiated on a computer involving the electronic document. Computer events on computers are monitored for the coded full classification determination. The code scheme is also used to identify a breach of a security perimeter on a computer of an unauthorized classified electronic document and warning of the breach.
    Type: Grant
    Filed: June 17, 2013
    Date of Patent: July 9, 2019
    Inventors: James Luke Turner, Robert Edward Turner
  • Patent number: 10341324
    Abstract: A new management node associated with a new rack sends at least a public key of the new management node to a first management node associated with a first rack and a plurality of autonomous management nodes. The first management node sends the new management node an access token trusted by at least a portion of the plurality of autonomous management nodes and a set of public keys corresponding to at least a portion of the plurality of autonomous management nodes. The new management node can send its public key and the access token to at least a portion of the plurality of autonomous management nodes. In response, the new management node can establish a mutual trust relationship with at least a portion of the plurality of autonomous management nodes.
    Type: Grant
    Filed: April 23, 2018
    Date of Patent: July 2, 2019
    Assignee: International Business Machines Corporation
    Inventors: John Yow-Chun Chang, Ching-Yun Chao, Patrick L. Davis, Rohan Gandhi, Yuhsuke Kaneyasu, Lewis Lo, Ki H. Park, Ankit Patel, Kin Ueng, Iqbal M. Umair, Leonardo A. Uzcategui, Barbara J. Vander Weele
  • Patent number: 10318759
    Abstract: An approach for maintaining user privacy information is described. A privacy management platform determines a request, from one or more applications, for access to local data associated with a device. The platform then determines and processes one or more privacy profile objects associated with the local data to determine one or more privacy policies associated with the local data, the device, or a combination thereof. Enforcement of the one or more privacy policies is then caused for granting access to the local data.
    Type: Grant
    Filed: March 6, 2017
    Date of Patent: June 11, 2019
    Assignee: Nokia Technologies Oy
    Inventors: Antti Oskari Vähä-Sipilä, Henri Tapani Kujala, Mikko Antero Niva, Ian Justin Oliver
  • Patent number: 10313299
    Abstract: The present invention relates to a domain name system (DNS) and domain name service method based on user information. The DNS includes a client which outputs a domain name query including user information and service domain name information, a DNS which receives the domain name query from the client, and a database which receives the domain name query from the DNS, extracts the user information included in the domain name query, and differently provides destination path information for each set of user information, wherein the client receives destination path information for each set of user information from the database through the DNS.
    Type: Grant
    Filed: August 26, 2013
    Date of Patent: June 4, 2019
    Inventors: Jeong Hoan Seo, Young Suk Lim
  • Patent number: 10289854
    Abstract: An apparatus, computer program, and method are provided for generating an intermediate entitlement specification that specifies one or more access rights in connection with a service or content. A plurality of entitlement policies is stored that are configured for being used to determine one or more entitlements to be sent to a device. In operation, an offer specification is received, and at least one of the plurality of entitlement policies is identified based on the offer specification. An intermediate entitlement specification is generated that specifies one or more access rights in connection with a service or content, based on at least one entitlement policy. In use, a run-time entitlement specification may be generated, in response to a request for the service or content during a run-time. Further, in one embodiment, the run-time entitlement specification may be generated utilizing at least one intermediate entitlement specification.
    Type: Grant
    Filed: September 23, 2016
    Date of Patent: May 14, 2019
    Assignee: AMDOCS DEVELOPMENT LIMITED
    Inventors: David Franklyn Jacobs, Sarit Shani Natanson
  • Patent number: 10284573
    Abstract: One or more embodiments of techniques or systems for session management, security scoring, and friction management are provided herein. Sessions may be monitored for commonalties or other attributes or aspects and closed, terminated, or a freeze placed on additional sessions from being initiated. A security score may be provided which is indicative of how secure a user is with respect to one or more ways the user interacts with a resource. One or more suggested actions or score improvement strategies may be suggested to facilitate improvement of a security score for a user. Friction management may be provided by having one or more additional layers of security applied to an account of a user or an entity based on suspicious behavior or other factors.
    Type: Grant
    Filed: April 23, 2015
    Date of Patent: May 7, 2019
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Traci H. Nguyen, Michael Chang, Nairobi N. Kim, Ian Jensen, Samuel Martin, Cheung Li
  • Patent number: 10270795
    Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for identifying network security risks. One of the methods includes receiving organizational hierarchy data and receiving access privilege data for a network, generating an adjacency matrix that represents connections between individuals within the organizational hierarchy and various groups, and that represents connections between the individuals and various access privileges, selecting an analytic technique for analyzing the adjacency matrix, determining, for each individual, an individual score that represents a security risk associated with the individual's network account, and in response to determining that the individual score meets a threshold, applying security controls.
    Type: Grant
    Filed: April 12, 2018
    Date of Patent: April 23, 2019
    Assignee: Accenture Global Solutions Limited
    Inventors: Louis William DiValentin, Matthew Carver
  • Patent number: 10270863
    Abstract: One or more IoT devices are coupled to a gateway server. The gateway server preferably includes enhanced administrative features for restricting access to IoT devices, and for monitoring IoT device communications. In embodiments of the invention, communications between the gateway server and IoT devices are secured, in part, via IP address restriction, the use of transitory identifiers, and/or encryption.
    Type: Grant
    Filed: December 4, 2018
    Date of Patent: April 23, 2019
    Inventor: Paul Stuart Swengler
  • Patent number: 10261694
    Abstract: Embodiments of the present invention provide a data storage method and system. The data storage method is applied to a data storage system, the data storage system includes a packet processing device, a processor, an off-chip memory, and a first counter corresponding to the off-chip memory, the off-chip memory is configured to store a count value of the first counter corresponding to the off-chip memory, and the packet processing device is configured to receive and process a service packet, count the service packet by using the first counter, and maintain an original address at which the count value of the first counter is stored in the off-chip memory. The method includes: scrambling, by the processor, the original address to obtain a scrambled address; and storing, by the processor, the count value of the first counter in a storage space corresponding to the scrambled address in the off-chip memory.
    Type: Grant
    Filed: December 28, 2016
    Date of Patent: April 16, 2019
    Assignee: Huawei Technologies Co., Ltd.
    Inventor: Xianfu Zhang
  • Patent number: 10248796
    Abstract: Methods, systems, and computer-readable storage media for enforcing dynamic access control constraints of a plurality of access control policies, and actions include receiving a set of ordered policies, determining a set of active policies including one or more policies in the set of ordered policies, determining an access control decision based on at least a first policy in the set of active policies, the access control decision being based on determining whether one of a permit decision and a deny decision is inherited from a second policy in the set of ordered policies, and transmitting the access control decision for enforcement of the access control policy.
    Type: Grant
    Filed: July 8, 2014
    Date of Patent: April 2, 2019
    Assignee: SAP SE
    Inventors: Achim D. Brucker, Helmut Petritsch
  • Patent number: 10235406
    Abstract: Systems, methods, and software for management of partitioned data storage spaces is provided herein. An exemplary method includes storing sets of structured data records among partitioned data storage spaces, with data fields of the structured data records correlated among the sets by relational associations. The method includes receiving a change action related to a selected structured data record, and responsive to the change action, scheduling execution of the change action in a reminder index. The method includes executing the change action according to at least scheduling indicated by the reminder index.
    Type: Grant
    Filed: June 14, 2016
    Date of Patent: March 19, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Tittu Jose, Arshish Kapadia, Tarkan Sevilmis, Peter Adam Outcalt, Michael T. McLean
  • Patent number: 10235252
    Abstract: A history of requests issued to an application executing in a production environment is stored. The application includes an event logging option set to record a first level of detail in a first log file. While the application is executing in the production environment, a determination is made that the application may have a bug. A backup of the application is restored to a test environment. The event logging option in the restored application is changed to record a second level of detail, greater than the first level of detail, in a second log file. The history of requests is replayed against the restored application having the changed event logging option to generate the second log file.
    Type: Grant
    Filed: June 28, 2016
    Date of Patent: March 19, 2019
    Assignee: EMC IP Holding Company LLC
    Inventors: Amit Lieberman, Leehod Baruch, Assaf Natanzon, Jehuda Shemer, Ron Bigman
  • Patent number: 10209976
    Abstract: An example computer implemented method to automatically download and install a second application can include a first application detecting that a condition has occurred. This first application can be preinstalled by the original equipment manufacturer. The first application can then present an interface for signing in to or signing up for a service. The first application can then download and install the second application. This downloading and installation can occur in the background without requiring user interaction. The second application can be a client application for the service and the first application can pass a token with login credentials to the second application. This can allow the second application to be authenticated with the service without requiring a user to reenter the user's credentials.
    Type: Grant
    Filed: December 30, 2015
    Date of Patent: February 19, 2019
    Assignee: Dropbox, Inc.
    Inventors: Stefano Cayre, Jacob Hurwitz, Darius Contractor, Yuran Lu, James Harvey, Aadil Sarfani, Huy Nguyen, Alexander Embiricos, Genevieve Sheehan
  • Patent number: 10193674
    Abstract: Disclosed are methods, systems and devices for addressing a jammer signal transmitted by a device that effects a signal received at a receiver. In a particular embodiment, an application content signal is encoded for transmission in a wireless transmission medium to provide symbol content where the symbol content comprises at least some symbols representing the application content signal. A receiver may be selectively blanked synchronized with at least a portion of the symbol content.
    Type: Grant
    Filed: December 7, 2016
    Date of Patent: January 29, 2019
    Assignee: QUALCOMM Incorporated
    Inventors: Jie Wu, Duong Hoang, Mariam Motamed
  • Patent number: 10192400
    Abstract: A gaming system compatible with patron-controlled portable electronic devices, such as smart phones or tablet computers, is described. The gaming system is configured to establish a secure communication session between an electronic gaming machine and a portable electronic device. The system can confirm that a communication session is secure by displaying pre-selected content unique to the portable electronic device. The content can be continuously displayed on the EGM during the active communication session to indicate that the session is secure.
    Type: Grant
    Filed: October 17, 2017
    Date of Patent: January 29, 2019
    Assignee: IGT
    Inventors: Derrick Price, Dwayne R. Nelson, Dennis Thomas Kleppen