Privileged Access (707/9) Patents (Class 707/999.009)
  • Patent number: 11416220
    Abstract: A mechanism for provisioning a composite web application using secure parameter transfer is disclosed. The composite web application includes a component that resides on a virtual machine (VM). A request is received from the component for a configuration parameter that is to enable periodic reconfiguration of the VM. An access condition is identified for accessing the configuration parameter and responsive to determining the access condition is satisfied, the requested configuration parameter is provided to the component. The VM is reconfigured using the requested configuration parameter.
    Type: Grant
    Filed: December 31, 2018
    Date of Patent: August 16, 2022
    Assignee: Red Hat Israel, Ltd.
    Inventors: Ohad Shaul Anaf Levy, Amos Benari
  • Patent number: 11411730
    Abstract: Methods, and systems for secure storage and retrieval of information, such as private keys, useable to control access to a blockchain, include: receiving a request to take an action with respect to a vault of multiple different vaults in a cryptoasset custodial system, and each of the multiple different vaults has an associated policy map that defines vault control rules; authenticating, by a hardware security module, a policy map for the vault on which the action is requested based on a cryptographic key controlled by the hardware security module; checking the action against the policy map for the vault when the policy map for the vault is authenticated based on the cryptographic key controlled by the hardware security module; and effecting the action when the action is confirmed to be in accordance with the policy map for the vault.
    Type: Grant
    Filed: July 2, 2021
    Date of Patent: August 9, 2022
    Assignee: Anchor Labs, Inc.
    Inventors: Diogo Monica, Nathan P. McCauley, Boaz Avital, Riyaz D. Faizullabhoy
  • Patent number: 11411992
    Abstract: There is disclosed in one example a computing apparatus, including: a processor and a memory; a network interface; and instructions encoded within the memory to instruct the processor to: receive a uniform resource locator (URL) for analysis, the URL to access a web page via a remote server; via the network interface, retrieve from the remote server a copy of the web page; render the web page in a headless browser to provide a computer-accessible visual output; perform visual analysis of the visual output via a digital eye; compare the visual analysis to a plurality of known phishing target websites; and if the comparison identifies the web page as visually similar to a known phishing target website, detect the web page as a phishing web page.
    Type: Grant
    Filed: November 7, 2019
    Date of Patent: August 9, 2022
    Assignee: McAfee, LLC
    Inventor: Shashi Klran N
  • Patent number: 11411933
    Abstract: A brownfield security gateway is configured to support a trusted execution environment (TEE) that employs cryptographic and physical security—which forms a trusted cyber physical system—to protect sensitive transmissions on route to a controllable device. The gateway may be implemented with a System on Chip (SoC) that utilizes an application layer gateway to filter content within a transmission. When the application layer gateway authorizes the transmission, the transmission is forwarded to a trusted peripheral device that is configured with communication transport protocols, and the trusted peripheral device transfers the transmission to the controllable device. The trusted peripheral device and the controllable device are physically protected by, for example, protected distribution systems. Accordingly, the trusted peripheral device functions as a gateway between the SoC and the controllable device.
    Type: Grant
    Filed: March 23, 2018
    Date of Patent: August 9, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Daniel Stelian Mihai, Brian Clifford Telfer, David Garfield Thaler, III, Stefan Thom, Torsten Stein
  • Patent number: 11405683
    Abstract: [Object] The present technology relates to a reception apparatus, a reception method, a transmission apparatus, and a transmission method capable of limiting use of broadcast resources by a predetermined application. [Solving Means] There is provided a reception apparatus including: a control information obtaining unit that obtains first control information for controlling an operation of a first application, the first application being capable of requesting use of a broadcast resource transmitted via a digital broadcasting signal; and an application controller that controls, when the first application requests use of the broadcast resource, the use of the broadcast resource by the first application on the basis of the first control information.
    Type: Grant
    Filed: January 27, 2021
    Date of Patent: August 2, 2022
    Assignee: SONY CORPORATION
    Inventors: Naohisa Kitazato, Yoshiharu Dewa
  • Patent number: 11397574
    Abstract: Embodiments for describing an impact of a change in source code on a trace are presented. One embodiment comprises determining whether or not a change in source code between a first version and a second version of the source code affects a trace output of the source code. Responsive to determining that the change in the source code affects the trace output, metadata descriptive of the change in the source code is generated.
    Type: Grant
    Filed: July 23, 2020
    Date of Patent: July 26, 2022
    Assignee: International Business Machines Corporation
    Inventors: Mark Andrew Woolley, Mark John Pocock, Andrew Wright
  • Patent number: 11397980
    Abstract: A method, computer program product, and system are disclosed. The method includes receiving a first communication at a computer system, performing a search operation, sending a second communication, receiving a third communication, and storing the at least the portion of item information in a transaction storage construct. The computer system can cause presentation of a search field in a user interface displayed by a remote computer system. The first communication is received as a result of an event in the search field. Further, a search result (a result of the performing the search operation) is communicated to the remote computer system and comprises item information corresponding to an item. The second communication can cause presentation of the search results in the user interface. The third communication represents a selection of the item in the user interface, and comprises at least a portion of the item information.
    Type: Grant
    Filed: December 21, 2018
    Date of Patent: July 26, 2022
    Assignee: CITY ELECTRIC SUPPLY COMPANY
    Inventors: Jonathan Luke, Russell Mendola, Michael Flanagan, Matthew Chappel, James Barry, Walter Sturghill
  • Patent number: 11385924
    Abstract: Collecting user information according to providing a virtual desktop infrastructure (VDI) service is disclosed. A user information collection system includes a service provisioning manager configured to manage provisioning of a VDI service provided from a VDI service provider, a charging manager configured to manage charging information according to a use of the VDI service, a policy manager configured to manage a policy for the VDI service, a user manager configured to manage information of the user, a VDI service lifecycle manager configured to manage a lifecycle of the VDI service, and a multi-tenant connection manager configured to manage connection infrastructure information between the VDI service provider and a cloud environment (or external software).
    Type: Grant
    Filed: April 13, 2021
    Date of Patent: July 12, 2022
    Assignee: PIAMOND CORP.
    Inventor: Doo Geon Hwang
  • Patent number: 11379482
    Abstract: One method includes receiving aggregated free-form query information comprising a first section and a second section for requesting data pertaining to a computing system and converting the first section and the second section of the aggregated free-form query information into an original query portion and a contingency query portion for accessing at least one data set. The method further includes accessing, using the original query portion, the at least one data set to obtain result information pertaining to an initial element included in the computing system. The method also includes accessing, using the contingency query portion and the result information returned in response to the original query portion, the at least one data set to obtain information for at least one descendant element or ancestor element related to the initial element included in the result information.
    Type: Grant
    Filed: June 2, 2020
    Date of Patent: July 5, 2022
    Assignee: EMC IP HOLDING COMPANY LLC
    Inventors: Geoffrey David Bourne, James K. Boettcher
  • Patent number: 11379414
    Abstract: Disclosed herein provides enhancements for operating a data access system for large data processing environments. In one implementation, a method provides for receiving a data query from at least one of the multiple application services and identifying metadata that defines policies for deploying the queried data. The method further provides retrieving the queried data from at least one of the multiple storage services, generating a data configuration containing the retrieved data based on standardized parameters and the policies defined by the metadata, and deploying the data configuration to the at least one of the multiple application services.
    Type: Grant
    Filed: August 31, 2017
    Date of Patent: July 5, 2022
    Assignee: Okera, Inc.
    Inventors: Amandeep Khurana, Nong Li
  • Patent number: 11379560
    Abstract: In accordance with the present approach, a license analysis system may receive user activity data for a software program from an enterprise or client, including a client-specific association between license types and user assignments. The user assignments may include roles, profiles, and/or authorization objects assigned to each user within the software program. The license analysis system may analyze the user activity data to generate one or more 1:m relationships of each license type to a number of user assignments within the enterprise. The license analysis system may then compare the 1:m relationships to the user activity data to identify an acceptable license type assignment for each user that provides appropriate software authorizations according to their historic software usage.
    Type: Grant
    Filed: March 18, 2019
    Date of Patent: July 5, 2022
    Assignee: ServiceNow Inc.
    Inventor: Samyuktha Reddy Gopireddy
  • Patent number: 11381598
    Abstract: A method for phishing detection using certificates associated with uniform resource locators (URLs) is discussed. The method includes accessing certificate portions of a certificate associated with a suspect URL, the certificate accessed at a database that includes certificates obtained by monitoring certificate logs. The method includes accessing a URL score for the suspect URL. The method includes assigning a certificate rule score based on partial certificate scores of certificate portions, the certificate rule score indicating a phishing potential for the certificate, each of the partial certificate scores indicating a likelihood of phishing of each portion based on certificate rules. The method includes using a machine learning model based on the URL score and the certificate to determine a uniqueness certificate score. The method also includes determining a phishing certificate score based on the certificate rule score and the uniqueness certificate score for the certificate.
    Type: Grant
    Filed: December 27, 2019
    Date of Patent: July 5, 2022
    Assignee: PAYPAL, INC.
    Inventors: Eric Nunes, Kevin Tyers, Meethil Vijay Yadav, Nicholas Bailey, Todd Clausen, Nathan Pratt, Bradley Wardman
  • Patent number: 11366926
    Abstract: Systems, methods, and devices for implementing secure views for zero-copy data sharing in a multi-tenant database system are disclosed. A method includes receiving, by a cross-account, a grant to access a share object comprising a secure view and usage functionality associated with a secure user-defined function (UDF) to underlying data. The method includes accessing, by the cross-account, the share object using the grant. The method includes sending a request to a share component to cause the share component to implement the secure view and the usage functionality associated with the secure UDF. The method includes sending a query to the share component to cause the share component to implement the secure UDF.
    Type: Grant
    Filed: December 22, 2021
    Date of Patent: June 21, 2022
    Assignee: Snowflake Inc.
    Inventors: Allison Waingold Lee, Peter Povinec, Martin Hentschel, Robert Muglia
  • Patent number: 11366906
    Abstract: A method, apparatus, system, and computer program product for domain-authenticated control of platform resources. Resources under the control of the platform are managed in accordance with access control rules that are centrally managed by a directory service. Security policies are uniformly applied by requiring authorization of the user's access to platform resources including hard drives, flash memory, sensors, network controllers and power state controllers.
    Type: Grant
    Filed: October 28, 2019
    Date of Patent: June 21, 2022
    Assignee: INTEL CORPORATION
    Inventors: Ned M. Smith, Steven L. Grobman, Craig T. Owen
  • Patent number: 11363062
    Abstract: A system and method to filter potentially unwanted traffic from trackers, third-party cookies, malicious websites or other sources and present the aggregated results of said filtering to the VPN user. One of the embodiments enables a VPN user to opt-in or opt-out from the filtering activities while being able to access the aggregated information about filtering. In another embodiment, the user can choose to customize the filtering parameters to add or remove specific targets from the filtering policies.
    Type: Grant
    Filed: March 31, 2021
    Date of Patent: June 14, 2022
    Assignee: Peakstar Technologies Inc.
    Inventor: Kazimieras Celiesius
  • Patent number: 11354316
    Abstract: Disclosed herein are systems and methods for selective scanning of external partitions. In an embodiment, a database platform receives a query directed at least in part to an external table stored on an external data storage platform. The external table is partitioned into partitions corresponding to storage locations in the external data storage platform. The database platform prunes, using external-table metadata that is stored by the database platform and that maps the partitions of the external table to the storage locations in the external data storage platform, those partitions that do not potentially contain data that satisfies the query. The database platform identifies data that satisfies the query by scanning any one or more of the partitions of the external table that were not pruned, and responds to the query at least in part with the identified data that satisfies the query.
    Type: Grant
    Filed: December 23, 2021
    Date of Patent: June 7, 2022
    Assignee: Snowflake Inc.
    Inventors: Subramanian Muralidhar, Benoit Dageville, Thierry Cruanes, Nileema Shingte, Saurin Shah, Torsten Grabs, Istvan Cseri
  • Patent number: 11348192
    Abstract: Systems and methods are disclosed for managing personalized dining checks created by individualized ordering enabled by associating mobile devices of patrons and waiters with table indicia.
    Type: Grant
    Filed: January 28, 2020
    Date of Patent: May 31, 2022
    Assignee: Worldpay, LLC
    Inventors: Coy Christensen, Scot Bryant, Michael De La Fuente
  • Patent number: 11343251
    Abstract: Systems and methods include a computer-implemented method for using variant profiles, including the following. A composite profile for a user is generated by a variant profile system. The composite profile defines resource authorizations for the user. At least one sub-profile is generated for the user. Each sub-profile includes at least one role-based authorization for a user role, and each role-based authorization is extended to users having a composite profile that includes the sub-profile. A set of variant fields for each sub-profile is received from an administrator. The set of variant fields identifies user-specific fields to which the user has access under the user role. The at least one sub-profile is linked to the composite profile of the user. A user buffer defining authorizations for the user is updated using the composite profile of the user, causing the authorizations to become active.
    Type: Grant
    Filed: May 30, 2019
    Date of Patent: May 24, 2022
    Assignee: Saudi Arabian Oil Company
    Inventor: Abdulrahman Asiri
  • Patent number: 11341531
    Abstract: A computer-implemented system and method for contextual advertising and merchandizing based on user configurable preferences is disclosed. The system in an example embodiment includes an advertising (ad) preferences service to obtain user preference information related to advertising, enable user configuration of the user preference information related to advertising, and modify the presentation of advertising to the user based upon the user configured preference information.
    Type: Grant
    Filed: August 23, 2013
    Date of Patent: May 24, 2022
    Assignee: eBay Inc.
    Inventors: Scott Robert Shipman, Aaron K. Forth
  • Patent number: 11334653
    Abstract: Some embodiments include a method of providing security and privacy for a message sender. The method can include a messaging application determining that a messaging interface of the computing device is active and is revealing or about to reveal the electronic message. The messaging application can identify a recipient account of a messaging server system that is associated with the electronic message according to the electronic message or the messaging server system. The messaging application can then monitor a data feed from a sensor of the computing device to detect a biometric pattern that matches against a biometric profile model associated with the recipient account utilizing a biometric recognition process. In response to determining that the detected biometric pattern does not match the biometric profile model associated with the recipient account, the messaging application can activate a privacy shield to prevent content of the electronic message from being revealed.
    Type: Grant
    Filed: March 16, 2020
    Date of Patent: May 17, 2022
    Assignee: FACETOFACE BIOMETRICS, INC.
    Inventors: Eric Leuthardt, Scott Stern
  • Patent number: 11323327
    Abstract: This disclosure describes techniques for monitoring, scheduling, and performance management for computing environments, such as virtualization infrastructures deployed within data centers. In one example, a method includes obtaining, by a policy controller, a first profile for an element of a virtualization infrastructure, the first profile comprising a first ruleset having one or more alarms; obtaining, by the policy controller, a second profile for a group of one or more elements including the element, the second profile comprising a second ruleset having one or more alarms; modifying, by the policy controller based at least on the element being a member of the group, the first profile to generate a modified first profile comprising the first ruleset and the second ruleset; and outputting, by the policy controller to a computing device, the modified first profile.
    Type: Grant
    Filed: April 5, 2018
    Date of Patent: May 3, 2022
    Assignee: Juniper Networks, Inc.
    Inventors: Harshit Naresh Chitalia, Moitrayee Gupta, Parantap Roy, Travis Gregory Newhouse, Sumeet Singh, Tarun Banka
  • Patent number: 11321479
    Abstract: Enforcement of policies for tabular data access as a collection of columns over a plurality of different information assets is provided. In an enforcement knowledge graph, information asset-assigned terms are found that correspond to information assets in a virtual information asset that references a set of tabular data. Transitive closures of the information asset-assigned terms are found in a business glossary to form a table of business glossary terms. Term intersection is determined between a hash table of any column-assigned terms and the table of business glossary terms. The information assets are assigned to the virtual information asset when the term intersection is not empty. A set of policy rules associated with the set of tabular data and a context of a user making a data access request to the set of tabular data is applied to the virtual information asset to determine an access enforcement decision.
    Type: Grant
    Filed: December 6, 2019
    Date of Patent: May 3, 2022
    Assignee: International Business Machines Corporation
    Inventors: Roger C. Raphael, Ety Khaitzin, Scott Schumacher, Arjun Natarajan
  • Patent number: 11316857
    Abstract: Disclosed embodiments include techniques for automatically provisioning dynamic privileged access resources. Aspects may involve receiving a notification that an identity is seeking to participate in a privileged session with an access-restricted network resource, and automatically provisioning, in response to the notification, a privileged access resource for use by the identity in participating in the privileged session with the access-restricted network resource. Further, aspects may include determining that the privileged session with the access-restricted network resource has ended, and automatically deprovisioning, based on the determination, the privileged access resource.
    Type: Grant
    Filed: July 11, 2018
    Date of Patent: April 26, 2022
    Assignee: Cyber Ark Software Ltd.
    Inventor: Asaf Hecht
  • Patent number: 11316866
    Abstract: Systems and methods for managing membership in a private data exchange are provided herein. In one embodiment, the method includes generating, by a first member of a data exchange a listing. The listing comprises a reference to shared data within a database controlled by the first member. The method further includes providing a second member of the data exchange with a set of rights with respect to listing. The method further includes limiting, by a processing device, access for the second member to a portion of the shared data that is less than all of the database referenced by the listing based on the set of rights of the second member with respect to the listing.
    Type: Grant
    Filed: October 28, 2021
    Date of Patent: April 26, 2022
    Assignee: Snowflake Inc.
    Inventors: Pui Kei Johnston Chu, Benoit Dageville, Matthew J. Glickman, Christian Kleinerman, Prasanna Krishnan, Justin Langseth
  • Patent number: 11308490
    Abstract: A system, method and computer-readable medium for providing comprehensive security to business systems by distributing the security for accessing the business systems across databases at a plurality of locations. The distributed security simplifies security maintenance and is used to control all aspects of a business. The generation of bills, pings converter boxes, schedules pay per view, etc. are handled by the distributed security.
    Type: Grant
    Filed: July 28, 2010
    Date of Patent: April 19, 2022
    Assignee: Cox Communications, Inc.
    Inventors: Brenda B. Little, Kirk H. Warren
  • Patent number: 11283851
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for persisting state of a streaming application are disclosed. In one aspect, a method includes the actions of receiving data indicating interaction with third-party content that is displayed with first-party content at a client device. The interaction with the third-party content initiates an application request for a streaming version of an application (“streaming application”). The actions further include generating a representation of the streaming application in response to the interaction with the third-party content at the client device. The actions further include receiving data indicating a user interaction with the representation of the streaming application at the client device. The actions further include generating and storing data indicating a first state of the streaming application at a first time based on the user interaction with the representation of the streaming application.
    Type: Grant
    Filed: June 26, 2020
    Date of Patent: March 22, 2022
    Assignee: Google LLC
    Inventors: Tuna Toksoz, Thomas Graham Price
  • Patent number: 11281803
    Abstract: Various examples are directed to systems and methods for serving content to a user. A content server may receive content from a submitting user. The content server may extract a first name entity from the content. The content server may generate configuration data for the content, where the configuration data comprises an association between the first name entity and at least one requesting user role that is to receive the first name entity in obfuscated form. The content server may receive a request for the content from a first requesting user having a first requesting user role and determine, using the configuration data, that the first requesting user is to receive the first name entity in obfuscated form. The content server may replace an instance of the first name entity at the content with a first obfuscated name entity to generate first obfuscated content and serve the first obfuscated content to the requesting user.
    Type: Grant
    Filed: December 11, 2019
    Date of Patent: March 22, 2022
    Assignee: SAP SE
    Inventors: Wei Chen, Wei Zhao
  • Patent number: 11277456
    Abstract: For delivering an audio-visual content to a client device, an interconnecting device interconnecting a first network to a second network, the client device being connected to the second network, an equipment adapted to provide the audio-visual content being connected to the first network, said equipment performs: receiving, from the client device, a first request for receiving the audio-visual content; transmitting a redirecting message to the client device, said redirecting message redirecting the client device toward an agent implemented in the interconnecting device. Furthermore, said agent performs: receiving, from the client device, a second request for receiving the audio-visual content; acting as a relay between said equipment and the client device.
    Type: Grant
    Filed: August 19, 2013
    Date of Patent: March 15, 2022
    Assignee: BROADPEAK
    Inventors: Rémy Brebion, Dominique Colombel, Jacques Le Mancq
  • Patent number: 11277423
    Abstract: Example techniques detect incidents based on events from or at monitored computing devices. A control unit can detect events of various types within a time interval and aggregate the detected events into an incident. The control unit can detect patterns within the events based at least in part on predetermined criterion. In examples, the control unit can determine pattern scores for the patterns based on the probability of occurrence for the patterns and determine a composite score based on the pattern scores. The control unit can determine that an incident indicating malicious activity has been detected based in part determining that the composite score is above a predetermined threshold score. In some examples, the control unit can classify and rank the incidents. The control unit can determine if an incident indicates malicious activity including malware or targeted attack.
    Type: Grant
    Filed: February 22, 2019
    Date of Patent: March 15, 2022
    Assignee: CrowdStrike, Inc.
    Inventor: Daniel W. Brown
  • Patent number: 11263346
    Abstract: A method for controlling exposure of sensitive data though a logging system is provided. The method comprises: upon receiving a request by the request handler, determining sensitive data as part of the request by applying a rule, converting the data into a transformed format, and registering the data together with a related data field label with a log handler. Then, upon receiving by the log handler a log entry, converting each expression of the log entry into the transformed format, and comparing each transformed expression with each of the sensitive data in the transformed format. Upon determining a match of one of the transformed expressions with one of the sensitive data in the transformed format, the method comprises issuing an alert indicating that the log entry comprises sensitive data.
    Type: Grant
    Filed: July 18, 2019
    Date of Patent: March 1, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Bartlomiej Tomasz Malecki, Maria Hanna Oleszkiewicz, Blazej Rafal Rutkowski, Daniel Jakub Ryszka
  • Patent number: 11259261
    Abstract: A method for allowing a user equipment (UE) and a base station (BS) to transmit and receive uplink (UL) signals in a wireless communication system is disclosed.
    Type: Grant
    Filed: June 25, 2018
    Date of Patent: February 22, 2022
    Assignee: LG Electronics Inc.
    Inventors: Sukhyon Yoon, Hyunsoo Ko, Kijun Kim, Eunsun Kim
  • Patent number: 11222309
    Abstract: In particular embodiments, a data processing data inventory generation system is configured to: (1) generate a data model (e.g., a data inventory) for one or more data assets utilized by a particular organization; (2) generate a respective data inventory for each of the one or more data assets; and (3) map one or more relationships between one or more aspects of the data inventory, the one or more data assets, etc. within the data model. In particular embodiments, a data asset (e.g., data system, software application, etc.) may include, for example, any entity that collects, processes, contains, and/or transfers personal data (e.g., such as a software application, “internet of things” computerized device, database, website, data-center, server, etc.). For example, a first data asset may include any software or device (e.g., server or servers) utilized by a particular entity for such data collection, processing, transfer, storage, etc.
    Type: Grant
    Filed: April 5, 2021
    Date of Patent: January 11, 2022
    Assignee: OneTrust, LLC
    Inventors: Kabir A. Barday, Mihir S. Karanjkar, Steven W. Finch, Ken A. Browne, Nathan W. Heard, Aakash H. Patel, Jason L. Sabourin, Richard L. Daniel, Dylan D. Patton-Kuhl, Jonathan Blake Brannon
  • Patent number: 11184304
    Abstract: One or more computing devices, systems, and/or methods for presenting augmented reality (AR) experiences and/or sharing AR objects are provided. For example, a request to initiate an AR experience may be received from a device associated with an email account. A real time view of a camera of the device may be displayed using an AR interface, where a set of AR objects are overlaid onto the real time view of the camera. An edited set of AR objects may be generated based upon one or more inputs corresponding to one or more edits to the set of AR objects. The edited set of AR objects may be overlaid onto the real time view of the camera. An email comprising the edited set of AR objects may be transmitted to one or more email accounts responsive to receiving a second request to share the edited set of AR objects.
    Type: Grant
    Filed: February 1, 2021
    Date of Patent: November 23, 2021
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Mohit Goenka, Ashish Khushal Dharamshi, Nikita Varma, Gnanavel Shanmugam
  • Patent number: 11168849
    Abstract: A segmentally extendable modular handheld flashlight and a respective kit-of-parts for assembling the same are described, in which at least one battery segment configurable as an electric charger, in a dismantled conformation.
    Type: Grant
    Filed: August 5, 2019
    Date of Patent: November 9, 2021
    Inventor: Daniel Nissan Weizel
  • Patent number: 11159868
    Abstract: An electronic device is provided. The electronic device includes an interface, and a processor configured to receive an input of a user, output an audio signal by using a first external device connected to the electronic device through the interface, in response to the input of the user, obtain an audio signal reflected on a part of the user of the outputted audio signal, by using the first external device, authenticate the user by using the reflected audio signal and execute a specified function in a unlocked state of the electronic device when the user is a user authenticated for the electronic device.
    Type: Grant
    Filed: January 22, 2019
    Date of Patent: October 26, 2021
    Inventor: Young Soo Chun
  • Patent number: 11151285
    Abstract: A method for controlling exposure of sensitive data though a logging system is provided. The method comprises: upon receiving a request by the request handler, determining sensitive data as part of the request by applying a rule, converting the data into a transformed format, and registering the data together with a related data field label with a log handler. Then, upon receiving by the log handler a log entry, converting each expression of the log entry into the transformed format, and comparing each transformed expression with each of the sensitive data in the transformed format. Upon determining a match of one of the transformed expressions with one of the sensitive data in the transformed format, the method comprises issuing an alert indicating that the log entry comprises sensitive data.
    Type: Grant
    Filed: March 6, 2019
    Date of Patent: October 19, 2021
    Assignee: International Business Machines Corporation
    Inventors: Bartlomiej Tomasz Malecki, Maria Hanna Oleszkiewicz, Blazej Rafal Rutkowski, Daniel Jakub Ryszka
  • Patent number: 11153223
    Abstract: Server resources in a data center are disaggregated into shared server resource pools. Servers are constructed dynamically, on-demand and based on workload requirements, by allocating from these resource pools. A disaggregated compute system of this type keeps track of resources that are available in the shared server resource pools, and it manages those resources based on that information. Each server entity built is assigned with a unique server ID, and each resource that comprises a component thereof is tagged with the identifier. As a workload is processed by the server entity, its composition may change, e.g. by allocating more resources to the server entity, or by de-allocating resources from the server entity. Workload requests are associated with the unique server ID for the server entity. When a workload request is received at a resource, it matches its unique server ID to that of the request before servicing the request.
    Type: Grant
    Filed: April 7, 2016
    Date of Patent: October 19, 2021
    Assignee: International Business Machines Corporation
    Inventors: Valentina Salapura, John Alan Bivens, Koushik K. Das, Min Li, Ruchi Mahindru, Harigovind V. Ramasamy, Yaoping Ruan, Eugen Schenfeld
  • Patent number: 11140223
    Abstract: A cloud computing system includes a hub client instance and at least one spoke client instance that is generated based on copying the hub client instance. The hub client instance includes hub objects maintained using hub object tables, and the spoke client instance includes spoke objects that are copied from the hub objects and are maintained using spoke object tables. To synchronize the spoke client instance with the hub client instance, the spoke client instance requests data indicating changes made to the hub object tables. The request may be one-way, such that the spoke client blocks or prevents requests from the hub client instance. In response to receiving the request, the hub client instance sends the data indicating changes made to the hub object tables to the spoke client instance. The spoke client instance updates the spoke object tables based on the data.
    Type: Grant
    Filed: January 14, 2020
    Date of Patent: October 5, 2021
    Assignee: ServiceNow, Inc.
    Inventors: Shibunath Shanker, Shreyans Jain, Alexander North
  • Patent number: 11113276
    Abstract: A query is received from a user. A query event type and a query time range associated with the query are determined. An estimated amount of data to be queried associated with the determined query time range is determined based on at least a historical number of the query event type of the user. An allowable amount of data to be queried supported by a database for a single query is determined. One or more sub-queries for the received query are generated. Each sub-query is associated with a different time period within the determined query time range. A corresponding amount of data to be queried associated with each time period is less than, or equal to, the determined allowable amount of data to be queried. The database is queried with the generated one or more sub-queries.
    Type: Grant
    Filed: January 12, 2018
    Date of Patent: September 7, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventor: Hang Zhao
  • Patent number: 11086987
    Abstract: Example techniques locate or identify malware based on events from or at monitored computing devices. A control unit can detect a sequence of events of various types. The control unit can locate a loop within the sequence of events based at least in part on relative frequencies of the event types. The control unit can determine a distribution of event types of the events within the loop, and determining that software running the sequence is associated with malware based at least in part on the distribution of event types within the loop. In some examples, the control unit can locate a point of commonality among a plurality of stack traces associated with respective events within the loop. The control unit can determine a malware module comprising the point of commonality.
    Type: Grant
    Filed: December 29, 2017
    Date of Patent: August 10, 2021
    Assignee: CrowdStrike, Inc.
    Inventor: Daniel W. Brown
  • Patent number: 11082238
    Abstract: A method for network authentication of wireless devices at a gateway is provided that includes scanning a wireless network by the gateway to discover unjoined wireless devices, joining a discovered wireless device to the gateway using a non-internet protocol implemented by the wireless device, wherein the joining results in an encrypted connection between the gateway and the wireless device, and authenticating the discovered wireless device to the gateway via the encrypted connection, wherein authentication is performed according to an authentication protocol of a network protocol management layer of the gateway.
    Type: Grant
    Filed: December 18, 2019
    Date of Patent: August 3, 2021
    Assignee: Texas Instruments Incorporated
    Inventors: Ramanuja Vedantham, Alejandro Martin Lampropulos, Arvind Kandhalu Raghu
  • Patent number: 11080255
    Abstract: A method is provided for space-efficient bookkeeping using bit-level locking. Each row of a bookkeeping table stores binary data comprising a plurality of bits. Each bit of the plurality of bits corresponds to a particular message and a particular consumer of the message, and indicates whether the particular message has been dequeued by the particular consumer. The bookkeeping table is stored on-disk and data corresponding to the bookkeeping table is stored in volatile memory. When a message is dequeued the in-memory bookkeeping data is updated, and the bookkeeping table is updated based on the in-memory bookkeeping data when the dequeue is committed.
    Type: Grant
    Filed: July 9, 2018
    Date of Patent: August 3, 2021
    Assignee: Oracle International Corporation
    Inventors: James W. Stamos, Mukesh Jaiswal
  • Patent number: 11062388
    Abstract: Systems, methods, and apparatuses for providing a customer a central location to manage permissions provided to third-parties and devices to access and use customer information maintained by a financial institution are described. The central location serves as a central portal where a customer of the financial institution can manage all access to account information and personal information stored at the financial institution. Accordingly, the customer does not need to log into each individual third-party system or customer device to manage previously provided access to the customer information or to provision new access to the customer information.
    Type: Grant
    Filed: July 3, 2018
    Date of Patent: July 13, 2021
    Assignee: Wells Fargo Bank, N.A
    Inventors: Brian M. Pearce, Steven Pulido, Benjamin Soccorsy, Mojdeh Tomsich
  • Patent number: 11032321
    Abstract: Mechanisms for obtaining performance metric information securely are provided. A first application server executing on a computing device comprising a processor establishes that communications with a plurality of remote application servers utilize an encrypted communication protocol. Iteratively, over a period of time, each respective remote application server of the plurality of remote application servers is sent an encrypted message requesting performance metric information of the respective remote application server using the encrypted communication protocol. Over the period of time, encrypted requested performance metric information is received. The requested performance metric information is stored in a storage device.
    Type: Grant
    Filed: July 16, 2018
    Date of Patent: June 8, 2021
    Assignee: Red Hat, Inc.
    Inventor: John J. Mazzitelli
  • Patent number: 11030334
    Abstract: An embodiment of a method for securing stored data includes assigning a first user security label to a first user. The method further includes adding an object compartment created by the first user to the first user security label assigned to the first user. The method further includes assigning the object compartment to an object created by the first user by creating the object compartment in an object security label. The method further includes enabling a second user to access to the object created by the first user by assigning the object compartment assigned to the object to a second user security label of a second user. The method further includes determining, by a processing device, whether to permit the second user to access to the object based at least in part on the object security label and the second user security label.
    Type: Grant
    Filed: February 4, 2019
    Date of Patent: June 8, 2021
    Assignee: BAKER HUGHES, A GE COMPANY, LLC
    Inventors: Robert Rundle, Nicolaas Pleun Bax, Michelangelo Partipilo
  • Patent number: 11030593
    Abstract: A system, apparatus, and method for expediting the authorization of an electronic payment transaction. Authorization of a transaction at a node of an authorization network is the result of inferring the trustworthiness of a customer to the transaction using data obtained from a different node of the authorization network. The authorization process is expedited by relying on the previous authentication decision of another node, where the previous decision may have been made based on a different payment device or different user inputs. The invention uses a decision made by a first node in the authorization network as a proxy for the authorization decision at a different node, thereby transferring the trustworthiness of a consumer, consumer's device, payment device, or other aspect of the transaction from the first node to the second.
    Type: Grant
    Filed: May 8, 2020
    Date of Patent: June 8, 2021
    Assignee: Visa International Service Association
    Inventor: Ayman Hammad
  • Patent number: 11010212
    Abstract: Methods, systems, and computer program products are described herein for supporting and negotiating multiple (e.g. static) application programming interface (API) versions across multiple products. Interoperable programs, such as different web browser applications, may provide simultaneous support for multiple versions of an API. An API and program-API adapters may be versioned to manage compatibility for asynchronously developed programs and APIs that may be asynchronously installed and updated in many computing environments. An adapter may comprise a versioned portion of program source code. In-development program code and APIs may be forked to create versioned snapshots of stable interfaces. An “in-development” version of an API and adapters may coexist with versioned APIs and adapters. Compatible version negotiation may occur, for example, during process launch. Negotiation may activate the highest API version supported by both programs.
    Type: Grant
    Filed: June 13, 2019
    Date of Patent: May 18, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Tony E. Schreiner, Michael J. Ens, Clifton J. Hebert, Corey M. Bloodstein, Christian Fortini
  • Patent number: 11003732
    Abstract: A method for synchronizing, in a browser state of a web browser application, both automatically-generated content and user-generated content includes retrieving, by a controller application executing on a first computing device, from a profile database, profile content. The method includes receiving, by a first browser application, from the controller application, a first request including automatically-generated content based on the retrieved profile content. The method includes transmitting, by the first browser application, a first network request, the network request including the automatically-generated content. The method includes synchronizing, by a second browser application, a browser state of the second browser application with a browser state of the first browser application. The method includes receiving, by the second browser application, a second request including user-generated content.
    Type: Grant
    Filed: June 20, 2018
    Date of Patent: May 11, 2021
    Assignee: Diluvian LLC
    Inventor: Gregory Bricin Tseng
  • Patent number: 10992783
    Abstract: A method and a device to communicate between a mobile terminal and at least two backend servers, and the method of the present invention includes the following steps: registering a user of the mobile terminal as a user of the first backend server; obtaining the coding information by the barcode image taken through decoding the mobile terminal; the first backend server parsing the coding information to determine whether the barcode image is generated according to a preset coding rule, if the barcode image is generated according to the preset coding rule, executing subsequent steps; if the barcode image is not generated according to the preset coding rule, stopping executing the method after the mobile terminal is connected to a webpage corresponding to the coding information; the mobile terminal extracting service information corresponding to the coding information according to the coding information; the second backend server providing a service to the mobile terminal.
    Type: Grant
    Filed: July 3, 2014
    Date of Patent: April 27, 2021
    Inventor: Wei Xu
  • Patent number: 10970675
    Abstract: In particular embodiments, a data processing data inventory generation system is configured to: (1) generate a data model (e.g., a data inventory) for one or more data assets utilized by a particular organization; (2) generate a respective data inventory for each of the one or more data assets; and (3) map one or more relationships between one or more aspects of the data inventory, the one or more data assets, etc. within the data model. In particular embodiments, a data asset (e.g., data system, software application, etc.) may include, for example, any entity that collects, processes, contains, and/or transfers personal data (e.g., such as a software application, “internet of things” computerized device, database, website, data-center, server, etc.). For example, a first data asset may include any software or device (e.g., server or servers) utilized by a particular entity for such data collection, processing, transfer, storage, etc.
    Type: Grant
    Filed: May 6, 2019
    Date of Patent: April 6, 2021
    Assignee: OneTrust, LLC
    Inventors: Kabir A. Barday, Mihir S. Karanjkar, Steven W. Finch, Ken A. Browne, Nathan W. Heard, Aakash H. Patel, Jason L. Sabourin, Richard L. Daniel, Dylan D. Patton-Kuhl, Jonathan Blake Brannon