Computer Network Access Regulating Patents (Class 709/225)
-
Patent number: 12287906Abstract: Some embodiments provide a method for enforcing policies for authorizing API (Application Programming Interface) calls to an application operating on a host machine. The method receives a request to authenticate a client attempting to gain access to the application, and authenticates the client based on a first set of parameters associated with the request. Using a second set of parameters associated with the request, the method evaluates a set of one or more policies associated with a set of one or more API calls to the application. Based on the evaluated policies, the method defines a third set of one or more authentication field parameters that control the API calls that the client is authorized to make to the application. The method sends an authentication reply message with the defined third set of authentication field parameters in order to control the API calls that the client is authorized to make.Type: GrantFiled: December 12, 2023Date of Patent: April 29, 2025Assignee: STYRA, INC.Inventors: Timothy L. Hinrichs, Teemu Koponen
-
Patent number: 12289348Abstract: Systems and methods for providing least privilege access to a resource within a secured server are disclosed. The systems and method can include receiving an access request from a client requesting access to the resource, the access request comprising a role or policy associated with the client and one or more actions associated with the resource. A rules engine can be initialized, the engine defining one or more rules usable by the system to determine whether the access request complies with a least privilege policy. The systems and method can analyze the role or policy and the access request with the rules engine to determine whether the access request complies with the least privilege policy. When the access request complies with the rules, access to the resource can be granted; when the access request does not comply with the rules, access to the resource can be denied.Type: GrantFiled: February 9, 2024Date of Patent: April 29, 2025Assignee: CAPITAL ONE SERVICES, LLCInventors: Jordan Hale, Devon Powley, Wesley Sham, Thomas Shaffer, Jared Baker, John Bollinger, Robert Stump, Gabriel Duke
-
Patent number: 12287883Abstract: An analysis unit 6 generates one or more pairs of a start point fact which is a fact representing possibility of the attack in a device that is a start point and an end point fact which is a fact representing possibility of the attack in the device that is an end point, analyzes, for each pair, whether or not it is possible to derive the end point fact from the start point fact, based on facts representing states of the devices generated based on information regarding the device that is the start point and information regarding the device that is the end point, the start point fact, and one or more analysis rules for analyzing the attack, and generates an attack scenario in a case where it is possible to derive the end point fact from the start point fact.Type: GrantFiled: November 15, 2019Date of Patent: April 29, 2025Assignee: NEC CORPORATIONInventors: Yoshinobu Ohta, Hirofumi Ueda, Shunichi Kinoshita, Ryo Mizushima
-
Patent number: 12288083Abstract: A system and method provide access by a web application running on a host computing device in communication with a remote server to a native binary DLL. A browser extension to the web application and a native messaging application communicate with the browser extension via standard input/output. A long-running computational process on the host computing device configured as a wrapper for the binary DLL is executable by the host computing device. The native messaging application and the long-running computational process communicate with one another via a named pipe, and the long-running computational process duration is independent of the native messaging application duration.Type: GrantFiled: December 29, 2022Date of Patent: April 29, 2025Assignee: Dassault Systemes Americas Corp.Inventors: John Hoene, Joseph Miller, Steven Deziel, Paul Meyer
-
Patent number: 12287721Abstract: Solutions preparing container images and data for container workloads prior to start times of workloads predicted through workload trend analysis. Local storage space on the node is managed based on workload trends, optimizing local storage of image files without requiring frequent reloading and/or deletion of image files, avoiding network intensive I/O operations when pulling images to local storage by workload scheduling systems. Systems perform collection of historical data including image and workload properties; analyze historical data for workload trends, including predicted start times, image files needed, number of nodes and types of nodes. Based on predicted future workload start times, nodes are selected from an ordered list of node requirements and workload properties.Type: GrantFiled: January 27, 2022Date of Patent: April 29, 2025Assignee: International Business Machines CorporationInventors: Yan Li, Run Qian Bj Chen, Chen Guang Zhao, Qin Qin Zhou, Guang Han Sui, Jing Li, You Bing Li, Yu Xiang Chen
-
Patent number: 12289234Abstract: Techniques are disclosed for overlaying logical switch fabrics upon a physical switch fabric comprising multiple physical switch devices. In one example, a network device determines an overlay network associated with a received packet. The network device determines a logical identifier that is associated with the overlay network. In some examples, the logical identifier corresponds to a color. The network device selects a logical switch fabric that is associated with the logical identifier from a plurality of other logical switch fabrics that are overlaid upon a physical switch fabric comprising a plurality of network switch devices. The network device forwards the received packet to the selected logical switch fabric for transport across the physical switch fabric.Type: GrantFiled: October 20, 2023Date of Patent: April 29, 2025Assignee: Juniper Networks, Inc.Inventors: Michal Styszynski, Subramaniam Vinod, Mahesh Kumar Subramaniam
-
Patent number: 12278764Abstract: The present disclosure relates to systems, methods, and non-transitory computer readable media for flexibly and efficiently managing network traffic for a web flow utilizing network access tokens. For example, the disclosed systems facilitate smooth, uninterrupted navigation through various webpages of a web flow (e.g., from an entry point to an exit point) by assigning network access tokens to client devices according to network capacity of servers hosting the web flow. In some embodiments, the disclosed systems permit access to, and navigation within various webpages within, the web flow for the client devices with network access tokens while preventing other client devices from accessing the web flow.Type: GrantFiled: November 4, 2021Date of Patent: April 15, 2025Assignee: Adobe Inc.Inventors: Thomas Kiencke, Arne Franken
-
Patent number: 12277205Abstract: The present disclosure generally relates to digital identification user interfaces.Type: GrantFiled: August 31, 2022Date of Patent: April 15, 2025Assignee: Apple Inc.Inventors: Pablo Pons Bordes, Gianpaolo Fasoli, Tyler Gentles, Bruno Kindarji, Petr Kostka, Rohit Narula, David W. Silver, Libor Sykora, Ka Yang
-
Patent number: 12278895Abstract: Systems, apparatuses, and computer program products are disclosed for authenticating a user using a knowledge factor identification transaction with a challenge authentication token. An example method includes providing a logon request, wherein the logon request comprises a user identifier received from a user. The example method further includes receiving a challenge sequence and generating a password structure, wherein the password structure is based on a static password received from the user and the challenge sequence. The example method further includes generating a challenge authentication token comprising the user identifier, the password structure, and a client timestamp and providing the challenge authentication token. The example method further includes receiving an authorization decision message, wherein the authorization decision message is indicative of whether the challenge authentication token was verified.Type: GrantFiled: November 10, 2022Date of Patent: April 15, 2025Assignee: Wells Fargo Bank, N.A.Inventor: Jeff J. Stapleton
-
Patent number: 12277552Abstract: Methods and devices for propagating blocks in a blockchain network. At a mining node, while hashing a first block header of a first candidate block, the mining node sends, to other mining nodes, a first message specifying transactions and their order in a first ordered set of transactions contained in the first candidate block. The mining also receives a second message specifying transactions and their order in a second ordered set of transactions contained in a second candidate block being mined by a second mining node. If the mining node succeeds in mining the candidate block it notifies other mining nodes by providing them with a coinbase transaction, hash value, and timestamp. If another mining node is successful, then the mining node receives information from the other mining node from which, in conjunction with the second message, it can assemble the second candidate block and validate it.Type: GrantFiled: April 9, 2020Date of Patent: April 15, 2025Assignee: nChain Licensing AGInventors: Alex MacKay, Wei Zhang, Craig Wright, Steven Patrick Coughlan
-
Patent number: 12278735Abstract: Disclosed are an isolation method for a high-performance computer system, and a high-performance computer system. The isolation method comprises node-level isolation performed. The node-level isolation comprises: configuring a routing table for each computing node, and configuring, in the routing table, valid routing information for computing node pairs; when any one source computing node needs to communicate with a target computing node, determining, by lookup, whether valid routing information exists between the source computing node and the target computing node according to the configured routing table; if so, allowing the source computing node to communicate with the target computing node; otherwise, forbidding the source computing node from communicating with the target computing node.Type: GrantFiled: June 27, 2023Date of Patent: April 15, 2025Assignee: NATIONAL UNIVERSITY OF DEFENSE TECHNOLOGYInventors: Pingjing Lu, Mingche Lai, Zeyu Xiong, Jinbo Xu, Junsheng Chang, Xingyun Qi, Zhang Luo, Yuan Li, Yan Sun, Yang Ou, Zicong Wang, Jianmin Zhang
-
Patent number: 12273323Abstract: An intended network usage is received. An association between the intended network usage and a virtual private network (VPN) server is retrieved. Responsive to determining not to use the VPN server, a new VPN server is obtained from a central server. An encrypted tunnel is established with the new VPN server. An association is stored between the new VPN server and the intended network usage. A communication directed to a network server is encrypted to obtain an encrypted communication. The encrypted communication is transmitted via the encrypted tunnel.Type: GrantFiled: February 24, 2022Date of Patent: April 8, 2025Assignee: UAB 360 ITInventors: Karolis Mineikis, Ugnius Naujokas
-
Patent number: 12273269Abstract: A memory array circuit routes packet data to a destination within the array. The memory array includes memory devices arranged in a plurality of rows and columns, as well as passthrough channels connecting non-adjacent memory devices. Each of the memory devices includes a memory configured to store packet data, and a packet router configured to interface with at least one adjacent memory device of the memory array. The packet router determines a destination address for a packet, and, based on the destination address, selectively forwards the packet to a non-adjacent memory device via a passthrough channel of the plurality of passthrough channels. A memory interface routes the packet from a source to the memory array, and selectively forwarding the packet to one of the plurality of memory devices based on the destination address.Type: GrantFiled: April 12, 2023Date of Patent: April 8, 2025Assignee: Marvell Asia Pte LtdInventors: Nir Ofir, Robert Michael Bunce
-
Patent number: 12273413Abstract: A system for load management in a shared address networking architecture includes a primary point-of-presence (POP) group of servers configured to serve content of a domain and that are each reachable at an address of a first IP address block and a secondary PoP group of servers configured to serve the content of the domain and that are each reachable at an address of a second IP address block. The system further includes a traffic management agent configured to reduce a total volume of incoming requests received by the primary PoP group for a period of time following a return of a first server in the primary PoP group of servers to an online state by selectively directing a first percentage of the incoming requests to the second IP address block instead of the first IP address block.Type: GrantFiled: May 3, 2023Date of Patent: April 8, 2025Assignee: Microsoft Technology Licensing, LLCInventors: Rami Y. Al-Dalky, Nalin Raj Gupta, Abhishek Agarwal, Pradeepkumar Mani, Pranav Agarwal
-
Patent number: 12273843Abstract: Systems and methods are disclosed herein that relate to supporting Internet Protocol (IP) Multimedia Subsystem (IMS) routing with multiple IMS Protocol Data Unit (PDU) sessions over different core network slices. In one embodiment, a method comprises, at an Interrogating Call Session Control Function (I-CSCF), receiving a Session Initiation Protocol (SIP) invite message for an incoming session, where the SIP invite message comprises an IP Multimedia Public Identity (IMPU) of a target User Equipment (UE). The method further comprises, at the I-CSCF, sending, to a Home Subscriber Server (HSS), a query for Serving Call Session Control Functions (S-CSCFs) having registrations for the IMPU of the target UE and receiving, from the HSS, information that indicates two or more S-CSCFs having registrations for the IMPU of the target UE. The method further comprises, at the I-CSCF, forwarding the SIP invite message to at least one of the two or more S-CSCFs.Type: GrantFiled: August 28, 2020Date of Patent: April 8, 2025Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventor: George Foti
-
Patent number: 12255893Abstract: An identity verification system enables peer-to-peer authentication in a potentially insecure channel by leveraging a secure channel communication. The system authenticates a user via an identity verification application. The system provides a validation code to the user. The user communicates the validation code to a counterparty of the peer-to-peer communication. The system receives a request to authenticate the counterparty with the validation code and counterparty authentication data. The system authenticates the counterparty and sends the user the authentication of the counterparty. Alternatively, the user device communicates a request to generate a secure code for participants in a first insecure group application session. The user device selects an authenticated counterparty to receive the secure code from a list of authenticated counterparties. The user creates a second application session using the secure code as a password.Type: GrantFiled: April 29, 2021Date of Patent: March 18, 2025Assignee: Citibank, N.A.Inventors: Elroi Luria, Shay Davidpur, Dina Vaingolts, Yaniv Bouhadana, Oded Margalit
-
Patent number: 12254199Abstract: Declarative provisioning of storage, including: identifying one or more policies associated with a storage object; determining, in dependence upon at least the one or more policies, a storage configuration for the storage object; and provisioning, in accordance with the storage configuration, storage that implements the storage object.Type: GrantFiled: October 22, 2021Date of Patent: March 18, 2025Assignee: PURE STORAGE, INC.Inventors: Krishna Kant, Brent Lim Tze Hao, Ronald Karr
-
Patent number: 12242584Abstract: In order to improve the safety and reliability of services provided by a computer, this authentication device is equipped with a transmission unit and a determination unit. The transmission unit transmits a challenge to a terminal device where the challenge is presented to a user to be authenticated, the challenge being information serving as the basis on which the user inputs information to be used for authentication processing. At this time, the transmission unit transmits a plurality of different challenges to the terminal device. The determination unit determines not only whether or not a response input to the terminal device by the user in response to each challenge is correct, but also whether or not time information regarding the challenge and the response thereto satisfies a condition regarding the response.Type: GrantFiled: September 6, 2023Date of Patent: March 4, 2025Assignee: NEC CORPORATIONInventor: Tomoki Inoue
-
Patent number: 12242895Abstract: Provisioning an orchestration platform is provided. A pre-application programming interface (API) server hook is used to preprocess a request to generate a custom resource in the orchestration platform. The pre-API server hook generates a custom resource definition corresponding to the custom resource and generates the custom resource based on the custom resource definition. A custom resource definition generation event is monitored for, using a custom resource definition (CRD) meta-controller, to manage a custom resource definition controller corresponding to the custom resource definition. The CRD meta-controller retrieves the custom resource definition controller from a CRD controller configuration repository to deploy the custom resource definition controller on a worker node in the orchestration platform.Type: GrantFiled: October 26, 2021Date of Patent: March 4, 2025Assignee: International Business Machines CorporationInventors: Xun Pan, Guang Ya Liu, Hai Hui Wang, Peng Li, Xiang Zhen Gan
-
Patent number: 12244647Abstract: Techniques for applying context-based security in mobile networks using an API and a data store are disclosed. In some embodiments, a system/process/computer program product for applying context-based security in mobile networks using an API and a data store includes monitoring network traffic on a mobile network at a security platform to identify a new session; determining user-IP mapping information associated with the new session using an API and a data store; and enforcing a security policy on the new session at the security platform based on the user-IP mapping information to apply context-based security in the mobile network.Type: GrantFiled: January 30, 2023Date of Patent: March 4, 2025Assignee: Palo Alto Networks, Inc.Inventors: Sachin Verma, Leonid Burakovsky, Srikanth Ramachandran
-
Patent number: 12238667Abstract: A method determining a timing of an uplink signal includes receiving timing information associated with an uplink signal and a numerology of the uplink signal, wherein the timing information is used to determine a reference time of the uplink signal received from a user equipment (UE), receiving, from the UE, the uplink signal, wherein the receiving is in accordance with the timing information and the numerology of the uplink signal, and measuring an uplink relative time of arrival in accordance with the received uplink signal and the reference time of the uplink signal.Type: GrantFiled: December 1, 2023Date of Patent: February 25, 2025Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Keyvan Zarifi, Su Huang
-
Patent number: 12236381Abstract: Generating an output prioritized list of computerized work-items for prioritizing work based on a set of quantified computer-executable rules includes a structured way of associating contributions and expenses with computerized work-items and enhancing current technological processes of selecting computerized work-items to meet quantified computer-executable rules. The method includes determining a priority order of each sub-component based on quantified computer-executable rules associated with those sub-components, generating tuples having sub-components for each computerized work-item that are arranged based on the priority order, sorting the computerized work-items in descending order of the tuples, and traversing the sorted list of computerized work-items to generate the output prioritized list of computerized work-items for prioritizing work based on quantified computer-executable rules.Type: GrantFiled: November 24, 2021Date of Patent: February 25, 2025Assignee: Digital.ai Software, Inc.Inventor: Rahul Kapoor
-
Patent number: 12238100Abstract: A controlled-environment facility resident communication and/or media device master control employs a controlled-environment facility vendor datacenter, a centralized investigative data aggregation and analysis system, or the like, to provide a controlled-environment facility management portal to a controlled-environment facility administrator, presenting an option to disable controlled-environment facility resident communication and/or media devices operating in a controlled-environment facility. The controlled-environment facility vendor datacenter, or the like, disables access to controlled-environment facility resident communication and/or media devices operating in the controlled-environment facility, in response to selection of the option to disable devices operating in the facility, sends a message to devices operating in the facility to disable all application programs on a respective device, and disable access to devices operating in the controlled-environment facility.Type: GrantFiled: January 21, 2021Date of Patent: February 25, 2025Assignee: Securus Technologies, LLCInventors: Christopher Douglas, Amit Kumar Shrivastava, Isaac Parampottil, Christopher Barrett Bruton
-
Patent number: 12236478Abstract: There is a provided an apparatus and method to securely communicate an order by efficiently invoking a program application on a computing device. The computing device may operate to receive and present a push notification, even while in a locked state, where the push notification requests input to initiate a performance of a task that is associated with an application defined by instructions stored on the computing device. The computing device receives input and initiates the performance of the task without fully loading the application into an operating memory. The input may initiate a communication of a message to a remote processing system to execute the order.Type: GrantFiled: April 12, 2022Date of Patent: February 25, 2025Assignee: The Toronto-Dominion BankInventors: Nasim Sarir, Peter Horvath, Maryam Karbasi
-
Patent number: 12232214Abstract: A method and apparatus where an announcing WTRU may request peer discovery from a Pro Se function, and the ProSe function may provide information associated with a monitoring WTRU to the announcing WTRU as a result of the monitoring WTRU having discovered the announcing WTRU. A discoveree WTRU may request peer discovery from a ProSe function where the ProSe function sends a unique ProSe query code to a discoverer WTRU. As a result of the discoveree WTRU detecting the ProSe query code on radio interface, the discoveree WTRU triggers a match report procedure to obtain information associated with the Discoverer WTRU.Type: GrantFiled: October 5, 2020Date of Patent: February 18, 2025Assignee: INTERDIGITAL PATENT HOLDINGS, INC.Inventors: Xiaoyan Shi, Michelle Perras, Samir Ferdi, Saad Ahmad
-
Patent number: 12225014Abstract: Upgrading packet processing rules in a network device with a replacement set of rules includes generating an edit sequence that represents edit operations to transform an already-installed old set of rules into the replacement rules. The edit sequence is used to identify a subsequence of rules that is common to both the old rules and the replacement rules. A merged list is generated by a combination of the old rules, the replacement rules, and the common subsequence of rules. The merged list is downloaded to the network device, overwriting the old rules in bottom-up fashion to allow packet processing to continue concurrently using the old rules.Type: GrantFiled: July 11, 2022Date of Patent: February 11, 2025Assignee: ARISTA NETWORKS, INC.Inventor: Ramakrishna Paduvalli
-
Patent number: 12223540Abstract: Improved techniques and systems for delivery and acquisition of digital assets are disclosed. The techniques and systems are especially suitable and useful for delivering digital assets (e.g., media assets) that are available for acquisition and electronic delivery from online stores to electronic devices. In accordance with one aspect, when a digital asset is acquired from an online store via an electronic device associated with a user, the digital asset can be arranged for delivery to a number of other of electronic devices also associated with the user. It will be appreciated that the digital asset can be delivered and acquired without requiring explicit user input or instruction in accordance with another aspect. Other aspects of the techniques and systems include customization of configuration and user interfaces that are provided to facilitate acquisition of digital assets in a more efficient manner.Type: GrantFiled: February 29, 2024Date of Patent: February 11, 2025Assignee: Apple Inc.Inventors: Christopher B. Chang, Sean B. Kelly, Olagappan Manickam, Thomas Alsina, Payam Mirrashidi, Michael Kuohao Chu, Kevin R. Lafferty
-
Patent number: 12223033Abstract: Disclosed is a method of providing a security service. The method is configured to include the steps of receiving a link connectable to a web page from a device of a user, connecting to a web page corresponding to the link through a remote browser and determining a risk of the connected web page, rendering a screen of the web page to be processed in the remote browser according to the determined risk, and streaming and transmitting the rendered web page screen to provide substantially the same user experience (UX) as a browser installed in the device.Type: GrantFiled: July 21, 2021Date of Patent: February 11, 2025Assignee: ERmind Co., Ltd.Inventor: Young Min Kwon
-
System and method for efficiently distributing time-sensitive data in bandwidth-limited environments
Patent number: 12222962Abstract: A method for adaptively providing processed data to elements of a distributed network, includes a processor partitioning data from a plurality of data sources, including big data from a plurality of big data sources based on defined needs of the elements; the processor storing the partitioned data in a central data source and a subset of the partitioned data in one or more cache memories in proximity to the elements; receiving a data request from a network element; determining a time-sensitivity of data responsive to the data request; supplying a response to the data request for non-time-sensitive data; and supplying the response to the data request for time-sensitive data.Type: GrantFiled: April 23, 2021Date of Patent: February 11, 2025Assignee: Architecture Technology CoprporationInventors: Mandeep Singh, William Colligan -
Patent number: 12218974Abstract: Systems and methods are described for increasing web browser security on a user device managed by a device management system. In an example, the user device can use an unmanaged web browser to access secure enterprise content using a browser extension provided by the enterprise. When a user attempts to access secure content from an unmanaged browser, the device management system can communicate with the extension and a management application on the user device to authenticate the user and verify that the user device complies with certain policies. In one example, the device management system can include an extension recommendation engine that analyzes user browsing data and recommends browser extensions for the user. Based on policies, the device management system can recommend the extension to the user or force installation of the extension on the user device.Type: GrantFiled: April 22, 2022Date of Patent: February 4, 2025Assignee: Omnissa, LLCInventors: Rohit Pradeep Shetty, Ramanandan Nambannor Kunnath, Kar-Fai Tse
-
Patent number: 12219594Abstract: A control apparatus identifies a first communication requirement and identifies a second communication requirement which is an alternative candidate to the first communication requirement on the basis of a service requirement received from a user, identifies an amount of resource requested for the first communication requirement and the second communication requirement, notifies the user of information indicating the second communication requirement and information relating to the amount of the resource identified for each of the first communication requirement and the second communication requirement, receives a selection of the first communication requirement or the second communication requirement by the user, and executes control to secure the resource amount identified for the communication requirement selected by the user.Type: GrantFiled: June 4, 2021Date of Patent: February 4, 2025Assignee: KDDI CORPORATIONInventors: Shigeo Terabe, Shinobu Nanba, Tooru Kitayabu, Hayato Yoshida
-
Patent number: 12216749Abstract: Head mountable systems, methods, and non-transitory computer readable media including instructions for identifying individuals using facial skin micromovements are disclosed. An example head mountable system may include a wearable housing, a coherent light source, a detector, and at least one processor. The at least one processor may analyze reflection signals from the detector to determine specific facial skin micromovements of an individual wearing the head mountable system. Thereafter, the at least one processor may access memory correlating a plurality of facial skin micromovements with the individual, and search for a match between the determined specific facial skin micromovements and at least one of the plurality of facial skin micromovements in the memory. If a match is identified, the processor may initiate a first action; and if a match is not identified, the at least one processor may initiate a second action different from the first action.Type: GrantFiled: November 8, 2023Date of Patent: February 4, 2025Assignee: Q (Cue) Ltd.Inventors: Aviad Maizels, Yonatan Wexler, Avi Barliya
-
Patent number: 12217601Abstract: In response to a detected presence of an intended target appliance within a logical topography of controllable appliances identity information associated with the intended target appliance is used to automatically add to a graphical user interface of a controlling device an icon representative of the intended target appliance and to create at a Universal Control Engine a listing of communication methods for use in controlling corresponding functional operations of the intended target appliance. When the icon is later activated, the controlling device is placed into an operating state appropriate for controlling functional operations of the intended target appliance while the Universal Control Engine uses at least one of the communication methods to transmit at least one command to place the intended target appliance into a predetermined operating state.Type: GrantFiled: August 11, 2023Date of Patent: February 4, 2025Assignee: Universal Electronics Inc.Inventors: Paul D. Arling, Brian Barnett
-
Patent number: 12218908Abstract: Systems, methods, and computer-readable media are provided for securely advertising autoconfigured prefixes in a cloud environment. In some examples, a method can include, receiving, by a first router, an indication of an available network address prefix. In some aspects, the method can also include selecting, by the first router, a first network address prefix that is within the available network address prefix, wherein the first network address prefix provides at least one route to one or more network elements associated with the first router. In some cases, the method may further include sending, to a second router, a message including a stub registration option that indicates the first network address prefix.Type: GrantFiled: February 22, 2022Date of Patent: February 4, 2025Assignee: Cisco Technology, Inc.Inventors: Pascal Thubert, Jerome Tollet, Ali Sajassi, Aloÿs Christophe Augustin, Nathan Roland Maryan Skrzypczak, Stephane Litkowski
-
Patent number: 12212580Abstract: An ingress server is operable to perform, through a multi-list evaluator, two different validations: one utilizes a sender network address of a sender's server to determine whether to trust, accept, or reject a connection and one utilizes a domain of a sender email address from an envelope to determine whether to accept or reject a message. The multi-list evaluator may perform the validations in two phases. If a connection can be trusted, the connection is accepted and any message over the connection (in a single session) is accepted and no further validation is necessary. Further, in both phases, the multi-list evaluator can utilize a whitelist maintained by the ingress server to override a blacklist provided by a blacklist supplier. This override can reduce false-positives and drastically reduce delays usually associated with correcting false-positives and improve system throughput.Type: GrantFiled: August 9, 2021Date of Patent: January 28, 2025Assignee: OPEN TEXT HOLDINGS, INC.Inventor: Amitava Dutta
-
Patent number: 12210521Abstract: A cluster computing system maintains a first set of queues for short queries and a set second set for longer queries. The first set is allocated a majority of the cluster's processing resources and processes queries on a first in first out basis. The second set is allocated a minority of the cluster's processing resources which are shared among queries in the second set. Accordingly, the system assigns each query to the first set of queues for a fixed amount of resource time. While a query is processing, the system monitors the query's resource time and reassigns the query to the second set of queues if the query has not completed within the allotted amount of resource time. Thus, short queries receive the necessary resources to complete quickly without getting stuck behind longer queries while ensuring that longer queries continue to make progress.Type: GrantFiled: April 27, 2023Date of Patent: January 28, 2025Assignee: Databricks, Inc.Inventors: Venkata Sai Akhil Gudesa, Herman Rudolf Petrus Catharina van Hövell tot Westerflier, Supun Chathuranga Nakandala
-
Patent number: 12212541Abstract: An authorization device obtains a registration request associated with an end device, the registration request including a new randomized media access control (MAC) address associated with the end device; determines whether the end device is authorized to use the new randomized MAC address; transmits a message to the end device with a first randomly generated number when it is determined that the end device is authorized to use the new randomized MAC address; obtains integrity information associated with the end device, the first integrity information being computed based on the first randomly generated number; transmits a request to a validation system to validate the end device based on the first integrity information; obtains an indication that the end device is validated; determines policies associated with the end device when it is determined that the end device is validated; and applies the policies to the end device.Type: GrantFiled: February 29, 2024Date of Patent: January 28, 2025Assignee: CISCO TECHNOLOGY, INC.Inventors: Nagendra Kumar Nainar, Carlos M. Pignataro, Robert E. Barton, Jerome Henry
-
Patent number: 12212695Abstract: Blockchain-based systems and methods for providing secure digital identities and affiliations for users via digital tokens. A set of digital tokens are generated that are sharable on a distributed computer network. The set of digital tokens are affiliated with an entity or a person. One or more of the digital tokens are provided to one or more users of the distributed computer network, where the one or more users comprise at least a first user, and where the first user is provided a first token selected from the one or more of the digital tokens. The first user is identified as affiliated with the entity or the person based on a receipt of an indication that the first user is associated with the first token.Type: GrantFiled: May 19, 2022Date of Patent: January 28, 2025Assignee: CBOE EXCHANGE, INC.Inventors: Glenton Davis, Joseph Green, Adam Kelly, Chris Schneider
-
Patent number: 12210649Abstract: Techniques for ensuring address translation services (ATS) functionality is used correctly and safely for any type of device that supports ATS, even for devices that might potentially be acting in a rogue manner, are disclosed. A host performs an integrity check on a device that uses ATS to prevent the device from maliciously using a locally cached HPA. The device submits a first ATS-enabled request to the host. The device receives metadata comprising (i) a first integrity check vector (ICV) that is usable to authenticate the device, (ii) the HPA, and (iii) an initialization vector (IV). The device locally caches the metadata in an address translation cache (ATC). The device submits a second ATS-enabled request, which includes the metadata. The host then independently authenticates the device using the received metadata in the request.Type: GrantFiled: December 29, 2022Date of Patent: January 28, 2025Assignee: Microsoft Technology Licensing, LLCInventors: Bharat Srinivas Pillilli, Vishal Soni, Bryan David Kelly
-
Patent number: 12210533Abstract: A system, include a memory and a processor where the processor is in communication with the memory. The processor is configured to receive a request to analyze an infrastructure comprising a first set of components. Keywords associated with the infrastructure are retrieved and a database is queried, where the database comprises implementations of infrastructures, to retrieve a second set of components associated with the keywords. The processor is configured to determine whether the second set of service level objectives corresponds to the first set of service level objectives. Extra service level indicators are added from the second set of service level indicators to the first set of service level indicators to create a third set of service level indicators. The third set of service level indicators are monitored during operation of the infrastructure to determine whether the first set of service level objectives are met.Type: GrantFiled: February 16, 2021Date of Patent: January 28, 2025Assignee: Red Hat, Inc.Inventors: Boaz Shuster, Oded Ramraz
-
Patent number: 12205128Abstract: Systems and methods herein log traffic to and from a device on a network. Logging can occur using a metering device, router, proxy, or other elements. For example, a metering device operatively coupled to a routing device can log the traffic directed to and originating from a user device. Logged traffic can be analyzed to identify users, devices, and/or sessions. For example, an identifier unique to the user device in the session, a device type of the user device, and a specific user of the device during the session can be identified.Type: GrantFiled: June 3, 2022Date of Patent: January 21, 2025Assignee: Comscore, Inc.Inventors: Yvonne L. Bigbee, Randall L. McCaskill
-
Patent number: 12205414Abstract: A vehicle setting system includes an occupant data acquisition processor, a server apparatus including a provisional generation processor, a provisional acquisition processor, and a setting processor. The occupant data acquisition processor acquires or estimates physical data regarding an occupant on board the vehicle, at least in a case with absence of a setting value for the occupant held in a vehicle memory of a vehicle. The provisional generation processor acquires the physical data regarding the occupant, and generates a provisional setting value for the relevant occupant. The provisional acquisition processor acquires the provisional setting value. The setting processor records, in a vehicle memory of the vehicle, the provisional setting value as the setting value for the occupant, and provides the vehicle with setting of the provisional setting value.Type: GrantFiled: July 25, 2022Date of Patent: January 21, 2025Assignee: SUBARU CORPORATIONInventor: Ryota Nakamura
-
Patent number: 12206575Abstract: Automatic network configuration includes obtaining, by a virtual private network service provider infrastructure system, ranking data for data transport pathways between the virtual private network service provider infrastructure system and an external system, wherein a respective data transport pathway from the data transport pathways includes a respective exit node in the virtual private network service provider infrastructure system in communication with a respective entry node in the external system, wherein obtaining the ranking data includes obtaining at least a portion of the ranking data by testing a service provided by the external system via the entry node, and allocating, by the virtual private network service provider infrastructure system, a data transport pathway from the data transport pathways to a communication session, wherein the data transport pathway is a highest-ranking data transport pathway in the ranking data.Type: GrantFiled: February 22, 2022Date of Patent: January 21, 2025Assignee: Netflow, UABInventors: Donatas Budvytis, Karolis Kaciulis
-
Patent number: 12197580Abstract: A system and method provide for automated management of policies in an application platform. A plurality of policy groups are established, each according to a set of included policies and a set of assigned application groups, where each policy defines a requirement and an automated response, and each application group is defined according to a rule to determine whether an application is contained within. A configuration file for each policy group associates each assigned application group with each included policy. An automatic configuration, according to the configuration file for each of the policy groups, configures an admission controller of the application platform to selectively test an application contained within an application group and designated for deployment to the application platform, to determine whether it meets the requirement of each policy associated with the application group, and to selectively execute the automated response based on a failure to fulfill the requirement.Type: GrantFiled: July 14, 2022Date of Patent: January 14, 2025Assignees: RAKUTEN MOBILE, INC., RAKUTEN SYMPHONY, INC.Inventors: Unnikrishnan Keezhuridathil, Devendra Behera, Ritesh Kumar Kalle
-
Patent number: 12200145Abstract: A system for monitoring the status of digital certificates is provided. The system includes a responder computer device. The responder computer device is programmed to store, in a database, a plurality of statuses associated with a plurality of digital certificates. The responder computer device is also programmed to receive, from a first computer device, a request message including an identifier of a target certificate. The responder computer device is further programmed to query the database to retrieve status information about the target certificate. In addition, the responder computer device is programmed to generate a response message based on the retrieved status information. Moreover, the responder computer device is programmed to transmit the response message to the first computer device.Type: GrantFiled: May 31, 2022Date of Patent: January 14, 2025Assignee: Cable Television Laboratories, Inc.Inventor: Massimiliano Pala
-
Patent number: 12199967Abstract: Systems, methods and computer program products for controlling access to data owned by an application subscriber using two-factor access control and user partitioning are disclosed. In one embodiment, applications are executed on a multi-tenant application platform in which user partitions designate associated users and authentication services for those users. Tenants may subscribe to the applications and may allow access to the subscriptions through designated entry points. Users that are authenticated according to the corresponding user partition and access the application through the designated entry point are allowed to access the application through the tenant's subscription.Type: GrantFiled: July 12, 2023Date of Patent: January 14, 2025Assignee: OPEN TEXT SA ULCInventors: Jody Hupton Palmer, Nicholas Edward Scott
-
Patent number: 12197909Abstract: Systems and methods for integrating a third-party service into a host application enable multiple modes of integration of the data from the third-party services into the host application. The multiple modes include a first mode of integration that involves a data connection to a third-party service, a second mode of integration that involves the use of third-party extensions that provide predefined user interface elements for interacting with the third-party service, and a third mode of integration that involves the use of an iFrame element in the host application for hosting the third-party service. The modes may be activated and switched from within the application so that the user does not have to leave the context of the application to interact with the third-party service.Type: GrantFiled: November 18, 2022Date of Patent: January 14, 2025Assignee: Microsoft Technology Licensing, LLCInventors: Vlad Riscutia, Maya Rodrig, Swati Jain
-
Patent number: 12189749Abstract: A system includes access controls that allow or deny a request based at least in part on a context associated with the request. A service receives a request from a client, and forwards information that describes the request and the context of the request to a context management service. The context management service determines whether the request should be allowed by querying a set of context validation plugins. Each context validation plugin analyzes particular characteristics of a request's context, and based at least in part on the request's context, indicates to the context management service that the request should be allowed or denied. If a quorum of the context validation plugins indicate to the context management service that the request should be allowed, the context management service indicates to the service that the request is allowed within the provided context.Type: GrantFiled: November 18, 2019Date of Patent: January 7, 2025Assignee: Amazon Technologies, Inc.Inventors: Gregory Leighton Harding, Tai Geoffrey Lucas, James Alfred Gordon Greenfield
-
Patent number: 12190172Abstract: An approach is provided for determining a carbon footprint-based consumption of cloud resources. Cloud resource requirements and a carbon footprint cap of a workload of a cloud consumer are received. The requirements and cap are based on a sustainability target, published by the cloud consumer, and subscribed by cloud service providers. A list of cloud resources that satisfy the requirements are sent. Carbon emission values of the cloud resources at different load levels of the workload are sent. Based on a service level agreement requirement, a criticality level, and a peak load duration of the workload, and previous success rates of satisfying cloud resource requirements by cloud service providers, an optimized configuration of cloud resource(s) and cloud service provider(s) is selected. The cloud resource(s) are selected from the list and have a carbon footprint that does not exceed the cap at a given load level.Type: GrantFiled: October 29, 2021Date of Patent: January 7, 2025Assignee: Kyndryl, Inc.Inventors: Kim Poh Wong, Firas Bouz, Seema Nagar, Pramod Vadayadiyil Raveendran
-
Patent number: 12192308Abstract: A method, a system, and a non-transitory computer-readable medium are provided. An interceptor hub application (IHA) receives a request for services in a first format and converts at least some information in the request to a second format. Respective requests are sent to the requested services, at least some which include a corresponding portion of the information in the second format. The IHA receives respective service responses from the respective services and provides the respective service responses in an expected combined service response format. A first request for permission to access an application program interface/endpoint is received from a user of a client via an IHA user interface and is provided to a first manager of the application program interface/endpoint. Approval of the first request from the first manager is received, and in response, the interceptor hub application provides the client with access to the application program interface/endpoint.Type: GrantFiled: September 8, 2023Date of Patent: January 7, 2025Assignee: UNITED STATES POSTAL SERVICEInventors: Tyler J. Woolsey, Tyler M. O'Gara, Craig Alan Cole