Multiple Computer Communication Using Cryptography Patents (Class 713/150)
  • Patent number: 10661267
    Abstract: Provided is an electric pipette system, including: an operating condition receiving milt configured to receive an operating condition of a manipulation operation to foe occur next; a suction/discharge operating unit configured to perform at least any one of a suction operation and a discharge operation of a liquid by an electric pipette based cm the operating condition; an information collecting unit configured to collect various types of information during the suction operation or the discharge operation of the liquid; and an information recording unit configured to record the information.
    Type: Grant
    Filed: March 2, 2017
    Date of Patent: May 26, 2020
    Assignees: NATIONAL INSTITUTE OF ADVANCED INDUSTRIAL SCIENCE AND TECHNOLOGY, KABUSHIKI KAISHA YASKAWA DENKI, ROBOTIC BIOLOGY INSTITUTE INC.
    Inventors: Toru Natsume, Naoyuki Sasaki, Kenji Matsukuma, Makoto Umeno, Tatsuro Ipposhi
  • Patent number: 10663960
    Abstract: Operational facets of a compressor are controlled from a remotely-located computer. Data from the compressor is automatically collected at a first data store every first time increment of a first time period. Portions of the data from the first data store are automatically collected at a second data store every second time increment of each first time period. The second time increment is greater than the first time increment, and the portions of the data are collected for a second time period which is greater than the first time period. Successful verification of user authentication data collected at the computer causes automatic generation of an image of application icons at the computer to enable the computer as an input device for controlling the compressor and selections of routines available at an analytics visualization generator that uses data from the second data store.
    Type: Grant
    Filed: August 3, 2018
    Date of Patent: May 26, 2020
    Assignee: Bauer Compressors, Inc.
    Inventors: Anthony B. Bayat, Tahsin Durak, Adam Z. Howard
  • Patent number: 10652273
    Abstract: Static analysis is applied to unrecognized software objects in order to identify and address potential anti-sandboxing techniques. Where static analysis suggests the presence of any such corresponding code, the software object may be forwarded to a sandbox for further analysis. In another aspect, multiple types of sandboxes may be provided, with the type being selected according to the type of exploit suggested by the static analysis.
    Type: Grant
    Filed: February 27, 2018
    Date of Patent: May 12, 2020
    Assignee: Sophos Limited
    Inventor: Chris Douglas Kraft
  • Patent number: 10644963
    Abstract: A zombie server can be detected. Detecting a zombie server can include receiving, at a server, network traffic and calculating a percentage of the network traffic as being productivity software layer 7 protocols every first time interval. Detecting a zombie server can also include marking the server as a zombie server based on the percentage every second time interval and processing the network traffic at the server to perform a number of actions by the productivity software.
    Type: Grant
    Filed: June 13, 2016
    Date of Patent: May 5, 2020
    Assignee: Intel Corporation
    Inventors: Devadatta Bodas, Justin J. Song, Muralidhar Rajappa, Andy Hoffman
  • Patent number: 10645576
    Abstract: Systems and methods for secure team-based communication on existing wireless mesh networks are disclosed. In an example network with multiple network nods, a headend system designates a first network node and a second network node as a sub-group of nodes, generates a sub-group encryption key that is unique to the sub-group of nodes, and transmits the sub-group encryption key and the sub-group node list and to the first node and the second node. The first node encrypts an application layer message with the sub-group encryption key and sends the message to the second node. The second node decrypts the application layer message with the sub-group encryption key and performs an action based on the message.
    Type: Grant
    Filed: December 20, 2018
    Date of Patent: May 5, 2020
    Assignee: Landis+Gyr Innovations, Inc.
    Inventors: Pushpesh Kumar Deshmukh, Ashok Mahadevan, Timothy James Rutten, Michael Gerard Demeter, John Bettendorff
  • Patent number: 10635802
    Abstract: A method in the embodiments of the present invention includes: when the wearable device receives an instruction of a user or an electronic device, obtaining, by the wearable device, an image that includes access information of a Wi-Fi network; and analyzing, by the wearable device, the image, obtaining the access information of the Wi-Fi network, and sending the access information of the Wi-Fi network to the electronic device, so that the electronic device accesses the corresponding Wi-Fi network according to the access information of the Wi-Fi network; or sending, by the wearable device, the image to the electronic device, so that the electronic device accesses the corresponding Wi-Fi network according to the image. The present invention is applied to a procedure of accessing a wireless network.
    Type: Grant
    Filed: April 10, 2015
    Date of Patent: April 28, 2020
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Qinliang Zhang, Yu Zhu
  • Patent number: 10623324
    Abstract: An optimized approach to whitelisting includes, at a domain name service server, determining whether a first domain and a second domain resolve to a same Internet Protocol (IP) address, and in response to a request from a domain name service proxy as to whether the first domain resolves to an IP address shared by another domain, notifying the domain name service proxy that the first domain resolves to an IP address shared by another domain. The method further includes the domain name service proxy receiving from the domain name service server a response that indicates that the first domain resolves to an IP address shared by another domain, and storing, in memory, the IP address and an indication that the IP address is shared by another domain. A data flow associated with a shared IP address is subjected to further scrutiny even if the IP address is on a whitelist.
    Type: Grant
    Filed: May 12, 2016
    Date of Patent: April 14, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: K. Tirumaleswar Reddy, Prashanth Patil, Daniel G. Wing
  • Patent number: 10623410
    Abstract: A computing system controls access between components. A token issuer issues an access token to a requesting component, that is requesting access to a requested service component, based at least in part on an access policy. The requesting component sends the token to the requested service component, which includes a token authentication module that validates the access token and authorizes the requesting component to access a requested service component, and receives the authorization to access the requested service component.
    Type: Grant
    Filed: April 24, 2017
    Date of Patent: April 14, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Matthias Leibmann, Joel T. Hendrickson, Grigory V. Kaplin, Corneliu Manescu
  • Patent number: 10616163
    Abstract: A method and system for managing an electronic mail. A command list of a communication electronic mail transmission protocol is partitioned into command sub-lists using recursive parameters appearing in the command list prior to the partitioning of the command list. Each recursive parameter is a command that is repeated in respective command sub-lists as a result of the partitioning. Each command sub-list includes at least one command pertaining to a receiver or sender of the electronic mail. Each command sub-list is individually selectable for subsequent use of the at least one command in a subsequently selected command sub-list in implementing the electronic mail. A selection of at least one of the command sub-lists viewable in a user interface is received. Each command of the at least one command specifies a respective aspect of how to implement the electronic mail in a subsequent implementation of the electronic mail.
    Type: Grant
    Filed: July 13, 2018
    Date of Patent: April 7, 2020
    Assignee: International Business Machines Corporation
    Inventor: Deepak Gupta
  • Patent number: 10607027
    Abstract: Disclosed embodiments relate to decentralized and scalable trust among a plurality of decentralized applications. Techniques include receiving, at a first decentralized application, a signature associated with a first public key, receiving data representing one or more permissions specified by a trusted root application and signed by the trusted root application, signing a second public key associated with a second decentralized application, signing data representing one or more permissions specified by the first decentralized application, and providing the signature associated with the second public key and the signed data representing one or more permissions specified by the first decentralized application, in order to thereby provide trust between the first decentralized application and the second decentralized application.
    Type: Grant
    Filed: December 5, 2018
    Date of Patent: March 31, 2020
    Assignee: CyberArk Software Ltd.
    Inventors: Kobi Ben Naim, Gil Makmel, Ariel Beck, Or Gamliel, Amir Levy
  • Patent number: 10609110
    Abstract: A remote user sends a user request to a relay server that, in turn, forwards the user request (modified or unmodified) through a reverse session-origination (RSO) tunnel to an on-premises network client. In other words, while the user requests flow from outside the client network to the client network, the requests of the delivery protocol for the tunnel flow in the reverse direction, i.e., from the client network toward the relay server and/or the remote user. A server agent, executing client side, generates delivery-protocol requests so that the server can wrap user requests in delivery-protocol responses. In addition, the server agent unwraps user requests and forwards them to their intended destination in the client network. To minimize any time the server would have to wait for a delivery-protocol request, the server agent can generate dummy requests whenever no delivery-protocol request is pending at the server.
    Type: Grant
    Filed: December 16, 2015
    Date of Patent: March 31, 2020
    Assignee: VMware, Inc.
    Inventor: Dmitry Korotkov
  • Patent number: 10601581
    Abstract: Disclosed are a method and apparatus for implementing security of broadband bus architecture in industrial internet field. The security of the access process can be guaranteed by encrypting data transmitted between the bus terminal and the bus controller; the operation of the entire system can be prevented from threat of abnormal data by performing security detection on the acquired data; it can be easy to treat abnormal conditions of the transport rule by the bus controller by monitoring and reporting the transport rule of the data flow over the bus by a bus terminal; and the reliability of the transmission process may be improved by interleaving the to-be-sent data at the bus controller and the bus terminal; the time delay of the data transmission resulting from the addition of the interleaving processes can also be reduced to have high transmission rate.
    Type: Grant
    Filed: December 29, 2017
    Date of Patent: March 24, 2020
    Assignee: KYLAND TECHNOLOGY CO., LTD.
    Inventors: Zhiyong Lv, Yi Huang, Hao Cao
  • Patent number: 10594675
    Abstract: A communication apparatus that transmits a challenge code on the basis of a received request signal and performs authentication of an authentication target apparatus transmitting the request signal on the basis of the challenge code and a response code generated on the basis of the challenge code includes a control unit configured to perform a predetermined fail-safe process when a request signal is received a set number of times or more from the authentication target apparatus before completion of the authentication after the transmission of the challenge code.
    Type: Grant
    Filed: November 8, 2017
    Date of Patent: March 17, 2020
    Assignee: HONDA MOTOR CO., LTD.
    Inventor: Yu Yoshii
  • Patent number: 10594696
    Abstract: A user device may request access to a service provided by an application server. The application server may request that an identity server authenticate the user device. The identity server may have a network authentication system assist with the authentication of the user device. Once authenticated by the network authentication system, the application server may be informed and may grant the user device access to the requested service. Additionally, the identity server may help determine whether the user device is a security threat by comparing user information from the network authentication system with user information from the application server. Additionally, the network authentication system may provide the application server with user information to enable the application server to automatically register the user device for a particular service.
    Type: Grant
    Filed: July 19, 2018
    Date of Patent: March 17, 2020
    Assignee: Verizon Patent and Licensing Inc
    Inventors: Guanqun Bao, Brian Libonate, Raymond C. Counterman
  • Patent number: 10592098
    Abstract: An electronic device displays a messaging user interface of a messaging application, including a conversation transcript of a messaging session between a user of the electronic device and at least one other user, and an application affordance. While displaying the messaging user interface, the device detects an input that activates the application affordance. In response to detecting the input that activates the application affordance, the device concurrently displays a launch icon for an application store and a plurality of launch icons for interactive applications. The device detects an input that activates the launch icon for the application store; in response to detecting the input that activates the launch icon for the application store: the device ceases to display the messaging user interface, and displays an application store user interface, including display of at least one interactive application available for download to the electronic device.
    Type: Grant
    Filed: September 21, 2016
    Date of Patent: March 17, 2020
    Assignee: APPLE INC.
    Inventors: Imran A. Chaudhri, Freddy A. Anzures, Richard R. Dellinger, Chanaka G. Karunamuni, Nicholas V. King, Hoan Pham, Wan Si Wan, Darin B. Adler, Justin N. Wood, Roberto Garcia, Soin Shedlosky, Bethany Bongiorno
  • Patent number: 10587401
    Abstract: An application server sends a public key from an asynchronous key-pair to a user system to encrypt a user encryption secret that forms part of a first encryption key. The application server uses a second encryption key provided by a key derivation server to encrypt a private key from the asynchronous key-pair. The application server then deletes the second encryption key to prevent decryption of the user encryption secret received from the user system. The application server receives the encrypted user encryption secret from the user system and sends a request to the key derivation server to re-encrypt the user encryption secret. The key derivation server uses a key encryption secret to generate the second encryption key and decrypt the private key. The key derivation server uses the decrypted private key to decrypt the user encryption secret and then re-encrypts the first encryption secret to prevent decryption by the application server.
    Type: Grant
    Filed: April 3, 2017
    Date of Patent: March 10, 2020
    Assignee: SALESFORCE.COM, INC.
    Inventor: Patrick Calahan
  • Patent number: 10581848
    Abstract: Techniques described herein leverage a trusted entity within a domain to enable devices to establish trust with one another so they can securely discover each other and connect to one another. In various examples discussed herein, a device is configured to provide trust information to, and/or receive trust information from, the trusted entity. The trust information may include, for example, a public key of an encryption key pair, a certificate signed by the trusted entity proving authenticity, and/or a hash function and a hash seed used to compute a series of results that form a hash chain. The device may use the trust information to discover another device and to connect to the other device securely and automatically (e.g., with no user involvement or limited user involvement). Moreover, the device may use the trust information to dynamically change a MAC address being used to communicate with the other device.
    Type: Grant
    Filed: June 21, 2017
    Date of Patent: March 3, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Peter Dawoud Shenouda Dawoud, Anoosh Saboori, Himanshu Soni, Dustin Michael Ingalls, Nelly L. Porter
  • Patent number: 10574441
    Abstract: According to an example embodiment of the present invention, there is provided an apparatus (110) comprising a receiver (114) configured to receive at least part of a key in scrambled form, and at least one processing core configured to descramble the at least part of the key and to apply the key in a cryptographic procedure, the descrambling being based at least in part on at least one environmental condition.
    Type: Grant
    Filed: May 26, 2014
    Date of Patent: February 25, 2020
    Assignee: NOKIA TECHNOLOGIES OY
    Inventor: Eki Petteri Monni
  • Patent number: 10565838
    Abstract: A method for controlling access to at least a portion of a building includes providing a temporal model identifying relationships between a first set of access control events based on times at which the first set of access control events occurred, providing a spatial model identifying relationships between a second set of access control events based on locations associated with the second set of access control events, providing a user model identifying patterns of user behavior based on a third set of access control events, receiving a fourth set of access control events comprising time data, and location data, and user data associated with the access control events, and determining whether to generate alarms responsive to receiving the fourth set of access control events using the temporal model, the spatial model, and the user model.
    Type: Grant
    Filed: February 6, 2019
    Date of Patent: February 18, 2020
    Assignee: Johnson Controls Technology Company
    Inventors: Donagh S Horgan, Jan R Holliday, Eamonn O'Toole
  • Patent number: 10560731
    Abstract: The present disclosure provides a method and a server apparatus for delivering content based on content-aware using a neural network. A server apparatus for content delivery is provided, including a content clustering unit for clustering multiple contents provided from a content provider based on a similarity; a training unit for training a cluster-wise content reconstruction model by using contents contained in each cluster in accordance with a result of clustering performed by the content clustering unit; a storage unit for storing the multiple contents and the cluster-wise content reconstruction model; and a transmission unit for transmitting content requested by a user and a content reconstruction model corresponding to a cluster containing the content requested to a user terminal.
    Type: Grant
    Filed: March 19, 2018
    Date of Patent: February 11, 2020
    Assignee: KOREA ADVANCED INSTITUTE OF SCIENCE AND TECHNOLOGY
    Inventors: Dong Su Han, Hyun Ho Yeo, Seong Hyeon Do
  • Patent number: 10547615
    Abstract: A method includes receiving, from a requesting device, an access request for at least one security alert encoded data slice of a set of security alert encoded data slices. A security alert message is dispersed storage error encoded into the set of security alert encoded data slices and stored in a set of storage units of a dispersed storage network (DSN). The set of storage units further stores a plurality of sets of encoded data slices, which corresponds to a data object that is dispersed storage error encoded. The method further includes, based on the access request for the at least one security alert encoded data slice, identifying the requesting device as an unauthorized DSN device. The method further includes initiating a security response protocol within the DSN.
    Type: Grant
    Filed: September 12, 2016
    Date of Patent: January 28, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Manish Motwani, Brian F. Ober, Jason K. Resch
  • Patent number: 10546298
    Abstract: An authentication application may securely communicate with a secure gateway using encryption based on an identifier of the plugin. The authentication application may authorize the plugin based on the identifier. The plug-in may receive biometric information and a unique device identifier. The authentication application may authenticate the user for use of the authorized plugin based the biometric information and the unique device identifier. The plug-in may receive a request to issue a new electronic card via the secure gateway. The plug-in may receive, responsive to sending the request via a secure communication channel with the secure gateway, the electronic card information issued to the device via the secure gateway. The plug-in may automatically add, responsive to receiving the electronic card information, the electronic card information into a mobile payment application of the device using the electronic card information.
    Type: Grant
    Filed: April 25, 2017
    Date of Patent: January 28, 2020
    Assignee: Ciphertext Solutions, Inc.
    Inventors: Walter E. Quiroga, Philip G. Schmidt, William Friedewald
  • Patent number: 10542586
    Abstract: Technologies for providing hardware resources as a service with direct resource addressability are disclosed. According to one embodiment of the present disclosure, a device receives a request to access a destination accelerator device in an edge network, the request specifying a destination address assigned to the destination accelerator device. The device determines, as a function of the destination address, a location of the destination accelerator device and sends the request to the destination accelerator device.
    Type: Grant
    Filed: March 29, 2019
    Date of Patent: January 21, 2020
    Assignee: Intel Corporation
    Inventors: Raghu Kondapalli, Alexander Bachmutsky, Francesc Guim Bernat, Ned M. Smith
  • Patent number: 10536864
    Abstract: The present invention is a method of managing a neighbor table in a communication apparatus. The method includes the steps of the communication apparatus maintaining a neighbor table comprising a plurality of neighboring table entries corresponding to respective neighboring nodes being communication nodes in communication range of the communication apparatus. Upon determination that the neighbor table capacity has reached a threshold, replacing a first neighbor table entry corresponding to a first neighboring node from the neighbor table by a new neighbor table entry corresponding to a new neighboring node based on the determination that the new neighboring node is a communication partner.
    Type: Grant
    Filed: December 7, 2016
    Date of Patent: January 14, 2020
    Assignee: SIGNIFY HOLDING B.V.
    Inventors: Armand Michel Marie Lelkens, Xiangyu Wang, Rick Van Haasen, Zhizhong Zhang, Peiliang Dong, Rong Fan
  • Patent number: 10530772
    Abstract: According to one embodiment, a communication apparatus is provided. The communication apparatus receives first content including first additional information from a first terminal, generates second additional information, adds the second additional information to second content, and transmits the second content to a second terminal. The second additional information includes an authentication code unique to blocks in the second content and the communication apparatus and a signature unique to the authentication code. The communication apparatus generates receipt information and transmits the receipt information to an external apparatus when a transmission source of the first content is verified to be the first terminal based on the first additional information.
    Type: Grant
    Filed: September 6, 2016
    Date of Patent: January 7, 2020
    Assignee: Toshiba Memory Corporation
    Inventors: Yosuke Bando, Masahiro Ishiyama
  • Patent number: 10521168
    Abstract: In one example of the disclosure, an encrypted document and an encryption key for decrypting the encrypted document are received from a computer. Presence data for a printer is received via a first wireless network. A user instruction to print the encrypted document at the printer is received. A credential is received from the printer via the first wireless network, where the credential for communication with the printer via a second wireless network with greater bandwidth than the first wireless network. The encrypted document and the encryption key are sent to the printer, where the printer is to utilize the encryption key to decrypt the encrypted document and is to print the document following decryption.
    Type: Grant
    Filed: May 27, 2016
    Date of Patent: December 31, 2019
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Vali Ali, Christopher C Mohrman, Adilson A Mohr, Endrigo Nadin Pinheiro, Fabio Riffel, Ronaldo Rod Ferreira, Jose Paulo Pires
  • Patent number: 10521605
    Abstract: Access to sensitive information in a database can be restricted to improve security and enable efficient auditing. A security engine receives a request from a requesting entity to access data in the database and determines that the requested data includes sensitive information. In response to the requesting entity being authorized to access the data, the security engine retrieves the requested data from the database and modifies the retrieved data by modifying metadata of the retrieved data to include a tag indicating that the retrieved data includes sensitive information. The security engine provides the modified data to the requesting entity and modifies a data access log to identify each attempted access to the modified data. When sensitive data is requested, an interface can include an obscuring element, requiring a user to manually select the element to view the data, enabling the logging of the explicit access request by the user.
    Type: Grant
    Filed: March 15, 2019
    Date of Patent: December 31, 2019
    Assignee: ZenPayroll, Inc.
    Inventors: Christopher Joseph Scuderi, Edward Kim
  • Patent number: 10515222
    Abstract: A method of encrypting information on an electronic device includes displaying information associated with an application running on the electronic device, receiving, via the application running on the electronic device, an input to initiate an encrypted camera application that is separate from the application running on the electronic device, initiating the encrypted camera application, determining an identity profile having an associated key, receiving an input from the encrypted camera application to collect image data with the camera, receiving image data from an image sensor of the camera, encrypting the image data utilizing the key associated with the determined identity profile to generate encrypted image data, adding the encrypted image data to a document associated with the application running on the electronic device.
    Type: Grant
    Filed: November 17, 2017
    Date of Patent: December 24, 2019
    Assignee: BlackBerry Limited
    Inventor: Neil Patrick Adams
  • Patent number: 10511440
    Abstract: A device provides a one-time proof of knowledge about a one-time signing key to a server without revealing the one-time signing key by computing a hash as a hash function from the one-time signing key, and transmitting, to the server, the computed hash, an identity associated with the electronic device and a hash path of the hash. The server receives the message from the device and checks whether the hash corresponds to a one-time signing key for a root hash included in a public certificate associated with the identity, checks whether an index corresponding to the hash path from the one-time signing key to the root hash corresponds to a correct time slot, and determines it to be proven that the device is in possession of the correct one-time signing key when the checks are fulfilled.
    Type: Grant
    Filed: January 18, 2016
    Date of Patent: December 17, 2019
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (publ)
    Inventors: Alexander Maximov, Martin Hell, Bernard Ben Smeets
  • Patent number: 10496806
    Abstract: In a computing device, when a user requests to carry out an operation, the device determines the type of operation requested and the time period since the user was last authenticated. The operation is enabled only if the determined time period does not exceed a threshold for the requested operation.
    Type: Grant
    Filed: October 8, 2018
    Date of Patent: December 3, 2019
    Assignee: NOKIA TECHNOLOGIES OY
    Inventors: Craig Robin Paskett Heath, Leon Clarke
  • Patent number: 10496638
    Abstract: Systems and methods which provide secure queries with respect to encrypted datasets are described. Embodiments provide privacy-assured similarity join techniques operable with large-scale encrypted datasets. A privacy-assured similarity join technique of embodiments enables a storage system to answer similarity join queries without learning the content of the query dataset and the target dataset. One or more secure query schemes may be implemented in accordance with a privacy-assured similarity join technique herein. For example, embodiments may utilize an individual similarity query scheme, a frequency hiding query scheme, and/or a result sharing query scheme. A particular secure query scheme of the foregoing secure query schemes may be utilized to address different considerations with respect to security, efficiency, and deployability with respect to various applications and scenarios with different requirements.
    Type: Grant
    Filed: December 7, 2016
    Date of Patent: December 3, 2019
    Assignee: City University of Hong Kong
    Inventors: Cong Wang, Sarana Nutanong, Xingliang Yuan, Xinyu Wang, Chenyun Yu
  • Patent number: 10498762
    Abstract: A method, non-transitory computer readable medium, and security management apparatus that retrieves source code for a web page requested by a client device. A script is injected into the source code and the source code is sent to the client device. The script is configured to encrypt an attribute of an input field, remove event listeners from the input field, and insert decoy input fields into the source code. An HTTP message is received from the client device following submission of data via the input field. The message comprises the data, the encrypted attribute of the input field, and an attribute of each of the decoy input fields. The HTTP message is modified by decrypting the encrypted attribute, replacing the encrypted attribute with the decrypted attribute, and removing the decoy input field attributes. The modified HTTP message is sent to the web server device.
    Type: Grant
    Filed: September 30, 2016
    Date of Patent: December 3, 2019
    Assignee: VERSAFE LTD.
    Inventors: Uri Chandler, Avihai Sitbon
  • Patent number: 10496308
    Abstract: A method for use in a distributed storage network (DSN) includes receiving, by a performance unit, access requests from a distributed storage (DS) processing unit. The access requests identify one or more storage units to which access is requested. The performance unit determines that at least a first storage unit is associated with a status level that fails to satisfy a threshold value associated with the access requests, and that at least a second storage unit is associated with a status level that does satisfy the threshold value. For the at least a first storage unit, the performance unit facilitates execution of an alternative approach to processing an access request corresponding to the first storage unit, and for the at least a second storage unit facilitates execution of a standard approach to processing an access request corresponding to the second storage unit.
    Type: Grant
    Filed: November 1, 2016
    Date of Patent: December 3, 2019
    Assignee: PURE STORAGE, INC.
    Inventor: Harsha Hegde
  • Patent number: 10498540
    Abstract: A method and system are provided for improved distributing of a complete software image to all electronic devices of a certain type or model while using encryption to limit its use to specific ones of those devices. In the method, the entire software image is encrypted with a global key and the encrypted software image is distributed to all devices which have the capability of running that software. The global software decryption key for decrypting the software image is uniquely encrypted for every device that is authorized to use the software and the encrypted global software key is distributed to those devices from a field or factory provisioning server across a point-to-point connection.
    Type: Grant
    Filed: May 24, 2017
    Date of Patent: December 3, 2019
    Assignee: ARRIS Enterprises LLC
    Inventors: Alexander Medvinsky, Eric J. Sprunk
  • Patent number: 10492045
    Abstract: Representative embodiments described herein set forth techniques for provisioning device configuration files and electronic Subscriber Identity Modules (eSIMs) to mobile devices. One embodiment sets forth a method for installing an eSIM at a mobile device. According to some embodiments, the method includes the steps of (1) receiving a first request to obtain the eSIM, (2) issuing, to an eSIM server, a second request for the eSIM, (3) receiving an eSIM installation package from the eSIM server, where the eSIM installation package includes (i) the eSIM, and (ii) a device configuration file that corresponds to: the mobile device, and at least one Mobile Network Operator (MNO) associated with the eSIM, and (4) upon verifying at least one digital signature associated with the eSIM installation package: installing the device configuration file on the mobile device, and installing the eSIM on an electronic Universal Integrated Circuit Card (eUICC) included in the mobile device.
    Type: Grant
    Filed: August 30, 2017
    Date of Patent: November 26, 2019
    Assignee: Apple Inc.
    Inventor: Li Li
  • Patent number: 10491399
    Abstract: Embodiments herein include, for example, a method that includes signing onto an secure communications system; sending a communication message; and transmitting every messages to all devices in a device group, before displaying any message sent or received.
    Type: Grant
    Filed: August 31, 2015
    Date of Patent: November 26, 2019
    Assignee: CYPH, INC.
    Inventors: Ryan Lester, Bryant Zadegan
  • Patent number: 10481905
    Abstract: A method and apparatus for verifying code integrity on a client, the method comprising: determining a verification object on the client; generating a plurality of verification sequences, wherein each verification sequence comprises a memory access mode, and a verification algorithm; randomly selecting a verification sequence from the plurality of verification sequences, and obtaining a server verification result for the verification object in accordance with the selected verification sequence; sending the selected verification sequence to the client; receiving a client verification result for the verification object calculated by the client in accordance with the selected verification sequence; and comparing the server verification result with the client verification result to obtain a code verification result.
    Type: Grant
    Filed: July 5, 2018
    Date of Patent: November 19, 2019
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventors: Hejun Hu, Zhaohui Yin, Fei Cao, Zhigang Zhou
  • Patent number: 10469566
    Abstract: An electronic device is provided. The electronic device includes a communication module configured to request from at least one peripheral electronic device to transmit device information, and to receive the device information from the at least one peripheral electronic device. The electronic device also includes a control module configured to analyze attributes of content using content information if a content providing event occurs, to analyze attributes of the at least one peripheral electronic device using the device information and the attributes of the electronic device, and to determine at least one target device to provide the content to a user, according to the result of analyzing the attributes of the content and the result of analyzing the attributes of the electronic device and the at least one peripheral electronic device.
    Type: Grant
    Filed: February 3, 2016
    Date of Patent: November 5, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Joon Sung Hong, Kyung Eun Park, Bong Joo Seo, Haebahremahram Suh, Ho Jun Jaygarl, Eun Jung Hyun, Moon Bae Song, Cheol Ho Cheong, Joon Ho Cho
  • Patent number: 10462031
    Abstract: In one embodiment, a network agent, associated with an operating system of a computing device, tracks socket connection calls made by a plurality of cotenant processes on the computing device that share a common network transport between the computing device and a remote computing device. The network agent may then extract a process identification (ID) for the socket connection calls, the process ID identifying which particular cotenant process of the plurality of cotenant processes is making each particular socket connection call. While monitoring network metrics of network traffic flows over socket connections between the computing device and the remote computing device, the network agent may attribute given network metrics from particular socket connections to a corresponding cotenant process based on the correlated process ID for the socket connection. As such, the network agent may then report the network metrics as attributed to the corresponding cotenant processes.
    Type: Grant
    Filed: October 31, 2017
    Date of Patent: October 29, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Harish Nataraj, Ajay Chandel, Naveen Kondapalli, Prakash Kaligotla
  • Patent number: 10455417
    Abstract: A method in a User Equipment (UE) of an Evolved Packet System (EPS) establishes a security key (K_eNB) for protecting Radio Resource Control/User Plane (RRC/UP) traffic exchanged with a serving eNodeB. The method comprises sending a Non-Access Stratum (NAS) Service Request to a Mobility Management Entity (MME), the request indicating a NAS uplink sequence number (NAS_U_SEQ). The method further comprises receiving an indication of the NAS_U_SEQ of the NAS Service Request sent to the MME, back from the MME via the eNodeB. The method further comprises deriving the K_eNB from at least the received indication of the NAS_U_SEQ and from a stored Access Security Management Entity-key (K_ASME) shared with said MME.
    Type: Grant
    Filed: July 24, 2018
    Date of Patent: October 22, 2019
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Rolf Blom, Gunnar Mildh, Karl Norrman
  • Patent number: 10447479
    Abstract: A hash value provides for a time-stamp for a piece of data upon verification. Providing the hash value includes deriving one-time signing keys of signer's one-time signing key hash chain by a one-way function of a secret key of the signer and a function of an index of the one-time signing key, and providing the hash value for the piece of data by a hash function including the piece of data and the derived one-time signing key. An electronic device having a processor arranged to implement a functional module for deriving a one-time signing key and providing a hash value for a piece of data by a hash function including the piece of data and the derived one-time signing key is also disclosed. The functional module is arranged to perform the method. A computer program for implementing the method on the electronic device is also disclosed.
    Type: Grant
    Filed: January 8, 2016
    Date of Patent: October 15, 2019
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Alexander Maximov, Martin Hell, Bernard Ben Smeets
  • Patent number: 10437655
    Abstract: A hardware-locked encrypted backup (HWLE-BU) that is locked to a single hardware device using the device's unique hardware identity, based on a Physically-Unclonable Function (PUF) or other suitable means providing a unique hardware identity. The HWLE-BU is bound to a specific hardware identity such that only the physical device that created the HWLE-BU can decrypt it, i.e., restoring HWLE-BU data requires utilizing the same physical hardware device in the decryption process.
    Type: Grant
    Filed: August 15, 2015
    Date of Patent: October 8, 2019
    Assignee: Analog Devices, Inc.
    Inventor: Douglas J. Gardner
  • Patent number: 10438006
    Abstract: Embodiments of the disclosure include systems and methods for secure storage and/or retrieval of customer secrets by, e.g., a cloud services provider. According to methods, secret data that is to be securely stored may be transmitted, along with an initialization vector, to an encryption service for encryption using a private key stored on in a remote key vault. The encrypted data can be returned and stored, in its encrypted form, in a secure storage along with the initialization vector data. To retrieve the securely stored data, embodiments disclose retrieving the encrypted form of the data and transmitting it, along with its related initialization vector data, to the encryption service for decryption using the private key stored in the remote key vault. The decrypted data can then be made available to a requesting product service.
    Type: Grant
    Filed: July 27, 2017
    Date of Patent: October 8, 2019
    Assignee: CITRIX SYSTEMS, INC.
    Inventors: Thomas M. Kludy, Ricardo Fernando Feijoo
  • Patent number: 10430355
    Abstract: A computer-implemented method includes setting a respective flag in a first buffer of a hardware accelerator. The first buffer includes the respective flag of the first buffer, and a second buffer of the hardware accelerator includes a respective flag of the second buffer. A hardware state of the hardware accelerator is maintained in the first buffer, based on the respective flag of the first buffer being set. A first request directed to the hardware accelerator is received. It is determined that that the first buffer has the respective flag set. The first request is passed to the hardware accelerator, where passing the first request includes passing to the hardware accelerator a pointer to the first buffer, based on the first buffer having the respective flag set.
    Type: Grant
    Filed: October 30, 2018
    Date of Patent: October 1, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Michael G. Jutt, Anthony T. Sofia
  • Patent number: 10433166
    Abstract: The embodiments provide a cryptography key for two communicating devices that is based on information known only to the devices. The information may only be determined by the devices. Each device determines the information without communicating key information related to the encryption key with the other. Channel characteristic reciprocity between the devices allows creation of identical keys in each device. Each device sends a signal to the other device at the same power level based on the distance between the devices. The power level may be set to result in a target receive power level at the other device. Each device samples the received signal, generates sampling results, creates a key based on the sampling results and a threshold power level, and utilizes the key. The threshold power level may be based on the target receive power level, or a median power determined from the sampling results.
    Type: Grant
    Filed: September 23, 2016
    Date of Patent: October 1, 2019
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventor: Amer Hassan
  • Patent number: 10419215
    Abstract: The embodiments provide cryptography keys for communicating devices that are based on information known only to the devices. Each device determines the information without communicating key information related to the key with the other. In an implementation, a first device sends a first signal to a second device, the second device loops back the first signal to the first device as a second signal, and the first device generates a first key based on error information from the second signal. Also, the second device sends a third signal to the first device, the first device loops back the third signal to the first device as a fourth signal, and the second device generates a second key based on error information from the fourth signal. The first device and second device then encrypt and decrypt communications between the first device and second device using the first key and second key.
    Type: Grant
    Filed: November 4, 2016
    Date of Patent: September 17, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventor: Amer Hassan
  • Patent number: 10417420
    Abstract: Systems and methods for malware detection and classification based on semantic analysis of memory dumps of malware are provided. According to one embodiment, a malware detector running within a computer system causes a sample file to be executed within a target process that is monitored by a process monitor of the malware detector. One or more memory dumps associated with the sample file are captured by the process monitor. A determination regarding whether the sample file represents malware is made by the malware detector by analyzing characteristics of at least one memory dump of the one or more memory dumps with reference to characteristics of memory dumps of a plurality of known malware samples.
    Type: Grant
    Filed: October 26, 2016
    Date of Patent: September 17, 2019
    Assignee: Fortinet, Inc.
    Inventor: Jie Zhang
  • Patent number: 10417601
    Abstract: Computer program products, methods, systems, apparatus, and computing entities for determining/identifying confidence ratings/indicators for delivery of items. In one embodiment, this comprises determining a number of location events that occurred within a zone of confidence for delivery an item to a serviceable address; and responsive to determining the number of location events that occurred within the zone of confidence for delivery the item to the serviceable address, determining, via one or more processors, a confidence rating for delivery of the item to the serviceable address based at least in part on the number of location events that occurred within the zone of confidence.
    Type: Grant
    Filed: June 26, 2014
    Date of Patent: September 17, 2019
    Assignee: United Parcel Service of America, Inc.
    Inventor: Jay Christian Staples
  • Patent number: 10419402
    Abstract: Methods, systems, and devices are described herein for delivering protected data to a nested trusted execution environment (TrEE) associated with an untrusted requestor. The nested TrEE may include a trustlet running on top of secure kernel. In one aspect, a targeting protocol head, or other intermediary between a requestor and a key management system or other store of protected data, may receive a request for protected data from a potentially untrusted requestor, an attestation statement of the secure kernel, and a key certification statement. The key certification statement may bind a trustlet public encryption key and a trustlet ID. The targeting protocol head may retrieve the protected data, and encrypt the protected data with the trustlet public encryption key. The targeting protocol head may then send the encrypted protected data to the requestor.
    Type: Grant
    Filed: January 26, 2017
    Date of Patent: September 17, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventor: Mark F. Novak
  • Patent number: 10410154
    Abstract: A method and system for enabling data usage accounting is described herein. The method can be practiced on a computing device that has secure applications and unsecure applications installed thereon. Initially, a request for a data session that includes a final endpoint can be received through a secure application. The request for the data session can be intercepted and modified to cause the request to be re-directed back to the secure application. A connection with a relay server can be initiated instead of the final endpoint such that data usage accounting for the data session is to be conducted at a remote location.
    Type: Grant
    Filed: July 24, 2017
    Date of Patent: September 10, 2019
    Assignee: VMware, Inc.
    Inventor: James Asnis