Multiple Computer Communication Using Cryptography Patents (Class 713/150)
  • Patent number: 9948695
    Abstract: Disclosed are an apparatus and method configured to perform media file encryption. One example method may include retrieving a media file stored in a memory during a play time operation, executing the media file and receiving additional portions of the media file during the play time operation. The method may also include processing the media file and the additional portions of the media file to generate an output media and displaying the output media on a display of a user device.
    Type: Grant
    Filed: March 16, 2012
    Date of Patent: April 17, 2018
    Assignee: Alcatel Lucent
    Inventors: Rajesh J. Vale, Danny De Vleeschauwer
  • Patent number: 9947011
    Abstract: A method includes receiving a request for registered payment options associated with a user computing device, where the request includes an identifier uniquely identifying one of the user computing device and the user. The method includes identifying one or more payment options associated with the device identifier, where each of the one or more payment options is associated with respective payment instrument information. The method includes providing one or more codes, where each code of the one or more codes identifies a respective payment option of the one or more payment options. The method includes receiving a first code of the one or more codes and transaction information. The method includes accessing, based upon the first code, payment instrument information associated with the payment option identified by the first code, and causing the processing of the payment instrument information in relation to a transaction identified by the transaction data.
    Type: Grant
    Filed: January 31, 2013
    Date of Patent: April 17, 2018
    Assignee: PAYPAL, INC.
    Inventors: Andrew Kortina, William Ready, Dan Manges, John Sturino, Juan Benitez, II
  • Patent number: 9935769
    Abstract: Cipher suites and/or other parameters for cryptographic protection of communications are dynamically selected to more closely match the intended uses of the sessions. A client indicates a planned use of a session to a server. The client's indication of the planned use may be explicit or implicit. The server selects an appropriate set of parameters for cryptographic protection of communications based at least in part on the indicated planned use and the client and server complete a handshake process to establish a cryptographically protected communications session to use the selected set of parameters.
    Type: Grant
    Filed: December 12, 2014
    Date of Patent: April 3, 2018
    Assignee: Amazon Technologies, Inc.
    Inventor: Nima Sharifi Mehr
  • Patent number: 9930028
    Abstract: The method to enroll a certificate to a device comprises the steps of providing a management application on a management device, the management application discovering a device that needs certificate enrollment, wherein the discovery information includes a public key of the device. The management application forwards the public key of the device to a certificate enrollment server, and the device requests a certificate enrollment at the certificate enrollment server by including the public key of the device at the certificate request for a secure certificate enrollment to the device.
    Type: Grant
    Filed: June 26, 2014
    Date of Patent: March 27, 2018
    Assignee: Thomson Licensing
    Inventors: Roeland Van Den Broeck, Bruno De Bus
  • Patent number: 9930123
    Abstract: Methods for re-anchoring a transport layer session in a communication network are disclosed. For example, a method receives a request to re-anchor a transport layer session and sends a packet notifying of a transport layer session re-anchor to a peer. The packet includes a header with a session identifier field, and a record type field that indicates that a payload of the packet comprises transport layer session re-anchor information. The method receives a confirmation of the transport layer session re-anchor notification. Another method receives a packet comprising a notification of a transport layer session re-anchor from a peer. The method updates a session management table and transmits packets to the peer using an updated address received in the notification of the transport layer session re-anchor.
    Type: Grant
    Filed: March 25, 2016
    Date of Patent: March 27, 2018
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventors: David B. Small, Thomas Spencer, IV
  • Patent number: 9922296
    Abstract: A distribution apparatus includes a reception part that receives first data and a request for execution of a process according to a process definition formed of one or more units of processing with respect to the first data, and one or more processing parts that execute the corresponding one or more units of processing. At least one processing part is a distribution part that distributes, to a distribution destination specified in the process definition, the first data or second data output as a result of execution of a unit of processing executed before a unit of processing corresponding to the at least one processing part. The distribution part distributes the first or second data based on information indicating a distribution method for the specified distribution destination defined in the process definition, when the specified distribution destination is included in multiple distribution destinations to which a communications protocol is common.
    Type: Grant
    Filed: September 2, 2014
    Date of Patent: March 20, 2018
    Assignee: Ricoh Company, Ltd.
    Inventor: Hideaki Hayano
  • Patent number: 9923874
    Abstract: A packet obfuscation method comprising receiving a data packet having a routing header portion and a payload portion, performing a first obfuscation on the routing header portion to generate an obfuscated routing header portion, performing a second obfuscation on at least the payload portion to generate an obfuscated payload portion, and combining the obfuscated routing header portion and the obfuscated payload portion to form an obfuscated packet. A packet forwarding method comprising obfuscating routing information using a packet obfuscation function, generating a plurality of forwarding rule entries in accordance with the obfuscated routing information, transmitting the plurality of forwarding rule entries to at least one network node in a network, transmitting the packet obfuscation function to at least one network node in the network, and transmitting a de-obfuscation function to at least one network node in the network.
    Type: Grant
    Filed: February 27, 2015
    Date of Patent: March 20, 2018
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Tao Wan, Peter Ashwood-Smith, Wen Tong
  • Patent number: 9912478
    Abstract: Technical solutions are described for authenticating a hosting system prior to securely deploying a shrouded virtual server. An example method includes receiving, by a hypervisor, a request for a public certificate, from a client device that requested the virtual server, and sending the public certificate of the hosting system that executes the hypervisor. The method also includes receiving, in response to the public certificate being successfully authenticated by the client device using a third-party verification system, a session key based on a public key included in the public certificate. The method also includes decrypting the session key using a private key, where the private key is pre-installed in the hosting system by a manufacturer of the hosting system, and sending an acknowledgement message encrypted using the session key. The method also includes establishing a secure communication between the client device and the hypervisor using the session key.
    Type: Grant
    Filed: December 14, 2015
    Date of Patent: March 6, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Khary J. Alexander, Reinhard T. Buendgen, K. Paul Muller, James A. O'Connor, William J. Rooney, Tiberiu Suto, Craig R. Walters
  • Patent number: 9912654
    Abstract: Architecture that provides Internet Protocol security (IPsec) certificate exchange based on certificate attributes. An IPsec endpoint can validate the security context of another IPsec endpoint certificate by referencing certificate attributes. By facilitating IPsec certificate exchange using certificate attributes rather than solely certificate roots, it is now possible to build multiple isolated network zones using a single certificate authority rather than requiring one certificate authority per zone. Moreover, the ability to use certificate attributes during the IPsec certificate exchange can be leveraged for more focused communications such as QoS (quality of service). Certificate attributes can be utilized to identify the security context of the endpoint. The IPsec certificate use can be locked down to a single IP or group of IPs.
    Type: Grant
    Filed: November 12, 2009
    Date of Patent: March 6, 2018
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Anatoliy Panasyuk, Dharshan Rangegowda, Abhishek Shukla
  • Patent number: 9906564
    Abstract: A first service submits a request to a second service on behalf of a customer of a service provider. The request may have been triggered by a request of the customer to the first service. To process the request, the second service evaluates one or more policies to determine whether fulfillment of the request is allowed by policy associated with the customer. The one or more policies may state one or more conditions on one or more services that played a role in submission of the request. If determined that the policy allows fulfillment of the request, the second service fulfills the request.
    Type: Grant
    Filed: June 29, 2017
    Date of Patent: February 27, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Gregory Branchek Roth, Matthew James Wren, Brian Irl Pratt
  • Patent number: 9900319
    Abstract: Systems and techniques for resilient network construction using enhanced privacy identification are described herein. A group certificate may be generated for a first device group. The first device group may include a plurality of devices having a shared attribute. A request may be received from a device of the plurality of devices for a data exchange session with a data partner device. The data partner device may be included in a second device group. The data exchange session may be enabled based on a set of permissions related to the group certificate. The set of permissions may define, at least in part, the accessibility of the second device group to the first device group.
    Type: Grant
    Filed: November 24, 2015
    Date of Patent: February 20, 2018
    Assignee: Intel Corporation
    Inventors: Ned M. Smith, Nathan Heldt-Sheller
  • Patent number: 9894467
    Abstract: A method and apparatus for starting or stopping a device-to-device (D2D) operation in a wireless communication system is provided. A user equipment (UE) supporting proximity services (ProSe) receives system information which indicates starting or stopping a D2D operation from a network, and starts or stops the D2D operation according to the system information. The system information may include a D2D start/end time which indicates when the D2D operation is started or stopped.
    Type: Grant
    Filed: August 4, 2014
    Date of Patent: February 13, 2018
    Assignee: LG Electronics Inc.
    Inventors: Youngdae Lee, Sunghoon Jung
  • Patent number: 9886595
    Abstract: A method and an apparatus for executing applications in a highest-priority-first order in the processor divided into a secure mode area and a non-secure mode area are provided. The method includes receiving a request to be processed in the non-secure mode domain from the application, determining an access permission level configured to a resource used for processing the request, determining, when the access permission level allows for access from the secure mode domain, a priority of the application, changing the access permission level to allow for access by the non-secure mode domain according to the priority of the application, and processing the request of the application using the resource in the non-secure mode domain.
    Type: Grant
    Filed: December 5, 2013
    Date of Patent: February 6, 2018
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Kyungsoo Kwag, Jaemin Ryu, Jungkyuen Lee, Kyungim Jung, Hyunjin Choi
  • Patent number: 9888037
    Abstract: A client and a server negotiate a cipher suite as part of establishing a TLS connection. Cipher suites are rated with an associated level of security. In one example, the client and the server maintain a historical record that identifies the cipher suites used in previous TLS connections between the client and the server. The client and the server determine a minimally acceptable cipher suite rating based at least in part on the historical record of previously used cipher suites. If the negotiated cipher suite has a rating less than the determined minimally acceptable cipher suite rating, the TLS connection may be terminated, the cipher suite may be renegotiated, or other corrective action may be taken. In another example, the client and the server exchange digital certificates, and the digital certificates identify cipher suites for use with a TLS connection that are acceptable to the certificate owner.
    Type: Grant
    Filed: August 27, 2015
    Date of Patent: February 6, 2018
    Assignee: Amazon Technologies, Inc.
    Inventor: Nima Sharifi Mehr
  • Patent number: 9888010
    Abstract: An integrated firewall provides security in a multi-tenant environment having a connection-based switched fabric directly connecting database servers which provide a plurality of database services with application servers hosting database service consumers each having a different database service consumer identity. The firewall functionality integrated into each database server provides access control by discarding communication packets which do not include a database service consumer identity and using the database service consumer identity in combination with an access control list to control access from the database service consumers to the database services. The access control includes address resolution access control, connection establishment access control, and data exchange access control based on said access control list.
    Type: Grant
    Filed: June 28, 2017
    Date of Patent: February 6, 2018
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventors: Vadim Makhervaks, Richard Mousseau, Bjørn Dag Johnsen, Sumanta Chatterjee, Avneesh Pant, Jean De Lavarene, Kant C. Patel, Bhaskar Mathur, Feroz Alam Khan, Sudeep Vatsanath Reguna
  • Patent number: 9877075
    Abstract: A method includes receiving data from a communication device at a processor of a proxy device, the data requesting a recording of media content. The method includes, sending a first command to a first media recording device and a second command to a second media recording device. The first command instructs the first media recording device to generate a first recording based on the media content, and the second command instructs the second media recording device to generate a second recording based on the media content. The first recording has a first file format and the second recording has a second file format. The second file format is compatible with a portable device.
    Type: Grant
    Filed: July 18, 2016
    Date of Patent: January 23, 2018
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventor: Lee Friedman
  • Patent number: 9872321
    Abstract: Establishing and controlling a tunnel for carrying a PDN connection between a first node and a second node. The first node sends a request to set up a tunnel, the request including a first identifier. The first node then receives a second identifier for use in identifying the tunnel when receiving data sent from the second node to the first node. Data packets are sent from the first node, the data packets including the first and/or second identifiers for identifying the tunnel from the first node to the second node. Data packets are received from the second node, the data packets including the second identifier from the second node to the first node.
    Type: Grant
    Filed: October 9, 2013
    Date of Patent: January 16, 2018
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Dinand Roeland, Zu Qiang, Stefan Rommer
  • Patent number: 9870591
    Abstract: A blockchain configured system and a method for facilitating an expertise driven review and scoring of electronic documents in a crowdsourced environment. The system includes a server computer, a memory circuit and a processing circuit. The processing circuit is coupled to the memory circuit and includes or is coupled to a credentialing engine. The system further includes an expert scoring module. The system further includes a document reviewing and scoring engine coupled to the processing circuit. The document review and scoring module associates an aggregate score to the electronic document based on aggregation of the review ratings by crowdsourced experts and aggregate scores of each of the crowdsourced experts based on the set of attributes including one or more of the credentialed expertise, reputation of the expert, and the officiality.
    Type: Grant
    Filed: December 21, 2016
    Date of Patent: January 16, 2018
    Assignee: Netspective Communications LLC
    Inventor: Shahid N. Shah
  • Patent number: 9866387
    Abstract: A method for accessing a device by a user connected to the device and to at least two servers in different networks includes collaboratively generating parts of an authentication ticket on the at least two servers, collaboratively generating parts of a user session key and encrypting a combined user session key, authenticating with the authentication ticket at a distributed ticket granting server by collaboratively decrypting user request information using the combined user session key and comparing its content with the authentication ticket, collaboratively generating an encrypted user-to-device ticket and an encrypted user-to-device session key, and accessing the device by the user using the encrypted user-to-device ticket and the user-to-device session key.
    Type: Grant
    Filed: April 12, 2013
    Date of Patent: January 9, 2018
    Assignee: NEC Corporation
    Inventors: Jens-Matthias Bohli, Wenting Li, Jan Seedorf
  • Patent number: 9860221
    Abstract: Systems and methods may provide for determining a first key associated with a first group and determining a first resource exposure policy for the device with respect to the first group. Additionally, the first key may be used to send first operational and security context data to a first dynamic group verifier in accordance with the first resource exposure policy. In one example, a second key associated with a second group is determined, a second resource exposure policy is determined for the device with respect to the second group, a local context change is detected, and the second key is used to send, in response to the local context change, second operational data to a second dynamic group verifier in accordance with the second resource exposure policy.
    Type: Grant
    Filed: March 10, 2015
    Date of Patent: January 2, 2018
    Assignee: Intel Corporation
    Inventor: Ned M. Smith
  • Patent number: 9847984
    Abstract: A method for implementing response function agnostic, challenge-response authentication on a CE device includes sharing a series of proxy responses to a series of authentication challenges with a service provider, receiving an associated actual response from an initialization phase response function for each of the authentication challenges, where at least one of the initialization phase response function and a parameter required for the initialization phase response function is withheld from the service provider, encrypting each of the proxy responses with its associated actual response, thereby generating a series of encrypted proxy responses, storing the encrypted proxy responses on the CE device, receiving one of the authentication challenges from the service provider, inputting the authentication challenge to an operation phase response generator on the CE device, where the operation phase response generator is configured with the same response function used by the initialization phase response generator
    Type: Grant
    Filed: October 23, 2013
    Date of Patent: December 19, 2017
    Assignee: Cisco Technology, Inc.
    Inventors: David Wachtfogel, Andrew Sinton
  • Patent number: 9838433
    Abstract: In an information processing apparatus that communicates with a printing control apparatus, whether the printing control apparatus is connected is determined in a case where a security policy is set for the information processing apparatus, and setting of the security policy is activated. The setting of the security policy is deactivated in a case where the printing control apparatus is connected, and the setting of the security policy is applied in a case where the printing control apparatus is not connected.
    Type: Grant
    Filed: October 12, 2015
    Date of Patent: December 5, 2017
    Assignee: CANON KABUSHIKI KAISHA
    Inventor: Naoya Kakutani
  • Patent number: 9826023
    Abstract: Systems and methods for injecting sensitive data into outgoing traffic on behalf of a user of a private network are provided. According to one embodiment, a network security appliance maintains a database of sensitive data. Secure submission of sensitive data of a user is facilitated by the security appliance in connection with interactions between a client and a server by: (i) intercepting outgoing traffic from the client to the server; (ii) determining whether the outgoing traffic matches a policy configured by an administrator of the private network that causes the sensitive data to be injected into the outgoing traffic by the network security device on behalf of the user; and (iii) when the determining is affirmative: (a) retrieving the sensitive data from the database; (b) modifying the outgoing traffic by injecting the sensitive data into the outgoing traffic; and (c) sending the modified outgoing traffic to the server.
    Type: Grant
    Filed: August 15, 2016
    Date of Patent: November 21, 2017
    Assignee: Fortinet, Inc.
    Inventor: Qianyong Yu
  • Patent number: 9823862
    Abstract: According to one embodiment, a storage system includes a plurality of memory nodes that are connected to each other in a plurality of different directions. Each memory node stores a count value. Each memory node, when receiving an update command of which destination is not own memory node, transmits the update commando to other memory nodes connected thereto. Each memory node, when receiving an update command of which destination is own memory node, executes the update command, increases the stored count value, and issues a notice indicating the increased count value.
    Type: Grant
    Filed: June 25, 2014
    Date of Patent: November 21, 2017
    Assignee: TOSHIBA MEMORY CORPORATION
    Inventors: Atsuhiro Kinoshita, Junichi Hoshino, Takahiro Kurita
  • Patent number: 9820251
    Abstract: An enhanced Session Initiation Protocol (“SIP”) registration message having extended header information that is used by an Internet Protocol Multimedia Subsystem (“IMS”) core to determine the registration status of a mobile device and the physical location of the mobile device. The extended header information includes hardware and subscriber identifiers, such as an International Mobile Equipment Identity (“IMEI”) and International Mobile Subscriber Identity (“IMSI”). The IMS core queries an equipment identity register to validate IMEI/IMSI identifiers in the header to determine whether to deny registration to a mobile device. The IMS core also queries a capability database using an IMEI to determine which location determination techniques are supported by or suitable for the associated mobile device.
    Type: Grant
    Filed: February 22, 2016
    Date of Patent: November 14, 2017
    Assignee: T-Mobile USA, Inc.
    Inventors: Vishal Narkar, Nilesh Ranjan
  • Patent number: 9811562
    Abstract: A processing device receives a plurality of discrete log entries from a first data store and generates an event for each discrete log entry that satisfies a criterion. To generate an event the processing device determines a source type associated with a discrete log entry, parses the discrete log entry based on the source type, determines a plurality of fields of the discrete log entry, identifies a subset of the plurality of fields, wherein one or more fields in the subset are to be used as keys for indexing events, and assigns a field type to each field in the subset of the plurality of fields. The processing device additionally writes a plurality of event entries for the event into a second data store. A separate event entry is written for each field of the subset of the plurality of fields having an assigned field type.
    Type: Grant
    Filed: February 24, 2016
    Date of Patent: November 7, 2017
    Assignee: FactorChain Inc.
    Inventors: Kenny Tidwell, David Frampton, Brendan O'Connell
  • Patent number: 9807122
    Abstract: A method includes determining a topic and a media type of a communication to be sent from a sending communication device to a designated receiving communication device, assigning one or more security requirements to the communication based on the topic and the media type, identifying a security state of the receiving communication device for receiving the communication via the media type, and transmitting the communication from the sending communication device to the receiving communication device only in response to the security state of the receiving communication device satisfying the one or more security requirements.
    Type: Grant
    Filed: September 16, 2015
    Date of Patent: October 31, 2017
    Assignee: Lenovo Enterprise Solutions (Singpore) Pte. Ltd.
    Inventors: Gary D. Cudak, Joseph F. Herman, J. Mark Weber, Christine Marie Stamm-Nettleship, Zendre Necole Simmons
  • Patent number: 9806943
    Abstract: Exemplary embodiments for enabling planned network changes such as an upgrade or downgrade of a network device are disclosed. The systems and methods provide for planned upgrades and downgrades for network devices without impacting existing network sessions, by utilizing two network devices simultaneously, and creating a redirect network session for a predetermined period of time. In so doing, all network traffic may be gradually transferred to the second network device, until the sessions processed by the first network device time out. The first network device can then be taken offline for upgrade or downgrade, without any disruption to the network service or loss of network traffic.
    Type: Grant
    Filed: April 24, 2014
    Date of Patent: October 31, 2017
    Assignee: A10 NETWORKS, INC.
    Inventors: Ali Golshan, Swaminathan Sankar, Venky Natham
  • Patent number: 9805210
    Abstract: Encryption-based data access management may include a variety of processes. In one example, a device may transmit a user authentication request for decrypting encrypted data to a data storage server storing the encrypted data. The computing device may then receive a validation token associated with the user's authentication request, the validation token indicating that the user is authenticated to a domain. Subsequently, the computing device may transmit the validation token to a first key server different from the data storage server. Then, in response to transmitting the validation token the computing device may receive, from the first key server, a key required for decrypting the encrypted data. The device may then decrypt at least a portion of the encrypted data using the key.
    Type: Grant
    Filed: February 26, 2015
    Date of Patent: October 31, 2017
    Assignee: CITRIX SYSTEMS, INC.
    Inventors: Joseph Nord, Benjamin Elliot Tucker, Timothy Gaylor
  • Patent number: 9801222
    Abstract: The present disclosure relates to a system and methods for exchanging information between a plurality of mobile devices by pairing the two mobile devices based on proximity of the two mobile devices. In some implementations, the method includes determining a geographic position and angular orientation of the devices. In other implementations, the method includes determining that at least one mobile device heard a unique sound produced by the other mobile device. Once paired, the server can send information to one or both of the mobile devices and, in some cases, can revoke the exchanged information, e.g., in response to a revocation request.
    Type: Grant
    Filed: December 21, 2016
    Date of Patent: October 24, 2017
    Assignee: MM Mobile, LLC
    Inventor: Masa Pezdirc
  • Patent number: 9798290
    Abstract: Cryptographic techniques for encrypting images, and decrypting and reconstructing images, are provided to facilitate preventing unauthorized access to images. A holographic cryptographic component (HCC) generates complex holograms of multi-dimensional source images of a multi-dimensional object scene. The HCC generates phase holograms, based on the complex holograms, using a stochastic hologram generation process, and encrypts the phase holograms to generate encrypted holograms based on a random phase mask, which can be the private encryption key. At the decoding end, an HCC overlays a conjugate phase mask on the encrypted holograms to decrypt them, wherein the decrypted holograms are illuminated with a coherent light source to generate holographic images that reconstruct the source images. The source images are only reconstructed properly if the correct phase mask is used. If HCC applies the encryption process repetitively to the same source image, HCC can generate a different encrypted hologram in each run.
    Type: Grant
    Filed: September 25, 2015
    Date of Patent: October 24, 2017
    Assignee: CITY UNIVERSITY OF HONG KONG
    Inventor: Peter Wai Ming Tsang
  • Patent number: 9800556
    Abstract: Embodiments described herein provide enhanced computer- and network-based systems and methods for providing data security with respect to computing services, such as a digital transaction service (DTS). Example embodiments further provide a discovery service that enables nodes that are included in, or otherwise communicatively coupled to, the DTS to actively or passively “discover” roles and keys associated with the nodes. These node roles are associated with the various services provided by the DTS. A security module provides at least a portion of the security services.
    Type: Grant
    Filed: January 30, 2015
    Date of Patent: October 24, 2017
    Assignee: DocuSign, Inc.
    Inventors: David Steeves, Eric Fleischman
  • Patent number: 9794109
    Abstract: A client device and method for maintaining NAT mapping. In one embodiment the client device includes: (1) a network interface circuit operable to transmit a keepalive message on an interval to a NAT gateway and (2) an interval adjust circuit configured to: (2a) increment the interval upon an acknowledgment of the keepalive message and (2b) decrement the interval upon a failure to receive the acknowledgment.
    Type: Grant
    Filed: February 22, 2013
    Date of Patent: October 17, 2017
    Assignee: Alcatel Lucent
    Inventors: Gordon E. McKinney, Frank Quatro
  • Patent number: 9781076
    Abstract: A communications system (40) comprises a first entity (42), a first encryption device (48) and a network (46). The first encryption device (48) is adapted to decrypt, using a first decryption algorithm, data sent from a first destination to said first entity via said network (46). The first encryption device (48) is adapted to pass network metric data concerning at least one route between said first entity and said first destination to said first entity without subjecting said network metric data to said first decryption algorithm.
    Type: Grant
    Filed: January 19, 2009
    Date of Patent: October 3, 2017
    Assignee: CASSIDIAN LIMITED
    Inventor: Mark Bentall
  • Patent number: 9781451
    Abstract: A method and apparatus for decoding a compressed video is disclosed. The method comprises scrambling the compressed video, to produce a scrambled compressed video; delivering the scrambled compressed video to a decoder, for decoding the scrambled compressed video to produce a scrambled decompressed video; receiving from the decoder the scrambled decompressed video; and descrambling the scrambled decompressed video, to produce a descrambled decompressed video.
    Type: Grant
    Filed: November 18, 2014
    Date of Patent: October 3, 2017
    Assignee: Squadeo S.AS.
    Inventors: Francois Martin, Xiaobo Liu
  • Patent number: 9775120
    Abstract: Provided are a beacon service method, apparatus, and system for providing a plurality of services using one beacon device by allowing the beacon device to broadcast a plurality of beacon signals for providing the plurality of services to a certain user terminal. The beacon device includes a first communication module configured to broadcast a beacon signal, a storage module configured to store transmission information for a plurality of beacon signals, and a control module configured to use the transmission information for the plurality of beacon signals stored in the storage module to control the first communication module to alternately broadcast the plurality of beacon signals.
    Type: Grant
    Filed: December 29, 2016
    Date of Patent: September 26, 2017
    Assignee: SK Planet Co., Ltd.
    Inventor: SeungHoon Moon
  • Patent number: 9767840
    Abstract: The disclosed embodiments provide a system that drives a display from a computer system. During operation, the system writes graphical output to protected memory and drives the display from the protected memory. If the graphical output lacks protection, the system discontinues the driving of the display from the protected memory. In particular, upon detecting a lack of protection in the graphical output, the system continues to drive the display from the protected memory during a grace period associated with the lack of protection in the graphical output. The system then discontinues driving of the display from the protected memory if protection of the graphical output does not resume during the grace period.
    Type: Grant
    Filed: August 18, 2011
    Date of Patent: September 19, 2017
    Assignee: APPLE INC.
    Inventor: Ian C. Hendry
  • Patent number: 9767023
    Abstract: A second computer transmits, to a first computer, confirmation data including identification information and a version number of copy data updated in a cache. Based on the confirmation data received from the second computer and information stored in the persistent storage device, the first computer extracts the identification information and the version number corresponding to the copy data to be written to the persistent storage device, from the confirmation data, and transmits response data including the extracted identification information and the version number to the second computer. Based on the response data received from the first computer and information stored in the cache, the second computer determines the copy data in the cache to be transmitted to the first computer so as to be written to the persistent storage device.
    Type: Grant
    Filed: May 19, 2014
    Date of Patent: September 19, 2017
    Assignee: NEC CORPORATION
    Inventor: Teruki Sukenari
  • Patent number: 9760709
    Abstract: A method of authenticating a target device using a reader and a data store comprising: sending a selected challenge data value from the reader to the target device multiple times; receiving at the reader the respective response data value generated by the target device in response to each instance of the challenge data value sent by the reader; determining a representative response data value from the response data values received by the reader; comparing the representative response data value against the response data values in the respective challenge-response data set; and determining that the target device is authentic if the representative data value matches any one of the response data values from a respective challenge-response data set.
    Type: Grant
    Filed: November 13, 2013
    Date of Patent: September 12, 2017
    Assignee: The Queen's University of Belfast
    Inventors: Liang Lu, Jiang Wu, Maire O'Neill
  • Patent number: 9749333
    Abstract: A shared access user appliance having a client component; a server component; interactive user components providing functions to a first user; an interactive access management component allowing the first user to select second users, and select whether to grant or deny access to the user components for the second users; and a control component generating access control data and granting or denying access to the user components for the second users. The server component generates an appliance graphical user interface representing an interactive user environment including independently selectable graphical objects. Selecting each graphical object causes the server to modify the appliance graphical user interface to include the graphical user interface of the interactive user component. The server component receives requests from other users and sends a graphical user interface of the interactive user component for display only if the access data indicates the first user has allowed the second user access.
    Type: Grant
    Filed: May 5, 2015
    Date of Patent: August 29, 2017
    Assignee: Oliver Lloyd Pty Ltd
    Inventors: Alan Charles Lloyd, Susan Mary Oliver
  • Patent number: 9733852
    Abstract: A request to store a file to be protected is received. It is detected whether the file to be protected is a file to be synchronized. The encryption key is selected based on the detection of whether the file is a file to be synchronized. The file to be protected is encrypted using the selected encryption key.
    Type: Grant
    Filed: December 23, 2015
    Date of Patent: August 15, 2017
    Assignee: ThinAir Labs, Inc.
    Inventor: Anthony Gauda
  • Patent number: 9734348
    Abstract: A method for automatically encrypting files is disclosed. In some cases, the method may be performed by computer hardware comprising one or more processors. The method can include detecting access to a first file, which may be stored in a primary storage system. Further, the method can include determining whether the access comprises a write access. In response to determining that the access comprises a write access, the method can include accessing file metadata associated with the first file and accessing a set of encryption rules. In addition, the method can include determining whether the file metadata satisfies the set of encryption rules. In response to determining that the file metadata satisfies the set of encryption rules, the method can include encrypting the first file to obtain a first encrypted file and modifying an extension of the first encrypted file to include an encryption extension.
    Type: Grant
    Filed: June 7, 2016
    Date of Patent: August 15, 2017
    Assignee: Commvault Systems, Inc.
    Inventors: Andrei Erofeev, Rahul S. Pawar
  • Patent number: 9736128
    Abstract: Disclosed are systems and methods for delegating computations of resource-constrained mobile clients, in which multiple servers interact to construct an encrypted program representing a garbled circuit. Implementing the garbled circuit, garbled outputs are returned. Such implementations ensure privacy of each mobile client's data, even if an executing server has been colluded. The garbled circuit provides secure cloud computing for mobile systems by incorporating cryptographically secure pseudo random number generation that enables a mobile client to efficiently retrieve a result of a computation, as well as verify that an evaluator actually performed the computation. Cloud computation and communication complexity are analyzed to demonstrate the feasibility of the proposed system for mobile systems.
    Type: Grant
    Filed: May 20, 2015
    Date of Patent: August 15, 2017
    Assignees: The Board of Regents, The University of Texas System, Center for Technology Licensing at Cornell University
    Inventors: Sriram Nandha Premnath, Zygmunt J. Haas
  • Patent number: 9730059
    Abstract: Apparatus and associated methods relate to securely transmitting, directly between two mobile devices, AES-256 encrypted file attachments which are decrypted within an application program (APP) using a decryption key that is available only to the APP. In an illustrative embodiment, the encrypted file may be attached to an e-mail. The e-mail may be transmitted directly to another mobile device via direct Wi-Fi, for example. The e-mail may be transmitted directly to another mobile device using Bluetooth, for example. In encrypted attachment may be deciphered only within the APP running on the receiving mobile device using a private key accessible to only the APP.
    Type: Grant
    Filed: May 4, 2016
    Date of Patent: August 8, 2017
    Assignee: SecureWiFi Technologies, LLC
    Inventor: Douglas Denny
  • Patent number: 9729556
    Abstract: A tool for administering virtual recognition of a group of users is provided. The group of users may be specifically identified or dynamically generated based on criteria selected by an administrative entity submitting a request to administer virtual recognition. The tool may be configured for generating user and badge recommendations based at least in part on the group of users identified to receive the virtual recognition.
    Type: Grant
    Filed: April 29, 2015
    Date of Patent: August 8, 2017
    Assignee: salesforce.com, inc.
    Inventor: John Arlan Brock
  • Patent number: 9729902
    Abstract: A system includes a session and resource manager and a video pump. The session and resource manager negotiates encryption keys from a headend controller and provides the encryption keys to a video pump. The video pump uses the encryption keys from the session and resource manager to encrypt content. Thus, the video pump uses encryption keys to encrypt the content so that it is encrypted right from the video pump prior to transmission over the entire transport system. A generic modulation device may thus be used to modulate the encrypted content over the delivery network.
    Type: Grant
    Filed: January 6, 2011
    Date of Patent: August 8, 2017
    Assignee: Cox Communications, Inc.
    Inventors: Keith Alan Rothschild, Robert Lee Ames, Jr., Julius Bert Bagley
  • Patent number: 9729312
    Abstract: A key value storage (KVS) system comprising: a client-side agent configured to encrypt data; three nodes hosted respectively in three cloud service providers, wherein each node comprises: a management node configured to receive encrypted data from the client-side agent, a homomorphic encryption (HE) key manager configured to fetch a public key of a given object in the KVS system, a homomorphic encryption and processing engine configured to execute commands over the encrypted data without decrypting it, a homomorphic memory store, a hypervisor configured to monitor performance of the management node in order to assess the quality of service of the management node; and wherein each node serves on a rotating basis in a master node role, a secondary node role, or a back-up node role, wherein the nodes rotate their roles when the master node's hypervisor detects a reduced quality of service of the master node's management node.
    Type: Grant
    Filed: April 28, 2015
    Date of Patent: August 8, 2017
    Assignee: The United States of America as represented by the Secretary of the Navy
    Inventor: Luis Angel D. Bathen
  • Patent number: 9723009
    Abstract: A security solution provides secure communication in a multi-tenant environment which includes a connection-based fabric, storage cells holding data associated with different tenants, database servers which provide a plurality of database services using said data, application servers hosting database service consumers. The fabric is configured into partitions isolating the storage cells from the database service consumers. The application servers securely associate unique database service consumer identities with each database service consumer and all communications with the database servers. The database servers reject all communications from the application servers which do not include an identity and use an access control list to control access from the database service consumers to the database services using address resolution access control, connection establishment access control, and data exchange access control based on said access control list.
    Type: Grant
    Filed: September 8, 2015
    Date of Patent: August 1, 2017
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventors: Vadim Makhervaks, Richard Mousseau, Bjørn Dag Johnsen, Sumanta Chatterjee, Avneesh Pant, Jean De Lavarene, Kant C. Patel, Bhaskar Mathur, Feroz Alam Khan, Sudeep Vatsanath Reguna
  • Patent number: 9723008
    Abstract: An integrated firewall provides security in a multi-tenant environment having a connection-based switched fabric directly connecting database servers which provide a plurality of database services with application servers hosting database service consumers each having a different database service consumer identity. The firewall functionality integrated into each database server provides access control by discarding communication packets which do not include a database service consumer identity and using the database service consumer identity in combination with an access control list to control access from the database service consumers to the database services. The access control includes address resolution access control, connection establishment access control, and data exchange access control based on said access control list.
    Type: Grant
    Filed: September 8, 2015
    Date of Patent: August 1, 2017
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventors: Vadim Makhervaks, Richard Mousseau, Bjørn Dag Johnsen, Sumanta Chatterjee, Avneesh Pant, Jean De Lavarene, Kant C. Patel, Bhaskar Mathur, Feroz Alam Khan, Sudeep Vatsanath Reguna
  • Patent number: 9720963
    Abstract: Managing confidence data in a question-answering environment is disclosed. Managing confidence data can include sorting, based on a set of answer categories for a subject matter, a first set of a plurality of answers into a first answer category. The first set can correspond to at least one of a third set of a plurality of confidence scores and the second set can correspond to at least one of a fourth set of the plurality of confidence scores. Managing confidence data can include classifying confidence scores of the third set into one of a plurality of confidence buckets using a first threshold and determining a fifth set of a plurality of thresholds using the plurality of confidence scores. Managing confidence data can include classifying unclassified confidence scores of the third set into one of the plurality of confidence buckets using the fifth set of the plurality of thresholds.
    Type: Grant
    Filed: December 15, 2014
    Date of Patent: August 1, 2017
    Assignee: International Business Machines Corporation
    Inventors: Kevin S. Barker, Roberto DeLima, Thomas J. Eggebraaten, Mark G. Megerian, Marie L. Setnes