Protection At A Particular Protocol Layer Patents (Class 713/151)
  • Patent number: 9942443
    Abstract: An information processing apparatus includes plural communication interfaces, a specifying unit, a network determining unit, and a transmission controller. The plural communication interfaces are individually connected to plural communication networks having different security levels. The specifying unit specifies a destination terminal to which a file stored in a data memory is to be transmitted. The network determining unit determines a communication network, among the plural communication networks, via which the file is to be transmitted to the destination terminal. The transmission controller prohibits transmission of the file to the destination terminal in a case where a security level set to the file is higher than a security level set to the communication network determined by the network determining unit.
    Type: Grant
    Filed: September 4, 2015
    Date of Patent: April 10, 2018
    Assignee: FUJI XEROX CO., LTD.
    Inventor: Akiko Mochizuki
  • Patent number: 9942129
    Abstract: The subject matter of the invention is a communication method comprising the establishment of a communication route to a target partner not reachable by direct addressing by by-passing a node blocking the direct connection, further comprising the steps of setting up a TURN server at one or more users of the communication network in response to a definite and pre-granted request or in advance, and implementing the communication route to be established via at least one mentioned TURN server, with the effective mutual authorization management of the users involved in the communication session.
    Type: Grant
    Filed: November 28, 2014
    Date of Patent: April 10, 2018
    Assignees: Szegedi Tudományegyetem, Budapesti Müszaki és Gazdaságtudományi Egyetem
    Inventors: Péter Ekler, Charaf Hassan, Bertalan Forstner, László Lengyel, Róbert Béládi, Vilmos Bilicki, Tibor Gyimóthy, Szilárd Iványi, Vilmos Szücs, Ádám Végh, Zoltán Rak, Márk Jelasity
  • Patent number: 9935879
    Abstract: A TCP connection is established between a client and a server, such that packets communicated across the TCP connection pass through a proxy. Based at least in part on a result of monitoring packets flowing across the TCP connection, the proxy determines whether to split the TCP control loop into two TCP control loops so that packets can be inspected more thoroughly. If the TCP control loop is split, then a first TCP control loop manages flow between the client the proxy and a second TCP control loop manages flow between the proxy and the server. Due to the two control loops, packets can be held on the proxy long enough to be analyzed. In some circumstances, a decision is then made to stop inspecting. The two TCP control loops are merged into a single TCP control loop, and thereafter the proxy passes packets of the TCP connection through unmodified.
    Type: Grant
    Filed: December 29, 2012
    Date of Patent: April 3, 2018
    Assignee: Netronome Systems, Inc.
    Inventors: Roelof Nico du Toit, Jacques Fourie, Peter Liudmilov Djalaliev
  • Patent number: 9935944
    Abstract: At a client computer, a web browser displays a control for a local utility executed on the client computer, wherein the control includes a link. The web browser receives a user input selecting the control and, in response to the user input, issues a request through the link to a local web server coupled with the local utility. The link includes a domain that resolves to a loopback network address. The loopback network address is a self-referencing address for the local web server at the client computer. The local web server receives the request and provides the local utility with a command portion of the request. In response to receiving the command portion of the request from the local web server, the local utility takes one or more actions based on the command portion of the request.
    Type: Grant
    Filed: August 30, 2016
    Date of Patent: April 3, 2018
    Assignee: Spotify AB
    Inventors: Sten Garmark, Nicklas Soderlind, Samuel Cyprian, Aron Levin, Hannes Graah, Erik Hartwig, Gunnar Kreitz
  • Patent number: 9934166
    Abstract: A method providing simple fine-grain hardware primitives with which software engineers can efficiently implement enforceable separation of programs into modules and constraints on control flow, thereby providing fine-grain locality of causality to the world of software. Additionally, a mechanism is provided to mark some modules, or parts thereof, as having kernel privileges and thereby allows the provision of kernel services through normal function calls, obviating the expensive prior art mechanism of system calls. Together with software changes, Object Oriented encapsulation semantics and control flow integrity in hardware are enforced.
    Type: Grant
    Filed: March 14, 2013
    Date of Patent: April 3, 2018
    Inventors: Daniel Shawcross Wilkerson, Mark William Winterrowd
  • Patent number: 9930713
    Abstract: This disclosure describes systems, methods, and devices related to link aggregation between devices. A device may encode a multi-band element for transmission using a first interface of one or more interfaces to a first device. The device may cause to send a first link aggregation setup request to the first device including at least in part the multi-band element. The device may identify a first link aggregation setup response from the first device. The device may cause to establish a multi-band link aggregation session with the first device using the first interface.
    Type: Grant
    Filed: December 29, 2016
    Date of Patent: March 27, 2018
    Assignee: Intel IP Corporation
    Inventors: Laurent Cariou, Bahareh Sadeghi, Yaron Alpert, Carlos Cordeiro, Robert Stacey
  • Patent number: 9924039
    Abstract: An apparatus, a method, and a computer program receive a request message from a mobile device to connect with an agent and authenticate the request message and provisioning a database for enabled services and service location. A service provider is identified and selected from a plurality of service providers. As a result, the request message is transmitted to the service provider in order to determine availability of the service provider.
    Type: Grant
    Filed: May 16, 2017
    Date of Patent: March 20, 2018
    Assignee: West Corporation
    Inventors: Michael T. Mateer, James K. Boutcher, Jesse Andersen
  • Patent number: 9917822
    Abstract: A processing system for distributed multi-tier applications is provided. The system includes a server component that executes a replica of a client-side application, where a client component executes the client-side application. The client component captures events from the client-side application and transmits the events to the replica to validate the computational integrity security of the application.
    Type: Grant
    Filed: April 8, 2014
    Date of Patent: March 13, 2018
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Benjamin Livshits, Henricus Johannes Maria Meijer, Cedric Fournet, Jeffrey Van Gogh, Danny van Velzen, Abhishek Prateek, Krishnaprasad Vikram
  • Patent number: 9912699
    Abstract: A network device may receive a packet flow, and may identify an application associated with the packet flow. The network device may determine that packets associated with the application are not to be encrypted using a security protocol. The network device may store a rule that indicates that the packets are not to be encrypted using the security protocol based on determining that the packets are not to be encrypted using the security protocol. The rule may include network layer information or transport layer information associated with the packet flow, and may exclude application layer information associated with the packet flow. The network device may transmit, based on the rule, the packets without using the security protocol to encrypt the packets.
    Type: Grant
    Filed: December 30, 2015
    Date of Patent: March 6, 2018
    Assignee: Juniper Networks, Inc.
    Inventors: Mithun Hebbar, Vijay Anand
  • Patent number: 9906409
    Abstract: A method and a network node device run Push-Button Configuration sessions within a heterogeneous network, IEEE 1905.1, using a push button configuration mechanism that ensures that only one single new network node device is registered for a single push button key press event and thus overlapping Push-Button Configuration sessions within a heterogeneous network are prevented. After finishing the push button configuration mode, the number of new nodes is checked. If more than one node has been added, a configuration roll-back is performed. Preferably, the push button configuration roll-back is performed as soon as the authentication of more than one distinct node has been detected. The roll-back includes the deletion or deactivation of credentials established by the push-button configuration.
    Type: Grant
    Filed: December 12, 2012
    Date of Patent: February 27, 2018
    Assignee: SIEMENS AKTIENGESELLSCHAFT
    Inventors: Michael Bahr, Rainer Falk, Parag Mogre
  • Patent number: 9900301
    Abstract: A device management service provide a centralized credential provisioning system which can instantiate a proxy device that facilitates remote connections between various computing devices and various client devices. The device management service can manage instances of proxy devices in a resource provider environment that are associated with various computing devices. When a client device requests to access a computing device, the device management service can identify an instance of a proxy device associated with the computing device. The instance of the proxy device and the computing device can be configured to securely connect using credentials exchanged through, and managed by, the device management service. The computing device can be instructed to connect to the instance of the proxy device, and the client device can be provided with access information for the instance of the proxy device.
    Type: Grant
    Filed: December 14, 2015
    Date of Patent: February 20, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: David Craig Yanacek, Rameez Loladia
  • Patent number: 9894044
    Abstract: In a telecommunication network, a modular expandable gateway connects a local area network to a wide area network and includes a base module and a plurality of add-on modules arranged in one or more stacks, the base module and the add-on modules including respective encryption/decryption engines to exchange secure information with each other, thus frustrating any possible fraudulent interception of the information at the module interconnections.
    Type: Grant
    Filed: October 15, 2004
    Date of Patent: February 13, 2018
    Assignees: TELECOM ITALIA S.P.A., ADVANCED DIGITAL BROADCAST SA
    Inventors: Mauro Robba, Claudio Zammarchi, Giorgio Grasso
  • Patent number: 9887838
    Abstract: A method, device, and system for establishing a secure communication session with a server includes initiating a request for a secure communication session, such as a Secure Sockets Layer (SLL) communication session with a server using a nonce value generated in a security engine of a system-on-a-chip (SOC) of a client device. Additionally, a cryptographic key exchange is performed between the client and the server to generate a symmetric session key, which is stored in a secure storage of the security engine. The cryptographic key exchange may be, for example, a Rivest-Shamir-Adleman (RSA) key exchange or a Diffie-Hellman key exchange. Private keys and other data generated during the cryptographic key exchange may be generated and/or stored in the security engine.
    Type: Grant
    Filed: December 15, 2011
    Date of Patent: February 6, 2018
    Assignee: Intel Corporation
    Inventors: Hormuzd M. Khosravi, Edward C. Epp, Farhana Kabir
  • Patent number: 9886590
    Abstract: An application platform examines, at runtime, various specified aspects of an application environment in which an application interacts with a user. Such examinations are made to determine a state for each of the various specified aspects. Further, the platform automatically activates particular application environment roles for the user depending on the result of the examinations. For example, an application environment role may be activated representing a particular detected mode of communication (e.g., encrypted network communications) or a particular detected manner of authentication (e.g., password authentication). Such activations are based on the detected states and specified states for the various specified aspects of the application environment. Such activations may occur in the context of an application attempting to perform an operation on an access controlled object on behalf of a user.
    Type: Grant
    Filed: July 23, 2009
    Date of Patent: February 6, 2018
    Assignee: Oracle International Corporation
    Inventors: Janaki Narasinghanallur, Min-Hank Ho, Thomas Keefe, Eric Sedlar, Chi Ching Chui, Vikram Pesati
  • Patent number: 9881139
    Abstract: Managing and accessing media items, including: a plurality of domains configured to provide access to media items; a plurality of clients associated with the plurality domains, and providing a pathway for accessing the media items; and a spanning application configured to track and aggregate accessible media items from the plurality of domains based on authentication and registration information and associated rights of the plurality of clients and the plurality of domains, wherein the spanning application enables accessing of the media items across the plurality of domains.
    Type: Grant
    Filed: March 15, 2016
    Date of Patent: January 30, 2018
    Assignees: SONY CORPORATION, SONY PICTURES ENTERTAINMENT INC.
    Inventor: Richard Berger
  • Patent number: 9871764
    Abstract: The present invention relates to a method and system for performing deep packet inspection of messages transmitted through a network switch in a Software Defined Network (SDN). Embodiments of the invention include a network switch, a controller, and a firewall in a software defined networking environment. In the present invention, the network switch is a simple network switch that is physically separate from the controller and the firewall. The invention may include a plurality of physically distinct network switches communicating with one or more controllers and firewalls. In certain instances, communications between the network switch, the controller, and the firewall are performed using the Open Flow standard communication protocol.
    Type: Grant
    Filed: November 22, 2016
    Date of Patent: January 16, 2018
    Assignee: SONICWALL INC.
    Inventors: Hui Ling, Zhong Chen
  • Patent number: 9871766
    Abstract: Methods, network controllers, and machine-readable and executable instructions are provided to determine a secure path between a source device and a destination device. The secure path may be via a plurality of network devices. The secure path may be determined based on a security capability of each of the plurality of network devices in the secure path. Data may be forwarded between the source device and the destination device, via the plurality of network devices, based on the determined path.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: January 16, 2018
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Parvez Syed Mohamed, Craig J. Mills, Shaun Wakumoto
  • Patent number: 9860267
    Abstract: Disclosed are systems and methods for eliminating vulnerabilities of smart devices connected to a data network. An example method includes: identifying a router providing access to the data network, obtaining access to the network and transmitting a request through the data network to obtain access to a smart device on the network. Furthermore, the method includes accessing the smart device to obtain its settings, comparing the settings with known vulnerabilities, determining an action for repairing the a network vulnerability associated with the settings of the device, and transmitting instructions to the smart device to perform the action to repair network vulnerability associated with the setting.
    Type: Grant
    Filed: August 11, 2016
    Date of Patent: January 2, 2018
    Assignee: AO KASPERSKY LAB
    Inventors: Vyacheslav E. Rusakov, Marta Anna Janus
  • Patent number: 9858085
    Abstract: An information processing apparatus according to the present invention includes a CPU a memory an application that operates on an OS and a BIOS that, in the memory, secures an area in which the BIOS shares data with the application in an area in which the OS cannot update data.
    Type: Grant
    Filed: January 26, 2015
    Date of Patent: January 2, 2018
    Assignee: NEC CORPORATION
    Inventor: Yasuo Miyabe
  • Patent number: 9842210
    Abstract: The present disclosure provides a network architecture and verification platform for analyzing the various modules of a Unified Extensible Firmware Interface (UEFI) firmware image. In one embodiment, the disclosed network architecture and verification platform obtains various UEFI firmware images, such as UEFI firmware image residing on a client device or a UEFI firmware image hosted by a hardware manufacturer. The network architecture and verification platform may then segregate the various UEFI firmware modules that make up the UEFI firmware image, and subject the modules to different types of analysis. By analyzing the UEFI firmware modules individually, the network architecture and verification platform builds a repository of Globally Unique Identifiers (GUIDs) referenced by a given UEFI firmware module, which may then be referenced in future analyses to determine whether any changes, and the extent of such changes, have been made to an updated version of the given UEFI firmware module.
    Type: Grant
    Filed: January 16, 2015
    Date of Patent: December 12, 2017
    Assignee: Raytheon Company
    Inventor: Robert Allen Rose
  • Patent number: 9830767
    Abstract: A gambling hybrid game that provides game history validation is disclosed. The gambling hybrid game includes an entertainment system engine that provides an entertainment game to a user, a real world engine that provides gambling games to users, and a game world engine that monitors the entertainment game and provides gambling games when appropriate. The entertainment system engine stores game history information in response to a trigger event and provides at least a portion of the stored game history information to a game world engine. The game world engine stores received portion of the game history information. When a request for game history verification is received by the game world engine, the game world engine retrieves the game history information from the entertainment system engine and used the portion of the game history information stored by the game world engine to verify the game history information from the entertainment system engine.
    Type: Grant
    Filed: September 14, 2015
    Date of Patent: November 28, 2017
    Assignee: Gamblit Gaming, LLC
    Inventors: Miles Arnone, Frank Cire, Clifford Kaylin, Scott Shimmin, Eric Meyerhofer
  • Patent number: 9825913
    Abstract: A novel method for stateful packet classification that uses hardware resources for performing stateless lookups and software resources for performing stateful connection flow handshaking is provided. To classify an incoming packet from a network, some embodiments perform stateless look up operations for the incoming packet in hardware and forward the result of the stateless look up to the software. The software in turn uses the result of the stateless look up to perform the stateful connection flow handshaking and to determine the result of the stateful packet classification.
    Type: Grant
    Filed: June 4, 2014
    Date of Patent: November 21, 2017
    Assignee: NICIRA, INC.
    Inventors: Jayant Jain, Anirban Sengupta, Mohan Parthasarathy, Xinhua Hong
  • Patent number: 9825952
    Abstract: An embodiment of the invention allows a network access server to control network access for individual applications that run on a device. The device may be included in a machine-to-machine environment. The embodiment may provide a secure channel between the network access server and the device access layer and another secure channel between the device access layer and the device application layer. Thus, before applications are allowed to access the network those applications may be required to authenticate themselves via a secure channel. Other embodiments are described herein.
    Type: Grant
    Filed: December 30, 2011
    Date of Patent: November 21, 2017
    Assignee: Intel Corporation
    Inventors: Ashok Sunder Rajan, Rakesh Dodeja, David A. De Vries, Hemaprabhu Jayanna, William J. Tiso, Kevin W. Bross, Robert J. Hunter
  • Patent number: 9813353
    Abstract: Disclosed are an apparatus and method of performing a data file migration to a cloud source. One example method of operation may include establishing via a transmitter an application programming interface (API) connection to an enterprise network, identifying via a processor one or more present allocation parameters being utilized by one or more virtual machines operating on the enterprise network. The method may also provide requesting via the transmitter a directory file structure and identifying via the processor at least one data file for data migration to a remote cloud storage server based on predetermined criteria.
    Type: Grant
    Filed: June 6, 2013
    Date of Patent: November 7, 2017
    Assignee: Open Invention Network LLC
    Inventor: John Michael Suit
  • Patent number: 9794311
    Abstract: Transport accelerator (TA) systems and methods for accelerating delivery of content to a user agent (UA) of a client device are provided according to embodiments of the present disclosure. Embodiments comprise a TA architecture implementing a connection manager (CM) and a request manager (RM). A CM of embodiments requests chunks of content from a content server, receives data in response to requesting the chunks of content, wherein the received data is missing data from a requested chunk of content, and provides a receipt acknowledgement (ACK) for the missing data. The received data, which is missing data from a requested chunk of the chunks of content, may be passed through a communication protocol stack to an application for assembly into a one or more content objects.
    Type: Grant
    Filed: May 28, 2014
    Date of Patent: October 17, 2017
    Assignee: QUALCOMM Incorporated
    Inventors: Yinian Mao, Fatih Ulupinar, Michael George Luby, Lorenz Christoph Minder
  • Patent number: 9794606
    Abstract: Disclosed herein are a method and device for transmitting digital content. A selection of at least one device authorized to receive digital content is detected. It is identified whether each selected device contains a session key that corresponds to a local session key. Digital content is transmitted to each device whose session key corresponds to the local key. Digital content is prevented from transmission to unselected devices not having a corresponding session key.
    Type: Grant
    Filed: April 29, 2014
    Date of Patent: October 17, 2017
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Sangmi Park, Hyunho Park, Jupyo Hong
  • Patent number: 9794246
    Abstract: An apparatus may include a communication interface and a security component. The communication interface may be configured to receive a Constrained Application Protocol (CoAP) message including authentication data. The security component may be configured to perform message validation based on the authentication data.
    Type: Grant
    Filed: July 21, 2016
    Date of Patent: October 17, 2017
    Assignee: EXILANT Technologies Private Limited
    Inventor: Vishnu Sharma
  • Patent number: 9794758
    Abstract: Systems and methods for improving data transmission rates in communication networks are disclosed. In an 802.11 wireless communication network, where a source node of the wireless network transmits TCP data to a destination node of the wireless network, the destination node does not transmit TCP acknowledgments (ACKs) for the TCP data if 802.11 ACKs indicate that the destination node received the TCP data. If a source outside the wireless network transmits TCP data to the destination node within the wireless network through an intermediate device, such as an access point, the destination node suppresses transmitting TCP ACKs. The intermediate device transmits TCP ACKs as proxy for the destination node to the source. The intermediate device also suppresses TCP ACKs where a source node within the wireless network sends the TCP data to a destination node outside of the wireless network.
    Type: Grant
    Filed: December 22, 2015
    Date of Patent: October 17, 2017
    Assignee: RUCKUS WIRELESS, INC.
    Inventors: William S. Kish, John Chanak
  • Patent number: 9787651
    Abstract: A method and a device for setting up a session key between a source entity and a target entity in a communication network comprises a plurality of communicating entities. The method, which relies on the use of symmetrical cryptographic primitives, provides each entity in the session with protection against denial of service attacks by setting up a session in four or five message exchanges.
    Type: Grant
    Filed: March 12, 2014
    Date of Patent: October 10, 2017
    Assignee: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVES
    Inventors: Aymen Boudguiga, Nouha Oualha, Alexis Olivereau, Christophe Janneteau
  • Patent number: 9787710
    Abstract: A method and system is provided for eliminating vulnerabilities on a data network including a router for directing data in the data network. An example method includes transmitting a request through the data network to obtain access to a device coupled to the data network; accessing the device to obtain a list of available resources of the device; comparing each of the available resources of the device with resource rules in a database to identify network vulnerabilities associated with the available resources and determining an action for repairing the network vulnerabilities associated with the available resources of the device. Furthermore, according to the method, instructions can be transmitted to the device to perform the action for repairing the network vulnerabilities associated with the available resources.
    Type: Grant
    Filed: May 6, 2016
    Date of Patent: October 10, 2017
    Assignee: AO Kaspersky Lab
    Inventors: Vyacheslav E. Rusakov, Marta Anna Janus
  • Patent number: 9769289
    Abstract: A TCP communication scheme which ensures safe communication up to the communication path near a terminal and eliminates direct attacks from hackers, etc. A terminal (A) and terminal (B) are connected to a relay apparatus (X) and relay apparatus (Y), where the terminal (A) and the terminal (B) are the endpoint terminals positioned at the two ends of a TCP communication connection. The relay apparatuses (X, Y) are each connected to a network (NET). The relay apparatuses (X and Y) are provided so as to be between the terminals (A and B) which had been performing conventional TCP communication, and neither of the relay apparatuses (X and Y) have IP addresses. The relay apparatuses (X and Y) take over the TCP connection between the terminal (A) and the terminal (B), divide the connection into three TCP connections, and establish TCP communication.
    Type: Grant
    Filed: October 1, 2013
    Date of Patent: September 19, 2017
    Assignee: MEIDENSHA CORPORATION
    Inventors: Yasushi Tateishi, Tatsuya Okuro, Yasunori Nishibe, Takashi Habutsu
  • Patent number: 9769205
    Abstract: The present invention is directed towards systems and methods for managing one or more SSL sessions. A first node from a cluster of nodes intermediary between a client and a server may receive a first request from the client to use a first session established with the server. The first request may include a session identifier of the first session. The first node may determine that the first session is not identified in a cache of the first node. The first node may identify, via a hash table responsive to the determination, an owner node of the first session from the cluster using a key. The key may be determined based on the session identifier. The first node may send a second request to the identified owner node for session data of the first session. The session data may be for establishing a second session with the server.
    Type: Grant
    Filed: April 4, 2014
    Date of Patent: September 19, 2017
    Assignee: Citrix Systems, Inc.
    Inventors: Sikha Gopinath, Ashoke Saha, Tushar Kanekar
  • Patent number: 9766861
    Abstract: A system includes a user interface presented to a developer. The developer selects a first function to supplement functionality of a first application with external functionality available from third party applications. A code generation module provides a software object to the developer for incorporation into a first state of the first application. The first state includes a user interface element associated with an entity. User selection of the user interface element initiates preparation of a query wrapper including a combination of the entity's name and a predefined text string corresponding to the first function. The query wrapper is transmitted to a search system and a result set is received and displayed. A first item of the result set includes an access mechanism for a specified state of a target application. User selection of the first item causes the access mechanism to open the target application to the specified state.
    Type: Grant
    Filed: December 31, 2014
    Date of Patent: September 19, 2017
    Assignee: Quixey, Inc.
    Inventors: Taher Savliwala, Eric Chen, Jonathan Ben-Tzur
  • Patent number: 9766141
    Abstract: Systems and methods are disclosed for dynamic addressing of optical fiber sensors in fiber optic interferometry systems. Events that occur along the optical fiber span have defining attributes such as location along the optical fiber span, type, magnitude, time of occurrence, and duration. The event attributes may be used to dynamically form a unique address that fully defines and identifies the event. Other information, such as the corresponding identifier for one or more of the optical fiber span and the corresponding fiber optic interrogator may be included as part of the unique address.
    Type: Grant
    Filed: May 13, 2016
    Date of Patent: September 19, 2017
    Assignee: Adelos, Inc.
    Inventors: Dan Alan Preston, Calvin Hewitt, James Alexander Philp
  • Patent number: 9769117
    Abstract: Domain name variants may be generated and/or displayed by accessing historical domain name information and identifying, based on the accessed historical domain name information a set of swap options. The swap options may include one or more graphemes. Variants of a domain names may be determined based on the identified set of swap options.
    Type: Grant
    Filed: February 28, 2014
    Date of Patent: September 19, 2017
    Assignee: VERISIGN, INC.
    Inventor: Souheil Ben Yacoub
  • Patent number: 9762412
    Abstract: A system that performs redundant encoding for real-time communications (“RTC”) establishes a tunnel by a tunneling server with a tunneling client of user equipment (“UE”). The system receives a request from the UE to enable the redundant encoding for an inner socket of the tunnel and sends a response back to the UE to indicate that the redundant encoding is enabled for the inner socket, where the response includes a buffer size. For each first frame received on the inner socket, the system stores the first frame in a buffer of the buffer size. The system further receives a reference that corresponds to a second frame from the UE on the inner socket and retrieves the second frame that corresponds to the first reference from the buffer.
    Type: Grant
    Filed: August 20, 2015
    Date of Patent: September 12, 2017
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventor: Rolando Herrero
  • Patent number: 9762535
    Abstract: A first server comprises: an information request reception unit that receives a request transmitted by a user terminal; an instruction code generating unit that generates a predetermined tag of causing the user terminal to connect to a second server for which a common session ID is to be used, and to receive the common session ID from the second server; an information generating unit that generates a web page that includes the predetermined tag, as a web page that is transmitted to the user terminal in response to the request; and an information transmission unit that transmits, to the user terminal, the common session ID and the generated web page including the predetermined tag.
    Type: Grant
    Filed: June 26, 2014
    Date of Patent: September 12, 2017
    Assignee: MURAKUMO CORPORATION
    Inventor: Takahiro Watanabe
  • Patent number: 9753784
    Abstract: Concepts and technologies disclosed herein are directed to a cloud delivery platform. The cloud delivery platform can publish a cloud deployable offering. The cloud delivery platform can order, from a cloud orchestrator, one or more resources to be utilized by the cloud deployable offering. The cloud delivery platform can provision the cloud deployable offering on the resource(s). The cloud delivery platform can manage the cloud deployable offering to ensure that the cloud deployable offering meets a level of service. The cloud delivery platform can monitor one or more components of the cloud delivery platform to determine whether an event has occurred, and in response to determining that an event has occurred, the cloud delivery platform can broadcast the event.
    Type: Grant
    Filed: November 27, 2013
    Date of Patent: September 5, 2017
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Douglas Nassaur, James Paul Fox, Rene Glover
  • Patent number: 9749552
    Abstract: Methods, systems, and apparatuses are described for automatic identification and mapping of consumer electronic devices to ports on an HDMI switch. A device that is connected to an HDMI switch is identified based on data received over an HDMI connection, and ports on the HDMI switch are automatically mapped and configured. Methods, systems, and apparatuses are described for back-end database creation for automatic identification and mapping of consumer electronic devices to ports on an HDMI switch. The back-end database may be created by the based on video and audio signatures received from a consumer electronic device and based on remote control information and signatures.
    Type: Grant
    Filed: November 18, 2015
    Date of Patent: August 29, 2017
    Assignee: Caavo Inc
    Inventors: Vinod Gopinath, Sharath Hariharpur Satheesh, Neha Mittal, Siddharth Kumar, Bitto Niclavose, Ashish Aggarwal
  • Patent number: 9749354
    Abstract: Technology is described for establishing and transferring transmission control protocol (TCP) connections. A connection may be established when an acknowledgement (ACK) packet is received from the client. A connection handoff packet may be generated that includes connection parameters that describe the connection with the client. The connection handoff packet may be sent to a destination host to enable the destination host to take over the connection with the client based on the connection parameters in the SYN cookie.
    Type: Grant
    Filed: February 16, 2015
    Date of Patent: August 29, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Michael F. Diggins, Bryan Mark Benson, Anton Romanov
  • Patent number: 9741073
    Abstract: In one example embodiment, a method for optimizing aggregation routing over a network may include detecting that aggregated account data is unavailable over a network from a first data aggregator server, detecting that the aggregated account data is available over the network from a second data aggregator server, formatting a request for the aggregated account data to be compatible with the second data aggregator server, routing the formatted request over the network to the second data aggregator server, and receiving the requested aggregated account data over the network from the second data aggregator server.
    Type: Grant
    Filed: June 6, 2016
    Date of Patent: August 22, 2017
    Assignee: MX Technologies, Inc.
    Inventor: John Ryan Caldwell
  • Patent number: 9716701
    Abstract: An endpoint computer includes a local client that transmits web traffic to a local proxy that also runs on the endpoint computer. The local proxy obtains a customer identity string that identifies a user of the local client as a paying customer of an SaaS scanning service provided by an SaaS scanning system. The local proxy inserts the customer identity string into the web traffic and thereafter transmits the web traffic to the SaaS scanning system, which authenticates the customer identity string before scanning the web traffic for web threats. The local client transmits the web traffic to the local proxy using a communication protocol and the local proxy can transmit the web traffic to the SaaS scanning system using the same or different communication protocol.
    Type: Grant
    Filed: March 24, 2015
    Date of Patent: July 25, 2017
    Assignee: Trend Micro Incorporated
    Inventors: Lei Wang, Bin Shi, Dan Tan, Liulin Yang
  • Patent number: 9716746
    Abstract: A system and method for achieving Business Continuity and Application Continuity with the system comprising one or more resources of multiple end users or service providers logically connected to one or more cloud infrastructures wherein the collection of resources forms a Continuity Grid or a part of Continuity Grid or sub Grid for which continuity is needed and wherein the Continuity Grid or part of continuity grid or sub Grid are paired with the Continuity Peer Grids located in the same or different cloud infrastructures to satisfy continuity requirements of the Continuity Grid or part of Continuity Grid or sub Grid.
    Type: Grant
    Filed: July 28, 2014
    Date of Patent: July 25, 2017
    Assignee: Sanovi Technologies Pvt. Ltd.
    Inventors: Devendra Garg, Vinodraj Kuppuswamy, Adarsh Holavanhalli
  • Patent number: 9703534
    Abstract: A system includes a data store storing information identifying multiple functions and corresponding unique identifiers. Each of the functions corresponds to external functionality available from third party applications. The system receives a selection from an application developer of a function to supplement functionality of an application under development. The system provides a software object to the application developer for incorporation into a state of the application. The software object includes instructions for extracting text from the state and preparing a query wrapper including the corresponding unique identifier of the function and the extracted text. The instructions receive a result set, including an item that includes an identifier of a target application and an access mechanism for a specified state of the target application. The instructions display the item and, in response to user selection of the item, actuate the access mechanism to open the target application to the specified state.
    Type: Grant
    Filed: April 9, 2015
    Date of Patent: July 11, 2017
    Assignee: Quixey, Inc.
    Inventors: Jonathan Ben-Tzur, Eric Chen, Taher Savliwala
  • Patent number: 9699158
    Abstract: A method of identifying and authenticating a network user includes receiving a first network layer packet from a first user entity. The first network layer packet may include first unique identification information unique to the first user entity and independent of a first network address associated with the first network layer packet. The method further includes verifying, at a network layer of a network, that the first network layer packet is from the first user entity based on the first unique identification information.
    Type: Grant
    Filed: September 21, 2012
    Date of Patent: July 4, 2017
    Inventor: Russell S. Goodwin
  • Patent number: 9699114
    Abstract: A method, computer program product, and system performing a method that includes a processor(s) of a local/private computing system (LPCS) receiving, via a public computing system and a communication network, on behalf of a user of the public computer system, a request to use computing resource(s) belonging to the LPCS. The processor(s) determine a set of usage parameters comprising a first usage limitation, with the first usage limitation including a first limitation type and first limitation value, and with the first usage limitation defining a limit on usage of the computing resource(s) on behalf of the user. The processor(s) receives, via the public computing system and the communication network, a workload of the user. The processor(s) processes the workload, which includes the processor limiting, by machine logic, usage of the resources(s), on behalf of the user, in accordance with the usage parameters.
    Type: Grant
    Filed: October 27, 2016
    Date of Patent: July 4, 2017
    Assignee: International Business Machines Corporation
    Inventors: Gregory R. Hintermeister, Matthew G. Kelm, Christopher E. Sharp, Jason B. Smith
  • Patent number: 9697009
    Abstract: In a method for improving the performance of a computer system by releasing computer resources, a list P of programs installed on a computer system is determined. All relevant extension points EP of the computer system are searched for registered entries. A list A of automatically starting programs is generated by assigning the registered entries at the relevant extension points EP to the installed programs, respectively. The list A of the automatically starting programs is compared with a list S of system-required programs and a list V of used programs. Programs that are not system-required and programs that have not been used for a longer period of time are deactivated and computer resources that have been used by the deactivated programs are released. The deactivation of programs can be done by the user or automatically and can be cancelled when necessary.
    Type: Grant
    Filed: March 18, 2015
    Date of Patent: July 4, 2017
    Assignee: AVG Netherlands B.V.
    Inventors: Yuval Ben-Itzhak, Tibor Schiemann
  • Patent number: 9680810
    Abstract: Techniques are disclosed for authorization of devices entering a network. A new device entering a network sends an authorization request. Another device in the network may receive the request and prompt the user to approve the device. The user can use a device identifier provided by the new device in approving the new device. Assuming the identifier provided by the new device matches an identifier accessible by the authorizing device, the user authorizes the new device. A key is then generated for the new device, which allows access to an appropriate range of network services. Authorization decisions can be synchronized among the various devices in a network, so even if an authorizing device leaves the network, the new device key can be validated. A security service can be replicated in a new device once the device is authorized to access the network.
    Type: Grant
    Filed: January 29, 2013
    Date of Patent: June 13, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Mark Gilbert, Ron J. Mevissen
  • Patent number: 9674213
    Abstract: A system, method, and computer program product for implementing a phishing assessment of a target computer network that includes a phishing assessment platform for generating parameters for the phishing assessment; generating the phishing assessment parameters includes identifying a target domain name for the phishing assessment; identifying a pseudo domain name based on the target domain name; generating a pseudo web page using one or more features and attributes of an entity; and implementing the phishing assessment using the pseudo domain name and pseudo web page.
    Type: Grant
    Filed: October 28, 2016
    Date of Patent: June 6, 2017
    Assignee: Duo Security, Inc.
    Inventor: Jon Oberheide
  • Patent number: 9668133
    Abstract: A telematics system that includes a security controller is provided. The security controller is responsible for ensuring secure access to and controlled use of resources in the vehicle. The security measures relied on by the security controller can be based on digital certificates that grant rights to certificate holders, e.g., application developers. In the case in which applications are to be used with vehicle resources, procedures are implemented to make sure that certified applications do not jeopardize vehicle resources' security and vehicle users' safety. Relationships among interested entities are established to promote and support secure vehicle resource access and usage. The entities can include vehicle makers, communication service providers, communication apparatus vendors, vehicle subsystem suppliers, application developers, as well as vehicle owners/users.
    Type: Grant
    Filed: August 5, 2015
    Date of Patent: May 30, 2017
    Assignee: Cellport Systems, Inc.
    Inventor: Patrick J. Kennedy