Protection At A Particular Protocol Layer Patents (Class 713/151)
  • Patent number: 9871764
    Abstract: The present invention relates to a method and system for performing deep packet inspection of messages transmitted through a network switch in a Software Defined Network (SDN). Embodiments of the invention include a network switch, a controller, and a firewall in a software defined networking environment. In the present invention, the network switch is a simple network switch that is physically separate from the controller and the firewall. The invention may include a plurality of physically distinct network switches communicating with one or more controllers and firewalls. In certain instances, communications between the network switch, the controller, and the firewall are performed using the Open Flow standard communication protocol.
    Type: Grant
    Filed: November 22, 2016
    Date of Patent: January 16, 2018
    Assignee: SONICWALL INC.
    Inventors: Hui Ling, Zhong Chen
  • Patent number: 9871766
    Abstract: Methods, network controllers, and machine-readable and executable instructions are provided to determine a secure path between a source device and a destination device. The secure path may be via a plurality of network devices. The secure path may be determined based on a security capability of each of the plurality of network devices in the secure path. Data may be forwarded between the source device and the destination device, via the plurality of network devices, based on the determined path.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: January 16, 2018
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Parvez Syed Mohamed, Craig J. Mills, Shaun Wakumoto
  • Patent number: 9860267
    Abstract: Disclosed are systems and methods for eliminating vulnerabilities of smart devices connected to a data network. An example method includes: identifying a router providing access to the data network, obtaining access to the network and transmitting a request through the data network to obtain access to a smart device on the network. Furthermore, the method includes accessing the smart device to obtain its settings, comparing the settings with known vulnerabilities, determining an action for repairing the a network vulnerability associated with the settings of the device, and transmitting instructions to the smart device to perform the action to repair network vulnerability associated with the setting.
    Type: Grant
    Filed: August 11, 2016
    Date of Patent: January 2, 2018
    Assignee: AO KASPERSKY LAB
    Inventors: Vyacheslav E. Rusakov, Marta Anna Janus
  • Patent number: 9858085
    Abstract: An information processing apparatus according to the present invention includes a CPU a memory an application that operates on an OS and a BIOS that, in the memory, secures an area in which the BIOS shares data with the application in an area in which the OS cannot update data.
    Type: Grant
    Filed: January 26, 2015
    Date of Patent: January 2, 2018
    Assignee: NEC CORPORATION
    Inventor: Yasuo Miyabe
  • Patent number: 9842210
    Abstract: The present disclosure provides a network architecture and verification platform for analyzing the various modules of a Unified Extensible Firmware Interface (UEFI) firmware image. In one embodiment, the disclosed network architecture and verification platform obtains various UEFI firmware images, such as UEFI firmware image residing on a client device or a UEFI firmware image hosted by a hardware manufacturer. The network architecture and verification platform may then segregate the various UEFI firmware modules that make up the UEFI firmware image, and subject the modules to different types of analysis. By analyzing the UEFI firmware modules individually, the network architecture and verification platform builds a repository of Globally Unique Identifiers (GUIDs) referenced by a given UEFI firmware module, which may then be referenced in future analyses to determine whether any changes, and the extent of such changes, have been made to an updated version of the given UEFI firmware module.
    Type: Grant
    Filed: January 16, 2015
    Date of Patent: December 12, 2017
    Assignee: Raytheon Company
    Inventor: Robert Allen Rose
  • Patent number: 9830767
    Abstract: A gambling hybrid game that provides game history validation is disclosed. The gambling hybrid game includes an entertainment system engine that provides an entertainment game to a user, a real world engine that provides gambling games to users, and a game world engine that monitors the entertainment game and provides gambling games when appropriate. The entertainment system engine stores game history information in response to a trigger event and provides at least a portion of the stored game history information to a game world engine. The game world engine stores received portion of the game history information. When a request for game history verification is received by the game world engine, the game world engine retrieves the game history information from the entertainment system engine and used the portion of the game history information stored by the game world engine to verify the game history information from the entertainment system engine.
    Type: Grant
    Filed: September 14, 2015
    Date of Patent: November 28, 2017
    Assignee: Gamblit Gaming, LLC
    Inventors: Miles Arnone, Frank Cire, Clifford Kaylin, Scott Shimmin, Eric Meyerhofer
  • Patent number: 9825913
    Abstract: A novel method for stateful packet classification that uses hardware resources for performing stateless lookups and software resources for performing stateful connection flow handshaking is provided. To classify an incoming packet from a network, some embodiments perform stateless look up operations for the incoming packet in hardware and forward the result of the stateless look up to the software. The software in turn uses the result of the stateless look up to perform the stateful connection flow handshaking and to determine the result of the stateful packet classification.
    Type: Grant
    Filed: June 4, 2014
    Date of Patent: November 21, 2017
    Assignee: NICIRA, INC.
    Inventors: Jayant Jain, Anirban Sengupta, Mohan Parthasarathy, Xinhua Hong
  • Patent number: 9825952
    Abstract: An embodiment of the invention allows a network access server to control network access for individual applications that run on a device. The device may be included in a machine-to-machine environment. The embodiment may provide a secure channel between the network access server and the device access layer and another secure channel between the device access layer and the device application layer. Thus, before applications are allowed to access the network those applications may be required to authenticate themselves via a secure channel. Other embodiments are described herein.
    Type: Grant
    Filed: December 30, 2011
    Date of Patent: November 21, 2017
    Assignee: Intel Corporation
    Inventors: Ashok Sunder Rajan, Rakesh Dodeja, David A. De Vries, Hemaprabhu Jayanna, William J. Tiso, Kevin W. Bross, Robert J. Hunter
  • Patent number: 9813353
    Abstract: Disclosed are an apparatus and method of performing a data file migration to a cloud source. One example method of operation may include establishing via a transmitter an application programming interface (API) connection to an enterprise network, identifying via a processor one or more present allocation parameters being utilized by one or more virtual machines operating on the enterprise network. The method may also provide requesting via the transmitter a directory file structure and identifying via the processor at least one data file for data migration to a remote cloud storage server based on predetermined criteria.
    Type: Grant
    Filed: June 6, 2013
    Date of Patent: November 7, 2017
    Assignee: Open Invention Network LLC
    Inventor: John Michael Suit
  • Patent number: 9794246
    Abstract: An apparatus may include a communication interface and a security component. The communication interface may be configured to receive a Constrained Application Protocol (CoAP) message including authentication data. The security component may be configured to perform message validation based on the authentication data.
    Type: Grant
    Filed: July 21, 2016
    Date of Patent: October 17, 2017
    Assignee: EXILANT Technologies Private Limited
    Inventor: Vishnu Sharma
  • Patent number: 9794606
    Abstract: Disclosed herein are a method and device for transmitting digital content. A selection of at least one device authorized to receive digital content is detected. It is identified whether each selected device contains a session key that corresponds to a local session key. Digital content is transmitted to each device whose session key corresponds to the local key. Digital content is prevented from transmission to unselected devices not having a corresponding session key.
    Type: Grant
    Filed: April 29, 2014
    Date of Patent: October 17, 2017
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Sangmi Park, Hyunho Park, Jupyo Hong
  • Patent number: 9794311
    Abstract: Transport accelerator (TA) systems and methods for accelerating delivery of content to a user agent (UA) of a client device are provided according to embodiments of the present disclosure. Embodiments comprise a TA architecture implementing a connection manager (CM) and a request manager (RM). A CM of embodiments requests chunks of content from a content server, receives data in response to requesting the chunks of content, wherein the received data is missing data from a requested chunk of content, and provides a receipt acknowledgement (ACK) for the missing data. The received data, which is missing data from a requested chunk of the chunks of content, may be passed through a communication protocol stack to an application for assembly into a one or more content objects.
    Type: Grant
    Filed: May 28, 2014
    Date of Patent: October 17, 2017
    Assignee: QUALCOMM Incorporated
    Inventors: Yinian Mao, Fatih Ulupinar, Michael George Luby, Lorenz Christoph Minder
  • Patent number: 9794758
    Abstract: Systems and methods for improving data transmission rates in communication networks are disclosed. In an 802.11 wireless communication network, where a source node of the wireless network transmits TCP data to a destination node of the wireless network, the destination node does not transmit TCP acknowledgments (ACKs) for the TCP data if 802.11 ACKs indicate that the destination node received the TCP data. If a source outside the wireless network transmits TCP data to the destination node within the wireless network through an intermediate device, such as an access point, the destination node suppresses transmitting TCP ACKs. The intermediate device transmits TCP ACKs as proxy for the destination node to the source. The intermediate device also suppresses TCP ACKs where a source node within the wireless network sends the TCP data to a destination node outside of the wireless network.
    Type: Grant
    Filed: December 22, 2015
    Date of Patent: October 17, 2017
    Assignee: RUCKUS WIRELESS, INC.
    Inventors: William S. Kish, John Chanak
  • Patent number: 9787651
    Abstract: A method and a device for setting up a session key between a source entity and a target entity in a communication network comprises a plurality of communicating entities. The method, which relies on the use of symmetrical cryptographic primitives, provides each entity in the session with protection against denial of service attacks by setting up a session in four or five message exchanges.
    Type: Grant
    Filed: March 12, 2014
    Date of Patent: October 10, 2017
    Assignee: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVES
    Inventors: Aymen Boudguiga, Nouha Oualha, Alexis Olivereau, Christophe Janneteau
  • Patent number: 9787710
    Abstract: A method and system is provided for eliminating vulnerabilities on a data network including a router for directing data in the data network. An example method includes transmitting a request through the data network to obtain access to a device coupled to the data network; accessing the device to obtain a list of available resources of the device; comparing each of the available resources of the device with resource rules in a database to identify network vulnerabilities associated with the available resources and determining an action for repairing the network vulnerabilities associated with the available resources of the device. Furthermore, according to the method, instructions can be transmitted to the device to perform the action for repairing the network vulnerabilities associated with the available resources.
    Type: Grant
    Filed: May 6, 2016
    Date of Patent: October 10, 2017
    Assignee: AO Kaspersky Lab
    Inventors: Vyacheslav E. Rusakov, Marta Anna Janus
  • Patent number: 9769289
    Abstract: A TCP communication scheme which ensures safe communication up to the communication path near a terminal and eliminates direct attacks from hackers, etc. A terminal (A) and terminal (B) are connected to a relay apparatus (X) and relay apparatus (Y), where the terminal (A) and the terminal (B) are the endpoint terminals positioned at the two ends of a TCP communication connection. The relay apparatuses (X, Y) are each connected to a network (NET). The relay apparatuses (X and Y) are provided so as to be between the terminals (A and B) which had been performing conventional TCP communication, and neither of the relay apparatuses (X and Y) have IP addresses. The relay apparatuses (X and Y) take over the TCP connection between the terminal (A) and the terminal (B), divide the connection into three TCP connections, and establish TCP communication.
    Type: Grant
    Filed: October 1, 2013
    Date of Patent: September 19, 2017
    Assignee: MEIDENSHA CORPORATION
    Inventors: Yasushi Tateishi, Tatsuya Okuro, Yasunori Nishibe, Takashi Habutsu
  • Patent number: 9769205
    Abstract: The present invention is directed towards systems and methods for managing one or more SSL sessions. A first node from a cluster of nodes intermediary between a client and a server may receive a first request from the client to use a first session established with the server. The first request may include a session identifier of the first session. The first node may determine that the first session is not identified in a cache of the first node. The first node may identify, via a hash table responsive to the determination, an owner node of the first session from the cluster using a key. The key may be determined based on the session identifier. The first node may send a second request to the identified owner node for session data of the first session. The session data may be for establishing a second session with the server.
    Type: Grant
    Filed: April 4, 2014
    Date of Patent: September 19, 2017
    Assignee: Citrix Systems, Inc.
    Inventors: Sikha Gopinath, Ashoke Saha, Tushar Kanekar
  • Patent number: 9769117
    Abstract: Domain name variants may be generated and/or displayed by accessing historical domain name information and identifying, based on the accessed historical domain name information a set of swap options. The swap options may include one or more graphemes. Variants of a domain names may be determined based on the identified set of swap options.
    Type: Grant
    Filed: February 28, 2014
    Date of Patent: September 19, 2017
    Assignee: VERISIGN, INC.
    Inventor: Souheil Ben Yacoub
  • Patent number: 9766861
    Abstract: A system includes a user interface presented to a developer. The developer selects a first function to supplement functionality of a first application with external functionality available from third party applications. A code generation module provides a software object to the developer for incorporation into a first state of the first application. The first state includes a user interface element associated with an entity. User selection of the user interface element initiates preparation of a query wrapper including a combination of the entity's name and a predefined text string corresponding to the first function. The query wrapper is transmitted to a search system and a result set is received and displayed. A first item of the result set includes an access mechanism for a specified state of a target application. User selection of the first item causes the access mechanism to open the target application to the specified state.
    Type: Grant
    Filed: December 31, 2014
    Date of Patent: September 19, 2017
    Assignee: Quixey, Inc.
    Inventors: Taher Savliwala, Eric Chen, Jonathan Ben-Tzur
  • Patent number: 9766141
    Abstract: Systems and methods are disclosed for dynamic addressing of optical fiber sensors in fiber optic interferometry systems. Events that occur along the optical fiber span have defining attributes such as location along the optical fiber span, type, magnitude, time of occurrence, and duration. The event attributes may be used to dynamically form a unique address that fully defines and identifies the event. Other information, such as the corresponding identifier for one or more of the optical fiber span and the corresponding fiber optic interrogator may be included as part of the unique address.
    Type: Grant
    Filed: May 13, 2016
    Date of Patent: September 19, 2017
    Assignee: Adelos, Inc.
    Inventors: Dan Alan Preston, Calvin Hewitt, James Alexander Philp
  • Patent number: 9762412
    Abstract: A system that performs redundant encoding for real-time communications (“RTC”) establishes a tunnel by a tunneling server with a tunneling client of user equipment (“UE”). The system receives a request from the UE to enable the redundant encoding for an inner socket of the tunnel and sends a response back to the UE to indicate that the redundant encoding is enabled for the inner socket, where the response includes a buffer size. For each first frame received on the inner socket, the system stores the first frame in a buffer of the buffer size. The system further receives a reference that corresponds to a second frame from the UE on the inner socket and retrieves the second frame that corresponds to the first reference from the buffer.
    Type: Grant
    Filed: August 20, 2015
    Date of Patent: September 12, 2017
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventor: Rolando Herrero
  • Patent number: 9762535
    Abstract: A first server comprises: an information request reception unit that receives a request transmitted by a user terminal; an instruction code generating unit that generates a predetermined tag of causing the user terminal to connect to a second server for which a common session ID is to be used, and to receive the common session ID from the second server; an information generating unit that generates a web page that includes the predetermined tag, as a web page that is transmitted to the user terminal in response to the request; and an information transmission unit that transmits, to the user terminal, the common session ID and the generated web page including the predetermined tag.
    Type: Grant
    Filed: June 26, 2014
    Date of Patent: September 12, 2017
    Assignee: MURAKUMO CORPORATION
    Inventor: Takahiro Watanabe
  • Patent number: 9753784
    Abstract: Concepts and technologies disclosed herein are directed to a cloud delivery platform. The cloud delivery platform can publish a cloud deployable offering. The cloud delivery platform can order, from a cloud orchestrator, one or more resources to be utilized by the cloud deployable offering. The cloud delivery platform can provision the cloud deployable offering on the resource(s). The cloud delivery platform can manage the cloud deployable offering to ensure that the cloud deployable offering meets a level of service. The cloud delivery platform can monitor one or more components of the cloud delivery platform to determine whether an event has occurred, and in response to determining that an event has occurred, the cloud delivery platform can broadcast the event.
    Type: Grant
    Filed: November 27, 2013
    Date of Patent: September 5, 2017
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Douglas Nassaur, James Paul Fox, Rene Glover
  • Patent number: 9749552
    Abstract: Methods, systems, and apparatuses are described for automatic identification and mapping of consumer electronic devices to ports on an HDMI switch. A device that is connected to an HDMI switch is identified based on data received over an HDMI connection, and ports on the HDMI switch are automatically mapped and configured. Methods, systems, and apparatuses are described for back-end database creation for automatic identification and mapping of consumer electronic devices to ports on an HDMI switch. The back-end database may be created by the based on video and audio signatures received from a consumer electronic device and based on remote control information and signatures.
    Type: Grant
    Filed: November 18, 2015
    Date of Patent: August 29, 2017
    Assignee: Caavo Inc
    Inventors: Vinod Gopinath, Sharath Hariharpur Satheesh, Neha Mittal, Siddharth Kumar, Bitto Niclavose, Ashish Aggarwal
  • Patent number: 9749354
    Abstract: Technology is described for establishing and transferring transmission control protocol (TCP) connections. A connection may be established when an acknowledgement (ACK) packet is received from the client. A connection handoff packet may be generated that includes connection parameters that describe the connection with the client. The connection handoff packet may be sent to a destination host to enable the destination host to take over the connection with the client based on the connection parameters in the SYN cookie.
    Type: Grant
    Filed: February 16, 2015
    Date of Patent: August 29, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Michael F. Diggins, Bryan Mark Benson, Anton Romanov
  • Patent number: 9741073
    Abstract: In one example embodiment, a method for optimizing aggregation routing over a network may include detecting that aggregated account data is unavailable over a network from a first data aggregator server, detecting that the aggregated account data is available over the network from a second data aggregator server, formatting a request for the aggregated account data to be compatible with the second data aggregator server, routing the formatted request over the network to the second data aggregator server, and receiving the requested aggregated account data over the network from the second data aggregator server.
    Type: Grant
    Filed: June 6, 2016
    Date of Patent: August 22, 2017
    Assignee: MX Technologies, Inc.
    Inventor: John Ryan Caldwell
  • Patent number: 9716746
    Abstract: A system and method for achieving Business Continuity and Application Continuity with the system comprising one or more resources of multiple end users or service providers logically connected to one or more cloud infrastructures wherein the collection of resources forms a Continuity Grid or a part of Continuity Grid or sub Grid for which continuity is needed and wherein the Continuity Grid or part of continuity grid or sub Grid are paired with the Continuity Peer Grids located in the same or different cloud infrastructures to satisfy continuity requirements of the Continuity Grid or part of Continuity Grid or sub Grid.
    Type: Grant
    Filed: July 28, 2014
    Date of Patent: July 25, 2017
    Assignee: Sanovi Technologies Pvt. Ltd.
    Inventors: Devendra Garg, Vinodraj Kuppuswamy, Adarsh Holavanhalli
  • Patent number: 9716701
    Abstract: An endpoint computer includes a local client that transmits web traffic to a local proxy that also runs on the endpoint computer. The local proxy obtains a customer identity string that identifies a user of the local client as a paying customer of an SaaS scanning service provided by an SaaS scanning system. The local proxy inserts the customer identity string into the web traffic and thereafter transmits the web traffic to the SaaS scanning system, which authenticates the customer identity string before scanning the web traffic for web threats. The local client transmits the web traffic to the local proxy using a communication protocol and the local proxy can transmit the web traffic to the SaaS scanning system using the same or different communication protocol.
    Type: Grant
    Filed: March 24, 2015
    Date of Patent: July 25, 2017
    Assignee: Trend Micro Incorporated
    Inventors: Lei Wang, Bin Shi, Dan Tan, Liulin Yang
  • Patent number: 9703534
    Abstract: A system includes a data store storing information identifying multiple functions and corresponding unique identifiers. Each of the functions corresponds to external functionality available from third party applications. The system receives a selection from an application developer of a function to supplement functionality of an application under development. The system provides a software object to the application developer for incorporation into a state of the application. The software object includes instructions for extracting text from the state and preparing a query wrapper including the corresponding unique identifier of the function and the extracted text. The instructions receive a result set, including an item that includes an identifier of a target application and an access mechanism for a specified state of the target application. The instructions display the item and, in response to user selection of the item, actuate the access mechanism to open the target application to the specified state.
    Type: Grant
    Filed: April 9, 2015
    Date of Patent: July 11, 2017
    Assignee: Quixey, Inc.
    Inventors: Jonathan Ben-Tzur, Eric Chen, Taher Savliwala
  • Patent number: 9699114
    Abstract: A method, computer program product, and system performing a method that includes a processor(s) of a local/private computing system (LPCS) receiving, via a public computing system and a communication network, on behalf of a user of the public computer system, a request to use computing resource(s) belonging to the LPCS. The processor(s) determine a set of usage parameters comprising a first usage limitation, with the first usage limitation including a first limitation type and first limitation value, and with the first usage limitation defining a limit on usage of the computing resource(s) on behalf of the user. The processor(s) receives, via the public computing system and the communication network, a workload of the user. The processor(s) processes the workload, which includes the processor limiting, by machine logic, usage of the resources(s), on behalf of the user, in accordance with the usage parameters.
    Type: Grant
    Filed: October 27, 2016
    Date of Patent: July 4, 2017
    Assignee: International Business Machines Corporation
    Inventors: Gregory R. Hintermeister, Matthew G. Kelm, Christopher E. Sharp, Jason B. Smith
  • Patent number: 9697009
    Abstract: In a method for improving the performance of a computer system by releasing computer resources, a list P of programs installed on a computer system is determined. All relevant extension points EP of the computer system are searched for registered entries. A list A of automatically starting programs is generated by assigning the registered entries at the relevant extension points EP to the installed programs, respectively. The list A of the automatically starting programs is compared with a list S of system-required programs and a list V of used programs. Programs that are not system-required and programs that have not been used for a longer period of time are deactivated and computer resources that have been used by the deactivated programs are released. The deactivation of programs can be done by the user or automatically and can be cancelled when necessary.
    Type: Grant
    Filed: March 18, 2015
    Date of Patent: July 4, 2017
    Assignee: AVG Netherlands B.V.
    Inventors: Yuval Ben-Itzhak, Tibor Schiemann
  • Patent number: 9699158
    Abstract: A method of identifying and authenticating a network user includes receiving a first network layer packet from a first user entity. The first network layer packet may include first unique identification information unique to the first user entity and independent of a first network address associated with the first network layer packet. The method further includes verifying, at a network layer of a network, that the first network layer packet is from the first user entity based on the first unique identification information.
    Type: Grant
    Filed: September 21, 2012
    Date of Patent: July 4, 2017
    Inventor: Russell S. Goodwin
  • Patent number: 9680810
    Abstract: Techniques are disclosed for authorization of devices entering a network. A new device entering a network sends an authorization request. Another device in the network may receive the request and prompt the user to approve the device. The user can use a device identifier provided by the new device in approving the new device. Assuming the identifier provided by the new device matches an identifier accessible by the authorizing device, the user authorizes the new device. A key is then generated for the new device, which allows access to an appropriate range of network services. Authorization decisions can be synchronized among the various devices in a network, so even if an authorizing device leaves the network, the new device key can be validated. A security service can be replicated in a new device once the device is authorized to access the network.
    Type: Grant
    Filed: January 29, 2013
    Date of Patent: June 13, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Mark Gilbert, Ron J. Mevissen
  • Patent number: 9674213
    Abstract: A system, method, and computer program product for implementing a phishing assessment of a target computer network that includes a phishing assessment platform for generating parameters for the phishing assessment; generating the phishing assessment parameters includes identifying a target domain name for the phishing assessment; identifying a pseudo domain name based on the target domain name; generating a pseudo web page using one or more features and attributes of an entity; and implementing the phishing assessment using the pseudo domain name and pseudo web page.
    Type: Grant
    Filed: October 28, 2016
    Date of Patent: June 6, 2017
    Assignee: Duo Security, Inc.
    Inventor: Jon Oberheide
  • Patent number: 9665236
    Abstract: A user configurable interface view can be generated for a media device or other information handling system that is independent of any interface views defined by media content providers. Generating the user configurable interface view includes identifying content data streams that are included in user interface views defined by the media content providers and then selecting a desired subset of the data content streams. The selected data content streams are then aggregated and the user configurable interface view is generated. The resulting user interface view will be independent of any interface views defined by the media content providers.
    Type: Grant
    Filed: September 25, 2014
    Date of Patent: May 30, 2017
    Assignee: Dell Products L.P.
    Inventors: Arthur Anthonie van Hoff, Mark Andrew Ross, Timothy Bucher
  • Patent number: 9668133
    Abstract: A telematics system that includes a security controller is provided. The security controller is responsible for ensuring secure access to and controlled use of resources in the vehicle. The security measures relied on by the security controller can be based on digital certificates that grant rights to certificate holders, e.g., application developers. In the case in which applications are to be used with vehicle resources, procedures are implemented to make sure that certified applications do not jeopardize vehicle resources' security and vehicle users' safety. Relationships among interested entities are established to promote and support secure vehicle resource access and usage. The entities can include vehicle makers, communication service providers, communication apparatus vendors, vehicle subsystem suppliers, application developers, as well as vehicle owners/users.
    Type: Grant
    Filed: August 5, 2015
    Date of Patent: May 30, 2017
    Assignee: Cellport Systems, Inc.
    Inventor: Patrick J. Kennedy
  • Patent number: 9667646
    Abstract: Techniques for maintaining dynamic configuration information of a multi-host off-cluster service on a cluster are described. An apparatus may comprise a dynamic configuration validation service component to execute to execute a dynamic configuration validation service for scanning files in a cluster of nodes. The dynamic configuration validation service component operative to validate a scanner version for each one of multiple scanners for scanning a file in a cluster of nodes, maintain the scanner version in a list of valid scanner versions for the multiple scanners, and scan the file by one of the one of multiple scanners having the scanner version contained in the list of the valid scanner versions.
    Type: Grant
    Filed: February 12, 2015
    Date of Patent: May 30, 2017
    Assignee: NetApp, Inc.
    Inventors: Mark Muhlestein, Rajesh Jaiswal, Sunil Bhargo, Mankawaldeep Singh
  • Patent number: 9652621
    Abstract: An electronic transmission system and method for converting and transmitting transmissions to provide secure communication between a plurality of users and protect or secure content of each transmission by preventing unauthorized individuals from capturing and viewing or hearing the transmitted content in its entirety. The electronic transmission system breaks a transmission apart into a random plurality of pieces and randomly transmits each piece separately to a plurality of remote servers. If an unauthorized party tries to intercept and access an electronic transmission, they will not be able to capture the entire transmission and will not be able to recompile its actual content, but rather misleading content. A password or other suitable authentication requirement(s) authenticates the intended recipient and allows the original pieces to be retrieved and re-compiled for viewing or hearing.
    Type: Grant
    Filed: May 15, 2015
    Date of Patent: May 16, 2017
    Inventors: Michael E. Johnson, Kenneth L. Wilson
  • Patent number: 9642112
    Abstract: A system is disclosed for tracking assets in a facility. The system may have at least one asset having a service processor containing identification information which uniquely identifies the at least one asset among a group of assets. The at least one asset may further have a module for reporting the identification information to a gateway device. A data center infrastructure management system may be used which is in communication with the gateway device for receiving the identification information. The identification information may subsequently be used with an asset tracking system.
    Type: Grant
    Filed: October 11, 2013
    Date of Patent: May 2, 2017
    Assignee: Avocent Huntsville, LLC
    Inventor: Mario Costa
  • Patent number: 9621523
    Abstract: Embodiments are directed to sharing secure communication secrets with a network monitoring device (NMD). The NMD may passively monitor network packets communicated between client computers and server computers. If a secure communication session is established between a client computer and a server computer, a key provider may provide the NMD a session key that corresponds to the secure communication session. The NMD may buffer each network packet associated with the secure communication session until the NMD is provided a session key for the secure communication session. The NMD may use the session key to decrypt network packets communicated between the client computer and the server computer. The NMD may then proceed to analyze the secure communication session based on the contents of the decrypted network packets.
    Type: Grant
    Filed: May 9, 2016
    Date of Patent: April 11, 2017
    Assignee: ExtraHop Networks, Inc.
    Inventors: Jesse Abraham Rothstein, Benjamin Thomas Higgins, Brian David Hatch
  • Patent number: 9614816
    Abstract: A system performs tunneling for real-time communications (“RTC”). The system establishes an unencrypted tunnel between a tunneling server and a user equipment (“UE”). Upon establishing the unencrypted tunnel, the UE creates a socket on the unencrypted tunnel. The system determines that the socket requires encrypted RTC, and establishes an encrypted tunnel between the tunneling server and the UE. Upon establishing the encrypted tunnel, the UE moves the socket from the unencrypted tunnel to the encrypted tunnel, and the system performs the encrypted RTC via the socket over the encrypted tunnel.
    Type: Grant
    Filed: March 23, 2015
    Date of Patent: April 4, 2017
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventor: Rolando Herrero
  • Patent number: 9602330
    Abstract: Techniques are disclosed for dividing a TCP handshake into multiple parts, in a system comprising an edge device, an intermediary computing node, and a destination computing node. A client sends a TCP SYN packet to the edge device, to establish a TCP connection with the destination computing node. The edge device performs the handshake, and then forwards an ACK packet to the intermediary computing node. The intermediary computing node uses that ACK packet to generate a second SYN packet, and uses that SYN packet to perform a TCP handshake with the destination computing node. Then, TCP sequence numbers are converted between what is expected by the client and destination in packets sent between the two.
    Type: Grant
    Filed: May 23, 2013
    Date of Patent: March 21, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Andrew Bruce Dickinson, Kirk Arlo Petersen
  • Patent number: 9596282
    Abstract: A delivery managing device to which a plurality of terminals are connected through a network includes a creating unit that creates display information based on operation information indicating an operation input accepted by a terminal; a converting unit that converts the display information into video information; and a delivery unit that delivers the video information to a terminal. When non-public operation information is received from a terminal, the non-public operation information indicating operation information not to be published to another terminal, the delivery unit delivers video information that is converted from display information not based on the non-public operation information, to the other terminal.
    Type: Grant
    Filed: September 4, 2014
    Date of Patent: March 14, 2017
    Assignee: RICOH COMPANY, LTD.
    Inventors: Masahiro Kuwata, Kiyoshi Kasatani
  • Patent number: 9590809
    Abstract: A method for operating a mobile device, not assigned to a motor vehicle, via an electronic device with a display and operator control device of the motor vehicle is made available. The program has program parts for a user interface and for operator control sequences which are assigned a digital certificate. The user interface comprises fixed areas for displaying variable contents. The program parts are transmitted together with the digital certificate to the electronic device of the motor vehicle and are carried out when the certificate is successfully checked. The transmission of data without protection by a digital certificate is restricted to the variable contents for display in the fixed areas of the user interface.
    Type: Grant
    Filed: January 23, 2014
    Date of Patent: March 7, 2017
    Assignee: Volkswagen Aktiengesellschaft
    Inventors: Fabian Hueger, Helge Neuner, Michael Mirtschink
  • Patent number: 9591608
    Abstract: Disclosed are methods and systems for enabling a Home Node B (HNB) to discover the positioning capabilities of an HNB Gateway (HNB GW) in supporting particular positioning operations associated with transporting Positioning Calculation Application Part (PCAP) messages between the HNB and a standalone serving mobile location center (SAS).
    Type: Grant
    Filed: January 29, 2015
    Date of Patent: March 7, 2017
    Assignee: QUALCOMM Incorporated
    Inventors: Luis Fernando Brisson Lopes, Stephen William Edge, Ozcan Ozturk
  • Patent number: 9582386
    Abstract: A method and system for securing continued operation of a primary cloud-based computing environment (CBCE) residing in a first cloud environment are disclosed. The system comprises gathering information respective of the primary CBCE; storing the gathered information in a storage space, wherein the gathered information substantially provides a baseline to initiate the creation of a reconstructed CBCE upon a need to recreate the primary CBCE; updating the gathered information with new information gathered respective of changes to the primary CBCE; receiving a periodic status notification from the primary CBCE; and initiating a reconstruction of the primary CBCE in the second cloud environment responsive to the status notification requesting one of: a reconstruction request and failure of the primary CBCE.
    Type: Grant
    Filed: March 11, 2014
    Date of Patent: February 28, 2017
    Assignee: CloudEndure, Ltd.
    Inventors: Ofer Gadish, Leonid Feinberg, Ofir Ehrlich, Gil Shai
  • Patent number: 9563459
    Abstract: A diagnostic virtual machine having access to resources of an infrastructure as a service cloud may be created. A user device may be provided access to the diagnostic virtual machine. In some embodiments, the diagnostic virtual machine may be configured to monitor a cluster of hypervisors, and the resources of the infrastructure as a service cloud which the diagnostic virtual machine has access to may include physical resources of the infrastructure as a service cloud that are associated with the cluster of hypervisors.
    Type: Grant
    Filed: March 17, 2015
    Date of Patent: February 7, 2017
    Assignee: Citrix Systems, Inc.
    Inventors: Chiradeep Vittal, Alex Huang, Kevin Kluge
  • Patent number: 9560173
    Abstract: A computer implemented method receives a client request message to initiate a network connection. In response to the client request, the method generates a key to represent the client request. The key is generated independent of information provided in the client request message and is generated to correspond to a desired address in a data structure used to track client request message. The method then enters the generated key at the desired address in the data structure and transmits a response message that includes the key back to the client. The network connection between the client and the computer system is established according to the key.
    Type: Grant
    Filed: October 22, 2013
    Date of Patent: January 31, 2017
    Assignee: VMware, Inc.
    Inventor: Akshay Kumar Sreeramoju
  • Patent number: 9549318
    Abstract: Systems and methods for enabling a computing device to be registered and authorized for network access, while deferring device hardware address capture until a later time. Subsequently, when the computing device connects to a network location at which the hardware address can be detected registration and authorization can be fully completed. In some cases, the subsequent completion can be performed automatically and without user intervention.
    Type: Grant
    Filed: October 10, 2013
    Date of Patent: January 17, 2017
    Assignee: SHAW CABLESYSTEMS G.P.
    Inventors: Christian Saunders, Ron Angerame
  • Patent number: 9537878
    Abstract: Coupling circuitry couples a network to a host. The host operating system is configured for transfer of data between the host and at least one peer via the network using at least one stateful connection to a peer according to a connection-oriented protocol. The coupling circuitry processes received connection attempt indications by attempting to establish a stateful connection to an indicated peer. For a genuine attempt by a peer to establish a stateful connection with the host, the coupling circuitry interoperates with the peer to perform establishment-phase protocol processing of the attempted stateful connection. For each of the established stateful connections, the coupling circuitry operates to cause a state of that established stateful connection to be provided from the coupling circuitry to the host, wherein the operating system of the host handles data transfer phase protocol processing of that established stateful connection.
    Type: Grant
    Filed: December 12, 2014
    Date of Patent: January 3, 2017
    Assignee: Chelsio Communications, Inc.
    Inventors: Asgeir Thor Eiriksson, Chandrasekhar Srinivasaiah, Wael Noureddine