Chain Or Hierarchical Certificates Patents (Class 713/157)
  • Patent number: 11914616
    Abstract: Systems and methods for creating a consistent blockchain including block commitment determinations are disclosed herein. An example method includes receiving a request for blockchain data from an application or a user, receiving proposed canonical heads from a plurality of blockchain nodes, receiving votes to determine a correct state for a consistent blockchain that includes a canonical head, the blockchain data being included in the consistent view of a blockchain, determining the canonical head based on the votes, determining a commitment level for at least one block in the consistent view of the blockchain, providing the consistent view of the blockchain to the application or the user, and exposing the commitment level for the at least one block.
    Type: Grant
    Filed: December 16, 2022
    Date of Patent: February 27, 2024
    Assignee: Alchemy Insights, Inc.
    Inventors: David Philipson, Noam Hurwitz, Omar Ceja, Deepak Bansal
  • Patent number: 11907253
    Abstract: Techniques are disclosed for providing backup protection. A first subnet is established for replication in a first cluster that includes a plurality of host devices. Each of the host devices includes a respective controller virtual machine, which together form a virtual local area network for replication. Each of the controller virtual machines is assigned an Ethernet interface. A replication Internet Protocol address is assigned to each of the Ethernet interfaces of the controller virtual machines. Route tables and firewall rules of the controller virtual machines are modified to allow communications between nodes of the first subnet. The first subnet is configured with information related to a second subnet for replication in a second cluster. A dedicated communication channel is generated for replication between the first cluster and the second cluster based on the configuring.
    Type: Grant
    Filed: December 28, 2021
    Date of Patent: February 20, 2024
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Geetha Srikantan, Sudarsana Rao Piduri, Siddharth Sambamoorthy, Ashish Hanwadikar, Suresh Dussa, Aaron Anton Kapacinskas, Mohan Kumar
  • Patent number: 11909874
    Abstract: At least one non-transitory computer readable medium, that at least one non-transitory computer readable medium stores instructions for (a) generating master keys by a keys security entity (KSE) that is established within a KSE; (b) generating one-time connection session keys, by the KSE, based on the master keys; (c) outputting, by the KSE, the one-time connection session keys to a Connection Security Entity (CSE) enclave in which a CSE is established, over a secure communication link; and (d) preventing access, by the KSE, to the master keys.
    Type: Grant
    Filed: November 8, 2021
    Date of Patent: February 20, 2024
    Assignee: HUB DATA SECURITY LTD.
    Inventor: Andrey Iaremenko
  • Patent number: 11902284
    Abstract: A method of tenant user management in cloud database operation can be implemented. The method can receive an original job request from a user for a database service, wherein the original job request can include a login credential of the user. The method can authenticate the login credential of the user by a scheduler, verify the user has privileges for the original job request by the scheduler, create a modified job request from the original job request by the scheduler based on a predefined role corresponding to the privileges of the user, send the modified job request from the scheduler to a database service platform, and allocate an instance of database service to the user in response to the modified job request.
    Type: Grant
    Filed: March 5, 2021
    Date of Patent: February 13, 2024
    Assignee: SAP SE
    Inventors: Long Du, Haoxing Hou, Le Zhang, Jun Zhang
  • Patent number: 11860680
    Abstract: The present disclosure provides systems, methods, and computer readable storage devices for validating that a software release has successfully completed multiple development stages of a development process without alteration. To illustrate, as software (e.g., one or more files or artifacts) completes at least a portion of a development process including the development stages, data components are generated. Digital signatures are generated based on the data components and a private key, and the digital signatures are stored in a secure data structure, such as a blockchain or a tree structure. Upon receipt of the data components (e.g., as validation data of a software release) by a node device, the node device generates validation signatures based on the data components and a public key and compares the validation signatures to the digital signatures stored in the secure data structure to validate the software before processing the software.
    Type: Grant
    Filed: April 2, 2021
    Date of Patent: January 2, 2024
    Assignee: JFrog Ltd.
    Inventor: Yoav Landman
  • Patent number: 11852506
    Abstract: This disclosure relates to systems and methods for management of information, including environmental information, obtained by a variety of sensors associated with one or more distributed mobile sensor platforms. In certain embodiments, the geographically transitory nature of a mobile sensor platform may be leveraged to facilitate collection of environmental information over a larger geographic area than that of a fixed sensor platform. Embodiments disclosed herein provide for information consistency and/or quality checking of information obtained by mobile sensor platforms. Further embodiments may be used to incentivize the collection and/or acquisition of certain data via point and/or credit-based compensation.
    Type: Grant
    Filed: September 3, 2021
    Date of Patent: December 26, 2023
    Assignee: Intertrust Technologies Corporation
    Inventor: Yutaka Nagao
  • Patent number: 11855985
    Abstract: Systems and methods for protected verification of user information are provided. Multiple computing systems may transmit or receive communications from one or more other computing systems as part of the protected user information verification. For example, a user may utilize a verification service to independently verify the user's information to third-party systems without the verification service actually storing, receiving, accessing, or otherwise coming into contact with the user-specific information that it is verifying. In this way, the system can protect a user's personal information while streamlining the user's verification with one or more third parties.
    Type: Grant
    Filed: June 6, 2022
    Date of Patent: December 26, 2023
    Assignee: Callfire, Inc.
    Inventor: Radu Maierean
  • Patent number: 11849317
    Abstract: A method of a local bundle assistant (LBA) negotiating a certificate with a secondary platform bundle manager (SPBM) in a wireless communication system including: transmitting a request message requesting information of certificates supported by a secondary secure platform (SSP) to a secondary platform bundle loader (SPBL) of the SSP; receiving the information of certificates supported by the SSP including information of certificate issuers corresponding to a family identifier from the SPBL; transmitting the information of certificates supported by the SSP to the SPBM; and receiving a certificate of the SPBM for key agreement, information of public key identifiers of certificate issuers to be used by the SSP, and information of the family identifier from the SPBM.
    Type: Grant
    Filed: October 15, 2021
    Date of Patent: December 19, 2023
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Kangjin Yoon, Duckey Lee, Hyewon Lee, Jonghoe Koo
  • Patent number: 11848919
    Abstract: Systems and methods for obfuscating data. The technology herein can be used to produce an obfuscated output that exhibits no easily discernible pattern, making difficult to identify or to filter using regular expressions, signature matching or other pattern matching. The output nevertheless can be reversed and the original data recovered by an intended recipient with a relatively low-cost of processing, making it suitable for low-powered devices. The obfuscation is stateless and does not require encryption.
    Type: Grant
    Filed: December 13, 2021
    Date of Patent: December 19, 2023
    Assignee: Akamai Technologies, Inc.
    Inventor: Kristine Poghosyan
  • Patent number: 11847488
    Abstract: This application relates to a graph data processing method performed by a distributed computer node cluster including a plurality of computer devices, each computer device distributed on a respective computing node of the distributed computer node cluster, the method including: obtaining subgraph data divided from to-be-processed graph data; performing a computation task on the subgraph data to obtain corresponding global data and local data; writing the global data to a blockchain network, the global data of the blockchain network being updated by the distributed computing node cluster; obtaining latest global data from the blockchain network; and iteratively performing, according to the obtained latest global data and the local data, the computation task on the subgraph data without obtaining a computation result until an iteration stopping condition is met.
    Type: Grant
    Filed: August 3, 2020
    Date of Patent: December 19, 2023
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventors: Bo Zheng, Rijia Liu, Zhibin Liu, Qian Chen
  • Patent number: 11818279
    Abstract: A method to generate a trusted certificate on an endpoint appliance located in an untrusted network, wherein client devices are configured to trust a first Certificate Authority (CA) that is administered by the untrusted network. In this approach, an overlay network is configured between the endpoint appliance and an origin server associated with the endpoint appliance. The overlay comprises an edge machine located proximate the endpoint appliance, and an associated key management service. A second CA is configured in association with the key management service to receive a second certificate signed by the first CA. A third CA is configured in association with the edge machine to receive a third certificate signed by the second CA. In response to a request from the appliance, a server certificate signed by the third CA is dynamically generated and provided to the appliance.
    Type: Grant
    Filed: August 15, 2022
    Date of Patent: November 14, 2023
    Assignee: Akamai Technologies, Inc.
    Inventors: Brandon O. Williams, Andres Guedez
  • Patent number: 11811955
    Abstract: Systems and methods for improving reliability in blockchain networks using sharding are disclosed herein. An example method includes assigning a unique identifier to a user, applying a deterministic function, such as a consistent hashing algorithm, to the unique identifier to select a unique set of nodes that are assigned to a shard for the user, wherein the nodes are a subset of available nodes, receiving a request for blockchain data from the user, generating a response to the request using a consistent view of a blockchain obtained from the unique set of nodes, and transmitting the response to the request to the user.
    Type: Grant
    Filed: December 23, 2022
    Date of Patent: November 7, 2023
    Assignee: Alchemy Insights, Inc.
    Inventors: Noam Hurwitz, David Philipson, Deepak Bansal
  • Patent number: 11783377
    Abstract: A communication system includes a transmitting device configured to transmit information, and a receiving device configured to receive the information, the receiving device includes a determination unit configured to determine whether or not an electronic certificate of the transmitting device used for a communication with the transmitting device is an EV certificate, and a process that is performed is varied according to a determination result of the determination unit.
    Type: Grant
    Filed: October 11, 2019
    Date of Patent: October 10, 2023
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Koha Kinjo, Tetsuya Okuda, Yuki Okano
  • Patent number: 11777742
    Abstract: A method of authenticating a network device may include receiving an authentication message from a third party server, the authentication message identifying a network device. The method may also include receiving a zero touch provisioning request comprising a certificate from the network device. The method may additionally include, determining the network device is associated with a third party that manages the third party server based on the certificate. The method may include transmitting a redirect message comprising a root certificate chain indicating that the network device is to send the zero touch provisioning request to the third party server.
    Type: Grant
    Filed: December 29, 2022
    Date of Patent: October 3, 2023
    Assignee: Cisco Technology, Inc.
    Inventors: Shreyas Udayashankar Heranjal, Linus Ryan Aranha
  • Patent number: 11775689
    Abstract: A system and a method are disclosed for enabling pictorial content to be added to a secure document. In an embodiment, a secure document tool receives a request, from an administrator of the secure document, to enable modification of a region of the secure document with an addition of pictorial content, the secure document configured to prevent modification of contents of the secure document by a signer, the secure document enabled to accept a signature on the secure document by the signer. The secure document tool receives, from the signer, a command to add pictorial content to the region, and responsively adds the pictorial content to the region. The secure document tool receives from the signer, a signature on the secure document, and responsively disables the secure document from accepting further modifications.
    Type: Grant
    Filed: May 29, 2020
    Date of Patent: October 3, 2023
    Assignee: DocuSign, Inc.
    Inventors: Travis Ortlieb, Brent Robinett, Erica Berg, Micheline Chagniot, Mark Ramasco, Mangesh Bhandarkar
  • Patent number: 11777724
    Abstract: One or more computing devices, systems, and/or methods for data fragmentation and reconstruction are provided. Random number generation information, indicating a number of fragments into which data stored by a client device is to be fragmented, is received. The data is fragmented according to the number of fragments as a set of fragments. Authentication data is incorporated with the set of fragments. A set of entities capable of storing the set of fragments with the authentication data is identified. The set of fragments with the authentication data are stored across the set of entities.
    Type: Grant
    Filed: November 30, 2020
    Date of Patent: October 3, 2023
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Mun Wei Low, Manuel Enrique Caceres, Stuart G. Wilson, Dante J. Pacella
  • Patent number: 11706027
    Abstract: Systems and methods for managing a compromised autonomous vehicle server are described herein. A processor may obtain an indication of a first server configured to control an autonomous vehicle being compromised. The autonomous vehicle may have previously been provisioned with a first public key. The first public key may be paired with a first private key. A processor may compile command information. The command information may include a command for the autonomous vehicle and a digital certificate of a second server configured to control the autonomous vehicle in the event of the first server being compromised. The digital certificate may include a second public key and may be signed with the first private key. The command may be signed with a second private key associated with the second server. The second private key may be paired with the second public key.
    Type: Grant
    Filed: June 13, 2022
    Date of Patent: July 18, 2023
    Assignee: Beijing Voyager Technology Co., Ltd.
    Inventors: Jiang Zhang, Xiaoyong Yi, Liwei Ren
  • Patent number: 11664997
    Abstract: A method of registering a person as an authorized user of a portable device includes acquiring biometric data or a combination of pieces of biometric data of a person, encrypting the acquired biometric data or the combination of pieces of biometric data, generating a code from the encrypted biometric data or the combination of pieces of biometric data, inserting the code in an extension field of a public key certificate stored in the portable device, generating a private key and a public key that corresponds to the private key, based on the public key certificate, wherein the private key contains the code, and transmitting the public key to a remote entity, thereby enabling the remote entity to register the person as an authorized user of the portable device. The extension field of the public key certificate further contains a code associated with identification information of the person.
    Type: Grant
    Filed: April 2, 2021
    Date of Patent: May 30, 2023
    Inventor: Unho Choi
  • Patent number: 11664996
    Abstract: A method of registering a person as an authorized user of a portable device includes acquiring biometric data or a combination of pieces of biometric data of a person, encrypting the acquired biometric data or the combination of pieces of biometric data of the person, generating a code from the encrypted biometric data or the combination of pieces of biometric data of the person, inserting the code in an extension field of a public key certificate stored in the portable device, generating a private key and a public key that corresponds to the private key, based on the public key certificate, wherein the private key contains the code, transmitting the public key to a remote entity that is in communication with the portable device, thereby enabling the remote entity to register the person as an authorized user of the portable device, and modifying the public key to generate a modified public key configured to be used in case that the remote entity is disconnected from a service providing server.
    Type: Grant
    Filed: April 2, 2021
    Date of Patent: May 30, 2023
    Inventor: Unho Choi
  • Patent number: 11595375
    Abstract: A method of authenticating a user includes: logging into a first system that includes a token-based authentication system (TBAS); creating, at the TBAS, a cookie based on a token from the TBAS; requesting access, by the user, to a second system that includes at least one windows-hosted web application (WHWA); and decoding and validating the token, thereby granting the user access to the second system based only on the user logging into the first system.
    Type: Grant
    Filed: April 14, 2020
    Date of Patent: February 28, 2023
    Assignee: SAUDI ARABIAN OIL COMPANY
    Inventor: Yassir AlDarazi
  • Patent number: 11563589
    Abstract: A certificate management system includes an electronic device and a server. The electronic device is configured to transmit a certificate application request. The server is configured to sign a device certificate corresponding to the electronic device through an intermediate certificate device after receiving the certificate application request, and transmit the device certificate and the Internet address of the server to the electronic device. The electronic device stores the device certificate and the Internet address of the server to complete the certificate issuance operation.
    Type: Grant
    Filed: December 3, 2020
    Date of Patent: January 24, 2023
    Assignee: MOXA INC.
    Inventors: Chi-Yuan Kao, Yu-Chen Kao, Hung-Chun Chen, Chih-Hsiung Shih
  • Patent number: 11558660
    Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to reduce false crediting of exposure to video-on-demand media assets. Example apparatus disclosed herein include a signature matcher to compare a sequence of monitored media signatures to sequences of reference signatures representative of corresponding reference media assets, the sequence of monitored media signatures included in monitoring data reported by a media device meter, the sequences of reference signature stored in a library of reference signatures. Disclosed example apparatus also include a matched assets counter to determine a count of ones of the reference media assets represented by corresponding ones of the sequences of reference signatures determined to match the sequence of monitored media signatures. Disclosed examples further include a credit determiner to determine whether to credit media exposure to a first one of the reference media assets based on the count.
    Type: Grant
    Filed: May 29, 2020
    Date of Patent: January 17, 2023
    Assignee: THE NIELSEN COMPANY (US), LLC
    Inventors: David H. Wright, Daniel Nelson, Raghuram Ranganathan, Derrick McCulley
  • Patent number: 11558200
    Abstract: A method consistent with embodiments of the present disclosure may begin with retrieving a message to be electronically transmitted. The method may proceed with digitally securing the message by generating a first digital signature for the message. The first digital signature may be added to a list of digital signatures for inclusion in the message. A list of allowed anticipated changes may be retrieved. In accordance to embodiments disclosed herein, the message may be pre-signed for the allowed anticipated changes. Pre-signing the message may comprise editing the message with each allowed anticipated change, generating a subsequent digital signature for the message edited with the allowed anticipated change, and adding the subsequent digital signature to the list of digital signatures for inclusion in the electronic message. This process may be repeated for each allowed anticipated change in the allowed anticipated changes.
    Type: Grant
    Filed: January 25, 2021
    Date of Patent: January 17, 2023
    Assignee: Fraudmarc Inc.
    Inventors: Richard Duncan, Keith Wayne Coleman
  • Patent number: 11558201
    Abstract: A method of creating and applying a self-authenticating digital identity for a user having an identity is described.
    Type: Grant
    Filed: May 6, 2021
    Date of Patent: January 17, 2023
    Assignee: Banco Bilbao Vizcaya Argentaria, S.A.
    Inventor: Louis Gasparini
  • Patent number: 11552953
    Abstract: An identity management server can be used to provide identity-based authentication and access control mechanism for devices trying to connect to a network or other devices on the network. The identity management server may authenticate a user associated with a device based on the past behavior information of the user received from another device associated with the user. The identity management server may generate a trust score based on multiple attributes associated with the user and the device, and authenticate the user if the trust score is within an acceptable limit. The identity management server may also generate access permissions for the device, which can be used by a network device to grant or deny access to the network.
    Type: Grant
    Filed: June 18, 2018
    Date of Patent: January 10, 2023
    Assignee: Amazon Technologies, Inc.
    Inventor: Phani Bhushan Avadhanam
  • Patent number: 11494758
    Abstract: There is provided a wireless communication device that includes a communication unit that performs wireless communication with a connection device, and a control unit that encrypts a wireless communication channel with the connection device on the basis of a digital certificate issued by a certificate authority server. The communication unit receives payment information and a valid type of payment from the connection device via the encrypted wireless communication channel. The control unit determines a payment server on the basis of the valid type of payment and causes the communication unit to transmit a payment request based on the payment information to the payment server.
    Type: Grant
    Filed: August 2, 2017
    Date of Patent: November 8, 2022
    Assignee: FELICA NETWORKS, INC.
    Inventors: Shuichi Sekiya, Minako Takahashi, Shintaro Inoue
  • Patent number: 11477027
    Abstract: A lifecycle management system for Controlled Objects is disclosed using a plurality of distinct databases in a plurality of domains. Methods for associating identifiable data records with identifiable Controlled Objects are disclosed. Methods and apparatus are disclosed for authorizing, recording and discontinuing use of a Controlled Object, including pairing of a plurality of Controlled Objects.
    Type: Grant
    Filed: May 11, 2021
    Date of Patent: October 18, 2022
    Inventor: Dennis Palatov
  • Patent number: 11444846
    Abstract: Technologies for accelerated orchestration and attestation include multiple edge devices. An edge appliance device performs an attestation process with each of its components to generate component certificates. The edge appliance device generates an appliance certificate that is indicative of the component certificates and a current utilization of the edge appliance device and provides the appliance certificate to a relying party. The relying party may be an edge orchestrator device. The edge orchestrator device receives a workload scheduling request with a service level agreement requirement. The edge orchestrator device verifies the appliance certificate and determines whether the service level agreement requirement is satisfied based on the appliance certificate. If satisfied, the workload is scheduled to the edge appliance device. Attestation and generation of the appliance certificate by the edge appliance device may be performed by an accelerator of the edge appliance device.
    Type: Grant
    Filed: March 29, 2019
    Date of Patent: September 13, 2022
    Assignee: Intel Corporation
    Inventors: Francesc Guim Bernat, Kapil Sood, Tarun Viswanathan, Kshitij Doshi, Timothy Verrall, Ned M. Smith, Manish Dave, Alex Vul
  • Patent number: 11418352
    Abstract: A method to generate a trusted certificate on an endpoint appliance located in an untrusted network, wherein client devices are configured to trust a first Certificate Authority (CA) that is administered by the untrusted network. In this approach, an overlay network is configured between the endpoint appliance and an origin server associated with the endpoint appliance. The overlay comprises an edge machine located proximate the endpoint appliance, and an associated key management service. A second CA is configured in association with the key management service to receive a second certificate signed by the first CA. A third CA is configured in association with the edge machine to receive a third certificate signed by the second CA. In response to a request from the appliance, a server certificate signed by the third CA is dynamically generated and provided to the appliance.
    Type: Grant
    Filed: February 14, 2019
    Date of Patent: August 16, 2022
    Assignee: Akamai Technologies, Inc.
    Inventors: Brandon O. Williams, Andres Guedez
  • Patent number: 11418351
    Abstract: Systems and methods for managing a compromised autonomous vehicle server are described herein. A processor may obtain an indication of a first server configured to control an autonomous vehicle being compromised. The autonomous vehicle may have previously been provisioned with a first public key. The first public key may be paired with a first private key. A processor may compile command information. The command information may include a command for the autonomous vehicle and a digital certificate of a second server configured to control the autonomous vehicle in the event of the first server being compromised. The digital certificate may include a second public key and may be signed with the first private key. The command may be signed with a second private key associated with the second server. The second private key may be paired with the second public key.
    Type: Grant
    Filed: December 30, 2018
    Date of Patent: August 16, 2022
    Assignee: Beijing Voyager Technology, Inc.
    Inventors: Jiang Zhang, Xiaoyong Yi, Liwei Ren
  • Patent number: 11416620
    Abstract: A data communication network comprises Provider Edge (PE) circuitry and Customer Edge (CE) circuitry. The PE circuitry boots a trusted PE processor that transfers a hardware-trust hash and receives a hardware-trust certificate. The CE circuitry boots a trusted CE processor that transfers a hardware-trust hash and receives a hardware-trust certificate. The trusted PE circuitry and the trusted CE circuitry exchange and validate the hardware-trust certificates to establish a Trusted Execution Environment (TEE) across the network edge. The trusted PE circuitry and the trusted CE circuitry encrypt and exchange trusted user data in the TEE across the network edge.
    Type: Grant
    Filed: November 1, 2019
    Date of Patent: August 16, 2022
    Assignee: Sprint Communications Company L.P.
    Inventors: Lyle Walter Paczkowski, Ronald R. Marquardt
  • Patent number: 11405206
    Abstract: Systems and methods for managing a compromised autonomous vehicle server are described herein. A processor may obtain an indication of a first server configured to control an autonomous vehicle being compromised. The autonomous vehicle may have previously been provisioned with a first public key. The first public key may be paired with a first private key. A processor may compile command information. The command information may include a command for the autonomous vehicle and a digital certificate of a second server configured to control the autonomous vehicle in the event of the first server being compromised. The digital certificate may include a second public key and may be signed with the first private key. The command may be signed with a second private key associated with the second server. The second private key may be paired with the second public key.
    Type: Grant
    Filed: December 30, 2018
    Date of Patent: August 2, 2022
    Assignee: Beijing Voyager Technology Co., Ltd.
    Inventors: Jiang Zhang, Xiaoyong Yi, Liwei Ren
  • Patent number: 11374930
    Abstract: Various embodiments are generally directed to techniques to form secure communications between two computing devices in which the chain of trust of those communications is extended to a particular application routine executed by one of the two computing devices. An apparatus includes a processor component; a verifying component to verify a link attestation credential received from a server to verify an ability of the server to form a secure pipeline, and to signal an application routine with an indication of a result of the verification by the verifying component; and a hash component to generate a return hash of a return signature associated with the application routine to indicate to the server that the application routine has also verified the link attestation credential to form the secure pipeline between the server and the application routine. Other embodiments are described and claimed.
    Type: Grant
    Filed: January 2, 2019
    Date of Patent: June 28, 2022
    Assignee: INTEL CORPORATION
    Inventors: Adi Shaliv, Jesse Walker
  • Patent number: 11336636
    Abstract: Systems and methods for server authentication in a content delivery network are provided. Various embodiments include a content delivery network obtaining multiple digital certificates from multiple certificate authorities. When a client attempts to access the content delivery network, the network serves the client a digital certificate and then monitors the authentication of the certificate. If the authentication fails, the content delivery network serves the client another digital certificate that was issued from a different certificate authority. In other embodiments, the content delivery network constantly monitors the function of each certificate authority. The content delivery network constantly pings each certificate authority. If any one of the certificate authorities fails to respond to the pings, the content delivery network will presume the certificate authority is non-operational and will stop using certificates from the non-operational certificate authorities until they resume operation.
    Type: Grant
    Filed: January 31, 2020
    Date of Patent: May 17, 2022
    Assignee: Fastly, Inc.
    Inventor: Sean Leach
  • Patent number: 11308193
    Abstract: An embodiment of the present invention is directed to a translation layer that intercepts a token and converts new group names into old entitlement verbiage based on data loaded at start-up (e.g., hash map, etc.) from a configuration file. The old entitlement verbiage may be loaded into the User Session just as it would have been if the entitlements had come from within the old application authorization structure. The remainder of the application is unaware that the authorization source has changed.
    Type: Grant
    Filed: August 30, 2019
    Date of Patent: April 19, 2022
    Assignee: JPMorgan Chase Bank, N.A.
    Inventors: Brooke Koskinen, Imamuddin H. Syed, William Loughery
  • Patent number: 11301361
    Abstract: The present disclosure involves a sidechain testing system and method for improving security and stability of a smart contract.
    Type: Grant
    Filed: January 28, 2020
    Date of Patent: April 12, 2022
    Assignee: Huazhong University of Science and Technology
    Inventors: Weiqi Dai, Hai Jin, Deqing Zou, Bingcheng Zhao
  • Patent number: 11233640
    Abstract: A system for committing event data includes an interface and a processor. The interface is configured to receive input data and receive a client key. The processor is configured to generate an Nth sequence number; determine an Nth event hash using the input data, an N?1 signature, and the Nth sequence number; encrypt the Nth event hash with the client key to generate an Nth signature; generate an Nth event from the input data, the N?1 signature, the Nth sequence number, and the Nth signature; and, in response to an aggregate N?1 of one or more prior events being valid, apply Nth event onto the aggregate N?1.
    Type: Grant
    Filed: May 13, 2020
    Date of Patent: January 25, 2022
    Assignee: Ridgeline, Inc.
    Inventors: George Michael Barrameda, Joan Hyewon Hong, Hayden Ray Hudgins, Nathan Matthew Macfarlane
  • Patent number: 11228450
    Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for providing certifications.
    Type: Grant
    Filed: April 29, 2021
    Date of Patent: January 18, 2022
    Assignee: Advanced New Technologies Co., Ltd.
    Inventors: Chaofan Yu, Lei Wang, Aihui Zhou, Ning Zhang, Hongliang Tian, Junxian Xiao
  • Patent number: 11222319
    Abstract: A method for managing a post-hoc device registration in an ecosystem is provided. The method includes assembling an electronic device, having a system on a chip (SoC) integrated therein. The method further includes activating/onboarding the device, receiving, by a CA from the device, a communication containing at least one keypair, validating, from the CA to the device, the at least one keypair, triggering, by the CA, data capture of validation data. The validation data includes user registration data, and manufacture/status data for least one of the device and the SoC. The captured validation data is stored in a database of the CA, and then aggregated, along with the received at least one keypair, from the CA database into a billing invoice to the device assembler. The registration data is referenced to the at least one keypair and other validation data by the CA.
    Type: Grant
    Filed: October 16, 2017
    Date of Patent: January 11, 2022
    Assignee: Cable Television Laboratories, Inc.
    Inventor: Brian Alexander Scriber
  • Patent number: 11218327
    Abstract: Implementations of the present disclosure provide techniques to improve security in blockchain networks. In some implementations, a linking request is received from a node. The node requests to be linked to a blockchain network. The linking request includes a digital code. One or more consensus verification messages are received from one or more blockchain nodes of the blockchain network. Each consensus verification message indicates whether a respective blockchain node approves or denies the linking request. A consensus verification result is determined based on the one or more consensus verification messages. In response to determining that the linking request is approved by the one or more blockchain nodes, the digital code is stored into the blockchain network as a digital certificate of the node.
    Type: Grant
    Filed: July 2, 2021
    Date of Patent: January 4, 2022
    Assignee: Advanced New Technologies Co., Ltd.
    Inventor: Honglin Qiu
  • Patent number: 11218328
    Abstract: Implementations of the present disclosure provide techniques to improve security in blockchain networks. In some implementations, a linking request is received from a node. The node requests to be linked to a blockchain network. The linking request includes a digital code. One or more consensus verification messages are received from one or more blockchain nodes of the blockchain network. Each consensus verification message indicates whether a respective blockchain node approves or denies the linking request. A consensus verification result is determined based on the one or more consensus verification messages. In response to determining that the linking request is approved by the one or more blockchain nodes, the digital code is stored into the blockchain network as a digital certificate of the node.
    Type: Grant
    Filed: July 2, 2021
    Date of Patent: January 4, 2022
    Assignee: Advanced New Technologies Co., Ltd.
    Inventor: Honglin Qiu
  • Patent number: 11210392
    Abstract: Disclosed herein are systems and methods for enabling the automatic detection of executable code from a stream of bytes. In some embodiments, the stream of bytes can be sourced from the hidden areas of files that traditional malware detection solutions ignore. In some embodiments, a machine learning model is trained to detect whether a particular stream of bytes is executable code. Other embodiments described herein disclose systems and methods for automatic feature extraction using a neural network. Given a new file, the systems and methods may preprocess the code to be inputted into a trained neural network. The neural network may be used as a “feature generator” for a malware detection model. Other embodiments herein are directed to systems and methods for identifying, flagging, and/or detecting threat actors which attempt to obtain access to library functions independently.
    Type: Grant
    Filed: July 3, 2020
    Date of Patent: December 28, 2021
    Assignee: Sentinel Labs Israel Ltd.
    Inventors: Shlomi Salem, Roy Ronen, Assaf Nativ, Amit Zohar, Gal Braun, Pavel Ferencz, Eitan Shterenbaum, Tai Maimon
  • Patent number: 11171953
    Abstract: A technique includes receiving a request from a first electronic device to connect to a network and receiving a first part from the first electronic device. The technique includes regulating onboarding of the first electronic device. Regulating the onboarding includes authenticating the first electronic device. Authenticating the first electronic device includes communicating with a plurality of electronic devices that are connected to the network to receive a set of second secret parts; constructing a first secret from the first secret part and the set of second secret parts; and comparing the first secret to a second secret. Regulating the onboarding of the first electronic device includes allowing the first electronic device to connect to the network based on a result of the comparison.
    Type: Grant
    Filed: November 26, 2018
    Date of Patent: November 9, 2021
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Sharath Srikanth Chellappa, Yashavantha Nagaraju Naguvanahalli, Dileep Bangalore Sridhara, Thomas M. Laffey
  • Patent number: 11153752
    Abstract: A method of a local bundle assistant (LBA) negotiating a certificate with a secondary platform bundle manager (SPBM) in a wireless communication system including: transmitting a request message requesting information of certificates supported by a secondary secure platform (SSP) to a secondary platform bundle loader (SPBL) of the SSP; receiving the information of certificates supported by the SSP including information of certificate issuers corresponding to a family identifier from the SPBL; transmitting the information of certificates supported by the SSP to the SPBM; and receiving a certificate of the SPBM for key agreement, information of public key identifiers of certificate issuers to be used by the SSP, and information of the family identifier from the SPBM.
    Type: Grant
    Filed: September 9, 2019
    Date of Patent: October 19, 2021
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Kangjin Yoon, Duckey Lee, Hyewon Lee, Jonghoe Koo
  • Patent number: 11108547
    Abstract: Methods and apparatuses for retrieving blockchain data are disclosed. One method comprises: receiving a data retrieving request that comprises a target transaction identifier; identifying a transaction storage location that corresponds to the target transaction identifier as a target transaction storage location based on a pre-stored correspondence between transaction identifiers of transactions recorded on a blockchain associated with the blockchain network and transaction storage locations of the transactions; and retrieving data from the target transaction storage location in the blockchain.
    Type: Grant
    Filed: January 29, 2021
    Date of Patent: August 31, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventor: Xinying Yang
  • Patent number: 11086971
    Abstract: There is provided a method to playback content in a ROM having a ROM ID. The method includes copying the content from the ROM to a RAM having a RAM ID, copying the ROM ID to a memory accessible to a RAM controller, transmitting a license request from the RAM controller to a license server, the license request comprising a RAM controller ID, the ROM ID and a request for a content license to play back the content from the RAM; receiving the content license including a right for the playback of the content from the RAM, and a content key, decrypting the content license by the RAM controller, according to the RAM controller secret associated with the RAM controller ID, to recover and provide the content key to a playback module, decrypting the content using the content key to generate a decrypted content, and playing back the decrypted content.
    Type: Grant
    Filed: September 20, 2019
    Date of Patent: August 10, 2021
    Assignee: Disney Enterprises, Inc.
    Inventors: Hanno Basse, Ian E. Harvey
  • Patent number: 11068875
    Abstract: Using electronic devices (such as cellular telephones) that communicate wirelessly, two individuals can make person-to-person payments. In particular, an individual using an electronic device may identify another proximate electronic device of a counterparty in a financial transaction, and may provide an encrypted payment packet to the other electronic device that includes: a financial credential for a financial account of the individual, a payment amount, and a payment sign. When the other electronic device receives the encrypted payment applet, the counterparty may accept the payment in the financial transaction specified by the encrypted payment packet. Then, the other electronic device may provide the encrypted payment packet and another encrypted payment packet (with a financial credential for a financial account of the counterparty, the payment amount and the opposite payment sign) to a third party that completes the financial transaction.
    Type: Grant
    Filed: September 30, 2014
    Date of Patent: July 20, 2021
    Assignee: Apple, Inc.
    Inventors: Ahmer A. Khan, Timothy S. Hurley
  • Patent number: 11070541
    Abstract: Embodiments of the present application provide a certificate management method and apparatus in an NFV architecture. The certificate management method includes: determining, by an MANO, a storage network element, where the storage network element is configured to store a certificate of a VNFC, and the storage network element is different from the VNFC; creating, by the MANO, storage space in the storage network element, where the storage space is used to store the certificate of the VNFC; and sending, by the MANO, an address of the storage space to the VNFC, so that the VNFC accesses the address of the storage space, obtains the certificate of the VNFC, and directly communicates with another network element by using the certificate stored in the storage network element. The VNFC does not locally store the certificate.
    Type: Grant
    Filed: April 20, 2018
    Date of Patent: July 20, 2021
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Wenji Liu, Jiangsheng Wang
  • Patent number: 11030119
    Abstract: The present disclosure provides a storage data encryption and decryption method, including: providing a true random number generator configured to generate a plurality of keys; providing a data memory configured to store data and a key memory configured to store keys, and writing the keys into the key memory; and providing a data reading and writing interface module configured to read and write data, and providing a data encryption and decryption module configured to read the keys and perform encryption and decryption operations. The data written by the data reading and writing interface module is encrypted by the data encryption and decryption module and written into the data memory. The data read from the data memory is decrypted by the data encryption and decryption module and read to the data reading and writing interface module.
    Type: Grant
    Filed: October 30, 2018
    Date of Patent: June 8, 2021
    Assignee: C-SKY Microsystems Co., Ltd.
    Inventors: Jun Yang, Jie Wang
  • Patent number: 11025598
    Abstract: Method and apparatus for storing and managing encrypted electronic information, which enables on-demand access to a data owner's encrypted electronic information only to the data owner or to authorized data recipients, and only so long as the authorization is not rescinded by the data owner. The authorized data recipient's access to the data owner's information is limited solely to those portions of the data owner's encrypted electronic information designated by the data owner. Moreover, the authorized data recipient's limited access to the encrypted electronic information is accomplished without ever revealing or exposing the data owner's secret or private encryption key(s) to the authorized data recipient. The data owner can also immediately disable this access at any time by rescinding the access authority, if so desired, thereby terminating the authorized recipient's access to any existing information on the system, or any additional information yet to be uploaded, encrypted and stored on the system.
    Type: Grant
    Filed: February 8, 2021
    Date of Patent: June 1, 2021
    Assignee: Mockingbird Ventures, LLC
    Inventors: Cameron Laghaeian, Ugo Ferrante, Lori P. Cobb