Having Particular Address Related Cryptography Patents (Class 713/162)
  • Patent number: 10616739
    Abstract: A method, apparatus, and computer program product are disclosed for locally monitoring Internet of Things (IoT) devices without the need to interact via an IoT network intermediary. An example method includes receiving signals transmitted by one or more devices and identifying, by a communication device, a nearest device of the one or more devices based on the received signals. The method subsequently includes intercepting, by the communication device, advertisements transmitted by the nearest device, and causing display, based on the intercepted advertisements, of state information of the nearest device.
    Type: Grant
    Filed: December 17, 2014
    Date of Patent: April 7, 2020
    Assignee: Nokia Technologies Oy
    Inventors: Janne Ilmari Ofversten, Pekka Eerikki Leinonen
  • Patent number: 10558788
    Abstract: A method for generating debuggable obfuscated script includes embedding into a Web page, a query to a data store of a client for a key disposed within fixed storage of the client, further embedding into the Web page both an encrypted network reference to an un-obfuscated, clear form of a script, the encrypted network reference being decryptable with the key, and also an un-encrypted reference to an obfuscated form of the script and yet further embedding into the Web page, a selection directive selecting and decrypting the encrypted network reference to retrieve the un-obfuscated form upon loading the Web page on the condition that the key is found in the fixed storage, but otherwise selecting the un-encrypted reference to retrieve the obfuscated form. The method additionally includes serving the Web page to the client.
    Type: Grant
    Filed: January 14, 2018
    Date of Patent: February 11, 2020
    Assignee: International Business Machines Corporation
    Inventors: Giulia Carnevale, Marco Gianfico, Ciro Ragusa, Roberto Ragusa
  • Patent number: 10547598
    Abstract: A method for cryptographic material management is provided. The method includes receiving into a computing device, through an API of the computing device, a designation of which of a plurality of key-producing cloud services sources each of a plurality of keys and which of a plurality of key-consuming cloud service providers uses each of the plurality of keys for encrypting or decrypting data. The method includes directing, from the computing device through a first plurality of end modules each interfaced to a specific API of a specific one of the plurality of key-producing cloud services, production of one or more of the plurality of keys. The method includes directing, from the computing device through a second plurality of end modules each interfaced to a specific API of a specific one of the plurality of key-consuming cloud service providers usage of one or more of the plurality of keys.
    Type: Grant
    Filed: March 28, 2017
    Date of Patent: January 28, 2020
    Assignee: THALES ESECURITY, INC.
    Inventors: Solomon Cates, Richard Kettlewell, Nicholas Smith
  • Patent number: 10536446
    Abstract: A system and method for single authentication to a multi-tenancy single-page application hosted in a plurality of different datacenters. The method comprises: receiving, from a client device, a login request to access the single-page application; receiving an access token in response to an authentication of a user of the client device, wherein the access token designates at least tenant identification data; determining a datacenter of the plurality of different datacenters executing an instance of the single-page application supporting a tenant of the authenticated user; retrieving, from the determined datacenter, a single web page of the single-page application, wherein the retrieved signal web page includes at least references to resources pointing to a location of the determined datacenter; and serving the web single page to the client device.
    Type: Grant
    Filed: May 8, 2017
    Date of Patent: January 14, 2020
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC.
    Inventors: Yarin Miran, Nir Mardiks
  • Patent number: 10516728
    Abstract: Computing systems, devices, and associated methods of operation of filtering packets at virtual switches implemented at hosts in a distributed computing system are disclosed herein. In one embodiment, a method includes receiving, at the virtual switch, a packet having a header and a payload and processing, at the virtual switch, the received packet based on multiple match action tables arranged in a hierarchy in which first and second layers individually contain one or more match action tables that individually contain one or more entries each containing a condition and a corresponding processing action.
    Type: Grant
    Filed: June 30, 2017
    Date of Patent: December 24, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventor: Daniel Firestone
  • Patent number: 10476838
    Abstract: Methods and systems for a device identification system may be provided. The device identification system may determine an identity of a user device associated with a transaction. The identity may be determined by network address information, hard link information, soft link information, and/or other such information. The network address information may include IPv4 information, IPv6 information, a device ID, and/or other such information. The identity of the user device may be determined and a transaction conducted from the user device may be assigned a fraudulent transaction risk score according to the information. Transactions that are determined to be at a high risk of fraud may be reviewed or otherwise flagged and/or canceled.
    Type: Grant
    Filed: September 18, 2018
    Date of Patent: November 12, 2019
    Assignee: PAYPAL, INC.
    Inventors: Zahid Nasiruddin Shaikh, Srivathsan Narasimhan
  • Patent number: 10469494
    Abstract: A home network system using a Z-Wave network includes a wired/wireless Z-Wave bridge having a Z-Wave communication unit to which a plurality of home automation devices are accessed through the Z-Wave network and an Ethernet communication unit which is accessed to a main server through the Internet, and a main server providing an application for a remote control of the home automation device, and performing MAC authentication to allow access to the wired/wireless Z-Wave bridge upon request by the portable terminal, in which the MAC authenticated portable terminal of the wired/wireless Z-Wave bridge is accessed to the home automation devices to perform remote control.
    Type: Grant
    Filed: December 11, 2015
    Date of Patent: November 5, 2019
    Assignee: KYUNG DONG ONE CORPORATION
    Inventor: Se Young Oh
  • Patent number: 10462154
    Abstract: A method of transferring information between subscribers associated with a communication service is disclosed. The method includes receiving a first handle address associated with a first subscriber device, in which the first subscriber device transfers information to a group of subscriber devices, each of the group of subscriber devices is linked to different handle addresses, and each of the different handle addresses is included in a group of handle addresses. The method also includes determining whether the first handle address is included in the group of handle addresses, transferring information from the first subscriber device to the group of subscriber devices in response to the first handle address being included in the group of handle addresses, and verifying that the transferred information was received by the group of subscriber devices. A corresponding system and computer-readable device are also disclosed.
    Type: Grant
    Filed: October 1, 2018
    Date of Patent: October 29, 2019
    Assignee: AT&T Mobility II LLC
    Inventors: Sheldon Kent Meredith, Mark Austin
  • Patent number: 10389719
    Abstract: Example implementations relate to a security information sharing platform that enables sharing of security information among a plurality of members. For example, in an implementation, a system may determine that a first member of a community of a security information sharing platform is entitled access to a first set of encrypted information shared by a second member of the community. The system may also receive a request, from the first member, to access the first set of encrypted information, the request including a masked parameter. The system may also determine that the masked parameter matches an access parameter for accessing the first set of encrypted information and provide the first member access to the first set of encrypted information in response to determining that the masked parameter matches the access parameter.
    Type: Grant
    Filed: October 28, 2016
    Date of Patent: August 20, 2019
    Assignee: ENTIT SOFTWARE LLC
    Inventors: Terence Spies, Tomas Sander, Susan K. Langford
  • Patent number: 10356058
    Abstract: Computer-implemented methods are provided for communicating message data from a sender computer to a receiver computer via a network. The sender computer encrypts the message data in dependence on a cryptographic key to produce a ciphertext, and establishes an access password for the ciphertext with a host computer connected to the network. The sender computer sends the ciphertext via the network to the host computer, and sends an email, containing the cryptographic key in cleartext, to the receiver computer via the network. The cryptographic key comprises a random cryptographic value which is independent of the access password. The host computer receives the ciphertext from the sender computer and stores the ciphertext in association with the access password. The receiver computer receives the email from the sender computer and sends an access request for the ciphertext, and an input password, to the host computer via the network.
    Type: Grant
    Filed: October 1, 2015
    Date of Patent: July 16, 2019
    Assignee: International Business Machines Corporation
    Inventors: Jan L. Camenisch, Anja Lehmann, Gregory Neven, Kai Samelin
  • Patent number: 10310886
    Abstract: Some embodiments provide a method for configuring a logical middlebox in a hosting system that includes a set of nodes. The logical middlebox is part of a logical network that includes a set of logical forwarding elements that connect a set of end machines. The method receives a set of configuration data for the logical middlebox. The method uses a stored set of tables describing physical locations of the end machines to identify a set of nodes at which to implement the logical middlebox. The method provides the logical middlebox configuration for distribution to the identified nodes.
    Type: Grant
    Filed: January 4, 2017
    Date of Patent: June 4, 2019
    Assignee: NICIRA, INC.
    Inventors: Ronghua Zhang, Teemu Koponen, IV, Pankaj Thakkar, Amar Padmanabhan, Martin Casado
  • Patent number: 10291595
    Abstract: A platform, apparatus and method for Internet of Things Implementations. For example, one embodiment of a system comprises: an Internet of Things (IoT) hub comprising a network interface to couple the IoT hub to an IoT service over a wide area network (WAN), and programming logic to program an identification device with one or more encryption keys usable to establish encrypted communication with an IoT device; and at least one IoT device interfacing with the identification device following programming of the identification device by the IoT hub; wherein once the identification device is programmed and interfaced with the IoT device, the IoT device uses the one or more keys to establish a secure communication channel with the IoT hub and/or the IoT service.
    Type: Grant
    Filed: November 28, 2017
    Date of Patent: May 14, 2019
    Assignee: Afero, Inc.
    Inventors: Joe Britt, Shin Matsumura, Houman Forood, Scott Zimmerman, Phillip Myles, Sean Zawicki, Daisuke Kutami, Shannon Holland
  • Patent number: 10144304
    Abstract: Various techniques described herein relate to electric vehicle power management system for managing a plurality of battery modules in a battery pack. Such electric vehicle power management system may include a plurality of battery management systems corresponding to a plurality of battery modules, and an energy management system for managing the plurality of battery management systems. The energy management system and the plurality of battery management systems may adopt master-slave wireless communication, and may use a single wireless frequency channel or a plurality of assigned wireless frequency channels.
    Type: Grant
    Filed: July 20, 2016
    Date of Patent: December 4, 2018
    Assignee: THUNDER POWER NEW ENERGY VEHICLE DEVELOPMENT COMPANY LIMITED
    Inventor: Yu-Ting Dai
  • Patent number: 10135739
    Abstract: A data processing device includes a first packet communication interface for communication with at least one host processor via a network interface controller (NIC) and a second packet communication interface for communication with a packet data network. A memory holds a flow state table containing context information with respect to multiple packet flows conveyed between the host processor and the network via the first and second interfaces packet communication interfaces. Acceleration logic, coupled between the first and second packet communication interfaces, performs computational operations on payloads of packets in the multiple packet flows using the context information in the flow state table.
    Type: Grant
    Filed: May 4, 2016
    Date of Patent: November 20, 2018
    Assignee: MELLANOX TECHNOLOGIES, LTD.
    Inventors: Shachar Raindel, Shlomo Raikin, Liran Liss
  • Patent number: 10127194
    Abstract: Methods, systems, and apparatus for performing recursive embedding by URL parameterization are provided. Recursive embedding by URL parameterization may be performed by receiving a display parameter for defining a window display area within a portion of a first document associated with a first application having a first format, and a URL-based identifier specifying a portion of a second document associated with a second application having a second format. The first and second formats are different from each other. A display of the portion of first including the window display area is generated. The specified portion of the second document is displayed within the window display area, and the first and second documents are independently executable with respect to each other.
    Type: Grant
    Filed: May 27, 2016
    Date of Patent: November 13, 2018
    Assignee: Google LLC
    Inventor: Christopher Richard Uhlik
  • Patent number: 10031233
    Abstract: This application discloses a GNSS reference apparatus having a vector error generator and a reference data server. The vector error generator generates one or more sequences of keyed intentional errors made confidential with confidential error keys, and then combines the sequences to generate a sequence of reference erroneous positions. The reference data server issues GNSS position-determination reference data based on the reference erroneous positions where the keyed intentional errors for at least one of the confidential sequences are reversible with confidential access to the corresponding confidential error key for determining a GNSS-based position.
    Type: Grant
    Filed: November 25, 2015
    Date of Patent: July 24, 2018
    Assignee: Trimble Inc.
    Inventor: David G. Bird
  • Patent number: 10021036
    Abstract: Systems and methods for management of persistent cookies in a corporate web portal are described. A plurality of zones may be defined and stored in memory. Each zone may be associated with a zone property indicative of whether cookies are allowed. A resource request may be received from a user device over a network where access to the requested resource may require a cookie. The user device may be classified into a zone from the plurality of zones based on the attributes of the user device. The cookie may be automatically installed on the user device based on a zone property for the zone and for those resources that have been configured to require installation of a cookie installed without requiring further user interaction following the request.
    Type: Grant
    Filed: January 8, 2016
    Date of Patent: July 10, 2018
    Assignee: SonicWALL Inc.
    Inventors: Christopher D. Peterson, Jeetendra Kulkarni
  • Patent number: 9977685
    Abstract: Some embodiments provide a method of operating several logical networks over a network virtualization infrastructure. The method defines a managed physical switching element (MPSE) that includes several ports for forwarding packets to and from a plurality of virtual machines. Each port is associated with a unique media access control (MAC) address. The method defines several managed physical routing elements (MPREs) for the several different logical networks. Each MPRE is for receiving data packets from a same port of the MPSE. Each MPRE is defined for a different logical network and for routing data packets between different segments of the logical network. The method provides the defined MPSE and the defined plurality of MPREs to a plurality of host machines as configuration data.
    Type: Grant
    Filed: December 20, 2013
    Date of Patent: May 22, 2018
    Assignee: NICIRA, INC.
    Inventors: Ganesan Chandrashekhar, Rahul Korivi Subramaniyam, Ram Dular Singh, Vivek Agarwal, Howard Wang
  • Patent number: 9860251
    Abstract: A system and computer program product for implementing a method for restricting access to information transmitted over a computing network. A computer receives a resource request for a resource to be located. The resource request contains a universal resource locator (URL). The computer determines that the requested resource is available and in response, the computer locates the requested resource contained in the resource request. The computer determines whether encryption of the contained. URL is required. The computer may determine whether encryption is required for a return URL of the requested resource that is to be returned to a location of the resource request. After the computer determines that the requested resource is available, the computer may: determine that encryption of the requested resource is required and in response, determine an encrypted value of the requested resource.
    Type: Grant
    Filed: January 30, 2017
    Date of Patent: January 2, 2018
    Assignee: International Business Machines Corporation
    Inventors: Michael P. Carlson, Srinivas Chowdhury
  • Patent number: 9811831
    Abstract: A system may include a point-of-sale system that gathers payment card track data from a payment card and a payment card gateway that processes the track data to authorize purchase transactions. The point-of-sale system may remove sensitive data such as a portion of a primary account number from the track data and may compress the removed data. The compressed version of the data may be appended to a discretionary field in the track data. The discretionary field may be encrypted following insertion of the compressed data. Track data that has been modified in this way may be conveyed to the payment gateway for processing.
    Type: Grant
    Filed: February 21, 2014
    Date of Patent: November 7, 2017
    Assignee: ENTIT SOFTWARE LLC
    Inventors: Terence Spies, Matthew J. Pauker, Jacob Green, Michael S. Leong, Richard T. Minner
  • Patent number: 9805215
    Abstract: A technology is described for making a decision based on identifying without disclosing the identifying information. The method may include receiving a mapping value that represents identifying information that has been converted into a mapping value. A request for data associated with the identifying information may be made by providing the mapping value as a proxy for the identifying information whereby the data associated with the identifying information may be located using the mapping value and returned to a requesting client or service.
    Type: Grant
    Filed: August 17, 2015
    Date of Patent: October 31, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Jesper Mikael Johansson, Dominique Imjya Brezinski, Darren Ernest Canavor, Darin Keith McAdams, Jon Arron McClintock, Brandon William Porter
  • Patent number: 9801060
    Abstract: Systems and techniques for secure wireless low-power wake-up are described herein. A low-power wake-up receiver (LP-WUR) of a wireless device may receive a wake-up signal. The LP-WUR may extract a receiver ID token from the wake-up signal. The LP-WUR may then verify the receiver ID token and enable a main transceiver, different than the LP-WUR, when the verification passes to engage in wireless communications.
    Type: Grant
    Filed: November 5, 2015
    Date of Patent: October 24, 2017
    Assignee: Intel Corporation
    Inventors: Alexander W Min, Minyoung Park
  • Patent number: 9774609
    Abstract: A method of communicating in a secure communication system, comprises the steps of assembling as message at a sender, then determining a security level, and including an indication of the security level in a header of the message. The message is then sent to a recipient.
    Type: Grant
    Filed: January 8, 2016
    Date of Patent: September 26, 2017
    Assignee: Certicom Corp.
    Inventor: Marinus Struik
  • Patent number: 9710654
    Abstract: A system that validates a native code module. During operation, the system receives a native code module comprised of untrusted native program code. The system validates the native code module by: (1) determining that code in the native code module does not include any restricted instructions and/or does not access restricted features of a computing device; and (2) determining that the instructions in the native code module are aligned along byte boundaries such that a specified set of byte boundaries always contain a valid instruction and control flow instructions have valid targets. The system allows successfully-validated native code modules to execute, and rejects native code modules that fail validation. By validating the native code module, the system facilitates safely executing the native code module in the secure runtime environment on the computing device, thereby achieving native code performance for untrusted program binaries without significant risk of unwanted side effects.
    Type: Grant
    Filed: June 3, 2016
    Date of Patent: July 18, 2017
    Assignee: Google Inc.
    Inventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee
  • Patent number: 9705854
    Abstract: A method for operating a secure device having a plurality of mutually exclusive circuit zones, including a first circuit zone having a first level of security and a second circuit zone having a second level of security less than the first level of security, the method including unpacking a key exchange package including receiving a key exchange package in the second circuit zone, the key exchange package including encrypted key data and processing the encrypted key data using a content key in the first circuit zone to generate decrypted key data and storing the decrypted key data in the first circuit zone without disclosing the decrypted key data into the second circuit zone.
    Type: Grant
    Filed: July 9, 2013
    Date of Patent: July 11, 2017
    Assignee: Massachusetts Institute of Technology
    Inventors: Roger I. Khazan, Joshua Kramer, Daniil M. Utin, Mankuan Michael Vai, David Whelihan
  • Patent number: 9654472
    Abstract: A storage count verification system is provided in which a client can verify the number of identical data items stored by a server without the server being notified of the results. A storage count verification system verifies whether a user device and a server device have identical data where search data requested by a user device is used to search data to be searched on a server device. The server device generates a public parameter for searching the data to be searched and transmits the generated public parameter to the user device. The user device is provided with a user generation unit for generating, on the basis of the public parameter received from the server device, a secret parameter that is for the search data and corresponds to the public parameter and a user encryption unit for encrypting the search data on the basis of the generated secret parameter.
    Type: Grant
    Filed: June 18, 2013
    Date of Patent: May 16, 2017
    Assignee: Hitachi, Ltd.
    Inventors: Masayuki Yoshino, Hisayoshi Sato
  • Patent number: 9628453
    Abstract: A method and system for restricting access to information transmitted over a computing network. A computer receives a resource request for a resource to be located. The resource request contains a universal resource locator (URL). The computer determines that the requested resource is available and in response, the computer locates the requested resource contained in the resource request. The computer determines whether encryption of the contained URL is required. The computer may determine whether encryption is required for a return URL of the requested resource that is to be returned to a location of the resource request. After the computer determines that the requested resource is available, the computer may: determine that encryption of the requested resource is required and in response, determine an encrypted value of the requested resource.
    Type: Grant
    Filed: June 10, 2015
    Date of Patent: April 18, 2017
    Assignee: International Business Machines Corporation
    Inventors: Michael P. Carlson, Srinivas Chowdhury
  • Patent number: 9619663
    Abstract: A replaceable printer component includes a first memory device and a communication link. The first memory device is configured to store a first secret. The communication link is configured to communicatively link the first memory device to a printer controller when the replaceable printer component is installed in a printing system. The printing system comprises a second memory device storing a second secret. The second memory device is communicatively linked to the printer controller. The printer controller is configured to determine an authenticity of the replaceable printer component based on the first secret and the second secret.
    Type: Grant
    Filed: October 11, 2016
    Date of Patent: April 11, 2017
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventor: Jacob Grundtvig Refstrup
  • Patent number: 9607096
    Abstract: A system and method for managing access to content is provided. One example embodiment provides for a method including acts of identifying a filter of content based at least in part on the preferences a user and a subject presented in the content and presenting the content using the filter to the user. Another example embodiment provides for a system that includes a controller configured to identify a filter of content based on preferences of a user, to present content using the identified filter and to update the preferences of the user based on feedback from the user and the subjects presented in the content.
    Type: Grant
    Filed: June 23, 2014
    Date of Patent: March 28, 2017
    Assignee: Excalibur IP, LLC
    Inventors: Athellina Athsani, Elizabeth F. Churchill, Joseph O'Sullivan
  • Patent number: 9565559
    Abstract: A computer-based system and method for secured privacy preservation scheme while data aggregation in a non-hierarchical wireless sensor network that lacks peer-to-peer communication between the communicating sensor nodes is disclosed. The method and system adopts formation of self-adaptive efficient cluster formation for robust privacy preservation in the network by grouping the multiple sensor nodes in the network to form multiple clusters that enables low computation overhead and high scalability in the network. The method and system of the invention discloses an effective twin-key management scheme that provides establishment of secure communication among the sensor nodes and the secure communication between at least one sensor node with the sever node performing the function data aggregation of the data collected by the sensor nodes.
    Type: Grant
    Filed: June 9, 2011
    Date of Patent: February 7, 2017
    Assignee: Tata Consultancy Services Limited
    Inventors: Arijit Ukil, Jaydip Sen
  • Patent number: 9531786
    Abstract: A device management system includes an electronic device and a remote maintenance server. The electronic device displays an operation screen to a user. The remote maintenance server includes a transparent panel management portion that draws a guide image on a virtual transparent panel based on an operation of a service person performed on a service terminal device, and causes the electronic device to overlay and display the virtual transparent panel on the operation screen.
    Type: Grant
    Filed: July 15, 2014
    Date of Patent: December 27, 2016
    Assignee: KYOCERA Document Solutions Inc.
    Inventors: Daisuke Yoshida, Toyoaki Oku, Koki Nakajima, Takeshi Nakamura, Yoshihiko Arai, Atsushi Matsumoto
  • Patent number: 9530003
    Abstract: A computer system includes a data network connection, a reading device, an input component and a security device, wherein the security device establishes a data network link via the data network connection as the computer system is starting up and said security device further receives access data either via the data network link or via the reading device and the input component, and said security device compares the received access data with a data record stored in a firmware on a memory element and boots the computer system if the comparison was successful.
    Type: Grant
    Filed: December 17, 2013
    Date of Patent: December 27, 2016
    Assignee: Fujitsu Technology Solutions Intellectual Property GmbH
    Inventor: Mario Wegener
  • Patent number: 9525554
    Abstract: A device and method associates a certificate with a first recipient identity. The method comprises receiving the first recipient identity of a user. The method comprises associating the first recipient identity of the user with a second recipient identity of the user. The second recipient identity is associated with a certificate so that subsequent transmissions of data to the first recipient identity encrypts the data according to specifications of the certificate.
    Type: Grant
    Filed: September 10, 2008
    Date of Patent: December 20, 2016
    Assignee: Google Inc.
    Inventors: Sanjiv Maurya, Jack Cai
  • Patent number: 9501431
    Abstract: A method and apparatus are provided to enable the remote management of software that is otherwise limited to using local input/output (I/O) only. According to the method and apparatus, a microcontroller is installed on a system board of a server and configured to listen to write requests directed to a first I/O interface. When such requests are detected, data that is part of such requests is intercepted and transmitted over a second I/O interface that is different from the first I/O interface.
    Type: Grant
    Filed: September 5, 2013
    Date of Patent: November 22, 2016
    Assignee: Google Inc.
    Inventor: Nathan Isaac Laredo
  • Patent number: 9495549
    Abstract: A replaceable printer component includes a first memory device and a communication link. The first memory device is configured to store a first secret. The communication link is configured to communicatively link the first memory device to a printer controller when the replaceable printer component is installed in a printing system. The printing system comprises a second memory device storing a second secret. The second memory device is communicatively linked to the printer controller. The printer controller is configured to determine an authenticity of the replaceable printer component based on the first secret and the second secret.
    Type: Grant
    Filed: August 11, 2015
    Date of Patent: November 15, 2016
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventor: Jacob Grundtvig Refstrup
  • Patent number: 9491032
    Abstract: In various embodiments, methods and systems for managing wake-enabled transport connections of wake-enabled applications is provided. A set of ports is designated as a wake-enabled port set. An operating system (OS) of a computing device running applications plumbs the multiport wake pattern to the one or more network interface controllers (NIC) of the computing device. A wake-enabled application acquires a port from the wake-enabled port set. The OS makes a determination that the application is wake-enabled and as such, assigns a port, from the wake-enable port set, to the wake-enabled application. Upon receiving a packet at the NIC, a determination is made whether the packet corresponds to a wake-enabled transport connection based on comparing the packet to the multiport wake pattern. Upon matching the packet to the multiport wake pattern, the NIC communicates with the OS to wake a portion of the wake-enabled application associated with the wake-enabled transport connection.
    Type: Grant
    Filed: September 5, 2013
    Date of Patent: November 8, 2016
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Praveen Balasubramanian, Poornananda R. Gaddehosur, David Garfield Thaler, III, Dmitry A. Anipko, Christopher Benjamin Palmer
  • Patent number: 9471755
    Abstract: Font protection management is described. In one or more implementations, a font package is obtained for an application and includes fonts that are protected by obfuscation. When the application is launched, a request to determine whether use of the protected fonts is authorized in connection with the application may be communicated to a font protection service. A response that is indicative of authorization to use the protected fonts in connection with the application may be received from the font protection service. When the response indicates that use of the protected fonts is authorized, the protected fonts may be de-obfuscated and subsequently used in connection with the application. When the response indicates that use of the protected fonts is not authorized in connection with the application, however, default fonts may be used with the application instead.
    Type: Grant
    Filed: July 11, 2013
    Date of Patent: October 18, 2016
    Assignee: Adobe Systems Incorporated
    Inventor: David G. Demaree
  • Patent number: 9444822
    Abstract: Providing authorization and authentication in a cloud for a user of a storage array includes: receiving, by a storage array access module from a client-side array services module, a token representing authentication of user credentials and authorized access privileges defining one or more storage array services accessible by the user, where the token is generated by a cloud-based security module upon authentication of the user credentials and identification of authorized access privileges for the user; receiving, by the storage array access module from the user, a user access request to one or more storage array services; and determining, by the storage array access module, whether to grant the user access request in dependence upon the authorized access privileges represented by the token.
    Type: Grant
    Filed: May 29, 2015
    Date of Patent: September 13, 2016
    Assignee: Pure Storage, Inc.
    Inventors: Benjamin P. Borowiec, Jimmy T. Hu, Ethan L. Miller, Terence W. Noonan, Constantine P. Sapuntzakis, Neil A. Vachharajani, Daquan Zuo
  • Patent number: 9436623
    Abstract: Methods, apparatus and systems for implementing run-time fabric reconfiguration are described herein. In accordance with one aspect, techniques are disclosed for implementing run-time fabric reconfiguration on a System on a Chip (SoC) via use of multiple endpoint fabric interfaces having routing logic that is dynamically reconfigured at run-time by a fabric control unit in response to system-state changes. The endpoint fabric interfaces may be coupled to or integrated in IP blocks that are coupled to a switch fabric, or may be implemented in the switch fabric itself. The run-time fabric reconfiguration techniques may be implemented to for various purposes and/or to address various events, such as node failures, security events, IP or design bugs, feature prototyping, and virtualization.
    Type: Grant
    Filed: September 20, 2012
    Date of Patent: September 6, 2016
    Assignee: Intel Corporation
    Inventors: Aviad Wertheimer, Daniel Greenspan
  • Patent number: 9418249
    Abstract: Transponder (180) having stored a fixed identification number, which expands said identification number with a random number, encrypts said expanded number with a key, and sends it to a reader (160) on its request. Reader (160), which on request receives an encrypted number from a transponder (180), decrypts a received encrypted number with a key, which was also used by the transponder (180), and extracts a fixed identification number associated with the transponder (180).
    Type: Grant
    Filed: May 12, 2009
    Date of Patent: August 16, 2016
    Assignee: NXP B.V.
    Inventors: Peter Thueringer, Hans De Jong, Bruce Murray, Heike B. Neumann, Paul Hubmer, Susanne Stern
  • Patent number: 9361453
    Abstract: A system that validates a native code module. During operation, the system receives a native code module comprised of untrusted native program code. The system validates the native code module by: (1) determining that code in the native code module does not include any restricted instructions and/or does not access restricted features of a computing device; and (2) determining that the instructions in the native code module are aligned along byte boundaries such that a specified set of byte boundaries always contain a valid instruction and control flow instructions have valid targets. The system allows successfully-validated native code modules to execute, and rejects native code modules that fail validation. By validating the native code module, the system facilitates safely executing the native code module in the secure runtime environment on the computing device, thereby achieving native code performance for untrusted program binaries without significant risk of unwanted side effects.
    Type: Grant
    Filed: August 19, 2014
    Date of Patent: June 7, 2016
    Assignee: Google Inc.
    Inventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee
  • Patent number: 9307391
    Abstract: A system and a method is provided for managing the mobility of a mobile network in a Proxy Mobile Internet Protocol (PMIP) environment operating under the Dynamic Host Configuration Protocol (DHCP) protocol. The method is based on prefix allotment between a server DHCPv6 and a mobile router via an access gateway (MAG) and the exchanging of messages between the server and a point of attachment (LMA).
    Type: Grant
    Filed: February 27, 2013
    Date of Patent: April 5, 2016
    Assignee: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVES
    Inventors: Alexandre Petrescu, Michael Mathias Boc, Christophe Janneteau
  • Patent number: 9294867
    Abstract: One embodiment of a system for providing services to subscribers of a network supports the provision of a plurality of different services to multiple subscribers. A first processing unit provides a first execution environment for a first set of software applications and a second processing unit provides a second execution environment for a second set of software applications. A data structure is provided for storing data associated with subscribers of the system, the data structure providing a common identity for association with a subscriber which is recognized by all processing units of the system. This provides a common user repository which simplifies the provision of services and the authentication processes within the system.
    Type: Grant
    Filed: October 31, 2014
    Date of Patent: March 22, 2016
    Assignee: Hewlett Packard Enterprise Development LP
    Inventor: Colin I'Anson
  • Patent number: 9286281
    Abstract: A system and method for facilitating the entry by a signer user of information into a scaffold electronic document having multiple information entry fields, over the internet or similar network. The system includes a document summary server, in communication with a document execution server, and associated with a scaffold electronic document via network. The document summary server facilitates the entry by a signer user of information into one or more information entry fields in a scaffold document.
    Type: Grant
    Filed: October 20, 2010
    Date of Patent: March 15, 2016
    Assignee: Citrix Systems, Inc.
    Inventors: Cary Dunn, Jonathan Siegel, Daryl Bernstein
  • Patent number: 9264235
    Abstract: A device and method are provided for a device that authenticates a server over a network. The device and method are operable to contact the server to initiate a handshaking operation. The device receives certificate information and handshaking information from the server. The device completes the handshaking operations to establish the connection with the server. The device downloads the content from the server through the connection before authenticating the server to establish a secure connection. In some aspects, the device may display a portion of the downloaded content before the server is authenticated.
    Type: Grant
    Filed: November 16, 2010
    Date of Patent: February 16, 2016
    Assignee: BlackBerry Limited
    Inventors: Alexander Truskovsky, Neil Patrick Adams, Eli Omen Jackson
  • Patent number: 9246923
    Abstract: Systems and techniques are provided for the classification of risks associated with developers in an application ecosystem. Signals associated with a developer account for an application ecosystem may be received. Each of the signals may include one of an account signal, an application signal, and a financial signal, and each of the signals may be associated with a weight and a score. The signals may be combined using the weights and the scores associated with the signals to obtain a risk probability for the developer account. The risk probability may be scored.
    Type: Grant
    Filed: January 19, 2014
    Date of Patent: January 26, 2016
    Assignee: Google Inc.
    Inventors: Ryan James Terribilini, Alec Go
  • Patent number: 9223026
    Abstract: This application discloses a GNSS reference apparatus having a vector error generator and a reference data server. The vector error generator generates one or more sequences of keyed intentional errors made confidential with confidential error keys, and then combines the sequences to generate a sequence of reference erroneous positions. The reference data server issues GNSS position-determination reference data based on the reference erroneous positions where the keyed intentional errors for at least one of the confidential sequences are reversible with confidential access to the corresponding confidential error key for determining a GNSS-based position.
    Type: Grant
    Filed: November 13, 2012
    Date of Patent: December 29, 2015
    Assignee: Trimble Navigation Limited
    Inventor: David G. Bird
  • Patent number: 9219717
    Abstract: A mobile communication device registers for data communication through a mobile communication network with a packet-based network. The device may or may not have a mobile device number, and registers using a fully-qualified-domain-name (FQDN) uniquely identifying the device in a domain-name-system (DNS) of the packet-based network. A packet-data-network gateway assigns a packet-based address for the device, and generates a request for registering the address with the FQDN in a DNS server. Alternatively, the device generates the packet-based address based on a received portion of the address, retrieves the FQDN from an identity module, and sends a DNS-Update message to the DNS server including the address and FQDN. Again alternatively, a DNS server receives an encrypted DNS update message including a FQDN and a packet-based address, and decrypts the message prior to registering the address and FQDN in a DNS database.
    Type: Grant
    Filed: September 8, 2014
    Date of Patent: December 22, 2015
    Assignee: Cellco Partnership
    Inventor: Praveen Gupta
  • Patent number: 9191291
    Abstract: A computer-implemented method is presented herein. The method obtains a first content item from an online source, and then generates a characterizing signature of the first content item. The method continues by finding a previously-saved instance of the characterizing signature and retrieving data associated with a second content item (the second content item is characterized by the characterizing signature). The method continues by analyzing the data associated with the second content item, corresponding data associated with the first content item, and decision criteria. Thereafter, either the first content item or the second content item is identified as an original content item, based on the analyzing. The other content item can be flagged as an aggregated content item.
    Type: Grant
    Filed: September 9, 2013
    Date of Patent: November 17, 2015
    Assignee: salesforce.com, inc.
    Inventor: Dai Duong Doan
  • Patent number: 9166951
    Abstract: Strict transport security controls are arranged to detect a first navigation command of a network-enabled application to navigate from a secure connection established with a first network address and to navigate to a second network address using an unsecure reference. A filter is used to filter, in response to the detection of the first navigation command, referring information in a second navigation command used to establish a second address secure connection with a device having the second network address. The strict transport security controls service is optionally arranged to provide a warning signal upon detecting formation of the second navigation command.
    Type: Grant
    Filed: February 4, 2014
    Date of Patent: October 20, 2015
    Inventor: Robert Hansen