Multicast Patents (Class 713/163)
-
Patent number: 12212546Abstract: Systems and methods are described for implementing a device isolation service. A device isolation service creates and administers per-device virtual networks for individual computing devices, thereby isolating the computing devices from each other and limiting device-to-device communication. The device isolation service may further provide a monitored and access-controlled network that facilitates access to the isolated devices, thereby allowing “administrator” devices to access and administer devices while preventing a compromised device from seeing, probing, or compromising other devices on the network. The device isolation service may group devices by category or function, and may put devices that communicate with each other on the same virtual network while isolating other devices to different virtual networks.Type: GrantFiled: September 19, 2022Date of Patent: January 28, 2025Assignee: Amazon Technologies, Inc.Inventor: Eknath Venkataramani
-
Management of network intercept portals for network devices with durable and non-durable identifiers
Patent number: 12206668Abstract: Generally described, the presently disclosed technology utilizes durable and non-durable identifiers of a user device to authenticate the user device and cause the user device to be directed to a network intercept portal or captive portal to the user device based on whether additional user input is needed from the user device. A cloud network management server may identify a user device based on a previously stored association between a durable identifier associated with the user device and a non-durable identifier associated with the user device. In response to an indication from the cloud network management server that additional input is needed, a gateway or network management device can indicate to the access point that network access has been granted to the user device, but redirect the user device to network intercept portal or captive portal to obtain the additional user input requested by the cloud network management server.Type: GrantFiled: November 10, 2023Date of Patent: January 21, 2025Assignee: Nomadix, Inc.Inventor: Vadim Olshansky -
Patent number: 12189744Abstract: Various embodiments are generally directed to techniques for multi-voice speech recognition commands, such as based on monitoring a telecommunications channel between first and second devices, for instance. Some embodiments are particularly directed to prompting initiation of a transaction between a first entity associated with a first device and a second entity associated with a second device based on detection of an audible request corresponding to the second entity and an audible response corresponding to the first entity.Type: GrantFiled: May 15, 2023Date of Patent: January 7, 2025Assignee: Capital One Services, LLCInventors: Paul Hurlocker, Austin Grant Walters, Jeremy Edward Goodsitt
-
Patent number: 12166836Abstract: A communication system that performs communication among a plurality of nodes by a broker-less type publishing/subscribing model, includes: a computer including a memory and a processor configured to detect distribution of unauthorized data from one application that is handled with priority on a subscriber side among one or more applications that are redundant on one or more of the nodes and functioning as a publisher side; and switch an application handled with priority on the subscriber side to another application different from the one application among the one or more applications in a case where distribution of the unauthorized data is detected.Type: GrantFiled: April 1, 2021Date of Patent: December 10, 2024Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATIONInventors: Masahiro Shiraishi, Hiroki Nagayama, Tomoaki Washio, Asami Miyajima
-
Patent number: 12143462Abstract: A method for fetching a content from a web server to a client device is disclosed, using tunnel devices serving as intermediate devices. The client device accesses an acceleration server to receive a list of available tunnel devices. The requested content is partitioned into slices, and the client device sends a request for the slices to the available tunnel devices. The tunnel devices in turn fetch the slices from the data server, and send the slices to the client device, where the content is reconstructed from the received slices. A client device may also serve as a tunnel device, serving as an intermediate device to other client devices. Similarly, a tunnel device may also serve as a client device for fetching content from a data server. The selection of tunnel devices to be used by a client device may be in the acceleration server, in the client device, or in both.Type: GrantFiled: August 2, 2023Date of Patent: November 12, 2024Assignee: BRIGHT DATA LTD.Inventors: Derry Shribman, Ofer Vilenski
-
Patent number: 12095720Abstract: Methods, devices, systems, and computer readable media with instructions for group text communications between multiple devices, along with communication of associated data and automatic deletion of communications, are described. One embodiment involves generating a first ephemeral group chat, receiving a first ephemeral chat message, associated with one or more deletion triggers, and transmitting the first ephemeral message and receiving, from at least the second client device, chat monitoring information comprising first deletion trigger information. In various embodiments, coordinated presentation and deletion of ephemeral chat messages are managed in a variety of ways.Type: GrantFiled: July 9, 2021Date of Patent: September 17, 2024Assignee: Snap Inc.Inventors: Nicholas Richard Allen, Jonathan Dale Brody, Chamal Samaranayake, William Wu
-
Patent number: 12028330Abstract: A method by a management server is described. The method includes receiving a credentials request from a requesting management node. The credentials request includes a public key of the requesting management node. The method also includes determining whether the management server has credentials encrypted for the requesting management node in a local cache. The credentials are encrypted using the public key of the requesting management node and cannot be decrypted by the management server. The method further includes sending the encrypted credentials to the requesting management node when the management server has the encrypted credentials. The requesting management node can decrypt the encrypted credentials using a private key.Type: GrantFiled: August 23, 2021Date of Patent: July 2, 2024Assignee: Ivanti, Inc.Inventors: Mark Tempel, Andrew Moravec
-
Patent number: 12021749Abstract: Embodiments of the present disclosure relate to a method, a device and a computer readable medium for IPv6 address management in an IAB system. The method comprises obtaining an IPv6 prefix for an IAB node in the IAB system, the prefix being associated with the donor central unit or a donor distributed unit in the IAB system; determining an interface identity for the IAB node; and generating, based on the Internet Protocol Version 6, IPv6, prefix and the interface identity, an IPv6 address for the IAB node for communication between the donor central unit and the IAB node. As a result, IPv6 address management for an IAB node in an IAB system is implemented.Type: GrantFiled: November 1, 2018Date of Patent: June 25, 2024Assignee: NOKIA TECHNOLOGIES OYInventors: Xiang Xu, Colin Kahn, Dawid Koziol
-
Patent number: 12001579Abstract: Data items such as files or database records associated with particular applications (such as messaging applications and other applications) can be stored in one or more remote locations, such as a cloud storage system, and synchronized with other devices. The remote storage can be configured such that each application executing on a client device can only view data items stored at the remote location to which the application has permission to access. An access manager on each client device enforces application specific access policies. Storage at the remote location can be secured for each application associated with a user or user account, for example, using isolated containers. The cloud storage of data can be anonymized and anonymous group data can be stored in the cloud storage.Type: GrantFiled: May 5, 2021Date of Patent: June 4, 2024Assignee: APPLE INC.Inventors: Benoit Chevallier-Mames, Thomas Icart, Mathieu Ciet, Oliver J. Hunt, Yannick Sierra, Gokul Thirumalai, Roberto Garcia
-
Patent number: 11949530Abstract: Systems and methods for providing multicast group (MCG) membership relative to partition membership in a high performance computing environment. In allowing a subnet manager of a local subnet to be instructed that all ports that are members of the relevant partition should be set up as members for a specific multicast group, the SM can perform a more efficient multicast-routing process. It is also possible to limit the IB client interaction with subnet administration conventionally required to handle join and leave operations. Additionally, subnet manager overhead can be reduced by creating a spanning tree for the routing of multicast packets that includes each of the partition members added to the multicast group, instead of creating a spanning tree after each multicast group join request is received, as conventionally required.Type: GrantFiled: November 19, 2021Date of Patent: April 2, 2024Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Bjørn Dag Johnsen, Bartosz Bogdanski, Line Holen
-
Patent number: 11902775Abstract: Rotation of a wireless client device address is based on an encryption key and a nonce value. Key information and nonce value information are shared between a wireless client device and a network infrastructure component over a secure communication channel. The wireless client device encrypts the nonce value using the key information and encodes the encrypted value as a device address. The wireless client device then identifies itself via a source address value in a message transmitted over a wireless network. Upon receiving the message, the network infrastructure component decrypts information derived from the source address value and compares the resulting data to the nonce value. If a match is identified, the network infrastructure identifies the wireless client device as a source of the message. In some embodiments, the nonce value is updated with each rotation to provide for improved entropy of generated device addresses.Type: GrantFiled: May 28, 2021Date of Patent: February 13, 2024Assignee: CISCO TECHNOLOGY, INC.Inventors: Jerome Henry, Stephen Michael Orr, Robert E. Barton
-
Patent number: 11902388Abstract: In an example, there is disclosed a system and method for providing a service-oriented architecture, including request/response, over a publish/subscribe framework. In one embodiment, a system is disclosed for adding layers upon a publish/subscribe messaging framework for sophisticated messaging such as point-to-point (request/response) and the ability to query for available services, in a reliable, scalable manner.Type: GrantFiled: July 23, 2021Date of Patent: February 13, 2024Assignee: Musarubra US LLCInventors: Christopher Smith, Sudeep Das
-
Patent number: 11855767Abstract: A method for distributing encrypted cryptographic data includes receiving, by a key service, from a first client device, a request for a first public key. The method includes transmitting, by the key service, to the first client device, the first public key. The method includes receiving, by the key service, from an access control management system, an encryption key encrypted with the first public key and a request from a second client device for access to the encryption key. The method includes decrypting, by the key service, the encrypted encryption key, with a private key corresponding to the first public key. The method includes encrypting, by the key service, the decrypted encryption key, with a second public key received from the second computing device. The method includes transmitting, by the key service, to the second client device, the encryption key encrypted with the second public key.Type: GrantFiled: November 1, 2021Date of Patent: December 26, 2023Inventor: William R. Ackerly
-
Patent number: 11838409Abstract: The invention relates to a method for transferring data in a publish-subscribe system (100) comprising a key distribution server (200) and a plurality of communication devices (101, 102, 103, 104) which can be coupled to the key distribution server (200) and which comprise at least one server device and a number of client devices.Type: GrantFiled: October 17, 2019Date of Patent: December 5, 2023Assignee: Siemens AktiengesellschaftInventors: Kai Fischer, Steffen Fries
-
Patent number: 11770707Abstract: A system comprises an interface and a processor. The interface is configured to provide a request to join a publish group from a client or a point to point communication link of a lattice mesh; and receive a group key or a host public key. The processor is configured to determine whether a message has been received; in response to the message having been received, determine whether the message is to be sent on; in response to the message being determined not to be sent on, decode the message using the group key or the host public key; determine whether to store the message in a backfill database; in response to determining to store the message in the backfill database, store the message in the backfill database.Type: GrantFiled: March 10, 2022Date of Patent: September 26, 2023Assignee: Anduril Industries, Inc.Inventors: Jared Newman, Ryan Brown, Brian W. Schimpf, Palmer F. Luckey, Julian Hammerstein, Travis M. Whitaker, Jason Levin, Joseph Chen
-
Patent number: 11716367Abstract: An apparatus for monitoring a multicast group is provided. The apparatus includes a storage, a receiver and an operation processor. The storage is configured to store first data including a first authenticated message authenticated as being published by a publisher of the multicast group to n-th data including an n-th authenticated message authenticated as being published by the publisher where n is a natural number of 2 or more. The receiver is configured to receive status data including a first propagation message to be delivered to the multicast group. Further, the operation processor is configured to generate monitoring information including status information of the multicast group by using the status data and the first to n-th data.Type: GrantFiled: March 19, 2020Date of Patent: August 1, 2023Assignee: UNIONPLACE CO., LTD.Inventors: Seongcheol Bang, Jaewon Cha, Seungchul Kwak
-
Patent number: 11601295Abstract: In one example, a system comprises a plurality of non-last-hop routers (non-LHRs) of a network, the non-LHRs configured with a multicast distribution tree for a multicast group to transport first multicast packets of a multicast flow toward one or more LHRs, wherein a router of the non-LHR routers is configured to receive unicast packets for an application session associated with the multicast group, encapsulate the unicast packets in a multicast header to generate the first multicast packets for distribution using the multicast distribution tree, and output the first multicast packets; and the one or more LHRs, wherein the one or more LHRs are interested receivers of the multicast group, and wherein the one or more LHRs are configured to receive the first multicast packets of the multicast flow, extract the unicast packets for the application session, and send the unicast packets to one or more clients of the application session.Type: GrantFiled: September 23, 2019Date of Patent: March 7, 2023Assignee: Juniper Networks, Inc.Inventors: Ananda Kumar M R, Sameer Seth
-
Patent number: 11575507Abstract: A method including determining, by a first device, a sharing encryption key based at least in part on an access private key associated with encrypted content and an assigned public key associated with a second device; encrypting the access private key associated with the encrypted content utilizing the sharing encryption key; and transmitting the encrypted access private key to enable the second device to access the encrypted content. Various other aspects are contemplated.Type: GrantFiled: September 21, 2021Date of Patent: February 7, 2023Assignee: UAB 360 ITInventor: Mindaugas Valkaitis
-
Patent number: 11533316Abstract: Systems and techniques for information-centric network namespace policy-based content delivery are described herein. A registration request may be received from a node on an information-centric network (ICN). Credentials of the node may be validated. The node may be registered with the ICN based on results of the validation. A set of content items associated with the node may be registered with the ICN. An interest packet may be received from a consumer node for a content item of the set of content items that includes an interest packet security level for the content item. Compliance of the security level of the node with the interest packet security level may be determined. The content item may be transmitted to the consumer node.Type: GrantFiled: June 27, 2019Date of Patent: December 20, 2022Assignee: Intel CorporationInventors: Ned M. Smith, Srikathyayani Srikanteswara, Ravikumar Balakrishnan, Rajesh Poornachandran, Moreno Ambrosin
-
Patent number: 11516195Abstract: To provide a terminal device that can share a session key for use in encryption communication with multiple terminal devices at a certain timing without relying on an existing server device.Type: GrantFiled: June 8, 2017Date of Patent: November 29, 2022Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATIONInventors: Yuto Kawahara, Hitoshi Fuji, Tetsutaro Kobayashi, Reo Yoshida, Tomohide Yamamoto
-
Patent number: 11500821Abstract: A client machine writes to a virtual disk on a remote storage platform. Metadata is generated and stored in replicas on different nodes of the storage platform. A modified log-structured merge tree is used to store and compact string-sorted tables of metadata. During file storage and compaction, a consistent file identification scheme is used across all metadata nodes. A fingerprint file is calculated for each SST (metadata) file on disk that includes hash values corresponding to regions of the SST file. To synchronize, the fingerprint files of two SST files are compared, and if any hash values are missing from a fingerprint file then the key-value-timestamp triplets corresponding to these missing hash values are sent to the SST file that is missing them. The SST file is compacted with the missing triplets to create a new version of the SST file. The synchronization is bi-directional as between distinct computer nodes.Type: GrantFiled: July 2, 2020Date of Patent: November 15, 2022Assignee: Commvault Systems, Inc.Inventors: Avinash Lakshman, Lasaro Camargos, Deepak Jain
-
Patent number: 11455600Abstract: One or more embodiments of techniques or systems for intelligent data presentation are provided herein. Data can be presented on similar devices having different characteristics in different manners. For example, data may be rendered in a first manner on a first device having one monitor, the same data may be rendered in a second manner on a second device having two displays or a different display size. Financial information, sales data, banking information, etc. may be presented in a variety of ways based on capabilities or properties of a device accessing the information or data. Similarly, renderings may be selected based on interaction capabilities or interaction options a user may have with different renderings or presentations. In other embodiments, user interaction with an automated teller machine (ATM), call center, vehicle, or other interface can be based on device properties or device capabilities.Type: GrantFiled: November 30, 2020Date of Patent: September 27, 2022Assignee: Wells Fargo Bank, N.A.Inventors: Stephen M. Ellis, Bipin Sahni, David Hatch, Shahid Razzaq
-
Patent number: 11455280Abstract: A client machine writes to and reads from a virtual disk on a remote storage platform. Metadata is generated and stored in replicas on different metadata nodes of the storage platform. A modified log-structured merge tree is used to store and compact string-sorted tables of metadata. During file storage and compaction, a consistent file identification scheme is used across all metadata nodes. A fingerprint file is calculated for each SST (metadata) file on disk that includes hash values corresponding to regions of the SST file. To synchronize, the fingerprint files of two SST files are compared, and if any hash values are missing from a fingerprint file then the key-value-timestamp triples corresponding to these missing hash values are sent to the SST file that is missing them. The SST file is compacted with the missing triples to create a new version of the SST file. The synchronization is bi-directional.Type: GrantFiled: July 2, 2020Date of Patent: September 27, 2022Assignee: Commvault Systems, Inc.Inventors: Avinash Lakshman, Lasaro Camargos, Deepak Jain
-
Patent number: 11451516Abstract: Systems and methods are described for implementing a device isolation service. A device isolation service creates and administers per-device virtual networks for individual computing devices, thereby isolating the computing devices from each other and limiting device-to-device communication. The device isolation service may further provide a monitored and access-controlled network that facilitates access to the isolated devices, thereby allowing “administrator” devices to access and administer devices while preventing a compromised device from seeing, probing, or compromising other devices on the network. The device isolation service may group devices by category or function, and may put devices that communicate with each other on the same virtual network while isolating other devices to different virtual networks.Type: GrantFiled: March 25, 2019Date of Patent: September 20, 2022Assignee: Amazon Technologies, Inc.Inventor: Eknath Venkataramani
-
Patent number: 11368325Abstract: Systems for communicating over a network and between two or more network connected devices. In particular, the disclosure reveals systems which may utilize multicast communication protocols to facilitate secure communication among one or more network connected devices. A system for secured messaging may include a network system including a first server, a second server and a first node. Further, the first server is configured to authenticate the first node for secure multicast messaging, and the second server is configured to authenticate the first node for secure multicast messaging.Type: GrantFiled: February 11, 2020Date of Patent: June 21, 2022Assignee: HONEYWELL INTERNATIONAL INC.Inventors: Michal Hojsik, Lukas Pohanka, Harshal Haridas
-
Patent number: 11350277Abstract: A system comprises an interface and a processor. The interface is configured to provide a request to join a publish group from a client or a point to point communication link of a lattice mesh; and receive a group key or a host public key. The processor is configured to determine whether a message has been received; in response to the message having been received, determine whether the message is to be sent on; in response to the message being determined not to be sent on, decode the message using the group key or the host public key; determine whether to store the message in a backfill database; in response to determining to store the message in the backfill database, store the message in the backfill database.Type: GrantFiled: September 16, 2020Date of Patent: May 31, 2022Assignee: Anduril Industries, Inc.Inventors: Jared Newman, Ryan Brown, Brian W. Schimpf, Palmer F. Luckey, Julian Hammerstein, Travis M. Whitaker, Jason Levin, Joseph Chen
-
Patent number: 11317284Abstract: A system comprises an interface and a processor. The interface is configured to provide a request to join a publish group from a client or a point to point communication link of a lattice mesh; and receive a group key or a host public key. The processor is configured to determine whether a message has been received; in response to the message having been received, determine whether the message is to be sent on; in response to the message being determined not to be sent on, decode the message using the group key or the host public key; determine whether to store the message in a backfill database; in response to determining to store the message in the backfill database, store the message in the backfill database.Type: GrantFiled: September 16, 2020Date of Patent: April 26, 2022Assignee: Anduril Industries, Inc.Inventors: Jared Newman, Ryan Brown, Brian W. Schimpf, Palmer F. Luckey, Julian Hammerstein, Travis M. Whitaker, Jason Levin, Joseph Chen
-
Patent number: 11303973Abstract: In a method for delivering targeted television advertisements based on online behavior, IP addresses indicating online access devices and IP addresses indicating television set-top boxes are electronically associated for a multitude of users. Using user profile information derived from online activity from one of the online access IP addresses, a television advertisement is selected, such as by using behavioral targeting or demographic information, and automatically directed to the set-top box indicated by the set-top IP address associated with that online access IP address. Preferably neither the user profile information nor the electronic association of online access and set-top box IP addresses includes personally identifiable information.Type: GrantFiled: July 10, 2020Date of Patent: April 12, 2022Assignee: INTENT IQ, LLCInventor: Roy Shkedi
-
Patent number: 11271880Abstract: A current user lifecycle phase and a desired outcome for a user for a current user lifecycle phase are identified. Messages eligible to be shown to the user are identified based upon the current user lifecycle phase for the user. From the eligible messages, particular messages can be selected for delivery to the user based upon one or more governance rules, user attributes, user activity, seasonality, and/or the desired outcome for the current user lifecycle phase for the user. The selected messages can then be shown to the user. In this manner, relevant messages can be presented to the relevant users at a relevant time.Type: GrantFiled: January 30, 2019Date of Patent: March 8, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Claire H. Sisson, Diego F. Martinez Diaz, Venkat Pradeep Chilakamarri, Meera A. Kulkarni, FNU Om Krishna, Kiran Kumar Dowluru, Philip Rueker, Vlad Riscutia, Harish Kasina
-
Patent number: 11240010Abstract: Systems and techniques are provided for random oracles in open networks. A node computing device of an open network may choose a random secret. The random secret may be a numeric or alphanumeric value. The node computing device may distribute shares of the random secret to node computing devices that are members of essential subsets for the node computing device. The node computing device may receive a share of a random secret from a second node computing device. The node computing device may be a member of an essential subset of the second node computing device. The node computing device may sign a deterministic seed message using the share of the random secret received from the second node computing device to generate a signature share. The node computing device may reveal the signature share and may receive a random value in response.Type: GrantFiled: February 15, 2019Date of Patent: February 1, 2022Assignee: Ripple Labs Inc.Inventor: Ethan Mac Brough
-
Patent number: 11233771Abstract: The present invention relates to a communication interface (200) for supporting communication between a wireless device (101, 102, 103) and a server (121) over a low power wide area network, LPWAN, comprising: an untrusted execution part (201) configured to operate in accordance with an LPWAN communication protocol stack (203) including at least one secured LPWAN protocol using cryptographic primitives; a memory (205) for storing computer code (206) and at least one cryptographic key (207, 208, 209) in an encrypted form; a trusted execution part (202) incorporating a root secret (210) for decrypting the at least one cryptographic key (207, 208, 209) from the memory (205), wherein the trusted execution part (202) is configured to execute the cryptographic primitives of the at least one secured LPWAN protocol using the decrypted cryptographic key and computer code (206) from the memory (205).Type: GrantFiled: March 2, 2017Date of Patent: January 25, 2022Assignee: ACTILTYInventor: Olivier Hersent
-
Patent number: 11212673Abstract: Techniques for secure team-based communication on existing wireless mesh networks are disclosed. In an example, a first network node receives a network encryption key from a headend system. The first network node receives a sub-group encryption key that is unique to a sub-group of nodes, a sub-group identifier, and a sub-group node list that lists the sub-group of nodes associated with the sub-group identifier. The first network node generates an application layer message for a second node of the sub-group of nodes at an application layer. The first network node encrypts the application layer message using the sub-group encryption key. The first network node generates a team packet that is addressed to a selected node and includes the encrypted application layer message and the sub-group identifier. The first network node encrypts the team packet using the network encryption key and transmits the encrypted team packet to the selected node.Type: GrantFiled: April 1, 2020Date of Patent: December 28, 2021Assignee: Landis+Gyr Innovations, Inc.Inventors: Pushpesh Kumar Deshmukh, Ashok Mahadevan, Timothy James Rutten, Michael Gerard Demeter, John Bettendorff
-
Patent number: 11196729Abstract: A method for distributing encrypted cryptographic data includes receiving, by a key service, from a first client device, a request for a first public key. The method includes transmitting, by the key service, to the first client device, the first public key. The method includes receiving, by the key service, from an access control management system, an encryption key encrypted with the first public key and a request from a second client device for access to the encryption key. The method includes decrypting, by the key service, the encrypted encryption key, with a private key corresponding to the first public key. The method includes encrypting, by the key service, the decrypted encryption key, with a second public key received from the second computing device. The method includes transmitting, by the key service, to the second client device, the encryption key encrypted with the second public key.Type: GrantFiled: May 19, 2021Date of Patent: December 7, 2021Assignee: Virtru CorporationInventor: William R. Ackerly
-
Patent number: 11184162Abstract: Privacy preserving secure task automation. A method may include generating, by a first section of a platform, a pair of encryption keys (private and shared secret keys); receiving, by a second section of the platform, platform user data, trigger service user data; and action service user data, wherein the user of the services and platform are the same; sending the shared secret key to the services; storing the private key in the first section; receiving from the trigger service, by the second section, a first communication encrypted with the shared secret key, regarding occurrence of a trigger; determining, by the first section, that the trigger corresponds to the user of the platform; encrypting a second message with the shared secret key, requesting invocation of the action based on the trigger; and transmitting the second encrypted message to the action service without the data related to the user of the platform.Type: GrantFiled: September 28, 2018Date of Patent: November 23, 2021Assignee: NORTONLIFELOCK INC.Inventors: Sandeep Bhatkar, Susanta K. Nanda, Yuqiong Sun, Saurabh Shintre
-
Patent number: 11176080Abstract: A board portal system provides the ability to manage multiple boards, where each of the boards may be a separate legal entity. The board portal may provide the ability to establish links between the multiple boards and create parent-child relationships with subsidiary boards. With the board portal, users can create content and make it viewable and accessible across multiple boards that related through a parent-child relationship. At the same time, the board portal maintains a requisite level of separation between the related boards in the portal using encryption and/or other separation techniques. As a result, the board portal facilitates flexible workflow patterns and communication processes based on the proper hierarchical structure that exists between the parent organization and its subsidiaries.Type: GrantFiled: September 25, 2020Date of Patent: November 16, 2021Assignee: NASDAQ, INC.Inventors: Bret Beresford-Wood, Christina Khail
-
Patent number: 11177952Abstract: A method for the disclosure of at least one cryptographic key used for encrypting at least one communication connection between a first communication subscriber and a second communication subscriber in which, in a publish-subscriber server, at least one of the communication subscribers logs on as a publishing unit and at least one monitoring device logs on as a subscribing unit, and in a subsequent negotiation of a cryptographic key by the publishing unit, automatically the negotiated cryptographic key is supplied from the publishing unit to the publish-subscribe server, the negotiated cryptographic key is transmitted from the publish-subscribe server to the at least one subscribing unit, and the encrypted communication connection from the subscribing unit is decrypted using the cryptographic key is provided. The following also relates to a corresponding system.Type: GrantFiled: January 16, 2019Date of Patent: November 16, 2021Assignee: SIEMENS AKTIENGESELLSCHAFTInventors: Steffen Fries, Rainer Falk
-
Patent number: 11171940Abstract: In some examples, a robot middleware system including a first robot middleware node, a second robot middleware node, and one or more secure encrypted type-enforced context message between the first robot middleware node and the second robot middleware node.Type: GrantFiled: March 30, 2018Date of Patent: November 9, 2021Assignee: Intel CorporationInventors: Ned M. Smith, Gregory Burns
-
Patent number: 11171778Abstract: An objective is to enable conversion of a key sharing scheme having asymmetricity into a key sharing scheme with an authentication function. In a key sharing device, a key selection unit selects, out of two static keys of different classifications, one static key being different from a static key of a key-sharing counterpart. A temporary key generation unit generates a temporary key of the same classification as the static key selected by the key selection unit. A shared key generation unit generates a shared key using the static key selected by the key selection unit and a temporary key generated by the counterpart.Type: GrantFiled: June 4, 2018Date of Patent: November 9, 2021Assignee: MITSUBISHI ELECTRIC CORPORATIONInventors: Katsuyuki Takashima, Atsushi Fujioka
-
Patent number: 11133932Abstract: A method includes: initiating a data channel over a networked gaming service, including generating a channel key, the channel key being used to encrypt content communicated over the data channel, and generating a first encrypted channel key by encrypting the channel key with a public key associated to an owner of the data channel; adding a participant to the data channel, including generating a second encrypted channel key by encrypting the channel key with a public key associated to the participant; wherein a message sent via the data channel includes encrypted content generated by using the channel key to encrypt content for the message, and further includes the first encrypted channel key and the second encrypted channel key.Type: GrantFiled: December 20, 2018Date of Patent: September 28, 2021Assignee: Sony Interactive Entertainment LLCInventor: Bryan Cotta
-
Patent number: 11108830Abstract: In some aspects, the disclosure is directed to methods and systems for providing coordinative security among network devices across multi-level networks. Shared cryptographic secrets among the network devices are used as the basis for mutual security authentication and peering among these devices. The cryptographic secrets can be embedded in the SoC devices for these devices or dynamically generated based on unique identification information and attributes of these SoC devices. The messages for authentication and peering can be communicated directly among the network devices or indirectly via a cloud security portal entity that acts as a messaging proxy. The mutual authentication and peering process can be carried out coordinately among the network devices and a cloud security portal in a one-to-one mesh relationship, or in a transitive layering relationship, where each network entity authenticates and peers with its direct subordinates in a multi-level network.Type: GrantFiled: July 30, 2018Date of Patent: August 31, 2021Assignee: Avago Technologies International Sales Pte. LimitedInventors: Yong Li, Xuemin Chen, Weimin Zhang, Victor Liang, Binfan Liu
-
Patent number: 11102193Abstract: A method by a management server is described. The method includes receiving a credentials request from a requesting management node. The credentials request includes a public key of the requesting management node. The method also includes determining whether the management server has credentials encrypted for the requesting management node in a local cache. The credentials are encrypted using the public key of the requesting management node and cannot be decrypted by the management server. The method further includes sending the encrypted credentials to the requesting management node when the management server has the encrypted credentials. The requesting management node can decrypt the encrypted credentials using a private key.Type: GrantFiled: February 27, 2019Date of Patent: August 24, 2021Assignee: Ivanti, Inc.Inventors: Mark Tempel, Andrew Moravec
-
Patent number: 11068574Abstract: Systems and techniques are described for authenticating a user. A described technique includes receiving, by an identity management application running on a user computer, a request to authenticate a user to access a user application using the user computer. The technique includes determining, by the identity management application, that a mobile device associated with the user is connected to the user computer using a short distance wireless connection. The technique includes requesting, by the identity management application running on the user computer, authentication information for the user from the mobile device over the short distance wireless connection. The technique includes receiving, by the identity management application running on the user computer, the authentication information for the user from the mobile device over the short distance wireless connection.Type: GrantFiled: May 17, 2019Date of Patent: July 20, 2021Assignee: VMware, Inc.Inventors: Abhishek Soni, Lakshman Rao Abburi
-
Patent number: 11057361Abstract: A computer program product and a system comprising: a cluster of Secure Execution Platforms (SEPs) having connectivity to a data storage, each SEP of said cluster is configured to maintain, using a key, confidentiality of data while processing thereof; the key is shared among the SEPs of said cluster, the key is automatically generated by the cluster or portion thereof and is unavailable to any non-cluster entity; the data storage retains encrypted data that is encrypted using the key; a first SEP of the cluster is configured to encrypt client data using the key to obtain encrypted client data and store the encrypted client data in the data storage; and a second SEP of the cluster is configured to retrieve encrypted stored data from the data storage, decrypt the encrypted stored data using the key to obtain non-encrypted form of the encrypted stored data.Type: GrantFiled: October 17, 2019Date of Patent: July 6, 2021Assignee: International Business Machines CorporationInventors: Danny Harnik, Moshik Hershcovitch, Paula Ta-Shma, Yaron Weinsberg
-
Patent number: 11032712Abstract: A method for carrying out data integrity protection on a communication network. According to an implementation, a wireless communication device indicates, to a wireless network, the maximum data rate up to which integrity protection is supported for user plane data. A network node (e.g., a node of the core network, such as an SMF) receives this information and determines whether or not to enable integrity protection for user plane data based on the information (possibly in conjunction with other information such as the minimum data rate to be supported, etc.). The network node then communicates the decision to enable or disable integrity protection to a RAN node (e.g., a wireless base station).Type: GrantFiled: May 15, 2020Date of Patent: June 8, 2021Assignee: ZTE CorporationInventors: Eswar Kalyan Vutukuri, He Huang
-
Patent number: 10979404Abstract: Methods and systems for providing fast random access and/or inspection of records within an encrypted communication session are presented. The encrypted communication session may include encrypted records that were encrypted using rotating encryption keys. A key index is generated for the encrypted communication session. The key index includes the encryption keys used during the encrypted communication session and timestamps associated with the encryption keys. To access a particular record within the encrypted communication session, a particular encryption key is selected from the encryption keys stored in the key index. The particular record is decrypted using the selected encryption key.Type: GrantFiled: March 29, 2018Date of Patent: April 13, 2021Assignee: PayPal, Inc.Inventors: Hubert Le Van Gong, Michael Shiwen Thang
-
Patent number: 10938547Abstract: A method for providing encrypted data on a client, a cloud or the like includes, providing, for each user, a user-specific encryption key for encrypting user-specific plaintext. A common decryption key is computed with a pre-determined f netion using the user-specific encryption keys as input for the function, The function is a polysized function supporting poly-many additions and a single multiplication. Each user-specific plaintext is encrypted with the corresponding user-specific encryption key resulting in user-specific ciphertexts, The encrypting is performed such that encryption is homomorphic in the user-specific plaintext as well in the user-specific encryption keys. A. common ciphertext is computed with the function using the user-specific ciphertexts as input for the function. The common ciphertext and the common decryption key are provided for decryption.Type: GrantFiled: January 12, 2015Date of Patent: March 2, 2021Assignee: NEC CORPORATIONInventor: Sebastian Gajek
-
Patent number: 10917440Abstract: The present disclosure relates to a communication server and a method for secured transmission of messages from an enterprise server to a telecom server for delivering to end users. The enterprise server comprises a first gateway hosted therein to encrypt and transmit the encrypted messages to the communication server. The communication server receives and pushes the encrypted messages to the end users through the telecom server. The telecom server comprises a second gateway hosted therein to retrieve the push messages and to determine capability of decryption at user devices.Type: GrantFiled: August 11, 2020Date of Patent: February 9, 2021Assignee: Tanla Digital Labs Private LimitedInventor: Konda Venkata Papi Reddy
-
Patent number: 10887730Abstract: An apparatus, circuit, and method for controlling a service access in a packet data communication system are provided. The method includes broadcasting information related to whether a service access to a specific service is possible.Type: GrantFiled: December 16, 2013Date of Patent: January 5, 2021Assignee: Samsung Electronics Co., Ltd.Inventors: Il-Kwon Yun, Min-Suk Ko, Yong-Duk Lim, Kyeong-In Jeong
-
Patent number: 10873857Abstract: Dynamic wireless link security can be used to connect a wireless computing device to a wireless network. A determination is made as to the minimum level of security required and a wireless communication channel corresponding to that level of security is selected from among multiple, available wireless communication channels with varying levels of security. At least one of the wireless communication channels is an unencrypted channel with access control, which can be used when information is already encrypted or when encryption is not needed due to low sensitivity of the information. The determination can be made with user input or by inspecting metadata in content to be sent over the wireless link.Type: GrantFiled: May 31, 2018Date of Patent: December 22, 2020Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Sheldon Meredith, William Cottrill, Brandon Hilliard
-
Patent number: 10831697Abstract: A board portal system provides the ability to manage multiple boards, where each of the boards may be a separate legal entity. The board portal may provide the ability to establish links between the multiple boards and create parent-child relationships with subsidiary boards. With the board portal, users can create content and make it viewable and accessible across multiple boards that related through a parent-child relationship. At the same time, the board portal maintains a requisite level of separation between the related boards in the portal using encryption and/or other separation techniques. As a result, the board portal facilitates flexible workflow patterns and communication processes based on the proper hierarchical structure that exists between the parent organization and its subsidiaries.Type: GrantFiled: November 14, 2019Date of Patent: November 10, 2020Assignee: NASDAQ, INC.Inventors: Bret Beresford-Wood, Christina KHAIL