Particular Communication Authentication Technique Patents (Class 713/168)
  • Patent number: 11929977
    Abstract: A communication system includes a user plane function (UPF) configured to receive a domain name system (DNS) query from a user equipment (UE). The DNS query includes a first destination address of a first DNS server. The DNS query is for determining an address of a data server in proximity to the UE. According to the first destination address of the first DNS server, the UPF obtains, from a session management function (SMF), a second destination address of a second DNS server for providing the address of the data server. The SMF is configured to provide, to the UPF, the second destination address of a second DNS server.
    Type: Grant
    Filed: December 31, 2021
    Date of Patent: March 12, 2024
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventor: Ngoc Dung Dao
  • Patent number: 11928217
    Abstract: An apparatus comprising: a unit configured to verify whether a first region that specifies a verification range of a first boot code and a second region that specifies a verification range of a second boot code have been altered; a unit configured to, when the first region has not been altered, verify whether the first boot code has been altered; a unit configured to, when the first boot code has been altered and the second region has not been altered, verify whether the second boot code has been altered; and a unit configured to, when the second boot code has not been altered, restore the first boot code using the second boot code, wherein the first and second regions are regions that are not rewritten after a start of the apparatus.
    Type: Grant
    Filed: November 17, 2021
    Date of Patent: March 12, 2024
    Assignee: Canon Kabushiki Kaisha
    Inventors: Takami Eguchi, Nobuhiro Tagashira, Ayuta Kawazu
  • Patent number: 11930105
    Abstract: Systems, apparatuses, methods, and computer program products are disclosed for securing communications between devices. An example method includes obtaining a quantum random number (QRN) from a remote QRN source using a secure communication channel between the initiating device and the remote QRN source. The QRN may be a true random number. The example method may also include using the QRN to participate in computer implemented services with the participating device that received the QRN from the remote QRN source.
    Type: Grant
    Filed: October 21, 2021
    Date of Patent: March 12, 2024
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Jeff J. Stapleton, Peter Bordow
  • Patent number: 11930104
    Abstract: In a method of generating a secret key according to an embodiment, a share of each of a user and a plurality of other users for a secret key of the user are generated, the share of each of the plurality of other users is provided to a user terminal of each of the plurality of other users, a share of the user for a secret key of each of the plurality of other users is received from the user terminal of each of the plurality of other users, and a new secret key of the user is generated using the share of the user for the secret key of the user and the shares of the user for the secret key of each of the plurality of other users.
    Type: Grant
    Filed: March 23, 2023
    Date of Patent: March 12, 2024
    Assignees: SAMSUNG SDS CO., LTD., SEOUL NATIONAL UNIVERSITY R&DB FOUNDATION
    Inventors: Eunkyung Kim, Hyo Jin Yoon, Jung Hee Cheon, Jinhyuck Jeong
  • Patent number: 11928157
    Abstract: A constraint system enforces projection constraints on data values stored in specified columns of a shared dataset when queries are received by a database system. A projection constraint identifies that the data in a column may be restricted from being projected (e.g., presented, read, outputted) in an output to a received query, while allowing specified operations to be performed on the data and a corresponding output to be provided. For example, the projection constraint may indicate a context for a query that triggers the constraint, such as based on the user that submitted the query. Enforcing projection constraints on queries received at the database system allows for data to be shared and used anonymously by entities to perform various operations without the need to tokenize the data.
    Type: Grant
    Filed: September 23, 2022
    Date of Patent: March 12, 2024
    Assignee: Snowflake Inc.
    Inventors: Khalid Zaman Bijon, Thierry Cruanes, Simon Holm Jensen, Allison Waingold Lee, Daniel N. Meredith, Subramanian Muralidhar, David Schultz, Zixi Zhang
  • Patent number: 11928188
    Abstract: A machine has a network interface circuit to provide connectivity to networked machines. A processor is connected to the network interface circuit. A memory is connected to the processor and the network interface circuit. The memory stores instructions executed by the processor to record the purchase of a digital asset by a user at a client machine from a data source machine in network communication with the client machine. The location of the digital asset on one or more machines of the networked machines is archived. The location is separate from the data source machine. The digital asset is associated with a data access policy. A request for the digital asset is received. The data access policy is enforced through programmatic control utilized by one or more of the networked machines to form a consent state. Distribution of the digital asset to a networked machine is authorized in response to the consent state.
    Type: Grant
    Filed: November 19, 2021
    Date of Patent: March 12, 2024
    Assignee: Anonyome Labs, Inc.
    Inventors: Steven Harvey McCown, Paul Ashley, Neil Readshaw, John David Mumford, Tim Bartley
  • Patent number: 11928680
    Abstract: Certain exemplary embodiments relate to techniques for processing PIN-inclusive transactions in connection with an electronic device or terminal, e.g., where PIN code encryption keys are not necessarily stored on the electronic device or terminal, and/or where payment instrument data is maintained in a separate system from PIN code data at least until certain elements are combined in a highly secure system for submission to an electronic funds transfer network. One or more separate or physically separated systems may be used in this regard, e.g., taking advantage of more prevalent computer networks such as the Internet. Similarly, the ability to provide less expensive terminals or electronic devices at a point-of-sale, point-of-purchase, etc., may be advantageous. The interchange rate is not necessarily driven up in certain example instances.
    Type: Grant
    Filed: July 18, 2022
    Date of Patent: March 12, 2024
    Assignee: TOUCHTUNES MUSIC COMPANY, LLC
    Inventor: Robert R. Dykes
  • Patent number: 11930069
    Abstract: Techniques for determining whether HTTP/2 or HTTP/3 is a preferred protocol for communication between a client device and a server over a network are described. A change associated with a network interface of a client device is detected. Based at least in part on detecting the change, a determination is made to identify a preferred communication protocol for a network over which the client device communicates using the network interface. A HTTP/2 probe is transmitted over the network and to a server. A HTTP/3 probe is transmitted over the network and to the server. In response to not receiving a HTTP/3 probe response, the preferred communication protocol is determined to be HTTP/2. In response to receiving the HTTP/2 probe response and the HTTP/3 probe response, the preferred communication protocol is determined to be HTTP/3. The client device communicates with the server over the network using the preferred communication protocol.
    Type: Grant
    Filed: February 28, 2023
    Date of Patent: March 12, 2024
    Assignee: Cisco Technology, Inc.
    Inventor: Vincent E. Parla
  • Patent number: 11930364
    Abstract: A method, apparatus, and system are provided for verifying a location of data stored on at least one storage device within at least one cell area served by at least one network node of a wireless communication network. In one embodiment, a location assurance gateway is provided with a communication interface and processing circuitry, the processing circuitry configured to cause the communication interface to communicate with the at least one network node of the wireless communication network for location information associated with the at least one cell area, the location information associated with the at least one cell area being used to verify a location of the data stored on the at least one storage device.
    Type: Grant
    Filed: February 5, 2018
    Date of Patent: March 12, 2024
    Assignee: Telefonaktiebolaget LM Ericsson (Publ)
    Inventor: Bate Jellema
  • Patent number: 11928748
    Abstract: An apparatus and method for scannable non-fungible token generation, the apparatus including at least a processor and a memory communicatively connected to the processor. The memory containing instructions configuring the processor to receive a creative work datum, determine a creative work class as a function of the creative work datum, generate a creative work token as a function of the creative work datum, and store the creative work token in an immutable sequential listing, where storing the creative work token includes generating a smart contract associated with the creative work datum, the smart contract also including the creative work class. The processor further configured to generate a machine-readable code as a function of the creative work token and the creative work class and transmit the machine-readable code to an output device.
    Type: Grant
    Filed: September 28, 2022
    Date of Patent: March 12, 2024
    Assignee: BLOCKCHAIN LIFE, LLC
    Inventor: Kary Oberbrunner
  • Patent number: 11923887
    Abstract: Systems, devices, and techniques for allowing communication between two or more computing devices are described herein. For example, a method includes receiving, by a first computing device configured to operate in accordance with a first wireless protocol, one or more data packets via one or more signals output by a second computing device according to a second wireless protocol, where the first computing device is not configured to operate in accordance with the second wireless protocol. Additionally, or alternatively, a method includes receiving, by a first computing device configured to operate in accordance with a first wireless protocol, at least one signal including a data packet, wherein a payload of the data packet comprises an indication of a symbol defined in accordance with a second wireless protocol.
    Type: Grant
    Filed: October 25, 2019
    Date of Patent: March 5, 2024
    Assignee: Regents of the University of Minnesota
    Inventors: Tian He, Wenchao Jiang, Ruofeng Liu
  • Patent number: 11924636
    Abstract: Aspects of the present disclosure involve systems, methods, devices, and the like for user authentication. In one embodiment, the user authentication occurs using a multi-provider platform. The multi-provider platform enables the use and retrieval of user information from the given provider for the use and assessment of information associated with the user. User information may also be received over a web link communicated at least in part by a risk checkpoint component to a user device, wherein the user information received and that retrieved may be jointly used for determining user authentication.
    Type: Grant
    Filed: February 6, 2023
    Date of Patent: March 5, 2024
    Assignee: PAYPAL, INC.
    Inventor: Rahul Nair
  • Patent number: 11924330
    Abstract: Various aspects of the subject technology relate to systems, methods, and machine-readable media for providing an encryption key exchange. Various aspects may include identifying a database of cryptographic keys configured for encryption. Aspects may also include sending a request for a private key for decryption of content. Aspects may also include receiving the private key from a client. Aspects may also include determining a visibility parameter for content posts of the content based on the private key and database. Aspect may include providing the content posts to the client at a visibility according to the visibility parameter.
    Type: Grant
    Filed: April 14, 2022
    Date of Patent: March 5, 2024
    Assignee: Meta Platforms Technologies, LLC
    Inventor: Andrew Garrod Bosworth
  • Patent number: 11921477
    Abstract: Embodiments provided herein relate to enforcing a device restriction policy. A device restriction policy may be stored that maps one or more portions of a household with particular household occupants of a plurality of household occupants. A request may be received to activate the device restriction policy on a household occupant. The device restriction policy may be activated against the household occupant based on the received request. One or more electronic devices may be disabled that are located in a portion of the household linked with the household occupant based on the received request and the device restriction policy.
    Type: Grant
    Filed: December 17, 2021
    Date of Patent: March 5, 2024
    Assignee: Google LLC
    Inventors: Anthony M. Fadell, Yoky Matsuoka, David Sloo, Maxime Veron
  • Patent number: 11924043
    Abstract: Systems, methods, and computer-readable media for assessing reliability and trustworthiness of devices operating within a network. A recipient node in a network environment can receive a neighbor discovery (ND) message from an originating node in the network environment that are both implementing a neighbor discovery protocol. Trustworthiness of the originating node can be verified by identifying a level of trust of the originating node based on attestation information for the originating node included in the ND message received at the recipient node. Connectivity with the recipient node through the network environment can be managed based on the level of trust of the originating node identified from the attestation information included in the ND message.
    Type: Grant
    Filed: November 2, 2021
    Date of Patent: March 5, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Sujal Sheth, Shwetha Subray Bhandari, Eric Voit, William F. Sulzen, Frank Brockners
  • Patent number: 11922404
    Abstract: Payment methods and systems for processing a payment using a Central Bank Digital Currency (CBDC) without a double payment in an offline situation (e.g., in a situation in which a terminal of a user is unable to be connected) to a server through a network may be provided.
    Type: Grant
    Filed: August 24, 2021
    Date of Patent: March 5, 2024
    Assignee: LINE PLUS CORPORATION
    Inventors: Hongsup So, Inseon Ryu, Hwang Wook Kim, Cheol Ung Lee
  • Patent number: 11924358
    Abstract: This application provides a method for issuing a digital certificate performed by a digital certificate issuing center that includes a public-private key generation module and an authentication module. The method includes: receiving a public-private key request from a node in a blockchain network; generating a public key and a private key of the node by using the public-private key generation module, and transmitting the public and private keys to the node; receiving the public key of the node and registration information of the node, and authenticating the registration information by using the authentication module; and generating, in accordance with a determination that the authentication succeeds, a digital certificate of the node by using the authentication module, and transmitting the digital certificate to the node. The embodiments of this application can improve the probative value of an issued digital certificate, thereby improving the security of data exchange in a blockchain network.
    Type: Grant
    Filed: February 9, 2021
    Date of Patent: March 5, 2024
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventors: Jun Zang, Jianjun Zhang, Luohai Zheng, Junjie Shi, Hujia Chen, Zichao Tang, Yige Cai, Qing Qin, Chuanbing Dai, Hu Lan, Jinlong Chen
  • Patent number: 11924236
    Abstract: In a general aspect, risks associated with cryptography usage in network communication between computing nodes are identified. In some aspects, a network packet capture agent obtains cryptography usage data by examining network traffic communicated by computing nodes in the computing environment. A cryptography usage analysis agent identifies cryptography usage risks based on the cryptography usage data. A cryptographic risk identification agent identifies one or more applications associated with the cryptography usage risks.
    Type: Grant
    Filed: September 5, 2023
    Date of Patent: March 5, 2024
    Assignee: ISARA Corporation
    Inventors: Justin Mathews, Rob Williams, Atsushi Yamada
  • Patent number: 11924631
    Abstract: A Bluetooth communication system includes: a Bluetooth host device; and a Bluetooth device set which including a first member device and a second member device. The Bluetooth host device controls a display device to display a candidate device list, and to display a single device item in the candidate device list to represent the Bluetooth device set, but does not simultaneously display two device items in the candidate device list to represent the first member device and the second member device. The Bluetooth host device generates a first cypher key according to an instruction from the first member device and a device information of the first member device after receiving a selection command. The first member device establishes a connection with the Bluetooth host device, and generates a second cypher key corresponding to the first cypher key according to a device information of the Bluetooth host device.
    Type: Grant
    Filed: January 10, 2022
    Date of Patent: March 5, 2024
    Assignee: Realtek Semiconductor Corp.
    Inventors: Yu Hsuan Liu, Yung Chieh Lin, Po Sheng Chiu
  • Patent number: 11916884
    Abstract: The present disclosure discloses a vehicle and a vehicle security control method and system based on an open platform. The open platform includes a software development kit in which a control protocol is encapsulated, the software development kit provides an API function interface, and the method includes: receiving a call request from a third-party device for a target API function interface of the open platform; converting the call request by using the software development kit to generate a control signal that meets a requirement of the control protocol and that is used for controlling a first vehicle component in a vehicle; and transmitting the control signal to a security gateway through a first bus, to enable the security gateway to perform protocol conversion on the control signal, and transmitting the control signal to an in-vehicle network to control the first vehicle component in the vehicle.
    Type: Grant
    Filed: April 18, 2019
    Date of Patent: February 27, 2024
    Assignee: BYD COMPANY LIMITED
    Inventors: Chaolin Hu, Hong Yao, Lihua Wu
  • Patent number: 11916905
    Abstract: A native application on a client computing device enables secure user authentication via an identity provider (IdP) for accessing services of a web service provider. The native application forwards a redirect request generated by a main gateway of the service provider and including an IdP uniform resource locator (URL) to a system browser of the client computing device. The redirect request directs the system browser to a broker gateway of the service provider that registers an authentication response handler and redirects the system browser to the IdP URL to enable a user of the native client computing device to authenticate. After the broker gateway receives an IdP authentication response from the IdP following authentication by the user, the broker gateway provides the IdP authentication response to the native application for providing back to the main gateway. The main gateway finally processes the authentication response to complete the authentication request.
    Type: Grant
    Filed: December 24, 2022
    Date of Patent: February 27, 2024
    Assignee: INDUCTIVE AUTOMATION, LLC
    Inventors: Joel Specht, Matthew Rojas
  • Patent number: 11916893
    Abstract: A module with an embedded universal integrated circuit card (eUICC) can include a profile for the eUICC. The profile can include a first and second shared secret key K for authenticating with a wireless network. The first shared secret key K can be encrypted with a first key, and the second shared secret key K can be encrypted with a second key. The module can (i) receive the first key, (ii) decrypt the first shared secret key K with the first key, and (iii) subsequently authenticate with the wireless network using the plaintext first shared secret key K. The wireless network can authenticate the user of the module using a second factor. The module can then (i) receive the second key, (ii) decrypt the second shared secret key K, and (iii) authenticate with the wireless network using the second shared secret key K. The module can comprise a mobile phone.
    Type: Grant
    Filed: December 10, 2021
    Date of Patent: February 27, 2024
    Assignee: Network-1 Technologies, Inc.
    Inventor: John A. Nix
  • Patent number: 11916957
    Abstract: A technique to stop lateral movement of ransomware between endpoints in a VLAN is disclosed. A security appliance is set as the default gateway for intra-LAN communication by overwriting the DHCP responses. Message traffic from compromised endpoints is detected. Attributes of ransomware may be detected in the message traffic, as well as attempts to circumvent the security appliance. Compromised devices may be quarantined. Additionally, the DHCP address assignment may be policed to ensure accuracy and correctness to provide an additional layer of security.
    Type: Grant
    Filed: December 9, 2022
    Date of Patent: February 27, 2024
    Assignee: AIRGAP NETWORKS INC.
    Inventors: Raymond Wing Chon Cheh, Chia Chi Cheng, Satish M. Mohan, Ritesh R. Agrawal, Vinay Adavi
  • Patent number: 11917063
    Abstract: Some embodiments are directed to a second cryptographic device (20) and a first cryptographic device (10). The first and second cryptographic devices may be configured to transfer a key seed. The key seed may be protected using a public key from one party and a private key from the other party. For example, a public key may be obtained from a private key through a noisy multiplication. At least one of the first and second cryptographic device may validate an obtained public key, e.g., to avoid leakage of the key seed or of a private key.
    Type: Grant
    Filed: December 24, 2020
    Date of Patent: February 27, 2024
    Assignee: Koninklijke Philips N.V.
    Inventors: Oscar Garcia Morchon, Paulus Mathias Hubertus Mechtildis Antonius Gorissen, Ludovicus Marinus Gerardus Maria Tolhuizen
  • Patent number: 11916744
    Abstract: A technique for replacing a source Virtualized Network Function Manager, VNFM, managing a source Virtualized Network Function, VNF, in a VNF based environment by a target VNFM is disclosed. A method implementation of the technique comprises the steps of triggering (S302) instantiating a target VNF, the target VNF being managed by the target VNFM and being executed in parallel to the source VNF, triggering (S304) redirecting traffic from the source VNF to the target VNF in accordance with a traffic redirection schedule, triggering (S306) terminating the source VNF when redirecting traffic from the source VNF to the target VNF is complete, and triggering (S308) terminating the source VNFM.
    Type: Grant
    Filed: November 25, 2020
    Date of Patent: February 27, 2024
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventor: Maria Toeroe
  • Patent number: 11914683
    Abstract: Embodiments of systems and computer implemented methods are provided to transfer software licenses and entitlements associated with a user account from a first information handling system (IHS) to a second IHS. A computer implemented method in accordance with the present disclosure may generally include executing an entitlement management service to reassign the software licenses and entitlements associated with the user account to the second IHS, executing at least one local validation service on the second IHS to validate the second IHS and the user's workspace, and if the second IHS and the user's workspace is successfully validated by the at least one local validation service, executing one or more cloud-based orchestration services to verify the user account, determine which software licenses and entitlements are associated with the user account, and acquire and validate the software licenses and entitlements before transferring the software licenses and entitlements to the second IHS.
    Type: Grant
    Filed: August 4, 2021
    Date of Patent: February 27, 2024
    Assignee: Dell Products L.P.
    Inventors: Anantha K. Boyapalle, Charles D. Robison, Vaibhav Soni
  • Patent number: 11917406
    Abstract: A communication apparatus accepts an input of a passphrase by a user operation, sets an authentication scheme based on a passphrase length of the passphrase, and performs wireless connection with a partner apparatus using the set authentication scheme, wherein (i) in a case where the passphrase length is within a predetermined range, an authentication scheme of any of WPA (Wi-Fi Protected Access), WPA2, and WPA3, or a combination of at least two of WPA, WPA2, or WPA3, is set, and (ii) otherwise, an authentication scheme of WPA3 is set.
    Type: Grant
    Filed: May 7, 2021
    Date of Patent: February 27, 2024
    Assignee: Canon Kabushiki Kaisha
    Inventor: Yuki Fujimori
  • Patent number: 11917048
    Abstract: A method which is obtained specifically by output oriented coding, making possible the maximum selection of encryption parameters used for encryption by systems using OpenSSL, however without compromising the integrity of the encryption by autogenerating some Attributes thereby making possible row wise encryption in a database and encoding (if encoding is required) on the database side. The method has to satisfy the conditions/restrictions mentioned herein [0054]. This Invention is related to today's information technology and communicating methodology where encryptions and encodings are being used. The present invention can be described as software that enables a method of encryption acting as an Enhanced security feature or a technique which will enable users to manually or automatically select encryption parameters thereby encrypting and securing data.
    Type: Grant
    Filed: October 25, 2018
    Date of Patent: February 27, 2024
    Inventor: Venkata Raghu Veera Mallidi
  • Patent number: 11917073
    Abstract: A message authentication code, for a message transmitted and received over a communications network, is formed by applying inputs to an integrity algorithm acting on the message. The inputs comprise: an integrity key; a value indicating a transfer direction; and a frame-dependent integrity input, wherein the frame-dependent integrity input is a frame-dependent modulo count value that also depends on a random value and on a frame-specific sequence number.
    Type: Grant
    Filed: March 29, 2022
    Date of Patent: February 27, 2024
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Vesa Torvinen, Noamen Ben Henda, Qian Chen, Vesa Lehtovirta, Mats Näslund, Karl Norrman, Gang Ren, Mikael Wass, Monica Wifvesson
  • Patent number: 11914756
    Abstract: Systems, apparatuses, and methods related to a computer system having a processor and a main memory storing scrambled data are described. The processor may have a cache, a register, an execution unit, and an unscrambler. The processor can load the scrambled data into the cache; and the unscrambler may convert the scrambled data into unscrambled data just in time for the register or the execution unit during instruction execution. The unscrambled data can be an instruction, an address, or an operand of an instruction. Unscrambling can be performed just before loading the data item in a scrambled form from the cache into the register in an unscrambled form, or after the data item leaves the register in the scrambled form as input to the execution unit in the unscrambled form. The unscrambled data and the scrambled data may have the same set of bits arranged in different orders.
    Type: Grant
    Filed: July 22, 2021
    Date of Patent: February 27, 2024
    Assignee: Micron Technology, Inc.
    Inventor: Steven Jeffrey Wallach
  • Patent number: 11909727
    Abstract: An Internet-connected device, such as a car, refrigerator, or even a laptop can use a second device, such as a cell phone, to support cryptographic operations and communication with token service providers or other processing services requiring pre-provisioned capabilities that may include cryptographic secrets. By removing the need to store personally sensitive data in “Internet of Things” (IoT) devices, a user's personal information and other sensitive financial information may be contained to a relatively small number of devices. This may help prevent theft of goods or services by IoT devices that are not always under the close control of the user.
    Type: Grant
    Filed: August 31, 2022
    Date of Patent: February 20, 2024
    Assignee: Visa International Service Association
    Inventors: Hari Krishna Annam, Mohit Gupta, Soumendra Bhattacharya
  • Patent number: 11907939
    Abstract: The present disclosure involves a method for grouping non-fungible digital tokens. The method includes generating a first transaction on a blockchain having an output of a fungible digital token, with the fungible digital token having a first transaction hash identifier. The method further includes assigning the first transaction hash identifier associated with the fungible digital token with a cryptographic public key, and generating a second transaction on the blockchain having an output of a non-fungible digital token and an input. The fungible digital token is spent as the input into the second transaction, with the non-fungible digital token comprising a second transaction hash identifier and a group identifier associated with the first transaction hash identifier.
    Type: Grant
    Filed: August 6, 2021
    Date of Patent: February 20, 2024
    Inventor: James Cramer
  • Patent number: 11909872
    Abstract: Systems and methods are provided for quantum-resistant secure key distribution between a peer and an EAP authenticator by using an authentication server. The systems and methods include receiving requests for a COMMON-SEED and a quantum-safe public key from a peer and an EAP authenticator. The COMMON-SEED is encrypted using the quantum-safe public key of the peer and the quantum-safe public key of the EAP authenticator, and the encrypted COMMON-SEED is sent to the peer along with a request for a PPK_ID from the peer to complete authentication of the peer. The PPK_ID is received from the peer, and the encrypted COMMON-SEED and PPK_ID is sent to the EAP authenticator. A quantum-resistant secure channel is established between the peer and the EAP authenticator when the peer and the EAP authenticator share the same COMMON-SEED and the same PPK-ID.
    Type: Grant
    Filed: November 10, 2022
    Date of Patent: February 20, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Amjad Inamdar, Lionel Florit, Eric Voit, Sujal Sheth, Chennakesava Reddy Gaddam
  • Patent number: 11909889
    Abstract: A public-private key cryptographic scheme is described for granting authenticating a client to a remote device or service in order to access a secure resource. The client is provided the public key, but the private key is stored in a hardware security module (HSM) that the client is not able to access. The client requests a digital signature be generated from the private key from a secure vault service. The secure vault service accesses the HSM and generates the digital certificate, which is then passed to the client. The digital certificate may be added to a security token request submitted to an identity provider. The identity provider determines whether the digital signature came from the private key.
    Type: Grant
    Filed: May 9, 2022
    Date of Patent: February 20, 2024
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Mayukh Ray, Tolga Acar, Timothy Michael Peters
  • Patent number: 11910194
    Abstract: A method of authenticating a secondary communication device based on authentication of a primary mobile communication device is disclosed. Trust is established with the primary mobile communication device by a device authentication server (DAS). The DAS receives an authorization code request from a secondary application operating on the secondary communication device, and transmits an authorization code to the secondary communication device. The DAS receives the authorization code from a primary application operating on the primary mobile communication device. The DAS authorizes the secondary application based on the trust with the primary mobile communication device and the authorization code from the primary application. The DAS transmits a secondary token to the secondary application at the secondary communication device to allow initialization of a communication session from the secondary application on behalf of the primary mobile communication device.
    Type: Grant
    Filed: December 21, 2022
    Date of Patent: February 20, 2024
    Assignee: T-Mobile Innovations LLC
    Inventors: Ricky A. Hohler, Robin D. Katzer, Deepthi Kota, Brian D. Mauer
  • Patent number: 11902439
    Abstract: Techniques are presented relating to security of blockchain transactions that transfer digital assets or entities from one resource to another. Techniques provide a computer-implemented method for improving the security, anonymity and/or control of a value-mixing blockchain transaction having a plurality of participating nodes, each node having a respective output address to which the transaction is to allocate value. The method includes encrypting by a node its output address using that node's public key, adding the encrypted output address to a set of output addresses for the transaction, shuffling the order of the encrypted output addresses in the set. Each participating node identifies its encrypted output address in the set, and replaces its encrypted output address with its unencrypted output address. The result is a shuffled set of output addresses that cannot be linked to a particular input. with its unencrypted output address.
    Type: Grant
    Filed: March 2, 2018
    Date of Patent: February 13, 2024
    Assignee: nChain Licensing AG
    Inventors: Daniel Joseph, Craig Steven Wright
  • Patent number: 11902413
    Abstract: Provided are methods and systems for performing a secure machine learning analysis over an instance of data. An example method includes acquiring, by a client, a homomorphic encryption scheme, and at least one machine learning model data structure. The method further includes generating, using the encryption scheme, at least one homomorphically encrypted data structure, and sending the encrypted data structure to at least one server. The method includes executing a machine learning model, by the at least one server based on the encrypted data structure to obtain an encrypted result. The method further includes sending, by the server, the encrypted result to the client where the encrypted result is decrypted. The machine learning model includes neural networks and decision trees.
    Type: Grant
    Filed: September 13, 2021
    Date of Patent: February 13, 2024
    Assignee: Enveil, Inc.
    Inventors: Ellison Anne Williams, Ryan Carr
  • Patent number: 11899516
    Abstract: Introduced herein is a computer-implemented system for creating a digital twin of an electrical system using auto-discovery techniques. The system receives power data from meters in an electrical system. For each meter, the system captures a power profile related to a component connected to the meter and creates a set of delta data representing change in power over time. The system detects correlated changes by comparing the sets of delta data and generates a system dataset by combining the sets of delta data. The system detects echoes of power fluctuations of the electrical system from the system dataset. The system creates a digital twin of the electrical system, where the digital twin includes a one-line diagram representing connections between components in the electrical system.
    Type: Grant
    Filed: July 13, 2023
    Date of Patent: February 13, 2024
    Assignee: T-Mobile USA, Inc.
    Inventor: Sean Seemann
  • Patent number: 11902268
    Abstract: Disclosed are various examples for enrollment of gateways using a client device. In one example, a request is transmitted from a client device to a management service. The request comprises the gateway identifier. Gateway credentials are relayed through the client device from the management service to the gateway device. The gateway credentials are unexposed to users of the client device.
    Type: Grant
    Filed: June 25, 2020
    Date of Patent: February 13, 2024
    Assignee: VMware, Inc.
    Inventors: Meenakshi Vohra, Glen McCready, Greg Bollella
  • Patent number: 11902782
    Abstract: Techniques are provided for ad-hoc authenticated group discovery and data sharing in a mesh network. A group of devices is created without leaving a security gap due to the open communication needed to establish the discovery of the devices forming the group. The group can be authenticated autonomously following network discovery of the devices. Instead of requiring global pre-assigned keys for authentication, the devices in the group are authenticated with signatures and certificate passing thereby providing strong security. The efficiency of data sharing between the devices of the network, such as a mesh network, can also be increased. One or more devices may act as a bridge device between devices of a same group that are not in direct wireless communication with each other to reduce re-broadcasts within the mesh network.
    Type: Grant
    Filed: June 22, 2021
    Date of Patent: February 13, 2024
    Assignee: ITRON GLOBAL SARL
    Inventors: Benjamin Damm, Eric Donald White, Tommi Petteri Parkkila
  • Patent number: 11899811
    Abstract: Computer-readable media, methods, and systems are disclosed for encrypting and decrypting data pages in connection with a database employing group-level encryption. A request to load a group-level encrypted logical data page into main memory is received, the data page being identified by a logical page number. A block of group-level encrypted data is loaded into the main memory of the database system from an address corresponding to the physical block number. A block of group-level encrypted data is loaded into the main memory of the database system. A header associated with the block of group-level encrypted data is decrypted using a data-volume encryption key, and an encryption-group identifier is accessed from the decrypted header. A group-level encryption key is retrieved from a key manager, and the remainder of the block of group-level encrypted data is decrypted using the group-level encryption key.
    Type: Grant
    Filed: May 28, 2021
    Date of Patent: February 13, 2024
    Assignee: SAP SE
    Inventor: Dirk Thomsen
  • Patent number: 11902444
    Abstract: Systems, computer program products, and methods are described herein for virtualization of non-fungible tokens. The present invention is configured to receive, via a first user input device, a resource transfer request using a virtual token from a first user, wherein the virtual token is electronically linked to an NFT of a resource transfer instrument; retrieve the NFT associated with the resource transfer instrument in response to receiving the resource transfer request; retrieve an NFT credential descriptor for the resource transfer request from a first metadata layer of the NFT associated with the resource transfer instrument; receive an authentication credential from the first user; determine whether the authentication credential matches an NFT credential descriptor that is electronically linked to the NFT associated with the resource transfer instrument; and authorize the resource transfer request based on at least determining that the authentication credential matches an NFT credential descriptor.
    Type: Grant
    Filed: October 18, 2021
    Date of Patent: February 13, 2024
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Manu Jacob Kurian, David Smiddy, Harold Joseph Kennedy
  • Patent number: 11900948
    Abstract: Features are disclosed for automatically identifying a speaker. Artifacts of automatic speech recognition (“ASR”) and/or other automatically determined information may be processed against individual user profiles or models. Scores may be determined reflecting the likelihood that individual users made an utterance. The scores can be based on, e.g., individual components of Gaussian mixture models (“GMMs”) that score best for frames of audio data of an utterance. A user associated with the highest likelihood score for a particular utterance can be identified as the speaker of the utterance. Information regarding the identified user can be provided to components of a spoken language processing system, separate applications, etc.
    Type: Grant
    Filed: January 7, 2022
    Date of Patent: February 13, 2024
    Assignee: Amazon Technologies, Inc.
    Inventors: Hugh Evan Secker-Walker, Baiyang Liu, Frederick Victor Weber
  • Patent number: 11902331
    Abstract: A computer implemented method for generating a dispatch datagram is disclosed. The computer implemented method includes receiving, at a dispatcher, a request from a client. The method further includes generating an authorization header based on the received request. The authorization header includes one or more rules for handling the request. The method further includes wrapping the received request and the generated authorization header together to generate a dispatch datagram.
    Type: Grant
    Filed: August 6, 2021
    Date of Patent: February 13, 2024
    Assignee: KYNDRYL, INC.
    Inventors: Mansura Habiba, Shyamal Kumar Saha, Bashar Akil, Utz Bacher
  • Patent number: 11894939
    Abstract: Techniques are provided that validate a participant in a video conference. As a video conferencing system is remote from a video conference participant, and user devices are not trusted, traditional methods such as client side facial recognition are ineffective at validating a participant from a video conferencing system. Thus, the embodiments encode modulated data for projection onto a face of the participant. A video of the participant is then captured. The conferencing system then confirms that the modulated data is present in the captured video.
    Type: Grant
    Filed: May 11, 2021
    Date of Patent: February 6, 2024
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Pascal Thubert, Patrick Wetterwald, Eric Levy- Abegnoli, Jonas Zaddach
  • Patent number: 11894875
    Abstract: The present invention addresses the problem of providing a signal process in which a countermeasure against eavesdropping over a physical layer in a wireless communication is performed. An optical signal generation unit 11 generates, as an optical signal, multivalued information that is in a multivalued state and is based on prescribed data. An E/O conversion unit 112 converts the optical signal to an electrical signal. An optical signal amplification unit 12 amplifies the optical signal. An O/E conversion unit 13 converts the optical signal to an electrical signal. A radio wave transmission unit 14 transmits, as a radio wave, the multivalued information converted into the electrical signal. The problem is solved thereby.
    Type: Grant
    Filed: February 28, 2020
    Date of Patent: February 6, 2024
    Assignee: TAMAGAWA UNIVERSITY AND TAMAGAWA ACADEMY
    Inventors: Ken Tanizawa, Fumio Futami
  • Patent number: 11893579
    Abstract: Disclosed is a method of reducing smart contract fees for a decentralized application (DApp). A parameter of a request reception event and a public key of a user are stored in a task queue of a computation server. The computation server performs a task requested by the user, calls a state change function for the performed task from a smart contract, and transmits a transaction result to the user when the transaction result is returned. The user pays, to the smart contract, a fee corresponding to the generation of the request reception event, and the computation server pays, to the smart contract, a fee corresponding to a state change of the smart contract. Thus, by minimizing and uniformizing a fee to be paid by a user of a DApp system, it is possible to increase accessibility to a corresponding DApp.
    Type: Grant
    Filed: February 10, 2022
    Date of Patent: February 6, 2024
    Assignee: Korea University Research and Business Foundation
    Inventors: Hwangnam Kim, Seong-Joon Park, Jaeseung Lee, Nam-Kyung Yoon
  • Patent number: 11895351
    Abstract: A multiple-identity secure device (MISD) persistently may store an identification code. The identification code may be stored in an integral memory of the device, or on an interchangeable card received in a physical interface of the MISD. The MISD may generate one or more unique identities (e.g., network addresses) from the stored identification code. The generated identities may be dynamically generated or may be securely stored in the MISD for subsequent retrieval. The generated identities may generate in accordance with an addressing scheme, a global/network setting, or as determined from a received data transmission.
    Type: Grant
    Filed: December 7, 2022
    Date of Patent: February 6, 2024
    Assignee: Comcast Cable Communications, LLC
    Inventor: Steven J. Reynolds
  • Patent number: 11893576
    Abstract: A transaction card includes a near-field communication (NFC) component, a security component, a wireless component, one or more memories, and one or more processors communicatively coupled to the one or more memories. The device receives a signal from a user device attempting to access a secure application, and energizes the NFC component based on the signal received from the user device. The device causes the security component to generate an encrypted code based on the NFC component being energized, and provides, via the security component, the encrypted code to the wireless component. The device provides, via the wireless component, the encrypted code to the user device to permit the user device to utilize the encrypted code as authentication for accessing the secure application.
    Type: Grant
    Filed: February 9, 2022
    Date of Patent: February 6, 2024
    Assignee: Capital One Services, LLC
    Inventors: James Zarakas, Molly Johnson, Robert Perry, Adam Koeppel, Tyler Locke
  • Patent number: 11893115
    Abstract: A method for providing a secret unique key for a volatile FPGA uses layers of encryption with different and independent keys and the possibility to store auxiliary data in the configuration memory. The configuration may be stored in a bit-file protected using hardwired bit-file encryption. The configuration includes a security block with an embedded group key used for protecting the auxiliary data. In the beginning, the auxiliary data may include a specific field with null identifier, which indicates that the device has not been initialized. During the initialization, the device generates a unique key and sets the field to specific identifier, which indicates that the device has been initialized, and replaces the original auxiliary data in the non-volatile configuration memory with a new auxiliary data constructed from these values. During normal operation this key is fetched from the auxiliary data and used to build a root-of-trust.
    Type: Grant
    Filed: November 12, 2019
    Date of Patent: February 6, 2024
    Assignee: XIPHERA OY
    Inventors: Kimmo Järvinen, Matti Tommiska