Particular Communication Authentication Technique Patents (Class 713/168)
  • Patent number: 9942378
    Abstract: Disclosed is a display device and a method for implementing an incoming notification function with respect to an MHL signal source. The display device includes: a control module, configured to control, when the display device is in a non MHL signal source pattern, a first MHL interface transfer switch, disposed between a signal decoding processor and an MHL signal source interface of the display device, to be on, and configured to start a background monitoring module electrically connected to the first MHL interface transfer switch, and further configured to display, if an MHL signal source is monitored to be connected, incoming reminder information according to a pre-configured incoming notification information or switch a current signal source pattern of the display device to be the MHL signal source pattern; and the background monitoring module, configured to monitor whether the MHL signal source is connected.
    Type: Grant
    Filed: September 21, 2015
    Date of Patent: April 10, 2018
    Assignee: SHENZHEN TCL NEW TECHNOLOGY CO., LTD
    Inventors: Ping Duan, Yangzhi Luo
  • Patent number: 9940449
    Abstract: A user using a client computer registers with a server computer over a computer network by submitting a biometric scan of a body part of the user. The user commands the client computer to encrypt an electronic file. The client computer generates a private key, encrypts the electronic file and transmits the key to the server computer. The client computer saves the encrypted file. The encrypted file and the key are saved at different physical locations. The owner of the file is able to grant permission to other registered users to unlock the encrypted file.
    Type: Grant
    Filed: May 14, 2015
    Date of Patent: April 10, 2018
    Inventor: James McNulty
  • Patent number: 9942608
    Abstract: Systems and methods for changing TV operating mode in accordance with number of viewers present. In some implementations, a method includes: obtaining a total number of viewers of a connected TV, the connected TV having a plurality of operating modes and the total number is one or more; in accordance with a determination that the total number of viewers is within a first predefined range of a plurality of predefined ranges; placing or maintaining the connected TV in or into a first operating mode unrelated to media content being displayed on the connected TV; and in accordance with a determination that the total number of viewers is within a second predefined range of the plurality of predefined ranges: placing or maintaining the connected TV in or into a second operating mode unrelated to the media content, the second operating mode is different from the first operating mode.
    Type: Grant
    Filed: July 23, 2015
    Date of Patent: April 10, 2018
    Assignee: GOOGLE LLC
    Inventors: Alok Chandel, Eric H C Liu, Pierre-Yves Laligand, Justin Koh
  • Patent number: 9940146
    Abstract: Embodiments relate to controlling configuration of a computer system comprising one or more exchangeable components. The exchangeable components comprising identification means to store an identifier. A pair of a private key and a public key are generated for each accepted manufacturer of the exchangeable components and a pair of a private key and a public key for the computer system; assigning an identifier for each exchangeable component available for attachment to the system; receiving configuration data comprising a list of encrypted identity records comprising identifiers of the components together with signatures over the data generated with the private key of the respective component manufacturer for each component expected to be attached to the system; and receiving a configuration record. The configuration data of the expected components from the received configuration record is compared with the configuration data of the components attached to the system.
    Type: Grant
    Filed: June 4, 2015
    Date of Patent: April 10, 2018
    Assignee: International Business Machines Corporation
    Inventors: Andreas Bieswanger, Dirk Bolte, Carl Mayer, Thomas Pohl, Martin Troester
  • Patent number: 9939074
    Abstract: Secured debug of an integrated circuit having a test operation mode and a secure mission operation mode. The integrated circuit has a processing unit, a test interface through which the test operation mode is controllable, an on-chip memory which is accessible in the test operation mode and in the secure mission operation mode, and one or more protected resources inaccessible in the test operation mode. The processing unit is configured, in the test operation mode, to receive an authenticated object through the test interface, and store the received authenticated object in the on-chip memory. The processing unit is moreover configured, upon reset into the secure mission operation mode, to execute a boot procedure to determine that the authenticated object is available in the on-chip memory, authenticate the authenticated object, and—upon successful authentication—render the more protected resources accessible to a debug host external to the integrated circuit.
    Type: Grant
    Filed: August 6, 2014
    Date of Patent: April 10, 2018
    Assignee: Telefonaktiebolaget LM Ericsson (Publ)
    Inventor: Peter Svensson
  • Patent number: 9935767
    Abstract: Methods, systems and computer readable media for configuring secure storage on a computing device. A method comprises: storing, at a first application running on a first computing device, authentication data associated with an authenticated communications session conducted between the first application and a second application running on a second computing device different from the first computing device; receiving, at the first application, an activation command comprising encryption data from the second application; authenticating, by the first application, the activation command based on the stored authentication data; and configuring, by the first application, secure storage on the first device based at least in part on the activation command received from the second application, wherein configuring the secure storage comprises encrypting application data associated with execution of the first application based on the encryption data.
    Type: Grant
    Filed: December 10, 2015
    Date of Patent: April 3, 2018
    Assignee: BlackBerry Limited
    Inventors: Johnathan George White, SeungSub Jung
  • Patent number: 9935773
    Abstract: This application is directed to trusted platform module certification and attestation utilizing an anonymous key system. In general, TPM certification and TPM attestation may be supported in a device utilizing integrated TPM through the use of anonymous key system (AKS) certification. An example device may comprise at least combined AKS and TPM resources that load AKS and TPM firmware (FW) into a runtime environment that may further include at least an operating system (OS) encryption module, an AKS service module and a TPM Certification and Attestation (CA) module. For TPM certification, the CA module may interact with the other modules in the runtime environment to generate a TPM certificate, signed by an AKS certificate, that may be transmitted to a certification platform for validation. For TPM attestation, the CA module may cause TPM credentials to be provided to the attestation platform for validation along with the TPM and/or AKS certificates.
    Type: Grant
    Filed: February 13, 2017
    Date of Patent: April 3, 2018
    Assignee: INTEL CORPORATION
    Inventors: Nitin V. Sarangdhar, Daniel Nemiroff, Ned M. Smith, Ernie Brickell, Jiangtao Li
  • Patent number: 9935962
    Abstract: Various embodiments provide systems and methods for connecting wireless-enabled products to wireless networks. Customer network credentials may be stored in a server along with a customer identifier (“customer ID”) during one-time registration. When a wireless-enabled product is purchased, a product identifier (“product ID”) and the customer's ID are forwarded to the server, which correlates the two identifiers, linking the purchased product to the customer. When the wireless-enabled product is powered on, the product accesses the server via a public network connection, and sends the product ID and a security token to the server. The server uses the product ID and the security token to authenticate the product. Once authenticated, the server uses the correlated customer ID to look up the network credentials for the customer's private network, and provides the network credentials to the wireless-enabled product.
    Type: Grant
    Filed: January 19, 2016
    Date of Patent: April 3, 2018
    Assignee: QUALCOMM Incorporated
    Inventors: Gregory Burns, Christopher Kavas, Marcello Lioy, Kenneth Swinson, Todd Malsbary, Matthew Michael
  • Patent number: 9929957
    Abstract: A method, computer program product, and/or system for maximizing hardware capabilities of a network interface card are provided. To maximize hardware capabilities of the network interface card, a media access control address for associating with the network interface card is received and a number of media access control addresses defined to the network interface card is compared to a maximum threshold of the network interface card. Then, in response to when the number is equal to or exceeds the maximum threshold of the network interface card, a promiscuous mode is enabled for network interface card and the media access control address is associated with the network interface card.
    Type: Grant
    Filed: September 29, 2015
    Date of Patent: March 27, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventor: Mark H. Van Parys
  • Patent number: 9930514
    Abstract: In order to reduce latency and overhead during the device discovery process, operations involved in pairing of two electronic devices may be predefined. In particular, when a user specifies a new electronic device in a list of their electronic devices, a computer provides a notification to these electronic devices. In response to the notification, a given one of the electronic devices generates encryption information and identification information for the given electronic device, and provides this encryption information and identification information to the new electronic device via a network (such as the Internet). Then, the new electronic device generates encryption information and identification information for the new electronic device, and provides this encryption information and identification information to the given electronic device via the network. This pairing information may subsequently facilitate secure wireless communication between the two electronic devices.
    Type: Grant
    Filed: September 19, 2016
    Date of Patent: March 27, 2018
    Assignee: Apple Inc.
    Inventors: Jason C. Conn, Akshay Mangalam Srivatsa, Craig P. Dooley, Michael J. Giles
  • Patent number: 9923924
    Abstract: Endpoint device policy change can, in various examples, include detecting a change in a first registered attribute associated with an endpoint device on a network to a second registered attribute and changing a first policy applied to the endpoint device to a second policy associated with the second registered attribute in response to the detected change.
    Type: Grant
    Filed: February 4, 2015
    Date of Patent: March 20, 2018
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Charles F. Clark, Duane E. Mentze
  • Patent number: 9921978
    Abstract: A storage device features a processor and a random number generation which are communicatively coupled to a memory.
    Type: Grant
    Filed: November 7, 2014
    Date of Patent: March 20, 2018
    Assignee: FireEye, Inc.
    Inventors: Eric Chan, Osman Abdoul Ismael, Gregory J. Snyder
  • Patent number: 9923716
    Abstract: For personalizing a smart card (SC) coupled with a communication device (CD) of a user being a subscriber of a first telecommunication network (TN1) and wishing to become a subscriber of a second telecommunication network (TN2), a first international identity (IMSI_1) and a first authentication key (AK_1) being stored in the smart card (SC), the smart card receives a message (MesP) from an application server (AS) connected to the first telecommunication network and the second telecommunication network, the message (MesN) comprising a personalization command (ComP) and an admin code (ACas), after that the application server has received a request (Req) of subscription change comprising an identifier (1dMNO2) of the second telecommunication network (TN2) and has established a secured session with a personalization server (PS) of the second telecommunication network (TN2) identified by the identifier (1dMNO2), and interprets the personalization command (ComP) to establish a secure session with the personalizatio
    Type: Grant
    Filed: August 14, 2013
    Date of Patent: March 20, 2018
    Assignee: Alcatel Lucent
    Inventors: Yacine El Mghazli, Abdullatif Shikfa
  • Patent number: 9923889
    Abstract: A data processing system including a data processing apparatus, includes a user data storing unit that stores user data of a user who uses a first service, the user data including first authentication data used for logging in the first service and user specifying data; a determining unit that determines, when the user who uses the first service sets second authentication data used for logging in a second service different from the first service, user specifying data usable as the second authentication data from the user specifying data included in the user data; and a management unit that sets the user specifying data determined to be usable as the second authentication data in the user data of the user who uses the first service as the second authentication data, and manages the user data as user data of the user who uses the first service and the second service.
    Type: Grant
    Filed: October 22, 2015
    Date of Patent: March 20, 2018
    Assignee: Ricoh Company, Ltd.
    Inventors: Masato Nakajima, Hiroki Ohzaki, Yasuharu Fukuda, Shigeki Kashiyama
  • Patent number: 9924355
    Abstract: A system includes a first communication apparatus having an acquisition unit to acquire connection information and a public key stored in a first memory of a short distance wireless communication unit of a second communication apparatus, an encryption unit to encrypt, by using the acquired public key, data to be processed by the second communication apparatus, and a transmission unit to transmit the encrypted data to the second communication apparatus via an established long distance communication. The second communication apparatus includes a decryption unit to decrypt, by a private key which corresponds to the public key and is stored in a second memory of the second communication apparatus, the transmitted encrypted data. While the second communication apparatus operates in a power saving state, the public key is acquired by the first communication apparatus, and the private key is not able to be acquired by the first communication apparatus.
    Type: Grant
    Filed: December 28, 2015
    Date of Patent: March 20, 2018
    Assignee: CANON KABUSHIKI KAISHA
    Inventor: Taketomo Naruse
  • Patent number: 9924293
    Abstract: Client to server service request and response interactions are monitored. The service requests have embedded therein mobility-dedicated and business organization oriented reporting headers. At the server side of the interactions, a snooping agent picks up information from the headers, combines it with service performance metrics (e.g., time to service the request) and stores the data in a relational database. Queries are afterwards submitted to the database to spot trends including those showing emerging problems and areas for improvement in providing customers who use mobile devices with seamless and high quality service.
    Type: Grant
    Filed: October 17, 2014
    Date of Patent: March 20, 2018
    Assignee: CA, INC.
    Inventors: Erhan Giral, Corey Cohen
  • Patent number: 9917691
    Abstract: A method and system for bringing together online and offline advertising uses anonymous links that are associated with consumer data. The anonymous links allow processing without personally identifiable information (PII) in a secure environment. Data is matched using the anonymous links, and further using identifiers that are encrypted for use in connection with individual match distribution partners. The method and system allows a marketer to utilize offline data to precisely target advertisements without the use of PII, and to perform analytics concerning the use of the online advertisements to more precisely determine the effectiveness of multichannel marketing efforts.
    Type: Grant
    Filed: April 28, 2017
    Date of Patent: March 13, 2018
    Assignee: Acxiom Corporation
    Inventors: Thierry Roullier, Dana S. Robbins, Linda Young, Scott Jones, Mike Zukerman
  • Patent number: 9916431
    Abstract: A method, performed by an electronic device, for verifying a user to allow access to the electronic device is disclosed. In this method, sensor data may be received from a plurality of sensors including at least an image sensor and a sound sensor. Context information of the electronic device may be determined based on the sensor data and at least one verification unit may be selected from a plurality of verification units based on the context information. Based on the sensor data from at least one of the image sensor or the sound sensor, the at least one selected verification unit may calculate at least one verification value. The method may determine whether to allow the user to access the electronic device based on the at least one verification value and the context information.
    Type: Grant
    Filed: January 15, 2015
    Date of Patent: March 13, 2018
    Assignee: QUALCOMM Incorporated
    Inventors: Kyu Woong Hwang, Seungwoo Yoo, Duck-Hoon Kim, Sungwoong Kim, Te-Won Lee
  • Patent number: 9916720
    Abstract: A method for selecting content for delivery to devices is described herein. In some embodiments, the method can include registering a plurality of devices of one or more device types. The method can further include receiving usage information indicating usage of the devices and affinity information indicating user affinities associated with the devices. The method can further include detecting that a device of the plurality of devices is in-use. The method can further include determining, based on the usage information and the affinity information, game content for the device currently used. The method can further include transmitting, to the device, the game content.
    Type: Grant
    Filed: August 4, 2014
    Date of Patent: March 13, 2018
    Assignee: BALLY GAMING, INC.
    Inventors: Richard B. Robbins, Damon E. Gura, Michael J. Irby, II, Scott A. Massing, Jamie W. Vann
  • Patent number: 9916576
    Abstract: Described are methods and systems for remotely personalizing a payment device. In an embodiment, a trusted service provider (TSP) personalization server receives a payment device personalization request from a remote personalization device (RPD), determines that a hardware security token (HST) permits issuance of the payment device, and transmits a personalization data request to an issuer. The TSP personalization server then receives the requested personalization data from a Mobile Over-the-Air Provisioning Service (MOTAPS) server, generates session keys, converts data from the MOTAPS server into payment device application process data unit (APDU) data, and then transmits the personalization data and APDU data to the RPD to load onto a payment device.
    Type: Grant
    Filed: October 2, 2015
    Date of Patent: March 13, 2018
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Colin Tanner, Paul Michael Evans, Theresa L. Smith
  • Patent number: 9912668
    Abstract: The description relates to enhancing user experience with devices, such as host and peripheral devices. One example relates to devices that can automatically power down when packaged for shipping and power up when opened by the user. Another example allows automatic, secure pairing between sets of host and peripheral devices without any affirmative user actions.
    Type: Grant
    Filed: September 16, 2015
    Date of Patent: March 6, 2018
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Yi He, Naji Shafi, Alain Michaud, Heng Huang, Joan Ouyang
  • Patent number: 9912622
    Abstract: An electronic messaging system is provided to generate and send electronic messages that contain adaptive content to customize the electronic messages for each recipient. The system operates to receive an adaptive content asset and a content rule, select a set of adaptive content elements from the adaptive content asset based upon the content rule, and send a content locator to an author computing device to permit the author computing device to include the content locator in the electronic message and send the electronic message to a recipient computing device.
    Type: Grant
    Filed: January 20, 2017
    Date of Patent: March 6, 2018
    Assignee: Wylei, Inc.
    Inventor: Essam Abadir
  • Patent number: 9912635
    Abstract: Provided are devices, computer-program products, and methods for automatic provisioning of an access point. In some implementations, a network device may connect to a network. Connecting may include automatically receiving a group name. In some implementations, a dynamic host configuration protocol (DHCP) request may be transmitted. A DHCP response message may also be received. The DHCP response message may provide an Internet Protocol (IP) address. The IP addressed may facilitate communication by the network device with the network. Controller information may be received. The controller information may include a controller IP address. Provisioning information may be requested. This request may include the group name and the controller IP address. Provisioning information may be received. Provisioning information may be associated with the controller IP address. The provisioning information may facilitate self-configuration of a network device.
    Type: Grant
    Filed: July 24, 2015
    Date of Patent: March 6, 2018
    Assignee: Aruba Networks, Inc.
    Inventors: Suresh Dhulipala, Venkatesh Kannan
  • Patent number: 9912681
    Abstract: A malware detection system (MDS) appliance is configured to inject delay associated with delivery and/or processing of communication traffic directed to one or more endpoints in a network. The appliance may be positioned within the network to intercept and analyze (e.g., replay and instrument) one or more network packets of the communication traffic to detect whether an object of the packet contains malware. However, such analysis, e.g., malware detection analysis, may require extensive processing at the appliance and, thus, consume a considerable amount of time. Accordingly, the MDS appliance may inject delay into the delivery and/or processing of the object on the endpoint until the malware detection analysis completes and the malware is validated.
    Type: Grant
    Filed: November 2, 2015
    Date of Patent: March 6, 2018
    Assignee: FireEye, Inc.
    Inventors: Osman Abdoul Ismael, Ashar Aziz
  • Patent number: 9906529
    Abstract: A relay apparatus includes a memory that stores right information indicating a right to access a service providing apparatus, a first retrieval unit that retrieves, from a client apparatus, identification information of a user registered in the service providing apparatus that is a target of an access request from the client apparatus, and an access unit that accesses the service providing apparatus as the target using the identification information retrieved by the first retrieval unit instead of the right information stored on the memory if the right information to access the service providing apparatus as the target is not valid.
    Type: Grant
    Filed: July 9, 2014
    Date of Patent: February 27, 2018
    Assignee: FUJI XEROX CO., LTD.
    Inventor: Kazumoto Shinoda
  • Patent number: 9907091
    Abstract: A communication device, includes targets that each execute predetermined processing; and a front end that selects, from the targets, a confirmed target with which an external device is to communicate and that performs near-field communication with the external device. During transmission of a command for selecting at least one candidate of the confirmed target, the front end selects a predetermined one of the targets once every two times as a transmission destination of the command.
    Type: Grant
    Filed: December 17, 2014
    Date of Patent: February 27, 2018
    Assignee: FeliCa Networks, Inc.
    Inventor: Takashi Suzuki
  • Patent number: 9904806
    Abstract: Provided is a method of updating an integrity check value (ICV) stored in a hardware security module (HSM). The method includes storing user authentication information of the terminal transferred from the terminal to preregister a user of the terminal, transferring an authentication information request message, requesting the user authentication information, to the terminal in response to an update request message which is transferred from the terminal and includes an update value of the ICV, comparing the user authentication information transferred from the terminal with the stored user authentication information to perform an authentication operation on the user of the terminal according to the authentication information request message; and when the user of the terminal is successfully authenticated, updating the stored ICV by using the update value.
    Type: Grant
    Filed: February 8, 2016
    Date of Patent: February 27, 2018
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventor: Hong Il Ju
  • Patent number: 9898724
    Abstract: A method and an apparatus for using a device to determine an item, such as, for example, a card based on an interaction environment, such as, for example, a settlement environment, are provided. The method by which a device determines a card to be used in a settlement includes: acquiring a card use history of a card, which is stored in the device; acquiring information which relates to a settlement environment of the device; determining a card to be used in the settlement, based on the acquired information relating to the settlement environment and the acquired card use history; and providing settlement information which relates to the determined card to a point of sale (POS) terminal.
    Type: Grant
    Filed: August 26, 2013
    Date of Patent: February 20, 2018
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Yeon-hee Roh, Eun-young Lim, Young-shil Jang, Jae-woo Ko
  • Patent number: 9898877
    Abstract: An apparatus and a method for using an apparatus are provided, which apparatus can be used in particular in an industrial automation process. The apparatus comprises a machine part for performing a process to be performed by an automation system or for processing a workpiece, and an authentication and access part for authenticating a user of the apparatus and for permitting the user access to at least some of the functions of the machine part if the user has been authenticated, and for blocking the user access to the functions of the machine part if the user has not been authenticated.
    Type: Grant
    Filed: September 8, 2015
    Date of Patent: February 20, 2018
    Assignee: Robert Bosch GmbH
    Inventor: Christoph Kauth
  • Patent number: 9900767
    Abstract: A method of establishing communications with a first device is disclosed. The method includes: the first device presenting connection information to a second device; receiving a response from a second device; establishing an association with the second device; transmitting, in response to a determination that the first device and the second device are connected for data, first data to the second device, the first data comprising addressing information for a server; receiving second data from the second device, the second data comprising second information for establishing communications with the first device; and configuring the first device to receive third data from a location remote to the first device using the second information from the second data.
    Type: Grant
    Filed: May 18, 2017
    Date of Patent: February 20, 2018
    Assignee: Apple Inc.
    Inventors: Tyler Hawkins, Christopher Wilson, Conrad Sauerwald, Gregory Novick, Neil G. Crane, Rudolph Van Der Merwe, Samuel Noble, Paul William Chinn
  • Patent number: 9893883
    Abstract: A device may receive client cipher information, associated with initiating a secure session, identifying at least one key exchange cipher supported by a client device associated with the secure session. The device may determine, based on the client cipher information, that a Diffie-Hellman key exchange is to be used to establish the secure session. The device may determine whether a server device, associated with the secure session, supports use of the Diffie-Hellman key exchange. The device may manage establishment of the secure session using a first decryption technique based on determining that the server device does not support the use of the Diffie-Hellman key exchange, or manage establishment of the secure session using a second decryption technique based on determining that the server device supports the use of the Diffie-Hellman key exchange or being unable to determine whether the server device supports the use of the Diffie-Hellman key exchange.
    Type: Grant
    Filed: June 26, 2015
    Date of Patent: February 13, 2018
    Assignee: Juniper Networks, Inc.
    Inventors: Rajeev Chaubey, Venkata Rama Raju Manthena
  • Patent number: 9887897
    Abstract: A user device may receive bitrate availability information identifying one or more bitrates associated with content; receive, from a user of the user device, a selection of a particular bitrate of the one or more bitrates; request segment files associated with the particular bitrate; and receive the segment files.
    Type: Grant
    Filed: April 18, 2014
    Date of Patent: February 6, 2018
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Lakshmi Chakarapani, Gaurav Rinwa, Rahul Aurora Srinivasan
  • Patent number: 9888120
    Abstract: Techniques for benchmarking pairing strategies in a contact center system are disclosed. In one particular embodiment, the techniques may be realized as a method for techniques for benchmarking pairing strategies in a contact center system comprising: cycling, by at least one processor, among at least two pairing strategies; and determining, by the at least one processor, a difference in performance between the at least two pairing strategies.
    Type: Grant
    Filed: July 27, 2016
    Date of Patent: February 6, 2018
    Assignee: Afiniti Europe Technologies Limited
    Inventor: Zia Chishti
  • Patent number: 9887980
    Abstract: A system for authenticating client devices for communication with one or more wireless communications networks, includes a client device configured to receive a client-side global time from a time tracking system and generate a response to an authentication challenge based on the authentication challenge, the client-side global time, a client device identifier associated with the client device, and optionally location data that corresponds to a location of the client device.
    Type: Grant
    Filed: July 30, 2014
    Date of Patent: February 6, 2018
    Assignee: Sprint Communications Company L.P.
    Inventors: Marouane Balmakhtar, Ramana Venkata Gollamudi
  • Patent number: 9882883
    Abstract: A method for generating one or more secrets for use by members. The method includes sending a first request for connection with a second member, and sending a second request to connection with a third member. The method further includes receiving, by the first member from the second member, a second input after the first request is sent and after communication is initiated between the first member and the second member and receiving, by the first member from the third member, a third input after the second request is sent and after communication is initiated between the first member and the third member. The method further includes generating, using an n-bit generator executing on the first member, a message digest using a first input, the second input, and the third input, extracting a secret from the message digest, and storing the secret in a secrets repository on the first member.
    Type: Grant
    Filed: April 14, 2017
    Date of Patent: January 30, 2018
    Assignee: PACID TECHNOLOGIES, LLC
    Inventor: Guy Fielder
  • Patent number: 9882901
    Abstract: Technical solutions are described for securely deploying a shrouded virtual server. An example method includes sending, by a host manager, authentication information of a hosting system to a client device in response to a request from the client device. The \method also includes receiving a request to deploy a virtual server using a shrouded mode. The method also includes deploying a preconfigured hypervisor on the hosting system, where the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor. The method also includes deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor. The method also includes sending, by the host manager, an identifier of the virtual server for receipt by the client device.
    Type: Grant
    Filed: December 14, 2015
    Date of Patent: January 30, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Khary J. Alexander, Utz Bacher, Reinhard T. Buendgen, Patrick J. Callaghan, John C. Dayka, Thomas B. Mathias, K. Paul Muller, James A. O'Connor, William J. Rooney, Kurt N. Schroeder, Peter G. Spera, Tiberiu Suto, Sean Swehla, Stefan Usenbinz, Craig R. Walters
  • Patent number: 9882934
    Abstract: A system and method for updating multiple devices that are coupled to a network by a hub provides a trusted platform module in each of the devices, sends messages from the network to the hub for updating the devices, sends each of the devices messages from the hub to update the device, executes the content of each message in the device to which that message is sent, and deletes each message after it has been executed. Each of the messages preferably includes trusted code, and the device receiving each message executes the trusted code in the trusted platform module. The trusted code may include an update function, an image, and control data, and preferably has integrity. The hub may receive trusted code from a remote server, execute the trusted code to send a message to one of the devices, and then delete the trusted code.
    Type: Grant
    Filed: June 29, 2015
    Date of Patent: January 30, 2018
    Assignee: Synopsys, Inc.
    Inventors: Andrew Elias, Derek Bouius, Neil Leckett, Steven Lougheed
  • Patent number: 9881166
    Abstract: An approach is provided in which a knowledge manager generates a knowledge structure that includes security annotation tokens and term tokens. Each of the security annotation tokens are stored in a parallel field and align to at least one of the term tokens. The knowledge manager matches security policies corresponding to a search request to one or more of the security annotation tokens and, in turn, generates search results based upon obfuscation of one or more of the term tokens aligned to the matched security annotation tokens.
    Type: Grant
    Filed: April 16, 2015
    Date of Patent: January 30, 2018
    Assignee: International Business Machines Corporation
    Inventors: Bridget B. Beamon, Bradley M. Debroni, Octavian F. Filoti, Bryan J. Kyle, Christopher M. Nolan
  • Patent number: 9883479
    Abstract: A system and method for locating a network device. A location provider determines, based on location data, a location of a wireless access point. The location data includes location data from each of a plurality of network devices, wherein the location data for each network device includes the network device's location and data representative of a distance between the wireless access point and each network device. The location provider generates, based on the location of the wireless access point, location information for the wireless access point, signs the location information with a credential to form signed location information, and communicates the signed location information to the wireless access point.
    Type: Grant
    Filed: October 28, 2015
    Date of Patent: January 30, 2018
    Assignee: Google LLC
    Inventors: Vinit Chandrakant Deshpande, Prerepa V. Viswanadham
  • Patent number: 9875364
    Abstract: An approach is provided in which a knowledge manager generates a knowledge structure that includes security annotation tokens and term tokens. Each of the security annotation tokens are stored in a parallel field and align to at least one of the term tokens. The knowledge manager matches security policies corresponding to a search request to one or more of the security annotation tokens and, in turn, generates search results based upon obfuscation of one or more of the term tokens aligned to the matched security annotation tokens.
    Type: Grant
    Filed: May 27, 2015
    Date of Patent: January 23, 2018
    Assignee: International Business Machines Corporation
    Inventors: Bridget B. Beamon, Bradley M. Debroni, Octavian F. Filoti, Bryan J. Kyle, Christopher M. Nolan
  • Patent number: 9876771
    Abstract: A security application for a computing device, e.g., a mobile phone, allows generation of a secret according to a unique user input (e.g., user credentials). The secret is stored in a directory such that it is retrievable when the unique user input is received via a user interface of a device on which the security application executes or is coupled with. Responsive to receiving an identifier associated with the secret, the security application prompts, e.g., via a user interface of the mobile phone, entry of the unique user input; and, subsequently, verifies the unique user input. Following such verification, the security application provides the secret for use in encoding a communication with a remote computer-based station. Entry of the user credentials may be required prior to the security application generating the secret, and may be responsive to receipt of an invitation (e.g., from the remote computer-based station) to generate it.
    Type: Grant
    Filed: January 6, 2017
    Date of Patent: January 23, 2018
    Assignee: PACID TECHNOLOGIES, LLC
    Inventor: Guy Fielder
  • Patent number: 9876796
    Abstract: The field of the invention relates to network connected authentication systems, and more particularly to systems and methods that enable authentication of one or more users of a group using network connected devices. In an embodiment, the system includes a network connected authentication server coupled to a network for access by a plurality of user devices in a group to authenticate a user of one or more third party applications. When a user of the group visits a third party application and initiates a group authentication, the network connected authentication server retrieves authentication rules and sends authentication requests to the user devices of the group based on the authentication rules.
    Type: Grant
    Filed: September 12, 2016
    Date of Patent: January 23, 2018
    Assignee: iovation Inc.
    Inventors: Devin M. Egan, Yo Sub Kwon, Geoffrey R. Sanders, Christopher C. Shepherd, Kristin F. Tomasik
  • Patent number: 9871785
    Abstract: Forward-secure one-time authentication tokens are provided with embedded time hints. A token generates a passcode for presentation to an authentication server by determining a current state of the token; generating a user authentication passcode based on the current state, wherein the generated user authentication passcode comprises an embedded time hint; and communicating the generated user authentication passcode to the authentication server. The passcode may be generated with the embedded time hint, for example, each time a user authentication passcode is generated or upon demand when a user authentication passcode is generated. A server processes a user authentication passcode by receiving the user authentication passcode, wherein the received user authentication passcode comprises an embedded time hint; and determining a time interval to search for another user authentication passcode based on the embedded time hint.
    Type: Grant
    Filed: March 14, 2013
    Date of Patent: January 16, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Nikolaos Triandopoulos, Ari Juels, John Brainard
  • Patent number: 9872173
    Abstract: A communication method of hiding privacy information and a system thereof are provided. The method comprises following steps: performing an identification unit generating program to generate a master identification unit and a slave identification unit; storing a first identification code and a second identification code to a communication server; adding the first identification code into a first communication program of a first mobile device by detecting the master identification unit; adding the second identification code into a second communication program of a second mobile device by detecting the slave identification unit; executing the second communication program to transmit a communication request to the communication server; and the first identification code and the second identification code are utilized by the communication server to establish a communication link from the second communication program to the first communication program.
    Type: Grant
    Filed: October 29, 2015
    Date of Patent: January 16, 2018
    Inventors: Nen-Fu Huang, Wei-Kuan Shih, Yi-Ju Liao
  • Patent number: 9866569
    Abstract: A method, system, apparatus, and computer program product are provided for facilitating individual-specific content management. For example, a method is provided that includes receiving information regarding at least one prerequisite condition relating to at least one individual, receiving information regarding the at least one individual, determining whether the at least one prerequisite condition is satisfied, and causing individual-specific content associated with the at least one individual to be transmitted. At least a portion of the individual-specific content comprises protected content configured to be unviewable and/or unmodifiable. The method further includes receiving at least one access credential and causing at least a portion of the protected content to be viewable and/or modifiable.
    Type: Grant
    Filed: November 2, 2016
    Date of Patent: January 9, 2018
    Assignee: AirWatch LLC
    Inventors: John DiRico, Erich Stuntebeck
  • Patent number: 9867047
    Abstract: The present invention relates to a wireless access system, and more particularly, to methods and apparatus for notifying authenticity information of a caller identifier (ID) in a wireless access system, comprising: receiving, from a second network node, a first call message including a caller ID of a second UE (UE2), determining whether the caller ID of UE2 has been authenticated or not by detecting a trust level of authenticity information in the first call message, and transmitting, to a first UE (UE1), a second call message including the caller ID and an indication message indicating one or authentication levels out of an authenticated, a spoofed, or an unauthenticated level, wherein the authenticated indicates the caller ID is authenticity and the spoofed indicates the caller ID is not guaranteed to correspond to the UE2.
    Type: Grant
    Filed: August 7, 2015
    Date of Patent: January 9, 2018
    Assignee: LG ELECTRONICS INC.
    Inventor: Ki-Dong Lee
  • Patent number: 9866989
    Abstract: A method and system of personalizing a mobile phone over a wireless network is provided. The method is fast, reliable, and eliminates the need for an uninterrupted online connection to a host server in order to achieve successful download of user information. With the method and system, a mobile phone can be personalized for various purposes, such as for conducting financial transactions.
    Type: Grant
    Filed: April 4, 2016
    Date of Patent: January 9, 2018
    Assignee: III Holdings 1, LLC
    Inventors: Blayn W. Beenau, Jessica U. Warren, Lee J. Peart, Peter D. Saunders
  • Patent number: 9864704
    Abstract: A semiconductor device includes a nonvolatile memory storing encrypted management data, and a memory controller coupled between the nonvolatile memory and a host. The memory controller is allocated a free area in a host memory from the host and is suitable for storing the encrypted management data in the free area.
    Type: Grant
    Filed: September 11, 2014
    Date of Patent: January 9, 2018
    Assignee: SK Hynix Inc.
    Inventors: Hyun Ju Lee, Jae Han Park, Dae Geun Jee
  • Patent number: 9866392
    Abstract: A web of trust in a distributed system is established. A root of trust for at least two components in the distributed system validates information for the distributed system. The validated information is then used to create additional information for the distributed system. Versions of the information are usable to validate subsequent versions of the information such that validation of a version of the information can be performed by using one or more previous versions to verify that the version is a valid successor of a previously validated previous version.
    Type: Grant
    Filed: September 15, 2014
    Date of Patent: January 9, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Matthew John Campagna, Gregory Branchek Roth
  • Patent number: 9867048
    Abstract: Systems and methods are disclosed which may allow a user having a mobile device to automatically authenticate to a server using a device identifier associated with the mobile device. An access point may be configured to send the device identifier as well as additional identifying information to the server so that the device identifier can be accurately matched to the mobile device. Then, when the mobile device submits a credential during authentication, the device identifier and the credential may be matched such that the next time the server receives the device identifier from the access point, the mobile device may be automatically authenticated.
    Type: Grant
    Filed: May 3, 2017
    Date of Patent: January 9, 2018
    Assignee: PAYPAL, INC.
    Inventor: Max Edward Metral