Particular Communication Authentication Technique Patents (Class 713/168)
  • Patent number: 9871785
    Abstract: Forward-secure one-time authentication tokens are provided with embedded time hints. A token generates a passcode for presentation to an authentication server by determining a current state of the token; generating a user authentication passcode based on the current state, wherein the generated user authentication passcode comprises an embedded time hint; and communicating the generated user authentication passcode to the authentication server. The passcode may be generated with the embedded time hint, for example, each time a user authentication passcode is generated or upon demand when a user authentication passcode is generated. A server processes a user authentication passcode by receiving the user authentication passcode, wherein the received user authentication passcode comprises an embedded time hint; and determining a time interval to search for another user authentication passcode based on the embedded time hint.
    Type: Grant
    Filed: March 14, 2013
    Date of Patent: January 16, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Nikolaos Triandopoulos, Ari Juels, John Brainard
  • Patent number: 9872173
    Abstract: A communication method of hiding privacy information and a system thereof are provided. The method comprises following steps: performing an identification unit generating program to generate a master identification unit and a slave identification unit; storing a first identification code and a second identification code to a communication server; adding the first identification code into a first communication program of a first mobile device by detecting the master identification unit; adding the second identification code into a second communication program of a second mobile device by detecting the slave identification unit; executing the second communication program to transmit a communication request to the communication server; and the first identification code and the second identification code are utilized by the communication server to establish a communication link from the second communication program to the first communication program.
    Type: Grant
    Filed: October 29, 2015
    Date of Patent: January 16, 2018
    Inventors: Nen-Fu Huang, Wei-Kuan Shih, Yi-Ju Liao
  • Patent number: 9867048
    Abstract: Systems and methods are disclosed which may allow a user having a mobile device to automatically authenticate to a server using a device identifier associated with the mobile device. An access point may be configured to send the device identifier as well as additional identifying information to the server so that the device identifier can be accurately matched to the mobile device. Then, when the mobile device submits a credential during authentication, the device identifier and the credential may be matched such that the next time the server receives the device identifier from the access point, the mobile device may be automatically authenticated.
    Type: Grant
    Filed: May 3, 2017
    Date of Patent: January 9, 2018
    Assignee: PAYPAL, INC.
    Inventor: Max Edward Metral
  • Patent number: 9867047
    Abstract: The present invention relates to a wireless access system, and more particularly, to methods and apparatus for notifying authenticity information of a caller identifier (ID) in a wireless access system, comprising: receiving, from a second network node, a first call message including a caller ID of a second UE (UE2), determining whether the caller ID of UE2 has been authenticated or not by detecting a trust level of authenticity information in the first call message, and transmitting, to a first UE (UE1), a second call message including the caller ID and an indication message indicating one or authentication levels out of an authenticated, a spoofed, or an unauthenticated level, wherein the authenticated indicates the caller ID is authenticity and the spoofed indicates the caller ID is not guaranteed to correspond to the UE2.
    Type: Grant
    Filed: August 7, 2015
    Date of Patent: January 9, 2018
    Assignee: LG ELECTRONICS INC.
    Inventor: Ki-Dong Lee
  • Patent number: 9866569
    Abstract: A method, system, apparatus, and computer program product are provided for facilitating individual-specific content management. For example, a method is provided that includes receiving information regarding at least one prerequisite condition relating to at least one individual, receiving information regarding the at least one individual, determining whether the at least one prerequisite condition is satisfied, and causing individual-specific content associated with the at least one individual to be transmitted. At least a portion of the individual-specific content comprises protected content configured to be unviewable and/or unmodifiable. The method further includes receiving at least one access credential and causing at least a portion of the protected content to be viewable and/or modifiable.
    Type: Grant
    Filed: November 2, 2016
    Date of Patent: January 9, 2018
    Assignee: AirWatch LLC
    Inventors: John DiRico, Erich Stuntebeck
  • Patent number: 9866989
    Abstract: A method and system of personalizing a mobile phone over a wireless network is provided. The method is fast, reliable, and eliminates the need for an uninterrupted online connection to a host server in order to achieve successful download of user information. With the method and system, a mobile phone can be personalized for various purposes, such as for conducting financial transactions.
    Type: Grant
    Filed: April 4, 2016
    Date of Patent: January 9, 2018
    Assignee: III Holdings 1, LLC
    Inventors: Blayn W. Beenau, Jessica U. Warren, Lee J. Peart, Peter D. Saunders
  • Patent number: 9864704
    Abstract: A semiconductor device includes a nonvolatile memory storing encrypted management data, and a memory controller coupled between the nonvolatile memory and a host. The memory controller is allocated a free area in a host memory from the host and is suitable for storing the encrypted management data in the free area.
    Type: Grant
    Filed: September 11, 2014
    Date of Patent: January 9, 2018
    Assignee: SK Hynix Inc.
    Inventors: Hyun Ju Lee, Jae Han Park, Dae Geun Jee
  • Patent number: 9866392
    Abstract: A web of trust in a distributed system is established. A root of trust for at least two components in the distributed system validates information for the distributed system. The validated information is then used to create additional information for the distributed system. Versions of the information are usable to validate subsequent versions of the information such that validation of a version of the information can be performed by using one or more previous versions to verify that the version is a valid successor of a previously validated previous version.
    Type: Grant
    Filed: September 15, 2014
    Date of Patent: January 9, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Matthew John Campagna, Gregory Branchek Roth
  • Patent number: 9860070
    Abstract: The present invention provides an entity identification method, apparatus and system, and relates to: an entity A transmits an identification request message to an entity B, the identification request message includes the result SN1 of an XOR operation of a Pre-Shared Key (PSK) and the data from processing data N1 according to a first agreed rule, wherein data N1 is generated by entity A, and the PSK is a key shared by A and B; entity B receives the identification request message, performs an XOR operation on SN1 and PSK, performs a process according to a second agreed rule, then performs a process according to a third agreed rule, and then performs an XOR operation again with the PSK processed according to the third agreed rule and then processed according to a fourth rule to obtain SON1, and transmits SON1 through an identification response message to entity A.
    Type: Grant
    Filed: January 27, 2015
    Date of Patent: January 2, 2018
    Assignee: CHINA IWNCOMM CO., LTD
    Inventors: Zhiqiang Du, Yanan Hu, Qin Li, Ming Li, Yi Li
  • Patent number: 9852299
    Abstract: The present disclosure is directed to a protection scheme for remotely-stored data. A system may comprise, for example, at least one device including at least one virtual machine (VM) and a trusted execution environment (TEE). The TEE may include an encryption service to encrypt or decrypt data received from the at least one VM. In one embodiment, the at least one VM may include an encryption agent to interact with interfaces in the encryption service. For example, the encryption agent may register with the encryption service, at which time an encryption key corresponding to the at least one VM may be generated. After verifying the registration of the encryption agent, the encryption service may utilize the encryption key corresponding to the at least one VM to encrypt or decrypt data received from the encryption agent. The encryption service may then return the encrypted or decrypted data to the encryption agent.
    Type: Grant
    Filed: September 27, 2013
    Date of Patent: December 26, 2017
    Assignee: INTEL CORPORATION
    Inventors: Hariprasad Nellitheertha, Deepak S., Thanunathan Rangarajan, Anil S. Keshavamurthy
  • Patent number: 9852281
    Abstract: According to an embodiment, an authentication system includes a physical device, a calculator, and an authenticator. The physical device includes a data source which outputs a data sequence along time series. The calculator performs, using hidden Markov model, probability calculation on an ID which is based on the data sequence obtained from the physical device. The authenticator authenticates the physical device based on calculation result of the calculator.
    Type: Grant
    Filed: August 12, 2015
    Date of Patent: December 26, 2017
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Tetsufumi Tanamoto, Takao Marukame, Shinichi Yasuda, Yuichiro Mitani, Shinobu Fujita
  • Patent number: 9853911
    Abstract: An information handling system includes a management switch and a plurality of management controllers coupled to the management switch to form a management network. A first management controller of the plurality of management controllers receives from the management switch a first list of active ports, wherein each particular active port includes an associated second management controller of the plurality of management controllers that is coupled to the particular active port. The first management controller further receives from the management switch, a plurality of second lists, one for each particular active port in the first list, each second list including an identification for the associated second management controller, and determines a map of the management network based upon the first list and the plurality of second lists.
    Type: Grant
    Filed: February 19, 2015
    Date of Patent: December 26, 2017
    Assignee: DELL PRODUCTS, LP
    Inventors: Jinsaku Masuyama, Sajjad Ahmed, John R. Palmer
  • Patent number: 9853967
    Abstract: A passphrase is assigned to an end user device for use in authenticating the end user device for a network using SAE. An identification of the end user device is determined during an authentication process. The passphrase assigned to the end user device is determined at a network side using the identification of the end user device. A shared secret is generated using the passphrase. Whether the end user device has generated the shared secret is determined. The end user device is authenticated for the network, if it is determined that the end user device has generated the shared secret.
    Type: Grant
    Filed: June 21, 2017
    Date of Patent: December 26, 2017
    Assignee: Aerohive Networks, Inc.
    Inventor: Matthew Stuart Gast
  • Patent number: 9847976
    Abstract: Digital data is optically broadcast through an environment by controllably switching the brightness or chrominance of LED solid state lamps, or of other illumination sources (e.g., television screens and backlit computer displays). This optical data channel is useful to convey cryptographic key data by which devices within the environment can authenticate themselves to a secure network. In some embodiments, the optical modulation is sensed by the camera of a smartphone. The row data output by the smartphone's camera sensor is processed to extract the modulated data signal. In some monochrome embodiments, data communication speeds far in excess of the camera's frame rate (e.g., 30/second), or even the camera's row rate (e.g., 14,400/second) are achieved. Still greater rates can be achieved by conveying different data in different chrominance channels. A great number of other features and arrangements are also detailed.
    Type: Grant
    Filed: April 8, 2015
    Date of Patent: December 19, 2017
    Assignee: Digimarc Corporation
    Inventors: John D. Lord, John Stach
  • Patent number: 9848324
    Abstract: Physical security methods and equipment are applied to mobile devices that use multi-factor authentication mobile apps. Herein, a password management mobile app physically escrows each encrypted password that must be stored into two parts. These are then distributed between two separate, independent physical devices. Only one of those parts is kept only in a separate user gadget like a keyfob. Any reconstitution of each password after decryption requires that the user have on-hand both the mobile device and the separate user gadget. Such reconstitution is one password at a time, and only as needed, and released for use in remote authentication with a master user password entry.
    Type: Grant
    Filed: June 13, 2017
    Date of Patent: December 19, 2017
    Assignee: Intersections Inc.
    Inventors: Mark Abene, Seyed Mojtaba Ghazitabrizi, Konstantin Bokarius, Henry Yei
  • Patent number: 9847914
    Abstract: Methods and systems for managing traffic among a plurality of interconnected sites. The sites are interconnected via ring members and ring segments of a logical ring implemented by a network controller over a physical transport network. When it is determined there is a change in traffic that requires a change in ring topology, topology optimization is performed to accommodate the change in traffic. The topology optimization may include: dynamically increasing capacity of a ring segment, dynamically decreasing capacity of a ring segment, dynamically creating a traffic path, and/or dynamically removing a traffic path.
    Type: Grant
    Filed: November 17, 2015
    Date of Patent: December 19, 2017
    Assignee: Huawei Technologies Co., Ltd.
    Inventor: Peter Ashwood-Smith
  • Patent number: 9846422
    Abstract: A signal processing apparatus includes an interface module and a signal processing module. The interface module includes an identification resistance for identifying the interface module, the interface module being connectable to a device configured to perform at least one of measuring of a measuring target and operating of an operation target. The signal processing module includes a first connection terminal connected to one end of the identification resistance, a first power source connected to the identification resistance via the first connection terminal, a detector configured to detect any one of voltage and electrical current at the first connection terminal, and a signal processor configured to process signals received from and transmitted to the device.
    Type: Grant
    Filed: October 9, 2014
    Date of Patent: December 19, 2017
    Assignee: YOKOGAWA ELECTRIC CORPORATION
    Inventors: Hiroyuki Jimi, Shunsuke Hayashi, Ikutomo Watanabe
  • Patent number: 9847995
    Abstract: A system, method, and computer-readable medium for challenge-response authentication are provided. A plurality of codes is received over a communication network based on input provided by way of a user interface displaying a plurality of images. An alphanumeric string is generated based on the received plurality of codes and based on a table that associates each one of the plurality of codes with a respective one of the plurality of images and with a respective one of a plurality of alphanumeric characters. A determination is made as to whether to grant authorization based on whether the generated alphanumeric string matches an alphanumeric user identifier stored in a memory device in association with a user.
    Type: Grant
    Filed: November 5, 2015
    Date of Patent: December 19, 2017
    Assignee: AMERICAN EXPRESS TRAVEL RELATED SERVICES COMPANY, INC.
    Inventor: Samuel A. Bailey, Jr.
  • Patent number: 9842214
    Abstract: A technique for securing on-board bus transactions in a computing device is discussed. A shared key is generated and then programmed into the read-only non-volatile write-once storage of two on-board components. The shared key may be generated during the manufacturing process. Once complete, all transactions between the two on-board components are encrypted by the components using the shared key without exposing the key on any external bus.
    Type: Grant
    Filed: September 10, 2014
    Date of Patent: December 12, 2017
    Assignee: Insyde Software Corp.
    Inventor: Timothy Andrew Lewis
  • Patent number: 9838226
    Abstract: Methods and apparatus for the scrambling of control symbols. In one embodiment, the control symbols are associated with an HDMI interface, and the methods and apparatus are configured to scramble the symbols to as to mitigate the effects of electromagnetic interference (EMI) created by the transmission of otherwise unscrambled sequences of symbols which may contain significant “clock pattern” or other undesirable artifact.
    Type: Grant
    Filed: January 22, 2013
    Date of Patent: December 5, 2017
    Assignee: Apple Inc.
    Inventor: Colin Whitby-Strevens
  • Patent number: 9838423
    Abstract: Provided are methods and systems for mitigating a DoS attack. A method for mitigating a DoS attack may commence with receiving, from a client, a request to initiate a secure session between the client and a server. The method may continue with determining whether the client is on a whitelist. Based on a determination that client is absent from the whitelist, a pre-generated key may be sent to the client. The method may include determining validity of the established secure session. The determination may be performed based on further actions associated with the client. Based on the determination that the secure session is valid, a renegotiation of the secure session may be forced. The method may further include generating a new key using a method for securely exchanging cryptographic keys over a public channel. The new key is then sent to the client.
    Type: Grant
    Filed: January 27, 2017
    Date of Patent: December 5, 2017
    Assignee: A10 NETWORKS, INC.
    Inventors: Yang Yang, Ali Golshan
  • Patent number: 9836744
    Abstract: A method for transmitting data between a mobile communication device and a server. The method includes running a mobile application on the mobile communication device. The mobile application is hosted on the mobile communication device through the server as a Software as a Service (SaaS). The method further includes transmitting data associated with the mobile application between the mobile communication device and the server, in which transmission of the data between the mobile communication device and the server is monitored through the server.
    Type: Grant
    Filed: October 12, 2012
    Date of Patent: December 5, 2017
    Inventor: Michelle Fisher
  • Patent number: 9838367
    Abstract: According to an embodiment provided herein, there is provided a system that binds a trusted output session to a trusted input session. The system includes a processor to execute an enclave application in an architecturally protected memory. The system includes at least one logic unit forming a trusted entity to, responsive to a request to set up a trusted I/O session, generate a unique session identifier logically associated with the trusted I/O session and set a trusted I/O session indicator to a first state. The system includes at least one logic unit forming a cryptographic module to, responsive to the request to set up the trusted I/O session, receive an encrypted encryption key and the unique session identifier from the enclave application; verify the unique session identifier; and responsive a successful verification, decrypt and save the decrypted encryption key in an encryption key register.
    Type: Grant
    Filed: June 26, 2015
    Date of Patent: December 5, 2017
    Assignee: INTEL CORPORATION
    Inventors: Siddhartha Chhabra, Prashant Dewan, Reshma Lal, Ulhas S. Warrier
  • Patent number: 9838493
    Abstract: Methods, systems, and computer readable media for dynamically routing authentication requests are described. An embodiment can include receiving, at one or more computing devices, a network authentication request. An embodiment can also include creating, at the one or more computing devices, an authentication context based on information in the authentication request. An embodiment can also include dynamically routing, using the one or more computing devices, the authentication request to an authentication server.
    Type: Grant
    Filed: August 21, 2012
    Date of Patent: December 5, 2017
    Assignee: Extreme Networks, Inc.
    Inventors: Ranganath Prativadi Bhayankara, Shailesh Patel, Sunil Menon
  • Patent number: 9838387
    Abstract: A system and method are presented that provide authentication tokens to a local device from a remote server. The authentication token incorporates standard token content, and also includes additional token components that are needed by the local device. The additional token components incorporate user preferences information, initialization data, or other useable information needed by the local device. In contrast to standard processes, which must return a security token to the local device before any useful data can be exchanged, the disclosed embodiment inserts useable data into the returned token and eliminates the time required to obtain this data through a separate data request.
    Type: Grant
    Filed: April 28, 2015
    Date of Patent: December 5, 2017
    Assignee: Management Systems Resources Inc.
    Inventors: Nouman Zaheer, Paul J. Davies
  • Patent number: 9831918
    Abstract: A system (100) for establishing a secure wireless peer-to-peer (P2P) connection using near-field communication (NFC) comprising a first device (105), the first device (105) comprising near-field communication hardware (115) to communicate with a second device (110) and obtain a handover select record, in which the handover select record comprises data to establish a secure wireless peer-to-peer (P2P) connection with the second device (110), and in which a context of the first device (105) and second device (110) defines an action to be initiated on the second device (110).
    Type: Grant
    Filed: June 8, 2012
    Date of Patent: November 28, 2017
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Alan C. Berkema, David O. Hamilton, Phillip A. Mccoog, Randy Ingram, Xuesong Du
  • Patent number: 9832685
    Abstract: Apparatus and methods of handing over a wireless transmit/receive unit (WTRU) that belongs to a group of WTRUs from an originating base station to a target base station are described. A method includes the WTRU obtaining information regarding a group to which the WTRU has been assigned and the WTRU receiving at least one of handover reconfiguration information that is common to the group and handover reconfiguration information that is specific to the WTRU. On a condition that the WTRU receives the handover reconfiguration information that is specific to the WTRU, the WTRU initiates a synchronization procedure with the target base station based at least on the received handover reconfiguration information.
    Type: Grant
    Filed: March 23, 2015
    Date of Patent: November 28, 2017
    Assignee: INTERDIGITAL PATENT HOLDINGS, INC.
    Inventors: Nobuyuki Tamaki, Pouriya Sadeghi, Janet A. Stern-Berkowitz, Christopher R. Cave, Stephen E. Terry
  • Patent number: 9830449
    Abstract: Systems and methods are described for determining a location in an on-demand code execution environment to execute user-specified code. Virtual machines can be utilized to isolate different executions of code from one another. However, virtual machines require additional computing resources to implement, and may slow code executions. This disclosure enables multiple items of code, potentially associated with different users, to be executed on a single virtual machine instance or other device. Specifically, the present disclosure enables the generation of a risk profile for an item of code, which can be used to determine the security or privacy risk that would occur by executing the code on a device. By comparing the risk profiles of a given item of code to other items of code executing on a device, the on-demand code execution environment can selectively group code executions, thus increasing the efficiency of the system while maintaining security and privacy.
    Type: Grant
    Filed: December 16, 2015
    Date of Patent: November 28, 2017
    Assignee: Amazon Technologies, Inc.
    Inventor: Timothy Allen Wagner
  • Patent number: 9832182
    Abstract: The object of this invention is a method for securing an electronic document. In particular, this invention relates to a method that prevents the forging of documents in which an electronic chip is incorporated. To that end, the invention proposes a method in which the data on the document medium are associated with a fingerprint of the document, so as to make them inseparable. That fingerprint is determined on the basis of measurable physical units of the electronic chip or the medium. Thus, the invention allows the combination of the physical protection of the document and the protection of the chip so as to reinforce the security of said documents.
    Type: Grant
    Filed: December 13, 2012
    Date of Patent: November 28, 2017
    Assignee: GEMALTO SA
    Inventors: Bruno Rouchouze, Claude Barral, Michael Guerassimo
  • Patent number: 9832177
    Abstract: Certain embodiments provide means for managing automated access to computers, e.g., using SSH user keys and other kinds of trust relationships. Certain embodiments also provide for managing certificates, Kerberos credentials, and cryptographic keys. Certain embodiments provide for remediating legacy SSH key problems and for automating configuration of SSH keys, as well as for continuous monitoring.
    Type: Grant
    Filed: February 24, 2017
    Date of Patent: November 28, 2017
    Assignee: SSH Communication Security OYJ
    Inventor: Tatu J. Ylonen
  • Patent number: 9825996
    Abstract: Rights management services (RMS) integration with mobile device management (MDM) may be provided. A functionality associated with a document may be restricted according to a document management policy. After the document has been transmitted to a receiving device, a request to un-restrict the at least one functionality associated with the document may be received. If it is determined that the receiving device complies with the document management policy, the functionality associated with the document may be un-restricted.
    Type: Grant
    Filed: November 1, 2016
    Date of Patent: November 21, 2017
    Assignee: AirWatch LLC
    Inventors: Jonathan Blake Brannon, Christian Blake Sorensen
  • Patent number: 9819668
    Abstract: A method includes performing operations as follows on a processor: associating a single sign on module with a native application residing on a mobile device, detecting, using the single sign on module, user invocation of the native application, the native application to request access to a resource from a service provider server, determining, using the single sign on module, whether the mobile device has a token stored thereon that indicates the user has been previously authenticated with an identity provider server, sending, using the single sign on module, the token to the identity provider server when the token is determined to be stored on the mobile device, receiving, at the single sign on module, an identity assertion for the user from the identity provider server responsive to sending the token to the identity provider server, and providing, using the single sign on module, the identity assertion to the native application. The service provider server is independent of the identity provider server.
    Type: Grant
    Filed: October 22, 2014
    Date of Patent: November 14, 2017
    Assignee: CA, INC.
    Inventor: Vikas Krishna
  • Patent number: 9819672
    Abstract: Disclosed are techniques of sharing an access token. The techniques comprise generating a list that includes indications of users trusted to access a protected resource. The list indicates a first user and a second user. The technique also comprises inputting, by a first device associated with the first user, an authorization grant. The technique further comprises obtaining, by the first device using the authorization grant, an access token for the protected resource. The access token includes credentials for accessing the protected resource. The technique further comprises providing a copy of the access token to the second user by securely transmitting the copy of the access token to a second device associated with the second user. The copy of the access token enables the second device to access the protected resource.
    Type: Grant
    Filed: December 21, 2015
    Date of Patent: November 14, 2017
    Assignee: EMC IP Holding Company LLC
    Inventor: Salah E. Machani
  • Patent number: 9818315
    Abstract: Content is securely shared between communication devices in an ad-hoc manner by employing common sensing context to establish pairing between the communication devices. In one aspect, the communication devices are within a specified distance from each other and sense common signals from their environment over a specified time period. The common signals are analyzed to determine an initialization or session key, which is utilized to secure content transfer between the communication devices. Additionally or alternatively, the key is utilized to provide access to virtual (e.g., digital content) and/or physical (e.g., buildings) resources.
    Type: Grant
    Filed: June 4, 2013
    Date of Patent: November 14, 2017
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventors: Matti A. Hiltunen, Emiliano Miluzzo, Abhinav Srivastava
  • Patent number: 9813233
    Abstract: A private overlay is provided for information networking that puts the user in charge of the user's personal information. User identity is separated from a numeric tag that points to the cell in which the user equipment can be paged. The private overlay is created by addition of a registration and certification authority such as Public Key Infrastructure and Certification Authority (PKI). The registration and certification authority provides the network and all subscribers with public encryption keys for the network and the users. Private decryption key are generated and stored locally in a suitable manner. With this addition, a private overlay to the existing cellular, wireless or utility distribution infrastructure can be established for a device that has registered with, e.g., a cellular or wireless network or with a utility distribution system.
    Type: Grant
    Filed: April 12, 2011
    Date of Patent: November 7, 2017
    Assignee: Cornell University
    Inventor: Stephen B. Wicker
  • Patent number: 9811670
    Abstract: An information processing device including: a data processing unit that generates an encryption key of content; and a communication unit that transmits an encryption key generated by the data processing unit, wherein the data processing unit generates, as the encryption key, individual keys that are different for each new content recording processing on a recording medium in a content recording device, and transmits the individual keys through the communication unit.
    Type: Grant
    Filed: October 24, 2014
    Date of Patent: November 7, 2017
    Assignee: Sony Corporation
    Inventors: Hiroshi Kuno, Kenjiro Ueda, Munetake Ebihara, Takamichi Hayashi, Koji Yoshimura
  • Patent number: 9813440
    Abstract: A computer-implemented method includes receiving content and annotation information that describe a structure of the content, the annotation information having been previously generated by a sub-system that is separate from a content transformation sub-system and at a time before the content was requested to be served; interpreting the annotation information to generate transcoding rules that identify one or more portions of the received content to be transcoded in serving the content; applying the transcoding rules to the content to change the content in a manner that interferes with an ability of malware on a client device to interfere with operation of the content; and providing the transcoded content to a client device that requested the content.
    Type: Grant
    Filed: May 15, 2015
    Date of Patent: November 7, 2017
    Assignee: Shape Security, Inc.
    Inventors: Roger S. Hoover, Justin D. Call
  • Patent number: 9807623
    Abstract: Disclosed is method and apparatus for operation of a base station in wireless communications, including self-configuration of the base station for secure and authenticated communications with other base stations.
    Type: Grant
    Filed: July 31, 2015
    Date of Patent: October 31, 2017
    Assignee: SIGNAL TRUST FOR WIRELESS INNOVATION
    Inventors: Peter S. Wang, Ulises Olvera-Hernandez, James M. Miller, Louis J. Guccione
  • Patent number: 9807616
    Abstract: According to one embodiment, an electronic apparatus has a communication circuitry, a memory and a processor. The circuitry communicates with terminals by short-distance wireless communication in accordance with a wireless communication standard. The memory stores first security data of a first terminal and second security data of a second terminal. The processor receives a command to lock or unlock an electronic locking, waits for any security data to be received from the terminals for a period after a reception of the command, accepts the command if the first and second security data is received for the period, and rejects the command if at least one of the first and second data is not received for the period.
    Type: Grant
    Filed: September 2, 2016
    Date of Patent: October 31, 2017
    Assignee: Kabushiki Kaisha Toshiba
    Inventor: Akihito Okumura
  • Patent number: 9805175
    Abstract: A method, apparatus and system for software management are provided that relate to the technical field of communications, and that allow software installed on a Universal Plug and Play (UPnP) device by a service provider to be managed only by that service provider. The method comprises receiving a software installation command sent by a first control device, installing software according to the software installation command and storing a first authentication information required during management of the software; receiving a software management command sent by a second control device, and acquiring a second authentication information corresponding to the software management command, which command is used in managing the software; when the second authentication information is consistent with the first authentication information, executing the software management command.
    Type: Grant
    Filed: May 18, 2015
    Date of Patent: October 31, 2017
    Assignee: HUAWEI DEVICE CO., LTD.
    Inventors: Qinliang Zhang, Huangwei Wu, Yu Zhu, Ping Fang
  • Patent number: 9801048
    Abstract: The Internet is becoming an essential part of our lives. This trend is even stronger with the rise of cell phones having Internet access that almost the entire population carries with them at all times. Security is a huge problem on the Internet, however, and new authentication methods are needed specifically for cell phones. Presented here is a method of identifying a mobile electronic device by its configuration settings, potentially including contact list information. This invention, in particular, fills a crucial need to secure access to the Internet from mobile phones.
    Type: Grant
    Filed: March 20, 2017
    Date of Patent: October 24, 2017
    Assignee: Digital Proctor, Inc.
    Inventors: Andrew Jesse Mills, Shaun Sims
  • Patent number: 9800562
    Abstract: In a credential recovery process, a user is authenticated using an application running on a mobile communications device, and requests recovery of a credential. The application generates a session key encrypted with the public key of a gateway, and sends the encrypted key to the gateway. The gateway recovers the credential from a depository, encrypted using a symmetric key shared with the depository. The gateway decrypts the credential and re-encrypts the credential using the session key. Preferably, the decryption and re-encryption is performed within a hardware secure module within the gateway. The re-encrypted credential is sent to the application, which decrypts the credential and outputs it to the user. In this way, the credential is provided securely to the user and may be made available for use immediately, or nearly so.
    Type: Grant
    Filed: December 4, 2013
    Date of Patent: October 24, 2017
    Assignee: Barclays Bank PLC
    Inventors: Akhil Lalwani, George French
  • Patent number: 9794072
    Abstract: A wireless communications system comprises a sector controller that includes a wireless transmitter, and a mobile subscriber station that includes a wireless receiver, and a memory. The wireless transmitter continuously transmitting frames. Each frame comprising a control field and the control field comprising a portion of an encryption certificate associated with the sector controller. The wireless receiver receives each frame and extracts the portion of the encryption certificate and stores the portion of an encryption certificate in the memory. The mobile subscriber station combines the portions of the encryption certificate stored in the memory and verifies that a complete encryption certificate has been received. After this the mobile subscriber station transmits its encryption certificate to the sector controller. The encryption certificates are based on an elliptic curve digital signature algorithm.
    Type: Grant
    Filed: November 5, 2015
    Date of Patent: October 17, 2017
    Assignee: Redline Communications Inc.
    Inventors: Bojan Subasic, Weixiong Lin
  • Patent number: 9792623
    Abstract: Embodiments of the present invention provide an AD processing method and apparatus. The method includes: acquiring, by a terminal, system information and/or current access network information of the terminal; sending, by the terminal to a plugin server, an AD plugin request message that includes the system information and/or the current access network information of the terminal, so that the plugin server acquires, according to the system information and/or the current access network information, AD plugin information that matches the terminal; and receiving, by the terminal, the AD plugin information that is sent by the plugin server and matches the terminal, and choosing to download an AD plugin according to the AD plugin information. In the embodiments, it is implemented that traffic and time are saved for a user, and expenses may further be reduced for the user.
    Type: Grant
    Filed: December 29, 2014
    Date of Patent: October 17, 2017
    Assignee: Huawei Technologies Co., Ltd.
    Inventor: Minghui Wu
  • Patent number: 9787696
    Abstract: A system for preventing a brute force attack includes an output interface, an input interface, and a processor. An output interface is to provide a workfactor, a challenge token, and a login page to a client. An input interface is to receive a response token, a username, and a password. A processor is to determine whether the response token satisfies a condition based at least in part on the workfactor and determine whether the username and password are valid in the event that it is determined that the response token satisfies the condition based at least in part on the workfactor.
    Type: Grant
    Filed: May 19, 2015
    Date of Patent: October 10, 2017
    Assignee: Workday, Inc.
    Inventors: Brandon Sterne, Austin Munsch
  • Patent number: 9787658
    Abstract: A method performed by a login server with memory and one or more processors are described. The method includes receiving a login request from a computer system; determining whether an identity of the computer system matches a preset standard; and, in accordance with a determination that the identity of the computer system does not match the preset standard, denying the login request. The login server and its components, and a computer readable storage medium storing one or more programs for execution by one or more processors of the login server are also described.
    Type: Grant
    Filed: August 14, 2014
    Date of Patent: October 10, 2017
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventor: Yang Wang
  • Patent number: 9787721
    Abstract: A method for amending, by a rule engine, a network element in a telecommunications network containing network elements each described by at least one parameter. An authorization database contains information for who and what extent configuring operators have access to the network elements, and a rule repository containing parameter dependent rules describing which activity is carried out for the network elements, and parameter dependent security information describing whether and how configuring operators are supervised by a security administrator when amending and how the authorization database is amended for a network element. A request for amending the network element in the network is identified and its parameter is determined. A rule is determined in the rule repository for which the parameter corresponds to the parameter of the amended network element and the security information for the determined rule is determined. The authorization database is updated using the security information.
    Type: Grant
    Filed: December 21, 2012
    Date of Patent: October 10, 2017
    Assignee: TELEFONAKTIEBOLAGET L M EIRCSSON (PUBL)
    Inventors: Lászlo Zömbik, Géza János Huszár, Aleksandar Milenovic
  • Patent number: 9788229
    Abstract: Communication systems may benefit from a naming, traffic re-routing scheme based on application-layer traffic optimization services. A method may include sending a registration request to a first network element from at least two UE and receiving a registration response from the first network element to the at least two UE. The method may include sending an application registration to a second network element from the at least two UE and receiving an application list notification from the second network element to the at least two UE. The method may include exchanging an application-level message between the at least two UE. The method may include sending a request to anchor the at least two UE traffic to a third network element and receiving a unique identifier generated from the first network element to the at least two UE. The method may include exchanging application signaling and data between the at least two UE.
    Type: Grant
    Filed: April 9, 2013
    Date of Patent: October 10, 2017
    Assignee: NOKIA SOLUTIONS AND NETWORKS OY
    Inventor: Ram Lakshmi Narayanan
  • Patent number: 9785791
    Abstract: Provided are a method, system, and computer program product for a local authorization extension to provide access authorization for a module to access a computing system. A memory stores information on a first validity range comprising position coordinates for a module seeking to access the computing system and a second validity range comprising position coordinates for a location authorization extension for a computing system. A determination is made of a first position signal from a first receiver of the module and of a second position signal from a second receiver of the location authorization module. Determinations are made as to whether the first position signal is within the first validity range and whether the second position signal is within the second validity range. The module is granted access to the computing system in response to determining that the first position signal is within the first validity range and the second position signal is within the second validity range.
    Type: Grant
    Filed: February 25, 2016
    Date of Patent: October 10, 2017
    Assignee: International Business Machines Corporation
    Inventors: Jens-Peter Akelbein, Wolfgang Mueller-Friedt
  • Patent number: 9787657
    Abstract: Techniques for managing privileged accounts via a privileged access management service are provided. In some examples, the service may be configured with a plug-in framework for accessing secure resources. In some aspects, a log-in request that includes authentication information and corresponds to the service may be received. Session access to at least one secure resource may be provided when a user is authenticated. In some examples, a request to perform an action associated with the secure resource may be received during the session. Additionally, in some examples, the plug-in framework may be implemented to determine whether the user is allowed to perform the action. Further, performance of the action may be allowed or denied during the session based on the determination.
    Type: Grant
    Filed: March 20, 2014
    Date of Patent: October 10, 2017
    Assignee: Oracle International Corporation
    Inventors: Buddhika Kottahachchi, Himanshu Sharma, Ramaprakash Hosalli Sathyanarayan, Fannie Ho, Arun Theebaprakasam, Srikant Krishnapuram Tirumalai, Olaf Stullich