Particular Communication Authentication Technique Patents (Class 713/168)
-
Patent number: 11949793Abstract: Various embodiments are generally directed to providing authentication and confidentiality mechanisms for message communication over an in-vehicle network. For example, authentication data associated with a communicating node may be transmitted over the network by encoding different predefined voltage levels on top of the message bits of the message being communicated. Different voltage levels may represent different encodings, such as a bit-pair or any bit combination of the authentication data. In a further example, messaging confidentiality between at least two communicating nodes may be achieved by pseudo-randomly flipping, or scrambling, the dominant and recessive voltages of the entire message frame at the analog level based on a pseudo-random control bit sequence.Type: GrantFiled: July 19, 2022Date of Patent: April 2, 2024Assignee: Intel CorporationInventors: Marcio Juliato, Shabbir Ahmed, Christopher Gutierrez, Xiruo Liu, Manoj Sastry, Liuyang Yang
-
Patent number: 11949748Abstract: Aspects of the subject disclosure may include, for example, transmitting a first message to a server. The first message includes a request for a service and a first timeout associated with the service. The request causes generation of a blocking call associated with the service on the client computing device. Further embodiments can include receiving, prior to the first timeout expiring, a second message from the server indicating that the service is in-progress, and transmitting a third message to the server. The third message comprises one of a first instruction to continue with the service as the blocking call or a second instruction to convert the blocking call to a non-blocking call associated with the service. Other embodiments are disclosed.Type: GrantFiled: February 21, 2023Date of Patent: April 2, 2024Assignee: CIENA CORPORATIONInventor: David Miedema
-
Patent number: 11947687Abstract: A computer-implemented method for securely transferring a secret from a source computing component to a target computing component, wherein the source computing component and the target computing component are part of a secure computing environment is disclosed. The method comprises upon the source computing component receiving from the target computing component a signed attestation document, verifying, by the source computing component, an authenticity and content of the attestation document, and upon a successful verification of the authenticity and the content, transferring, by the source computing component the secret to the target computing system. Thereby, the attestation document is attesting that the target computing component is compliant to an update governance rule.Type: GrantFiled: September 27, 2021Date of Patent: April 2, 2024Assignee: International Business Machines CorporationInventors: Florian Fritz, Timo Kussmaul, Dennis Zeisberg, Angel Nunez Mencias, Dimitrij Pankratz, Stefan Liesche, Sebastian Hense
-
Patent number: 11943358Abstract: One or more embodiments described herein disclose methods and systems that are directed at providing enhanced privacy and security to distributed ledger-based networks (DLNs) via the implementation of zero-knowledge proofs (ZKPs) in the DLNs. ZKPs allow participants of DLNs to prove ownership of accounts on the DLNs without having to necessarily reveal private information such as the private key of the account publicly. As such, the disclosed methods and systems directed at the ZKP-enabled DLNs provide privacy to participants of the DLNs while still allowing the DLNs to remain as consensus-based networks.Type: GrantFiled: April 15, 2019Date of Patent: March 26, 2024Inventor: Matthew James Baker
-
Patent number: 11943206Abstract: A digital content distribution system uses a Digital Rights Management Controller that performs a set of arbitrary tests against the transfer request from one user to another such as user A to user B. Assuming these tests are successful, the DRM sends an encryption key to transferring user A. This encryption key E is taken from a table of encryption key/hash pairs which have been provided to the DRM Controller by an external authority such as the content rights holder. User A encrypts the content using they key provided by the DRM controller and then optionally calculates a hash over the encrypted form of the content E(X) and returns this value to the DRM Controller. On checking the returned hash against the hash from the table the DRM controller knows that user A does indeed have the digital content X in good condition. The DRM Controller then instructs both users A and B that the transfer may proceed. The encrypted form of the content E(X) is transferred from A to B.Type: GrantFiled: August 16, 2022Date of Patent: March 26, 2024Assignee: Nytell Software LLCInventors: David J. Marples, John R. Wullert, II
-
Patent number: 11941143Abstract: A secure cloud-based node-locking service with built-in attack detection to eliminate fuzzing, cloning and other attacks is disclosed. White-box base files are securely stored on the cloud service and are not vulnerable to accidental leakage. A secure cloud-based dynamic secret encoding service reduces the risk of exposure of unprotected secrets and other sensitive data.Type: GrantFiled: February 17, 2023Date of Patent: March 26, 2024Assignee: ARRIS Enterprises LLCInventors: Lex Aaron Anderson, Rafie Shamsaasef, Alexander Medvinsky
-
Patent number: 11934368Abstract: For categorizing encrypted data files, a processor determines a block cipher key length for a data file based on data file contents. The processor encrypts the data file with an encryption cipher using the block cipher key length. The processor further determines a data type for the encrypted data file from macroscopic artifacts of the encrypted data file.Type: GrantFiled: February 20, 2020Date of Patent: March 19, 2024Assignee: LENOVO (Singapore) PTE. LTD.Inventors: Robert J. Kapinos, Scott W. Li, Robert J. Norton, Russell Speight VanBlon
-
Patent number: 11935068Abstract: In some embodiments, a method includes in response to an integration tag included in a webpage at a first user interface being executed at a mobile device, receiving a mobile device identifier and a request to retrieve a purchase identifier. The method includes sending a first signal causing a frame to be provided within the webpage at the first user interface. The method includes in response to a first user input, receiving a Hyper Text Transfer Protocol (HTTP) POST request and determining a uniform resource identifier (URI). The method includes retrieving purchase information and sending a HTTP response message including the URI of the second user interface and the purchase information to deeplink to the second user interface and to cause the second user interface to be rendered at the mobile device with the purchase information pre-populated in an input field of a text message.Type: GrantFiled: August 15, 2022Date of Patent: March 19, 2024Assignee: Attentive Mobile Inc.Inventors: Brian Long, Brooke Burdge, Andrew Jones, Eric Miao, Ryan Tsang, Ethan Lo, Elyssa Albert
-
Patent number: 11935035Abstract: Embodiments may be generally directed to methods, techniques and devices to utilize a contactless card to perform a series of operations.Type: GrantFiled: April 20, 2021Date of Patent: March 19, 2024Assignee: Capital One Services, LLCInventors: Jeffrey Rule, Kaitlin Newman, Colin Hart, Kevin Osborn
-
Patent number: 11936637Abstract: Technologies for providing secure utilization of tenant keys include a compute device. The compute device includes circuitry configured to obtain a tenant key. The circuitry is also configured to receive encrypted data associated with a tenant. The encrypted data defines an encrypted image that is executable by the compute device to perform a workload on behalf of the tenant in a virtualized environment. Further, the circuitry is configured to utilize the tenant key to decrypt the encrypted data and execute the workload without exposing the tenant key to a memory that is accessible to another workload associated with another tenant.Type: GrantFiled: October 19, 2022Date of Patent: March 19, 2024Assignee: Intel CorporationInventors: Kapil Sood, Seosamh O'Riordain, Ned M. Smith, Tarun Viswanathan
-
Patent number: 11935052Abstract: A computer-implemented method for seamlessly processing transactions using distributed ledger technology. The method may comprise: linking one or more conventional accounts hosted in a conventional banking infrastructure to one or more DLT-based client accounts hosted on a distributed ledger, wherein the DLT application comprises a routing address configured to be used in conventional transaction infrastructure using conventional communication protocols; storing one or more wallet identifications for the one or more DLT-based client accounts and a mapping of the one or more wallet identifications to the one or more conventional accounts hosted in the conventional banking infrastructure; exchanging a sequence of messages to execute an asset transfer and complete a transaction lifecycle, the sequence of messages based on the first asset type; updating the distributed ledger based on the asset transfer; and sending appropriate messages to clients.Type: GrantFiled: October 11, 2021Date of Patent: March 19, 2024Assignee: CITIBANK, N.A.Inventors: Aseem Agrawal, Chirdeep Singh Chhabra, Karim Abdelkader Chabane
-
Patent number: 11937079Abstract: A communication terminal capable of preventing a reduction in security level that is caused at the time of establishing multiple connections via 3GPP Access and Non-3GPP Access. A communication terminal according to the present disclosure includes: a communication unit configured to communicate with gateway devices disposed in a preceding stage of a core network device via an Untrusted Non-3GPP Access; and a key derivation unit configured to derive a second security key used for security processing of a message transmitted using a defined protocol with the gateway device, from a first security key used for security processing of a message transmitted using a defined protocol with the core network device.Type: GrantFiled: September 27, 2018Date of Patent: March 19, 2024Assignee: NEC CORPORATIONInventors: Hironori Ito, Sivakamy Lakshminarayanan, Anand Raghawa Prasad, Sivabalan Arumugam, Sheeba Backia Mary Baskaran
-
Patent number: 11930364Abstract: A method, apparatus, and system are provided for verifying a location of data stored on at least one storage device within at least one cell area served by at least one network node of a wireless communication network. In one embodiment, a location assurance gateway is provided with a communication interface and processing circuitry, the processing circuitry configured to cause the communication interface to communicate with the at least one network node of the wireless communication network for location information associated with the at least one cell area, the location information associated with the at least one cell area being used to verify a location of the data stored on the at least one storage device.Type: GrantFiled: February 5, 2018Date of Patent: March 12, 2024Assignee: Telefonaktiebolaget LM Ericsson (Publ)Inventor: Bate Jellema
-
Patent number: 11930104Abstract: In a method of generating a secret key according to an embodiment, a share of each of a user and a plurality of other users for a secret key of the user are generated, the share of each of the plurality of other users is provided to a user terminal of each of the plurality of other users, a share of the user for a secret key of each of the plurality of other users is received from the user terminal of each of the plurality of other users, and a new secret key of the user is generated using the share of the user for the secret key of the user and the shares of the user for the secret key of each of the plurality of other users.Type: GrantFiled: March 23, 2023Date of Patent: March 12, 2024Assignees: SAMSUNG SDS CO., LTD., SEOUL NATIONAL UNIVERSITY R&DB FOUNDATIONInventors: Eunkyung Kim, Hyo Jin Yoon, Jung Hee Cheon, Jinhyuck Jeong
-
Patent number: 11928680Abstract: Certain exemplary embodiments relate to techniques for processing PIN-inclusive transactions in connection with an electronic device or terminal, e.g., where PIN code encryption keys are not necessarily stored on the electronic device or terminal, and/or where payment instrument data is maintained in a separate system from PIN code data at least until certain elements are combined in a highly secure system for submission to an electronic funds transfer network. One or more separate or physically separated systems may be used in this regard, e.g., taking advantage of more prevalent computer networks such as the Internet. Similarly, the ability to provide less expensive terminals or electronic devices at a point-of-sale, point-of-purchase, etc., may be advantageous. The interchange rate is not necessarily driven up in certain example instances.Type: GrantFiled: July 18, 2022Date of Patent: March 12, 2024Assignee: TOUCHTUNES MUSIC COMPANY, LLCInventor: Robert R. Dykes
-
Patent number: 11930105Abstract: Systems, apparatuses, methods, and computer program products are disclosed for securing communications between devices. An example method includes obtaining a quantum random number (QRN) from a remote QRN source using a secure communication channel between the initiating device and the remote QRN source. The QRN may be a true random number. The example method may also include using the QRN to participate in computer implemented services with the participating device that received the QRN from the remote QRN source.Type: GrantFiled: October 21, 2021Date of Patent: March 12, 2024Assignee: Wells Fargo Bank, N.A.Inventors: Jeff J. Stapleton, Peter Bordow
-
Patent number: 11928217Abstract: An apparatus comprising: a unit configured to verify whether a first region that specifies a verification range of a first boot code and a second region that specifies a verification range of a second boot code have been altered; a unit configured to, when the first region has not been altered, verify whether the first boot code has been altered; a unit configured to, when the first boot code has been altered and the second region has not been altered, verify whether the second boot code has been altered; and a unit configured to, when the second boot code has not been altered, restore the first boot code using the second boot code, wherein the first and second regions are regions that are not rewritten after a start of the apparatus.Type: GrantFiled: November 17, 2021Date of Patent: March 12, 2024Assignee: Canon Kabushiki KaishaInventors: Takami Eguchi, Nobuhiro Tagashira, Ayuta Kawazu
-
Patent number: 11928157Abstract: A constraint system enforces projection constraints on data values stored in specified columns of a shared dataset when queries are received by a database system. A projection constraint identifies that the data in a column may be restricted from being projected (e.g., presented, read, outputted) in an output to a received query, while allowing specified operations to be performed on the data and a corresponding output to be provided. For example, the projection constraint may indicate a context for a query that triggers the constraint, such as based on the user that submitted the query. Enforcing projection constraints on queries received at the database system allows for data to be shared and used anonymously by entities to perform various operations without the need to tokenize the data.Type: GrantFiled: September 23, 2022Date of Patent: March 12, 2024Assignee: Snowflake Inc.Inventors: Khalid Zaman Bijon, Thierry Cruanes, Simon Holm Jensen, Allison Waingold Lee, Daniel N. Meredith, Subramanian Muralidhar, David Schultz, Zixi Zhang
-
Patent number: 11929977Abstract: A communication system includes a user plane function (UPF) configured to receive a domain name system (DNS) query from a user equipment (UE). The DNS query includes a first destination address of a first DNS server. The DNS query is for determining an address of a data server in proximity to the UE. According to the first destination address of the first DNS server, the UPF obtains, from a session management function (SMF), a second destination address of a second DNS server for providing the address of the data server. The SMF is configured to provide, to the UPF, the second destination address of a second DNS server.Type: GrantFiled: December 31, 2021Date of Patent: March 12, 2024Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventor: Ngoc Dung Dao
-
Patent number: 11928188Abstract: A machine has a network interface circuit to provide connectivity to networked machines. A processor is connected to the network interface circuit. A memory is connected to the processor and the network interface circuit. The memory stores instructions executed by the processor to record the purchase of a digital asset by a user at a client machine from a data source machine in network communication with the client machine. The location of the digital asset on one or more machines of the networked machines is archived. The location is separate from the data source machine. The digital asset is associated with a data access policy. A request for the digital asset is received. The data access policy is enforced through programmatic control utilized by one or more of the networked machines to form a consent state. Distribution of the digital asset to a networked machine is authorized in response to the consent state.Type: GrantFiled: November 19, 2021Date of Patent: March 12, 2024Assignee: Anonyome Labs, Inc.Inventors: Steven Harvey McCown, Paul Ashley, Neil Readshaw, John David Mumford, Tim Bartley
-
Patent number: 11930069Abstract: Techniques for determining whether HTTP/2 or HTTP/3 is a preferred protocol for communication between a client device and a server over a network are described. A change associated with a network interface of a client device is detected. Based at least in part on detecting the change, a determination is made to identify a preferred communication protocol for a network over which the client device communicates using the network interface. A HTTP/2 probe is transmitted over the network and to a server. A HTTP/3 probe is transmitted over the network and to the server. In response to not receiving a HTTP/3 probe response, the preferred communication protocol is determined to be HTTP/2. In response to receiving the HTTP/2 probe response and the HTTP/3 probe response, the preferred communication protocol is determined to be HTTP/3. The client device communicates with the server over the network using the preferred communication protocol.Type: GrantFiled: February 28, 2023Date of Patent: March 12, 2024Assignee: Cisco Technology, Inc.Inventor: Vincent E. Parla
-
Patent number: 11928748Abstract: An apparatus and method for scannable non-fungible token generation, the apparatus including at least a processor and a memory communicatively connected to the processor. The memory containing instructions configuring the processor to receive a creative work datum, determine a creative work class as a function of the creative work datum, generate a creative work token as a function of the creative work datum, and store the creative work token in an immutable sequential listing, where storing the creative work token includes generating a smart contract associated with the creative work datum, the smart contract also including the creative work class. The processor further configured to generate a machine-readable code as a function of the creative work token and the creative work class and transmit the machine-readable code to an output device.Type: GrantFiled: September 28, 2022Date of Patent: March 12, 2024Assignee: BLOCKCHAIN LIFE, LLCInventor: Kary Oberbrunner
-
Patent number: 11924636Abstract: Aspects of the present disclosure involve systems, methods, devices, and the like for user authentication. In one embodiment, the user authentication occurs using a multi-provider platform. The multi-provider platform enables the use and retrieval of user information from the given provider for the use and assessment of information associated with the user. User information may also be received over a web link communicated at least in part by a risk checkpoint component to a user device, wherein the user information received and that retrieved may be jointly used for determining user authentication.Type: GrantFiled: February 6, 2023Date of Patent: March 5, 2024Assignee: PAYPAL, INC.Inventor: Rahul Nair
-
Patent number: 11921477Abstract: Embodiments provided herein relate to enforcing a device restriction policy. A device restriction policy may be stored that maps one or more portions of a household with particular household occupants of a plurality of household occupants. A request may be received to activate the device restriction policy on a household occupant. The device restriction policy may be activated against the household occupant based on the received request. One or more electronic devices may be disabled that are located in a portion of the household linked with the household occupant based on the received request and the device restriction policy.Type: GrantFiled: December 17, 2021Date of Patent: March 5, 2024Assignee: Google LLCInventors: Anthony M. Fadell, Yoky Matsuoka, David Sloo, Maxime Veron
-
Patent number: 11924330Abstract: Various aspects of the subject technology relate to systems, methods, and machine-readable media for providing an encryption key exchange. Various aspects may include identifying a database of cryptographic keys configured for encryption. Aspects may also include sending a request for a private key for decryption of content. Aspects may also include receiving the private key from a client. Aspects may also include determining a visibility parameter for content posts of the content based on the private key and database. Aspect may include providing the content posts to the client at a visibility according to the visibility parameter.Type: GrantFiled: April 14, 2022Date of Patent: March 5, 2024Assignee: Meta Platforms Technologies, LLCInventor: Andrew Garrod Bosworth
-
Patent number: 11924358Abstract: This application provides a method for issuing a digital certificate performed by a digital certificate issuing center that includes a public-private key generation module and an authentication module. The method includes: receiving a public-private key request from a node in a blockchain network; generating a public key and a private key of the node by using the public-private key generation module, and transmitting the public and private keys to the node; receiving the public key of the node and registration information of the node, and authenticating the registration information by using the authentication module; and generating, in accordance with a determination that the authentication succeeds, a digital certificate of the node by using the authentication module, and transmitting the digital certificate to the node. The embodiments of this application can improve the probative value of an issued digital certificate, thereby improving the security of data exchange in a blockchain network.Type: GrantFiled: February 9, 2021Date of Patent: March 5, 2024Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITEDInventors: Jun Zang, Jianjun Zhang, Luohai Zheng, Junjie Shi, Hujia Chen, Zichao Tang, Yige Cai, Qing Qin, Chuanbing Dai, Hu Lan, Jinlong Chen
-
Patent number: 11924236Abstract: In a general aspect, risks associated with cryptography usage in network communication between computing nodes are identified. In some aspects, a network packet capture agent obtains cryptography usage data by examining network traffic communicated by computing nodes in the computing environment. A cryptography usage analysis agent identifies cryptography usage risks based on the cryptography usage data. A cryptographic risk identification agent identifies one or more applications associated with the cryptography usage risks.Type: GrantFiled: September 5, 2023Date of Patent: March 5, 2024Assignee: ISARA CorporationInventors: Justin Mathews, Rob Williams, Atsushi Yamada
-
Patent number: 11924631Abstract: A Bluetooth communication system includes: a Bluetooth host device; and a Bluetooth device set which including a first member device and a second member device. The Bluetooth host device controls a display device to display a candidate device list, and to display a single device item in the candidate device list to represent the Bluetooth device set, but does not simultaneously display two device items in the candidate device list to represent the first member device and the second member device. The Bluetooth host device generates a first cypher key according to an instruction from the first member device and a device information of the first member device after receiving a selection command. The first member device establishes a connection with the Bluetooth host device, and generates a second cypher key corresponding to the first cypher key according to a device information of the Bluetooth host device.Type: GrantFiled: January 10, 2022Date of Patent: March 5, 2024Assignee: Realtek Semiconductor Corp.Inventors: Yu Hsuan Liu, Yung Chieh Lin, Po Sheng Chiu
-
Patent number: 11922404Abstract: Payment methods and systems for processing a payment using a Central Bank Digital Currency (CBDC) without a double payment in an offline situation (e.g., in a situation in which a terminal of a user is unable to be connected) to a server through a network may be provided.Type: GrantFiled: August 24, 2021Date of Patent: March 5, 2024Assignee: LINE PLUS CORPORATIONInventors: Hongsup So, Inseon Ryu, Hwang Wook Kim, Cheol Ung Lee
-
Patent number: 11923887Abstract: Systems, devices, and techniques for allowing communication between two or more computing devices are described herein. For example, a method includes receiving, by a first computing device configured to operate in accordance with a first wireless protocol, one or more data packets via one or more signals output by a second computing device according to a second wireless protocol, where the first computing device is not configured to operate in accordance with the second wireless protocol. Additionally, or alternatively, a method includes receiving, by a first computing device configured to operate in accordance with a first wireless protocol, at least one signal including a data packet, wherein a payload of the data packet comprises an indication of a symbol defined in accordance with a second wireless protocol.Type: GrantFiled: October 25, 2019Date of Patent: March 5, 2024Assignee: Regents of the University of MinnesotaInventors: Tian He, Wenchao Jiang, Ruofeng Liu
-
Patent number: 11924043Abstract: Systems, methods, and computer-readable media for assessing reliability and trustworthiness of devices operating within a network. A recipient node in a network environment can receive a neighbor discovery (ND) message from an originating node in the network environment that are both implementing a neighbor discovery protocol. Trustworthiness of the originating node can be verified by identifying a level of trust of the originating node based on attestation information for the originating node included in the ND message received at the recipient node. Connectivity with the recipient node through the network environment can be managed based on the level of trust of the originating node identified from the attestation information included in the ND message.Type: GrantFiled: November 2, 2021Date of Patent: March 5, 2024Assignee: Cisco Technology, Inc.Inventors: Sujal Sheth, Shwetha Subray Bhandari, Eric Voit, William F. Sulzen, Frank Brockners
-
Patent number: 11917406Abstract: A communication apparatus accepts an input of a passphrase by a user operation, sets an authentication scheme based on a passphrase length of the passphrase, and performs wireless connection with a partner apparatus using the set authentication scheme, wherein (i) in a case where the passphrase length is within a predetermined range, an authentication scheme of any of WPA (Wi-Fi Protected Access), WPA2, and WPA3, or a combination of at least two of WPA, WPA2, or WPA3, is set, and (ii) otherwise, an authentication scheme of WPA3 is set.Type: GrantFiled: May 7, 2021Date of Patent: February 27, 2024Assignee: Canon Kabushiki KaishaInventor: Yuki Fujimori
-
Patent number: 11917063Abstract: Some embodiments are directed to a second cryptographic device (20) and a first cryptographic device (10). The first and second cryptographic devices may be configured to transfer a key seed. The key seed may be protected using a public key from one party and a private key from the other party. For example, a public key may be obtained from a private key through a noisy multiplication. At least one of the first and second cryptographic device may validate an obtained public key, e.g., to avoid leakage of the key seed or of a private key.Type: GrantFiled: December 24, 2020Date of Patent: February 27, 2024Assignee: Koninklijke Philips N.V.Inventors: Oscar Garcia Morchon, Paulus Mathias Hubertus Mechtildis Antonius Gorissen, Ludovicus Marinus Gerardus Maria Tolhuizen
-
Patent number: 11917048Abstract: A method which is obtained specifically by output oriented coding, making possible the maximum selection of encryption parameters used for encryption by systems using OpenSSL, however without compromising the integrity of the encryption by autogenerating some Attributes thereby making possible row wise encryption in a database and encoding (if encoding is required) on the database side. The method has to satisfy the conditions/restrictions mentioned herein [0054]. This Invention is related to today's information technology and communicating methodology where encryptions and encodings are being used. The present invention can be described as software that enables a method of encryption acting as an Enhanced security feature or a technique which will enable users to manually or automatically select encryption parameters thereby encrypting and securing data.Type: GrantFiled: October 25, 2018Date of Patent: February 27, 2024Inventor: Venkata Raghu Veera Mallidi
-
Patent number: 11914756Abstract: Systems, apparatuses, and methods related to a computer system having a processor and a main memory storing scrambled data are described. The processor may have a cache, a register, an execution unit, and an unscrambler. The processor can load the scrambled data into the cache; and the unscrambler may convert the scrambled data into unscrambled data just in time for the register or the execution unit during instruction execution. The unscrambled data can be an instruction, an address, or an operand of an instruction. Unscrambling can be performed just before loading the data item in a scrambled form from the cache into the register in an unscrambled form, or after the data item leaves the register in the scrambled form as input to the execution unit in the unscrambled form. The unscrambled data and the scrambled data may have the same set of bits arranged in different orders.Type: GrantFiled: July 22, 2021Date of Patent: February 27, 2024Assignee: Micron Technology, Inc.Inventor: Steven Jeffrey Wallach
-
Patent number: 11916957Abstract: A technique to stop lateral movement of ransomware between endpoints in a VLAN is disclosed. A security appliance is set as the default gateway for intra-LAN communication by overwriting the DHCP responses. Message traffic from compromised endpoints is detected. Attributes of ransomware may be detected in the message traffic, as well as attempts to circumvent the security appliance. Compromised devices may be quarantined. Additionally, the DHCP address assignment may be policed to ensure accuracy and correctness to provide an additional layer of security.Type: GrantFiled: December 9, 2022Date of Patent: February 27, 2024Assignee: AIRGAP NETWORKS INC.Inventors: Raymond Wing Chon Cheh, Chia Chi Cheng, Satish M. Mohan, Ritesh R. Agrawal, Vinay Adavi
-
Patent number: 11914683Abstract: Embodiments of systems and computer implemented methods are provided to transfer software licenses and entitlements associated with a user account from a first information handling system (IHS) to a second IHS. A computer implemented method in accordance with the present disclosure may generally include executing an entitlement management service to reassign the software licenses and entitlements associated with the user account to the second IHS, executing at least one local validation service on the second IHS to validate the second IHS and the user's workspace, and if the second IHS and the user's workspace is successfully validated by the at least one local validation service, executing one or more cloud-based orchestration services to verify the user account, determine which software licenses and entitlements are associated with the user account, and acquire and validate the software licenses and entitlements before transferring the software licenses and entitlements to the second IHS.Type: GrantFiled: August 4, 2021Date of Patent: February 27, 2024Assignee: Dell Products L.P.Inventors: Anantha K. Boyapalle, Charles D. Robison, Vaibhav Soni
-
Patent number: 11916905Abstract: A native application on a client computing device enables secure user authentication via an identity provider (IdP) for accessing services of a web service provider. The native application forwards a redirect request generated by a main gateway of the service provider and including an IdP uniform resource locator (URL) to a system browser of the client computing device. The redirect request directs the system browser to a broker gateway of the service provider that registers an authentication response handler and redirects the system browser to the IdP URL to enable a user of the native client computing device to authenticate. After the broker gateway receives an IdP authentication response from the IdP following authentication by the user, the broker gateway provides the IdP authentication response to the native application for providing back to the main gateway. The main gateway finally processes the authentication response to complete the authentication request.Type: GrantFiled: December 24, 2022Date of Patent: February 27, 2024Assignee: INDUCTIVE AUTOMATION, LLCInventors: Joel Specht, Matthew Rojas
-
Patent number: 11917073Abstract: A message authentication code, for a message transmitted and received over a communications network, is formed by applying inputs to an integrity algorithm acting on the message. The inputs comprise: an integrity key; a value indicating a transfer direction; and a frame-dependent integrity input, wherein the frame-dependent integrity input is a frame-dependent modulo count value that also depends on a random value and on a frame-specific sequence number.Type: GrantFiled: March 29, 2022Date of Patent: February 27, 2024Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Vesa Torvinen, Noamen Ben Henda, Qian Chen, Vesa Lehtovirta, Mats Näslund, Karl Norrman, Gang Ren, Mikael Wass, Monica Wifvesson
-
Patent number: 11916744Abstract: A technique for replacing a source Virtualized Network Function Manager, VNFM, managing a source Virtualized Network Function, VNF, in a VNF based environment by a target VNFM is disclosed. A method implementation of the technique comprises the steps of triggering (S302) instantiating a target VNF, the target VNF being managed by the target VNFM and being executed in parallel to the source VNF, triggering (S304) redirecting traffic from the source VNF to the target VNF in accordance with a traffic redirection schedule, triggering (S306) terminating the source VNF when redirecting traffic from the source VNF to the target VNF is complete, and triggering (S308) terminating the source VNFM.Type: GrantFiled: November 25, 2020Date of Patent: February 27, 2024Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventor: Maria Toeroe
-
Patent number: 11916893Abstract: A module with an embedded universal integrated circuit card (eUICC) can include a profile for the eUICC. The profile can include a first and second shared secret key K for authenticating with a wireless network. The first shared secret key K can be encrypted with a first key, and the second shared secret key K can be encrypted with a second key. The module can (i) receive the first key, (ii) decrypt the first shared secret key K with the first key, and (iii) subsequently authenticate with the wireless network using the plaintext first shared secret key K. The wireless network can authenticate the user of the module using a second factor. The module can then (i) receive the second key, (ii) decrypt the second shared secret key K, and (iii) authenticate with the wireless network using the second shared secret key K. The module can comprise a mobile phone.Type: GrantFiled: December 10, 2021Date of Patent: February 27, 2024Assignee: Network-1 Technologies, Inc.Inventor: John A. Nix
-
Patent number: 11916884Abstract: The present disclosure discloses a vehicle and a vehicle security control method and system based on an open platform. The open platform includes a software development kit in which a control protocol is encapsulated, the software development kit provides an API function interface, and the method includes: receiving a call request from a third-party device for a target API function interface of the open platform; converting the call request by using the software development kit to generate a control signal that meets a requirement of the control protocol and that is used for controlling a first vehicle component in a vehicle; and transmitting the control signal to a security gateway through a first bus, to enable the security gateway to perform protocol conversion on the control signal, and transmitting the control signal to an in-vehicle network to control the first vehicle component in the vehicle.Type: GrantFiled: April 18, 2019Date of Patent: February 27, 2024Assignee: BYD COMPANY LIMITEDInventors: Chaolin Hu, Hong Yao, Lihua Wu
-
Patent number: 11910194Abstract: A method of authenticating a secondary communication device based on authentication of a primary mobile communication device is disclosed. Trust is established with the primary mobile communication device by a device authentication server (DAS). The DAS receives an authorization code request from a secondary application operating on the secondary communication device, and transmits an authorization code to the secondary communication device. The DAS receives the authorization code from a primary application operating on the primary mobile communication device. The DAS authorizes the secondary application based on the trust with the primary mobile communication device and the authorization code from the primary application. The DAS transmits a secondary token to the secondary application at the secondary communication device to allow initialization of a communication session from the secondary application on behalf of the primary mobile communication device.Type: GrantFiled: December 21, 2022Date of Patent: February 20, 2024Assignee: T-Mobile Innovations LLCInventors: Ricky A. Hohler, Robin D. Katzer, Deepthi Kota, Brian D. Mauer
-
Patent number: 11909727Abstract: An Internet-connected device, such as a car, refrigerator, or even a laptop can use a second device, such as a cell phone, to support cryptographic operations and communication with token service providers or other processing services requiring pre-provisioned capabilities that may include cryptographic secrets. By removing the need to store personally sensitive data in “Internet of Things” (IoT) devices, a user's personal information and other sensitive financial information may be contained to a relatively small number of devices. This may help prevent theft of goods or services by IoT devices that are not always under the close control of the user.Type: GrantFiled: August 31, 2022Date of Patent: February 20, 2024Assignee: Visa International Service AssociationInventors: Hari Krishna Annam, Mohit Gupta, Soumendra Bhattacharya
-
Patent number: 11907939Abstract: The present disclosure involves a method for grouping non-fungible digital tokens. The method includes generating a first transaction on a blockchain having an output of a fungible digital token, with the fungible digital token having a first transaction hash identifier. The method further includes assigning the first transaction hash identifier associated with the fungible digital token with a cryptographic public key, and generating a second transaction on the blockchain having an output of a non-fungible digital token and an input. The fungible digital token is spent as the input into the second transaction, with the non-fungible digital token comprising a second transaction hash identifier and a group identifier associated with the first transaction hash identifier.Type: GrantFiled: August 6, 2021Date of Patent: February 20, 2024Inventor: James Cramer
-
Patent number: 11909872Abstract: Systems and methods are provided for quantum-resistant secure key distribution between a peer and an EAP authenticator by using an authentication server. The systems and methods include receiving requests for a COMMON-SEED and a quantum-safe public key from a peer and an EAP authenticator. The COMMON-SEED is encrypted using the quantum-safe public key of the peer and the quantum-safe public key of the EAP authenticator, and the encrypted COMMON-SEED is sent to the peer along with a request for a PPK_ID from the peer to complete authentication of the peer. The PPK_ID is received from the peer, and the encrypted COMMON-SEED and PPK_ID is sent to the EAP authenticator. A quantum-resistant secure channel is established between the peer and the EAP authenticator when the peer and the EAP authenticator share the same COMMON-SEED and the same PPK-ID.Type: GrantFiled: November 10, 2022Date of Patent: February 20, 2024Assignee: Cisco Technology, Inc.Inventors: Amjad Inamdar, Lionel Florit, Eric Voit, Sujal Sheth, Chennakesava Reddy Gaddam
-
Patent number: 11909889Abstract: A public-private key cryptographic scheme is described for granting authenticating a client to a remote device or service in order to access a secure resource. The client is provided the public key, but the private key is stored in a hardware security module (HSM) that the client is not able to access. The client requests a digital signature be generated from the private key from a secure vault service. The secure vault service accesses the HSM and generates the digital certificate, which is then passed to the client. The digital certificate may be added to a security token request submitted to an identity provider. The identity provider determines whether the digital signature came from the private key.Type: GrantFiled: May 9, 2022Date of Patent: February 20, 2024Assignee: Microsoft Technology Licensing, LLCInventors: Mayukh Ray, Tolga Acar, Timothy Michael Peters
-
Patent number: 11900948Abstract: Features are disclosed for automatically identifying a speaker. Artifacts of automatic speech recognition (“ASR”) and/or other automatically determined information may be processed against individual user profiles or models. Scores may be determined reflecting the likelihood that individual users made an utterance. The scores can be based on, e.g., individual components of Gaussian mixture models (“GMMs”) that score best for frames of audio data of an utterance. A user associated with the highest likelihood score for a particular utterance can be identified as the speaker of the utterance. Information regarding the identified user can be provided to components of a spoken language processing system, separate applications, etc.Type: GrantFiled: January 7, 2022Date of Patent: February 13, 2024Assignee: Amazon Technologies, Inc.Inventors: Hugh Evan Secker-Walker, Baiyang Liu, Frederick Victor Weber
-
Patent number: 11902444Abstract: Systems, computer program products, and methods are described herein for virtualization of non-fungible tokens. The present invention is configured to receive, via a first user input device, a resource transfer request using a virtual token from a first user, wherein the virtual token is electronically linked to an NFT of a resource transfer instrument; retrieve the NFT associated with the resource transfer instrument in response to receiving the resource transfer request; retrieve an NFT credential descriptor for the resource transfer request from a first metadata layer of the NFT associated with the resource transfer instrument; receive an authentication credential from the first user; determine whether the authentication credential matches an NFT credential descriptor that is electronically linked to the NFT associated with the resource transfer instrument; and authorize the resource transfer request based on at least determining that the authentication credential matches an NFT credential descriptor.Type: GrantFiled: October 18, 2021Date of Patent: February 13, 2024Assignee: BANK OF AMERICA CORPORATIONInventors: Manu Jacob Kurian, David Smiddy, Harold Joseph Kennedy
-
Patent number: 11902268Abstract: Disclosed are various examples for enrollment of gateways using a client device. In one example, a request is transmitted from a client device to a management service. The request comprises the gateway identifier. Gateway credentials are relayed through the client device from the management service to the gateway device. The gateway credentials are unexposed to users of the client device.Type: GrantFiled: June 25, 2020Date of Patent: February 13, 2024Assignee: VMware, Inc.Inventors: Meenakshi Vohra, Glen McCready, Greg Bollella