Mutual Entity Authentication Patents (Class 713/169)
  • Patent number: 11991286
    Abstract: An exemplary method includes an access management system receiving a signed message that is associated with a non-fungible digital asset and that includes a non-fungible digital asset identifier and a nonce. The non-fungible digital asset may be configured to provide access to an access-restricted resource. Based on the non-fungible digital asset identifier included in the signed message, the access management system may access a distributed record that is configured to store ownership information associated with the non-fungible digital asset. Based on the signed message and the ownership information stored in the distributed record, the access management system may verify that a user of the non-fungible digital asset is authorized to access the access-restricted resource.
    Type: Grant
    Filed: August 18, 2021
    Date of Patent: May 21, 2024
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Dante J. Pacella, Nazneen Khan, Rea Setya
  • Patent number: 11968233
    Abstract: A trust rule between a first service and a second service in a plurality of services deployed in a distributed system is received; the trust rule defines whether the first service is allowed to access the second service. A trust tree is obtained for the distributed system, and the trust tree comprises a plurality of certificates for accessing the plurality of services. A first group of certificates is selected for the first service based on the trust rule and the trust tree, and the first group of certificates enables the first service to access the second service.
    Type: Grant
    Filed: May 28, 2021
    Date of Patent: April 23, 2024
    Assignee: International Business Machines Corporation
    Inventors: Peng Hui Jiang, Hui Zhao, Li Wen, Guang Yi Xu
  • Patent number: 11956273
    Abstract: Systems, methods, and computer-readable media for discovering trustworthy devices through attestation and authenticating devices through mutual attestation. A relying node in a network environment can receive attestation information from an attester node in the network environment as part of a unidirectional push of information from the attester node according to a unidirectional link layer communication scheme. A trustworthiness of the attester node can be verified by identifying a level of trust of the attester node from the attestation information. Further, network service access of the attester node through the relying node in the network environment can be controlled based on the level of trust of the attester node identified from the attestation information.
    Type: Grant
    Filed: August 8, 2022
    Date of Patent: April 9, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Sujal Sheth, Shwetha Subray Bhandari, Eric Voit, William F. Sulzen, Frank Brockners
  • Patent number: 11935151
    Abstract: Examples described herein relate to a graphics processing system that includes one or more integrated graphics systems and one or more discrete graphics systems. In some examples, an operating system (OS) or other software supports switching between image display data being provided from either an integrated graphics system or a discrete graphics system by configuring a multiplexer at runtime to output image data to a display. In some examples, a multiplexer is not used and interface supported messages are used to transfer image data from an integrated graphics system to a discrete graphics system and the discrete graphics system generates and outputs image data to a display. In some examples, interface supported messages are used to transfer image data from a discrete graphics system to an integrated graphics system and the integrated graphics system uses an overlay process to generate a composite image for output to a display.
    Type: Grant
    Filed: July 7, 2022
    Date of Patent: March 19, 2024
    Assignee: Intel Corporation
    Inventors: James E. Akiyama, John Howard, Murali Ramadoss, Gary K. Smith, Todd M. Witter, Satish Ramanathan, Zhengmin Li
  • Patent number: 11934527
    Abstract: A method is disclosed and includes authenticating a first stage boot loader and authenticating a second stage boot loader in response to authentication of the first stage boot loader. The method also includes executing the second stage boot loader in response to authentication of the second stage boot loader. Executing the second stage boot loader includes loading an operating system, a first set of machine-readable instructions, and first configuration information associated with the first set of machine-readable instructions onto a non-transitory computer-readable medium, wherein the first set of machine-readable instructions and the first configuration information are associated with one or more priority partitions. Executing the second stage boot loader includes authenticating the operating system and the first set of machine-readable instructions.
    Type: Grant
    Filed: September 24, 2020
    Date of Patent: March 19, 2024
    Assignee: General Electric Company
    Inventors: Jeffrey S. Gilton, Matthew B. Pfenninger, Douglas R. Nichols, Mark E Hingsbergen
  • Patent number: 11909742
    Abstract: Embodiments of the present disclosure relate to managing admin-controlled access of external resources to group-based communication interfaces associated with an organization, via a group-based communication system including APIs for improved external resource permissioning, provisioning, and access handling. Embodiments include methods, computer program products, apparatuses, and systems configured to receive an external resource access request, determine an organization identifier, obtain an admin response indication, set an external resource permission status for the external resource based on the admin response indication, and cause rendering of the requested group-based communication interface based on the admin response indication. Embodiments further relate to provisioning and handling requests for services associated with an external resource by managing one or more single-interface access tokens linked to a multi-interface access token.
    Type: Grant
    Filed: February 18, 2022
    Date of Patent: February 20, 2024
    Assignee: Salesforce, Inc.
    Inventors: Salman Suhail, Saurabh Sahni, Kefan Xie, Emilio Aurea, Shilpi Sanchetee, Nupur Goyal, Carly Robinson
  • Patent number: 11902440
    Abstract: A method for providing Cheon-resistance security for a static elliptic curve Diffie-Hellman cryptosystem (ECDH), the method including providing a system for message communication between a pair of correspondents, a message being exchanged in accordance with ECDH instructions executable on computer processors of the respective correspondents, the ECDH instructions using a curve selected from a plurality of curves, the selecting including choosing a range of curves; selecting, from the range of curves, curves matching a threshold efficiency; excluding, within the selected curves, curves which may include intentional vulnerabilities; and electing, from non-excluded selected curves, a curve with Cheon resistance, the electing comprising a curve from an additive group of order q, wherein q is prime, such that q?1=cr and q+1=ds, where r and s are primes and c and d are integer Cheon cofactors of the group, such that cd?48.
    Type: Grant
    Filed: February 27, 2023
    Date of Patent: February 13, 2024
    Assignee: Malikie Innovations Limited
    Inventor: Daniel Richard L. Brown
  • Patent number: 11895251
    Abstract: A verifier device of an authentication system comprises physical layer circuitry and processing circuitry coupled to the physical layer circuitry. The processing circuitry is configured to encode an authentication command for sending to a credential device; decode a response communication received from the credential device, wherein the response communication includes a first random number; encrypt the first random number, a second random number, and verifier keying material for sending to the credential device; decrypt encrypted information received from the credential device, wherein the encrypted information includes the first random number, the second random number, and receiver keying material; and calculate a session encryption key using the verifier keying material and the receiver keying material.
    Type: Grant
    Filed: September 18, 2020
    Date of Patent: February 6, 2024
    Assignee: ASSA ABLOY AB
    Inventors: Martin Kaufmann, Adam Augustyn
  • Patent number: 11886548
    Abstract: An exemplary method includes a digital asset management system generating a set of collectible non-fungible digital assets, generating metadata specifying that non-fungible digital assets included the set of collectible non-fungible digital assets are configured to combine together to form a layered scene configured to be presented by a computer system, and recording, in a distributed record configured to track ownership of non-fungible digital assets, ownership information associated with the set of collectible non-fungible digital assets.
    Type: Grant
    Filed: July 2, 2021
    Date of Patent: January 30, 2024
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Nazneen Khan, Dante J. Pacella, Rea Setya
  • Patent number: 11882114
    Abstract: In IP communication, an authentication code AC1 uniquely generated by a receiving-side communication device 1b is sent to an originating-side communication device 1a (S1, S2), and stored in the originating-side communication device (S3). Packets in which the stored authentication code is embedded are sent to the receiving-side communication device 1b on connection from the originating-side communication device 1a to the receiving-side communication device 1b (S4), and it is determined at the receiving-side communication device whether the originating-side communication device is true or false depending on if the authentication code sent from the receiving-side communication device is contained in the packets received from the originating-side communication device or not (S5).
    Type: Grant
    Filed: May 14, 2020
    Date of Patent: January 23, 2024
    Assignee: KOGA ELECTRONICS CO., LTD.
    Inventor: Tadashi Nakanuma
  • Patent number: 11882215
    Abstract: One disclosed example method includes a leader client device associated with a leader participant generating a meeting key for a video meeting joined by multiple participants. For each participant, the leader client device obtains a long-term public key and a cryptographic signature associated with the participant. The leader client device verifies the cryptographic signature of the participant based on the long-term public key and the cryptographic signature. If the verification is successful, the leader client device encrypts the meeting key for the participant using a short-term private key generated by the leader client device, a short-term public key of the participant, a meeting identifier, and a user identifier identifying the participant. The leader client device further publishes the encrypted meeting key for the participant on the meeting system. The leader client device encrypts and decrypts meeting data communicated with other participants based on the meeting key.
    Type: Grant
    Filed: May 21, 2021
    Date of Patent: January 23, 2024
    Assignee: Zoom Video Communications, Inc.
    Inventors: Simon Booth, Karan Lyons
  • Patent number: 11876901
    Abstract: An elliptic curve random number generator avoids escrow keys by choosing a point Q on the elliptic curve as verifiably random. An arbitrary string is chosen and a hash of that string computed. The hash is then converted to a field element of the desired field, the field element regarded as the x-coordinate of a point Q on the elliptic curve and the x-coordinate is tested for validity on the desired elliptic curve. If valid, the x-coordinate is decompressed to the point Q, wherein the choice of which is the two points is also derived from the hash value. Intentional use of escrow keys can provide for back up functionality. The relationship between P and Q is used as an escrow key and stored by for a security domain. The administrator logs the output of the generator to reconstruct the random number with the escrow key.
    Type: Grant
    Filed: September 23, 2022
    Date of Patent: January 16, 2024
    Assignee: Malikie Innovations Limited
    Inventors: Daniel Richard L. Brown, Scott Alexander Vanstone
  • Patent number: 11848920
    Abstract: Verifiable, secure communications between a sender and a receiver on at least one shared communication channel is provided. A manicoded key encoder produces an argument of knowledge for a secret key to the at least one shared communication channel, and a manicoded message encoder provides an implication argument indicating that knowledge of the secret key enables access to message content of the manicoded message. The argument of knowledge is included in a key manifest for the secret key within a manicoded key, and the implication argument is included in a message manifest of a manicoded message. In this way, the sender may provide message content within the manicoded message, and the receiver may operate a decoder to access the message content. A verifier may use the manicoded key and the manicoded message to verify that the receiver has access to the message content.
    Type: Grant
    Filed: July 11, 2022
    Date of Patent: December 19, 2023
    Inventor: Yaron Gvili
  • Patent number: 11836256
    Abstract: An adversarial robustness testing method, system, and computer program product include testing a robustness of a black-box system under different access settings via an accelerator.
    Type: Grant
    Filed: January 24, 2019
    Date of Patent: December 5, 2023
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Pin-Yu Chen, Sijia Liu, Lingfei Wu, Chia-Yu Chen
  • Patent number: 11824841
    Abstract: A constrained device, such as an Internet of Things (IoT) device, can use a handshake procedure to establish a secure transport session with a server and generate a corresponding client session state. The constrained device can encrypt the client session state into an encrypted client session state, and transmit the encrypted client session state to the server. When the constrained device enters an idle mode, the client session state may be cleared from memory of the constrained device. However, when the constrained device next wakes from the idle mode and re-enters an active mode, the constrained device can retrieve the encrypted client session state from the server. The constrained device can decrypt the encrypted client session state to recover the client session state, and use the recovered client session state to resume the secure transport session instead of establishing a new secure transport session with a new client session state.
    Type: Grant
    Filed: August 18, 2020
    Date of Patent: November 21, 2023
    Assignee: T-Mobile USA, Inc.
    Inventor: Sergey Slovetskiy
  • Patent number: 11824999
    Abstract: Aspects and features of a cryptosystem and authentication for the cryptosystem, and a method or process for the cryptosystem, are described. In one example, a method for cryptographic communications includes storing a secret key, generating a system randomization number, and encrypting a plain data package into an encrypted data package by application of the plain data package, the secret key, and the system randomization number to a system of equations for encryption. The system of equations can be a system of linearly dependent equations in one example. Among other benefits, the cryptosystem relies upon the system of linearly dependent equations and the system randomization number to provide additional strength against known-plaintext attacks, chosen-plaintext attacks, and other types of attacks. The system is more semantically secure and offers ciphertext indistinguishability in a new approach using the system of linearly dependent equations.
    Type: Grant
    Filed: August 13, 2021
    Date of Patent: November 21, 2023
    Assignee: Winkk, Inc.
    Inventors: Rustam Islamov, Roustem Akhiarov
  • Patent number: 11804956
    Abstract: Embodiments provide methods, and systems for cryptographic keys exchange where the method can include receiving, by a server system, a client public key being part of a client asymmetric key pair from a client device; sending, by the server system, a server public key being part of a server asymmetric key pair to the client device; generating, by the server system, a random value master key and sending the random value master key encrypted using the client public key to the client device; and generating, by the server system, an initial unique session key and sending the initial unique session key encrypted under the random value master key to the client device. A unique session key from the set of the unique session keys is used by the client device to encrypt a session data for transmission to the server system per session.
    Type: Grant
    Filed: January 17, 2022
    Date of Patent: October 31, 2023
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Ritesh Chaudhari, Ashish Dhande, Ashish Patel, Chetan Bhalerao
  • Patent number: 11799656
    Abstract: A security authentication method and device are provided. The method includes performing, based on a transmitted password authentication message, password authentication with a server and acquiring a result of the password authentication; sending a request authentication message to the server in a case that the result of the password authentication is determined to indicate that the password authentication is successful; performing security authentication through digitally signing by the server all intercommunicated messages and verifying the digital signature by the client, or through encrypting a local random number and all intercommunicated messages by the client using a public key and verifying a random number returned by the server.
    Type: Grant
    Filed: July 25, 2018
    Date of Patent: October 24, 2023
    Assignees: China Mobile Communication Co., Ltd Research Institute, China Mobile Communications Group Co., Ltd.
    Inventors: Fuwen Liu, Min Zuo
  • Patent number: 11797715
    Abstract: The technology disclosed herein enables a method to receive an indication of a change to an operating mode of a device from a first operating mode to a second operating mode, and identify a cryptographic item stored at a memory of the device, wherein the cryptographic item corresponds to an identification of the device signed with a digital signature, and wherein the digital signature is based on a private key that is inaccessible to the device. On response to receiving the indication of the change to the operating mode of the device, the method can modify the cryptographic item stored at the memory, and operate the device in the second operating mode based on the modified cryptographic item. The indication of the change to the operating mode of the device can correspond to a detection of a change in a function of the device.
    Type: Grant
    Filed: December 17, 2020
    Date of Patent: October 24, 2023
    Assignee: Fortanix, Inc.
    Inventors: Andrew Leiserson, Jethro Gideon Beekman
  • Patent number: 11784995
    Abstract: Disclosed herein is an identity network that can provide a universal, digital identity for users that can be used to authenticate the user by an identity provider for relying parties to utilize for confirming the identity of the user during sign-up. The identity network receives a request from a relying party that includes deep linking to an identity provider selected by the user. The request specifies the user and any other information about the user the relying party is requesting. A service of the identity network launches the application for the identity provider on the user's device and the user logs into the identity provider's application, which provides the user authentication/validation and information about the user to the identity network. The identity network can then provide the information to the relying party, which the relying party can rely on for creating an account with the relying party for the user.
    Type: Grant
    Filed: June 22, 2020
    Date of Patent: October 10, 2023
    Inventors: Gregory Slowiak, Eric Woodward, Philip Lam, Jeff Shultz
  • Patent number: 11785448
    Abstract: This document discloses a method and device for implementing secure communication, and a storage medium. The method for implementing secure communication includes: encrypting first information and second information of a data packet respectively to generate an encrypted message; wherein, a region in which the encrypted first information is located is a first encrypted region, and a region in which the encrypted second information is located is a second encrypted region; the first information is used for a receiving device to determine whether to acquire the second information; and sending the encrypted message.
    Type: Grant
    Filed: March 24, 2020
    Date of Patent: October 10, 2023
    Assignee: BOE Technology Group Co., Ltd.
    Inventors: Kai Zhao, Hongtao Guan, Ying Zhang
  • Patent number: 11770699
    Abstract: Implementations disclosed describe techniques to allow wireless devices to initially connect with randomized MAC addresses and send an encrypted permanent MAC for differentiated services. In one method, a first wireless device connects to an access point (AP) using a randomized MAC address. The first wireless device receives a request for a permanent MAC address from the AP. The first wireless device determines whether to send the permanent MAC address. Responsive to determining to send the permanent MAC address, the first wireless device encrypts the permanent MAC address to obtain an encrypted MAC address and sends a response to the request, including the encrypted MAC address, to the AP.
    Type: Grant
    Filed: November 18, 2021
    Date of Patent: September 26, 2023
    Assignee: Cypress Semiconductor Corporation
    Inventor: Hui Luo
  • Patent number: 11763289
    Abstract: A method of operating a payment device for selectively enabling a payment function according to the validity of a host is provided. The method relates to a method of operating the payment device which includes a near field communication controller (NFCC) and a host communicating with the NFCC. The method selectively enables the payment function according to the validity of the host, thereby preventing illegal or unwanted payment.
    Type: Grant
    Filed: October 23, 2020
    Date of Patent: September 19, 2023
    Assignee: Samsung Electronics Co., Ltd.
    Inventor: Joong Chui Yoon
  • Patent number: 11743249
    Abstract: One example method includes contacting, by a client, a service, receiving a credential from the service, obtaining trust information from a trust broker, comparing the credential with the trust information, and either connecting to the service if the credential and trust information match, or declining to connect to the service if the credential and the trust information do not match. Other than by way of the trust information obtained from the trust broker, the client may have no way to verify whether or not the service can be trusted.
    Type: Grant
    Filed: June 2, 2022
    Date of Patent: August 29, 2023
    Assignee: EMC IP HOLDING COMPANY LLC
    Inventors: Ido Begun, Jehuda Shemer
  • Patent number: 11736612
    Abstract: Disclosed are methods, systems, and machine-readable mediums which provide for customer chatbots that detect a customer handoff condition and in response, transferring the customer to a communication session with a live agent. The handoff condition may comprise an inability to understand the customer, an inability to answer the customer's question, expressions of frustration or anger on the part of the customer, a customer's express request to be transferred, or the like. The live agent may receive a complete history of the conversation with the chatbot so that the customer does not have to repeat him or herself to the live agent. The chatbot chat session may be linked to a social networking account of the customer and may take place in association with a social networking profile page of the company.
    Type: Grant
    Filed: August 24, 2022
    Date of Patent: August 22, 2023
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Kristin H. Deegan, Matthew G. Vanhouten, Uma Meyyappan, Jennifer Toby Whateley, Balinder Singh Mangat, Upul D. Hanwella, Kimarie Pike Matthews, Maria J. Latorre, Scott Edward Pitchford
  • Patent number: 11734252
    Abstract: A system includes reception of a database query, determination of result set output columns associated with the database query, and determination, for each of the determined result set output columns, of one or more data sources associated with the result set output column. Sensitivity information is determined for each of the one or more data sources based on metadata, and result set sensitivity information is determined based on the determined sensitivity information. A result set is determined based on the database query, and the result set and the result set sensitivity information are transmitted.
    Type: Grant
    Filed: November 7, 2017
    Date of Patent: August 22, 2023
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Alex Umansky, David Edward Brookler, Gilad Mittelman, Shai Kariv, Tomer Levav, Tomer Weisberg
  • Patent number: 11727265
    Abstract: Methods, apparatus, systems and articles of manufacture to provide machine programmed creative support to a user are disclosed. An example apparatus include an artificial intelligence architecture to be trained based on previous inputs of the user; a processor to: implement a first machine learning model based on the trained artificial intelligence architecture; and predict a first action based on a current state of a computer program using the first machine learning model; implement a second machine learning model based on the trained artificial intelligence architecture; and predict a second action based on the current state of the computer program using the second machine learning model; and a controller to select a state based on the action that results in a state that is more divergent from the current state of the computer program.
    Type: Grant
    Filed: June 27, 2019
    Date of Patent: August 15, 2023
    Assignee: Intel Corporation
    Inventors: Ignacio Javier Alvarez, Javier Felip Leon, David Israel Gonzalez Aguirre, Javier Sebastian Turek, Luis Carlos Maria Remis, Justin Gottschlich
  • Patent number: 11706033
    Abstract: A method of sharing encrypted data includes, by an electronic device, receiving a password from a user to perform an action, receiving a salt value, generating a user key using the password and salt value, receiving an encrypted key location identifier value, decrypting the encrypted key location identifier value to obtain a key location identifier, receiving an encrypted read token value, decrypting the encrypted read token value using the user key to obtain a read token value, and transmitting the read token value and the key location identifier to a server electronic device.
    Type: Grant
    Filed: May 20, 2021
    Date of Patent: July 18, 2023
    Assignee: Powch, LLC
    Inventors: Essam Abadir, Rosco Schock, Joshua R. Cox
  • Patent number: 11681805
    Abstract: A system for collecting data artifacts from a production environment, storing them, and replaying them in a testing environment is disclosed. One or more processors receive a data artifact from a sensor in a production environment, and store the data artifact in a first storage with a unique identifier, while also storing in a second storage record(s) associating the unique identifier with a tag. A clone of at least a portion of the production environment is created within the testing environment, and an analytic targeting the data artifact is incorporated into the clone. Upon receiving a request to replay the data artifact, referencing the tag associated with the data artifact's unique identifier, the data artifact is replayed by causing the clone to receive the data artifact as if it were presently encountered. Logs of output from the clone's response are stored in a third storage for future analysis.
    Type: Grant
    Filed: May 26, 2022
    Date of Patent: June 20, 2023
    Assignee: Morgan Stanley Services Group Inc.
    Inventors: Jonathan Oakley, Joseph Edmonds
  • Patent number: 11683170
    Abstract: A secure digital communications method is provided in which a Certificate Authority generates an improved RSA key pair having a modulus, a public key exponent, a public key, and a private key. The public key exponent can contain descriptive attributes and a digital signature. The digital signature can be responsive to the descriptive attributes and the modulus. A secure session can be established between a first system and a second system, within a secure digital communication protocol. The second system can verify the digital signature to authenticate the public key.
    Type: Grant
    Filed: December 2, 2020
    Date of Patent: June 20, 2023
    Assignee: ARRIS Enterprises LLC
    Inventors: Alexander Medvinsky, Eric J. Sprunk
  • Patent number: 11678228
    Abstract: In one illustrative example, a user plane (UP) entity for use in a mobile network may receive a data packet from a user equipment (UE) operative to communicate in one or more sessions via a serving base station (BS) (e.g. eNB or gNB) of the mobile network. The UP entity may detect, in a header (e.g. SRH) of the data packet, an identifier indicating a new serving BS or session of the UE. The identifier may be UE- or BS-added data (e.g. iOAM data) that is inserted in the header by the UE or BS. In response, the UP entity may cause a message to be sent to an analytics function (e.g. a NWDAF) to perform analytics for session or flow migration for the UE.
    Type: Grant
    Filed: December 6, 2021
    Date of Patent: June 13, 2023
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Vimal Srivastava, Srinath Gundavelli, Nagendra Kumar Nainar, Carlos M. Pignataro, Timothy Peter Stammers
  • Patent number: 11664980
    Abstract: A method includes extracting, by an individual computing system, physical movement intentions of an individual from neural signals; mapping, by a secure element of the individual computing system, the physical movement intentions to a character string representing a knowledge factor; and establishing, by the individual computing system, a secure, mutually authenticated communication channel between the individual computing system and a provider computing system by using the knowledge factor as an input to a password authenticated key exchange protocol and generating a symmetric encryption key using the knowledge factor as an input to a key exchange protocol.
    Type: Grant
    Filed: April 29, 2021
    Date of Patent: May 30, 2023
    Assignee: Wells Fargo Bank, N.A.
    Inventor: Phillip H. Griffin
  • Patent number: 11657162
    Abstract: In one example an apparatus comprises a memory and a processor to create, from a first deep neural network (DNN) model, a first plurality of DNN models, generate a first set of adversarial examples that are misclassified by the first plurality of deep neural network (DNN) models, determine a first set of activation path differentials between the first plurality of adversarial examples, generate, from the first set of activation path differentials, at least one composite adversarial example which incorporates at least one intersecting critical path that is shared between at least two adversarial examples in the first set of adversarial examples, and use the at least one composite adversarial example to generate a set of inputs for a subsequent training iteration of the DNN model. Other examples may be described.
    Type: Grant
    Filed: March 22, 2019
    Date of Patent: May 23, 2023
    Assignee: INTEL CORPORATION
    Inventors: Michael Kounavis, Antonios Papadimitriou, Anindya Sankar Paul, Micah Sheller, Li Chen, Cory Cornelius, Brandon Edwards
  • Patent number: 11653202
    Abstract: A method for edge network authentication and access, implemented by an edge server, including receiving user equipment (UE) information from an application client executed on a UE to establish a connection between the edge server and the UE, verifying whether the UE has authorization to the local access point name (APN) based on the UE information, generating a session key when the UE has authorization to the local APN, sending the session key to the UE, receiving a request to access content of an application on a content server from the UE, decrypting the information to obtain a key, comparing the key with the application key to validate the UE, verifying identifiers of the UE when the UE is valid, identifying the application on the content server to obtain the content based on the request, encrypting and sending a session identifier to the UE based on a new application key.
    Type: Grant
    Filed: April 11, 2022
    Date of Patent: May 16, 2023
    Assignee: SPRINT COMMUNICATIONS COMPANY, L.P.
    Inventors: Marouane Balmakhtar, Galip Murat Karabulut
  • Patent number: 11635964
    Abstract: Aspects of the disclosure relate to a dynamic event securitization and neural network analysis system. A dynamic event inspection and securitization computing platform comprising at least one processor, a communication interface, and memory storing computer-readable instructions may securitize event data prior to authorizing execution of the event. A neural network event analysis computing platform comprising at least one processor, a communication interface, and memory storing computer-readable instructions may utilize a plurality of event analysis modules, a neural network, and a decision engine to analyze the risk level values of data sharing events. The dynamic event inspection and securitization computing platform may interface with the neural network event analysis computing platform by generating data securitization flags that may be utilized by the neural network event analysis computing platform to modify event analysis results generated by the event analysis modules.
    Type: Grant
    Filed: April 7, 2021
    Date of Patent: April 25, 2023
    Assignee: Bank of America Corporation
    Inventors: Chie Khiong Chin, Ayush Anand, Harish Tammaji Kulkarni, Simon Peter Lawrie, Nhat Minh Nguyen
  • Patent number: 11616648
    Abstract: A method for providing Cheon-resistance security for a static elliptic curve Diffie-Hellman cryptosystem (ECDH), the method including providing a system for message communication between a pair of correspondents, a message being exchanged in accordance with ECDH instructions executable on computer processors of the respective correspondents, the ECDH instructions using a curve selected from a plurality of curves, the selecting including choosing a range of curves; selecting, from the range of curves, curves matching a threshold efficiency; excluding, within the selected curves, curves which may include intentional vulnerabilities; and electing, from non-excluded selected curves, a curve with Cheon resistance, the electing comprising a curve from an additive group of order q, wherein q is prime, such that q?1=cr and q+1=ds, where r and s are primes and c and d are integer Cheon cofactors of the group, such that cd?48.
    Type: Grant
    Filed: July 12, 2022
    Date of Patent: March 28, 2023
    Assignee: BlackBerry Limited
    Inventor: Daniel Richard L. Brown
  • Patent number: 11611588
    Abstract: One or more computer processors intercept one or more network inputs entering or existing an internal network; synthesize one or more network input images from a random noise vector sampled from a normal distribution of textually embedded network inputs utilizing a trained generative adversarial network; classify one or more synthesized network input images by identifying contained objects utilizing a trained convolutional neural network with rectified linear units, wherein the objects include patterns, sequences, trends, and signatures; predict a security profile of the one or more classified network input images and associated one or more network inputs, wherein the security profiles includes a set of rules and associated mitigation actions, analogous historical network traffic, a probability of infection, a probability of signature match with historical malicious network inputs, and a harm factor; apply one or more mitigation actions based on the predicted security profile.
    Type: Grant
    Filed: July 10, 2020
    Date of Patent: March 21, 2023
    Assignee: KYNDRYL, INC.
    Inventor: Karthick Vasu
  • Patent number: 11599678
    Abstract: A method for ensuring integrity of data sent by a vehicle V2X communication device to a control module to ensure operational safety, including: receiving data transferred by vehicle-to-X communication by a first computing apparatus of the V2X communication device, storing the data in a data memory, forwarding the data to a second computing apparatus, receiving the data by the second computing apparatus, establishing whether an action is to be triggered for the data and, in response, transmitting the data to a comparison apparatus, carrying out a comparison test for the data provided by the second computing apparatus with the data stored in the data memory and, in response to the test being passed, outputting the data and/or a control instruction and/or a warning message by the V2X communication device to a control module. Furthermore, a corresponding vehicle-to-X device and the use of the device in a vehicle are disclosed.
    Type: Grant
    Filed: September 18, 2019
    Date of Patent: March 7, 2023
    Assignees: CONTINENTAL TEVES AG & CO. OHG, CONTINENTAL AUTOMOTIVE SYSTEMS, INC.
    Inventors: Marc Menzel, Ulrich Stählin
  • Patent number: 11588640
    Abstract: The subject matter discloses computer-implemented method performed during a multi-party computation (MPC) process performed between multiple parties, said method comprising, the multiple parties executing a pre-processing phase and obtain values of correlated random variables to be used in an MPC process, the parties periodically verifying the correctness of the correlated random variables by exchanging information between the multiple parties, refreshing the values of the correlated random variables in each of the multiple parties, wherein no party of the multiple parties has access to values of the correlated random variables stored in another party of the multiple parties during the verifying and refreshing processes, the multiple parties using the correlated random variables during the MPC process after verifying a correctness of the correlated random variables.
    Type: Grant
    Filed: April 24, 2020
    Date of Patent: February 21, 2023
    Assignee: Coinbase IL RD Ltd.
    Inventor: Samuel Ranellucci
  • Patent number: 11588621
    Abstract: Systems and techniques that facilitate universal and efficient privacy-preserving vertical federated learning are provided. In various embodiments, a key distribution component can distribute respective feature-dimension public keys and respective sample-dimension public keys to respective participants in a vertical federated learning framework governed by a coordinator, wherein the respective participants can send to the coordinator respective local model updates encrypted by the respective feature-dimension public keys and respective local datasets encrypted by the respective sample-dimension public keys. In various embodiments, an inference prevention component can verify a participant-related weight vector generated by the coordinator, based on which the key distribution component can distribute to the coordinator a functional feature-dimension secret key that can aggregate the encrypted respective local model updates into a sample-related weight vector.
    Type: Grant
    Filed: December 6, 2019
    Date of Patent: February 21, 2023
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Nathalie Baracaldo Angel, Runhua Xu, Yi Zhou, Ali Anwar, Heiko H. Ludwig
  • Patent number: 11580231
    Abstract: There is provided a cryptographic key determination device for determining one or more cryptographic keys in a cryptographic device, the cryptographic device being configured to execute one or more test programs, the cryptographic device comprising one or more components (11-i), each component (11-i) being configured to generate static and dynamic data, the dynamic data being generated in response to the execution of the one or more test programs, wherein the cryptographic key determination device comprises: a data extraction unit configured to extract at least one part of the static data and at least one part of the dynamic data generated by the one or more components (11-i), and a key generator configured to combine the at least one part of static data and the at least one part of dynamic data, and to determine the one or more cryptographic keys by applying a cryptographic function to the combined data.
    Type: Grant
    Filed: September 11, 2019
    Date of Patent: February 14, 2023
    Assignee: SECURE-IC SAS
    Inventors: Youssef Souissi, Florent Lozac'h, Adrien Facon, Sylvain Guilley
  • Patent number: 11563729
    Abstract: An information processing apparatus includes a processor configured to request a management apparatus for user authentication to acquire second credential information that is used for acquiring first credential information that is used for a Web service, the second credential information indicating that a user has been authenticated, receive the second credential information transmitted from the management apparatus in a case where the user authentication is successful by the management apparatus, transmit the received second credential information to an authentication server, receive the first credential information transmitted from the authentication server in response to the transmission of the second credential information, and use the Web service by using the received first credential information.
    Type: Grant
    Filed: April 21, 2020
    Date of Patent: January 24, 2023
    Assignee: FUJIFILM Business Innovation Corp.
    Inventor: Tsutomu Hirosawa
  • Patent number: 11563579
    Abstract: Approaches in accordance with various embodiments allow for zero-touch enrollment of devices with respective manager systems. In at least one embodiment, a device at startup can contact a central directory service (CDS) for information about an associated manager. The CDS can authenticate the device using device information included in the request, and can send a challenge token to the device in response. The challenge token can include information for the manager, protected with multiple layers of security that should only be able to be decrypted by the authenticated device. The device can decrypt this challenge token to determine the manager information, and can convert this challenge token to a bearer token. The device can then send a request to the determined manager that includes the bearer token, which the manager can use to authenticate the device. The manager can then send the device appropriate configuration information.
    Type: Grant
    Filed: October 2, 2020
    Date of Patent: January 24, 2023
    Assignee: Nvidia Corporation
    Inventors: Daniel Major, Mark Overby
  • Patent number: 11556556
    Abstract: A method, apparatus and system for secure forensic investigation of a target machine by a client machine over a communications network. In one aspect the method comprises establishing secure communication with a server over a communications network, establishing secure communication with the target machine over the communications network, wherein establishing secure communication with the target machine includes establishing secure communication between the server and the target machine, installing a servelet on the target machine, transmitting a secure command to the servelet over the communications network, executing the secure command in the servelet, transmitting data, by the target machine, in response to a servelet instruction, and receiving the data from the target machine over the communication network.
    Type: Grant
    Filed: June 7, 2019
    Date of Patent: January 17, 2023
    Assignee: OPEN TEXT HOLDINGS, INC.
    Inventors: Shawn McCreight, Dominik Weber, Matthew Garrett
  • Patent number: 11553261
    Abstract: A system for releasing locking of a fusion splicer includes a fusion splicer, an information terminal, and a server. The fusion splicer locks a fusion-splicing function in accordance with a predetermined lock condition and releases the locked function in accordance with a release command input. The server includes a storage unit that stores authentication information provided by a user of the fusion splicer, a collation unit that collates authentication information provided from the information terminal with the authentication information stored in the storage unit, and a password issuance unit that issues a one-time password including at least a date in an algorithm when a collation result is favorable. The information terminal authenticates the one-time password in consideration of a day difference or a time difference between the information terminal and the server and applies the release command to the fusion splicer when an authentication result is favorable.
    Type: Grant
    Filed: December 24, 2019
    Date of Patent: January 10, 2023
    Assignee: SUMITOMO ELECTRIC OPTIFRONTIER CO., LTD.
    Inventors: Takahiro Suzuki, Kazuyoshi Ooki, Hideaki Yusa, Takaharu Ohnishi
  • Patent number: 11544393
    Abstract: Discussed herein are devices, systems, and methods for secure access to offline data. A method can include configuring a device in a task retrieval state and retrieving a task to be executed on a cold storage device while the device is in the task retrieval state, configuring the device in a disconnected state after retrieving the task, and configuring the device in a task execution state after the device is in the disconnected state and executing the task on the cold storage while the device is in the task execution state. In the task retrieval state, the device can communicate with a buffer network and cannot communicate with a cold network. In the disconnected state, the device cannot communicate with either the cold network or the buffer network. In the task execution state, the device can communicate with the cold network and cannot communicate with the buffer network.
    Type: Grant
    Filed: July 19, 2019
    Date of Patent: January 3, 2023
    Assignee: Cold Fortress, Inc.
    Inventors: Travis Lockman, Hansel Fernandez
  • Patent number: 11522693
    Abstract: There is provided an information processing device, including a processing unit configured to perform a calculation using keys assigned to a plurality of areas of a recording medium and generate an authentication key. The processing unit generates the authentication key by performing a calculation using conversion values corresponding to the keys, the conversion values being obtained by converting device-specific information using conversion methods associated with the keys used in the calculation.
    Type: Grant
    Filed: January 11, 2019
    Date of Patent: December 6, 2022
    Assignee: SONY CORPORATION
    Inventors: Tsutomu Nakatsuru, Katsuya Shimoji
  • Patent number: 11520872
    Abstract: An information processing apparatus includes a first processor, a second processor, and one or more non-volatile storage devices. The one or more storage devices store a first control program to be executed by the first processor and a second control program to be executed by the second processor. The first processor verifies the second control program stored in the one or more storage devices, and then verifies the first control program stored in the one or more storage devices.
    Type: Grant
    Filed: September 6, 2019
    Date of Patent: December 6, 2022
    Assignee: Canon Kabushiki Kaisha
    Inventor: Takashi Fujii
  • Patent number: 11516673
    Abstract: Devices, systems and methods are provided to implement key generation for secure pairing between first and second devices using embedded out-of-band (OOB) key generation and without requiring the devices to have input/output (IO) capability to enter authentication information. Bluetooth Smart or Low Energy (BLE) OOB pairing option can be used for pairing medical devices with added security of OOB key generation. The OOB key generation comprises providing first and second devices with the same predefined credential and secure hashing algorithm, and making input of the hashing algorithm of the first and second devices the same. The first device transmits unique data to second device (e.g., via BLE advertising) to share and compute a similar input. The first and second devices use the credential and shared data with the hashing function to generate a key that is the same at each of first and second devices.
    Type: Grant
    Filed: May 21, 2018
    Date of Patent: November 29, 2022
    Assignee: Becton, Dickinson and Company
    Inventors: Yi Su, Ping Zheng, Mojtaba Kashef
  • Patent number: 11503023
    Abstract: A first authentication apparatus obtains a modification restriction parameter which is stored in a second authentication apparatus and which indicates a number of times a mutual authentication pair modification is possible or a number of times modification has been executed. The first authentication apparatus transmits to the second authentication apparatus authentication information corresponding to the modification restriction parameter. The second authentication apparatus receives the authentication information from the first authentication apparatus. The second authentication apparatus determines whether or not the received authentication information is authentication information for permitting the mutual authentication pair modification. In a case where the received authentication information is authentication information that permits the mutual authentication pair modification, the second authentication apparatus and the first authentication apparatus form a mutual authentication pair.
    Type: Grant
    Filed: December 29, 2020
    Date of Patent: November 15, 2022
    Assignee: Canon Kabushiki Kaisha
    Inventor: Yuta Hojo