Mutual Entity Authentication Patents (Class 713/169)
  • Patent number: 10735464
    Abstract: A computer-implemented method for detecting replay attack comprises: obtaining at least one candidate transaction for adding to a blockchain; verifying if an identification of the candidate transaction exists in an identification database, the identification database comprising a plurality of identifications within a validation range; and in response to determining that the identification does not exist in the identification database, determining that the candidate transaction is not associated with a replay attack.
    Type: Grant
    Filed: December 17, 2019
    Date of Patent: August 4, 2020
    Assignee: Alibaba Group Holding Limited
    Inventor: Guilu Xie
  • Patent number: 10728045
    Abstract: An authentication device outputs a first challenge value corresponding to a random number along with a first authentication request. A second challenge value is input to the authentication device along with a second authentication request, and the authentication device outputs a second response value which is obtained by encrypting a value corresponding to the second challenge value by using a common key by a symmetric key cryptosystem. A first response value corresponding to the first challenge value is input to the authentication device, and the authentication device decides whether or not a decrypting result which is obtained by decrypting the first response value by using the common key and a value corresponding to the first challenge value coincide with each other.
    Type: Grant
    Filed: May 27, 2016
    Date of Patent: July 28, 2020
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventor: Dai Ikarashi
  • Patent number: 10715557
    Abstract: System and method for establishing secure conference calls. In one example system, a central conference call server establishes point-to-point connections with accessory devices comprising a secure element and connected to corresponding participant devices. The conference call server includes an interface to a plurality of secure elements configured to perform scrambling and unscrambling of media signals communicated to and from the accessory devices. In another example, one of the participant devices operates as the central conference call server. In other examples, participant devices communicate on a conference call via point-to-point connections between all accessory devices connected to the participant devices. The accessory devices include secure elements for decryption and encryption of media signals communicated between the accessory devices.
    Type: Grant
    Filed: September 13, 2018
    Date of Patent: July 14, 2020
    Assignee: NAGRAVISION S.A.
    Inventors: Francois Fer, Marco Macchetti, Laurent Gauteron, Jerome Perrine
  • Patent number: 10701047
    Abstract: Embodiments herein include, for example, a method, comprising: generating a shared symmetric key to begin a communication session among a group of users by a first user; distributing, by the first user, the generated shared symmetric key to each user in the group of users; communicating within the communication session among a group of users, where each user encrypts a message to the group of users to be distributed through the communication session using the generated shared symmetric key, and each user decrypts a message received from the communication session using the generated shared symmetric key.
    Type: Grant
    Filed: March 30, 2018
    Date of Patent: June 30, 2020
    Assignee: CYPH INC.
    Inventors: Ryan Lester, Bryant Zadegan
  • Patent number: 10701070
    Abstract: A method for providing improved personalized security mechanisms for transferring electronic data is disclosed. In an embodiment, the method comprises generating, at a client computer, a user key pair, wherein the user key pair comprises a user private key and a user public key; transmitting the user public key from the client computer to a server computer; receiving, at the client computer, from the server computer, a user account public key; generating a virtual memory stick (“VMS”) file and including, in the VMS file, one or more keys and one or more passphrases; encrypting the VMS file with a protection passphrase to generate an encrypted VMS file; and transmitting the encrypted VMS file to the server computer.
    Type: Grant
    Filed: May 23, 2018
    Date of Patent: June 30, 2020
    Assignee: VERUM SECURITAS, INC.
    Inventors: Kris Durski, Gustav Metkowski
  • Patent number: 10693863
    Abstract: A method of enabling applications to reference user information is provided, including receiving a request for a user identifier that references a user of the application and sending a second request for the user identifier to a server. The second request may include a second user identifier that references the user and a second authentication token for the second user identifier. Furthermore, the second user identifier and the second authentication token are not accessible by the user. The method includes receiving the user identifier and an authentication token for the first user identifier. The user identifier corresponds to the second identifier; and providing the user identifier and authentication token to the application. A method of enabling an application to identify users associated with a user of the application is provided; the method may include receiving, from the server, user identifiers that reference one or more users scoped to the application.
    Type: Grant
    Filed: May 4, 2018
    Date of Patent: June 23, 2020
    Assignee: Apple Inc.
    Inventors: Derrick S. Huhn, Jeremy M. Werner, Amol V. Pattekar
  • Patent number: 10637772
    Abstract: Data packets passing from a source to a destination in a network according to a Service Function Chain (SFC) are processed by an ordered sequence of at least one service function (SF). For each SF in the SFC in order, a current value of a function, such as a hash function, is recursively computed including, as input values, at least current identifying data that identifies a corresponding current one of the SFs, and a value of the function output from an immediately preceding SF. After computing the current value of the function for a selected SF in the SFC, the current value of the function is compared with an expected value. If the value of the function for the selected SF is the same as the expected value, the data packet is allowed to be transmitted to a subsequent processing stage; if not, then an error response action is taken.
    Type: Grant
    Filed: May 28, 2016
    Date of Patent: April 28, 2020
    Assignee: Guardtime SA
    Inventors: Hema Krishnamurthy, Jeffrey Pearce
  • Patent number: 10635839
    Abstract: Disclosed herein are a fixed-location Internet-of-Things (IoT) device for protecting secure storage access information and a method for protecting secure storage access information of the fixed-location IoT device.
    Type: Grant
    Filed: July 31, 2017
    Date of Patent: April 28, 2020
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Dae-Won Kim, Young-Sae Kim, Yong-Hyuk Moon, Seung-Yong Yoon, Jin-Hee Han, Jae-Deok Lim, Jeong-Nyeo Kim, Yong-Sung Jeon
  • Patent number: 10623400
    Abstract: A security method and system for capturing user specific binary information used to identify the user; using the user specific binary information to generate a secured primary code, generating strong user credentials for accessing web based or applications logins, intercepting credential requests from local applications or remote web sites, regenerating strong user credentials dynamically, using the secure primary code to generate encryption keys for protection of data inside or outside the machine of creation, and using secure primary code protection in conjunction with subsidiary key exchanges to allow data sharing while retaining data security.
    Type: Grant
    Filed: October 14, 2013
    Date of Patent: April 14, 2020
    Inventor: Greg Hauw
  • Patent number: 10592697
    Abstract: A method and apparatus prevents hacker code from infecting an application program by requiring decryption of the application program prior to running the application program on a computer. The method includes steps of: providing a security device that is a separate unit from components necessary to operate the computer; storing a symmetric private key on the security device; using the device symmetric private key to produce an encrypted application program upon first installation; thereafter decrypting that part of the encrypted application program needed implement a command to run the application program; and, decrypting, on the fly, only those follow-on parts of the encrypted application program needed to perform functions called for during operation of the application program.
    Type: Grant
    Filed: September 19, 2018
    Date of Patent: March 17, 2020
    Inventor: John Almeida
  • Patent number: 10560844
    Abstract: In one embodiment, a system includes a processing circuit and logic integrated with the processing circuit, executable by the processing circuit, or integrated with and executable by the processing circuit. The logic is configured to cause the processing circuit to limit functionality of a remote controlled device during periods of time that a user of the remote controlled device is not authenticated, and to receive identity information of the user of the remote controlled device via an authentication process, with the identity information establishing an identity of the user. Also, the logic is configured to cause the processing circuit to authenticate the user prior to allowing full functionality of the remote controlled device, send an indication of the identity of the user to the remote controlled device, and provide full functionality of the remote controlled device to the user in response to successfully authenticating the user.
    Type: Grant
    Filed: March 15, 2017
    Date of Patent: February 11, 2020
    Assignee: International Business Machines Corporation
    Inventors: Michael A. Amisano, John F. Behnken, Jeb R. Linton, John Melchionne, David K. Wright
  • Patent number: 10560436
    Abstract: A pseudonymous proximity location device and methods of operating and/or interacting with the same are provided. The pseudonymous proximity location device is configured to provide meaningful information to authorized reading devices but useless information to non-authorized reading devices, thereby prohibiting the use of the pseudonymous proximity location device by unauthorized reading devices.
    Type: Grant
    Filed: November 2, 2015
    Date of Patent: February 11, 2020
    Assignee: ASSA ABLOY, AB
    Inventors: Philip Hoyer, Mark Robinton
  • Patent number: 10560481
    Abstract: Methods, systems, and computer-readable storage media for a trust management system (TMS) in connected devices including a service provider device and a service consumer device, actions including receiving, by the TMS, side information associated with the service provider device, the side information including profile data and context data, processing, by the TMS, the side information using a computer-executable stereotype model to determine a prior trust value, determining, by the TMS, a trust value using a computer-executable experiential trust model, and at least partially based on the prior trust value, and selectively conducting a transaction between the service consumer device, and the service provider device based on the trust value.
    Type: Grant
    Filed: June 16, 2017
    Date of Patent: February 11, 2020
    Assignee: SAP SE
    Inventor: Kun Ouyang
  • Patent number: 10554744
    Abstract: An approach is provided to automatically replicate content to certain servers in a networking environment based on, amongst other metrics, location of third parties accessing information in a social networking environment. The approach includes obtaining content from a user within a networked environment and analyzing information of one or more third parties that have access to the networked environment and who have an association with the user. The approach further includes replicating the content to one or more servers within the networked environment based on the analyzed information of the one or more third parties.
    Type: Grant
    Filed: January 7, 2016
    Date of Patent: February 4, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Kelly Abuelsaad, Lisa Seacat DeLuca, Soobaek Jang, Daniel C. Krook
  • Patent number: 10521779
    Abstract: An electronic social networking environment enables the transfer of stored value between users of the environment. A transfer may be in the form of a gift from one user to another. The stored value may represent actual currency or virtual currency. The stored value may be redeemed within or outside the electronic social networking environment, and may be redeemed with one or more merchants. The stored value may be redeemed for a physical item or service or for a virtual item or service.
    Type: Grant
    Filed: December 2, 2016
    Date of Patent: December 31, 2019
    Assignee: Gift Solutions LLC
    Inventors: Christopher L. Toomer, Steven E. Arthur, Debi Rex, Ginger Sayor
  • Patent number: 10516993
    Abstract: Provided are methods and apparatuses for establishing a wireless communications connection by using biometric information of a user. A method of operating an electronic device includes operations of: acquiring first biometric information; transmitting first sub-information of the first biometric information to a terminal within a certain time from an instant of acquiring the first biometric information; receiving from the terminal second sub-information of second biometric information of a user who uses the terminal; and comparing second sub-information of the first biometric information corresponding to the second sub-information of the second biometric information with the second sub-information of the second biometric information. If it is determined as a result of the comparing that the second sub-information of the first biometric information matches the second sub-information of the second biometric information, a pairing with the terminal is established through a wireless network.
    Type: Grant
    Filed: August 26, 2016
    Date of Patent: December 24, 2019
    Assignee: Samsung Electronics Co., Ltd
    Inventors: Tae-soo Jun, Seung-ku Kim
  • Patent number: 10506642
    Abstract: A method to securely send, to the device the cryptographic key and the local wireless network credentials with an authenticity verification to ensure that the device is safe to be added to the local network. Those credentials are sent using a NFC enabled device to the internal EEPROM with NFC interface embedded on the target connected device. The method enforces the configuration setup process to avoid critical vulnerabilities in IoT devices, minimizing security and privacy issues to the final user and avoid any unauthorized device to be added to the network. When a new IoT device is added, assuming that this new device has no security key embedded and no stored authentication credentials, a secure mobile application will send that information to the device using NFC. This application has an interface to configure the device in a single step.
    Type: Grant
    Filed: November 30, 2016
    Date of Patent: December 10, 2019
    Assignee: SAMSUNG ELETRÔNICA DA AMAZÔNIA LTDA.
    Inventors: Pedro Henrique Minatel, Sang Hyuk Lee, Breno Silva Pinto, Felipe Caye Batalha Boeira
  • Patent number: 10499313
    Abstract: The present application is directed to a computer-implemented device for reserving a path in a network. The device includes a non-transitory memory operably coupled to a processor. The processor is configured to perform the instruction of sending a path computation request to a backbone router via a routing protocol path. The processor is also configured to perform the instruction of receiving a computation reply from the backbone router path based upon the request. The processor is also configured to perform the instruction of assigning a soft cell on the path between the source and the destination device. The application is also directed to a computer-implemented device for reserving a path between a source device and destination device.
    Type: Grant
    Filed: December 2, 2015
    Date of Patent: December 3, 2019
    Inventors: Zhuo Chen, Lijun Dong, Chonggang Wang, Quang Ly, Xu Li, Guang Lu, Yanyan Han, Shamim Akbar Rahman
  • Patent number: 10439801
    Abstract: An entity authentication method includes: an entity A generates and sends NA to an entity B; the entity B generates NB and ZSEEDB, computes a key MKA?KEIA and first encrypted authentication data AuthEncDataB, and sends the NB?NA?AuthEncDataB to the entity A for verification; the entity A generates ZSEEDA, computes second encrypted authentication data AuthEncDataA, a shared key seed Z, a master key MK and a first message authentication identifier MacTagA, and sends the NA?NB?AuthEncDataA?MacTagA to the entity B for verification; the entity B computes Z, MK and MacTagA, compares the MacTagA with the received MacTagA, and if the two are equal, considers that the entity A is valid; the entity B computes and sends a second message authentication identifier MacTagB to the entity A; and the entity A computes MacTagB, compares the MacTagB with the received MacTagB, and if the two are equal, considers that the entity B is valid.
    Type: Grant
    Filed: June 23, 2015
    Date of Patent: October 8, 2019
    Assignee: China IWNCOMM Co., LTD.
    Inventors: Ya'nan Hu, Zhiqiang Du, Guoqiang Zhang, Qin Li
  • Patent number: 10439991
    Abstract: The present disclosure provides a bootstrapping server, a network application function (NAF), a system and methods for establishing secure communication between a machine to machine (M2M) device and a NAF. A method for establishing secure communication between the NAF and M2M device comprises receiving a first data object, tunneling the first data object to the M2M device, via an interface between the NAF and the M2M device, for enabling the M2M device to derive first information to establish said secure communication, receiving a second data object and deriving second information for use in establishing said secure communication with the M2M device.
    Type: Grant
    Filed: September 12, 2014
    Date of Patent: October 8, 2019
    Assignee: VODAFONE IP LICENSING LIMITED
    Inventors: Nick Bone, Tim Snape
  • Patent number: 10432600
    Abstract: An apparatus includes a computing system that is configured to receive, from an electronic device, a verification message indicating that the electronic device is not corrupt. The computing system is also configured to receive, from the electronic device, a unique universal identifier (UUID) that is associated with an application stored in a memory of the electronic device. The computing system is further configured to receive, from a management server of the one or more management servers, a server key stored in a credential store and that is associated with the UUID received from the electronic device. In addition, the computing system is configured to establish one or more secure channels for electronic data communication with the electronic device based on the received UUID and the server key.
    Type: Grant
    Filed: October 10, 2018
    Date of Patent: October 1, 2019
    Assignee: Uniken, Inc.
    Inventors: Bimal I. Gandhi, Nishant Kaushik, Robert Alan Levine, James Anthony Villarrubia, Tejas Digambar Limaye
  • Patent number: 10430599
    Abstract: Systems and methods for backing up data are provided. Data objects or blocks of data can be encrypted with individualized keys. The keys are generated from the unencrypted data objects or blocks. The encrypted data objects or blocks and fingerprints of the encrypted data objects or blocks can be uploaded to a datacenter. Even though the data objects or blocks are encrypted, deduplication can be performed by the datacenter or before the data object is uploaded to the datacenter. In addition, access can be controlled by encrypting the key used to encrypt the data object with access keys to generate one or more access codes. The key to decrypt the encrypted data object is obtained by decrypting the access code.
    Type: Grant
    Filed: June 30, 2014
    Date of Patent: October 1, 2019
    Assignee: EMC IP HOLDING COMPANY LLC
    Inventors: Ray D. Whitmer, David S. Anderson
  • Patent number: 10411905
    Abstract: Techniques for implementing public key infrastructure using blockchains are described. An apparatus may receive, from a introducee principal, a proof-of-work. The apparatus may combine the proof-of-work with an identifier of the introducee principal. The apparatus may generate an introduction of the introducee principal. The introduction may include signing, using an asymmetric private key assigned to the apparatus, the combination of the proof-of-work and the identifier of the introducee principal. The apparatus may publish the introduction of the introducee principal to a blockchain.
    Type: Grant
    Filed: July 1, 2016
    Date of Patent: September 10, 2019
    Assignee: Intel Corporation
    Inventors: Ned M. Smith, David W. Grawrock
  • Patent number: 10402557
    Abstract: An authentication server determines that a user entering authentication data is in physical possession of a client device by determining that the user has observed changes in the state of hardware elements of the client device that are effected outside of a remote desktop protocol. The authentication server causes the client device to prompt the user to observe the hardware element of the client device for state changes and receives data generated by the user representing observed state changes. If the data accurately represents the changes in the state of the hardware element, the user is determined to be in physical possession of the client device.
    Type: Grant
    Filed: August 12, 2015
    Date of Patent: September 3, 2019
    Assignee: Uniloc 2017 LLC
    Inventor: Dono Harjanto
  • Patent number: 10404674
    Abstract: Efficient memory management can be provided in a multi-tenant virtualized environment by encrypting data to be written in memory by a virtual machine using a cryptographic key specific to the virtual machine. Encrypting data associated with multiple virtual machines using a cryptographic key unique to each virtual machine can minimize exposure of the data stored in the memory shared by the multiple virtual machines. Thus, some embodiments can eliminate write cycles to the memory that are generally used to initialize the memory before a virtual machine can write data to the memory if the memory was used previously by another virtual machine.
    Type: Grant
    Filed: February 28, 2017
    Date of Patent: September 3, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Nafea Bshara, Thomas A. Volpe, Adi Habusha, Yaniv Shapira
  • Patent number: 10404663
    Abstract: An example method for file sharing over secure connections comprises: establishing a secure client connection; receiving a client request identifying a file residing on the file sharing host; transmitting an identifier and a parameter of the secure client connection via a management connection to the file sharing host; receiving a host request to establish a secure host connection, the host request comprising the identifier of the secure client connection; establishing the secure host connection using the parameter of the secure client connection identified by the received identifier; forwarding, over the secure host connection, a first data packet received over the secure client connection, the first data packet comprising at least part of the client request; and forwarding, over the secure client connection, a second data packet received over the secure host connection, the second data packet comprising at least part of the file identified by the client request.
    Type: Grant
    Filed: February 29, 2016
    Date of Patent: September 3, 2019
    Assignee: Parallels International GmbH
    Inventors: Alexey Petrukhin, Grigory Nikolaenko, Nikolay Dobrovolskiy, Serguei Beloussov
  • Patent number: 10380094
    Abstract: Disclosed are examples of systems, apparatus, methods and computer program products for creating custom platform objects for a multi-tenant non-relational database environment. A database system maintains a multi-tenant non-relational database associated with multiple enterprises and a number of records for each of the enterprises. The system also maintains a dynamic virtual table associated with a number of records. A request is received from one of the enterprises to define a custom data object within the database system, uniquely associated with an enterprise. The request is processed, and a custom object is generated based on the request. The custom object defines database columns corresponding to the data object and the enterprise. The virtual table is updated to include virtual columns corresponding to the database column definitions, and existing columns of a shared table in the non-relational database are updated to match the virtual columns.
    Type: Grant
    Filed: September 30, 2016
    Date of Patent: August 13, 2019
    Assignee: salesforce.com, inc.
    Inventors: Alex Warshavsky, Adam Torman, Eli Levine, Jan Asita Fernando, Samarpan Jain
  • Patent number: 10366254
    Abstract: In a transient storage device (TSD) with multiple authentication silos, a host computing device connected to the TSD is configured by the TSD to discover and act upon various types of authentication information in the silos. One or more logical combinations of authentication silos are switched to the authenticated state to grant access to an associated storage area. A particular ordering of authentication silos may be required to achieve a valid combination of authenticated silos. Ordering may be suggested by configuration information in the TSD. Ordering may also be based upon whether or not user input is required for authenticating a given authentication silo, the environment of use of the TSD, or a hierarchy from most trusted to least trusted authentication silo. With this information, the host proceeds with the most efficient authentication sequence leading to a grant of access to the storage area.
    Type: Grant
    Filed: July 28, 2015
    Date of Patent: July 30, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventor: James Bovee
  • Patent number: 10361848
    Abstract: A quantum key generation system including two photon detector units, two photon entanglement chains extending between the two photon detector units, and a plurality of multicore fiber links each including at least two non-uniform cores structurally configured to provide non-uniform photon propagation delay. Each photon entanglement chain includes at least one quantum repeater structurally configured to entangle a pair of photons and first and second terminating quantum memories optically coupled the quantum repeater using the multicore fiber links such that photons received by the first and the second terminating quantum memories are entangled with photons entangled by the quantum repeater.
    Type: Grant
    Filed: February 21, 2017
    Date of Patent: July 23, 2019
    Assignee: Corning Incorporated
    Inventors: Stuart Gray, Ming-Jun Li, Daniel Aloysius Nolan
  • Patent number: 10356586
    Abstract: A projector includes: a projection unit which projects a first image onto a projection surface; a detection unit which detects a position of an indicator on the projection surface; a first storage unit which stores a second image including a figure drawn according to the position of the indicator; an acquisition unit which acquires information for specifying a transmission destination of the second image via a wireless reader/writer; a communication unit which communicates via a network; and a transmission unit which transmits the second image via the communication unit to the transmission destination specified by the information acquired by the acquisition unit.
    Type: Grant
    Filed: February 5, 2016
    Date of Patent: July 16, 2019
    Assignee: Seiko Epson Corporation
    Inventor: Masahiko Honda
  • Patent number: 10341117
    Abstract: Techniques for enabling cloud authentication of Layer 2-connected member devices via an IP-connected active device are provided. In one set of embodiments, the member device can transmit, to the active device, a request to authenticate the member device with a cloud management platform. The member device can further receive, from the active device, an encrypted nonce generated by the cloud management platform in response to the request, where the encrypted nonce is encrypted using a public key of the member device. The member device can decrypt the encrypted nonce using a private key of the member device to generate a decrypted nonce and can transmit the decrypted nonce to the active device. The member device can then receive, from the active device, a token generated by the cloud management platform indicating that the member device has been authenticated by the platform.
    Type: Grant
    Filed: July 18, 2017
    Date of Patent: July 2, 2019
    Assignee: ARRIS Enterprises LLC
    Inventor: Suman Sharma
  • Patent number: 10304464
    Abstract: The present invention relates to a method of providing voice recognition. The method comprises the steps of receiving a packetised voice data of a person to be identified over a packet-switched network, comparing the voice data with a stored voice data of a user and, based on the comparison, providing an indication of the likelihood that the person to be identified is the user, wherein the step of receiving the voice data comprises waiting for sufficient voice data to be received.
    Type: Grant
    Filed: January 22, 2008
    Date of Patent: May 28, 2019
    Assignee: Auraya Pty. Ltd.
    Inventors: Clive Summerfield, Joel Moss
  • Patent number: 10291612
    Abstract: A hosting provider may be bi-directionally authenticated with one or more media repositories. The hosting provider preferably has domain name registration and hosting capabilities. The media repositories may collect data (such as pictures and/or files) from one or more users. Once authenticated, the hosting provider and media repositories may cooperate in storing, aggregating and transmitting data to a user. Routes may be hosted by the hosting provider and used to organize and access the data. For example, a user may enter a route into a browser and receive media/data, possibly from a plurality of media repositories, that is associated with that route. In another example, the user may enter a route into the browser and be redirected from the hosting provider to a website of the media repository.
    Type: Grant
    Filed: March 22, 2016
    Date of Patent: May 14, 2019
    Assignee: Go Daddy Operating Company, LLC
    Inventor: Samuel Y. Ng
  • Patent number: 10289610
    Abstract: An appliance includes a processor, a medium, a registration application, and a monitoring application. The registration application includes instructions in the medium that, when read and executed by the processor, configure the registration application to write a transaction identifier to a start message, the transaction identifier identifying the appliance, write a dataset of interest identifier to the start message, and send the start message to a database. The dataset of interest identifies a group of appliances including the appliance. The monitoring application includes instructions in the medium that, when read and executed by the processor, configure the monitoring application to monitor operations executed on the appliance, write data resulting from the operations to a data message, and send the data message anonymously to the database. The data message is signed with a member key associated with the group of appliances.
    Type: Grant
    Filed: December 23, 2015
    Date of Patent: May 14, 2019
    Assignee: McAfee, LLC
    Inventors: Geoffrey H. Cooper, Guy L. AlLee, Jr.
  • Patent number: 10282539
    Abstract: Systems and methods authenticate with application extensions. An application extension requests a token from a local application. The local application generates a token and either inserts the token into a protected storage accessible only by the application extension being run by the current user or returns the token back to the application extension after being confirmed by the legitimate user. The application extension uses the token to authenticate itself with the local application.
    Type: Grant
    Filed: June 10, 2016
    Date of Patent: May 7, 2019
    Assignee: AVAST SOFTWARE S.R.O.
    Inventors: Pavel Studený, Petr Van{hacek over (e)}k, Martin Havelka
  • Patent number: 10285180
    Abstract: Wireless communications systems and methods related to the reduction in a probability of collision for grant-less transmissions from internet of everything (IOE) devices while not increasing search complexity at a base station are disclosed. An IOE device randomly selects a first access resource from a common pool that the base station searches to initiate a transmission. If a metric associated with the data transmission is predicted to exceed a threshold, the IOE device also requests a second access resource from a reserved access pool from the base station, that the base station does not search. The IOE includes the request in the data transmission. The base station and the IOE device switch to the second access resource after the base station identifies an available resource from the reserved access pool and the IOE device completes the data transmission using the second access resource.
    Type: Grant
    Filed: October 29, 2015
    Date of Patent: May 7, 2019
    Assignee: QUALCOMM Incorporated
    Inventors: Wei Zeng, Joseph Binamira Soriaga, Tingfang Ji, John Edward Smee, Naga Bhushan
  • Patent number: 10284369
    Abstract: Secure application-to-application communication is disclosed. A shared encryption key may be used to encrypt data to be transferred from a first mobile application to a second mobile application. The encrypted data is provided to a shared storage location. The second mobile application is configured to retrieve the encrypted data from the shared storage location.
    Type: Grant
    Filed: June 30, 2017
    Date of Patent: May 7, 2019
    Assignee: MOBILE IRON, INC.
    Inventors: Thomas Edward Wagner, Robert Elliott Whiteman
  • Patent number: 10278104
    Abstract: A method of cell detection, for a user equipment (UE) of a first cell, wherein the first cell operates on a first frequency, from a second cell, wherein UE is served by the second cell, and the second cell operates on a second frequency different form the first frequency, is disclosed. The method comprises performing cell detection on the first frequency while the UE is associated with the second cell on the second frequency; detecting at least one cell identification (ID) candidate on the first frequency; determining whether verification of cell ID is to be done prior or after a predetermined event has occurred; and if it is determined that verification is to be done after the predetermined event, postponing the verification and performing the verification after the predetermined event has occurred. Methods of cell identification and handover are also disclosed. A communication apparatus and a computer program are also disclosed.
    Type: Grant
    Filed: March 9, 2017
    Date of Patent: April 30, 2019
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Iana Siomina, Bengt Lindoff
  • Patent number: 10250392
    Abstract: Systems and methods for using an arbitrary base value for EPID calculations are provided herein. A system to use arbitrary base values in enhanced privacy ID (EPID) calculation, where the system includes a microcontroller; and a memory coupled to the microcontroller; wherein the microcontroller is to: obtain an arbitrary value at a member device, the member device being a member of a group of member devices, each member device in the group of member devices having a unique private EPID key assigned from a pool of private keys, where any of the pool of private keys is able to sign content that is verifiable by a single group public key, and the arbitrary value being one of a time-based value or a usage-based value; construct an EPID base using the arbitrary value; and transmit content signed with the private key using the EPID base to a verifier.
    Type: Grant
    Filed: July 1, 2016
    Date of Patent: April 2, 2019
    Assignee: Intel Corporation
    Inventor: Ernie F. Brickell
  • Patent number: 10243924
    Abstract: A service providing system includes an application configured to provide a service to a terminal device that has made a service request including use identification information; a creator configured to create group identification information for identifying a group of the use identification information, based on a creation request from the application; an issuer configured to issue the use identification information associated with the group identification information, based on an issue request from the application, the issue request including the group identification information; and a verifier configured to verify the use identification information, based on a verification request from the application, the verification request including the group identification information and the use identification information.
    Type: Grant
    Filed: August 4, 2016
    Date of Patent: March 26, 2019
    Assignee: Ricoh Company, Ltd.
    Inventors: Hiroki Ohzaki, Yasuharu Fukuda, Seiichi Kondo
  • Patent number: 10229204
    Abstract: The Messaging Search and Management Apparatuses, Methods and Systems (“MSM”) transforms message, ranking request inputs via MSM components into work graphs, ML structure input data, ML structure, ranking response outputs. A work graph generation request that includes group level access control data may be obtained. A set of metadata access control carrying messages, a set of users, a set of channels, and a set of topics with access control data corresponding to the group level access control data may be determined. A user priority score for each of the other users, a channel priority score for each of the channels, and a topic priority score for each of the topics, from the perspective of each user, may be calculated. A work graph data structure may be generated that includes, for each user, data regarding the calculated user priority scores, channel priority scores, and topic priority scores.
    Type: Grant
    Filed: April 9, 2018
    Date of Patent: March 12, 2019
    Assignee: Slack Technologies, Inc.
    Inventors: Myles Grant, Serguei Mourachov, Renaud Bourassa-Denis, Jason Liszka, John Gallagher, Isabella Tromba, Noah Weiss, Daniel Stewart Butterfield, Callum Henderson-Begg
  • Patent number: 10229259
    Abstract: A method includes: displaying, by a second device, prompt information, where the prompt information is used to inform a user that a task executed on a first device may be handed off to the second device for execution; receiving, by the second device, a first operation of the user, and collecting a fingerprint used when the user performs the first operation, where the first operation is used to request execution of the task on the second device; acquiring, by the second device, first fingerprint information and second fingerprint information by using the first device; calculating, by the second device according to the fingerprint used when the user performs the first operation and the first fingerprint information, third fingerprint information; and executing, by the second device, the task when the third fingerprint information matches the second fingerprint information.
    Type: Grant
    Filed: August 12, 2016
    Date of Patent: March 12, 2019
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Chan Wang, Huangwei Wu, Xi Huang
  • Patent number: 10225274
    Abstract: A method may include identifying a shared usage of a first network address and a second network address in a predetermined period of time. The method may also include clustering the first network address and the second network address based on the shared usage. The method may include determining a weighting factor between the first network address and the second network address based on the shared usage. The method may further include receiving a request that includes the second network address from a client device. The method may include determining that the request for the electronic activity does not include suspicious activity based on the first network address and the second network address being in the cluster. The method may further include permitting the electronic activity based on the determination that the request for the electronic activity does not include suspicious activity.
    Type: Grant
    Filed: January 30, 2017
    Date of Patent: March 5, 2019
    Assignee: PAYPAL, INC.
    Inventors: Noa Miron, Doron Hai-Reuven
  • Patent number: 10187767
    Abstract: A system and method are disclosed for authenticating and authorizing access to and accounting for consumption of bandwidth for IPv6 connectivity to the Internet over Wireless Access Vehicular Environment (WAVE) service channels by client devices using an Authentication, Authorization and Accounting (AAA) server. The AAA server authenticates and authorizes client devices to access WAVE service channels, and accounts for bandwidth consumption by the client devices using WAVE service channels to access the Internet. The AAA server enables an RSU infrastructure operator to quantify wireless bandwidth consumption by in-vehicle devices using the WAVE Service Channels, on a per-device basis.
    Type: Grant
    Filed: June 30, 2017
    Date of Patent: January 22, 2019
    Assignee: PAXGRID CDN INC.
    Inventor: Martin D. Nathanson
  • Patent number: 10172000
    Abstract: Pre Shared Keys (“PSK”) for application and data session security are generated using application authentication secret values stored in a SIM device/card. The SIM internally uses the secret values as inputs to a security algorithm engine, but the secret values are not accessible outside of the SIM. The application authentication secret values cannot be used to authenticate the SIM, or a device that includes the SIM, to a communication network. Rather, symmetric keys and keying material are generated for use by applications outside of the standard and conventional wireless networking uses of a SIM device. Updated PSKs are generated at different network endpoints such that the PSKs are generated individually and separately at the endpoints; the ‘preshared’ keys are not actually shared. Thus, a client endpoint and a server endpoint, or an endpoint associated with the server, independently generate the same PSK without the PSK being transmitted between the endpoints.
    Type: Grant
    Filed: July 8, 2016
    Date of Patent: January 1, 2019
    Assignee: M2MD TECHNOLOGIES, INC.
    Inventor: Charles M. Link, II
  • Patent number: 10164972
    Abstract: A system receives a request to authenticate a user and determines a first set of cell identifiers of a card matrix to associate with the user. The system receives a first factor, which comprises a first set of received cell values corresponding to the first set of cell identifiers of the card matrix. The system further determines a first set of stored cell values corresponding to the first set of cell identifiers of the card matrix and compares the first set of received cell values to the first set of stored cell values. The system also receives a second factor, which is different than the first factor. Finally, the system determines that the user is authenticated based at least in part upon the comparison of the first set of receives cell values to the first set of stored cell values.
    Type: Grant
    Filed: January 28, 2016
    Date of Patent: December 25, 2018
    Assignee: Bank of America Corporation
    Inventors: Amanda J. Adams, Lawrence R. LaBella
  • Patent number: 10158991
    Abstract: Pre Shared Keys (“PSK”) for application and data session security are generated using application authentication secret values stored in a SIM device/card. The SIM internally uses the secret values as inputs to a security algorithm engine, but the secret values are not accessible outside of the SIM. The application authentication secret values cannot be used to authenticate the SIM, or a device that includes the SIM, to a communication network. Rather, symmetric keys and keying material are generated for use by applications outside of the standard and conventional wireless networking uses of a SIM device. Updated PSKs are generated at different network endpoints such that the PSKs are generated individually and separately at the endpoints; the ‘preshared’ keys are not actually shared. Thus, a client endpoint and a server endpoint, or an endpoint associated with the server, independently generate the same PSK without the PSK being transmitted between the endpoints.
    Type: Grant
    Filed: April 28, 2016
    Date of Patent: December 18, 2018
    Assignee: M2MD TECHNOLOGIES, INC.
    Inventor: Charles M. Link, II
  • Patent number: 10142796
    Abstract: In a management system which allows measurement results obtained by sensors to be collected and a management target to be managed on the basis of the collected measurement results, a management device and the like that can provide more useful information for managing the management target are provided. The management device includes: an obtainment unit configured to obtain, from each of a plurality of sensors each configured to perform measurement regarding a management target, sensor information indicating a result of the measurement and identification information of the sensor; and a group management unit configured to perform a grouping process of dividing a plurality of the sensors into a plurality of groups by using the pieces of the identification information obtained by the obtainment unit, and to perform a process of storing group information indicating a result of the grouping process.
    Type: Grant
    Filed: May 7, 2015
    Date of Patent: November 27, 2018
    Assignee: SUMITOMO ELECTRIC INDUSTRIES, LTD.
    Inventor: Hirotsugu Yamamoto
  • Patent number: 10142296
    Abstract: Systems and methods of cryptographically protecting location data transferred between servers via a network to tune a location engine are described herein. A first encryption module determines a first hash value for each location determination, encrypts the first hash value for each location determination using a first encryption protocol to generate a first encrypted data set, and transmits the first encrypted data set to a server. The first encryption module receives, from the server, a second encrypted data set with second hash values generated by a second encryption module of the server using a second encryption protocol. The first encryption module creates a first double encrypted data set from the second encrypted data set. A tuner compares the first double encrypted data set with a second double encrypted data set received from the server to adjust the location engine.
    Type: Grant
    Filed: February 12, 2016
    Date of Patent: November 27, 2018
    Assignee: Google LLC
    Inventors: Mahyar Salek, Philip McDonnell, Amin Charaniya, Shobhit Saxena
  • Patent number: 10142320
    Abstract: A system and method for establishing and monetizing trusted identities in cyberspace relying upon user opt in. Users request to attain secure IDs for accessing parties that will rely on secure IDs to complete a transaction, for example merchants and service providers (relying parties). The relying parties (RPs) communicate with identity service providers and attribute providers via an Attribute Exchange Network (AXN) in order to obtain verified attributes associated with an entity (end user or user) that wishes to conduct business with the relying party. The relying party makes requests for verified attributes that are important to consummating business transactions for the relying party. Users are informed of requests for attributes on behalf of relying parties and users have the option to verify attributes, and add new attributes that may be useful or required for conducting business with relying parties.
    Type: Grant
    Filed: May 17, 2016
    Date of Patent: November 27, 2018
    Assignee: ID DATAWEB, INC.
    Inventors: David Hemphill Coxe, Robert Lloyd Coxe, Jr., John Joseph Dials, Jr., Christine W. McKay-Donovan