Authentication Of An Entity And A Message Patents (Class 713/170)
  • Patent number: 10229256
    Abstract: Technologies for authenticated audio login by a user of a computing device include generating a security token having a plurality of token characters. The computing device renders the generated security token to a current user of the computing device on an output device of the computing device. The computing device, receives security token audio input from the current user and retrieves, based on the rendered security token, voice profile data of an authorized user of the computing device from a voice profile database. The voice profile database includes voice data based on the authorized user's prior recitation of each token character of a set of token characters from which the security token may be composed. The computing device compares the received security token audio input and the retrieved voice profile data to verify that the current user is the authenticated user and the current user recited the rendered security token.
    Type: Grant
    Filed: October 25, 2013
    Date of Patent: March 12, 2019
    Assignee: Intel Corporation
    Inventors: Karthik K. Rishi, Bratin Saha
  • Patent number: 10204704
    Abstract: In part, the disclosure relates to an apparatus, system, and method for responding to emergency needs of a user with one or more responses including contacting an emergency contact for a user in response to a biometric identifier. Other responses can include retrieving stored medical information for use by a first responder, insurance provider, medical or healthcare professional, or other user or entity. Emergency data retrieval software can be activated on a per user based upon a biometric scan of the user to trigger one or more data transmission or retrieval events such as medical file retrieval and emergency contacts being automatically called or messaged.
    Type: Grant
    Filed: May 22, 2015
    Date of Patent: February 12, 2019
    Inventor: Brooke Erin Wurst
  • Patent number: 10200861
    Abstract: We disclose various embodiments that enable a mobile terminal to authenticate a base station before the mobile terminal proceeds to attach to the corresponding network and/or camp on the corresponding cell, e.g., during the initial network selection and attachment or during an idle mode. In an example embodiment, the authentication processing includes the mobile terminal generating and sending to a candidate base station a system query with a nonce. The candidate base station is deemed to be authentic only if the acknowledgement generated and transmitted in response to the system query includes a copy of the nonce properly signed by a digital signature generated using one or more security keys. In some embodiments, the system query may also include a request for GPS coordinates and/or selected system information signed using a digital signature, which the mobile terminal may beneficially use to further strengthen the protection against a spoofing attack.
    Type: Grant
    Filed: December 19, 2016
    Date of Patent: February 5, 2019
    Assignee: NOKIA OF AMERICA CORPORATION
    Inventors: Suresh P. Nair, Semyon Mizikovsky
  • Patent number: 10187754
    Abstract: A method may include obtaining a first indicator of a first location of a user at a first time; identifying the user at the first location at the first time; obtaining a second indicator of the first location of the user at the first time; confirming the first location of the user at the first time by comparing the first and second indicator; storing the first record; obtaining a first indicator of a second location of the user at a second time; identifying the user at a second location at the second time; storing a second record, the second record comprising the second indicator of the second location, a second indication of the second time, and a second indication of the identity of the user at the second location at the second time; and linking the first and second records to create an unalterable alibi of the user.
    Type: Grant
    Filed: July 23, 2018
    Date of Patent: January 22, 2019
    Assignee: Brilliant Points, Inc.
    Inventor: Christopher G. Hansen
  • Patent number: 10182120
    Abstract: The method for assigning a tag (T) with an action for a network device (N) within a network comprising a management server (M), a control device (S) and the network device reads the tag with the control device; the tag transmitting a unique tag ID and a URL to the control device. The control device (S) reads the URL and connects with the management server (M), in case the tag has no action assigned, an action to be performed by the network device (N) is selected for the tag from a list on the control device, the management server is informed about the selected action. The management server stores the selected action in a memory of the management server, and the control device communicates with the network device (N) to inform the network device (N) to perform the action.
    Type: Grant
    Filed: August 20, 2015
    Date of Patent: January 15, 2019
    Assignee: INTERDIGITAL CE PATENT HOLDINGS
    Inventors: Fabien Battini, Franck Abelard
  • Patent number: 10171240
    Abstract: Some embodiments provide a non-transitory machine-readable medium that stores a program. The program receives a queue message from a computing device. The queue message includes a request to perform a set of actions on a resource in a private network and a security signature generated from an authentication operation. The program also stores the queue message in a message queue for later retrieval when the queue message is determined to be valid based on the security signature. The program further sends the queue message to a queue monitor for the queue monitor to instruct the resource to perform the set of actions. Upon receiving a response associated with the queue message from the queue monitor, the program forwards the response associated with the queue message to the computing device.
    Type: Grant
    Filed: November 17, 2015
    Date of Patent: January 1, 2019
    Assignee: SUCCESSFACTORS, INC.
    Inventor: Yang Peng
  • Patent number: 10171476
    Abstract: The migration of identity documents, such as driving licenses, from physical documents to electronic documents creates new problems for those seeking to verify the identity of an individual based upon the electronic document they provide. However, the inventors have established a means of binding electronic documents and electronic representations of physical documents to individuals at issuance of the document(s). Accordingly, the inventors address identity verification by providing to those seeking to verify the individual's identity data allowing them to verify the presented electronic ID document. For example, a police officer requesting a driving license can obtain on their own electronic device through the methods of the invention the issued driving license associated with identifier information on the license provided by the individual. As such tampering with the license to change a name, date of birth, photo etc. will result in a visible mismatch to the police officer in comparing them.
    Type: Grant
    Filed: February 15, 2016
    Date of Patent: January 1, 2019
    Inventor: Sal Khan
  • Patent number: 10169622
    Abstract: A method of authenticating a slave device. The method includes initializing, by a host device, a charge retention circuit of the slave device, and receiving, by the host device, an indication of a discharge time of the charge retention circuit. The host device authenticates the slave device based on the received indication of the discharge time of the charge retention device.
    Type: Grant
    Filed: December 8, 2017
    Date of Patent: January 1, 2019
    Assignees: PROTON WORLD INTERNATIONAL N.V., STMICROELECTRONICS (ROUSSET) SAS
    Inventors: Jean-Louis Modave, Fabrice Marinet, Denis Farison
  • Patent number: 10165063
    Abstract: An online system receives third party hashes for a plurality of targeted users and generates local hashes for one or more local users of the online system. The online system identifies as matched users those local users with local hashes that match those of the third party hashes. The online system generates one or more inferred identifiers for each of the one or more local users, the inferred identifiers being of the same type as the local unique identifiers, and the inferred identifiers generated based on characteristics of each corresponding local user. The online system identifies as inferred matched users at least one of the local users that have local hashes of corresponding inferred identifiers that match a third party hash of a third party unique identifier. The online system provides, to a third party system, a selection including the matched users and a selection including the inferred matched users.
    Type: Grant
    Filed: June 16, 2016
    Date of Patent: December 25, 2018
    Assignee: Facebook, Inc.
    Inventors: Aleksey Sergeyevich Fadeev, Li Zhou
  • Patent number: 10149156
    Abstract: A trusted caller ID authority receives registration data from a first communication device. The first communication device is authenticated by the trusted caller ID authority using the registration data and an authentication object is provided to the first communication device. A second communication device receives a call and the authentication object from the first communication device. The second communication device sends a validation request to the trusted caller ID authority that includes the authentication object. Validation information associated with the first communication device is provided to the second communication device. The validation information includes registration and authentication status of the first communication device.
    Type: Grant
    Filed: December 18, 2015
    Date of Patent: December 4, 2018
    Assignee: AMAZON TECHNOLOGIES, INC.
    Inventors: Nandit Tiku, Derek William Bolt, Marcel Andrew Levy
  • Patent number: 10140443
    Abstract: An example method is provided for a computing device to select an authentication source. The method may comprise receiving a request to authenticate a user account and determining multiple authentication sources that are capable of processing the request. The multiple authentication sources may be associated with respective performance indicators. The method may also comprise selecting a particular authentication source to process the request, wherein the particular authentication source is selected from the multiple authentication sources based on the performance indicators. The method may further comprise processing the request using the particular authentication source to authenticate the user account.
    Type: Grant
    Filed: April 13, 2016
    Date of Patent: November 27, 2018
    Assignee: VMWARE, INC.
    Inventors: Vardan Movsisyan, Armen Sahakyan
  • Patent number: 10142956
    Abstract: A mobile communication device including a wireless transceiver and a controller is provided. The wireless transceiver performs wireless transmission and reception to and from a service network. The controller determines whether the service network is an Isolated E-UTRAN Operation for Public Safety (IOPS) network, and transmits a first ATTACH REQUEST message including an IOPS indicator to the service network via the wireless transceiver in response to the service network being an IOPS network. Also, the controller receives a first ATTACH ACCEPT message including encrypted mapping information from the service network via the wireless transceiver, and transmits a first ATTACH COMPLETE message to the service network via the wireless transceiver.
    Type: Grant
    Filed: July 15, 2016
    Date of Patent: November 27, 2018
    Assignee: ACER INCORPORATED
    Inventor: Wei-Chieh Tsai
  • Patent number: 10122692
    Abstract: Cryptographically protected communications sessions are established using a distributed process. A server proxies handshake messages to another computer system that negotiates a cryptographically protected communications session with the client. When the client and other computer system complete negotiation of the session, the other computer system provides a set of session keys to the server. The server then uses the session keys to communicate with the client over the cryptographically protected communications session.
    Type: Grant
    Filed: June 16, 2015
    Date of Patent: November 6, 2018
    Assignee: Amazon Technologies, Inc.
    Inventor: Colm MacCarthaigh
  • Patent number: 10122689
    Abstract: Cryptographically protected communications sessions are established using a distributed process. A load balancer proxies handshake messages to a first computer system that negotiates a cryptographically protected communications session with the client. When the client and first computer system complete negotiation of the session, the first computer system provides a set of session keys to a second computer system, through the load balancer or another channel. The second computer system then uses the session keys to communicate with the client over the cryptographically protected communications session.
    Type: Grant
    Filed: June 16, 2015
    Date of Patent: November 6, 2018
    Assignee: Amazon Technologies, Inc.
    Inventor: Colm MacCarthaigh
  • Patent number: 10116666
    Abstract: Methods of extending capabilities of authenticated code modules (ACM) with minimal increase in code size comprises defining an authenticated code module (ACM) extension module using an entry of a Firmware Interface Table (FIT). The FIT contains a starting address of the ACM extension module that is located outside of a protected boot block. Based on the ACM extension module having been authenticated, the ACM and the ACM extension module may be processed together.
    Type: Grant
    Filed: February 3, 2017
    Date of Patent: October 30, 2018
    Assignee: Intel Corporation
    Inventors: William C. Arthur, Jr., John K. Pennington
  • Patent number: 10115155
    Abstract: The systems and methods described herein allow consumers to lock or unlock their credit files at multiple credit bureaus in real-time or near real-time. The service may allow a consumer to provide identifying information, such as a personal identifier to lock or unlock credit files at a plurality of credit bureaus over a network. Upon receiving the personal identifier, the system may use the personal identifier to translate the identifier into a plurality of access codes for respective credit bureaus, for example by accessing a data structure, such as a database or table, that stores a personal identifier and access codes that are associated with a consumer. The system may then use the access codes to automatically initiate locking or unlocking of credit files for the consumer at the respective credit bureaus.
    Type: Grant
    Filed: September 14, 2017
    Date of Patent: October 30, 2018
    Assignee: EXPERIAN INFORMATION SOLUTION, INC.
    Inventors: Eric Haller, Kelly Kent
  • Patent number: 10084863
    Abstract: An electronic switching system for generating correlation identify (ID) with respect to a client in order to thereby establish, integrate and communicate to a server (lean server or nano server) within a cloud environment (e.g. Inswit™ Cloud). A service location identification module for identifying and generating a service location identity with respect to a remote client. A source ID generating module for generating a correlation ID/source ID based on the service location identify in order to serialize the payload and establish a connection with the server. The electronic switching system proposed herein operates external to the cloud environment by effectively generating the correlation identity with respect to a client device accessing the server in a cloud environment. The system also switches, integrates and executes client communications to an appropriate server in the cloud environment using the correlation ID.
    Type: Grant
    Filed: February 25, 2014
    Date of Patent: September 25, 2018
    Inventor: P. Ashok Anand
  • Patent number: 10067925
    Abstract: An authorization prompt issued from a server is detected, and previously-entered account information, is accessed on a user device. A selectable display element corresponding to each set of entered account information is displayed. User selection or actuation of a given display element is received, and the corresponding account information is retrieved and used to log onto the server that issued the authentication prompt.
    Type: Grant
    Filed: April 12, 2017
    Date of Patent: September 4, 2018
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Julie Seto, Evan Stavrou
  • Patent number: 10069809
    Abstract: Disclosed are systems and method for secure transmission of web pages using encryption of their content. An exemplary method comprises: receiving from a remote server, by a processor of a proxy server, a web page requested by a user device; analyzing, by the processor, the received web page to select one or more elements of the web page for encryption based at least upon a list of web page elements predetermined by the proxy server to protect against malware attacks; encrypting the code of the one or more selected elements; generating a script containing the encrypted code of the one or more selected elements; and replacing the code of the one or more selected elements in the web page with the script containing the encrypted code of the one or more selected elements prior to transmitting the web page to the user device.
    Type: Grant
    Filed: December 28, 2016
    Date of Patent: September 4, 2018
    Assignee: Λο KΛSPERSKY LΛB
    Inventors: Oleg V. Kupreev, Vladimir A. Kuskov, Alexey A. Samuleenkov
  • Patent number: 10057068
    Abstract: A biometric signature system generates a digital signature for electronic documents using biometric information as a secret key. Registration commitment information is generated by performing expansion conversion on a predetermined secret key and embedding the resulting secret key in feature data of biometric information of a user, and a set with a corresponding public key. A pair of one-time secret and public keys is generated for digital signature feature data of the biometric information of the user, and a digital signature for a message is generated using the one-time secret key. A digital signature commitment is generated and a set of the one-time public key and the digital signature is output as the biometric digital signature. The digital signature is verified using the one-time public key. A differential secret key is calculated and a correspondence of the differential secret key, the one-time public key and the public key is verified.
    Type: Grant
    Filed: May 28, 2013
    Date of Patent: August 21, 2018
    Assignee: HITACHI, LTD.
    Inventor: Kenta Takahashi
  • Patent number: 10043053
    Abstract: A novel system, device and method of validation is provided for sensing a biometric such as a fingerprint, where biometric data corresponding to the biometric entity such as a fingerprint is then transmitted to a host configured to perform a plurality of authentication processes to authenticate the biometric data. At least one of the plurality of authentication steps is then validated. Alternatively, a portion of the biometric data may be retained, where biometric data corresponding to the biometric is then transmitted to a host configured to perform a plurality of authentication steps to authenticate the biometric data. At least one of the plurality of authentication steps is then validated.
    Type: Grant
    Filed: August 24, 2017
    Date of Patent: August 7, 2018
    Assignee: Synaptics Incorporated
    Inventors: Richard Alexander Erhart, Frank Schwab
  • Patent number: 10045210
    Abstract: The invention relates to a method for authentication of a person previously known by a server to own a telephone having a unique identifier and to possess an access code, which method involves: the server sending (53) an identification code to a terminal on request by the latter via a first network; transferring (57) the identification code to the telephone; the server receiving (59), from the telephone via a second network, the identification code in association with the unique identifier; the server (61) generating a single-use authentication token and sending (63) the latter to the telephone; returning (64) the token to the server; and, in parallel: acquiring (67) via the terminal the access code input by the person; and sending (69) said access code to the server; authentication (71) of the person is obtained by the server if the identification code, the unique identifier, the authentication token and the access code correspond.
    Type: Grant
    Filed: June 28, 2012
    Date of Patent: August 7, 2018
    Assignee: ONEY BANK
    Inventors: Benoît Charles Maurice Fernand Ferlin, Alexis Rizet, Peyman Aleboyeh
  • Patent number: 10040574
    Abstract: The airplane anti-hijacking system is an access control, alarm, and lockout system that is installed on commercial aircraft for the purpose of preventing unauthorized persons from taking control of the aircraft. The airplane anti-hijacking system is a biometric system that authenticates the identity of the flight crew and automatically monitors the flight operation for anomalies. Should an anomaly occur in-flight, an emergency message is sent via satellite to the appropriate authorities. Upon receipt of an emergency message, airplane anti-hijacking system gives the appropriate authorities the ability to seize control of the aircraft by locking out in-flight control of the operation of the flight controls and operating the aircraft remotely. The airplane anti-hijacking system further comprises a craft control module and a plurality of biometric scanners.
    Type: Grant
    Filed: April 26, 2016
    Date of Patent: August 7, 2018
    Inventor: James William Laske, Jr.
  • Patent number: 10033723
    Abstract: A communication device including a non-SIM based client is authenticated for accessing an IMS network. An internet protocol identity is received from the communication device. The internet protocol identity is not associated with a SIM. Authentication information associated with the internet protocol identity is requested and received from the communication device. A determination is made whether the communication device is authenticated based on the internet protocol identity and the authentication information. If the communication device is determined to be authenticated, the communication device is allowed access to the IMS network.
    Type: Grant
    Filed: December 18, 2013
    Date of Patent: July 24, 2018
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventors: Timothy Hirst, Siroos K. Afshar, Paritosh Bajpay, Pradeep Khowash
  • Patent number: 10032240
    Abstract: A method, system and/or NFC (Near field communication) enabled mobile device is provided for executing an electronic contract on NFC enabled mobile devices. A first contracting party is provided to apply an electronic signature thereof in an electronic contract provided on a first NFC enabled mobile device used by the first contracting party, the electronic signature is applied through a secure element of the first NFC enabled mobile device. The electronically signed contract is transmitted from the first NFC enabled mobile device to a second NFC enabled mobile device used by a second contracting party for providing the second contracting party to apply an electronic signature thereof in the received electronically signed contract from the first NFC enabled mobile device through a secure element in the second NFC enabled mobile device.
    Type: Grant
    Filed: November 8, 2013
    Date of Patent: July 24, 2018
    Assignee: International Business Machines Corporation
    Inventors: Paul A. Ashley, Anthony M. Butler, Ravi Kothari, Yu-Chen Lin
  • Patent number: 10033530
    Abstract: A method, system and/or NFC (Near field communication) enabled mobile device is provided for executing an electronic contract on NFC enabled mobile devices. A first contracting party is provided to apply an electronic signature thereof in an electronic contract provided on a first NFC enabled mobile device used by the first contracting party, the electronic signature is applied through a secure element of the first NFC enabled mobile device. The electronically signed contract is transmitted from the first NFC enabled mobile device to a second NFC enabled mobile device used by a second contracting party for providing the second contracting party to apply an electronic signature thereof in the received electronically signed contract from the first NFC enabled mobile device through a secure element in the second NFC enabled mobile device.
    Type: Grant
    Filed: March 7, 2014
    Date of Patent: July 24, 2018
    Assignee: International Business Machines Corporation
    Inventors: Paul A. Ashley, Anthony M. Butler, Ravi Kothari, Yu-Chen Lin
  • Patent number: 10015468
    Abstract: Transmission of stereo image data may be performed between devices, where a source device receives E-EDID from a sink device via DDC of an HDMI cable. This E-EDID contains information on 3D image data transmission modes supportable by the sink device. Based on information on 3D image data transmission modes from the sink device, the source device selects a predetermined transmission mode from among the 3D image data transmission modes supportable by the sink device. The source device transmits 3D image data in the selected transmission mode to the sink device. The source device transmits information on the transmission mode for the 3D image data, to the sink device by using an AVI InfoFrame packet or the like. The sink device processes the 3D image data received from the source device in accordance with its transmission mode, thereby obtaining left and right eye image data.
    Type: Grant
    Filed: August 24, 2017
    Date of Patent: July 3, 2018
    Assignee: Sony Corporation
    Inventors: Yasuhisa Nakajima, Kazuyoshi Suzuki, Akihiko Tao, Shigehiro Kawai
  • Patent number: 10009765
    Abstract: An electronic device includes a memory configured to store identification information of an information server that is matched with an encryption key; and a controller configured to send, before the electronic device is connected with an external device, a request for network information of the external device to the external device in a network discovery frame encrypted using the encryption key matched with the identification information of the information server, and to receive the network information of the external device from the external device in the encrypted network discovery frame.
    Type: Grant
    Filed: July 22, 2015
    Date of Patent: June 26, 2018
    Assignee: Samsung Electronics Co., Ltd
    Inventors: Bu-Seop Jung, Jun-Ho Lee, Young-Kwan Chung, Yong-Hae Choi, Jong-Mu Choi
  • Patent number: 10009170
    Abstract: An apparatus and method for providing a Feistel-based variable length block cipher, which are configured to, when plaintext having a certain bit length is encrypted, generate ciphertext having the same bit length as plaintext, and to decrypt ciphertext into plaintext having the same bit length. The apparatus includes an encryption/decryption key generation unit for generating a number of encryption/decryption keys corresponding to a preset number of rounds, based on a secret key, the length of the secret key, the length of plaintext, and a round constant; an encryption/decryption tweak generation unit for generating an encryption/decryption tweak based on a tweak, a length of tweak, and the length of plaintext; and a ciphertext output unit for outputting ciphertext having length identical to that of plaintext, based on plaintext, the length of the plaintext, the length of the secret key, the encryption/decryption keys, and the encryption/decryption tweak.
    Type: Grant
    Filed: July 28, 2015
    Date of Patent: June 26, 2018
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Jung Keun Lee, Bonwook Koo, Dongyoung Roh, Woo-Hwan Kim, Daesung Kwon
  • Patent number: 10003464
    Abstract: A computer-implemented method for securing a trusted transaction using a biometric identity verification system comprising a peripheral device, a vendor server, and a verification server. The method may comprise the steps of receiving a biometric indicator at the peripheral device, and forwarding the biometric indicator to the vendor server. The method may further comprise forwarding the biometric indicator to the verification server which may verify the biometric indicator by translating the biometric indicator into an encryption value, and computing an identity verification flag, defined as a pulse upon detecting a match of the encryption value and a stored cypher record. The vendor server may execute the trusted transaction by receiving the pulse signifying a match of the encryption values found by the verification server.
    Type: Grant
    Filed: June 7, 2017
    Date of Patent: June 19, 2018
    Inventors: Taeyup Kim, David Bartine
  • Patent number: 9996711
    Abstract: An integrated circuit (IC) provisioned for asset protection has a primary circuit portion, such as a microprocessor or system-on-chip, that can be selectively disabled and enabled via an operability control input. The IC includes a secure register to store lock state indicia and unlock criteria, where a signal at the operability control input is responsive to the lock state indicia. In operation, a firmware data store receives and stores firmware code that includes a lock/unlock command, and firmware data that includes an unlock key. An authorization module verifies authenticity of the firmware code. A lock/unlock (LUL) module is operative to write lock state indicia to the secure register based on the lock/unlock command only in response to a positive verification of the authenticity of the firmware code by the authorization module, and to write lock state indicia to the secure register.
    Type: Grant
    Filed: October 30, 2015
    Date of Patent: June 12, 2018
    Assignee: Intel Corporation
    Inventors: Ramamurthy Krithivas, Donald C. Soltis, Jr., Bradley Burres
  • Patent number: 9972008
    Abstract: Verifying the integrity of a received binary object by calculating a first displayable authenticator derived from an input binary object. The first authenticator is then attached to the input binary object, producing a first composite binary object, which is sent to a remote receiver. A second composite binary object is received back from the remote receiver, wherein the second composite binary object includes a received binary object, a received first displayable authenticator, and a second displayable authenticator. A third displayable authenticator is calculated, derived from the second composite binary object, then a display of the first displayable authenticator is compared to a display of the third displayable authenticator, and verification of the integrity of the received binary object is indicated by an exact match between displays of the first and third displayable authenticators.
    Type: Grant
    Filed: December 9, 2013
    Date of Patent: May 15, 2018
    Assignee: EMPIRE TECHNOLOGY DEVELOPMENT LLC
    Inventor: Rajaram Lalgudi Natarajan
  • Patent number: 9967269
    Abstract: The invention provides a method, device and system for processing DNS behavior. The method comprises: resolving received network data packet; judging a DNS behavior type corresponding to the network data packet according to the resolution result; determining a processing body according to the DNS behavior type, wherein the processing body comprises a kernel and/or an application layer; and transferring the network data packet to the determined processing body, and processing the network data packet by the determined processing body. The method in the disclosure can improve the DNS defense capability, while improving the service processing capability of a single machine.
    Type: Grant
    Filed: March 19, 2015
    Date of Patent: May 8, 2018
    Assignee: Beijing Qihoo Technology Company Limited
    Inventors: Hongyi Zhou, Can Pu, Xiaosheng Tan
  • Patent number: 9967253
    Abstract: There is provided an authority delegation system capable of issuing, in a case where an identifier of a user is associated with an identifier of a client, authority information indicating that an authority of the user has been delegated to the client without receiving an instruction for authorizing the authority of the user on the service to be delegated to the client.
    Type: Grant
    Filed: May 27, 2015
    Date of Patent: May 8, 2018
    Assignee: Canon Kabushiki Kaisha
    Inventor: Yu Tamura
  • Patent number: 9959874
    Abstract: A method and a system for identity authentication are presented. In one example embodiment, audio data (e.g. a sound wave) may be received from a user. The audio data may be used to establish an identity of an entity to the user. The audio data may be stored at a storage location; and be presented to the user to establish the identity of the entity when the entity participates in an electronic communication with the user. In another example embodiment, a server (e.g., a web client or client application server) may present a plurality of audio files to a user; receive a user selection of selected audio data from the plurality of audio files; responsive to the user selection, the server may communicate, via a network, the selected audio data to another server. The selected audio data may be used as an identity authentication.
    Type: Grant
    Filed: August 24, 2014
    Date of Patent: May 1, 2018
    Assignee: eBay Inc.
    Inventor: Yihong Zhang
  • Patent number: 9961542
    Abstract: The embodiments herein provide a method and system for creating a secure connection for a User Equipment (UE) in a wireless network including a UE, carrier aggregated with at least one first serving frequency served by a first eNB and at least one second serving frequency served by a second eNB. A unique non-repetitive security base key associated with the second eNB is generated using a freshness parameter and security key associated with the first eNB. The use of a different freshness parameter for each security base key derivation avoids key stream repetition. Further, a user plane encryption key is derived based on the generated unique non-repetitive security base key associated with the second eNB for encrypting data transfer over at least one data radio bearer.
    Type: Grant
    Filed: October 1, 2015
    Date of Patent: May 1, 2018
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Rajavelsamy Rajadurai, Mangesh Abhimanyu Ingale, Gert Jan Van Lieshout, Soenghun Kim
  • Patent number: 9954808
    Abstract: Collecting online group chat messages. The method may include receiving a message associated with an online group chat session between chat participants. The method may also include determining the received message satisfies at least one message collection rule. The method may further include recording the received message to at least one message table based on each chat participant mentioned in the received message. The method may also include determining a first chat participant chooses to open a private chat session with at least one second chat participant. The method may further include identifying recorded messages within the message tables associated with the at least one second chat participant. The method may also include displaying the identified recorded messages in a private chat session sub-window.
    Type: Grant
    Filed: June 24, 2015
    Date of Patent: April 24, 2018
    Assignee: International Business Machines Corporation
    Inventors: Yan Lan, Qian Cheng Liao, Li Wang, Xiao Li Wang, Jun Qing Zhang
  • Patent number: 9922391
    Abstract: A cell phone is disclosed for acquiring information to be transmitted to a receiving facility and for transmitting such thereto. A capture device captures information from an external source. A processor is provided for associating with the captured information a representation of the date and time of the capture of the information, such that the representation of the date and time information in association with the captured information forms augmented captured information. The processor also places the augmented captured information in association with subscriber information in a transmission of the augmented captured information to a receiving facility requiring such subscriber information. A transmitter transmits the transmission including the augmented captured information and the subscriber information to the receiving facility.
    Type: Grant
    Filed: March 6, 2017
    Date of Patent: March 20, 2018
    Assignee: MYPORT TECHNOLOGIES, INC.
    Inventors: Michael F. Malone, Frederick J. Murphy
  • Patent number: 9912757
    Abstract: This invention relates to a method for generating correlation identity with respect to a client to establish, integrate and communicate to a server within a cloud environment (e.g. Inswit™ Cloud). A service location identity can be generated with respect to a remote client by getting at least one service node of an appropriate service request made by the client device within the cluster of the cloud environment. A correlation ID/source ID can be thereafter generated based on the service location identity to serialize the payload and establish a connection with the server. The integration services with respect to the client device can be instantiated to permit authenticated information flow within the cloud network. The messages including the information on the destination end points can be finally emanated out of the source end points to the destination end point by efficiently authenticating the client devices using the correlation ID.
    Type: Grant
    Filed: February 25, 2014
    Date of Patent: March 6, 2018
    Inventor: P. Ashok Anand
  • Patent number: 9887983
    Abstract: A system, apparatus, method, and machine readable medium are described for implementing a composite authenticator. For example, an apparatus in accordance with one embodiment comprises: an authenticator for authenticating a user of the apparatus with a relying party, the authenticator comprising a plurality of authentication components; and component authentication logic to attest to the model and/or integrity of at least one authentication component to one or more of the other authentication components prior to allowing the authentication components to form the authenticator.
    Type: Grant
    Filed: October 29, 2013
    Date of Patent: February 6, 2018
    Assignee: Nok Nok Labs, Inc.
    Inventors: Rolf Lindemann, Davit Baghdasaryan
  • Patent number: 9882922
    Abstract: Methods and systems for detecting an electronic intrusion are described. A user activity may be identified for a user account. A location of a user corresponding to the user account may be determined. It may be identified, based in part on the location of the user, whether to communicate a request to the user for instructions to respond to the user activity. A response may be received from the user in response to determining to communicate the request to the user for instructions. The response may include instructions to block access to the user account at a server. Command information may be communicated to the server. The command information may include a command to block access to the user account.
    Type: Grant
    Filed: December 21, 2016
    Date of Patent: January 30, 2018
    Assignee: eBay Inc.
    Inventor: Srinivasan Raman
  • Patent number: 9882725
    Abstract: In various example embodiments, a system and method for providing policy-based authentication is provided. In example embodiments, a request to access and sign a document is received from a device of an intended signer. A policy assigned to the intended signer is determined. Based on the policy, a determination is made whether an authentication mechanism is applicable to the intended signer. In response to the determining that the authentication mechanism is applicable to the intended signer, the intended user is required to perform the authentication mechanism. The intended user is provided access to view and sign the document based on the intended user satisfying the authentication mechanism.
    Type: Grant
    Filed: November 2, 2015
    Date of Patent: January 30, 2018
    Assignee: Adobe Systems Incorporated
    Inventor: Dan Foygel
  • Patent number: 9882940
    Abstract: The present provides a method for logging in a website hosted by a serve by multi-account and the client. The method comprises: when logging into the server using the second account, a browser: receiving, from the user, login information of the user's second account generating authority request information of the second account based on the login information of the user's second account; saving the authority request information of said second account in a local system directory of the browser separately from authority request information of a first account that has logged into said server; transmitting the authority request information of the second account, via the Internet, to the server; and after receiving, via the Internet, identification information returned from said server for identifying said second account, the browser saving said identification information in the local system directory of the browser separately from corresponding identification information of the first account.
    Type: Grant
    Filed: February 20, 2012
    Date of Patent: January 30, 2018
    Assignee: BEIJING QIHOO TECHNOLOGY COMPANY LIMITED
    Inventors: Cheng Hang, Kuan Jiang, Yong Wan
  • Patent number: 9876799
    Abstract: A Software-as-a-Service (SaaS) access control application on a client device is configured with a certificate that identifies a user, and with configuration information for one or more SaaS applications to access, and including an IDP identifier for the SaaS application. The SaaS access control application includes software to be inserted into a network software stack of the client device and software configured to serve as an identity provider for assertions. A request, made by an application on the client device to a SaaS service provider identified by a Universal Resource Locator (URL) provided during configuration of the SaaS access control application, is intercepted within the network software stack of the client device. The SaaS access control application generates an assertion based on the certificate and configuration information. The requesting application is caused to make a request to the SaaS service provider with the assertion embedded in the request.
    Type: Grant
    Filed: September 3, 2015
    Date of Patent: January 23, 2018
    Assignee: Cisco Technology, Inc.
    Inventor: Nathan Sowatskey
  • Patent number: 9870489
    Abstract: A method of authenticating a slave device. The method includes initializing, by a host device, a charge retention circuit of the slave device, and receiving, by the host device, an indication of a discharge time of the charge retention circuit. The host device authenticates the slave device based on the received indication of the discharge time of the charge retention device.
    Type: Grant
    Filed: December 15, 2015
    Date of Patent: January 16, 2018
    Assignees: STMICROELECTRONICS (ROUSSET) SAS, PROTON WORLD INTERNATIONAL N.V.
    Inventors: Jean-Louis Modave, Fabrice Marinet, Denis Farison
  • Patent number: 9864851
    Abstract: A system, device and method for authenticating a user. The system, device and method may employ a computing device for providing credentials required for access to an on-line resource available over a network. The computing device may connect to the on-line resource to register a user. The computing device may receive from the on-line resource at least one request for a credential to identify the user. In response to the request, the computing device may generate a random credential, store the random credential in association with an on-line resource identifier and the request in a data store accessible to the computing device and, submit the random credential to the on-line resource to register the user.
    Type: Grant
    Filed: July 28, 2011
    Date of Patent: January 9, 2018
    Assignees: BlackBerry Limited, Certicom Corp.
    Inventors: Neil Patrick Adams, Scott Alexander Vanstone, Daniel Richard L. Brown, Dinah Lea Marie Davis, Christopher Labrador, Alfred John Menezes
  • Patent number: 9860230
    Abstract: A computer-implemented method for digitally signing executables with reputation information is disclosed. This method may include (1) receiving a request for a reputation certificate for an executable file, (2) identifying reputation information associated with the executable file, (3) generating a digitally signed reputation certificate for the executable file that includes at least the reputation information associated with the executable file, and then (4) providing the reputation certificate in response to the request. Additional computer-implemented methods for evaluating the trustworthiness of executable files based at least in part on reputation information contained within such digitally signed reputation certificates, along with corresponding systems and computer-readable media, are also disclosed.
    Type: Grant
    Filed: August 17, 2010
    Date of Patent: January 2, 2018
    Assignee: Symantec Corporation
    Inventors: William E. Sobel, Bruce McCorkendale
  • Patent number: 9842230
    Abstract: A system and method of guaranteeing the presence of secure and tamper-proof remote files over a distributed communication medium, such as the Internet, is provided. The system and method automatically detects, and then self-repairs corrupt, modified or non-existent remote files. The method first performs an integrity check on a remote file and then determines whether the integrity check passed. If the integrity check passed, then the user goes through the authentication process as normal. If the integrity check fails, then the present invention redirects to an install module in order to prepare to reinstall the remote file. Via the install module, the present invention then reinstalls the remote file and the user is then taken through the authentication process as normal.
    Type: Grant
    Filed: December 14, 2015
    Date of Patent: December 12, 2017
    Assignee: Citibank, N.A.
    Inventors: Steve Vlcan, Bikram Singh Bakshi
  • Patent number: 9843572
    Abstract: Disclosed are various examples for facilitating distribution of an authentication code to installation of managed applications. An identity certificate is sent to a device by installing a configuration profile on the client device. The configuration profile includes the identity certificate. A management service can also initiate installation of a managed application. The identity certificate can be used to authenticate the client device so that an authentication key can be provided to the managed application.
    Type: Grant
    Filed: June 29, 2015
    Date of Patent: December 12, 2017
    Assignee: AirWatch LLC
    Inventor: Adam Stephen Rykowski
  • Patent number: 9825758
    Abstract: A user device and one or more server computers securely evaluate a k-nearest neighbor model, with reasonable computation speed and bandwidth utilization, using a combination of techniques. The user device encrypts input vectors using a client's public key to keep client information private. The server computer homomorphically computes a distance between the encrypted input vector and vectors stored in the k-nearest neighbor model. The server computer then engages in a minimization process which results in the user device receiving classification vectors corresponding to the k-nearest neighbors.
    Type: Grant
    Filed: December 2, 2014
    Date of Patent: November 21, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Tony Feng, David J. Wu, Michael Naehrig, Kristin Lauter