Authentication Of An Entity And A Message Patents (Class 713/170)
  • Patent number: 11909884
    Abstract: A method of performing user authentication includes by a service electronic device associated with a service, receiving, from a public electronic device, a request for a user to initiate a session of the service, generating a first security token, a first write token, a first read token, and/or a first delete token, sending the first security token, the first write token, the first read token, and/or the first delete token to a server electronic device, receiving, from the server electronic device, a key location identifier that uniquely identifies a memory location of a data store associated with the server electronic device where the first security token, the first write token, the first read token, and/or the first delete token are stored, saving the key location identifier in a data store associated with the service electronic device, generating a signed key location identifier, generating a machine-readable image that includes the key location identifier, the signed key location identifier and the first
    Type: Grant
    Filed: July 1, 2022
    Date of Patent: February 20, 2024
    Assignee: POWCH, LLC
    Inventors: Essam Abadir, Rosco Schock
  • Patent number: 11895239
    Abstract: Systems and methods for verifying an identity of a user. A method includes generating a tokenized biometric sample by tokenizing a biometric sample associated with the user by a computing system. The method further includes generating a digitally-signed tokenized biometric sample by digitally signing the tokenized biometric sample with a private key associated with the user by the computing system. The method further includes, responsive to a biometric reference template matching a signing party biometric sample associated with a signing party and a record, determining that the user matches the signing party by the computing system. The biometric reference template is based on biometric data extracted from the biometric sample. Authenticity and data integrity of the record is determined based on each of the record, the tokenized biometric sample, and a public key of a public/private key pair comprising the private key.
    Type: Grant
    Filed: August 15, 2022
    Date of Patent: February 6, 2024
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Phillip H. Griffin, Jeff J. Stapleton
  • Patent number: 11876887
    Abstract: There may be provided a computer-implemented method. It may be implemented using a blockchain such as, for example, the Bitcoin blockchain. The computer-implemented method includes: i) joining a congress by transferring, by a node operating in a proof-of-work blockchain network, one or more digital assets to a congress pool having one or more other digital assets associated with other members of a congress; ii) detecting, by the node, a special transaction of digital assets on the proof-of-work blockchain network to an address associated with the congress pool, the special transaction satisfying determined criteria; and iii) minting, by the node, one or more digital assets on a proof-of-stake blockchain network in response to detecting the special transaction.
    Type: Grant
    Filed: May 27, 2022
    Date of Patent: January 16, 2024
    Assignee: nChain Licensing AG
    Inventors: John Fletcher, Thomas Trevethan, Marco Bardoscia
  • Patent number: 11874936
    Abstract: According to aspect of the present disclosure there are provided methods and apparatus for printing to a group of printers in a network, including a method comprising provisioning each printing device of the plurality of printing devices with a respective private cryptographic key, defining a first group of printing devices comprising a first subset of the plurality of printing devices, generating a first group public key for the defined first group of printing devices, the first group public key generated based on public cryptographic keys corresponding to the respective private cryptographic keys provisioned to the first subset of the plurality of printing devices, and providing the first group public key to a user.
    Type: Grant
    Filed: October 31, 2018
    Date of Patent: January 16, 2024
    Assignee: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.
    Inventors: Thalia May Laing, Joshua Serratelli Schiffman
  • Patent number: 11870654
    Abstract: Methods and systems for introducing self-contained intent functionality into decentralized computer networks is described. Specifically, the methods and systems for encoding user intent (e.g., what functions a value may be used for) into data structures for computer programs and/or transaction protocols intended to automatically execute, control, or record events and actions according to predetermined terms or criteria are described herein. For example, the methods and systems may include using a permission structure native to one or more cryptocurrencies to provide additional functionality that allows for an intent to be introduced into the computer program and/or transaction protocol. This intent may be introduced using a routing data structure indicating exchange eligibility of resource sources.
    Type: Grant
    Filed: March 22, 2021
    Date of Patent: January 9, 2024
    Inventor: Matthew Branton
  • Patent number: 11855999
    Abstract: An administrator creates an access policy for a network resource using an access server. The access policy may specify device characteristics that are needed to access the network resource. These characteristics may relate to the type of user device, the computing environment of the user device, installed applications and versions, installed certificates, and physical characteristics. The access policy for the network resource may be assigned to a user or to groups of users. Later, when the user attempts to access the network resource, an application installed on the user device provides a file containing the characteristics of the user device to the access server. The access server determines whether the characteristics of the file satisfies the access policy associated with the user and network resource, and if so permits access to the network resource. Else, access to the network resource is denied.
    Type: Grant
    Filed: December 20, 2022
    Date of Patent: December 26, 2023
    Assignee: UAB 360 IT
    Inventors: Juta Gurinavi{hacek over (c)}iūtė, Carlos Eliseo Salas Lumbreras
  • Patent number: 11853343
    Abstract: Embodiments of the present invention provide methods, systems, apparatuses, and computer program products for integrating user-specific context indicators into a searchable enterprise platform. In one embodiment, an apparatus is configured to apply a learned user profile, to a set of search results to obtain a user-specific, ranked arrangement of search results. The learned user profile may be developed through the application of a machine learning and/or trained model to a set of user behaviors that have been determined or otherwise detected within an enterprise platform, such that the user-specific context in which a user's search arises can be modeled and applied to retrieved digital content items associated with a search query within the enterprise platform.
    Type: Grant
    Filed: July 24, 2019
    Date of Patent: December 26, 2023
    Assignee: ATLASSIAN PTY LTD.
    Inventor: Jon Hartlaub
  • Patent number: 11855996
    Abstract: An administrator creates an access policy for a network resource using an access server. The access policy may specify device characteristics that are needed to access the network resource. These characteristics may relate to the type of user device, the computing environment of the user device, installed applications and versions, installed certificates, and physical characteristics. The access policy for the network resource may be assigned to a user or to groups of users. Later, when the user attempts to access the network resource, an application installed on the user device provides a file containing the characteristics of the user device to the access server. The access server determines whether the characteristics of the file satisfies the access policy associated with the user and network resource, and if so permits access to the network resource. Else, access to the network resource is denied.
    Type: Grant
    Filed: December 21, 2022
    Date of Patent: December 26, 2023
    Assignee: UAB 360 IT
    Inventors: Juta Gurinavi{hacek over (c)}iūtė, Carlos Eliseo Salas Lumbreras
  • Patent number: 11854019
    Abstract: The invention relates to securing of an article against forgery and falsifying of its associated data, and particularly of data relating to its belonging to a specific batch of articles, while allowing offline or online checking of the authenticity of a secured article and conformity of its associated data with respect to that of a genuine article.
    Type: Grant
    Filed: June 3, 2019
    Date of Patent: December 26, 2023
    Assignee: SICPA HOLDING SA
    Inventors: Eric Decoux, Philippe Gillet, Philippe Thevoz, Elisabeth Wallace
  • Patent number: 11855937
    Abstract: Methods, systems, and apparatuses, including computer programs encoded on computer-readable media, for receiving a first communication request, from a web browser of a user. A first responder requests information and a response to the request for information is received as part of a conversation. A conversation identifier is used to store the conversation. Based on the conversation, the conversation is determined to stop and a second responder is identified. The conversation is then transferred to the second responder.
    Type: Grant
    Filed: September 7, 2022
    Date of Patent: December 26, 2023
    Assignee: Disintermediation Services, Inc.
    Inventors: John Patrick Francis Dandison, James Allen Johnson, Paul Joseph Lyman Schottland
  • Patent number: 11856041
    Abstract: Disclosed is distributed routing and load balancing in a dynamic service chain, receiving a packet at a first service instance, including a NSH imposed on the by a service classifier. The NSH includes a stream affinity code consistent for packets in a stream. The method also includes processing the packet at the first instance where the instance performs a first service in a service chain that includes second and third services. The first service instance accesses a flow table using the stream affinity code to select a second service instance performing the second service from among service instances performing the second service, and the first instance routes the packet to the selected second service instance upon egress from the first service instance. The method can include hashing the stream affinity code to access the flow table and access an available instance using the hash as a key to a CHT.
    Type: Grant
    Filed: April 15, 2021
    Date of Patent: December 26, 2023
    Assignee: Netskope, Inc.
    Inventors: Umesh Bangalore Muniyappa, Ravi Ithal
  • Patent number: 11848921
    Abstract: A system for and method of transmitting verifiable e-mail includes a message ID sent to a recipient of the e-mail. A system for and method of transmitting encrypted files using e-mail and other electronic communication channels includes a computer program for storing encrypted files supplied by a user, creating a link to the encrypted files to be e-mailed to a recipient, allowing download of the encrypted files when an authorization code is provided after the link is used to go to a system server, wherein the authorization code is sent to a telephone of the recipient, via text or aurally.
    Type: Grant
    Filed: January 6, 2023
    Date of Patent: December 19, 2023
    Assignee: ESIPCO, LLC
    Inventor: Edward B. Scheinuk
  • Patent number: 11841959
    Abstract: Systems and methods for permitting software presence/configurations to function as a factor in a multi-factor authentication scheme so that a user's access to a different software program/application is conditioned on the presence of certain pre-specified software or software configurations that would otherwise not be necessary for access and/or operation of the different software program/application. Generally, by confirming the presence/configuration of the pre-specified software on a computing device, the system ensures that a user, in one embodiment, may only access the different software program/application with the proper configuration of the pre-specified software.
    Type: Grant
    Filed: November 18, 2021
    Date of Patent: December 12, 2023
    Assignee: Ionic Security Inc.
    Inventors: Adam Ghetti, Ryan Speers, Jeffrey Howard, Robert McColl, Taylor Jay Centers, William Monte LeBlanc
  • Patent number: 11792643
    Abstract: Methods, systems, and devices for wireless communication are described. Devices may synchronize parameters associated with an encryption key to avoid a key mismatch. In a first example, a transmitter and a receiver may each update a respective parameter at each transmission occasion associated with semi-statically allocated resources, regardless of whether signaling is transmitted in the transmission occasion. In a second example, the transmitter and the receiver may each update the respective parameter based on a slot count, rather than at each transmission occasion. In a third example, the transmitter may indicate a value of a transmitter parameter to the receiver, for example in control signaling or in the signaling in each transmission occasion. In a fourth example, the receiver may be enabled to identify a skipped transmission occasion The receiver may be enabled with a feedback process to indicate the receiver recognized the associated transmission occasion was skipped.
    Type: Grant
    Filed: October 7, 2021
    Date of Patent: October 17, 2023
    Assignee: QUALCOMM Incorporated
    Inventors: Ahmed Elshafie, Hung Dinh Ly, Seyedkianoush Hosseini
  • Patent number: 11783087
    Abstract: This technology receive first telemetry data collected at the client when first instrumentation code provided to the client during a first interaction with a first server is executed at the client. The first telemetry data is stored in a telemetry data set comprising telemetry data for one or more interactions between a plurality of clients and a plurality of servers. Second telemetry data, collected at the client when the second instrumentation code provided to the client during a second interaction with a second server is executed at the client, is received. Based on the second telemetry data, determining when the telemetry data set includes stored telemetry data for an interaction between the client and the first server. A transfer of data associated with the client and the first server to the second interaction is facilitated when the determination indicates the telemetry data set includes the stored telemetry data.
    Type: Grant
    Filed: October 15, 2020
    Date of Patent: October 10, 2023
    Assignee: Shape Security, Inc.
    Inventor: Sumit Agarwal
  • Patent number: 11777746
    Abstract: To provide a mutual authentication system which is not required to erase master key when a slave device is replaced. The storage part stores a temporary key which is key data used temporarily and a master key which is key data used for authentication. The storage part stores the temporary key. The key confirmation unit inquires whether the slave device stores the master key. The key confirmation response unit confirms whether the master key has already been stored in the storage part for an inquiry from the master device and responds. The key introduction unit encrypts the master key by using the temporary key and transmits to the slave device. The key storage unit decrypts the encrypted master key by using the temporary key and stores in the storage part. The main authentication unit and the sub-authentication unit authenticate with each other by using the master key.
    Type: Grant
    Filed: June 6, 2019
    Date of Patent: October 3, 2023
    Assignee: NIDEC SANKYO CORPORATION
    Inventor: Kazuto Saeki
  • Patent number: 11762973
    Abstract: In an approach to auditing of multi-factor authentication, one or more computer processors receive a request for a multi-factor authentication for a service from at least one device associated with a user. One or more computer processors retrieve information associated with the at least one device. One or more computer processors log the request and the information associated with the at least one device. One or more computer processors calculate a strength of the multi-factor authentication based on the request and the information associated with the at least one device. One or more computer processors log a multi-factor authentication audit trail.
    Type: Grant
    Filed: November 16, 2021
    Date of Patent: September 19, 2023
    Assignee: International Business Machines Corporation
    Inventors: Saritha Arunkumar, Cheng-Ta Lee
  • Patent number: 11748439
    Abstract: Methods and systems for distributed cognition of digital content include receiving submissions from community members regarding a knowledge object. Each community member has a reputation value and each submission includes an evaluation value representing an evaluation of the knowledge object by the community member. A consensus evaluation is determined based on a calculated combination of the evaluation values in the submissions received and the reputation values of the respective community members who submitted the submissions. While submissions are being received, the consensus evaluation of the knowledge object is iteratively updated based on submissions received, being a calculated combination of the evaluation values in the submissions received and the reputation values of the respective community members who submitted the submissions.
    Type: Grant
    Filed: May 4, 2021
    Date of Patent: September 5, 2023
    Assignee: Big Idea Lab, Inc.
    Inventor: Gary Kenneth Kooznetsoff
  • Patent number: 11743255
    Abstract: The techniques herein are directed generally to providing access control and identity verification for communications when initiating a communication from an entity to be verified. In one embodiment an initiating device initiates a communication to a receiving device on a communication channel, wherein the receiving device is configured to determine whether an identity associated with the initiating device is verified by a verification service. The initiating device verifies the identity through a verification service client application on the initiating device, and conveys, to the verification service over a verification channel, that the identity associated with the initiating device is verified, wherein the verification service conveys, to the receiving device over the verification channel, that the identity is verified.
    Type: Grant
    Filed: April 29, 2020
    Date of Patent: August 29, 2023
    Assignee: Journey.ai
    Inventors: Shmuel Shaffer, Yolanda Schwartz, Alexander John Shockley
  • Patent number: 11722295
    Abstract: Methods, apparatus, systems, and articles of manufacture are disclosed to securely audit communications. An example apparatus includes a participant list generator to, responsive to a command to provision a secured group of devices in a network to prevent malicious activity, generate a participant device list including one or more endpoint devices and a control plane server; a privilege controller to, based on a policy indicated in the command, set read and write privileges for the one or more endpoint devices and the control plane server; a command controller to, based on the command, determine whether to generate a shared communication key using a shared system key; and a communication processor to encrypt communications between the one or more endpoint devices and the control plane server using the shared communication key.
    Type: Grant
    Filed: April 30, 2020
    Date of Patent: August 8, 2023
    Assignee: Musarubra US LLC
    Inventors: Arthur S. Zeigler, Eric Wuehler, Jonathan B. King
  • Patent number: 11722310
    Abstract: Methods, apparatus, and processor-readable storage media for automatically discovering and securely identifying connected systems are provided herein. An example computer-implemented method includes discovering a set of one or more systems connected via at least one network using one or more domain name server (DNS) service discovery techniques; identifying at least one of the one or more systems of the discovered set by processing cryptographic data associated with at least a portion of the one or more systems using one or more digest access authentication techniques; and performing one or more automated actions based at least in part on the at least one identified system.
    Type: Grant
    Filed: January 14, 2021
    Date of Patent: August 8, 2023
    Assignee: EMC IP Holding Company LLC
    Inventors: Anurag Sharma, Maunish A. Shah, Senthil Ponnuswamy
  • Patent number: 11722469
    Abstract: A protocol that is managed by a coordinating network element or third-party intermediary or peer network elements and utilizes tokens prohibits any subset of a union of the coordinating network element or third-party intermediary, if any, and a proper subset of the processors involved in token generation from substantively accessing underlying data. By one approach, processors utilize uniquely-held secrets. By one approach, an audit capability involves a plurality of processors. By one approach, the protocol enables data transference and/or corroboration. By one approach, transferred data is hosted independently of the coordinating network element. By one approach, the coordinating network element or third-party intermediary or a second requesting network element is at least partially blinded from access to tokens submitted by a first requesting network element. By one approach, a third-party intermediary uses a single- or consortium-sourced database.
    Type: Grant
    Filed: January 23, 2023
    Date of Patent: August 8, 2023
    Assignee: Springcoin, Inc.
    Inventors: David William Kravitz, Mollie Zechlin Halverson, Matthew Benjamin Smith
  • Patent number: 11714894
    Abstract: Methods and apparatuses are described for authenticating client applications using an identity fabric blockchain. A server receives a first registration request from a first client application. The server generates a first decentralized identifier corresponding to the first client application and stores the first identifier in an identity fabric blockchain. The server receives a second registration request from a second client application, generates a second decentralized identifier corresponding to the second client application, and stores the second identifier in the blockchain. The server receives a first authentication request from a first resource and authenticates the first client application based on the first authentication request and the first decentralized identifier stored in the blockchain.
    Type: Grant
    Filed: December 10, 2021
    Date of Patent: August 1, 2023
    Assignee: FMR LLC
    Inventor: Carolyn Manis Sorensen
  • Patent number: 11716372
    Abstract: A system for centralized management of access subnetwork selections is disclosed. The system comprises an Internet protocol-based communications management (ICM) client located on an onboard server of each of one or more vehicles, and an ICM server located at a ground center. The ICM server is in operative communication with the ICM client on each of the one or more vehicles. The ICM client on each of the one or more vehicles is operative to communicate with the ICM server through one or more subnetworks, which are in operative communication with a ground network. The ground network communicates with the ICM server.
    Type: Grant
    Filed: May 12, 2020
    Date of Patent: August 1, 2023
    Assignee: Honeywell International Inc.
    Inventors: Louis T. Toth, Philip Hermann
  • Patent number: 11711399
    Abstract: There is disclosed in one example a gateway apparatus, including: a hardware platform including a processor and a memory; and instructions stored within the memory to instruct the processor to: provide a domain name system (DNS) server, the DNS server to provide an encrypted DNS service, and to cache resolved domain names; receive an outgoing network packet; determine a destination address of the outgoing network packet; and upon determining that the destination address was not cached, apply a security policy.
    Type: Grant
    Filed: January 25, 2021
    Date of Patent: July 25, 2023
    Assignee: McAfee, LLC
    Inventors: Tirumaleswar Reddy Konda, Shashank Jain, Piyush Pramod Joshi, Himanshu Srivastava
  • Patent number: 11700527
    Abstract: Embodiments are presented for collaborative device address generation between a wireless client device and a network infrastructure component, such as a wireless access point. The wireless client device and network infrastructure component share information to facilitate collaborative generation of a sequence of device addresses. This shared information includes, in some embodiments, key information and moving factor information. The key information and moving factor information is used to generate a token. A sequence of tokens is generated by updating the moving factor as each token is generated. A corresponding sequence of device addresses are then derived based on the sequence of tokens. Since the wireless client device and the network infrastructure device apply equivalent methods to generate respective sequences of addresses, the network infrastructure is able to efficiently identify a source wireless client device when observing a new device address on a wireless network.
    Type: Grant
    Filed: May 25, 2021
    Date of Patent: July 11, 2023
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Srinath Gundavelli, Stephen Michael Orr, Shree N. Murthy
  • Patent number: 11693052
    Abstract: A network of storage units has a data path, which is at least a portion of the network. The network also has a dynamic time-varying or cycle-varying code generation unit and a code comparator unit that together make up an unlock signal generation unit; and a gateway storage unit. If the gateway storage unit does not store an unlock signal or the unlock signal generation unit does not generate and transmit an unlock signal, the gateway storage unit does not insert a data path segment in the data path. If the unlock signal generation unit is operated such that it generates an unlock signal, and it transmits that unlock signal to a gateway storage unit, and the gateway storage unit stores the unlock signal value, then the gateway storage unit inserts a data path segment into the data path.
    Type: Grant
    Filed: April 17, 2022
    Date of Patent: July 4, 2023
    Assignee: Silicon Aid Solutions, Inc.
    Inventors: James M. Johnson, Alfred L. Crouch
  • Patent number: 11681787
    Abstract: A method can include receiving identity data from a computing device. The method can include verifying that the identity data is associated with a live subject. The method can include generating a privacy-secured token based on the identity data. The method can include generating a randomized unique user identifier (RUUI). The method can include storing the privacy-secured token and the RUUI in association at a first registry. The method can include transmitting the RUUI to the computing device. The method can include configuring metadata of a cryptographic asset to include the RUUI. The cryptographic asset may be associated with a second registry, and the second registry may be associated with a blockchain environment.
    Type: Grant
    Filed: October 14, 2022
    Date of Patent: June 20, 2023
    Assignee: T STAMP INC.
    Inventor: Gareth Neville Genner
  • Patent number: 11671425
    Abstract: A request is obtained for accessing a resource in a different region from a region indicated by a session token included with the request. The session token is re-encrypted using secret information of the second region. The request to access the resource in the different region can be fulfilled using the re-encrypted session token.
    Type: Grant
    Filed: June 25, 2020
    Date of Patent: June 6, 2023
    Assignee: Amazon Technologies, Inc.
    Inventors: Srikanth Mandadi, Khaled Salah Sedky, Slavka Praus, Marc R. Barbour
  • Patent number: 11665004
    Abstract: Systems and methods are described that enable trusted communications between two entities. In one implementation, a controller of a vehicle may include one or more processors configured to receive data and a controller signature from a second controller of the vehicle. The controller signature may be generated based on at least a first portion of the data. The one or more processors may be further configured to transmit the data and the controller signature to a gateway of the vehicle and receive a gateway signature from the gateway. The gateway signature may be generated based on at least a second portion of the data and transmitted to the controller after the gateway verified the controller signature. In addition, the one or more processors may be configured to verify the gateway signature and process the data.
    Type: Grant
    Filed: May 28, 2021
    Date of Patent: May 30, 2023
    Assignee: NEUSTAR, INC.
    Inventor: Brian R. Knopf
  • Patent number: 11665222
    Abstract: A data transaction processing system including multiple transaction processors also includes an active transaction receiver that sequences all incoming messages from various sources to facilitate transactional determinism, as well as a results arbiter to efficiently decide which transaction processor result to choose as the correct output. The data transaction processing system minimizes overall latency by optimizing which transaction processors and results arbiters are responsive to specific client computer input requests or messages.
    Type: Grant
    Filed: January 24, 2022
    Date of Patent: May 30, 2023
    Assignee: Chicago Mercantile Exchange Inc.
    Inventors: Zachary Bonig, Jose Antonio Acuna-Rohter, Pearce Peck-Walden, James Bailey, Eric Thill, David Lariviere
  • Patent number: 11664941
    Abstract: A system and method for data coding and transmission for improving a retry mechanism are disclosed. A system and method allow the receiver to perform decoding based on increased data bits rather than by repeatedly processing the same retransmitted information, thereby reducing the number of retries and improving the performance of a communication system. Also, with the reduced number of retries, the computing costs of the electronic devices used in the communication systems are reduced. When mobile devices are often used in wireless communication, this is particularly advantageous since the battery life of these devices is significantly improved. Moreover, the system and method provide incremental data transmission and therefore optimize the utilization of channel bandwidth.
    Type: Grant
    Filed: March 31, 2021
    Date of Patent: May 30, 2023
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Amer Hassan, Russell Andrew Penar, Edward Charles Giaimo, III
  • Patent number: 11663817
    Abstract: A system for extraction and verification of handwritten signatures from arbitrary documents. The system comprises one or more computing devices configured to: receive a digital image of a document; perform a dilating transformation via convolution matrix on the digital image to obtain a modified image; determine a plurality of regions of connected markings in the digital image; based at least in part on a pixel density or proximity to an anchor substring of each region, determine whether any region contains any handwritten signature; extract first image data of the region containing a handwritten signature from the digital image; retrieve second image data of a confirmed example signature for a purported signer of the handwritten signature; and based on a comparison of the first image data with the second image data, forward a determination of whether the first image data and second image data are similar.
    Type: Grant
    Filed: July 15, 2021
    Date of Patent: May 30, 2023
    Assignee: MORGAN STANLEY SERVICES GROUP INC.
    Inventors: Sruthi Sangala, Titash Mandal, Sonil Trivedi, Sujit Eapen
  • Patent number: 11647042
    Abstract: Systems, methods, and devices are disclosed for preventing relay attacks. A user device may receive (e.g., when proximate to the first access device), from an intervening device, device identification data for a first access device. A message may be received from a second access device via the intervening device. The message may include a digital signature generated based at least in part on second access device identification data. The user device may validate the message utilizing the digital signature and a public key. If the message is invalid, the user device may discard the message. If the message is valid, (e.g., unaltered), the user device may determine that the user has not confirmed an intent to interact with the second access device and may terminate an further interaction with the second access device accordingly.
    Type: Grant
    Filed: November 28, 2018
    Date of Patent: May 9, 2023
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Brian Sullivan, Quan Wang, Yuexi Chen, Christian Aabye, Christian Flurscheim, Pasan Hapuarachchi
  • Patent number: 11635952
    Abstract: Certain examples described herein relate to secure update propagation. The examples present systems and methods to transmit data in the form of updates over a network and to ensure the authenticity of the updates. The examples use a set-homomorphic digital signature scheme to sign updates such that a combined digital signature may be used to verify a batch of updates in place of a set of individual digital signatures. The combined digital signature may be generated by aggregating individual digital signatures.
    Type: Grant
    Filed: December 17, 2020
    Date of Patent: April 25, 2023
    Assignee: PQShield Ltd
    Inventors: Shuichi Katsumata, Thomas Prest
  • Patent number: 11621848
    Abstract: A method including determining, by a processor, an assigned key pair associated with a user device, the assigned key pair including an assigned public key and an assigned private key; authenticating, by the processor, received biometric information; selectively transmitting, by the processor to a trusted device based at least in part on a result of authenticating the received biometric information, an encryption request to encrypt the assigned private key; and encrypting, by the processor based at least in part on selectively transmitting the encryption request, content based at least in part on utilizing the assigned public key is disclosed. Various other aspects are contemplated.
    Type: Grant
    Filed: June 5, 2022
    Date of Patent: April 4, 2023
    Assignee: UAB 360 IT
    Inventor: Mindaugas Valkaitis
  • Patent number: 11606279
    Abstract: An application may perform operations within a first secure enclave of a processing device. The application may provide secure monitoring data, such as secure heartbeat information. The monitoring data and an application identity may be verified at a second secure enclave of the processing device using local attestation operations. A remote attestation signature may be generated at the second secure enclave based on the monitoring data, the application identity, and a node private key. A monitoring message signature may be generated at the first secure enclave based on an application private key and a message payload that includes the monitoring data, the application identity, and the remote attestation signature. A monitoring message that includes the payload and monitoring message signature may be sent from the first secure enclave to a monitoring system, which may verify the message to detect unauthorized changes to the monitoring data or the application identity.
    Type: Grant
    Filed: July 10, 2020
    Date of Patent: March 14, 2023
    Assignee: Fortanix, Inc.
    Inventors: Nehal Bandi, Andrew Leiserson
  • Patent number: 11606283
    Abstract: A request is received from a browser (e.g., a tool that runs on top of or in a browser). The request is to authenticate via an authentication credential provided from a communication device that is external to a test communication device running the browser. The request is queued in a request queue. The authentication credential is received from an interceptor that intercepts the authentication credential in the external communication device. The authentication credential is sent to the browser, which in turn sends the authentication credential to the application under test. This completes the authentication process in the application under test. The request is then removed from the request queue. This allows for an automated multi-factor authentication process that can be used for testing the application under test.
    Type: Grant
    Filed: February 10, 2022
    Date of Patent: March 14, 2023
    Assignee: Micro Focus LLC
    Inventors: Eyal Jakob, Vladyslav Voloshyn, Constantine Adarchenko
  • Patent number: 11599615
    Abstract: Methods and systems for creating a digital association are provided. The method includes obtaining a first user-generated item comprising identifiable features of a first user and a second user. The method also includes obtaining a second user-generated item comprising the identifiable features of the first user and the second user. The method also includes cross-confirming that the first and second user-generated items are valid to verify the digital association.
    Type: Grant
    Filed: March 12, 2021
    Date of Patent: March 7, 2023
    Assignee: BULLISH GLOBAL
    Inventors: Daniel J. Larimer, Richard B. Whitner, Thomas C. Hallgren, Todd B. Fleming
  • Patent number: 11601272
    Abstract: A system for efficient third-party authentication of asset transfers using trusted computing includes a process authentication node configured to receive transfer data relating to an asset transfer, wherein the transfer data includes at least a first authentication datum, retrieve, from an instance of a secure listing, a first digitally signed assertion including at least a second authentication datum, wherein the first digitally signed assertion is generated by a data validator device as a function of information of a transferring entity, compare the at least a first authentication datum to the at least a second authentication datum, and authenticate the transfer data as a function of the comparing of the at least a first authentication datum to the at least a second authentication datum.
    Type: Grant
    Filed: April 29, 2020
    Date of Patent: March 7, 2023
    Assignee: Ares Technologies, Inc.
    Inventor: Christian T Wentz
  • Patent number: 11593495
    Abstract: A structured document is verified for changes that are made during and after deployment of an application. The structured document includes first fields that are designated as mutable, and second fields that are designated as immutable. An attempted change is detected to the structured document during or after deployment of the application. Upon detecting the attempted change, a digital signature is generated of the second fields of the structured document. A determination is made whether the generated digital signature of the second fields matches a reference digital signature of the second fields. Upon determining that the generated digital signature matches the reference digital signature, the change to the structured document is permitted. Upon determining that the generated digital signature does not match the reference digital signature, the change is blocked to the structured document.
    Type: Grant
    Filed: September 8, 2020
    Date of Patent: February 28, 2023
    Assignee: VMware, Inc.
    Inventor: Edo Yacov Dekel
  • Patent number: 11593805
    Abstract: A system for authenticating an electronic device by means of an authentication server in order to authenticate a user of said electronic device. The system is adapted to perform an authentication based on a fictive payment transaction and includes the authentication server which is adapted to execute a fictive payment transaction with a predetermined transaction amount with said electronic device and during said execution to receive a first cryptogram from said electronic device; send said first cryptogram to a banking server; and receive from said banking server an acknowledgment if said first cryptogram is valid; when said fictive payment transaction has been executed, compute an authentication identification based on said electronic device's data; said electronic device which is a payment electronic device and which is adapted to execute said fictive payment transaction with said authentication server and during said execution to send said first cryptogram to said authentication server.
    Type: Grant
    Filed: September 25, 2015
    Date of Patent: February 28, 2023
    Assignee: THALES DIS FRANCE SAS
    Inventors: Frank Arnold, Jean Lambert, Laurent Castillo
  • Patent number: 11592590
    Abstract: A method may include calculating a first set of hash values for a set of well log channels, extracting a well log channel snippet from an unknown well log channel, calculating a second set of hash values for the well log channel snippet, identifying, for the unknown well log channel, a matching well log channel by searching the first set of hash values with the second set of hash values, and storing, for the unknown well log channel, a channel context corresponding to the matching well log channel.
    Type: Grant
    Filed: December 17, 2020
    Date of Patent: February 28, 2023
    Assignee: Schlumberger Technology Corproation
    Inventor: Christopher Lunny
  • Patent number: 11588658
    Abstract: A service management system communicates via wide area network with gateway devices located at respective user premises. The service management system remotely manages delivery of application services, which can be voice controlled, by a gateway, e.g. by selectively activating/deactivating service logic modules in the gateway. The service management system also may selectively provide secure communications and exchange of information among gateway devices and among associated endpoint devices. An exemplary service management system includes a router connected to the network and one or more computer platforms, for implementing management functions. Examples of the functions include a connection manager for controlling system communications with the gateway devices, an authentication manager for authenticating each gateway device and controlling the connection manager and a subscription manager for managing applications services and/or features offered by the gateway devices.
    Type: Grant
    Filed: October 11, 2021
    Date of Patent: February 21, 2023
    Assignee: KIP PROD P1 LP
    Inventors: Amir Ansari, George A. Cowgill, Leon E. Nicholls, Jude P. Ramayya, Ramprakash Masina, Alvin R. McQuarters, Atousa Raissyan
  • Patent number: 11581984
    Abstract: This disclosure provides systems, methods, and apparatus, including computer programs encoded on computer-readable media, for a retransmission protocol that utilizes compressed feedback. Various implementations relate generally to a compressed feedback technique for hybrid automatic repeat request (HARQ). Upon receiving a compressed feedback value, a sending device may generate a retransmission codeblock. The retransmission codeblock may be derived from multiple codeblocks in a set of codeblocks. A receiving device can use the retransmission codeblock to obtain any failed codeblock in the set of codeblocks based on all other previously decoded codeblocks in the set of codeblocks. Thus, the receiving device does not need to indicate which codeblock in the set failed, but only needs to send a compressed feedback value that indicates which sets of codeblocks have had a single codeblock failure.
    Type: Grant
    Filed: May 7, 2021
    Date of Patent: February 14, 2023
    Assignee: QUALCOMM Incorporated
    Inventors: Gideon Shlomo Kutz, Tal Oved, Assaf Touboul
  • Patent number: 11574238
    Abstract: A machine learning (ML) based asset monitoring system that automatically determines damage mechanisms (DMs) and generates automatically updated visualizations of assets that include equipment and lines of a processing plant is disclosed. The asset monitoring system is communicatively coupled to the assets of the plant and continuously receives process parameters associated with the various processes and equipment in the plant. Corrosion loops (CLs) are identified and automatically demarcated by the asset monitoring system. DMs are predicted for each of the assets using a ML model based on the process parameters and the corrosion loops. The data regarding the DMs, CLs and the process parameters are used to obtain equipment risk rankings for the assets. Multi-dimensional visualizations of the assets that display the state of the plant assets in real-time are generated.
    Type: Grant
    Filed: March 4, 2019
    Date of Patent: February 7, 2023
    Assignee: ACCENTURE GLOBAL SOLUTIONS LIMITED
    Inventors: Sudipta Saha, Nithin Shetty, Ayushman Chatterjee, Satish Krishtagouda Mariyappagoudar
  • Patent number: 11570182
    Abstract: An endpoint determines whether a client is authorized to access data. A database stores separate authorizations of a permission model in a data table along with the data. Mapping templates of the endpoint convert a client request for data into a database query for client authorization and the requested data. In response to the query, the database returns to the endpoint the requested data as well as an indication of authorization from the data table. The mapping templates of the endpoint are then used to generate an appropriate response to the client. When the database response indicates the client is authorized, the endpoint can return the requested data to the client. When the database response indicates the client is not authorized, the endpoint can return an error. In some embodiments, the endpoint is an application programming interface (API) gateway that conforms to representational state transfer (REST) software architecture.
    Type: Grant
    Filed: March 30, 2020
    Date of Patent: January 31, 2023
    Assignee: Amazon Technologies, Inc.
    Inventors: Richard Nhan Tran, Srdan Mihajlovic, Kevin J. Park
  • Patent number: 11569988
    Abstract: A network node of a mobile communications network may need to generate at least one new Input Offset Value, IOV value, for use in protecting communications between the network node and a mobile station. The network node then associates a fresh counter value with the or each new IOV value; calculates a Message Authentication Code based on at least the at least one new IOV value, the fresh counter value associated with the or each new IOV value, and a constant indicating that the Message Authentication Code is calculated to protect the new IOV value; and transmits the at least one new IOV value, the fresh counter value associated with the or each new IOV value, and the calculated Message Authentication Code to the mobile station.
    Type: Grant
    Filed: December 22, 2020
    Date of Patent: January 31, 2023
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Vesa Torvinen, Nicklas Johansson, Atle Monrad, Gang Ren, Mikael Wass, Monica Wifvesson
  • Patent number: 11550891
    Abstract: Techniques for securing user data in a healthcare data management system are described. A client system receives a request to authenticate a user. The user is associated with applications and roles. The user is authenticated, at the client system, for all applications and all roles. A login token relating to the authenticated user is maintained at the client system. A role is selected for the user, and an authorization token relating to the selected role is maintained at the client system. A session for the user is initiated. This includes generating an encrypted session cookie relating to the user and the session, storing the encrypted session cookie at the client system, and periodically updating a timestamp for the session cookie.
    Type: Grant
    Filed: June 19, 2019
    Date of Patent: January 10, 2023
    Assignee: Preventice Solutions, Inc.
    Inventors: Savy Vath, Gale G. Mcfarland, Kevin W. Kirkeby, Michael S. Butterbrodt
  • Patent number: 11552787
    Abstract: A computing device includes an array of addressable elements. Each addressable element is a hardware element that generates a substantially consistent response when interrogated. The device includes a processor coupled to the array of addressable elements and configured to communicate using a communication network. The processor receives a public key, and processes the public key to produce at least a set of addresses. Each address in the set of addresses identifies one or more hardware elements in the array of addressable elements. The processor generates a set of responses by interrogating the one or more hardware elements in the array of addressable elements identified by the set of addresses according to a set of reading instructions, appends the responses in the set of responses to generate a private key, receives an encrypted message and decrypts the encrypted message using the private key to generate an unencrypted message.
    Type: Grant
    Filed: January 19, 2022
    Date of Patent: January 10, 2023
    Assignees: ARIZONA BOARD OF REGENTS ON BEHALF OF NORTHERN ARIZONA UNIVERSITY, GOVERNMENT OF THE UNITED STATES OF AMERICA, AS REPRESENTED BY THE SECRETARY OF THE AIR FORCE
    Inventors: Bertrand F Cambou, Christopher Robert Philabaum, Donald A. Telesca, Jr.