Having Key Exchange Patents (Class 713/171)
  • Patent number: 10609556
    Abstract: Methods and apparatus for secondary authentication in a network. A method performed by a user equipment (UE) comprises establishing a user plane (UP) session or connection with a UP function (UPF), receiving an extensible authentication protocol (EAP) based authentication request from the UPF and sending an EAP based authentication response to the UPF. A method performed by a user plane UP function (UPF) comprises establishing a UP session or connection to a user equipment (UE), sending an extensible authentication protocol (EAP) based authentication request to the UE, and receiving an EAP based authentication response from the UE.
    Type: Grant
    Filed: October 25, 2017
    Date of Patent: March 31, 2020
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Noamen Ben Henda, David Castellanos Zamora, Vesa Lehtovirta
  • Patent number: 10609010
    Abstract: Systems and methods of sending secured messages on decentralized networks are provided. A software application distributed and installed on a computer terminal that willing is able to participate in the system, where the computer terminal is interactively and dynamically connected to one or two decentralized peer-to-peer communication networks, using the Internet. One of the networks is used to advise about the presence of a message and the other is used to securely store the content of the messages. An alternative embodiment is to use only the decentralized storage system, if it can also acts as a Public Ledger network, with its native crypto-currency. The cryptographic keys of the first network are used to protect the content of the file and to derive where the messages will be stored on the decentralized storage network. In such networks, the transactions are handled by cryptographic mathematical algorithms, which are known to be identical across all users or participants of the same network.
    Type: Grant
    Filed: May 22, 2017
    Date of Patent: March 31, 2020
    Assignee: RAISTONE, INC.
    Inventors: Denis Letourneau, Adam A. Martin, Greta Geankoplis
  • Patent number: 10609009
    Abstract: Methods and apparatus to provide extended object notation data are disclosed. An example apparatus includes a data handler having a first input to receive object data and a first output to output an object notation key-value pair for the object data; a string processor having a second input coupled to the first output and a second output to convey the object notation key-value pair without string literals; and a hashing and encryption handler having a third input coupled to the second output and a third output to convey the key-value pair signed with a private key, to convey the key-value pair encrypted with a public key, and to convey an indication that the encrypted key-value pair is encrypted in a key of the encrypted key-value pair.
    Type: Grant
    Filed: November 27, 2017
    Date of Patent: March 31, 2020
    Assignee: Texas Instruments Incorporated
    Inventors: Avraham Baum, Ilan Zarmi, Gil Reiter
  • Patent number: 10607001
    Abstract: The present invention provides a web-based electronic document service apparatus, which is capable of authenticating the edit of a document, and an operating method thereof, in which when a predetermined authentication token is randomly issued and transmitted to a client terminal accessing for editing an electronic document based on a web, and then an editing command and an authentication token corresponding to the editing command are received from the client terminal, it is determined whether the received authentication token corresponds to the previously issued authentication token, so that it is possible to confirm whether the editing command received from the client terminal is the editing command generated by the true user, thereby providing a security mechanism.
    Type: Grant
    Filed: June 29, 2016
    Date of Patent: March 31, 2020
    Assignee: HANCOM INC.
    Inventors: Taeju Lee, Yongkyung Oh, Kyury Kim
  • Patent number: 10602358
    Abstract: A server receives a login request from a first device. The login request includes login information used for an application login. In response to receiving the login request from the first device, the server transmits, to a second device different from the first device, a first message including a verification code. The first message instructs the second device to broadcast an audio signal including the verification code. The verification code is used to verify the first device by the server.
    Type: Grant
    Filed: April 15, 2019
    Date of Patent: March 24, 2020
    Assignee: Alibaba Group Holding Limited
    Inventor: Qi Zhou
  • Patent number: 10601822
    Abstract: An authentication device has internal circuitry operable to execute specific digital processing, a digital token, an image-capturing mechanism and circuitry, and an output interface. The image-capturing mechanism captures an image providing biometric identity of a user, the internal circuitry executing a first specific digital process creates a first digital string unique to the image providing biometric identity, the internal circuitry executing a second specific digital process combines the first digital string with the digital token, creating a combined digital string, and the combined digital string is provided to the output interface.
    Type: Grant
    Filed: October 3, 2017
    Date of Patent: March 24, 2020
    Inventor: Brett Littrell
  • Patent number: 10592437
    Abstract: Memory blocks are associated with each memory level of a hierarchy of memory levels. Each memory block has a matching key capability (MaKC). The MaKC of a memory block governs access to the memory block, in accordance with permissions specified by the MaKC. The MaKC of a memory block can uniquely identify the memory block across the hierarchy of memory levels, and can be globally unique across the memory blocks. An MaKC of a memory block includes a block protection key (BPK) stored with the memory block, and an execution protection key (EPK). If a provided EPK for a memory block matches the memory block's BPK upon comparison, access to the memory block is allowed according to the permissions specified by the MaKC.
    Type: Grant
    Filed: July 31, 2017
    Date of Patent: March 17, 2020
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Geoffrey Ndu, Dejan S. Milojicic, Paolo Faraboschi, Chris I. Dalton
  • Patent number: 10587630
    Abstract: Systems and methods for adaptively streaming video content to a wireless transmit/receive unit (WTRU) or wired transmit/receive unit may comprise obtaining a media presentation description that comprises a content authenticity, requesting a key for a hash-based message authentication code; receiving the key for the hash-based message authentication code, determining a determined hash for a segment of the media presentation description, requesting a reference hash for the segment from a server, receiving the reference hash for the segment from the server, and comparing the reference hash to the determined hash to determine whether the requested hash matches the determined hash.
    Type: Grant
    Filed: April 22, 2016
    Date of Patent: March 10, 2020
    Assignee: VID SCALE, INC
    Inventor: Alexander Giladi
  • Patent number: 10582382
    Abstract: In a first aspect of the disclosure, a method performed by an AAA server (103) of authenticating a non-SIM mobile terminal (111) with a wireless network (100) is provided. The method comprises receiving (S201) a request for service of the non-SIM mobile terminal (111), authenticating (S202) the non-SIM mobile terminal (111), submitting (S203) a request for subscriber profile data associated with the non-SIM mobile terminal (111) to an HSS (105), the subscriber profile data request comprising an indication that the non-SIM mobile terminal (111) has been authenticated by the AAA server (103), and to receiving (S204) from the HSS (105), in response to the indication that the non-SIM mobile terminal (111) has been authenticated, the requested subscription profile data.
    Type: Grant
    Filed: September 1, 2015
    Date of Patent: March 3, 2020
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Ping Chen, Pengbo Duan, Jiarong Wang, Hao Zou
  • Patent number: 10579643
    Abstract: A method for sharing data between blockchains in a multi-chain network including receiving a first plurality of account addresses associated with first and second blockchains and an account state for each account associated with the first plurality of account addresses, generating a first hash tree comprising a mapping between the first plurality of account addresses and the account states, defining a world state trie, generating a root hash of the world state trie, receiving a first plurality of transactions associated with the first and second blockchains, generating a second hash tree comprising the first plurality of transactions, defining a transactions trie, and generating a root hash of the transactions trie.
    Type: Grant
    Filed: September 9, 2019
    Date of Patent: March 3, 2020
    Inventor: Vijay Madisetti
  • Patent number: 10582073
    Abstract: A non-transitory computer-readable medium stores computer-executable instructions including an application. The application is configured to cause a processor of an information processing device to, in response to accepting an authentication instruction, activate a local server and a browser, and instruct the browser to display an authentication screen of a cloud server and to specify the local server as a redirection destination. The local server is configured to cause the processor to, in response to receiving a request from the browser, determine whether the request is a particular request other than the redirection request, when determining that the request is not the particular request, instruct the browser to display a completion screen including a result of the authentication, and terminate the local server, and when determining that the request is the particular request, respond to the particular request, without terminating the local server.
    Type: Grant
    Filed: February 19, 2019
    Date of Patent: March 3, 2020
    Assignee: Brother Kogyo Kabushiki Kaisha
    Inventor: Hirokazu Sato
  • Patent number: 10575273
    Abstract: Embodiments are directed to enrollment of an endpoint device in a secure domain. An enrollment request is sent to a delegated registrar (DR) device to initiate a trust-establishment procedure with the DR device to establish initial connectivity and an initial symmetric key to be shared between the DR and the endpoint device. The DR device provides to the endpoint device limited-use credentials for group-access key establishment, and group connectivity parameters for accessing a group administrator (GA) device. The endpoint device and the GA device perform a group-enrollment procedure in which the endpoint device provides the limited-use credentials to the GA device and receives, from the GA device, the group-access key.
    Type: Grant
    Filed: March 31, 2016
    Date of Patent: February 25, 2020
    Assignee: Intel Corporation
    Inventors: Meiyuan Zhao, Jesse R. Walker, Victor B. Lortz, Jianqing Zhang
  • Patent number: 10572685
    Abstract: Various examples described herein are directed to systems and methods for securing data. A security system may receive a first record comprising a plurality of record fields, where the plurality of record fields includes a first record field and the first record field includes a first record field data. The security system may access a source setup record corresponding to the first record from a source setup table and determine that the source setup record comprises data referencing the first record field. The security system may access first token data corresponding to the first record field data and replace the first record field data at the first record field with the first token data. The security system may store the first token data at a token table and writing the first token data to the first record field to replace the first record field data.
    Type: Grant
    Filed: December 21, 2018
    Date of Patent: February 25, 2020
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Thomas Francis Galvin, Jr., James Moffat McGill Hinkle, Victor Manuel Ortiz Del Valle, Udayakumar Ramakrishnan, Christina M. Hamilton, Stuart Edward Lockhart, Gregory Scott Woods
  • Patent number: 10575369
    Abstract: A voice-commanded common computing device may be selectively paired other computing devices in a shared network. The common computing device may detect co-presence of paired devices on the shared network, and may determine when audio and/or video content may be cast to devices on the shared network based on the detected co-presence. Audio content may include messages composed by a first user of a first device in the shared network, to be audibly output to a second user of a second device in the shared network. Casting of personal information may include positive authentication and verification prior to audible output of the personal information.
    Type: Grant
    Filed: July 26, 2017
    Date of Patent: February 25, 2020
    Assignee: GOOGLE LLC
    Inventors: Thomas Price, Anurag Agrawal
  • Patent number: 10574446
    Abstract: One embodiment described herein provides a system and method for secure data storage. During operation, a client device selects a quantum data key from a plurality of quantum data keys shared between the client device and a storage server, encrypts to-be-stored data using the selected quantum data key, and transmits a data-storage request to the storage server. The data-storage request comprises a key-identifier of the selected quantum data key and the encrypted data.
    Type: Grant
    Filed: September 27, 2017
    Date of Patent: February 25, 2020
    Assignee: Alibaba Group Holding Limited
    Inventor: Yingfang Fu
  • Patent number: 10554407
    Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for establishing a proof of storage over a specified period of time. One of the methods includes: (a) receiving, at a prover, an input challenge at a start time; (b) producing a proof responsive to the input challenge, wherein the proof is based at least in part on a proof of storage; (c) generating a new input challenge based at least in part on the proof; (d) repeating steps (b)-(c) a number of times resulting in a final proof; (e) receiving a proof result based at least in part on the final proof from the prover within a specified period of time from the start time; and (f) forwarding, to the verifier, the proof result.
    Type: Grant
    Filed: November 19, 2018
    Date of Patent: February 4, 2020
    Assignee: Protocol Labs, Inc.
    Inventors: Nicola Greco, Juan Batiz-Benet
  • Patent number: 10555157
    Abstract: A method and system for automatically connecting one customer device with another over a Bluetooth or similar connection. The automatic connection may be made by generating a unique identifier to store on a new customer device and a backend system associated with an existing customer device and connecting the new customer device with the existing customer device using the unique identifier.
    Type: Grant
    Filed: April 9, 2019
    Date of Patent: February 4, 2020
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: James Zarakas, Kevin Kelly, Saleem Sangi, Adam Koeppel
  • Patent number: 10552381
    Abstract: A blockchain of transactions may be referenced for various purposes and may be later accessed by interested parties for ledger verification. One example operation may comprise one or more of identifying determining a shared file is being edited by one or more entities, identifying one or more changes to the shared file while the shared file is being edited, signing the one or more changes with one or more public keys, and adding the one or more changes to a blockchain.
    Type: Grant
    Filed: December 16, 2016
    Date of Patent: February 4, 2020
    Assignee: International Business Machines Corporation
    Inventors: Paul R. Bastide, Jonathan Dunne, Liam Harpur, Robert E. Loredo
  • Patent number: 10547447
    Abstract: In one embodiment, a first apparatus includes a processor and an interface, wherein the interface is operative to receive a request from a second apparatus to commence a keyed-hash message authentication code (HMAC) computation, the processor is operative to perform a first computation computing a first part of the HMAC computation using a secret key K as input yielding a first value, the interface is operative to send the first value to the second apparatus, the interface is operative to receive a second value from the second apparatus, the second value resulting from the second apparatus processing the first value with at least part of a message M, the processor is operative to perform a second computation based on the second value and the secret key K yielding an HMAC value, and the interface is operative to send the HMAC value to the second apparatus.
    Type: Grant
    Filed: September 4, 2017
    Date of Patent: January 28, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: Benyamin Hirschberg, Yaron Sella, Gilad Taub
  • Patent number: 10545950
    Abstract: Multiple edits to a hierarchical data structure may be atomically applied. A request to perform modifications with respect to a portion or the entire hierarchical data structure may be received. A copy of the requested portion of the hierarchical data structure may be created separate from the hierarchical data structure. The portion of the hierarchical data structure may remain available for read access. Modifications may be applied to the copy of the portion of the hierarchical data structure. In response to a request to commit the modifications to the portion of the hierarchical data structure, the copy of the portion of the hierarchical data structure may atomically replace the portion of the hierarchical data structure.
    Type: Grant
    Filed: September 26, 2016
    Date of Patent: January 28, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Brian Collins, Zachary Mohamed Shalla, Marvin Michael Theimer, John Petry, Michael Hart, Serge Hairanian, Anders Samuelsson, Salvador Salazar Sepulveda, Ji Luo
  • Patent number: 10547445
    Abstract: A method includes, with a computing system, exiting a context of a virtual machine, the exiting in response to a request from a guest operating system of the virtual machine to switch from a first encryption key identifier for the virtual machine to a second encryption key identifier for the virtual machine. The method further includes, with the computing system, loading the second encryption key identifier into a virtual machine control module of a virtual processor of the virtual machine and after loading the second encryption key identifier, entering the context of the virtual machine.
    Type: Grant
    Filed: August 22, 2018
    Date of Patent: January 28, 2020
    Assignee: RED HAT, INC.
    Inventor: Henri Van Riel
  • Patent number: 10540161
    Abstract: Embodiments provide a web-based editing tool that intelligently leverages certain functionality of a browser, web client, desktop client, and native software at the client side to provide seamless user experience when editing a file over a network. Responsive to a user selecting a file for editing, the web client may send a passive content request to a web server embedded in the desktop client at a specific address on the client device. If no response, the web client prompts the user to start or install the desktop client on the client device. If a response is received, the web client sends a request to the desktop client with a user identifier and authorization to download the file from a server. The desktop client downloads the file, opens it in the native software, monitors the file being edited, and updates a delta associated with the file to the server.
    Type: Grant
    Filed: August 27, 2018
    Date of Patent: January 21, 2020
    Assignee: OPEN TEXT SA ULC
    Inventors: Gregory Beckman, Benjamin Barth
  • Patent number: 10536436
    Abstract: A computer-implemented service uses information associated with a client device to generate a first shared secret. The service receives, from the client, a claim of access to a second shared secret and determines whether the first shared secret and the second shared secret match. If the shared secrets match, the service uses the first shared secret to encrypt a one-time password. The service provides the encrypted one-time password to the client device. The client device transmits a claim of access to the one-time password, which the service uses to determine whether the claim of access to the one-time password indicates access to the one-time password. If the claim of access to the one-time password indicates that the client device has access to the one-time password, the service allows the client device to access the service.
    Type: Grant
    Filed: June 24, 2016
    Date of Patent: January 14, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Marc R. Barbour, Ruchith Udayanga Fernando
  • Patent number: 10530582
    Abstract: A method and a device for information system access authentication are disclosed. The method includes: performing anonymous authentication to a random verification code generated according to a login request for accessing an information system of a client, and authenticating acquired user name and password information when the anonymous authentication is successful. The device includes an verification code authentication module and a user name and password authentication module connected to the verification code authentication module, wherein the verification code authentication module is configured to perform anonymous authentication to a random verification code generated according to a login request for accessing an information system of client; and the user name and password authentication module is configured to authenticate acquired user name and password information when the anonymous authentication is successful.
    Type: Grant
    Filed: October 10, 2014
    Date of Patent: January 7, 2020
    Assignees: Singou Technology Ltd., Macau University of Science and Technology
    Inventors: Chi Tin Hon, Chan Heng Tam, Tai-Hua Ma
  • Patent number: 10515227
    Abstract: A method of sharing collaborative data between registered users in an online collaboration system. The collaboration system has a server and one or more electronic user devices that are capable of data communication with the server over a data network. Each registered user is allocated a unique asymmetric key pair comprising a user public key and a user private key for encryption and decryption of shared data content. The server is able to modify uploaded encrypted data content to enable access by multiple authorized users, and is able to convert uploaded data content into alternative formats, typically to enable web-browser viewing.
    Type: Grant
    Filed: October 23, 2015
    Date of Patent: December 24, 2019
    Assignee: PageProof.com Limited
    Inventors: Marcus Radich, Braden Burton, Gemma Hurst
  • Patent number: 10505909
    Abstract: Various systems and methods for initiating a communication session are provided herein. A system for initiating a communication session includes a transmitter disposed in a housing of the system; a controller coupled to the transmitter, and disposed in the housing; a communication controller to interface with the controller and cause the transmitter to transmit a first signal to a receiver device, the first signal including a public key associated with the system; and a radio coupled to the communication controller to receive a response from the receiver device, the response including an encrypted public key of the receiver device and a unique identifier that identifies the receiver device, the public key of the receiver device and the unique identifier both encrypted with the public key associated with the system, and the response used to establish a wireless connection between the system and the receiver device.
    Type: Grant
    Filed: December 21, 2016
    Date of Patent: December 10, 2019
    Assignee: Intel Corporation
    Inventor: Indrajith Rajapaksa
  • Patent number: 10503667
    Abstract: A charger base station includes at least one of a security system, home automation system, life safety system, a PER system and a tele-health system, the charger base station including a housing having a charger port for charging an electronic device with the housing having a compartment for a microprocessor, a memory, a firmware, a transceiver, a cellular communicator, Wi-Fi, and hardware, and software producing a security system supporting IP video, at least one peripheral device taken from the group of 319 MHz, 345 MHz, 433 MHz, 868 MHz and 900 MHz wireless peripherals, a home automation system serving as controller of z-wave or zigbee devices, life safety devices, a PERs device and tele-health device capable of measuring, recording and wirelessly transmitting physiological data of a connected tele-health product, life safety device and a PERs via at least one of a backend device, a central station device and local and remote user devices.
    Type: Grant
    Filed: March 15, 2018
    Date of Patent: December 10, 2019
    Inventors: Scott Simon, Matthew Schweiger
  • Patent number: 10490107
    Abstract: To calculate of an exclusive OR of elements of bits while the bits remain distributed to a plurality of secret calculation devices without communication among the secret calculation devices, and to calculate of an AND of bits with small amounts of communication and calculation while the bits remain distributed, provided is a secret calculation device including a local AND device and an AND redistribution device. The local AND device receives at least two one-bit input elements to produce a first local AND element. The AND redistribution device receives a one-bit mask and a second local AND element acquired by calculating an exclusive OR of the first local AND element and P bits (P is an integer equal to or more than 0), calculates a first OR, and communicates to/from an AND redistribution device of another secret calculation device to produce at least one one-bit output element.
    Type: Grant
    Filed: July 9, 2015
    Date of Patent: November 26, 2019
    Assignee: NEC CORPORATION
    Inventor: Jun Furukawa
  • Patent number: 10484186
    Abstract: A method, computing system, and computer-readable medium comprising instructions to establish a chain of trust for components of a computing environment. A respective public/private key pair is generated using a multivariate quadratic function F for each component of the computing environment. In response to a challenge from a verifier, a current prover component sends a response that the verifier uses to determine whether to trust the current prover component. The response may include a first commitment value and a second commitment value, which are determined for the current prover component using a public key of a previous prover component. At least one of the first and second commitment values can be determined using a polar function G, which is a polar form of the multivariate quadratic function F.
    Type: Grant
    Filed: September 30, 2016
    Date of Patent: November 19, 2019
    Assignee: Intel Corporation
    Inventor: Brent M. Sherman
  • Patent number: 10484847
    Abstract: A method to associate a unique identifier (ID) of an object, such as a Bluetooth Low Energy beacon, to a spatial coordinate in a facility is described. In one embodiment, the method utilizes a visual indicator, such a barcode to transfer a beacon's unique ID to a mobile device. In another embodiment, the method transfers a beacon's unique ID to the mobile device via an optical data transmission. For either embodiment, the transfer is activated by a user prompting an activation sensor, such as a push button, on the beacon, or by the user sending a wireless signal from the mobile device to the beacon.
    Type: Grant
    Filed: September 13, 2016
    Date of Patent: November 19, 2019
    Assignee: HAND HELD PRODUCTS, INC.
    Inventor: Erik Todeschini
  • Patent number: 10484397
    Abstract: Systems and methods for automated email encryption between email servers are provided. According to one embodiment, an email, originated by a sender using a client device coupled with a private network and directed to a recipient, is received by an email server associated with the private network. A key server is queried for public keys of the recipient and the sender. When the recipient's public key is returned by the key server, it is used to encrypt the email message; otherwise, no encryption is performed. When the sender's public key does not exist on the key server, the email server automatically generates a temporary key pair for the sender on the fly and without requiring intervention on the part of the sender. Finally, both the email message and the public key of the sender are transmitted by the email server to the recipient.
    Type: Grant
    Filed: June 30, 2017
    Date of Patent: November 19, 2019
    Assignee: Fortinet, Inc.
    Inventor: Axelle Apvrille
  • Patent number: 10476671
    Abstract: The present disclosure relates to a method and a device for installing a profile of an embedded universal integrated circuit boards (eUICC) and, more particularly, to a method and a device for remotely installing mobile communication subscriber information (profile) substituting for a universal integrated circuit boards (UICC), on a security module. In an aspect, a network device, acquires at least one of or more profiles encrypted with a first password key and one or more first password keys encrypted with a second password key; and when profile installation for the eUICC starts, transmits to, at least one eUICC, the one or more encrypted profiles and the one or more encrypted first password keys, wherein, prior to the transmission, each first password key is re-encrypted with a third password key for installation by the corresponding one or more eUICCs.
    Type: Grant
    Filed: July 10, 2015
    Date of Patent: November 12, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Jonghan Park, Duckey Lee, Sangsoo Lee, Songyean Cho
  • Patent number: 10477600
    Abstract: A hub device that monitors characteristics of a transportation platform, such as a tractor trailer used for transporting goods, may establish connections with a plurality of external sensors. In order to simplify the pairing process between the hub devices and the external sensors, the hub device may be receiving IDs of the sensors to pair to from a remote server. A technician may physically scan tags, for example a barcode or an NFC tag, of the sensors and hub device, which are then transmitted to the remote server in order to identify which hub and sensors should be paired.
    Type: Grant
    Filed: July 6, 2018
    Date of Patent: November 12, 2019
    Assignee: BLACKBERRY LIMITED
    Inventors: Edward Snow Willis, Sameh Ayoub, Christopher Stubbs, David Kerr
  • Patent number: 10469268
    Abstract: The present technology relates to the field of configuration and setup of encrypted computer network transmission systems. In particular, the present technology relates to setting up and configuring network encryption systems, including MACsec, Internet Protocol Security (IPsec), and TLS protocols, in heterogeneous networks over Wireless Area Networks (WAN), Wireless Local Area Network (WLAN) or cellular links. In some embodiments, the present technology includes a method for setting up, configuring, and monitoring of encryption equipment providing encrypted links over WAN connections (typically IPsec VPN gateways and clients or TLS applications). The method includes communicating with encryption and PKI equipment necessary to automate the generation of encryption keys, digital certificates, and digital certificate signing requests.
    Type: Grant
    Filed: December 5, 2016
    Date of Patent: November 5, 2019
    Assignee: Pacific Star Communications, Inc.
    Inventors: Charles Nobuo Kawasaki, Rodney James Snell, Bryan Kelly Armstrong
  • Patent number: 10459946
    Abstract: A method for sharing data between blockchains in a multi-chain network including receiving a first plurality of account addresses associated with first and second blockchains and an account state for each account associated with the first plurality of account addresses and generating a first hash tree comprising a mapping between the first plurality of account addresses and the account states, defining a world state trie and a root hash thereof. The method further includes receiving a first plurality of transactions associated with the first and second blockchains and generating a second hash tree comprising the first plurality of transactions, defining a transactions trie, and a root hash thereof. The method further includes receiving a first plurality of transaction receipts associated with the plurality of transactions and generating a third hash tree comprising the first plurality of transactions receipts, defining a transaction receipts trie, and a root hash thereof.
    Type: Grant
    Filed: April 4, 2019
    Date of Patent: October 29, 2019
    Inventor: Vijay Madisetti
  • Patent number: 10455057
    Abstract: A method assigns a bootstrap server for wireless devices in a machine-to-machine environment. The method includes receiving, by a network device in a wireless access network and from a wireless device, a first request for a bootstrap server identifier. The method also includes providing, to the wireless device, a response including an address for a carrier-specific bootstrap server device. The method also includes receiving, by the carrier-specific bootstrap server device, a request for management server connection information. The request is submitted by the wireless device using the bootstrap server identifier. The method further includes assigning, by the carrier-specific bootstrap server device, the wireless device to a management server of a group of management servers and sending connection information for the management server to the wireless device.
    Type: Grant
    Filed: November 29, 2016
    Date of Patent: October 22, 2019
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: James Mathison, Stephen J. Kolanowski
  • Patent number: 10445324
    Abstract: A system may retrieve a pattern from a pattern database with the pattern identifying a type of sensitive data. The system may also retrieve data identified by a variable from a big data management system. The system may then match the data to the pattern to detect the type of sensitive data in the data. An output may be generated in response to the data matching the pattern. A variable access permission may be retrieved for the variable from a permissions repository, a sensitive data permission may be retrieved for the type of sensitive data from the permissions repository, and the variable access permission may be compared to the sensitive data permission to detect a discrepancy.
    Type: Grant
    Filed: November 18, 2015
    Date of Patent: October 15, 2019
    Assignee: AMERICAN EXPRESS TRAVEL RELATED SERVICES COMPANY, INC.
    Inventors: Ravi Arasan, Sandeep Bose, Xiaoyang Chen, Debasish Das, Matthew Kent Meyer, Gurusamy Ramasamy, Jeremy D. Seideman
  • Patent number: 10440028
    Abstract: Techniques include receiving, at a sensor, a request for authentication of an identity; determining, based on a distributed ledger, a dynamic credibility score for the identity; determining whether the dynamic credibility score for the identity can be validated by consensus by at least a subset of distributed verification services, based on whether the dynamic credibility score for the identity is within a range of variance from one or more credibility scores for the identity determined by the subset of the plurality of distributed verification services; and determining, based on whether the dynamic credibility score for the identity can be validated by consensus, whether to authorize the identity to perform the action in the blockchain network.
    Type: Grant
    Filed: January 16, 2019
    Date of Patent: October 8, 2019
    Assignee: CyberArk Software Ltd.
    Inventors: Gil Makmel, Or Gamliel, Dima Barboi
  • Patent number: 10437741
    Abstract: A loading control method and system for a storage device are disclosed. The method includes: judging whether a storage controller is valid through a first bus, and judging whether a storage controller is valid through a first bus, and acquiring a key of the storage controller if a positive judgement is made; judging whether the key is valid, commanding the storage controller to turn on a power supply of a storage device if a positive judgement is made; and loading the storage device through a second bus. According to the method, storage devices based on windows and android systems are allowed to be loaded after the verification of storage devices is successful. The method protects data security of a user can be effectively and provides reliable and effective protection for future private cloud service data.
    Type: Grant
    Filed: August 11, 2017
    Date of Patent: October 8, 2019
    Assignee: MEIBEIKE (SHENZHEN) TECHNOLLOGY CO., LTD
    Inventors: Zhizhang Wang, Donghai Chen, Bo Xiao, Hui Wang
  • Patent number: 10439806
    Abstract: One embodiment described herein provides a system and method for establishing a secure communication channel between a client and a server. During operation, the client generates a service request comprising a first dynamic message, transmits the first service request to the server, which authenticates the client based on the first dynamic message, and receives a second dynamic message from the server in response to the first dynamic message. The client authenticates the server based on the second dynamic message, and negotiates, via a quantum-key-distribution process, a secret key shared between the client and the server. The client and server then establish a secure communication channel based on at least a first portion of the secret key.
    Type: Grant
    Filed: May 5, 2017
    Date of Patent: October 8, 2019
    Assignee: Alibaba Group Holding Limited
    Inventors: Yingfang Fu, Shuanlin Liu
  • Patent number: 10437977
    Abstract: A communication system involving an access point, a vehicle and a user is provided. The vehicle and user possess a registration code, the user possesses a public and private key pair, and the access point and vehicle possess certificates and associated private keys. The access point issues a certificate to the user associated with the user's public and private keys, and the certificate of the access point is known and trusted by the vehicle. The access point signs a message granting ownership of the vehicle to the user, and the identity of the user indicates the user's certificate. The vehicle conditionally accepts the ownership registration request of the user.
    Type: Grant
    Filed: October 12, 2016
    Date of Patent: October 8, 2019
    Assignee: ETAS Embedded Systems Canada Inc.
    Inventors: Robert John Lambert, Jay Peter Gallant, Mark Gregory Elkins, Nevine Maurice Nassif Ebeid
  • Patent number: 10433163
    Abstract: Techniques are described for wireless communication. A method for wireless communication at a user equipment (UE) includes performing an extensible authentication protocol (EAP) procedure with an authentication server via an authenticator. The EAP procedure is based at least in part on a set of authentication credentials exchanged between the UE and the authentication server. The method also includes deriving, as part of performing the EAP procedure, a master session key (MSK) and an extended master session key (EMSK) that are based at least in part on the authentication credentials and a first set of parameters; determining a network type associated with the authenticator; and performing, based at least in part on the determined network type, at least one authentication procedure with the authenticator. The at least one authentication procedure is based on an association of the MSK or the EMSK with the determined network type.
    Type: Grant
    Filed: April 17, 2017
    Date of Patent: October 1, 2019
    Assignee: QUALCOMM Incorporated
    Inventors: Soo Bum Lee, Anand Palanigounder, Adrian Edward Escott
  • Patent number: 10432585
    Abstract: In an embodiment, a computer implemented method comprises, using a first server, detecting one or more changes to identity information that is stored in a first data repository; using the first server, in response to detecting the one or more changes to the identity information, mapping the identity information according to a different identity data format that is compatible with one or more protected computing devices, to result in creating mapped identity information; using the first server, updating stored blockchain data using the mapped identity information; using a second server, detecting mapped identity information updates to the blockchain data; using the second server, in response to detecting the mapped identity information updates, transferring the mapped identity information updates to a second data repository; and using the second server, performing one or more authentication services on behalf of one or more of the protected computing devices, using the mapped identity information updates in th
    Type: Grant
    Filed: April 12, 2017
    Date of Patent: October 1, 2019
    Assignee: XAGE SECURITY, INC.
    Inventors: Susanto Junaidi Irwan, Kamesh Raghavendra
  • Patent number: 10425225
    Abstract: An HSM cluster includes a set of hardware security modules that maintain a set of cryptographic keys that are synchronized across the HSM cluster. Individual applications running on client computer systems access the HSM cluster using HSM cluster clients running on the client computer systems. The HSMs are accessed via a set of HSM cluster servers that monitor the synchronization of the cryptographic keys. Synchronization of the HSMs is maintained by the HSM cluster clients. The HSM cluster clients replicate key-addition and key-deletion operations across the HSM cluster. When a new key is created by a particular HSM, a prefix associated with the particular HSM is added to the identifier associated with the new key to avoid key-namespace collisions. If the set of cryptographic keys becomes unsynchronized across the HSM cluster, applications may continue read-only cryptographic operations while the HSM cluster is resynchronized by the HSM cluster clients.
    Type: Grant
    Filed: December 14, 2016
    Date of Patent: September 24, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Benjamin Philip Grubin, Benjamin Samuel
  • Patent number: 10420879
    Abstract: The invention provides for method of operating a medical instrument (100, 200, 400, 500, 600, 700) comprising a battery powered medical appliance (104) and a control unit (102). Both have Bluetooth communication modules. A first memory of the medical appliance contains a onetime password (210) and of a password-authenticated key agreement algorithm (212). The control unit has a second memory (223) with an implementation of the password-authenticated key agreement algorithm (212?). The method comprises entering (300) the onetime password into the data entry interface (140, 221, 504, 604) of the control unit. The method further comprises generating (302) a Bluetooth encryption key (218) by the medical appliance and the control unit with the onetime password by exchanging data across the wireless communication channel by executing the password-authenticated key agreement algorithm. The method further comprises storing (304) the Bluetooth encryption key in the first memory.
    Type: Grant
    Filed: December 7, 2015
    Date of Patent: September 24, 2019
    Assignee: ROCHE DIABETES CARE, INC.
    Inventors: Wolfgang Heck, Kai-Oliver Schwenker, Ralf Schmitz, Volker Zeuner, Carsten Mueglitz, Thomas Eissenloeffel, Christian-Alexander Luszick
  • Patent number: 10423074
    Abstract: A method for calculating the parameters of a resist model of an IC manufacturing process is provided. Accordingly, a function representative of the target design convoluted throughout the whole target design with a kernel function compounded with a deformation function with a shift angle. The deformation function is replaced by its Fourier series development, the order of which is selected so that the product of convolution is invariant through rotations within a tolerance of the corrections to be applied to the target design. Alternatively, the product of convolution may be decomposed into basic kernel functions selected varying by angles determined so that a deformation function for a value of the shift angle can be projected onto a couple of basic kernel functions the angles of which are proximate to the shift angle.
    Type: Grant
    Filed: June 2, 2015
    Date of Patent: September 24, 2019
    Assignees: ASELTA NANOGRAPHICS, COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVES
    Inventors: Mohamed Saïb, Aurélien Fay, Patrick Schiavone, Thiago Figueiro
  • Patent number: 10417416
    Abstract: A behavior of a computer security threat is described in a root-cause chain, which is represented by a detection rule. The detection rule includes the objects of the root-cause chain and computer operations that represent links of the root-cause chain. An endpoint computer establishes a link between objects described in the detection rule when a corresponding computer operation between the objects is detected. Detected computer operations are accumulated to establish the links between objects. The threat is identified to be in the computer when the links of the detection rule have been established.
    Type: Grant
    Filed: July 30, 2018
    Date of Patent: September 17, 2019
    Assignee: TREND MICRO INCORPORATED
    Inventors: Sheng Che Chang, Chun Wen Chang, Nai-Wei Chang, Meng-Che Lee
  • Patent number: 10419213
    Abstract: A random number generating unit generates random numbers s1, s2, s?1, and s?2. A public keys randomizing unit generates first randomized public keys information obtained by randomizing public keys using the random number s1 and second randomized public keys information obtained by randomizing the public keys using the random number s2. A proxy calculation unit calculates a first commission result by using a secret key and calculates a second commission result by using the secret key. A verification unit calculates a first verification value by using the random number s2, calculates a second verification value by using the random number s1, and verifies whether or not the first verification value and the second verification value coincide with each other. A common key calculation unit calculates a common key by using the random numbers s?1 and s?2 if the first verification value and the second verification value coincide with each other.
    Type: Grant
    Filed: January 12, 2016
    Date of Patent: September 17, 2019
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Akira Nagai, Tsunekazu Saito, Tetsutaro Kobayashi
  • Patent number: 10412061
    Abstract: Method and device of encrypting communication between a server and a peripheral device are disclosed. The method includes: a server receiving a session request from a control device, the session request including a predetermined device ID of a peripheral device associated with the control device; generating a first session key for encrypting and decrypting future communication between the peripheral device and the server; identifying a pre-stored encryption key corresponding to the predetermined device ID from a database, wherein the pre-stored encryption key is also pre-stored in the peripheral device; encrypting the first session key using the pre-stored encryption key; sending the encrypted first session key to the peripheral device via the control device; and encrypting communication to the peripheral device in a respective communication session using the first session key.
    Type: Grant
    Filed: November 16, 2018
    Date of Patent: September 10, 2019
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventors: Chenglin Liu, Jinhai Liu, Xiangyao Lin, Liangliang Fan
  • Patent number: 10411884
    Abstract: A method, apparatus, and computer program product, in which a password-based digest access authentication procedure is used for performing authentication between a client and a server, wherein the authentication procedure is secured by at least one of modifying a digest-response parameter with a user password and generating a bootstrapped key based on the user password and at least one fresh parameter not used in a previous protocol run between the client and the server.
    Type: Grant
    Filed: November 9, 2016
    Date of Patent: September 10, 2019
    Assignee: Nokia Technologies Oy
    Inventors: Marc Blommaert, Guenther Horn