Having Key Exchange Patents (Class 713/171)
  • Patent number: 11005812
    Abstract: In an embodiment, a computer implemented method comprises accessing, from a first data repository, identity information associated with one or more protected computing devices; creating mapped identity information by encrypting and mapping the identity information according to a different identity data format that is compatible with the one or more protected computing devices; updating stored blockchain data using the mapped identity information; storing the mapped identity information from the blockchain data in a second data repository; generating decrypted identity information from the mapped identity information stored in the second data repository; and performing one or more authentication services for a client device on behalf of the one or more protected computing devices by using the mapped identity information in the second data repository; wherein the method is performed by one or more computing devices.
    Type: Grant
    Filed: August 15, 2019
    Date of Patent: May 11, 2021
    Assignee: XAGE SECURITY, INC.
    Inventors: Susanto Junaidi Irwan, Kamesh Raghavendra
  • Patent number: 11005665
    Abstract: A method includes: a supervisor writes a digital certificate and a corresponding first public key into an intelligent contract of a blockchain corresponding to an asset type to be supervised, so that all institutions with asset accounts under the asset type can obtain the first public key of the supervisor through the digital certificate, so as to generate an additive homomorphic key for homomorphic encryption of the balance of an asset account; when checking the balance of a new account of a transactor, the supervisor obtains a public key in a public-private key pair corresponding to the new account, generates an additive homomorphic key based on a supervision private key corresponding to the supervisor and a predetermined key exchange protocol and the public key in the public-private key pair according to the key exchange protocol, and decrypts the encrypted balance of the new account, using the generated additive homomorphic key.
    Type: Grant
    Filed: June 30, 2017
    Date of Patent: May 11, 2021
    Assignee: One Connect Smart Technology Co., Ltd. (Shenzhen)
    Inventors: Frank Yifan Chen Lu, Pengfei Huan, Yu Zhang, Yuxiang Huang
  • Patent number: 11005651
    Abstract: A method, terminal and device for establishing security infrastructure, comprising: an intermediate service organization receives an organization secret key sent by a third-party service organization; the intermediate service organization encrypts the organization secret key by a first encryption means and sends the encrypted organization secret key to a security storage region of a terminal; the intermediate service organization receives a first terminal public key encrypted by the terminal using a second encryption means; and the intermediate service organization sends the first terminal public key obtained by decryption to the third-party service organization.
    Type: Grant
    Filed: January 25, 2019
    Date of Patent: May 11, 2021
    Assignee: CHINA UNIONPAY CO., LTD.
    Inventors: Feng Tian, Yisheng Fu, Naigeng Ji
  • Patent number: 11005857
    Abstract: Systems and methods for security of industrial data streams are provided herein. Methods according to various embodiments include provisioning a fogNode that is communicatively coupled with a fog cloud manager through a forwarder of the fogNode and providing a fogLet within the fogNode, the fogLet communicating with a plurality of operational technology devices. Embodiments include providing fogLet identification information using hardware root of trust of the fogNode, the hardware root of trust of the fogNode being a Trusted Platform Module (TPM) of the fogNode. Embodiments further comprise communicating operational device authentication information with fogLet identification information to a third party tenant application, the third party tenant application validating industrial data streams from the operational technology devices by communicating the operational device authentication information with the fogLet identification information to a third party cloud application.
    Type: Grant
    Filed: October 24, 2018
    Date of Patent: May 11, 2021
    Assignee: NEBBIOLO TECHNOLOGIES, INC.
    Inventors: Ruchir Tewari, Thushar Gowda, Pankaj Bhagra, Thiru Narayanan, Palani Chinnakannan
  • Patent number: 11002180
    Abstract: The disclosure provides a method and an apparatus for acquiring an electronic file. The method for acquiring an electronic file comprises: sending a first request message for acquiring an electronic file to a platform server, wherein the first request message carries a first identifier of an information providing server providing the electronic file; receiving first prompt information returned from the platform server according to the first request message; determining first verification information for identity authentication according to the first prompt information, and sending the first verification information to the platform server; and receiving the electronic file forwarded by the platform server, wherein the electronic file is from the information providing server, and private information in the electronic file is encrypted through a first encryption key of the information providing server.
    Type: Grant
    Filed: June 8, 2016
    Date of Patent: May 11, 2021
    Assignee: ALIBABA GROUP HOLDING LIMITED
    Inventors: Kepeng Li, Kai Li
  • Patent number: 11006346
    Abstract: An X2 service transmission method and a network device are disclosed. The method includes if a first IPsec tunnel is unavailable, detecting, by a first base station, whether a second IPsec tunnel between the first base station and a security gateway is available, where the first IPsec tunnel is an IPsec tunnel established between the first base station and a second base station, and the first base station can transmit X2 service data with the second base station through the second IPsec tunnel; and transmitting the X2 service data through the second IPsec tunnel if the second IPsec tunnel is available.
    Type: Grant
    Filed: May 28, 2019
    Date of Patent: May 11, 2021
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Wan Xue, Changcong Dong, Jianfeng Chen
  • Patent number: 11006277
    Abstract: A method and apparatus that ensures that an aircraft system network controls access by multiple users (403a, 403b, 403c) of electronic devices (402a, 402b, 402c) equipped with a related hardware device (404a, 404b, 404c), by a combination of authentication, integrity, and encryption, using hardware security such as HSE/HSM or equivalent to establish the credentials for each component that is allowed on the network.
    Type: Grant
    Filed: March 9, 2017
    Date of Patent: May 11, 2021
    Assignee: THOMPSON AEROSPACE, INC.
    Inventors: Mark Steven Thompson, Trevor Coolidge, Curtis Michael Rihn, Lars Elof Rosenblad
  • Patent number: 10999260
    Abstract: In a general aspect, secure messaging between electronic modules is described. In an example, a method includes: generating, by a first electronic module, a private key and a public key associated with the private key; communicating, by the first electronic module, an unencrypted message, including the public key, to a first network-connected device using a first module-to-device communication link; receiving, from the first network-connected device, an encrypted message including a symmetric encryption key generated by a second electronic module; decrypting, by the first electronic module, the encrypted message using the private key, wherein decrypting using the private key makes the symmetric encryption key available to the first electronic module; and establishing, by the first electronic module, a secure messaging channel with the second electronic module based on at least the symmetric encryption key.
    Type: Grant
    Filed: July 21, 2020
    Date of Patent: May 4, 2021
    Assignee: iCoin Technology, Inc.
    Inventors: Chester Silvestri, Adam Silvestri
  • Patent number: 10997622
    Abstract: Technologies are described for generating and validating encrypted coupons. For example, an encrypted coupon can be received. The encrypted coupon can be decrypted using a public key. The decrypted coupon can be decoded (e.g., using a pre-defined data format) to extract coupon data comprising a unique coupon identifier and a unique user identifier. The decrypted coupon can be validated based at least in part upon the unique coupon identifier and the unique user identifier. The process of receiving the encrypted coupon, decrypting the encrypted coupon, decoding the decrypted coupon, and validating the decrypted coupon can be performed offline (e.g., without access to external networks or the internet) and without accessing information indicating associations between unique coupon identifiers and unique user identifiers.
    Type: Grant
    Filed: September 7, 2018
    Date of Patent: May 4, 2021
    Assignee: SAP SE
    Inventor: Alain Awad
  • Patent number: 10984413
    Abstract: A computer implemented method for processing a financial transaction includes the steps of transmitting one or more documents pertaining to the financial transaction, from a first intermediary server to a first document store, generating an enriched data record from the one or more documents, at the first intermediary server, and adding the enriched data record into a blockchain, from the first intermediary sever, requesting generation of a token corresponding to the financial transaction, to a token server, from the first intermediary server, via a messaging bus, generating the token at the token server and adding the token into the blockchain from the token server, transmitting the token to the first intermediary server from the token server, via the messaging bus, and transmitting the token from the first intermediary server to the first document store.
    Type: Grant
    Filed: August 12, 2016
    Date of Patent: April 20, 2021
    Assignee: IDENTITII PTY LTD
    Inventors: Nick Armstrong, Ben Buckingham, Daniel Friedman, Elliot Shepherd, Eric Knight
  • Patent number: 10979227
    Abstract: A method for login, including making a login request to an entity through a federation server that generates a session identifier. A QR code is sent to the federation server to receive the session identifier. A secure envelope including user personal information is sent to the federation server to verify user registration with the federation server. A login token generated by the federation server is received and is associated with a smart contract generated by the federation server and stored on a blockchain. The login token is signed using user private key and sent to the blockchain for inclusion in the smart contract. A transaction identifier is received from the blockchain, and is sent to the federation server that generates a session record based on the login token. The federation server sends user verification to the entity to authorize a communication session between the user device and the entity.
    Type: Grant
    Filed: October 17, 2019
    Date of Patent: April 13, 2021
    Assignee: Ping Identity Corporation
    Inventor: Armin Ebrahimi
  • Patent number: 10972286
    Abstract: The invention relates to a method (50) for authenticating a user to a computer system (70), the method comprising the following steps executed in a token (10): generating (52) a counter value (20, 22) by utilizing a counting unit (12) implemented in the token (10), wherein at least a portion of generated counter values (20, 22) forms a strictly monotonous sequence, generating (54) a message (30) depending on the generated counter value (20, 22), signing (56) the generated message (30) by utilizing a private key (24) of the user, wherein the private key (24) is stored in the token (10), and wherein the private key (24) or a copy thereof is not provided to the computer system (70), and transmitting (58) the signed message to the computer system (70). The invention further relates to a token (10) for authenticating a user to a computer system (70) and to a method (60) executed on a computer system (70) for authenticating a user.
    Type: Grant
    Filed: July 18, 2017
    Date of Patent: April 6, 2021
    Assignee: BITAGENTUR GMBH & CO. KG
    Inventors: Maximilian Eidenschink, Marcel Senf
  • Patent number: 10966094
    Abstract: Methods, apparatus, and system to verify the source of a suspect message, so that it is no longer suspect.
    Type: Grant
    Filed: June 16, 2020
    Date of Patent: March 30, 2021
    Assignee: Prompt.io Inc.
    Inventors: Philip S. Gordon, Scott Fortin, Ryan Thomas
  • Patent number: 10965710
    Abstract: A method and apparatus to protect the coded signals sent over physical twisted-pair wiring or between two (2) or more LANs connected by a Wide Area Network (WAN), from unauthorized electronic circuit/wiring monitoring. This is accomplished by varying the assignments of the standard Registered Jack communication pins, varying the transmission speed, inserting meaningless or unrelated data, encrypting data before it is sent or changing network protocol(s) on behalf of the communications adapter/controller of each computer to which it is attached on those LANs.
    Type: Grant
    Filed: January 17, 2018
    Date of Patent: March 30, 2021
    Assignee: Cipherloc, Inc
    Inventors: Albert Henry Carlson, Robert LeBlanc, Carlos Gonzales, Robert Carlson
  • Patent number: 10959090
    Abstract: The search engine optimizer transforms input information interactively and works independently and in parallel with a browser and search engine supercomputer. The optimizer reorganizes the input, and provides an optimized version as an output. The output (Optimized, reorganized input) is sent to the search engine, which responds to the end user with search results. The optimizer recognizes each request as a pattern and stores the pattern in an advanced Glyph format. This permits the optimizer to use left brain English language and right brain geospatial key featured association equation to gain factor the best results, and then using deductive reasoning feedback equation attenuate content with confounding variables in order to stabilize and reduces sensitivity parameter variations due to the environment and identify a left and right side human brain checkmate combination required to achieve certitude.
    Type: Grant
    Filed: August 24, 2016
    Date of Patent: March 23, 2021
    Inventor: Richard Paiz
  • Patent number: 10956585
    Abstract: A system for processing data within a Trusted Execution Environment (TEE) of a processor is provided. The system may include: a trust manager unit for verifying identity of a partner and issuing a communication key to the partner upon said verification of identity; at least one interface for receiving encrypted data from the partner encrypted using the communication key; a secure database within the TEE for storing the encrypted data with a storage key and for preventing unauthorized access of the encrypted data within the TEE; and a recommendation engine for decrypting and analyzing the encrypted data to generate recommendations based on the decrypted data.
    Type: Grant
    Filed: May 28, 2019
    Date of Patent: March 23, 2021
    Assignee: ROYAL BANK OF CANADA
    Inventors: Edison U. Ortiz, Arya Pourtabatabaie, Ambica Pawan Khandavilli, Margaret Inez Salter, Jordan Alexander Richards, Iustina-Miruna Vintila
  • Patent number: 10958431
    Abstract: Disclosed are some implementations of systems, apparatus, methods and computer program products for facilitating the authentication of computing system requests across tenants of at least one multi-tenant database system. Authentication is facilitated using a central registry that is accessible by and independent from the tenants of the multi-tenant database system.
    Type: Grant
    Filed: May 30, 2018
    Date of Patent: March 23, 2021
    Assignee: salesforce.com, inc.
    Inventors: Matthew Bahrenburg, Alan Vangpat, Anupam Jain, William Charles Mortimore, Jr., Srinath Krishna Ananthakrishnan, Peter S. Wisnovsky
  • Patent number: 10952070
    Abstract: A method for communication in a hearing system comprising the server device and a hearing device system, the hearing device system comprising a hearing device and a user accessory device with a user application installed thereon, the method includes: obtaining hearing device data for the hearing device; securing the hearing device data using a first security scheme to obtain a first output; securing the first output using a second security scheme to obtain a second output, wherein the second security scheme is different from the first security scheme; and transmitting the second output to the user accessory device.
    Type: Grant
    Filed: November 14, 2017
    Date of Patent: March 16, 2021
    Assignee: GN Hearing A/S
    Inventor: Allan Munk Vendelbo
  • Patent number: 10949547
    Abstract: A fork support is provided for duplicating an application running inside an enclave entity. In this regard, a request to duplicate an application running inside a first enclave may be received by one or more processors of a host computing device of the first enclave. A snapshot of the first enclave including the application may be generated. The snapshot may be encrypted with a snapshot key and copied to untrusted memory of the host. A second enclave may be generated. The snapshot key may be sent from the first enclave to the second enclave through a secure communication channel. The encrypted snapshot may be copied from the untrusted memory of the host into the second enclave. The encrypted snapshot may be decrypted inside the second enclave with the snapshot key.
    Type: Grant
    Filed: October 5, 2018
    Date of Patent: March 16, 2021
    Assignee: Google LLC
    Inventors: Keith Moyer, Uday Savagaonkar, Chong Cai, Matthew Gingell, Anna Sapek
  • Patent number: 10951419
    Abstract: Techniques are disclosed relating to the secure communication of devices. In one embodiment, a first device is configured to perform a pairing operation with a second device to establish a secure communication link between the first device and the second device. The pairing operation includes receiving firmware from the second device to be executed by the first device during communication over the secure communication link, and in response to a successful verification of the firmware, establishing a shared encryption key to be used by the first and second devices during the communication. In some embodiments, the pairing operation includes receiving a digital signature created from a hash value of the firmware and a public key of the second device, and verifying the firmware by extracting the hash value from the digital signature and comparing the extracted hash value with a hash value of the received firmware.
    Type: Grant
    Filed: August 9, 2019
    Date of Patent: March 16, 2021
    Assignee: Apple Inc.
    Inventors: Tristan F. Schaap, Conrad Sauerwald, Craig Marciniak, Jerrold V. Hauck, Zachary F. Papilion, Jeffrey Lee
  • Patent number: 10938580
    Abstract: One or more hardware identity circuits (which may be reconfigurable) may be employed in a device or system in order to impose a tampering penalty, preferably without relying on battery-backed volatile memory to do so. The device or system may also include a cryptographic division and distribution (‘sharing’) of a secret internal to the device or system.
    Type: Grant
    Filed: June 6, 2017
    Date of Patent: March 2, 2021
    Assignee: Analog Devices, Inc.
    Inventors: Douglas J. Gardner, John Ross Wallrabenstein
  • Patent number: 10938955
    Abstract: A method assigns a bootstrap server for wireless devices in a machine-to-machine environment. The method includes receiving, by a network device in a wireless access network and from a wireless device, a first request for a bootstrap server identifier. The method also includes providing, to the wireless device, a response including an address for a carrier-specific bootstrap server device. The method also includes receiving, by the carrier-specific bootstrap server device, a request for management server connection information. The request is submitted by the wireless device using the bootstrap server identifier. The method further includes assigning, by the carrier-specific bootstrap server device, the wireless device to a management server of a group of management servers and sending connection information for the management server to the wireless device.
    Type: Grant
    Filed: July 3, 2019
    Date of Patent: March 2, 2021
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: James Mathison, Stephen J. Kolanowski
  • Patent number: 10931439
    Abstract: A data storage method comprises sending, by a blockchain node associated with a blockchain, data to an encryption device to cause the encryption device to encrypt the data and return the encrypted data to the blockchain node; receiving the encrypted data returned by the encryption device; and sending the encrypted data to other blockchain nodes associated with the blockchain to cause each of the other blockchain nodes to store the encrypted data in the blockchain after performing consensus verification on the encrypted data with success.
    Type: Grant
    Filed: January 15, 2020
    Date of Patent: February 23, 2021
    Assignee: ADVANCED NEW TECHNOLOGIES CO., LTD.
    Inventor: Hao Wu
  • Patent number: 10931791
    Abstract: Embodiments of the present disclosure disclose a method and apparatus for processing a request. A specific embodiment of the method includes: receiving a request; determining a type of the request or an object name indicated by the request; acquiring, after determining that a current time is after a validity deadline of locally stored first request control information, the number of control servers in a preset control server set; determining, from the control server set, a target control server based on the acquired number and any one of: the type of the request, the object name indicated by the request; and forwarding the request to the target control server.
    Type: Grant
    Filed: September 9, 2019
    Date of Patent: February 23, 2021
    Assignee: Beijing Baidu Netcom Science and Technology Co., Ltd.
    Inventors: Tao Xi, Liguo Duan
  • Patent number: 10932134
    Abstract: System and methods are disclosed that enable data sharing across networks, including peer-to-peer sharing of content over wireless networks using peer mobile devices. A database may store content associated with a first peer mobile device. A request from a requester peer mobile device for content associated with a user of the first peer mobile device may be received at a server. The encrypted request is transmitted by the server to the first peer mobile device which may decrypt the request. An authorization token may be transmitted by the first peer mobile device to the server which may then enable the requesting peer mobile device to access the requested content, which may be accessed from the first peer mobile device and/or a cloud storage system.
    Type: Grant
    Filed: October 5, 2020
    Date of Patent: February 23, 2021
    Assignee: Generation Finance Technology, Inc.
    Inventor: Rhonda G. Ozanian
  • Patent number: 10931760
    Abstract: A method includes transmitting a message to a first end point that includes an instruction to initiate a communication type in which the communication type includes sharing a randomization token between the first and a second end point. The method further includes obtaining a first communication report from the first end point and a second communication report from the second end point in response to initialization of a communication based on the communication type in which the first and second communication reports respectively include a first and second hash that corresponds to a function of the randomization token and identity information. The method further includes determining whether the first hash matches the second hash and generating a value that correlates the first and second end points with the communication across the network in response to determining that the first hash matches the second hash.
    Type: Grant
    Filed: November 1, 2018
    Date of Patent: February 23, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Mark Grayson, Jerome Henry
  • Patent number: 10911438
    Abstract: Techniques are provided for secure detection and management of compromised credentials. A first candidate credential is received, comprising a first username and a first password, wherein the first candidate credential was sent in a first request from a first client computer to log in to a first server computer. A first salt associated with the first username in a salt database is obtained. A first hashed credential is generated based on the first password and the first salt. The first hashed credential is transmitted to a set model server computer, wherein the set model server computer is configured to maintain a set model that represents a set of spilled credentials, determine whether the first hashed credential is represented in the set model, and in response to determining that the first hashed credential is represented in the set model, performing additional processing on the first hashed credential.
    Type: Grant
    Filed: July 2, 2018
    Date of Patent: February 2, 2021
    Assignee: Shape Security, Inc.
    Inventors: Zhipu Jin, Gautam Agrawal, Daniel G. Moen, Weiguo Liang, Xingang Wang
  • Patent number: 10911581
    Abstract: A packet parsing method includes a source device receives a first ciphertext from a control device, where the first ciphertext is used to verify reliability of a packet from a parsing device, and the parsing device is a trusted device selected on a path between the source device and a destination device. The source device obtains a second packet including the first ciphertext according to the first ciphertext and a first packet, and sends the second packet to the destination device. The parsing device obtains, according to the second packet and a device identifier of the parsing device, a third packet including verification information and the first ciphertext. The destination device receives the third packet from the parsing device, and verify reliability of the third packet using the verification information and the first ciphertext included in the third packet.
    Type: Grant
    Filed: October 29, 2018
    Date of Patent: February 2, 2021
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventor: Shucheng Liu
  • Patent number: 10909525
    Abstract: In one embodiment, a method includes receiving, from a computing device of a first user, a request to transfer funds from a first account associated with the first user to a second account associated with a second user. The request to transfer funds may be generated by receiving a first token at the computing device of the first user through near-field communication with a first payment card and determining that the first token is associated with the second user. The method includes sending, in response to receiving the request to transfer funds, to the computing device of the first user, a request to authorize the transfer to the second account associated with the second user. The method includes receiving, from the device of the first user, an indication of authorization, wherein the indication of authorization is generated by receiving a second token at the device of the first user.
    Type: Grant
    Filed: November 27, 2019
    Date of Patent: February 2, 2021
    Assignee: Square, Inc.
    Inventors: Ashutosh Sham Dhodapkar, Dino Dai Zovi
  • Patent number: 10911435
    Abstract: Authenticating devices utilizing Transport Layer Security (TLS) protocol to facilitate exchange of authentication information or other data to permit or otherwise enable access to services requiring authentication credentials, certificates, tokens or other information. The authentication may utilize Digital Transmission Content Protection (DTCP) certificates, Diffie-Hellman (DH) parameters or other information available to the authenticating devices, optionally without requiring device requesting authentication to obtain an X.509 certificate.
    Type: Grant
    Filed: April 2, 2018
    Date of Patent: February 2, 2021
    Assignee: Cable Television Laboratories, Inc.
    Inventors: Darshak Thakore, Stuart Hoggan, Dave Belt, Amol Bhagwat
  • Patent number: 10911431
    Abstract: The present disclosure describes techniques that allow for a client-side application, located on a first client device, to generate a random encryption key and encrypt locally-stored application data with the random encryption key. In order to ensure that the client-device application is unable to decrypt the locally-stored encrypted application data prior to authenticating with an external authentication source (i.e., SSO, IdP), the client-side application divides the random encryption key into at least a first share and a second share according to a secret sharing algorithm. The first share is transmitted to a trusted third party, while the second share is encrypted locally and stored in a secure location on the client device. Upon successful authentication, the trusted third party returns the second share to the first client device. The client-side application derives the random encryption key and decrypts the locally-stored encrypted application data to be used by the client-side application.
    Type: Grant
    Filed: August 21, 2018
    Date of Patent: February 2, 2021
    Assignee: Wickr Inc.
    Inventors: Thomas Michael Leavy, Joël Alwen, Christopher Howell
  • Patent number: 10903990
    Abstract: A responder device receives, from an initiator device, a request to initiate a cryptographic tunnel between the initiator device and the responder device. The responder device does not include a static private key to be used in an asymmetric cryptography algorithm when establishing the tunnel. The responder device transmits a request to a key server that has access to the static private key and receives a response that is based on at least a result of at least one cryptographic operation using the static private key. The responder device receives from the key server, or generates, a transport key(s) for the responder device to use for sending and receiving data on the cryptographic tunnel. The responder device transmits a response to the initiator device that includes information for the initiator device to generate a transport key(s) that it is to use for sending and receiving data on the cryptographic tunnel.
    Type: Grant
    Filed: March 11, 2020
    Date of Patent: January 26, 2021
    Assignee: CLOUDFLARE, INC.
    Inventors: Watson Bernard Ladd, Vladislav Krasnov
  • Patent number: 10904230
    Abstract: Examples described herein include systems and methods for performing distributed encryption across multiple devices. An example method can include a first device discovering a second device that shares a network. The device can identify data to be sent to a server and calculate a checksum for that data. The device can then split the data into multiple portions and send a portion to the second device, along with a certificate associated with the server for encrypting the data. The first device can encrypt the portion of data it retained. The first device can receive an encrypted version of the second portion of the data sent to the second device. The first device can merge these two portions and send the merged encrypted data to the server, along with the checksum value. The server can decrypt the data and confirm that it reflects the original set of data.
    Type: Grant
    Filed: February 19, 2018
    Date of Patent: January 26, 2021
    Assignee: VMWARE, INC.
    Inventors: Suman Aluvala, Ramani Panchapakesan, Rajneesh Kesavan, Arjun Kochhar
  • Patent number: 10901849
    Abstract: A method for execution by a dispersed storage and task (DST) processing unit includes queuing authorization requests, corresponding to received operation requests, in response to determining that first system utilization data indicates a first utilization level that compares unfavorably to a normal utilization threshold. A first batched authorization request that includes the queued authorization requests is generated for transmission to an Identity and Access Management (IAM) system in response to determining that the first request queue compares unfavorably to a first queue limit condition. A second queue limit condition that is different from the first queue limit condition is determined based on second system utilization data. A second batched authorization request that includes a second plurality of authorization requests of a second request queue is generated in response to determining that the second request queue compares unfavorably to the second queue limit condition.
    Type: Grant
    Filed: July 17, 2019
    Date of Patent: January 26, 2021
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Amit H. Lamba, Brian F. Ober
  • Patent number: 10904593
    Abstract: A video packaging and origination service can process requests for content segments from requesting user devices. The video packaging and origination service can utilize various techniques to address performance of the user device responsive to detection of the presence of ad blocking software applications.
    Type: Grant
    Filed: September 4, 2018
    Date of Patent: January 26, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Meera Jindal, Varun Ram
  • Patent number: 10904232
    Abstract: Aspects of the present disclosure relate to providing a booting key to a remote system. A policy server receives a verification that a predetermined number of user devices provided secret information for booting a remote system. The policy server provides, in response to the received verification, a message for a key server to provide a booting key to the remote system, the key server providing the booting key in response to the message and causing the remote system to complete a booting procedure, in response to the message from the policy server.
    Type: Grant
    Filed: September 5, 2019
    Date of Patent: January 26, 2021
    Assignee: Palantir Technologies Inc.
    Inventors: Justin Cassidy, Tristan Smith, Kori Oliver
  • Patent number: 10904219
    Abstract: A relay-proxy device has first and second interfaces allowing connection to a first node and a second node respectively, wherein the relay-proxy device is configured with at least one key, and the relay-proxy device is operable to: receive a traffic flow in an encrypted transport protocol on the first interface; decrypt a first part of the traffic flow with said key, wherein a second part of the traffic flow cannot be decrypted with said key; perform a management function based on a content of the decrypted first part of the traffic flow; and forward at least the second part of the encrypted traffic flow to the second interface.
    Type: Grant
    Filed: March 2, 2016
    Date of Patent: January 26, 2021
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Göran Eriksson, Marcus Ihlar, Daniel Lindström, Zaheduzzaman Sarker
  • Patent number: 10896178
    Abstract: High performance query processing and data analytics can be performed across architecturally diverse scales, such as single core, multi-core and/or multi-nodes. The high performance query processing and data analytics can include a separation of query computation, keying data, and data movement and parallel computation, thereby enhancing the capabilities of the query processing and data analytics, while allowing the specification of complex forms of data parallel computation that may execute across real-time and offline. The decoupling of data movement and parallel computation, as described herein can improve query processing and data analytics speed, can provide for the optimization of searches in a plurality of computing environments, and can provide the ability to search through a larger space of execution plans.
    Type: Grant
    Filed: March 30, 2016
    Date of Patent: January 19, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Badrish Chandramouli, Raul Castro Fernandez, Abdul H. Quamar, Ahmed Eldawy, Jonathan D. Goldstein
  • Patent number: 10896137
    Abstract: A first non-volatile memory may store first data and a second non-volatile memory may store second data. An authentication component may be coupled with the first non-volatile memory and the second non-volatile memory and may receive a request to perform an authentication operation. In response to the request to perform the authentication operation, the authentication component may access the first data stored at the first non-volatile memory and the second data stored at the second non-volatile memory and determine whether the second data stored at the second non-volatile memory has become unreliable based on a memory disturbance condition. In response to determining that the second data stored at the second non-volatile memory has become unreliable, a corrective action associated with the first data stored at the first non-volatile memory may be performed.
    Type: Grant
    Filed: May 23, 2019
    Date of Patent: January 19, 2021
    Assignee: Cryptography Research, Inc.
    Inventors: Scott C. Best, Brent S. Haukness, Carl W. Werner
  • Patent number: 10893235
    Abstract: A conferencing apparatus and a method for switching an access terminal therein are provided. The conferencing apparatus according to one embodiment of the present disclosure includes: a conference information management module configured to generate mapping information for terminal identification information of a first terminal and access information of a conference participant who is accessing a conference through the first terminal; and an access switch module configured to provide a token corresponding to the mapping information to the first terminal according to an access terminal switch request from the first terminal and, when the token is received from a second terminal, switch a terminal of the conference participant from the first terminal to the second terminal according to validity of the received token.
    Type: Grant
    Filed: October 29, 2018
    Date of Patent: January 12, 2021
    Assignee: SAMSUNG SDS CO., LTD.
    Inventors: Hee-Tae Yoon, Seong-Joong Chang, Do-Hyung Im, Jun-Ho Kang
  • Patent number: 10890664
    Abstract: A vehicle unit adapted to receive a GNSS raw data signal, characterised in that it comprises a secure processor or secure microcontroller unit (MCU) adapted to authenticate the GNSS raw data signal and securely calculate a position of the vehicle unit based on the authenticated or to be authenticated GNSS raw data signal.
    Type: Grant
    Filed: April 27, 2017
    Date of Patent: January 12, 2021
    Assignee: STONERIDGE ELECTRONICS AB
    Inventors: Peter Ekström, Arne Lohage, Mikael Jansson
  • Patent number: 10887083
    Abstract: A data storage method comprises sending, by a blockchain node associated with a blockchain, data to an encryption device to cause the encryption device to encrypt the data and return the encrypted data to the blockchain node; receiving the encrypted data returned by the encryption device; and sending the encrypted data to other blockchain nodes associated with the blockchain to cause each of the other blockchain nodes to store the encrypted data in the blockchain after performing consensus verification on the encrypted data with success.
    Type: Grant
    Filed: January 15, 2020
    Date of Patent: January 5, 2021
    Assignee: ADVANCED NEW TECHNOLOGIES CO., LTD.
    Inventor: Hao Wu
  • Patent number: 10884977
    Abstract: Systems and methods for distributed file processing are disclosed. In one embodiment, a computer-implemented method for distributed file processing in a distributed network may include: (1) receiving, at a first distributed host in a network of a plurality of distributed hosts, an archive command; (2) the first distributed host identifying a plurality of files in a shared file system to archive in response to the archive command; (3) the first distributed host splitting at least one of the plurality of files that is above a predetermined size into a plurality of file chunks; (4) the first distributed host instructing a second distributed host to archive one of the plurality of files or plurality of file chunks to a store; and (5) the first distributed host and the second distributed host archiving the plurality of files and the plurality of file chunks to the store.
    Type: Grant
    Filed: June 22, 2017
    Date of Patent: January 5, 2021
    Assignee: JPMORGAN CHASE BANK, N.A.
    Inventors: Shahin Mahmoud Shahin, Vladimir Knajtner, Michel Victor
  • Patent number: 10880079
    Abstract: This application discloses a private key generation method and system, and a device. The method includes: sending, by a first network device, a first request to a second network device, where the first request includes a first parameter set; receiving, by the first network device, a first response message returned by the second network device, where the first response message includes a first sub-private key and a second parameter set, the first sub-private key is generated based on the first parameter set, and the first sub-private key is generated for a terminal device; generating, by the first network device, a second sub-private key based on the second parameter set, where the second sub-private key is generated for the terminal device; and synthesizing, by the first network device, the first sub-private key and the second sub-private key into a joint private key according to a synthesis formula.
    Type: Grant
    Filed: September 6, 2019
    Date of Patent: December 29, 2020
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Xin Kang, Xuwu Zhang, Yanjiang Yang, Haiguang Wang, Zhongding Lei
  • Patent number: 10872098
    Abstract: A client can allocate and reassociate unique identifiers to local content items associated with an account at a content management system, and use the unique identifiers to commit operations for the content items on the content management system. For example, a client can create a content item and determine the content item does not have an identifier from the content management system. The client obtains an identifier for the content item and asks the content management system to verify a uniqueness of the identifier. When the identifier is unique, the client adds a node corresponding to the content item to a local tree representing a state at the client of content items associated with the account, and uploads the content item with the identifier to the content management system. When the identifier is not unique, the client obtains a new identifier for the content item.
    Type: Grant
    Filed: December 29, 2017
    Date of Patent: December 22, 2020
    Assignee: Dropbox, Inc.
    Inventors: Isaac Goldberg, John Lai, Sujay Jayakar
  • Patent number: 10872487
    Abstract: The present invention provides an improved system and method for using cryptography to secure computer-implemented choice mechanisms. In several preferred embodiments, a process is provided for securing participants' submissions while simultaneously providing the capability of validating their submissions. This is referred to as a random permutation. In several other preferred embodiments, a process is provided for securing participants' advance instructions while simultaneously providing the capability of validating their advance instructions. This is referred to as a secure advance instruction. Applications include voting mechanisms, school choice mechanisms, and auction mechanisms.
    Type: Grant
    Filed: March 25, 2020
    Date of Patent: December 22, 2020
    Assignee: EFFICIENT AUCTIONS LLC
    Inventors: Andrew Komo, Lawrence M Ausubel
  • Patent number: 10868808
    Abstract: A mobile communication device. The mobile communication device comprises a processor, a non-transitory memory, a subscriber identity module (SIM), wherein the SIM stores an encryption key, and a client application stored in the non-transitory memory. When executed by the processor, the client application transmits a server application authentication token request comprising an identity of the SIM, receives a message comprising a value, requests the SIM to encrypt the value using the encryption key stored by the SIM, receives an encrypted value from the SIM, transmits the encrypted value in a message, receives a server application authentication token, stores the server application authentication token in the non-transitory memory, transmits a server application access request comprising the server application authentication token, and conducts a communication session with the server application.
    Type: Grant
    Filed: October 16, 2018
    Date of Patent: December 15, 2020
    Assignee: Sprint Communications Company L.P.
    Inventors: Ricky A. Hohler, Robin D. Katzer, Deepthi Kota, Brian D. Mauer
  • Patent number: 10863471
    Abstract: A network entity may determine whether a network context of a device is stored in the device or in the network based, at least in part, on a preference or capability of the device, as reported by the device during attachment to the network entity. The context may be stored in, and retrieved from, a dedicated context storage function that is independent of the network entity. A context storage function may be partitioned, or separate storage functions used, to automatically group and track access network contexts, core network contexts, or network slice contexts. The context storage function may provide to the device an index, such as a link or other identifier to be used in retrieving the stored context information. The context storage function may further provide a token to secure re-attachment communications among the device, the network entity, and the context storage function.
    Type: Grant
    Filed: September 29, 2017
    Date of Patent: December 8, 2020
    Assignee: Convida Wireless, LLC
    Inventors: Michael F. Starsinic, Rocco Di Girolamo, Catalina Mihaela Mladin, Hongkun Li
  • Patent number: 10860726
    Abstract: Systems and methods for peer-to-peer secure document exchange are disclosed. The system may allow a document provider to securely transmit a certified document to a document verifier using decentralized storage. The verifier system may generate a session key pair and transmit the session public key to a trusted API provider. The trusted API provider may generate a session nonce. The verifier system may transmit the session nonce to the provider system. The provider system may use the session nonce to retrieve the session public key. The provider system may encrypt a certified document using the session public key and store the encrypted certified document in the decentralized storage. The verifier system may retrieve the encrypted certified document by polling the trusted API provider based on the session nonce. The verifier system may decrypt the encrypted certified document using the session private key.
    Type: Grant
    Filed: December 12, 2018
    Date of Patent: December 8, 2020
    Assignees: AMERICAN EXPRESS TRAVEL RELATED, SERVICES COMPANY, INC.
    Inventors: Jitendra Singh Dikhit, Alaric M. Eby, Andras L. Ferenczi, Ashish Kumar
  • Patent number: 10860659
    Abstract: Disclosed are various embodiments for distributed verification of digital work product. A blockchain management application receives corresponding updates to a plurality of documents within a time interval. The blockchain management application then generates a single work product record in a blockchain. The single work product record evidences corresponding states of the plurality of documents at an end of the time interval.
    Type: Grant
    Filed: September 6, 2018
    Date of Patent: December 8, 2020
    Assignee: AMAZON TECHNOLOGIES, INC.
    Inventors: Prashant Verma, Ronil Mokashi