Having Key Exchange Patents (Class 713/171)
  • Patent number: 11121879
    Abstract: A computer implemented method for automatically certifying documents with integrity and authenticity guarantees and computer programs thereof.
    Type: Grant
    Filed: March 22, 2018
    Date of Patent: September 14, 2021
    Assignee: TELEFONICA CYBERSECURITY & CLOUD TECH S.L.
    Inventors: Aruna Prem Bianzino, Carmen Torrano Gimenez, Rames Sarwat, Salvador Sanchez Taboada
  • Patent number: 11121864
    Abstract: A method, a computer program product, and a system for distributing a private signature key between authorization instances. The method includes registering a plurality of authorization instances in a configuration file and generating host instance key pairs by each of the authorization instances. The method also includes storing the public host keys in the shared database and electing one of the authorization instances to be a signature key leader instance. The method includes generating, by the signature key leader instance, a signature key pair. The signature key pair includes a public signature key and a private signature key. The method also includes storing the public signature key in the shared database and transmitting an encrypted private signature key to a requesting authorization instance of the authorization instances. The method further includes decrypting the encrypted private signature key using the private host key generated by the requesting authorization instance.
    Type: Grant
    Filed: March 13, 2020
    Date of Patent: September 14, 2021
    Assignee: International Business Machines Corporation
    Inventors: Michael Beck, Martin Smolny, Thomas Dürr, Georg Ochs, Gerald Francis McBrearty, Stephen SooHoo
  • Patent number: 11115821
    Abstract: System and methods are disclosed that enable data sharing across networks, including peer-to-peer sharing of content over wireless networks using peer mobile devices. A database may store content associated with a first peer mobile device. A request from a requester peer mobile device for content associated with a user of the first peer mobile device may be received at a server. The encrypted request is transmitted by the server to the first peer mobile device which may decrypt the request. An authorization token may be transmitted by the first peer mobile device to the server which may then enable the requesting peer mobile device to access the requested content, which may be accessed from the first peer mobile device and/or a cloud storage system.
    Type: Grant
    Filed: February 16, 2021
    Date of Patent: September 7, 2021
    Assignee: Generation Finance Technology, Inc.
    Inventor: Rhonda G. Ozanian
  • Patent number: 11115396
    Abstract: In one embodiment, a crypto cloudlet is provided that includes a security wrapper to a virtual machine to guarantee secure Input/Output exchange between a client and one or more cryptographic adaptive services powered by a set of virtual CPUs through a single well defined channel, an adaptive service running in the virtual machine that identifies hardware resources necessary to satisfy a cryptographic demand or request, and an Ethernet interface communicatively coupled to the security wrapper providing network channel services for exchange of cryptographic data and commands. The security wrapper presents to the adaptive services the hardware accelerators exposed by the virtual machine. Other embodiments are disclosed.
    Type: Grant
    Filed: February 17, 2020
    Date of Patent: September 7, 2021
    Assignee: Thales eSecurity, INC.
    Inventors: Enrique Sanchez, Bernardo Arainty, John Perret, Tomas Arredondo, Pedro Valladares, Guillermo Cordon, Sergio Barcala, Marc Boillot
  • Patent number: 11108558
    Abstract: Embodiments of the invention are directed to authentication and authorization methods. The authentication process can involve a user device interacting with an access device that is within a proximity of the user device to help ensure that the user device is near a location of the access device. The access device can assist with the authentication, either at the access device or via a communications network to an authentication computer. For example, embodiments can provide mechanisms for authentication of a user device at an access device before the user device is authenticated and authorized access to a building.
    Type: Grant
    Filed: August 30, 2019
    Date of Patent: August 31, 2021
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventor: Eric Vortriede
  • Patent number: 11108631
    Abstract: A method of network configuration of a personal identification number (PIN) pads includes receiving a request to upgrade a PIN pad from a merchant or an individual software vendor (ISV) to read microprocessor-enabled or contactless payment vehicles, retrieving a PIN pad configuration hash value from the PIN pad, obtaining current configuration using the hash value, sending instructions to the PIN pad to upgrade the PIN pad over a network if the PIN pad is capable of reading microprocessor-enabled or contactless payment vehicles, and downloading and installing drivers to enable PIN pad readers to read and process at least one of the microprocessor-enabled payment vehicles and contactless payment vehicles according to the instructions. The method further performs additional operations such as updating the PIN pad registry with the PIN pad configuration and enabling the PIN pad to read the microprocessor-enabled or contactless payment vehicles.
    Type: Grant
    Filed: June 26, 2020
    Date of Patent: August 31, 2021
    Assignee: Worldpay, LLC
    Inventor: Bryan Cox
  • Patent number: 11108565
    Abstract: Embodiments of the invention can establish secure communications using a single non-traceable request message from a first computer and a single non-traceable response message from a second computer. Non-traceability may be provided through the use of blinding factors. The request and response messages can also include signatures that provide for non-repudiation. In addition, the encryption of the request and response message is not based on the static keys pairs, which are used for validation of the signatures. As such, perfect forward secrecy is maintained.
    Type: Grant
    Filed: April 16, 2019
    Date of Patent: August 31, 2021
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Eric Le Saint, Payman Mohassel
  • Patent number: 11108549
    Abstract: The present invention discloses a service processing method and apparatus, and relates to the communications field. The method includes: receiving trigger information sent by an intermediary device; and assisting, based on the trigger information, the intermediary device in negotiating with UE and a network server, to enable the intermediary device to obtain a first key, where the first key is used by the intermediary device to decrypt ciphertexts sent by the UE and the network server, the ciphertext is obtained after the UE or the network server encrypts service information by using a second key, and the first key is corresponding to the second key. The present invention resolves a problem that an intermediary device cannot provide service optimization for user equipment and a network server because the intermediary device cannot decrypt ciphertext, and achieves an effect of expanding a usage scope of service optimization.
    Type: Grant
    Filed: December 6, 2018
    Date of Patent: August 31, 2021
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Anni Wei, Chunshan Xiong, Jianjie You
  • Patent number: 11098918
    Abstract: Systems and methods are disclosed for using one or more gateway systems for integrating multiple load control systems such that the load control systems may appear to a user and be controlled by the user as a unified load control system.
    Type: Grant
    Filed: February 20, 2018
    Date of Patent: August 24, 2021
    Assignee: Lutron Technology Company LLC
    Inventors: John H. Bull, Ram K. Prasad
  • Patent number: 11101975
    Abstract: A ciphertext matching system, includes: a registration target data generation apparatus, a matching request apparatus, a data matching apparatus, and a matching support apparatus. The data matching apparatus generates a first-distance-related ciphertext in which a first distance between registered data and matching target data is kept secret by random numbers. The matching support apparatus generates a public key and a secret key and transmits the generated public key to the individual apparatuses. The data matching apparatus transmits the first-distance-related ciphertext to the matching support apparatus. The matching support apparatus determines whether the first distance obtained by decrypting the first-distance-related ciphertext with the secret key is included in a set of second distances in which the registered data and the matching target data are allowable to be matched each other and transmits a result of the determination to the data matching apparatus.
    Type: Grant
    Filed: December 2, 2016
    Date of Patent: August 24, 2021
    Assignee: NEC CORPORATION
    Inventors: Toshiyuki Isshiki, Haruna Higo
  • Patent number: 11102640
    Abstract: A network function performs a method to identify an invalid subscription concealed identifier, SUCI. When the network function receives a message containing a SUCI, it determines a size of the SUCI contained in the received message, and also determines an expected size of the SUCI in the received message. The network function then determines whether the size of the SUCI contained in the received message satisfies a criterion associated with the expected size. If the size of the SUCI contained in the received message does not satisfy the criterion associated with the expected size, the network function determines that the SUCI in the received message is invalid, and it rejects the SUCI in the received message if it is determined to be invalid.
    Type: Grant
    Filed: December 20, 2018
    Date of Patent: August 24, 2021
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Prajwol Kumar Nakarmi, Pasi Saarinen
  • Patent number: 11096049
    Abstract: The present invention provides a method for enabling a wearable device connected to a user equipment device to be identified and authenticated within a mobile communications network, the method comprising attaching both the user equipment device and the wearable device to the mobile communications network by means of a single registration request communicated by the user equipment device to the mobile communications network.
    Type: Grant
    Filed: July 26, 2017
    Date of Patent: August 17, 2021
    Assignee: IPCOM GMBH & CO. KG
    Inventors: Achim Luft, Martin Hans
  • Patent number: 11087360
    Abstract: Aspects of the subject disclosure may include, for example, a mobile device gateway that receives an HTTP POST message including an advertising identifier from a mobile device, determining whether a uniform resource locator of the HTTP POST message is on a list of URLs for data management platforms; and routing the HTTP POST message to the Internet responsive to determining that the URL of the HTTP POST message is not on the list of URLs for data management platforms. Other embodiments are disclosed.
    Type: Grant
    Filed: June 3, 2016
    Date of Patent: August 10, 2021
    Assignee: AT&T Intellectual Property I, L.P.
    Inventor: Michael J. Berry, Jr.
  • Patent number: 11089469
    Abstract: A system and method for facilitating service sharing (e.g., voice services, data services, multimedia services, etc.) in a network environment (100). In one example arrangement, upon receiving an input at a host subscriber device (302), a request is generated (306) to a host subscriber's service provider network (304) for instantiating a virtual subscriber identification module (vSIM) populated with the host subscriber's service profile with respect to a service. A guest user's authentication information is provided (354) for performing guest registration and remote provisioning (354, 502) for the vSIM, the remote provisioning including allocation of a temporary phone number and an IP address, which may be used in a mapping relationship for routing calls or sessions engaged by the guest (352) using a service shared with the host subscriber (302).
    Type: Grant
    Filed: April 21, 2016
    Date of Patent: August 10, 2021
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Alexander Bachmutsky, Srinivas Kadaba
  • Patent number: 11088844
    Abstract: An example system may include a processor and memory, wherein the processor is configured to perform one or more of gather hashed commitments inputs from a plurality of user peers until a current time of a blockchain network equals to a hashed commitments inputs end time (t1), collect plain text inputs until the current time of the blockchain network equals to a plain text inputs collection end time (t2), wherein the t2 is greater than the t1, and execute a chaincode of the smart contract to: compare generated hashes of the plain text inputs against previously stored hashes, in response to a match, store the plain text inputs into an input array, and perform a compute function on the input array.
    Type: Grant
    Filed: March 26, 2019
    Date of Patent: August 10, 2021
    Assignee: International Business Machines Corporation
    Inventors: Zhou Yinsheng, Yu Chin Fabian Lim, Pralhad D. Deshpande, Chun Hui Suen, Venkatraman Ramakrishna
  • Patent number: 11089001
    Abstract: A method for operating an electronic apparatus according to an embodiment of the present invention may comprise the steps of: setting a first key for unlocking data stored in a first electronic apparatus; when the first electronic apparatus receives, from a second electronic apparatus, a second key set by the second electronic apparatus, transmitting by the first electronic apparatus, to the second electronic apparatus, first data locked using the first key and the second key; and when the first electronic apparatus receives, from the second electronic apparatus, a generation signal of a first event for the first data, transmitting the first key to the second electronic apparatus according to whether the first event is approved or not.
    Type: Grant
    Filed: February 27, 2017
    Date of Patent: August 10, 2021
    Inventor: Seung-Min Choi
  • Patent number: 11082816
    Abstract: A wireless communication device includes: a memory; a transceiver; and a processor communicatively coupled to the memory and to the transceiver and configured to: obtain a first device identity for each of a plurality of first radio-frequency (RF) devices each configured to transmit a wireless RF signal; obtain a mobility status for each of the plurality of first RF devices, the mobility status indicative of whether the respective first RF device is expected to be mobile or static; obtain an RF signal measurement for each of the plurality of first RF devices; and produce a profile of the plurality of first RF devices using the first device identity for each of the plurality of first RF devices, the mobility status for each of the plurality of first RF devices, and the RF signal measurement for each of the plurality of first RF devices.
    Type: Grant
    Filed: May 13, 2020
    Date of Patent: August 3, 2021
    Assignee: QUALCOMM Incorporated
    Inventors: Meghna Agrawal, Sai Pradeep Venkatraman, Weihua Gao, Ju-Yong Do, Gengsheng Zhang
  • Patent number: 11082222
    Abstract: In one example a processing device can receive an indication from a software application that an encrypted communication transmitted by a remote device is stored in a memory location. In response to receiving the indication, the processing device can retrieve the encrypted communication from the memory location, decrypt the encrypted communication using a first key to determine a decrypted version of the encrypted communication, and extract a second key from the decrypted version of the encrypted communication. The second key can be different from the first key. And the second key can be configured to decrypt a set of encrypted data stored in a non-volatile memory device that is accessible to the computing device.
    Type: Grant
    Filed: November 11, 2019
    Date of Patent: August 3, 2021
    Assignee: Red Hat, Inc.
    Inventor: Jonathan Charles Masters
  • Patent number: 11080162
    Abstract: The present disclosure provides generally for a system and method for visualizing and measuring software assets. According to the present disclosure, the system interacts through an API to discover and populate all software applications within an organization in an interface that provides the user real-time information regarding the software applications. The system may provide real-time insights within an organization at all levels, with real-time feedback and metrics on what software there is, how software is being used, and software management options.
    Type: Grant
    Filed: April 24, 2018
    Date of Patent: August 3, 2021
    Assignee: HNL Partners, LLC
    Inventors: Jeremy J. Vaughan, Tracy F. Potts, Michael J. Potts
  • Patent number: 11075755
    Abstract: Disclosed are various embodiments for implementing a key escrow system without disclosure of a client's encryption key to third parties. An encryption key is split into a plurality of key segments pursuant to a shared secret protocol. A plurality of peer client devices are then identified. Each peer client device in the plurality of peer client devices is then verified and the respective one of the plurality of key segments are sent to a respective one of the plurality of peer client devices. A response is then received from each respective one of the plurality of peer client devices, the response confirming receipt of the respective one of the plurality of key segments. A list identifying the plurality of peer client devices is finally provided to a key escrow service, the list comprising key-value pairs that identify each respective one of the plurality of peer client devices and the respective one of the plurality of key segments.
    Type: Grant
    Filed: April 24, 2019
    Date of Patent: July 27, 2021
    Assignee: VMWARE, INC.
    Inventors: Chaoting Xuan, Qimin Yao, Litao Shen
  • Patent number: 11069171
    Abstract: The present invention provides an improved system and method for using cryptography to secure computer-implemented choice mechanisms. In several preferred embodiments, a process is provided for securing participants' submissions while simultaneously providing the capability of validating their submissions. This is referred to as a random permutation. In several other preferred embodiments, a process is provided for securing participants' advance instructions while simultaneously providing the capability of validating their advance instructions. This is referred to as a secure advance instruction. Applications include voting mechanisms, school choice mechanisms, and auction mechanisms.
    Type: Grant
    Filed: December 21, 2020
    Date of Patent: July 20, 2021
    Assignee: EFFICIENT AUCTIONS LLC
    Inventors: Andrew Komo, Lawrence M Ausubel
  • Patent number: 11070524
    Abstract: Generally, embodiments of the invention are directed to methods, computer readable medium, servers, and systems for deidentified access of data. The deidentified access is permitted with the use of an identifier that uniquely indicates an outcome, the coding of the identifier obscures unaided human interpretation of the outcome, and the identifier uniquely identifies data for remediating performance associated with future outcomes.
    Type: Grant
    Filed: November 26, 2019
    Date of Patent: July 20, 2021
    Assignee: PEARSON EDUCATION, INC.
    Inventors: Vishal Kapoor, Cole Joseph Cecil, David Earl Rodgers
  • Patent number: 11068881
    Abstract: Embodiments of the present invention provide a system for resource distribution within an offline environment. A merchant device internally stores a repository of reference codes and managing entity public keys that are paired with managing entity private keys. The user requests an amount of resources for offline exchange from the managing entity system. The managing entity system transmits certain authorization and encryption information to a user device. When the user device receives an exchange prompt from the computing device of the merchant through near field communication, it generates a digital token incorporating layers of content encryption ending with a managing entity's private key. The encrypted token and reference code are transmitted via near field communication to the merchant device. The merchant device matches the reference code to the managing entity public key and decrypts portions of the token with the managing entity public key to acquire the usable exchange information.
    Type: Grant
    Filed: September 20, 2019
    Date of Patent: July 20, 2021
    Assignee: BANK OF AMERICA CORPORATION
    Inventor: Rick A. Beye
  • Patent number: 11071050
    Abstract: Network equipment (26) in a wireless communication network is configured to receive at least a portion of a subscription concealed identifier, SUCI, (34) for a subscriber (13). The SUCI (34) contains a concealed subscription permanent identifier, SUPI, (20) for the subscriber (13). The received at least a portion of the SUCI (34) indicates a sub-domain code, SDC, (32). The SDC (32) indicates a certain sub-domain, from among multiple sub-domains (30-1, 30-2, . . . 30-N) of a home network of the subscriber (13), to which the subscriber (13) is assigned. The network equipment (26) is also configured to determine, based on the SDC (32) and from among multiple instances (24-1, 24-2, . . . 24-M) of a provider network function in the home network respectively allocated to provide a service to be consumed for subscribers assigned to different sub-domains, an instance of the provider network function to provide the service to be consumed for the subscriber (13).
    Type: Grant
    Filed: January 15, 2019
    Date of Patent: July 20, 2021
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Cheng Wang, David Castellanos Zamora, Prajwol Kumar Nakarmi, Vesa Torvinen
  • Patent number: 11070363
    Abstract: A first example network security platform disclosed herein includes a platform selector to determine a platform selection value based on a first parameter value in a first message from a client and a second parameter value in a second message from a server, the first and second messages associated with establishment of an encrypted network traffic flow between the client and the server. The example first network security platform also includes a key retriever to obtain a cryptographic session key associated with the encrypted network traffic flow from a selected one of a cluster of network security platforms based on the platform selection value, the first network security platform included in the cluster of network security platforms. The example first network security platform further includes a traffic analyzer to analyze network traffic associated with the encrypted network traffic flow based on the cryptographic session key.
    Type: Grant
    Filed: December 21, 2018
    Date of Patent: July 20, 2021
    Assignee: McAfee, LLC
    Inventors: Manikandan A. Kenyan, Anil Abraham
  • Patent number: 11063751
    Abstract: A communication system between a plurality of in-vehicle electronic devices protected using a symmetric key method is disclosed. The communication system includes a sender configured to transmit a message including a cyclic authentication code and a group authentication code, and a plurality of receivers configured to separately verify the message based on the cyclic authentication code and the group authentication code at a preset order.
    Type: Grant
    Filed: September 12, 2017
    Date of Patent: July 13, 2021
    Assignee: LG Electronics Inc.
    Inventors: Kyusuk Han, Hyobin Bae
  • Patent number: 11061891
    Abstract: This specification describes techniques for managing assets in a blockchain. One example method includes receiving, from a target user recorded in a distributed database of the blockchain network, a user input including a request to generate an asset object in the blockchain network, the blockchain network including an account object and a contract object, determining, based on the user input, an asset type of the asset object, initiating, in the blockchain network, the contract object corresponding to generate the asset object based on the asset type, the asset object including a digital asset corresponding to a physical asset associated with the target user, assigning the asset object to a target object of the target user, and adding address information of the asset object to the target object.
    Type: Grant
    Filed: December 23, 2019
    Date of Patent: July 13, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventor: Xuebing Yan
  • Patent number: 11057376
    Abstract: A method, an apparatus, and a system for controlling an intelligent device are provided. The device transmits a control request including a first intelligent device identifier corresponding to a first intelligent device to be controlled. In response to transmitting the control request, the device receives a first verification character string that corresponds to the control request. The first verification character string is transmitted to a first wearable device locally establishing a data connection with the first wearable device. First signed information is received from the first wearable device. The first signed information is a result of performing a signature on first to-be-signed information and includes the first verification character string. The first signed information and operation information for controlling the first intelligent device are transmitted.
    Type: Grant
    Filed: December 19, 2019
    Date of Patent: July 6, 2021
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventors: Wenqing Liu, Zixi Shen, Qiang Wang
  • Patent number: 11055279
    Abstract: This specification describes techniques for managing assets in a blockchain. One example method includes receiving, from a target user recorded in a distributed database of the blockchain network, a user input including a request to generate an asset object in the blockchain network, the blockchain network including an account object and a contract object, determining, based on the user input, an asset type of the asset object, initiating, in the blockchain network, the contract object corresponding to generate the asset object based on the asset type, the asset object including a digital asset corresponding to a physical asset associated with the target user, assigning the asset object to a target object of the target user, and adding address information of the asset object to the target object.
    Type: Grant
    Filed: February 14, 2019
    Date of Patent: July 6, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventor: Xuebing Yan
  • Patent number: 11049205
    Abstract: Disclosed subject matter includes systems and methods for providing a witnessed an electronically executed legal instrument, such as a limited power of attorney. The technology disclosed herein allows for the immediate transfer of a witnessed electronic document meeting today's current standards for witnessing of a document, including proximity of parties, and multiple forms of party identity authentication.
    Type: Grant
    Filed: June 19, 2019
    Date of Patent: June 29, 2021
    Assignee: Goldman Sachs & Co. LLC
    Inventors: Raymond John Kaminski, Anthony Edward Bunnell, William Walter Hurley, David Campos Cardona
  • Patent number: 11044085
    Abstract: The present disclosure provides a system in which a migration operation which is different from a normal registration operation performed on a system is started in one of a terminal before replacement and a terminal after the replacement so that a registration operation performed on the terminal after the replacement is easily completed only by causing a user to consecutively perform an authentication operation on both of the terminals.
    Type: Grant
    Filed: May 15, 2018
    Date of Patent: June 22, 2021
    Inventor: Hirotaka Funayama
  • Patent number: 11044094
    Abstract: A method of sharing encrypted data includes, by an electronic device, receiving a password from a user to perform an action, receiving a salt value, generating a user key using the password and salt value, receiving an encrypted key location identifier value, decrypting the encrypted key location identifier value to obtain a key location identifier, receiving an encrypted read token value, decrypting the encrypted read token value using the user key to obtain a read token value, and transmitting the read token value and the key location identifier to a server electronic device.
    Type: Grant
    Filed: August 23, 2019
    Date of Patent: June 22, 2021
    Assignee: Powch, LLC
    Inventors: Essam Abadir, Rosco Schock, Joshua Risbeck Cox
  • Patent number: 11044238
    Abstract: A first encryption key associated with a first tenant is created. The first encryption key is configured in a host where a virtual machine associated with the first tenant is executing, the host including a network interface controller configured to have a virtual network interface function, the virtual network interface function executing on the host and being associated with the virtual machine of the first tenant. The virtual network interface function is caused to bind the first encryption key to the virtual machine of the first tenant. The virtual network interface function is caused to encrypt outgoing network traffic of the first tenant using the first encryption key. The virtual network interface function is caused to decrypt incoming network traffic for the first tenant using the first encryption key.
    Type: Grant
    Filed: October 19, 2018
    Date of Patent: June 22, 2021
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Yi Yang, Timothy J. Kuik, Kyle Andrew Donald Mestery, Hank R. Gibson
  • Patent number: 11042804
    Abstract: A system and method providing a security gateway for high security blockchain systems, that acts as a firewall (and manages users, rules, data access, transactions, fees, etc.), has the ability to understand and enforce blockchain business processes policies (access policy and transaction policy of a blockchain solution that may or may not support smart contracts), and can understand tokens and their functionality, without totally disabling code execution, for example from smart contracts or tokens enabled by smart contracts.
    Type: Grant
    Filed: February 20, 2020
    Date of Patent: June 22, 2021
    Assignee: LIQUINEQ AG
    Inventor: Dan Kikinis
  • Patent number: 11042488
    Abstract: A symmetric key that is stored at a device may be received. A public key from a remote entity may also be received at the device. Furthermore, a derived key may be generated based on a one way function between the symmetric key that is stored at the device and the public key that is received from the remote entity. The derived key may be encrypted with the public key and transmitted to the remote entity. The encryption of the derived key with the public key may provide secure transmission of the derived key to an authorized remote entity with a private key that may be used to decrypt the encrypted derived key.
    Type: Grant
    Filed: May 27, 2016
    Date of Patent: June 22, 2021
    Assignee: Cryptography Research, Inc.
    Inventor: Ambuj Kumar
  • Patent number: 11038870
    Abstract: An input is received from a client device and is indicative of a desire to add a device for secure operations. Artifacts are generated and a quick response (QR) code is generated that represents the artifacts. The QR code is transmitted to the client device where it can be read by the device to be added, so the artifacts can be used in performing the secure operations.
    Type: Grant
    Filed: March 9, 2017
    Date of Patent: June 15, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Liqiang Zhu, Joel T. Hendrickson, Chang Chuen Kawaguchi
  • Patent number: 11038922
    Abstract: A client application establishes a connection between the client application and an origin server over one or more networks. The application generates a request to establish a secure session with the origin server over the connection. The request includes information, in a header of the request, that flags traffic sent during the secure session to a network of the one or more networks as subject to one or more optimizations performed by the network. Subsequent to establishing the secure session, the application encrypts the traffic in accordance with the secure session and sends the traffic to the origin server over the connection, subject to the one or more optimizations. The infrastructure service applies the one or more optimizations to the traffic as it passes through the edge network to the origin server.
    Type: Grant
    Filed: November 4, 2019
    Date of Patent: June 15, 2021
    Assignee: Fastly, Inc.
    Inventors: Sean Leach, Artur Bergman
  • Patent number: 11036554
    Abstract: A first request to reserve a quantity of resources that comply with a constraint specified in the first request is obtained. A set of available resources that fulfills the constraint is determined based on current capacity usage. A token is associated with the set of available resources, with the token being associated with an expiration. The quantity of resources from the set of available resources is reserved, where the quantity allocated is unavailable, until the expiration, to fulfill resource requests that lack the token. The token is provided in response to the first request.
    Type: Grant
    Filed: March 26, 2019
    Date of Patent: June 15, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Leslie Andrew Prock, Diwakar Gupta, Jeremy Truelove, Zachary Christopher Mouri
  • Patent number: 11030697
    Abstract: A method of implementing a secure exchange portal system for independent medical review, and classification tools and case-level physician review tools for use in such reviews, are disclosed.
    Type: Grant
    Filed: February 10, 2017
    Date of Patent: June 8, 2021
    Assignee: Maximus, Inc.
    Inventors: Mark E. Erard, Raja Balasubramanian, Viraf Bankwalla, Michael C. Monette, Mohammad A. Sabri, Bruce W. Saunders, Thomas Stockton, Ryan Vaniderstine
  • Patent number: 11032251
    Abstract: A computer system trains an Artificial Intelligence (AI) model to generate a key generated as a same key based on multiple different feature vectors, which are based on specified target environment attributes of a target environment domain. The computer system uses the key to encrypt concealed information as an encrypted payload and distributes the encrypted payload and the trained AI model to another computer system. The other computer system extracts environment attributes based on an environment domain accessible by the other computer system and decodes a candidate key by using the trained AI model that uses the extracted environment attributes of the environment domain as input. The trained AI model is trained to generate a key that is generated as a same key from multiple different feature vectors corresponding to specified target environment attributes of a target environment domain. The other computer system determines whether the candidate key is correct.
    Type: Grant
    Filed: June 29, 2018
    Date of Patent: June 8, 2021
    Assignee: International Business Machines Corporation
    Inventors: Dhilung Hang Kirat, Jiyong Jang, Marc Philippe Stoecklin
  • Patent number: 11032069
    Abstract: The present disclosure relates to a method and system for securely transferring master keying material between to a slave dongle (12). Each slave dongle (12) is connected to a data transfer system. The slave dongle (12) contains a public key and a private key and the data transfer system holds a master keying material source that contains master keying material to be transferred securely to the slave dongle (12). The slave dongle's public key is transferred to the master keying material source. The master keying material source encrypts the master keying material with the slave dongle's public key to produce an encrypted master keying material. The encrypted master keying material is sent to the slave dongle (12) and the slave dongle (12) decrypts the encrypted master keying material with the slave dongle's private key. This allows multiple users, each having a slave dongle (12a-n) that has been configured in this manner, to use the same master keying material to securely communicate with one another.
    Type: Grant
    Filed: November 6, 2019
    Date of Patent: June 8, 2021
    Assignee: iStorage Limited
    Inventor: John Michael
  • Patent number: 11025421
    Abstract: Various embodiments relate to a key protocol exchange that provide a simple but still secure key exchange protocol. Security of key exchange protocols has many aspects; providing and proving all these properties gets harder with more complex protocols. These security properties may include: perfect forward secrecy; forward deniability; key compromise impersonation resistance; security against unknown key share attack; explicit or implicit authentication; key confirmation; protocol is (session-)key independent; key separation (different keys for encryption and MACing); extendable, e.g., against DOS attacks; support of early messages; small communication footprint; and support of for public-key and/or password authentication.
    Type: Grant
    Filed: April 26, 2019
    Date of Patent: June 1, 2021
    Assignee: NXP B.V.
    Inventor: Bjorn Fay
  • Patent number: 11025640
    Abstract: A method alters a computer resource in response to the computer resource moving from a first geolocation to a second geolocation. One or more processors receive a message indicating that a computer resource has moved from a first geolocation to a new geolocation. In response to receiving the message that the computer resource has moved from the first geolocation to the new geolocation, the processor(s) encrypt data that is stored on the computer resource, and apply decryption information to the encrypted data from the new geolocation, where the decryption information is specifically for decrypting encrypted data at the new geolocation. In response to the decryption information failing to decrypt the encrypted data at the new geolocation, the processor(s) and/or a user alter the computer resource.
    Type: Grant
    Filed: October 29, 2019
    Date of Patent: June 1, 2021
    Assignee: International Business Machines Corporation
    Inventors: Ashish Kundu, Dimitrios Pendarakis, David R. Safford
  • Patent number: 11005857
    Abstract: Systems and methods for security of industrial data streams are provided herein. Methods according to various embodiments include provisioning a fogNode that is communicatively coupled with a fog cloud manager through a forwarder of the fogNode and providing a fogLet within the fogNode, the fogLet communicating with a plurality of operational technology devices. Embodiments include providing fogLet identification information using hardware root of trust of the fogNode, the hardware root of trust of the fogNode being a Trusted Platform Module (TPM) of the fogNode. Embodiments further comprise communicating operational device authentication information with fogLet identification information to a third party tenant application, the third party tenant application validating industrial data streams from the operational technology devices by communicating the operational device authentication information with the fogLet identification information to a third party cloud application.
    Type: Grant
    Filed: October 24, 2018
    Date of Patent: May 11, 2021
    Assignee: NEBBIOLO TECHNOLOGIES, INC.
    Inventors: Ruchir Tewari, Thushar Gowda, Pankaj Bhagra, Thiru Narayanan, Palani Chinnakannan
  • Patent number: 11006277
    Abstract: A method and apparatus that ensures that an aircraft system network controls access by multiple users (403a, 403b, 403c) of electronic devices (402a, 402b, 402c) equipped with a related hardware device (404a, 404b, 404c), by a combination of authentication, integrity, and encryption, using hardware security such as HSE/HSM or equivalent to establish the credentials for each component that is allowed on the network.
    Type: Grant
    Filed: March 9, 2017
    Date of Patent: May 11, 2021
    Assignee: THOMPSON AEROSPACE, INC.
    Inventors: Mark Steven Thompson, Trevor Coolidge, Curtis Michael Rihn, Lars Elof Rosenblad
  • Patent number: 11002180
    Abstract: The disclosure provides a method and an apparatus for acquiring an electronic file. The method for acquiring an electronic file comprises: sending a first request message for acquiring an electronic file to a platform server, wherein the first request message carries a first identifier of an information providing server providing the electronic file; receiving first prompt information returned from the platform server according to the first request message; determining first verification information for identity authentication according to the first prompt information, and sending the first verification information to the platform server; and receiving the electronic file forwarded by the platform server, wherein the electronic file is from the information providing server, and private information in the electronic file is encrypted through a first encryption key of the information providing server.
    Type: Grant
    Filed: June 8, 2016
    Date of Patent: May 11, 2021
    Assignee: ALIBABA GROUP HOLDING LIMITED
    Inventors: Kepeng Li, Kai Li
  • Patent number: 11005651
    Abstract: A method, terminal and device for establishing security infrastructure, comprising: an intermediate service organization receives an organization secret key sent by a third-party service organization; the intermediate service organization encrypts the organization secret key by a first encryption means and sends the encrypted organization secret key to a security storage region of a terminal; the intermediate service organization receives a first terminal public key encrypted by the terminal using a second encryption means; and the intermediate service organization sends the first terminal public key obtained by decryption to the third-party service organization.
    Type: Grant
    Filed: January 25, 2019
    Date of Patent: May 11, 2021
    Assignee: CHINA UNIONPAY CO., LTD.
    Inventors: Feng Tian, Yisheng Fu, Naigeng Ji
  • Patent number: 11005665
    Abstract: A method includes: a supervisor writes a digital certificate and a corresponding first public key into an intelligent contract of a blockchain corresponding to an asset type to be supervised, so that all institutions with asset accounts under the asset type can obtain the first public key of the supervisor through the digital certificate, so as to generate an additive homomorphic key for homomorphic encryption of the balance of an asset account; when checking the balance of a new account of a transactor, the supervisor obtains a public key in a public-private key pair corresponding to the new account, generates an additive homomorphic key based on a supervision private key corresponding to the supervisor and a predetermined key exchange protocol and the public key in the public-private key pair according to the key exchange protocol, and decrypts the encrypted balance of the new account, using the generated additive homomorphic key.
    Type: Grant
    Filed: June 30, 2017
    Date of Patent: May 11, 2021
    Assignee: One Connect Smart Technology Co., Ltd. (Shenzhen)
    Inventors: Frank Yifan Chen Lu, Pengfei Huan, Yu Zhang, Yuxiang Huang
  • Patent number: 11006346
    Abstract: An X2 service transmission method and a network device are disclosed. The method includes if a first IPsec tunnel is unavailable, detecting, by a first base station, whether a second IPsec tunnel between the first base station and a security gateway is available, where the first IPsec tunnel is an IPsec tunnel established between the first base station and a second base station, and the first base station can transmit X2 service data with the second base station through the second IPsec tunnel; and transmitting the X2 service data through the second IPsec tunnel if the second IPsec tunnel is available.
    Type: Grant
    Filed: May 28, 2019
    Date of Patent: May 11, 2021
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Wan Xue, Changcong Dong, Jianfeng Chen
  • Patent number: 11005812
    Abstract: In an embodiment, a computer implemented method comprises accessing, from a first data repository, identity information associated with one or more protected computing devices; creating mapped identity information by encrypting and mapping the identity information according to a different identity data format that is compatible with the one or more protected computing devices; updating stored blockchain data using the mapped identity information; storing the mapped identity information from the blockchain data in a second data repository; generating decrypted identity information from the mapped identity information stored in the second data repository; and performing one or more authentication services for a client device on behalf of the one or more protected computing devices by using the mapped identity information in the second data repository; wherein the method is performed by one or more computing devices.
    Type: Grant
    Filed: August 15, 2019
    Date of Patent: May 11, 2021
    Assignee: XAGE SECURITY, INC.
    Inventors: Susanto Junaidi Irwan, Kamesh Raghavendra