Intelligent Token Patents (Class 713/172)
  • Patent number: 10681023
    Abstract: Methods and apparatuses for managing access to hosts in a computerized system are disclosed. A request for an authenticator for enabling access to at least one host in the computerized system is communicated from an user to a portal. The portal verifies the right of the user to make the request, and in response to positive verification authorizes the user to make the request and sends the request to an authenticator manager to trigger providing of an authenticator for enabling access to at least one host in accordance with the request. The authenticator manager provides the authenticator for enabling access to the at least one host in accordance with the request. Acceptance of the request by an administration process according a predefined rule is required before said providing of the authenticator.
    Type: Grant
    Filed: June 30, 2014
    Date of Patent: June 9, 2020
    Assignee: SSH Communications Security OYJ
    Inventors: Roman Hernandez, Tomi Salo, Antti Huima, Tatu J. Ylonen
  • Patent number: 10674339
    Abstract: There is provided an information processing device including a processing unit that authenticates a communication target device on a basis of predetermined information transmitted from the communication target device by broadcast in communication in a first communication scheme, the predetermined information being used in a process to be performed in communication in a second communication scheme that is different from the first communication scheme, and establishes the communication with the communication target device in the first communication scheme in a case in which authentication is completed.
    Type: Grant
    Filed: September 13, 2016
    Date of Patent: June 2, 2020
    Assignee: SONY CORPORATION
    Inventors: Masahiro Sueyoshi, Tomohiko Nagayama
  • Patent number: 10667019
    Abstract: Apparatus and methods for managing provision of content to devices in a content delivery network. In one exemplary embodiment, content with a high probability of viewership is sent to consumer premises equipment (CPE) during off-peak periods and stored prior to viewing. An application is utilized to manage decisions related to content provision. The computer program will identify content that is likely to be of interest users associated with respective CPE, and schedule provision of that content in advance of viewing. Then, the system will develop a plan for optimal scheduling of transmission of content to CPEs, often including the use of trickle downloads. The scheduling plan is based collected statistical and historical data on network resource demand to make scheduling decisions. The system allows for the shifting of bandwidth utilization from periods of high demand to those of low demand, and increased performance with regard to user experienced latency.
    Type: Grant
    Filed: December 28, 2018
    Date of Patent: May 26, 2020
    Assignee: TIME WARNER CABLE ENTERPRISES LLC
    Inventors: Howard Pfeffer, Daniel Stoller, Chris Stengrim
  • Patent number: 10645089
    Abstract: An example terminal includes a communication circuitry configured to communicate with a server; and a data processor configured to request the server to include a second user in a relationship group of a first user and to extend, to the relationship group, a range of authorization for an Internet of Things (IoT) apparatus registered as an apparatus of the first user.
    Type: Grant
    Filed: August 20, 2015
    Date of Patent: May 5, 2020
    Assignees: SAMSUNG ELECTRONICS CO., LTD., KOREA ELECTRONICS TECHNOLOGY INSTITUTE
    Inventors: Ji-min Chung, Seung-woo Kum, Young-sun Ryu, Tae-beom Lim
  • Patent number: 10637861
    Abstract: Some embodiments of the present invention include a system and method for validating state change requests and include generating one or more permission tokens based on a user's session identification (ID), each of the permission tokens associated with a record ID of a record, the one or more permission tokens and corresponding associated record IDs communicated to an application associated with the user. The system receives a state change request from the application, the state change request includes a first permission token from the one or more permission tokens and a record ID associated with the first permission token. In response to receiving the state change request, the system generates a second permission token based on the session ID and the record ID included in the state change request. The system then validates the state change request based on the first permission token matching the second permission token.
    Type: Grant
    Filed: September 16, 2016
    Date of Patent: April 28, 2020
    Assignee: salesforce.com, inc.
    Inventor: Vinayendra Turuvekere Nataraja
  • Patent number: 10636025
    Abstract: A method, system, and apparatus for facilitating a payment transaction is disclosed. A server receives an event-setup request from an event organizer to set up an event-based payment session to obtain payments for one or more attendees of a subsequent event. In response to receiving the event set-up request: the server sets up the event-based payment session in accordance with the event-setup request; and provides a payment invitation corresponding to the payment session to each of one or more invitees of the subsequent event in accordance with the event-setup request. The server then receives from at least a first invitee of the one or more invitees, a conditional acceptance to the payment invitation, the acceptance being conditioned on one or more predefined criteria.
    Type: Grant
    Filed: January 11, 2016
    Date of Patent: April 28, 2020
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventor: Yumiao Zhang
  • Patent number: 10621572
    Abstract: Performing a financial transaction via a mobile device and a point-of-sale (POS) system may include utilizing the POS system to generate a digital code, communicating the digital code from the POS system to the mobile device, connecting the mobile device to a wireless network using the digital code as a password, forwarding a mobile identifying code, forwarding a network identifying code, transmitting transaction data associated with information regarding the financial transaction, the digital code, the mobile identifying code, the network identifying code, and account information associated with the POS system from the POS system to a payment system via a first digital network path, and transmitting the digital code, the mobile identifying code, the network identifying code, and account information associated with a user of the mobile device from the mobile device to the payment system via a second digital network path.
    Type: Grant
    Filed: October 1, 2019
    Date of Patent: April 14, 2020
    Assignee: Sqwin SA
    Inventor: Victor Gulchenko
  • Patent number: 10592878
    Abstract: Identification information is received from a transaction card at a transaction machine. The transaction card is associated with an account holder using the transaction machine and includes a transaction card type. Using the identification information, activity profile information is accessed for the account holder. The account holder's transaction machine usage is monitored and activity profile information related to the account holder's transaction machine usage is stored. A custom sequence of user interfaces to be displayed to the account holder is generated based on the transaction card type.
    Type: Grant
    Filed: September 21, 2018
    Date of Patent: March 17, 2020
    Assignee: WELLS FARGO BANK, N.A.
    Inventors: Michael R. Thomas, Elizabeth Schrag, Jimmy C. Wang, Jerome Rhodes
  • Patent number: 10587586
    Abstract: The method provides a multi system trust chain between a client system and a remote system in a secure connection, wherein an intermediary system associated with the network flow path serves as a signing entity to establish an end to end transitive trust. The intermediate system is a corroborative entity in the operations technology (OT) realm of the client system. The remote system serves as the host for a plurality of services in the information technology (IT) realm. A two way handshake during the initial secure exchange protocol between a local client application and a remote service is extended to a three way handshake that includes a nonce issued by the remote service on the remote system and a digital signature for the nonce issued by a signature service on an associated intermediate system. The nonce signature is verified authoritatively at the remote system based on the signing certificate of the intermediate system for explicit proof of association.
    Type: Grant
    Filed: February 10, 2017
    Date of Patent: March 10, 2020
    Assignee: MOCANA CORPORATION
    Inventors: Srinivas Kumar, Gopal Raman, Atul Gupta, Shashank Jaywant Pandhare
  • Patent number: 10547589
    Abstract: One embodiment provides a system that facilitates schematized access control in a content centric network. During operation, the system generates, by a content producing device, a secret key for a user based on a schema, wherein the schema is a regular expression which corresponds to one or more names and allows a user access to content associated with the names, wherein a name is a hierarchically structured variable length identifier that includes contiguous name components ordered from a most general level to a most specific level. The system receives an interest with a name that corresponds to the schema. The system encrypts a payload of a responsive content object based on the interest name. The system transmits the responsive content object with the encrypted payload to the user, which allows the user to decrypt the encrypted payload with the secret key.
    Type: Grant
    Filed: May 9, 2016
    Date of Patent: January 28, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: Christopher A. Wood, Glenn C. Scott
  • Patent number: 10521616
    Abstract: As a PUF device ages, the response characteristics of the device change. Thus, mappings made on the original PUF outputs can drift and become invalid. Re-enrollment or re-mapping of hidden values to PUF response characteristics can resolve the changing nature of the PUF. Unfortunately, an adversary may tamper with the PUF during re-enrollment compromising security of the PUF. Accordingly, techniques of securely and remotely re-enrolling a PUF device are described. During an initial enrollment of the PUF device, multiple sets of enrollment values of the PUF device can be generated. For remote re-enrollment, a first initial set of enrollment values can be used to authenticate the PUF device. Upon authentication using the first initial set, the PUF device can re-enroll the PUF device and account for changes in PUF characteristics. A second set of initial enrollment values can then be used to verify that the PUF device is unaltered.
    Type: Grant
    Filed: November 8, 2017
    Date of Patent: December 31, 2019
    Assignee: Analog Devices, Inc.
    Inventor: John Ross Wallrabenstein
  • Patent number: 10491597
    Abstract: Techniques for enforcing data security in a cleanroom data processing environment are described herein. In one or more embodiments, a virtual private cloud environment stores a first set of data provided by a first user account and a second set of data provided by a second user account, where the first user account is associated with a first set of one or more security credentials and the second user account is associated with a second set of security credentials and where the first user account is prevented from accessing at least the second set of data and the second user account is prevented from accessing at least the first set of data. In response to receiving, from the first user account or the second user account, a request to destroy the virtual private cloud environment, at least the first set of data and the second set of data are deleted.
    Type: Grant
    Filed: January 3, 2019
    Date of Patent: November 26, 2019
    Assignee: Oracle International Corporation
    Inventors: Jeremy Ryszard Plichta, Andrew V. Baird, Roger Siggs, Kevin Scott DiMichel, Robert J. Cuthbertson, David Michael Mitchell
  • Patent number: 10425465
    Abstract: A method of serving an API request includes receiving the API request at a local API proxy deployed at a local deployment environment. The method includes utilizing the local API proxy to service the API request at the local deployment environment, establishing a connection with a remote API management server, and providing to the remote API management server, via the connection, at least metadata about the API request.
    Type: Grant
    Filed: July 29, 2016
    Date of Patent: September 24, 2019
    Assignee: Google LLC
    Inventors: Prabhat Jha, Akhil Arora, Gregory Brail, Martin Nally, Peter Johnson
  • Patent number: 10423610
    Abstract: The invention relates to a method for exchange of information between a computing unit of a first entity and a computing unit of at least one second entity. A computing unit of at least one second entity is detected and information on a token associated to the second entity from the computing unit is requested and received. On the basis of the received information, the token associated to the at least one second entity, is retrieved and a token associated to the first entity is modified at least partly with information of the received token associated to the at least one second entity. Finally, the modified token is utilized at least in the service the computing unit of the first entity belongs to. The invention relates also to a system and a computing unit implementing the method.
    Type: Grant
    Filed: February 24, 2012
    Date of Patent: September 24, 2019
    Assignee: TEKNOLOGIAN TUTKIMUSKESKUS
    Inventors: Ville Ollikainen, Juha-Matti Lehtinen, Antti Tammela, Kristiina Kantola, Raimo Launonen
  • Patent number: 10394944
    Abstract: A system and method of tagging utterances with Named Entity Recognition (“NER”) labels using unmanaged crowds is provided. The system may generate various annotation jobs in which a user, among a crowd, is asked to tag which parts of an utterance, if any, relate to various entities associated with a domain. For a given domain that is associated with a number of entities that exceeds a threshold N value, multiple batches of jobs (each batch having jobs that have a limited number of entities for tagging) may be used to tag a given utterance from that domain. This reduces the cognitive load imposed on a user, and prevents the user from having to tag more than N entities. As such, a domain with a large number of entities may be tagged efficiently by crowd participants without overloading each crowd participant with too many entities to tag.
    Type: Grant
    Filed: August 14, 2017
    Date of Patent: August 27, 2019
    Assignee: VoiceBox Technologies Corporation
    Inventors: Spencer John Rothwell, Daniela Braga, Ahmad Khamis Elshenawy, Stephen Steele Carter
  • Patent number: 10394654
    Abstract: A computer boot apparatus and related method use a primary boot component (PBC) that is fixedly mounted in the computer. The PBC has a firmware element that is a non-volatile memory comprising a boot critical portion with instructions that initiate a boot of the computer. The PBC also has a policy manager and a version identifier. The PBC initializes the computer boot via the boot critical portion. The policy manager verifies and authenticates a secondary boot component that is removably attached to the computer.
    Type: Grant
    Filed: March 31, 2017
    Date of Patent: August 27, 2019
    Assignee: Intel Corporation
    Inventors: Krishna Kumar Ganesan, Karunakara Kotary
  • Patent number: 10389797
    Abstract: A method, system, and medium are provided for sharing items residing on a computing device. Items selected for sharing can be made simultaneously available to users on a local network and to users outside of the local network. A remote sharing service allows access to copies of items based on user identifiers associated. Local attributes associated with items are modified such that the user identifiers are associated with the items for providing access via a local network.
    Type: Grant
    Filed: January 13, 2017
    Date of Patent: August 20, 2019
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Lindsey R. Noll, Steve Seixeiro, Jerry K. Koh, Anshul Rawat, Sunil P. Gottumukkala
  • Patent number: 10373463
    Abstract: A physical wallet separation alert system capable of detecting, alerting, and defining a potentially-dangerous separation between a physical wallet and a mobile communication device is disclosed. In one example, the potentially-dangerous separation involves a user-defined “excessive” separation (e.g. a few meters, ten meters, twenty meters, etc.) between the physical wallet and the mobile communication device that may suggest a potential loss or theft of the physical wallet or the mobile communication device during a real-time tracking of the separated distance by a wallet separation prevention application executed by the mobile communication device. A physical wallet separation alert may be visual, aural, textual, or a combination thereof. The physical wallet separation alert system is capable of simultaneously tracking multiple physical wallets that are registered with the system.
    Type: Grant
    Filed: March 19, 2018
    Date of Patent: August 6, 2019
    Inventor: Romare Herring
  • Patent number: 10367642
    Abstract: A first cryptographic device determines multiple sets of passcodes for possible release in association with a corresponding one of a plurality of epochs, and transmits a message to a second cryptographic device over an auxiliary channel embedded in one or more passcodes released by the first cryptographic device to the second cryptographic device. For example, the first cryptographic device can determine multiple sets of passcodes by precomputing and storing the multiple sets of passcodes, or by generating one or more data sets from which the multiple sets of passcodes can be computed. The first cryptographic device transmits the message over the auxiliary channel by selecting a particular one of the multiple sets of passcodes based on content of the message and releasing a passcode from the selected set. The first cryptographic device may comprise an authentication token and the second cryptographic device may comprise an authentication server.
    Type: Grant
    Filed: December 12, 2012
    Date of Patent: July 30, 2019
    Assignee: EMC IP Holding Company LLC
    Inventor: Ari Juels
  • Patent number: 10362062
    Abstract: System and method to evaluate a plurality of security entities in a network environment is disclosed. Communication between a user computer and a destination computer is monitored by a security appliance. Selective information from the communication is extracted by the security appliance. The selective information is indicative of a value for one or more attributes of the plurality of security entities. A first value indicative of occurrence of each of the values for each of the attributes is generated. A second value indicative of occurrence of each of the values for each of the attributes for each of the security entity is generated. A third value is calculated based on the first value and the second value for each of the attribute value for each of the security entity, wherein the third value is indicative of significance of the value of the attribute for the security entity.
    Type: Grant
    Filed: April 22, 2016
    Date of Patent: July 23, 2019
    Assignee: Awake Security, Inc.
    Inventors: Debabrata Dash, Chunsheng Victor Fang, Gary Golomb
  • Patent number: 10341126
    Abstract: An example method is provided in one example embodiment and may include generating a content token, wherein the content token is generated for a particular content type of a particular application service based on a trust relationship established between the particular application service and a mobile service provider; and embedding the content token in one or more packets of a plurality of packets sent to a user equipment (UE) for one or more Internet Protocol (IP) flows associated with the particular content type, wherein the content token is embedded in an unencrypted portion of each packet that is separate from an encrypted data payload portion of each packet.
    Type: Grant
    Filed: June 15, 2017
    Date of Patent: July 2, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Timothy P. Stammers, Ian McDowell Campbell
  • Patent number: 10341093
    Abstract: The present disclosure discloses a method, an apparatus and a system for device identification. A specific implementation of the method comprises: receiving a device identification request sent from a terminal device, the device identification request comprising a current user identifier of a current user of the terminal device; acquiring a public key in a preset asymmetric key pair to serve as a first public key; sending the first public key and a randomly-generated first random number to the terminal device; receiving device characteristic information sent from the terminal device, the device characteristic information being generated by the terminal device based on the current user identifier, the first public key, the first random number and a device identifier of the terminal device; and identifying the terminal device based on the current user identifier, the first random number and the device characteristic information.
    Type: Grant
    Filed: June 9, 2017
    Date of Patent: July 2, 2019
    Assignee: BAIDU ONLINE NETWORK TECHNOLOGY (BEIJING) CO., LTD.
    Inventors: Yu Ding, Tao Wei, Yulong Zhang
  • Patent number: 10331376
    Abstract: A system and method for first changing the encryption key on a self-encrypting disk drive followed by a complete disk wipe. Either process can be separately performed, and they can be performed in any order. In fact, one embodiment of the invention, resets the symmetric key, wipes the disk a predetermined number of times with different predetermined data patterns, and then resets the key a second time. This assures that there is absolutely no way to recover the original key or to read the original plain text data, even if some of it's encrypted values remain on unallocated tracks after wiping. A user can be assured that in milliseconds after starting the wiping process, the entire disk is rendered unreadable and unrecoverable.
    Type: Grant
    Filed: August 10, 2017
    Date of Patent: June 25, 2019
    Assignee: Whitecanyon Software, Inc.
    Inventors: Donald E. Griffes, Daniel S. Pedigo, Dean V. Nuttall
  • Patent number: 10333707
    Abstract: Systems and methods for authenticating an electronic transaction are described. A request to complete an electronic transaction is initiated using a third party application installed on a computing device. The third party application receives, from a remote server, a temporary URL including a token. A background application installed on the computing device decrypts the token. The computing device displays details of the request provided by a user of the computing device and prompts the user to provide biometric information to verify the request. A biometric hardware device in communication with the computing device receives biometric information and passes it to a hardware abstraction layer of the computing device, which maps the biometric information to generate a key. The background application encrypts the key and sends the encrypted key to the remote server. The computing device receives a verification result for the request, e.g., via the third party application.
    Type: Grant
    Filed: May 23, 2018
    Date of Patent: June 25, 2019
    Assignee: FMR LLC
    Inventors: Kshitij Pathak, Sethu Subramanian Chettiar
  • Patent number: 10325430
    Abstract: A lock stores two keys and can wirelessly communicate with a mobile device. After the mobile device obtains a lock instruction from a user, the lock generates a dynamic variable, encrypts it with a first key, and produces a first encrypted message including the encrypted dynamic variable. The first encrypted message is transmitted to the mobile device, which forwards it to a server. The server decrypts the first encrypted message with the first key, retrieves the dynamic variable, and encrypts the dynamic variable with a second key. The server produces a second encrypted message with the encrypted dynamic variable and sends the same to the mobile device, which forwards it to the lock. The lock decrypts the second encrypted message with the second key and determines that the decrypted dynamic variable is the same as was produced by the lock earlier. Based on the determination, the lock locks/unlocks a door.
    Type: Grant
    Filed: November 4, 2016
    Date of Patent: June 18, 2019
    Inventor: Gilbert Eid
  • Patent number: 10318887
    Abstract: In one embodiment, a device in a network identifies a plurality of applications from observed traffic in the network. The device forms two or more application clusters from the plurality of applications. Each of the application clusters includes one or more of the applications, and wherein a particular application in the plurality of applications is included in each of the application clusters. The device generates anomaly detection models for each of the application clusters. The device tests the anomaly detection models, to determine a measure of efficacy for each of the models with respect to traffic associated with the particular application. The device selects a particular anomaly detection model to analyze the traffic associated with the particular application based on the measures of efficacy for each of the models.
    Type: Grant
    Filed: June 21, 2016
    Date of Patent: June 11, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Jean-Philippe Vasseur, Pierre-André Savalle, Alexandre Honoré
  • Patent number: 10313134
    Abstract: A system and method for a distributed security model that may be used to achieve one or more of the following: authenticate system components; securely transport messages between system components; establish a secure communications channel over a constrained link; authenticate message content; authorize actions; and distribute authorizations and configuration data amongst users' system components in a device-as-a-key system.
    Type: Grant
    Filed: October 27, 2017
    Date of Patent: June 4, 2019
    Assignee: DENSO CORPORATION
    Inventors: Eric John Smith, Raymond Michael Stitt, David Stuckless Meyer, Brian Ensink
  • Patent number: 10296735
    Abstract: A removable card-enabled BPID Security Device integrates a removable card reader with a biometric authentication component to provide secured access to electronic systems. The device allows for an individual to insert a removable card into an aperture in the physical enclosure of the BPID Security Device, allowing the removable card and the BPID Security Device to electronically communicate with each other. The BPID Security Device is based on a custom application specific integrated circuit that incorporates removable card terminals, such that the BPID Security Device can communicate directly with an inserted removable card. In an alternative embodiment of the invention, the BPID Security Device is based on a commercial off-the-shelf microprocessor, and may communicate with a commercial off-the-shelf microprocessor removable card receiver using a serial, USB, or other type of communication protocol.
    Type: Grant
    Filed: August 14, 2017
    Date of Patent: May 21, 2019
    Assignee: 1PerfectID, Inc.
    Inventors: Charles Cannon, Thomas Reigle
  • Patent number: 10250584
    Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.
    Type: Grant
    Filed: October 15, 2015
    Date of Patent: April 2, 2019
    Assignee: Zuora, Inc.
    Inventors: Oleg Mikheev, Joshy Austin, Pushkala Pattabhiraman, Levon Stepanian, Pritesh Parekh
  • Patent number: 10237072
    Abstract: A data-carrying device and methods of authenticating the same are disclosed. The data-carrying device is described as being capable of communicating via the Near Field Communications (NFC) protocol and may have one or more NFC Data Exchange Format (NDEF) records stored in its memory. The data-carrying device also comprises or has the ability to generate a signature that proves the data-carrying device is the authorized device for storing the one or more NDEF records. A data-carrying device that attempts to transmit an NDEF record without a valid signature may be identified as an unauthorized data-carrying device.
    Type: Grant
    Filed: July 1, 2013
    Date of Patent: March 19, 2019
    Assignee: ASSA ABLOY AB
    Inventors: Philip Hoyer, Mark Robinton
  • Patent number: 10204235
    Abstract: Applications are stored on removable storage of a mobile device in an encrypted form to provide isolation and piracy protection. In one implementation, each application is encrypted using its own associated encryption key that is generated based on an identifier of the application and a master key that is associated with a trusted platform module of the mobile device. In another implementation, each application is encrypted using two associated encryption keys. One key is used to encrypt binary data associated with the application such as source code, and the other key is used to encrypt application data such as graphics and configuration files. The encryption keys are each generated using the identifier of the application, the master key, and identifiers of the folders where the corresponding data types are stored on the mobile device. The removable storage includes SD cards formatted using the FAT or exFAT file systems.
    Type: Grant
    Filed: June 28, 2016
    Date of Patent: February 12, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: David Callaghan, Ravisankar Pudipeddi, Geir Olsen, Sachin Patel, JianMing Zhou, Dylan D'Silva
  • Patent number: 10187421
    Abstract: A self-updating system for defending against a cyberattack requests connected devices to solve a problem that is created in a random manner. The problems are created in a manner such that the system can determine whether the client device is being used as part of a cyberattack based on how the client device responds to the problems.
    Type: Grant
    Filed: June 30, 2016
    Date of Patent: January 22, 2019
    Assignee: PAYPAL, INC.
    Inventors: Kishore Jaladi, Jeffrey Alan Edelen, Sundar Amalan Vincent, Lakshmikanth Raghavan, Santhosh Jagadeesan, Hari Hara Balan Shanmugasundaram, Abhishek Chhibber, Darshan Desai, Oliver J. Reyes
  • Patent number: 10182126
    Abstract: Multilevel redirection can be performed in a VDI environment. When a user establishes a second remote session within a first remote session, various redirection techniques can be configured to span both remote sessions so that redirection will be available within the second remote session in the same manner that redirection was available in the first remote session. Therefore, from the user perspective, redirection will occur regardless of whether the user has established a single tier remote session or multitier remote session.
    Type: Grant
    Filed: May 2, 2016
    Date of Patent: January 15, 2019
    Assignee: Dell Products L.P.
    Inventors: Jenin Johnsimon, Anil Maryala, Shinoj Sebastian, Sanmati Tukol, Mohammed Sarfraz
  • Patent number: 10171885
    Abstract: Apparatus and methods for managing provision of content to devices in a content delivery network. In one exemplary embodiment, content with a high probability of viewership is sent to consumer premises equipment (CPE) during off-peak periods and stored prior to viewing. An application is utilized to manage decisions related to content provision. The computer program will identify content that is likely to be of interest users associated with respective CPE, and schedule provision of that content in advance of viewing. Then, the system will develop a plan for optimal scheduling of transmission of content to CPEs, often including the use of trickle downloads. The scheduling plan is based collected statistical and historical data on network resource demand to make scheduling decisions. The system allows for the shifting of bandwidth utilization from periods of high demand to those of low demand, and increased performance with regard to user experienced latency.
    Type: Grant
    Filed: March 9, 2015
    Date of Patent: January 1, 2019
    Assignee: Time Warner Cable Enterprises LLC
    Inventors: Howard Pfeffer, Daniel Stoller, Chris Stengrim
  • Patent number: 10158621
    Abstract: Embodiments of the present application relate to a method, apparatus, and system for providing a security check. The method includes receiving a security verification request sent from a terminal, obtaining first verification element information based at least in part on the security verification request, generating a digital object unique identifier based at least in part on the first verification element information, sending the digital object unique identifier to the terminal, receiving second verification element information from the terminal, and in the event that the first verification element information and the second verification element information are consistent, sending security check pass information to the terminal.
    Type: Grant
    Filed: August 2, 2017
    Date of Patent: December 18, 2018
    Assignee: Alibaba Group Holding Limited
    Inventor: Jinggang Feng
  • Patent number: 10127405
    Abstract: Techniques for maintaining an anti-replay counter (ARC) for providing data protection in an integrated circuit are provided. A method according to these techniques includes determining a static baseline value based on an ARC value stored in a programmable read-only memory of the integrated circuit, determining the ARC value based on the static baseline value and a transient component, and storing the ARC value in a volatile memory of the integrated circuit.
    Type: Grant
    Filed: June 13, 2016
    Date of Patent: November 13, 2018
    Assignee: QUALCOMM Incorporated
    Inventors: Vincent Pierre Le Roy, Olivier Jean Benoit
  • Patent number: 10117095
    Abstract: Determination of a quantified identity using a multi-dimensional, probabilistic identity profiles is contemplated. The quantified identity may be used to authenticate a user entity provided to a point-of-sale device or other interface associated with identity requester in order to verify the corresponding users as who they say they are. The user identity may be determined initially as a function of user inputs made to the identity requester and/or as a function of wireless signaling exchange with devices associated with the user.
    Type: Grant
    Filed: December 5, 2016
    Date of Patent: October 30, 2018
    Assignee: Cable Television Laboratories, Inc.
    Inventors: Sumanth Channabasappa, Oscar G. Marcia
  • Patent number: 10109125
    Abstract: When attending an event at a venue, the attendee typically presents ticket information that is scanned by a venue scanner. The process associated with scanning can be dispensed with, which can improve attendee experiences, reduce costs associated with managing a venue, as well as other advantages. For example, instead of scanning a ticket at a point of ingress to the venue, a device of the user can self-scan the ticket, and then present indicia that indicates this process has occurred. The indicia can be presented to a guest services representative, who can verify that a valid ticket was redeemed by merely observing the indicia and without scanning.
    Type: Grant
    Filed: February 16, 2017
    Date of Patent: October 23, 2018
    Assignee: Flash Seats, LLC
    Inventors: Samuel Gerace, Michael Rojas, Matthew Servant
  • Patent number: 10110496
    Abstract: A device may receive or generate a message for routing to a destination on a communication channel. The communication channel may have been established between a source and the destination. The device may perform a first determination of policy information related to at least one of the message, the destination, or the source of the message. The policy information may describe an action for a network device to perform. The device may associate a policy token with the message. The policy token may describe or identify the policy information. The device may provide the message with the associated policy token to the network device on the communication channel to cause the network device to perform a second determination of the policy information based on the policy token, to perform the action described by the policy information, and to provide the message on the communication channel.
    Type: Grant
    Filed: March 31, 2015
    Date of Patent: October 23, 2018
    Assignee: Juniper Networks, Inc.
    Inventors: Jacob Asher Langton, Kyle Adams, Daniel J. Quinlan, Declan Conlon
  • Patent number: 10097553
    Abstract: A method for installation of a secure-element-related service application in a secure element of a user equipment (UE) associated with a subscriber of a telecommunications network includes: transmitting an initial request, transmitting a request to install, receiving token information, transmitting the token information, transmitting an access and/or installation request together with the token information, and establishing a communication link. The secure-element-related service application, when installed within the secure element, is configured to allow the first server entity, together with a UE-related application installed on the user equipment, to provide a service to the subscriber of the telecommunications network.
    Type: Grant
    Filed: June 7, 2016
    Date of Patent: October 9, 2018
    Assignee: DEUTSCHE TELEKOM AG
    Inventors: Frank Borgards, Michael Dupre
  • Patent number: 10091395
    Abstract: An image forming apparatus includes a first authenticator, a second authenticator, and an apparatus authenticator. The first authenticator is configured to perform first authentication. The second authenticator is configured to perform second authentication. The apparatus authenticator is configured to permit a user who has been authenticated in both the first authentication and the second authentication to use the image forming apparatus, and cancel the permission of use of the image forming apparatus for the user when the authentication of the user is canceled in at least one of the first authentication and the second authentication.
    Type: Grant
    Filed: December 5, 2016
    Date of Patent: October 2, 2018
    Assignee: RICOH COMPANY, LTD.
    Inventor: Yoshimitsu Ogura
  • Patent number: 10079686
    Abstract: The invention relates to an obfuscated program logic of machine executable instructions and a hardcoded cryptographic signing key. The obfuscated program logic further comprising a hardcoded first attribute value wherein execution of the machine executable instructions by the processor causes the obfuscated program logic to receive a request and in response to receiving the request evaluate whether the request is related to the hardcoded first attribute value. In case the request is related to the hardcoded first attribute value, then computing with the hardcoded first attribute value a response to the request and computing with the cryptographic signing key a signature, wherein the signature certifies the request for which the response was computed and certifies the authenticity of the response. Then generating and returning a presentation token comprising the response and the signature, and providing the presentation token to a receiver computer system.
    Type: Grant
    Filed: July 29, 2015
    Date of Patent: September 18, 2018
    Assignee: International Business Machines Corporation
    Inventors: Jan L. Camenisch, Robert R. Enderlein, Anja Lehmann, Gregory Neven
  • Patent number: 10069821
    Abstract: An operating method for a one-time password with an updatable seed. The method comprises: a one-time password entering a dormancy mode after being powered on and initialized; being woken up when an interrupt is detected; entering an interrupt processing flow; setting a wakeup flag; entering a key processing flow when a key wakeup flag is set; judging a system state and a key manner; and completing the functions of programming seed data and generating a password according to a judgment result. According to the present invention, on the premise of guaranteeing the security, a user is permitted to program and update seed data in a one-time password, thereby facilitating the use of the user.
    Type: Grant
    Filed: February 17, 2015
    Date of Patent: September 4, 2018
    Assignees: Feitian Technologies Co., Ltd., Hypersecu Information Systems, Inc.
    Inventors: Zhou Lu, Huazhang Yu, Mingji Li
  • Patent number: 10055607
    Abstract: A system for protecting data managed in a cloud-computing network from malicious data operations includes an Internet-connected server and software executing on the server from a non-transitory physical medium, the software providing a first function for generating one or more security tokens that validate one or more computing operations to be performed on the data, a second function for generating a hash for each token generated, the hash detailing, in a secure fashion, the operation type or types permitted by the one or more tokens, a third function for brokering two-party signature of the one or more tokens, and a fourth function for dynamically activating the one or more signed tokens for a specific time window required to perform the operations permitted by the token.
    Type: Grant
    Filed: July 18, 2017
    Date of Patent: August 21, 2018
    Assignee: Amrita Vistiwa Vidyapeetham
    Inventors: Shiju Sathyadevan, P. Venkat Rangan, Krishnashree Achuthan
  • Patent number: 10043176
    Abstract: A method for performing a digital transaction via a mobile device using a POS system that is connected to a wireless local area network comprising the steps: generation of a unique one-time digital code by the POS system (or by the mobile device of the customer) that is used for initiating the transaction; automatic enabling of network access to the wireless local area network after production of the unique one-time digital code, wherein access to the wireless network is permitted by the digital code; connection of the mobile device to the local area network using the digital code and provision of information from the device to the POS system, after the information has been obtained by the POS system from the mobile device, the POS system provides clearance for the transaction.
    Type: Grant
    Filed: December 4, 2013
    Date of Patent: August 7, 2018
    Assignee: SQWIN SA
    Inventor: Victor Gulchenko
  • Patent number: 10044837
    Abstract: A method for generating and distributing serialized tokens is provided. The method may include receiving a request from at least one client. The method may further include determining whether the received at least one request is a request for generating names and definitions for a group of serialized tokens, deleting a names and definitions, and/or receiving a group of serialized tokens. Additionally, the method may include enabling the at least one client to generate names and definitions for a group of serialized tokens. The method may also include storing the names and definitions on a server. The method may also include deleting the names and definitions from the server. The method may also include formatting and distributing serialized tokens based on the names and definitions for the serialized tokens. The method may further include sending a response to the client based on the received request.
    Type: Grant
    Filed: July 21, 2017
    Date of Patent: August 7, 2018
    Assignee: International Business Machines Corporation
    Inventors: Bret W. Dixon, Benjamin T. Horwood
  • Patent number: 10028146
    Abstract: A universal access method performed by a mobile device includes receiving a signal from a security access point that requests authentication information from the mobile device through near field communication (NFC), selecting one of first authentication information and second authentication information corresponding to the security access point, and transferring the selected authentication information to the security access point through NFC.
    Type: Grant
    Filed: August 21, 2017
    Date of Patent: July 17, 2018
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Jae-woo Ko, Tae-hwan Wi, Hee-won Jung, Hyun-young Kim, Bo-seok Moon
  • Patent number: 9996689
    Abstract: A secure element, for example an improved SIM card or the like, for a telecommunications terminal, such as a mobile telephone. The secure element may implement a trusted services management application, for example, by executing the trusted services management application on a secure processor. The trusted services management application may manage at least one trusted application to be run by the telecommunications terminal, where trusted applications are used for functions requiring a high level of security such as payment, the supply of “premium” content, which may be certified or guaranteed, or guaranteeing the integrity of the terminal.
    Type: Grant
    Filed: April 16, 2014
    Date of Patent: June 12, 2018
    Assignee: IDEMIA FRANCE
    Inventors: Marc Bertin, Nicolas Bousquet
  • Patent number: 9984411
    Abstract: Identification information for a first account holder at a financial institution is received. The first account holder is authenticated based on the identification information. A second account holder at the financial institution is identified as being known to the first account holder. Inputs are received from the first account holder to configure a message to be displayed to the second account holder. The message is displayed to the second account holder from the first account holder.
    Type: Grant
    Filed: March 21, 2016
    Date of Patent: May 29, 2018
    Assignee: WELLS FARGO BANK, N.A.
    Inventors: Jonathan Velline, Darren Goetz, Xuan Nguyen, Nahal Agahi
  • Patent number: 9942255
    Abstract: A hosted service monitoring system detects abuse of a hosted service by monitoring user actions over a period of time. The system will identify an entity, which is a subset of the user actions that share one or more features in common. The system will also identify feature statistics to measure how often the features are associated with the user actions in the entity. The system will project the feature statistics to a vector and use the vector to generate an anomaly score for the entity. The system will determine that the entity is associated with an automated initiator if it generates an anomaly score that exceeds a threshold. Upon determining that the entity that is associated with an automated initiator, the system will cause the hosted service to take an action that will block the automated initiator from accessing the hosted service.
    Type: Grant
    Filed: December 30, 2016
    Date of Patent: April 10, 2018
    Assignee: GOOGLE LLC
    Inventors: Liam MacDermed, Elie Bursztein, Sean Gilpin, Pierre Grinspan, Xiaofeng Liu, Devasia Manuel