Intelligent Token Patents (Class 713/172)
  • Patent number: 11509643
    Abstract: Aspects of the disclosure provide various methods relating to enclaves. For instance, a method of authentication for an enclave entity with a second entity may include receiving, by one or more processors of a host computing device of the enclave entity, a request and an assertion of identity for the second entity, the assertion including identity information for the second identity; using an assertion verifier of the enclave entity to determine whether the assertion is valid; when the assertion is valid, extracting the identity information; authenticating the second entity using an access control list for the enclave entity to determine whether the identity information meets expectations of the access control list; when the identity information meets the expectations of the access control list, completing the request.
    Type: Grant
    Filed: July 18, 2018
    Date of Patent: November 22, 2022
    Assignee: Google LLC
    Inventors: Anna Sapek, Uday Savagaonkar, Jeffrey Thomas Andersen, Thomas Michael Roeder
  • Patent number: 11503462
    Abstract: Disclosed are an electronic device and a method of performing digital key provisioning of an electronic device. The electronic device according to an embodiment includes a communication unit, a memory that stores programs and data for performing digital key provisioning, and a processor configured to, by executing the programs stored in the memory, perform device authentication on a target device by performing short-range communication with the target device, identify a digital key service access right of the target device through a server by obtaining user information, and control generation and storing of a digital key in response to a digital key generation request from the target device.
    Type: Grant
    Filed: February 28, 2019
    Date of Patent: November 15, 2022
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Inyoung Shin, Sooyeon Jung, Jonghyo Lee
  • Patent number: 11503022
    Abstract: A method for providing improved personalized security mechanisms for transferring electronic data is disclosed. In an embodiment, the method comprises generating, at a client computer, a user key pair, wherein the user key pair comprises a user private key and a user public key; transmitting the user public key from the client computer to a server computer; receiving, at the client computer, from the server computer, a user account public key; generating a virtual memory stick (“VMS”) file and including, in the VMS file, one or more keys and one or more passphrases; encrypting the VMS file with a protection passphrase to generate an encrypted VMS file; and transmitting the encrypted VMS file to the server computer.
    Type: Grant
    Filed: June 24, 2020
    Date of Patent: November 15, 2022
    Assignee: Verum Securitas, Inc.
    Inventors: Kris Durski, Gustav Metkowski
  • Patent number: 11496900
    Abstract: An electronic device is provided. The electronic device includes at least one wireless communication circuit, a processor operatively connected with the at least one wireless communication circuit, and a memory operatively connected to the processor, wherein the memory stores instructions that, when executed, cause the processor to detect an event related to transmission of identification information through the at least one wireless communication circuit, in response to the detection of the event, perform a first authentication procedure for obtaining access right to the identification information, relay a second authentication procedure between an external electronic device and a server through the at least one wireless communication circuit, and receive the identification information that is stored in the external electronic device from the server through the at least one wireless communication circuit.
    Type: Grant
    Filed: February 26, 2020
    Date of Patent: November 8, 2022
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Eunyoung Kwon, Gawon Lee, Dasom Lee, Taeckki Lee, Daehaeng Cho
  • Patent number: 11494479
    Abstract: Various embodiments set forth techniques for managing access to a resource at a device. In one aspect, a method includes receiving a request by an application to access a resource, determining that an application permission associated with the application and the resource grants the application access to the resource, where the application permission includes a signature of a permission review entity associated with the resource, and granting the request to access the resource based on the application permission. The permission review entity associated with the resource may be authorized through device permissions specified by an implementer or provider of the device.
    Type: Grant
    Filed: August 22, 2019
    Date of Patent: November 8, 2022
    Assignee: Harman International Industries, Incorporated
    Inventors: Eugine Thomas Varghese, Sreejit Gopinath
  • Patent number: 11487716
    Abstract: Various techniques are disclosed herein for storing and managing master data in hierarchical data systems. Several related concepts, embodiments, and examples are disclosed, including techniques for incremental rationalization in a hierarchical data model, techniques for implementing governance pools in a hierarchical data model, techniques for application materialization in a hierarchical data model, techniques for data intersection mastering in a hierarchical data model, techniques for change request visualization in a hierarchical data model, and techniques for hierarchy preparation in a hierarchical data model.
    Type: Grant
    Filed: July 12, 2017
    Date of Patent: November 1, 2022
    Assignee: Oracle International Corporation
    Inventors: Byron Kevin McKenzie, Jeffrey Leon Woodard, Douglas R. Cosby, Charles Randall Wilson
  • Patent number: 11475447
    Abstract: Provided are systems and methods for conducting secure remote transactions between mobile devices and merchants.
    Type: Grant
    Filed: March 7, 2016
    Date of Patent: October 18, 2022
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Jonathan J. Main, Igor Fabyshev, Chintan Oza, Alan Wang
  • Patent number: 11477192
    Abstract: A method for providing improved personalized security mechanisms for transferring electronic data is disclosed. In an embodiment, the method comprises generating, at a client computer, a user key pair, wherein the user key pair comprises a user private key and a user public key; transmitting the user public key from the client computer to a server computer; receiving, at the client computer, from the server computer, a user account public key; generating a virtual memory stick (“VMS”) file and including, in the VMS file, one or more keys and one or more passphrases; encrypting the VMS file with a protection passphrase to generate an encrypted VMS file; and transmitting the encrypted VMS file to the server computer.
    Type: Grant
    Filed: June 24, 2020
    Date of Patent: October 18, 2022
    Assignee: VERM SECURITAS, INC.
    Inventors: Kris Durski, Gustav Metkowski
  • Patent number: 11470059
    Abstract: A system includes an intelligent electronic device (IED) of an electric power distribution system and a key device. The key device is configured to perform operations that include receiving a request from the TED for communication with an additional component of the electrical power distribution system, establishing a Media Access Control security key agreement (MKA) connectivity association with the TED in response to receipt of the request, generating a security association key (SAK) in response to receipt of the request, and distributing the SAK to the IED via the MKA connectivity association to enable the TED to use the SAK to communicate via a Media Access Control security (MACsec) communication link that is isolated from the key device.
    Type: Grant
    Filed: October 14, 2020
    Date of Patent: October 11, 2022
    Assignee: Schweitzer Engineering Laboratories, Inc.
    Inventor: Colin Gordon
  • Patent number: 11463442
    Abstract: Traditional information sharing will delete a file in order for stop sharing the file, and after shared a message, the message cannot be stopped for sharing. This invention discloses method and system for user posting (sharing) or un-posting (stop sharing) files, folders, and messages by deploying dynamic workspace technology. The stop sharing file or folder will not delete actual file or folder, so that the file or folder can be shared again to other users without requiring to recreate the file or folder. The un-post message operation facilitates a user to delete or withdraw his/her previously posted message from user interface (UI) of a recipient such that the user can avoid embarrassing if the message is not proper. Specially, a sharing control list is provided to user to control stop sharing files, otherwise, the user may do not remember how many files being shared with how many recipients.
    Type: Grant
    Filed: August 23, 2021
    Date of Patent: October 4, 2022
    Assignee: STT WebOS, Inc.
    Inventor: Sheng Tai (Ted) Tsao
  • Patent number: 11463596
    Abstract: According to various embodiments of the present disclosure, it is possible to present on a home screen or an application screen such a display that an appropriate favorite setting for each of the home screen and the application screen is applied to the respective home screen or the respective application screen according to read card information.
    Type: Grant
    Filed: March 24, 2021
    Date of Patent: October 4, 2022
    Assignee: Canon Kabushiki Kaisha
    Inventor: Takafumi Mizuno
  • Patent number: 11457364
    Abstract: The present disclosure includes a system for re-establishing a Bluetooth Low Energy (BLE) pairing PIN key to repair a secure connection between a mobile device and vehicle. The system may detect an error state, and provide a prompt to the user to determine if they wanted to intentionally remove their account. Responsive to an affirmative response from the user that the removal of the connection credentials was intentional, the system may send a revoke request to a server associated with the vehicle. Responsive to a user input that indicates that the removal of the credentials was unintentional, the vehicle may fetch an encrypted PIN seed of the BLE pairing PIN from memory or request the PIN seed from the server. The PIN seed re-establishes the secured pairing of the mobile device and the vehicle infotainment system without undergoing a new device setup procedure.
    Type: Grant
    Filed: July 2, 2020
    Date of Patent: September 27, 2022
    Assignee: Ford Global Technologies, LLC
    Inventors: Timothy Thivierge, Jr., Tom Nelson, Ali Hassani
  • Patent number: 11449593
    Abstract: Tracking, identifying and article management systems and methods for reliably and repeatedly determining one or more physically uncopiable attribute instances (of the same or varying types) from or inherent in an article of manufacture, using the selected physical uncopiable attribute(s) to produce an unforgeable identity for the article, and then integrating that unforgeable identity into computer-based tracking systems in a way that permits the tracking system to track and monitor articles for which identity information is known. Applications include documents, fashion accessories, artwork, and other objects.
    Type: Grant
    Filed: March 17, 2020
    Date of Patent: September 20, 2022
    Assignee: Siebels Asset Management Research Ltd.
    Inventors: Jane Marie Siebels, Jeffrey Guy Bonar, Karl Ginter, John Langley Rehwinkel, Derek S. Toledo-Silbert
  • Patent number: 11449858
    Abstract: A method in a system comprising at least one portable data carrier, an authentication server and at least one reading device of at least one service provider which is couplable to the authentication server. The data carrier is adapted to communicate contactlessly with the reading device and comprises a security marking which can be read contactlessly by the reading device and on the basis of which the data carrier can be authenticated by the authentication server. The method comprises the step of equipping the data carrier with a data-carrier management marking that encodes a piece of data-carrier management information and readable contactlessly by a portable terminal. The method includes contactlessly reading out the data-carrier management marking by a portable terminal, transferring the data-carrier management information encoded in the data-carrier management marking to the authentication server, and managing the data carrier in the system employing the data-carrier management information.
    Type: Grant
    Filed: August 22, 2016
    Date of Patent: September 20, 2022
    Assignee: GIESECKE+DEVRIENT MOBILE SECURITY GMBH
    Inventors: Klaus Finkenzeller, Stephan Rasch, Dirk Riesenbeck, Hans-Jürgen Roth
  • Patent number: 11443314
    Abstract: Embodiments of the invention provide systems and methods to unlock an account associated with a user for a limited period of time to enable the user conduct a transaction using funds from that account. In one embodiment of the invention, the user may select options relating to the transaction using a payment menu provided at a mobile communications device associated with the user. A notification message is received at the mobile communications device informing the user that the account is unlocked for a certain period of time and for a certain amount. After the transaction is complete, the user is notified and the account is locked again.
    Type: Grant
    Filed: October 25, 2019
    Date of Patent: September 13, 2022
    Assignee: Visa International Service Association
    Inventors: Stacy Pourfallah, Jessica Yang, Shilpak Mahadkar
  • Patent number: 11436595
    Abstract: A method of issuing an electronic voucher by an issuer is provided. The method includes steps of: (a) creating and registering a transaction including a voucher data, a public key and a signature value of the issuer, with a private blockchain database, providing the issuer with a PrivTxid locating the transaction in the private blockchain database, and updating and registering value information including a balance of the voucher data with a BDB; and (b) acquiring and registering a representative hash value calculated using a specific hash value, which is a hash value of the voucher data, the public key, and the signature value, and its corresponding hash values which include a hash value of a delta_n including all balances of all vouchers, identifiable by all PrivTxids locating their transactions, with a public blockchain database, and acquiring a Txid locating the representative hash value in the public blockchain database.
    Type: Grant
    Filed: October 11, 2017
    Date of Patent: September 6, 2022
    Assignee: Coinplug, Inc.
    Inventors: Joo Han Song, Jay Wu Hong, Joon Sun Uhr
  • Patent number: 11431704
    Abstract: The invention proposes a method of authentication of an electronic identity device (1) presented by an individual, the method being characterized in that it comprises the implementation of steps of: (b) Reception by data processing means (21) of a server (2) of an acquired image of said electronic identity device (1), the image representing at least one personal visual element of the individual and a dynamic verification code that are visible on said electronic identity device (1), said dynamic verification code containing at least one item of reference information representative of an expected appearance of said visual element; (c) Extraction, by analysis of said acquired image by the data processing means (21) of the server (2), of: an item of candidate information representative of the appearance of said visual element as represented in the acquired image; the reference information representative of the expected appearance of said visual element contained in said dynamic verification code as represente
    Type: Grant
    Filed: December 23, 2019
    Date of Patent: August 30, 2022
    Assignee: IDEMIA IDENTITY & SECURITY FRANCE
    Inventors: Laurent Mercier, Olivier Heurtier, Laurent Boni, Laurent Kerautret
  • Patent number: 11424929
    Abstract: A device that includes a biometric device that is configured to capture a biometric signal for a user. The biometric signal is a signal that is linked to the user based on the physical characteristics of the user. The device further includes a memory operable to store a plurality of biometric signals. The device further includes a processor configured to obtain a user password from a user and obtain a first biometric signal for the user. The processor is further configured to identify a stored biometric signal from among the plurality of biometric signals in the memory that closest matches the first biometric signal. The processor is further configured to generate an authentication token by encrypting the user password with the stored biometric signal and to send the authentication token to an authentication device.
    Type: Grant
    Filed: January 7, 2021
    Date of Patent: August 23, 2022
    Assignee: Bank of America Corporation
    Inventor: Jo-Ann Taylor
  • Patent number: 11425143
    Abstract: A system includes an authorization token with a memory configured to store user attributes including a record of previous usage of the data store by the user, pre-authorization data for the user, and an access signature for accessing contents of a data store. The authorization token receives an authorization request. Session attributes are collected associated with a file path used by the user to request access to a file. A consistency measure is determined associated with whether the file path used by the user to request access to the file is consistent with a previous file path stored in a record of previous usage of the data store by the user. In response to determining that the consistency measure is greater than a threshold value, the access signature is provided to the data store, thereby granting the user access to the file.
    Type: Grant
    Filed: January 23, 2020
    Date of Patent: August 23, 2022
    Assignee: Bank of America Corporation
    Inventors: Manu J. Kurian, Sasidhar Purushothaman
  • Patent number: 11410173
    Abstract: The present disclosure provides systems, methods, and products for providing a tokenization service and a complementary API. The tokenization service may provide format-preserving tokens. The tokenization service may associate different tokens generated by different users from the same data, so that users can retrieve and use associated tokens for collaboration and access to each other's data, information, etc. The tokenization service may restrict the creation of an association between, and access to, users' tokens based on a requirement for a relationships between users according to a social graph model.
    Type: Grant
    Filed: May 7, 2013
    Date of Patent: August 9, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Thomas Charles Stickle, Ryan Holland
  • Patent number: 11392933
    Abstract: Various embodiments are generally directed to authenticating a user for non-payment purposes utilizing a payment protocol, a computer device and a contactless card. The payment protocol may be consistent with an EMV standard. An application may determine that authorization or verification of a user may be required to access non-payment features of another application associated with the user and the computer device. The application may then receive and/or facilitate transmission of encrypted data from a communications interface of a contactless card associated with an account and utilizing either an offline or online technique to do so. The offline or online technique may involve one or more operations that can verify the identity of the user and/or otherwise authorize the user to have access to various aspects of the other application.
    Type: Grant
    Filed: July 3, 2019
    Date of Patent: July 19, 2022
    Assignee: Capital One Services, LLC
    Inventors: Lara Mossler, Evan Lerner, Aravindhan Manivannan
  • Patent number: 11388595
    Abstract: An access control system and methods according to at least one embodiment leverage wireless access credentials to allow a user to securely gain access to a secured area using his or her mobile device. As such, a credentialed mobile device may permit access to the secured area without requiring a real-time connection to a credential management system and/or an administrative system.
    Type: Grant
    Filed: September 23, 2019
    Date of Patent: July 12, 2022
    Assignee: Schlage Lock Company LLC
    Inventors: Jonathan R. Everson, Gregory Ross, Seth Kaufman, Dakoda Johnson, Christopher Bauer, John Luif, John Evenson, Lakshmi Santhanakrishnan, Mark Duckworth, Keith R. Broerman, Joseph W. Baumgarte, Matthew Dexter, Benjamin J. Hopkins, David Studt
  • Patent number: 11372658
    Abstract: Techniques are described for extending virtual desktops across different devices. The virtual desktop client sets up a web server on a primary device. A QR code encoded with information identifying the web server is displayed on the primary device and is scanned by a secondary device. A web browser is launched on the secondary device and the web browser connects to the web server on the primary device. The virtual desktop is reconfigured to produce its GUI on two monitors, one for the primary device and one for the secondary device. The GUI data for the second monitor is streamed by the virtual desktop client to the secondary device over the HTTPS connection, to be displayed on the secondary device. GUI data for the first monitor is displayed on the primary device. Inputs are streamed from the secondary device to the primary device and are forwarded to the virtual desktop.
    Type: Grant
    Filed: January 24, 2018
    Date of Patent: June 28, 2022
    Assignee: VMware, Inc.
    Inventors: Dong Wang, Haiou Jiang, Yunfei San, Peng Guo, Kun Shi
  • Patent number: 11375004
    Abstract: A high-level functionality generates a Data Model which is used to automatically generate Applications comprising Application Clients, Application Servers, Client-Server Protocols, Dashboards and other components. These Applications are derived for different mobile and non-mobile's Operating Systems. This functionality uses Services, Service Representation, Application Flow, Rules, and Presentation Attributes. The input for the automation is a very high-level, “service” level “language,” from which all parts are automatically generated. The output of the automation also includes a way to validate the correctness of the generated Applications. The generated Dashboard provide a Business Entity with functionality to continuously update the generated Data Model based on the Services and Business Entity data, and from the updated Data Model automatically generate updated versions of the Application.
    Type: Grant
    Filed: April 30, 2019
    Date of Patent: June 28, 2022
    Assignee: Gadget Software, Inc.
    Inventors: Fabio M. Chiussi, Parameshwar Hegde
  • Patent number: 11372958
    Abstract: Embodiments described herein disclose technology for authenticating a user. In some embodiments, a smart card or other similar authentication device can be associated with a user profile. When a request to interact is received via an application associated with a device, the system prompts the user to waive the smart card within a threshold proximity of the device. In response to the smart card being placed within the proximity, the system collects information from the smart card and verifies that the smart card is associated with the user profile of the user. In response to verifying the information from the smart card, the system authenticates the user and allows the user to interact.
    Type: Grant
    Filed: October 2, 2019
    Date of Patent: June 28, 2022
    Assignee: United Services Automobile Association (USAA)
    Inventor: John R. Clowe
  • Patent number: 11367076
    Abstract: In an aspect, a computing system is configured to: send, to a transfer rail server, a request for stored card data associated with a value transfer card; receive stored card data identifying an entity having a stored representation of the value transfer card; provide user interface data to a client device, the user interface data causing the client device to display a user interface that includes an entity listing that is based on the stored card data, the user interface including a selectable option to add an entity-based control to the identified entity; receive, from the client device, an instruction to apply an entity-based control to an identified one of the entities in the stored card data; and in response to receiving the instruction to apply the entity-based control, implement the entity-based control to affect use of the value transfer card by the identified entity and not affect use of the value transfer card by other entities.
    Type: Grant
    Filed: June 19, 2019
    Date of Patent: June 21, 2022
    Assignee: The Toronto-Dominion Bank
    Inventor: Raj Kumar Choudhary
  • Patent number: 11356265
    Abstract: The present disclosure includes secure communication between a vehicle and a remote device. An embodiment includes a processing resource, memory, and a vehicular communication component configured to, in response to receiving a request from a remote communication component to switch a state of a lock, calculate a challenge count for the request, generate a vehicular private key and a vehicular public key, perform a number of verification iterations, each respective verification iteration including providing the public key to the remote communication component, receiving, from the remote communication component, code for switching the lock state, verifying the remote communication component's identity, and incrementing a counter in response to verifying the remote communication component's identity, and decrypt the code using the private key and switch the lock state in response to the counter being incremented to a value equal to or greater than the challenge count.
    Type: Grant
    Filed: August 11, 2020
    Date of Patent: June 7, 2022
    Assignee: Micron Technology, Inc.
    Inventors: Alberto Troia, Antonino Mondello
  • Patent number: 11349646
    Abstract: Systems and methods for automatically disseminating a private key are presented. A first message requesting a key proxy instance is received from a first user device. The first message comprises a first symmetric key. A key proxy server is directed to allocate a key proxy instance for communication with the first user device based on a device public key that corresponds to the first user device. A unique URL corresponding to the key proxy instance is received from the key proxy server. A second message comprising the unique URL is sent to the first user device. The second message is encrypted using the first symmetric key and signed using a server private key. A third message comprising the URL of the key proxy instance is received from the first user device and forwarded to a second user device.
    Type: Grant
    Filed: May 2, 2019
    Date of Patent: May 31, 2022
    Assignee: Berryville Holdings, LLC
    Inventors: Christopher Edward Delaney, Chava Louis Jurado, Carl Bailey Jacobs, Jeremiah MacDonald, Michael Vincent Chest, Walter Adeyinka Ademiluyi
  • Patent number: 11349661
    Abstract: Data can be protected in a centralized tokenization environment. A security value is received by a central server from a client device. The central server accesses a token table corresponding to the client device and generates a reshuffled static token table from the accessed token table based on the received security value. When the client device subsequently provides data to be protected to the central server, the central server tokenizes the provided data using the reshuffled static token table and stores the tokenized data in a multi-tenant database. By reshuffling token tables using security values unique to client devices, the central server can protect and store data for each of multiple tenants such that if the data of one tenant is compromised, the data of each other tenant is not compromised.
    Type: Grant
    Filed: September 21, 2020
    Date of Patent: May 31, 2022
    Assignee: PROTEGRITY CORPORATION
    Inventors: David Clyde Williamson, George Curran, Raul Ortega, Jan Boberg, Rajnish Jain, Yigal Rozenberg
  • Patent number: 11343345
    Abstract: According to one embodiment, a memory system includes a non-volatile semiconductor memory device, a control unit, a memory as a work area, a wireless communication module, and an extension register. The control unit controls the non-volatile semiconductor memory device. The extension register is provided in the memory and has a data length by which a wireless communication function of the wireless communication module can be defined. The control unit causes the non-volatile semiconductor memory device to store, as a file, an HTTP request supplied from a host, causes the extension register, based on a first command supplied from the host, to register an HTTP transmission command transmitted together with the first command, and causes the wireless communication module to transmit the HTTP request stored in the non-volatile semiconductor memory device based on the transmission command registered in the extension register.
    Type: Grant
    Filed: April 8, 2020
    Date of Patent: May 24, 2022
    Assignee: KIOXIA CORPORATION
    Inventors: Kuniaki Ito, Yasufumi Tsumagari, Takashi Wakutsu, Shuichi Sakurai
  • Patent number: 11303627
    Abstract: Techniques are described for providing session management functionalities using an access token (e.g., an Open Authorization (OAuth) access token). Upon successful user authentication, a session (e.g., a single sign-on session) is created for the user along with a user identity token that includes information identifying the session. The user identity token is presentable in an access token request sent to an access token issuer authority (e.g., an OAuth server). Upon receiving the access token request, the user identity token is parsed to identify and validate the session against information stored for the session. The validation can include various session management-related checks. If the validation is successful, the token issuer authority generates the access token. In this manner, the access token that is generated is linked to the session. The access token can then be used by an application to gain access to a protected resource.
    Type: Grant
    Filed: October 18, 2018
    Date of Patent: April 12, 2022
    Assignee: Oracle International Corporation
    Inventors: Mayank Maria, Aarathi Balakrishnan, Dharmvir Singh, Madhu Martin, Vikas Pooven Chathoth, Vamsi Motukuru
  • Patent number: 11258808
    Abstract: Embodiments provide a method of using access tokens for identification of breach attempts in a client-server communication. The method includes receiving, by a server system, a token validation request for validation of a token from an Application Programming Interface (API) server sent from a client device to the API server. The method includes accessing one or more token configuration parameters associated with a valid token. The token configuration parameters include one or more of a number of allowable access attempts using the valid token in the API session and a range of frequency of allowable access attempts using the valid token in the API session. The method includes verifying whether the token conforms to the token configuration parameters associated with the valid token. The method further includes determining a breach attempt associated with the token if the token does not conform to the token configuration parameters.
    Type: Grant
    Filed: July 10, 2019
    Date of Patent: February 22, 2022
    Assignee: Mastercard International Incorporated
    Inventors: Vickhram Sanap, Girish Ramesh Khemani
  • Patent number: 11252147
    Abstract: A platform for delivering secure web applications to a client browser. A software plug-in is provided configured for integration into a web browser. The plug-in includes: a request hook that intercepts web browser requests associated with a secure web application; a request processing system that redirects an request to access the secure web application to a network service, and then redirects subsequent HTTP requests to interact with the secure web application to the network service; and a package manager that receives a text-based data package from a customer domain server in response to the initial request and renders the secure web application in the web browser, and receives an updated text-based data package from the customer domain server in response to the subsequent HTTP request and renders updates to secure web application in the web browser.
    Type: Grant
    Filed: June 7, 2019
    Date of Patent: February 15, 2022
    Assignee: CITRIX SYSTEMS, INC.
    Inventors: Zhen Zeng, Hongfei Wu
  • Patent number: 11232430
    Abstract: A method for the processing, by a transaction-processing server, of a transaction at least partially initiated from a communications terminal connectable to the server by using a communications network. This method includes: creating a secured communications channel with the communications terminal; instantiation, within an execution server on the communications network, of a virtual payment terminal capable of exchanging information with the communications terminal by using the secured communications channel; and processing a transaction between the communications terminal and the virtual payment terminal implementing at least one secure element of the communications terminal, the secure element being configured to exchange an identifier of the type of service.
    Type: Grant
    Filed: January 8, 2016
    Date of Patent: January 25, 2022
    Assignee: INGENICO GROUP
    Inventors: Pierre Quentin, Jean-Bernard Blanchet
  • Patent number: 11201913
    Abstract: Managing a storage array includes: receiving, by a client-side array services module from a cloud-based security module through data communications on a wide area network, a token representing authentication of user credentials; and managing, by the client-side array services module, a storage array only through data communications on a local area network, including sending, to the storage array, the token with a management instruction.
    Type: Grant
    Filed: January 15, 2020
    Date of Patent: December 14, 2021
    Assignee: Pure Storage, Inc.
    Inventors: Jimmy T. Hu, Terence W. Noonan, Neil A. Vachharajani, Daquan Zuo
  • Patent number: 11122036
    Abstract: Systems and methods are provided for use in enabling, providing, and managing digital identities in association with mobile communication devices. One exemplary method includes capturing an image of a physical document comprising a biometric of a user associated with the physical document, and extracting the biometric from the image and converting it to a biometric template. The method also includes capturing a biometric of the user and comparing it to the biometric template. The method then includes, when the captured biometric matches the biometric template, transmitting a message to an identification provider comprising at least the image of the physical document and the biometric template, whereby the biometric template is verified against a repository, and binding data representative of the mobile communication device, a mobile application included therein, and the biometric template and/or the captured biometric of the user into a token.
    Type: Grant
    Filed: September 18, 2018
    Date of Patent: September 14, 2021
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Sumeet Bhatt, Ashfaq Kamal
  • Patent number: 11107078
    Abstract: A computer system is configured to provide a payment card security application programming interface (API) for providing a payment card security score to a partner entity computer system. Responsive to receipt of user identification data for a card holder from the partner entity computer system via the API, the computer system retrieves payment card electronic funds transfer (EFT) transaction data records corresponding to the card holder, and determines a transaction type and security level associated for the user's transactions. The computer system generates, based on the determined security level for each of the transactions, a security score for the card holder. The partner entity computer system provides the user identification data for the card holder to the payment card security API responsive to receipt of an authorization request for a new transaction. The partner entity computer system may determine whether to approve or deny the new payment card EFT transaction based upon the security score.
    Type: Grant
    Filed: July 6, 2018
    Date of Patent: August 31, 2021
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Murugalakshmanan Mariappan, Joshua J. Baron, Todd Healy
  • Patent number: 11107075
    Abstract: Implementations of the present specification disclose blockchain data processing methods, apparatuses, devices, and systems, including a computer-implemented method for blockchain data processing. Blockchain transaction data of a plurality of transaction participants is received. Each of the plurality of transaction participants provides a respective certificate indicating a respective legal membership in a blockchain. The respective legal membership enables processing of the blockchain transaction data. A mutual identity querying is performed to confirm whether each of the plurality of transaction participants has the respective legal membership in the blockchain. Supervision keys of a supervision node in the blockchain are determined, where the supervision node corresponds to a supervisor, and where the supervision keys are dynamically updated based on a predetermined rule. The blockchain transaction data is encrypted by using the supervision keys. The blockchain transaction data is stored.
    Type: Grant
    Filed: May 9, 2019
    Date of Patent: August 31, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventors: Xuming Lu, Hushen Wang
  • Patent number: 11095440
    Abstract: A device may receive, from a client device, a request with a single packet authorization (SPA) packet that includes data identifying a universal client device identifier (UID), a counter, a first one-time password generated based on a first shared key, the UID, and the counter. The device may generate a second shared key associated with the UID, and may compare the SPA packet to a comparison message authentication code (MAC) generated based on the second shared key, the UID, and the counter. The device may determine whether the SPA packet matches the comparison MAC, and may validate the client device when the SPA packet matches the comparison MAC. The device may provide a MAC associated with the SPA packet to the client device to enable the client device to validate the device for a secure communication based on establishing a pre-master key with the client device.
    Type: Grant
    Filed: November 29, 2019
    Date of Patent: August 17, 2021
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Junaid Islam, William F. Copeland, Mohammed M. Rahman, Gina L. Otts, Brent R. Bilger
  • Patent number: 11080371
    Abstract: The present invention involves with a method and system of state consistency protection for Intel software guard extension (SGX). In a method of state consistency protection for a central processing unit capable of creating enclaves, the central processing unit supports creation of at least one enclave, wherein the central processing unit communicates with a remote server providing services for the central processing unit through remote communication and the remote server has a remote attestation module, configuring the remote attestation module to facilitate the completion of every execution state storing operation and/or every execution state restoring operation, wherein the remote attestation refers to an attestation mechanism by which the central processing unit proves to the remote server that it has created the specific enclave in a local platform so that the remote server trusts the specific enclave. The present invention does not require special hardware and is favorable to cross-platform migration.
    Type: Grant
    Filed: October 24, 2018
    Date of Patent: August 3, 2021
    Assignee: Huazhong University of Science And Technology
    Inventors: Hai Jin, Weizhong Qiang, Zezhao Dong
  • Patent number: 11038860
    Abstract: In virtualized environments a method of determining authorization to a resource cannot use a hardware specific identifier, such as a MAC address. As a result upgrading a virtual host may cause licenses associated with that host to be invalid, even though the upgraded virtual host should be authorized. Authentication methods and systems are disclosed such that a key may be shared with a second host along with a license file and, provided at least the second host has a key associated with its system identifier and a key associated with a license file, access to a licensed resource may be authorized.
    Type: Grant
    Filed: April 10, 2018
    Date of Patent: June 15, 2021
    Assignee: Extreme Networks, Inc.
    Inventors: William T. Walker, Aabha Biyani
  • Patent number: 11025611
    Abstract: A method of a responding entity for creating a secure link with a requesting entity in an embedded universal integrated circuit card (eUICC) environment is provided. The method includes: receiving, from the requesting entity, a secure link creation message including signature information of the requesting entity; verifying the signature information of the requesting entity by using trust information of the requesting entity, the trust information of the requesting entity being generated by a certificate authority (CA) and transferred to the responding entity; generating a shared key used for communication between the responding entity and the requesting entity; and creating the secure link with the requesting entity by using the shared key.
    Type: Grant
    Filed: November 21, 2018
    Date of Patent: June 1, 2021
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Chul Hyun Park, Kwan Lae Kim, Jin Hyoung Lee, Joo Young Kim
  • Patent number: 10965449
    Abstract: Various methods and systems are provided for autonomous secrets management for a key distribution service (“KDS”). A KDS server performs centralized management and distribution of keys for client devices in a distributed computing system, which obviates key management and distribution at the client devices. In operation, a key request is received at a KDS server from a KDS client device. The key request is generated using a data protector and a KDS client component of the KDS client device. The key request is associated with a caller and a security token of the caller. The caller is authenticated at a security token service (STS) based on a security token. An encryption key or decryption key associated with the key request is generated. The encryption key or the decryption key is generated based on an interval-based key derivation scheme. The encryption key or the decryption key is communicated to KDS client.
    Type: Grant
    Filed: May 31, 2018
    Date of Patent: March 30, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Kahren Tevosyan, Kamran Riaz Khan, Brian S. Lounsberry, Cristian Stefan Salvan
  • Patent number: 10924268
    Abstract: A key distribution method is disclosed. In this method, a key request can be received by a key management system (KMS) from a mobile operator network element (MNO). The key request can carry a public key of UE. At least one PVT and one SSK can be allocated to the US based on an IBC ID. The at least one PVT and SSK can be encrypted based on the public key to generate ciphertext; and an object can be signed based on a preset digital signature private key (DSPK) to generate a digital signature. The object can include the public key and the ciphertext. Still, a signature validation public key associated with the DSPK can be determined and a key response can be returned to the MNO. The key response can carry the signature validation public key, the public key of the UE, the ciphertext, and the digital signature.
    Type: Grant
    Filed: April 12, 2019
    Date of Patent: February 16, 2021
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Haiguang Wang, Yanjiang Yang, Xin Kang, Zhongding Lei
  • Patent number: 10922714
    Abstract: A virtual universe system has a system and method for identifying spam avatars based upon the avatar's behavior characteristics through the use of Turing tests. The system may provide a Turing test unit for performing Turing tests and an analysis unit that compares the behavior characteristics of new or newly changed avatars against the behavior characteristics of known spam avatars to determine if the avatar has known spam avatar characteristics. It may further have a scoring system to calculate a spam score based upon similarities of the comparison and identifying the avatar as a spam avatar based upon the calculated spam score. It may further compare the calculated spam score with a spam score threshold wherein the avatar is identified as a spam avatar if the calculated spam score is equal to or greater than the calculated spam score.
    Type: Grant
    Filed: May 2, 2017
    Date of Patent: February 16, 2021
    Assignee: International Business Machines Corporation
    Inventors: Christopher J. Dawson, Rick A. Hamilton, II, Brian M. O'Connell, Clifford A. Pickover, Keith R. Walker
  • Patent number: 10922392
    Abstract: This disclosure relates generally to digital telecommunications, and more particularly to systems and methods for generating and managing composite digital identities. In one embodiment, a system and method for generating and managing digital identities is disclosed. The method includes receiving, from an identity seeker, a request having an identifier associated with an entity, the request includes a context associated with a transaction. An encrypted token corresponding to the identifier is identified from encrypted tokens stored in a database and is further decrypted to obtain context matrix on which analysis is performed with respect to the request. An activity status associated with the transaction is determined based on analysis to generate composite provisional digital identity (CPDI) specific to the transaction.
    Type: Grant
    Filed: January 10, 2018
    Date of Patent: February 16, 2021
    Assignee: TATA CONSULTANCY SERVICES LIMITED
    Inventors: Narendran Sivakumar, Sankaranarayanan Viswanathan, Radhika Kannan
  • Patent number: 10915922
    Abstract: A system and method in a virtual universe (VU) system for identifying spam avatars based upon the avatars' multimedia characteristics may have a table that stores multimedia characteristics of known spam avatars. It further may have an analysis unit that compares the multimedia characteristics of avatars against the multimedia characteristics of known spam avatars to determine if the avatar has known spam avatar characteristics. It may further have a scoring system to calculate a spam score based upon the similarities of the comparison and identifying the avatar as a spam avatar based upon the calculated spam score. It may further compare the calculated spam score with a spam score threshold wherein the avatar is identified as a spam avatar if the calculated spam score is equal to or greater than the calculated spam score. Multimedia characteristics include graphics, audio, movement, interactivity, voice, etc.
    Type: Grant
    Filed: May 2, 2017
    Date of Patent: February 9, 2021
    Assignee: International Business Machines Corporation
    Inventors: Christopher J. Dawson, Rick A. Hamilton, II, Brian M. O'Connell, Clifford A. Pickover, Keith R. Walker
  • Patent number: 10909229
    Abstract: The disclosure includes a system and method in which one or more virtual resources are presented to a secure element; and the one or more virtual resources are mapped to available resources based on a model architecture for the secure element in order to provide hardware abstraction, the available physical resources varying based on the model architecture and an associated host device, the virtual resources allowing consistent interaction with the virtual resources regardless of variation in the physical resources available and their location. The hardware abstraction increases the versatility of the secure element and may contribute to the secure element's functionality. The secure element providing functionality to replace most items carried in an individual's pockets, e.g., logical and physical keys, a thumb drive, identification, credit and debit cards, etc.
    Type: Grant
    Filed: January 3, 2018
    Date of Patent: February 2, 2021
    Assignee: Proxense, LLC
    Inventor: John Joseph Giobbi
  • Patent number: 10893045
    Abstract: A method of accessing data at a device, wherein the data is stored remotely from the device or in removable storage. The method may the following steps: (i) sending a request from the device to access the data, the request including an identification code of a secure element or a memory card associated with the device, (ii) verifying, based at least partly on the identification code, whether access to the data is to be allowed or denied, and (iii) allowing or denying the device access to the data accordingly.
    Type: Grant
    Filed: August 29, 2014
    Date of Patent: January 12, 2021
    Assignee: Liberty Labs Limited
    Inventors: Christopher Iain Johnston, Michel Leduc
  • Patent number: 10893418
    Abstract: Embodiments are directed to access point deployment in a network including a centralized system and a distributed system. An embodiment of an apparatus includes a memory and a processor executing instructions stored in the memory. The instructions include instructions to receive a message from an access point (AP) requesting a role in a network and, based on reception of the message, to access a deployment policy. The instructions further include instructions to determine whether the deployment policy is defined for the AP and, based on a determination that the deployment policy is defined for the AP, to assign the role to the AP corresponding to the deployment policy and corresponding to at least one of a centralized system or a distributed system of the network.
    Type: Grant
    Filed: March 8, 2018
    Date of Patent: January 12, 2021
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Hsiu-Wei Liu, Jikui Pei, Ben Dunsbergen, Rajini Balay