Message Digest Travels With Message Patents (Class 713/181)
  • Patent number: 11411761
    Abstract: A detection device includes: an object data extraction unit that extracts, from one or more pieces of communication data which are transmitted from one or more electronic control units, at least part of a payload contained in communication data that satisfies a predetermined condition, information by which the communication interval between the communication data can be calculated, and a serial number of the communication data as object data; a partial sequence creation unit that creates, using the extracted object data, a partial sequence containing information corresponding to at least part of a payload and information indicating a communication interval from two or more pieces of object data with the same serial number; and a detection unit that detects, using the created partial sequence, predetermined communication data based on the order relation between at least part of a payload and the corresponding part of another payload and a communication interval.
    Type: Grant
    Filed: December 21, 2018
    Date of Patent: August 9, 2022
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Toshiki Shibahara, Takuma Koyama, Yasushi Okano
  • Patent number: 11381931
    Abstract: Aspects discussed herein relate to providing alerts to a community of devices located in or near a geographic are such as a building or property. The alerts override any alert-inhibiting state of the mobile device to deliver audio, visual, and/or haptic alerts in emergency situations. The communication and emergency alert system may be used to communicate with many different communities of people. Moreover, certain individuals may be members of more than one community at the same time, and the communities themselves may change over time based both on the user's preferences and on their physical locations. Multiple different alerts can be sent to different mobile devices for a single event. The alerts can be customized to particular mobile devices depending on the community to which the mobile device belongs for the event.
    Type: Grant
    Filed: September 17, 2020
    Date of Patent: July 5, 2022
    Assignee: In-telligent Properties LLC
    Inventor: Allan C. Sutherland
  • Patent number: 11379384
    Abstract: A technique for oblivious filtering may include receiving an input data stream having a plurality of input elements. For each of the input elements received, a determination is made as to whether the input element satisfies a filtering condition. For each of the input elements received that satisfies the filtering condition, a write operation is performed to store the input element in a memory subsystem. For those of the input elements received that do not satisfy the filtering condition, at least a dummy write operation is performed on the memory subsystem. The contents of the memory subsystem can be evicted to an output data stream when the memory subsystem is full. The memory subsystem may include a trusted memory and an unprotected memory.
    Type: Grant
    Filed: September 27, 2019
    Date of Patent: July 5, 2022
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Abhinav Aggarwal, Rohit Sinha, Mihai Christodorescu
  • Patent number: 11375375
    Abstract: An operation method of a UE in a communication system includes receiving, from a base station, a security mode command message including information requesting reporting of capability information and security configuration information; identifying the security configuration information included in the security mode command message; and transmitting, to the base station, a security mode complete message including the capability information requested by the security mode command message.
    Type: Grant
    Filed: November 13, 2019
    Date of Patent: June 28, 2022
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Hyung Sub Kim, Jae Heung Kim
  • Patent number: 11374961
    Abstract: A computer-implemented method includes determining, by a processor, an authenticity of a software object and its supply chain and providing an authenticity result indicative thereof; determining, by the processor, an integrity of the software object and its supply chain and providing an integrity result indicative thereof; and determining, by the processor, from the authenticity result and the integrity result, a score indicative of an amount of trust in the supply chain of the software object and in the software object, wherein the score is indicative of an amount of trust that the software object will work correctly if installed in a system that utilizes the software object.
    Type: Grant
    Filed: July 20, 2020
    Date of Patent: June 28, 2022
    Assignee: Reliable Energy Analytics, LLC
    Inventor: Richard Brooks
  • Patent number: 11368459
    Abstract: Methods, computer program products, and/or systems are provided that can perform the following operations: receiving a connection request from a first user device; creating an authentication container for the first user device; authenticating the first user device using the authentication container; in response to authentication for the first user device being successful, creating a first user request processing container for the first user device; and processing user requests received from the first user device using the first user request processing container.
    Type: Grant
    Filed: September 30, 2020
    Date of Patent: June 21, 2022
    Assignee: International Business Machines Corporation
    Inventors: Heng Wang, Xiao Ling Chen, Chen Guang Liu, Wen Qi WQ Ye, Fei Tan, Lu Lu, Jing Li, Qing Yu Pei
  • Patent number: 11368391
    Abstract: In one aspect, a system for managing data processes in a network of computing resources is configured to: receive, from an instructor device, a parent request for execution of at least one parent data process executable by a plurality of computing resources at least one computing resource; generate at least one child request for execution of at least one corresponding child data process for routing to at least one corresponding destination device, each of the at least one child data process for executing at least a portion of the at least one parent data process, and each of the at least one child request including a respective destination key derived from at least one instructor key; and route each of the at least one child request to the at least one corresponding destination device. The at least one child request can be obtained by a supervisor server via the routing.
    Type: Grant
    Filed: March 20, 2019
    Date of Patent: June 21, 2022
    Assignee: ROYAL BANK OF CANADA
    Inventors: Walter Michael Pitio, Philip Iannaccone, James Brown, Jeffrey Roy Betten, Mitchell Joseph Aiosa Morris
  • Patent number: 11321466
    Abstract: Techniques for providing data protection in an integrated circuit are provided. An example method according to these techniques includes determining that an unauthorized update has been made to software or firmware associated with the integrated circuit, and corrupting an anti-replay counter (ARC) value, maintained in a one-time programmable memory of the integrated circuit and used by the integrated circuit to protect contents of a non-volatile memory, responsive to determining that the unauthorized update has been made to the software or the firmware.
    Type: Grant
    Filed: March 7, 2019
    Date of Patent: May 3, 2022
    Assignee: QUALCOMM Incorporated
    Inventors: Vincent Pierre Le Roy, Baranidharan Muthukumaran, David Tamagno
  • Patent number: 11307777
    Abstract: Embodiments of the disclosure relate to a memory system and an operating method thereof. The memory system may decrypt first firmware which is stored in the memory device and is encrypted using a symmetric-key encryption algorithm, with a first key stored in the memory device, may generate a second key based on second firmware, which is obtained by decrypting the first firmware, first data stored in a first area in the memory controller, and second data stored in a second area in the memory device, and may drive the second firmware when the first key and the second key are the same.
    Type: Grant
    Filed: January 29, 2021
    Date of Patent: April 19, 2022
    Assignee: SK hynix Inc.
    Inventors: Sung Jin Park, Jung Ae Kim
  • Patent number: 11290430
    Abstract: Techniques for securing communication. The techniques include using at least one device to perform: selecting a first operation from a plurality of operations, each of the plurality of operations associated with a respective type of data to be encrypted; generating first data to be encrypted at least in part by performing the first operation; encrypting both information identifying the first operation and the first data to obtain corresponding first ciphertext; and outputting the first ciphertext.
    Type: Grant
    Filed: June 24, 2019
    Date of Patent: March 29, 2022
    Assignee: Virtual Software Systems, Inc.
    Inventors: Charles H. Kaman, Richard D. Fiorentino
  • Patent number: 11269040
    Abstract: The present disclosure is directed to systems and methods that include a beacon that includes an antenna; data storage configured to store a code that is calculated according to an algorithm and based on a first variable, the first variable being defined according to a first interval of time; and a processor configured to cause the code to be emitted by the beacon.
    Type: Grant
    Filed: September 17, 2018
    Date of Patent: March 8, 2022
    Assignee: VERVE GROUP, INC.
    Inventors: Daniel Newman, Dustin Candland, Daniel Pier
  • Patent number: 11222018
    Abstract: Herein are techniques for dynamic aggregation of results of a database request, including concurrent grouping of result items in memory based on quasi-dense keys. Each of many computational threads concurrently performs as follows. A hash code is calculated that represents a particular natural grouping key (NGK) for an aggregate result of a database request. Based on the hash code, the thread detects that a set of distinct NGKs that are already stored in the aggregate result does not contain the particular NGK. A distinct dense grouping key for the particular NGK is statefully generated. The dense grouping key is bound to the particular NGK. Based on said binding, the particular NGK is added to the set of distinct NGKs in the aggregate result.
    Type: Grant
    Filed: July 8, 2020
    Date of Patent: January 11, 2022
    Assignee: Oracle International Corporation
    Inventors: Shasank Kisan Chavan, William Martinez Cortes, Weiwei Gong
  • Patent number: 11176229
    Abstract: A processing system of a vehicle having at least one processor may obtain, from a network-based security system, at least a first security code, apply a hash operation to a firmware code of the vehicle in accordance with the at least the first security code to generate a first hash value, and transmit the first hash value to the network-based security system. The processing system may then obtain from the network-based security system at least a first verification code, the network-based security system providing the at least the first verification code in response to a confirmation of the first hash value, apply the at least the first verification code to a verification function, and generate a signal to enable the operation of the vehicle, in response to a positive verification via the verification function.
    Type: Grant
    Filed: October 2, 2019
    Date of Patent: November 16, 2021
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventor: Joseph Soryal
  • Patent number: 11170583
    Abstract: According to one embodiment, an electronic apparatus used in a vehicle generates a first to fourth log of the vehicle for a first to fourth period, a first to fourth code used to validity of the first to fourth log, a fifth code used to collectively determine a validity of the first log and the second log, a sixth code used to collectively determine a validity of the third log and the fourth log, and a seventh code used to collectively determine a validity of the first to fourth logs, and transmits the first to seventh codes to a server, and transmits the first to fourth logs to the server after a transmission of the first to seventh codes.
    Type: Grant
    Filed: April 20, 2018
    Date of Patent: November 9, 2021
    Assignee: KABUSHIKI KAISHA TOSHIBA
    Inventors: Dan Jiang, Toshiyuki Kito
  • Patent number: 11126566
    Abstract: The presently disclosed method and apparatus for sharing security metadata memory space proposes a technique to allow metadata sharing two different encryption techniques. A section of memory encrypted using a first type of encryption and having first security metadata associated therewith is converted to a section of memory encrypted using a second type of encryption and having second security metadata associated therewith. At least a portion of said first security metadata shares a memory space with at least a portion of said second security metadata for a same section of memory.
    Type: Grant
    Filed: November 21, 2019
    Date of Patent: September 21, 2021
    Assignee: Intel Corporation
    Inventors: Siddhartha Chhabra, David M. Durham
  • Patent number: 11100229
    Abstract: A hybrid device includes a plurality of diverse subsystems, including a first and a second subsystem. The first subsystem includes at least one first secured storage device configured to store a first software and a first CPU configured to boot and execute the first software. The second subsystem includes at least one second secured storage device configured to store a second software and a second CPU configured to boot and execute the second software. The first CPU is configured to generate the first hash of the first software and transmit the generated first hash of the first software to the second subsystem. The second CPU is configured to perform a first authenticity validation check on the first software using the received first hash of the first software, and generate an error signal on a condition that the first authenticity validation check on the first software fails.
    Type: Grant
    Filed: July 18, 2019
    Date of Patent: August 24, 2021
    Inventors: Alexander Zeh, Veit Kleeberger, Berndt Gammel
  • Patent number: 11095453
    Abstract: A communication network system, in which a transmission node for transmitting a message is connected to a reception node for receiving the message, is configured to periodically transmit a count-value notification message to notify a count value, which is used to generate and check a message authentication code for the message, to the transmission node and the reception node.
    Type: Grant
    Filed: March 14, 2017
    Date of Patent: August 17, 2021
    Assignee: KDDI CORPORATION
    Inventors: Seiichiro Mizoguchi, Hideaki Kawabata, Keisuke Takemori, Ayumu Kubota
  • Patent number: 11086947
    Abstract: Efficient uniques querying is disclosed, including: receiving a search query for a number of unique audience members across a plurality of groups of audience members; obtaining a plurality of sets of representations corresponding to respective ones of the plurality of groups of audience members; selecting at least a subset from each of the plurality of sets of representations; merging the selected at least subsets of the plurality of sets of representations into a merged set of representations; determining the number of unique audience members across the plurality of groups of audience members based at least in part on the merged set of representations; and outputting the number of unique audience members across the plurality of groups of audience members.
    Type: Grant
    Filed: October 11, 2019
    Date of Patent: August 10, 2021
    Assignee: Tubular Labs, Inc.
    Inventor: Ioannis Mantzouratos
  • Patent number: 11082211
    Abstract: Systems and methods with multiple different modes for bidirectional data transfer of messages encrypted with Random Cipher Pads (RCPs) are disclosed. A direct mode is from one single endpoint to another endpoint in a peer-to-peer fashion. A throughput mode may be configured as a communication between endpoints with a cryptographic data server (CDS) managing communications and additional encryption between the endpoints. The CDS further encrypts the messages such that there is a peer-to-peer encryption between the source endpoint and the CDS and a different peer-to-peer encryption between the CDS and destination endpoints. The throughput mode may also be configured as a broadcast communication between a sender and multiple destinations, each with its own different RCP encryption. A router-to-router mode may be thought of as a specific type of peer-to-peer transfer where the peers on each end are routers, servers, Virtual Private Network servers, and gateways rather than user endpoints.
    Type: Grant
    Filed: August 11, 2017
    Date of Patent: August 3, 2021
    Assignee: 7Tunnels, Inc.
    Inventors: Kevin R. McCarthy, Michael L. Hammon, Wesley A. Hildebrandt
  • Patent number: 11070631
    Abstract: A terminal device, for example a 3GPP Proximity Services (ProSe)-enabled user equipment, obtains imprecise location information relating to a location of the terminal device, and transmits a proximity service discovery message, wherein the discovery message includes the imprecise location information. A second terminal device, again for example a 3GPP Proximity Services (ProSe)-enabled user equipment, receives a proximity service discovery message containing location information. The second terminal device obtains location information relating to its location, and calculates a distance from the location indicated by the location information in the received discovery message to its location. The second terminal device acts on the received discovery message only if the calculated distance is less than a predetermined distance.
    Type: Grant
    Filed: November 24, 2016
    Date of Patent: July 20, 2021
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Monica Wifvesson, Noamen Ben Henda, Vesa Lehtovirta, Katharina Pfeffer, Shabnam Sultana, Vesa Torvinen
  • Patent number: 10970949
    Abstract: An access controller combines one or more Secure Access Modules (SAMs) or other cryptographic processors with embedded storage, individually accessible by the controller such that waiting on the reply from one of the modules does not prevent accessing the others, a host CPU, running the computer program to perform authentication and access control, and a waiting queue, possibly in system memory, to put the request in when all SAMs are used. The state of the SAMs, possibly using system memory, is tracked to be able to find a free access module or to be able to match a response to the corresponding request. One or more connections (serial, network, wireless or otherwise) are used to connect to transparent smart card readers and door controllers.
    Type: Grant
    Filed: March 13, 2019
    Date of Patent: April 6, 2021
    Assignee: GENETEC INC.
    Inventor: Sylvain Ouellet
  • Patent number: 10967276
    Abstract: A system, method, and computer program product for collaborative online gaming, including at least one of providing a central repository master browser system; providing an experience calibrated match-making service; providing a dynamic multiplayer server component auto deployment and aggregation system; providing a lobby centric simultaneous and collaborative client game play launching feature; and providing a video game screen over-layer technology giving users access to a control interface while inside a video game being played.
    Type: Grant
    Filed: February 14, 2019
    Date of Patent: April 6, 2021
    Assignee: ELECTRONIC ARTS INC.
    Inventor: Jesper Jensen
  • Patent number: 10963870
    Abstract: Technologies are generally described for methods and systems effective to secure process synchronized requests after at least one secure inter-device communication link between the originating and confirming communication devices is established. A method may include forwarding, by the confirming communication device the request and receiving, by a server, a first request from the originating device and at least one second request from the confirming device. The method may also include, by the server, determining a sequence of receiving of the first and the at least one second requests and processing the requests in order to authenticate a communication device, accept or reject a financial transaction, based on the receiving sequence and receiving time difference.
    Type: Grant
    Filed: November 10, 2016
    Date of Patent: March 30, 2021
    Assignee: Vaposun Inc.
    Inventor: Pavel Levin
  • Patent number: 10965650
    Abstract: This document discloses a solution for providing channel usage information. In an embodiment, an apparatus managing a wireless network and being in an unassociated state towards an access node managing another wireless network is provided with the channel usage information. The channel usage information is provided together with a further information element enabling the apparatus to verify that the channel usage information originates from a trusted source.
    Type: Grant
    Filed: May 11, 2015
    Date of Patent: March 30, 2021
    Assignee: Nokia Technologies Oy
    Inventors: Olli Alanen, Jarkko Kneckt, Janne Marin, Mika Kasslin
  • Patent number: 10958718
    Abstract: Optimizing receive side scaling (RSS) key selection is provided. Different weights are assigned to different fields of flow data corresponding to a network connection of a registered client device. A score is generated representing an amount of balanced processor loading for each RSS key corresponding to the registered client device based on the different fields of the flow data with assigned weights. A current RSS key on the registered client device is updated with an optimal RSS key based on the score corresponding to the optimal RSS key representing balanced loading of processors on the registered client device.
    Type: Grant
    Filed: October 1, 2019
    Date of Patent: March 23, 2021
    Assignee: International Business Machines Corporation
    Inventors: Chih-Wen Chao, Wei-Hsiang Hsiung, Kuo-Chun Chen, Ming-Pin Hsueh, Sheng-Tung Hsu
  • Patent number: 10938794
    Abstract: Concepts and technologies of latency sensitive tactile network security interfaces are provided herein. In an embodiment, a method can include identifying, by a tactile network interface controller, encrypted command packets that are being sent as a data stream to a tactile application. The method can include obtaining a command sequence model based on the encrypted command packets being sent to the tactile application, and decrypting at least some of the encrypted command packets based on the command sequence model, where decrypting the encrypted command packets identifies non-sequential command instructions. The method can include determining, based on the command sequence model, that at least some of the non-sequential command instructions do not conform to the command sequence model, and dropping, by the tactile network interface controller, the non-sequential command instructions that do not conform to the command sequence model from the data stream.
    Type: Grant
    Filed: March 27, 2020
    Date of Patent: March 2, 2021
    Assignee: AT&T Mobility II LLC
    Inventors: Brian Dominguez, Senthil Ramakrishnan
  • Patent number: 10878946
    Abstract: A system for signaling coordinated workers in a common goal through intelligent icons transferred across networks to computer screens. The system can comprise one or more electronic data processors. The system can also include a module configured to execute on the more or more electronic data processors, where the module can be configured to display a plurality of intelligent icons, each containing authorizing information that is retained in a file associated with a authorizing entity on a computer screen. The intelligent icons can be potentially loaned to authorized individuals on a list and used to authenticate users of the system with biometric, image, machine readable codes stored surreptitiously within the intelligent icon. Also, the intelligent icon can be used for friend-foe identification in battlefield and homeland security/border control scenarios.
    Type: Grant
    Filed: February 12, 2016
    Date of Patent: December 29, 2020
    Assignees: The Quantum Group, Inc., SYNABEE, INC
    Inventors: Noel Guillama, Chester Heath
  • Patent number: 10838773
    Abstract: Various embodiments are generally directed to techniques for dynamic resource allocation among cryptographic domains, such as with memory pages in a platform that implements a plurality of cryptographically isolated domains, for instance. Some embodiments are particularly directed to a platform that includes a resource allocation manager (RMGR) that allows for page reassignment among cryptographically isolated virtual machines (VMs) while ensuring functional correctness with respect to integrity. In many embodiments, the RMGR may include hardware and/or software support for a new instruction that enables efficient key reassignment for memory pages.
    Type: Grant
    Filed: March 30, 2018
    Date of Patent: November 17, 2020
    Assignee: INTEL CORPORATION
    Inventors: Siddhartha Chhabra, David M. Durham
  • Patent number: 10831679
    Abstract: Systems, methods, and apparatuses for defending against cross-privilege linear access are described. For example, an implementation of an apparatus comprising privilege level storage to store a current privilege level and address check circuitry coupled to the privilege level storage, wherein the address check circuitry is to determine whether a linear address associated with an instruction is allowed to access a partition of a linear address space of the apparatus based upon a comparison of the current privilege level and a most significant bit of the linear address is described.
    Type: Grant
    Filed: March 23, 2018
    Date of Patent: November 10, 2020
    Assignee: Intel Corporation
    Inventors: Vedvyas Shanbhogue, Joseph Nuzman, Baiju Patel
  • Patent number: 10825119
    Abstract: Mobile collection and vetting of user supplied information is described. The systems, techniques, devices, methods, and approaches described herein can be used to obtain, validate, and vet information, such as customs information, in a mobile environment. In embodiments, methods comprise receiving information input via a mobile device. The information is encapsulated by an intermediate to escort the information through a firewall to the database. In response to vetting the information to determine if it meets one or more criteria, the method involves creating a record associated with a unique identifier, information that bio-identifies a user, or an indication of a determination that results from the vetting. In this embodiment, the method includes generating an electronic receipt for communication to the mobile device, the electronic receipt including the unique identifier.
    Type: Grant
    Filed: January 29, 2020
    Date of Patent: November 3, 2020
    Assignee: The Government of the United States of America, as represented by the Secretary of Homeland Security
    Inventor: David Maher
  • Patent number: 10691526
    Abstract: Output is obtained from a remote computer function on a first set of arguments. Responsive to determining that the output exhibits an error, a fixer routine, other than a retry, is applied to the arguments to produce new arguments. Output is obtained from the remote computer function on the new arguments. In a case where the output from the remote computer function on the new arguments is acceptable, the output from the remote computer function on the new arguments is used as a corresponding output from the remote computer function on the first set of arguments. These steps can advantageously be carried out without modifying program code of the remote computer function and without access to the program code of the remote computer function; for example, by a wrapper which black-box wraps the remote computer function.
    Type: Grant
    Filed: November 8, 2017
    Date of Patent: June 23, 2020
    Assignee: International Business Machines Corporation
    Inventors: Daniel W. Barowy, Emery D. Berger, Charles M. Curtsinger, Rodric Rabbah
  • Patent number: 10685124
    Abstract: An evaluation apparatus that is connected to a bus used by a plurality of electronic control units that constitute an electronic control system for communication and that evaluates security of the electronic control system. The evaluation apparatus includes a transmitter that sends, to the bus, at least one attack frame including an invalidation frame for invalidating a frame on the bus, a monitor that monitors at least one of the plurality of electronic control units, and an evaluator that evaluates the electronic control system in terms of security on the basis of the result of monitoring performed by the monitor when the attack frame is sent from the transmitter to the bus.
    Type: Grant
    Filed: March 27, 2018
    Date of Patent: June 16, 2020
    Assignee: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA
    Inventors: Hiroshi Amano, Toshihisa Nakano, Kimio Minami, Takako Hirose
  • Patent number: 10686587
    Abstract: A method for saving the information security of data transmitted by a databus, in which the data to be transmitted via the databus from a transmitter (ECUs) to at least one receiver (ECUR) are divided into data blocks (M0 . . . Mn) before being sent off, wherein the data blocks (M0 . . . Mn) are encrypted and/or signed block by block by means of a sponge construction for forming a cryptological hash function, utilizing a key, and cipher blocks (C0 . . . Cn) generated in this way are transmitted via the databus to the at least one receiver. The invention also relates to a corresponding databus system.
    Type: Grant
    Filed: May 19, 2016
    Date of Patent: June 16, 2020
    Assignee: Continental Teves AG & Co. oHG
    Inventors: Hans Gregor Molter, Marc Stoettinger
  • Patent number: 10582425
    Abstract: The embodiments herein relate to a method performed by a mobility node for handling network connections for a UE. The UE is simultaneously connected to a first gateway via a connection to a 3GPP network and a connection to a non-3GPP network. The mobility node detects that the UE has moved to another location. The mobility node selects a second gateway that the UE should be relocated to. The second gateway is closer to the UE at the other location. The mobility node transmits relocation information to the first gateway. The relocation information indicates that a gateway relocation to the second gateway is required for the UE. The gateway relocation involves deactivation of both the connection to the 3GPP and the non-3GPP network.
    Type: Grant
    Filed: October 14, 2015
    Date of Patent: March 3, 2020
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventor: Wenliang Xu
  • Patent number: 10581609
    Abstract: A method is provided for authenticating a log message in a distributed network having a plurality of nodes coupled to a serial bus. In the method, a log session is started by a first device at a first node of the plurality of nodes. A first counter value is provided by the first device to the serial bus. A log message is generated by a second device at a second node of the plurality of nodes. A second counter value is generated by the second device. A log message payload is generated for the log message, wherein the log message payload includes a log message authentication code. A computation of the log message authentication code includes the first counter value and the second counter value. The second device does not store the first counter value in a non-volatile memory on the second device.
    Type: Grant
    Filed: October 23, 2017
    Date of Patent: March 3, 2020
    Assignee: NXP B.V.
    Inventor: Thierry G. C. Walrant
  • Patent number: 10574940
    Abstract: Embodiments include methods, systems and computer program products for minimizing face-to-face interaction for law enforcement officers during traffic stops. Aspects include broadcasting, by a law enforcement device, a request to initiate a secure communication channel with a driver device and receiving by the law enforcement device, a notification that the driver device has accepted the request. Aspects also include initiating a video conference between the law enforcement device and the driver device over the secure communication channel and transferring, between the driver device and the law enforcement device, one or more documents over the secure communication channel.
    Type: Grant
    Filed: October 31, 2017
    Date of Patent: February 25, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Ali Y. Duale, Shailesh R. Gami, Arkadiy O. Tsfasman, John S. Werner
  • Patent number: 10530801
    Abstract: An anomaly detection electronic controller performs anomaly detection processing and is connected to a bus, which a plurality of electronic controllers use for communication to communicate following a Controller Area Network (CAN) protocol. The anomaly detection electronic controller includes an anomaly detection processor that performs anomaly detection processing regarding a data frame. The anomaly detection controller also includes an anomaly detection processing requester that decides an anomaly detection processing timing in accordance with a state of a vehicle in which the bus is installed when receiving the data frame, the anomaly detection processing timing being a reception timing of one or multiple fields in the data frame. The anomaly detection processor further performs the anomaly detection processing regarding the data frame at the anomaly detection processing timing decided by the anomaly detection processing requester.
    Type: Grant
    Filed: April 30, 2019
    Date of Patent: January 7, 2020
    Assignee: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA
    Inventors: Takeshi Kishikawa, Yoshihiro Ujiie, Tomoyuki Haga, Hideki Matsushima
  • Patent number: 10469569
    Abstract: Optimizing receive side scaling (RSS) key selection is provided. Different weights are assigned to different fields of flow data corresponding to a network connection of a registered client device. A score is generated representing an amount of balanced processor loading for each RSS key corresponding to the registered client device based on the different fields of the flow data with assigned weights. A current RSS key on the registered client device is updated with an optimal RSS key based on the score corresponding to the optimal RSS key representing balanced loading of processors on the registered client device.
    Type: Grant
    Filed: March 22, 2018
    Date of Patent: November 5, 2019
    Assignee: International Business Machines Corporation
    Inventors: Chih-Wen Chao, Wei-Hsiang Hsiung, Kuo-Chun Chen, Ming-Pin Hsueh, Sheng-Tung Hsu
  • Patent number: 10404696
    Abstract: In an embodiment, a computer-implemented method comprises: in response to receiving a first authentication request from one or more first computing devices, authenticating the first computing devices on behalf of a first client device using a first set of identity information; in response to authenticating the first computing devices, generating and queuing a first set of one or more transactions corresponding to at least one of the one or more first computing devices; in response to receiving a second authentication request from the first client device configured to access the first set of one or more transactions, authenticating the first client device on behalf of a second computing device using a second set of identity information that is associated with the first client device; in response to performing the second authentication service, encrypting and sending the first set of one or more transactions to the first client device.
    Type: Grant
    Filed: September 17, 2018
    Date of Patent: September 3, 2019
    Assignee: Xage Security, Inc.
    Inventors: Susanto Junaidi Irwan, Ganesh B. Jampani, Andy Sugiarto
  • Patent number: 10387350
    Abstract: A configurable sponge function engine. The configurable engine includes a register having bitrate and capacity sections, each having a variable size, where a sum of the bitrate and capacity sizes is fixed. A controller generates a bitrate size indication. A configurable message processor receives an input message from an input bus, receives the size indication, fragments the input message into fragmented blocks of a size specified by the size indication, and converts the blocks to a bus width of the bitrate and capacity sizes. An iterative calculator receives the blocks, performs iterative processing operations on the blocks, and stores a result of each operation in the register overwriting a previous register value. An output adaptor receives a value stored in the register after the block corresponding to the end of the input message is processed and outputs the register value converted to have an output bus width.
    Type: Grant
    Filed: December 21, 2017
    Date of Patent: August 20, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Ron Diamant, Ori Weber, Omer Shaked
  • Patent number: 10372895
    Abstract: A method for providing a security environment. The method includes detecting user information from an accessory in response to detection of the accessory, performing security authentication with input security information if the user information is detected; and providing the security environment when the security authentication is successful.
    Type: Grant
    Filed: April 18, 2014
    Date of Patent: August 6, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Yung-Kwan Kim, Jong-Seok Kim
  • Patent number: 10339310
    Abstract: A method for determining malicious attachments on messages is described. A computing device may receive an electronic message, including one or more unopened attachments, and identify one or more characteristic values of the message header, message body, or attachments of the message. The computing device may analyze the identified characteristics and in some instances compare at least a portion of the characteristics, individually or in combination, with one or more configured thresholds of the computing device. The computing device may determine an attachment is embedded with a macro. The macro may be associated with a visual basic application (VBA) and contain malicious code. Based on the determination, the computing device may initiate a security protocol, including notification via a user interface of the device.
    Type: Grant
    Filed: July 12, 2017
    Date of Patent: July 2, 2019
    Assignee: Symantec Corporation
    Inventors: Eduardo Altares, Maersk Chastine Menrige
  • Patent number: 10320826
    Abstract: An anomaly detection electronic control unit, that performs anomaly detection processing and that is connected to a bus which a plurality of electronic control units use for communication to communicate following a Controller Area Network (CAN) protocol, includes an anomaly detection processing requester that decides an anomaly detection processing timing based on an ID of a data frame acquired from the bus, and an anomaly detection processor that performs anomaly detection processing regarding the data frame at the anomaly detection processing timing decided by the anomaly detection processing requester.
    Type: Grant
    Filed: August 4, 2016
    Date of Patent: June 11, 2019
    Assignee: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA
    Inventors: Takeshi Kishikawa, Yoshihiro Ujiie, Tomoyuki Haga, Hideki Matsushima
  • Patent number: 10289866
    Abstract: A privacy management system that is adapted for, in the course of processing a particular data subject access request, automatically determining a type of the data subject access request, such as: (1) a request to delete personal data of the requestor that is being stored by a particular organization; (2) a request to provide, to the requestor, personal data of the requestor that is being stored by the particular organization; (3) a request to update personal data of the requestor that is being stored by the particular organization; and (4) a request to opt out of having the particular organization use the requestor's personal information in one or more particular ways. After making this determination, the system may determine, based on the determined type of data subject access request, a particular workflow to follow in processing the data subject access request, and then execute the determined workflow.
    Type: Grant
    Filed: August 9, 2018
    Date of Patent: May 14, 2019
    Assignee: OneTrust, LLC
    Inventors: Kabir A. Barday, Jason L. Sabourin, Jonathan Blake Brannon, Mihir S. Karanjkar, Kevin Jones
  • Patent number: 10243732
    Abstract: Technology can be used for sending and receiving messages on a CAN bus with a plurality of ECUs. The technology can include identifying a first message to send to a receiving ECU from a sending ECU; incrementing a sender-version message counter for the message type; determining to create a second session for the message type in the sending ECU; generating a second sender-version session key to be used during the second session in the sending ECU; and resetting the sender-version message counter. The technology further includes processing the first message using the second sender-version session key, including performing an operation to combine the sender-version message counter with the first message to create a combined message and encoding the combined message using the second sender-version session key to create an encoded message. The technology further includes sending the encoded message to the receiving ECU on the CAN bus.
    Type: Grant
    Filed: June 27, 2018
    Date of Patent: March 26, 2019
    Assignee: KARAMBA SECURITY
    Inventors: Amir Herzerg, Assaf Harel, Eli Mordechai, Tal Efraim Ben David, Amiram Dotan, David Barzilai, Itay Hazon
  • Patent number: 10216819
    Abstract: According to embodiments of the present invention, machines, systems, methods and computer program products as part of a data replication process are provided. One or more complex transformations are identified from source code files of installed software products on a target system. A subscription is created for each complex transformation, the subscription containing instructions for transforming data within the source system into a form compatible with the target system. The instructions are executed within the target system to transform source data of the source system into a form compatible with the target system.
    Type: Grant
    Filed: March 20, 2015
    Date of Patent: February 26, 2019
    Inventors: Rachel L. Jarvie, Nick Marcovecchio, Gregg W. Miller
  • Patent number: 10210233
    Abstract: According to embodiments of the present invention, machines, systems, methods and computer program products as part of a data replication process are provided. One or more complex transformations are identified from source code files of installed software products on a target system. A subscription is created for each complex transformation, the subscription containing instructions for transforming data within the source system into a form compatible with the target system. The instructions are executed within the target system to transform source data of the source system into a form compatible with the target system.
    Type: Grant
    Filed: December 16, 2015
    Date of Patent: February 19, 2019
    Assignee: International Business Machines Corporation
    Inventors: Rachel L. Jarvie, Nick Marcovecchio, Gregg W. Miller
  • Patent number: 10158548
    Abstract: Methods and systems for processing web pages by a server system (e.g., a proxy server) are disclosed. The proxy server is coupled to a user device and a plurality of web servers. The proxy server receives a first request for a first web page provided by a first web server from the user device. The first web page is zero-rated. In response to receiving the first request, the proxy server retrieves the requested first web page from the first web server. The proxy server then processes the retrieved first web page. The proxy server identifies one or more resource identifiers contained within the retrieved first web page and appends one or more signatures to the identified one or more resource identifiers respectively. Each identified resource identifier is associated with a content item that is zero-rated. The proxy server further forwards the processed first web page to the user device.
    Type: Grant
    Filed: August 24, 2016
    Date of Patent: December 18, 2018
    Assignee: Facebook, Inc.
    Inventors: Dekel Shmuel Naar, Itay Duvdevani
  • Patent number: 10140450
    Abstract: A method of real-time data security of a communications bus, the method comprising the steps of: reading at least an early portion of a message being transmitted over a communications bus, determining whether the message is suspicious, according to at least one rule applied on the read early portion of the message, and upon determining that the message is suspicious, corrupting at least a part of the message.
    Type: Grant
    Filed: August 3, 2018
    Date of Patent: November 27, 2018
    Assignee: ARILOU INFORMATION SECURITY TECHNOLOGIES LTD.
    Inventors: Gil Litichever, Ziv Levi
  • Patent number: 10104077
    Abstract: In an embodiment, a computer-implemented method comprises receiving a first authentication request from one or more first computing devices; in response to receiving the first authentication request, performing a first authentication service for the one or more first computing devices on behalf of a second computing device using a first set of identity information; in response to performing the first authentication service, generating and queuing a first set of one or more transactions corresponding to at least one of the one or more first computing devices; receiving a second authentication request from the second computing device configured to access the first set of one or more transactions; in response to receiving the second authentication request, performing a second authentication service for the second computing device on behalf of a third computing device using a second set of identity information; in response to performing the second authentication service, encrypting and sending the first set of on
    Type: Grant
    Filed: October 6, 2017
    Date of Patent: October 16, 2018
    Assignee: XAGE SECURITY, INC.
    Inventors: Susanto Junaidi Irwan, Ganesh B. Jampani, Andy Sugiarto