System Access Control Based On User Identification By Cryptography Patents (Class 713/182)
  • Patent number: 11074338
    Abstract: A technique for securely rendering content downloaded over a network includes parsing a downloaded web page into a DOM (Document Object Model) tree and splitting the DOM tree into multiple DOM instances, where each DOM instance is dedicated to a respective type of web content. The technique processes each DOM instance using a respective render engine, which implements the security policy on the respective type of web content by blocking or altering content, and/or by limiting functionality that may be used in connection with the content.
    Type: Grant
    Filed: October 23, 2018
    Date of Patent: July 27, 2021
    Assignee: Citrix Systems, Inc.
    Inventors: Xiaolu Chu, Shunli Ren
  • Patent number: 11074325
    Abstract: Systems and methods for multifactor authentication are disclosed. One illustrative system described herein includes: a network interface; and a processor coupled to the network interface and configured to: begin a transaction to allow a user to access a secure resource; receive, via the network interface, user data from a mobile device, the user data comprising behavior data associated with the user; compare one or more parameters of the behavior data to expected parameters; and if the parameters are within a required range, allow access to the secure resource; or if the parameters are outside of the required range, restrict access to the secure resource.
    Type: Grant
    Filed: March 24, 2017
    Date of Patent: July 27, 2021
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Mike Duke, Kourtney Eidam, Ross Goddard
  • Patent number: 11068883
    Abstract: Methods and apparatus for the deployment of financial instruments and other assets are disclosed. In one embodiment, a security software protocol is disclosed that guarantees that the asset is always securely encrypted, that one and only one copy of an asset exists, and the asset is delivered to an authenticated and/or authorized customer. Additionally, exemplary embodiments of provisioning systems are disclosed that are capable of, among other things, handling large bursts of traffic (such as can occur on a so-called “launch day” of a device).
    Type: Grant
    Filed: April 7, 2017
    Date of Patent: July 20, 2021
    Assignee: Apple Inc.
    Inventors: David T. Haggerty, Ahmer A. Khan, Christopher B. Sharp, Jerrold Von Hauck, Joakim Linde, Kevin P. McLaughlin, Mehdi Ziat, Yousuf H. Vaid
  • Patent number: 11061520
    Abstract: A system and method for increasing the proximity sensing distance of a touch and proximity sensitive touch sensor to thereby enable greater distance of detectability of a user in a proximity sensing mode of a touch sensor by driving a time varying voltage or drive signal onto a user who is also holding a touch sensor with at least one hand, and then sensing the drive signal from the user's fingers or thumb on sense electrodes that are on the touch sensor when the fingers are within a proximity sensing distance of sense electrodes in the touch sensor.
    Type: Grant
    Filed: October 27, 2017
    Date of Patent: July 13, 2021
    Assignee: Cirque Corporation
    Inventors: Jared G. Bytheway, David C. Taylor, Jon Alan Bertrand
  • Patent number: 11049075
    Abstract: A method and system for victim notification functions by receiving a report from an accuser regarding conduct of an accused that is believed to constitute harassment, bullying and/or discrimination, the reporting being composed of structured data. The severity of conduct in the report is scored and ranked and the pervasiveness of conduct in the report is scored and ranked by comparing the reported conduct against prior reports regarding the accused. Other reports by the accuser are also analyzed.
    Type: Grant
    Filed: November 5, 2018
    Date of Patent: June 29, 2021
    Inventor: Ariel D. Weindling
  • Patent number: 11044356
    Abstract: In one embodiment, a network interface operable to receive a communication request over a communication link of a radio access network. A processor determines one or more characteristics based on the communication request and communicates a message to a networked device to determine a status of the network device identified based on at least one of the characteristics. The processor then terminates the communication request based in part on the status of the networked device.
    Type: Grant
    Filed: January 29, 2019
    Date of Patent: June 22, 2021
    Assignee: Global Business Software Development Technologies, Inc.
    Inventor: Michael W. Powers
  • Patent number: 11044250
    Abstract: Embodiments disclosed herein generally related to a system and method of authenticating a user with a third party server. In one embodiment, a method is disclosed herein. A computing system receives, from a remote client device of the user, a token. The token includes personal identification information and a digitized file of a biometric captured by a biometric scanner. The computing system identifies via the personal identification information that the user has a user account. The computing system queries a database with the personal identification information and the digitized file to determine whether the biometric matches a stored biometric in the user account. Upon determining that the biometric matches the stored biometric, the computing system generates a message to be transmitted to the third party server that authenticates the user. The computing system transmits the message to the third party server.
    Type: Grant
    Filed: August 23, 2019
    Date of Patent: June 22, 2021
    Assignee: Capital One Services, LLC
    Inventors: Sophie Bermudez, Salik Shah
  • Patent number: 11038658
    Abstract: An endpoint executes a deflection service that detects failed connection attempts (TCP RST packets) and evaluates whether they are likely the result of a reconnaissance attack. If an inbound connection fails, a connection request packet (TCP SYN) is sent to a decoy server that includes data from the TCP RST packet. The decoy server then completes a connection handshake with a destination of the TCP RST packet and engages a process at the destination. If an outbound connection fails, the deflection service facilitates a connection between a process executing on the endpoint and the decoy server and associated with a destination port referenced by the TCP RST packet.
    Type: Grant
    Filed: May 22, 2019
    Date of Patent: June 15, 2021
    Assignee: ATTIVO NETWORKS INC.
    Inventors: Venu Vissamsetty, Muthukumar Lakshmanan
  • Patent number: 11018936
    Abstract: The present invention discloses methods and systems for configuring a second system. The system of the present invention determines at least one configuration and the identity information of the second system. The at least one configuration is then sent to the second system. The second system is configured with the at least one configuration. The at least one configuration can be sent through an SMS message, a USB modem plugged in the second system, or NFC. Additionally, the at least one configuration may comprise an APN. The at least one configuration may also be used to configure the second system to establish one or more VPN connections.
    Type: Grant
    Filed: April 21, 2020
    Date of Patent: May 25, 2021
    Assignee: PISMO LABS TECHNOLOGY LIMITED
    Inventors: Wan Chun Leung, Ho Ming Chan
  • Patent number: 11012582
    Abstract: According to an embodiment, an image processing apparatus includes a display unit, an operation unit, a processing unit, a storage unit, and a control unit. The display unit is configured to display an operation screen on which a processing mode and setting information may be selected. The operation unit is configured to receive an operation instruction from the operation screen displayed on the display unit and to transmit a processing job based on the operation instruction. The processing unit is configured to execute a process based on the processing job received from the operation unit. The storage unit is configured to store use history information indicating the processing jobs. The control unit is configured to customize the operation screen according to the use history information stored by the storage unit and cause the display unit to display the customized operation screen.
    Type: Grant
    Filed: December 21, 2018
    Date of Patent: May 18, 2021
    Assignees: KABUSHIKI KAISHA TOSHIBA, TOSHIBA TEC KABUSHIKI KAISHA
    Inventor: Atsushi Ishihara
  • Patent number: 11010442
    Abstract: A system and method for selecting tailored information to present to a subscriber, including receiving subscriber data, determining an analysis set based on the subscriber data, extracting abstract parameters from the subscriber data, selecting an analysis from the analysis set based on a general model and the abstract parameters, and presenting the selected analysis to the subscriber.
    Type: Grant
    Filed: September 8, 2020
    Date of Patent: May 18, 2021
    Assignee: Outlier AI, Inc.
    Inventors: Michael Kim, Jacob Topper, Mark Phuong, Douglas Mitarotonda
  • Patent number: 11005840
    Abstract: Aspects of the disclosure relate to preventing unauthorized access to secured information systems. A computing platform may receive, from an end user desktop computing device, a request to login to a user account associated with a user account portal. In response to receiving the request, the computing platform may generate an authentication token in an authentication database and may send a notification to at least one registered device linked to the user account. After sending the notification, the computing platform may receive, from the at least one registered device, an authentication response message. If the authentication response message indicates that valid authentication input was received, the computing platform may update the authentication token to indicate that the request to login to the user account has been approved. After updating the authentication token, the computing platform may provide, to the end user desktop computing device, access to a portal interface.
    Type: Grant
    Filed: March 27, 2020
    Date of Patent: May 11, 2021
    Assignee: Bank of America Corporation
    Inventors: Ashish Arora, Muniraju Jayaramaiah, Xianhong Zhang
  • Patent number: 11005650
    Abstract: Methods and systems for encrypting sensitive information are disclosed comprising hashing sensitive information by a hash function and selecting a salt or key salt based, at least in part, on the hashed sensitive information. If a salt is selected, the selected salt is combined with the hashed sensitive information to yield combined sensitive information, which is encrypted and stored. If a key is selected, such as an AES key, for example, the sensitive information is encrypted by the selected encryption key, and stored. The keys and salts may be encrypted by a cryptographic processing system that generates and stores keys, such as a key management system and/or a hardware security module, for further protection. The salts may be concatenated into a binary large object prior to encryption. Methods and systems for updating of stored records comprising encrypted sensitive information are also described.
    Type: Grant
    Filed: October 19, 2017
    Date of Patent: May 11, 2021
    Assignee: STRIPE, INC.
    Inventors: Jonathan Wall, Gautam S. Raj
  • Patent number: 11004082
    Abstract: A first user device may receive, from a second user device, a request to communicatively couple to the first user device, and may establish a communication session with the second user device after receiving the request. The first user device may identify, after establishing the communication session, an inappropriate activity of the second user device relating to the communication session, and perform a set of actions based on identifying the inappropriate activity. The set of actions may include causing the communication session to be restricted, and providing, to a trust platform, a score for the second user device. The score may permit the trust platform to derive a composite score, indicative of a level of trustworthiness of the second user device, that enables other user devices, associated with the trust platform, to determine whether to grant access requests submitted by the second user device.
    Type: Grant
    Filed: September 28, 2018
    Date of Patent: May 11, 2021
    Assignee: Capital One Services, LLC
    Inventors: Lawrence Hutchison Douglas, Jr., Yolanda Liu, Clayton Johnson
  • Patent number: 11005998
    Abstract: An embodiment of the system for publishing events of a telephony application to a client includes a call router that generates events from the telephony application and an event router that manages the publication of events generated by the call router and that manages the subscription to events by clients. The system can be used with a telephony application that interfaces with a telephony device and an application server.
    Type: Grant
    Filed: August 30, 2019
    Date of Patent: May 11, 2021
    Assignee: Twilio Inc.
    Inventors: Jeffrey Lawson, John Wolthuis, Evan Cooke
  • Patent number: 10999300
    Abstract: The present invention relates to a method and system for tracking the movement of data elements as they are shared and moved between authorized and unauthorized devices and among authorized and unauthorized users.
    Type: Grant
    Filed: November 26, 2019
    Date of Patent: May 4, 2021
    Assignee: QUICKVAULT, INC.
    Inventors: Steven V. Bacastow, Michael Royd Heuss
  • Patent number: 10996713
    Abstract: An electronic disclosed herein may include a band formed from metal that combines with a bottom wall formed from a non-metal to form an enclosure that carries internal components. The electronic device may include a transparent cover and a display assembly partially covered by a border having a uniform dimension. The electronic device may include a vision system designed for facial recognition of a user of the electronic device. A bracket assembly may hold the vision system. The bracket assembly may not be affixed to the enclosure and may move relative to the enclosure. The electronic device may include a battery assembly having multiple battery components coupled together. The electronic device may further include a receiver coil for wireless charging of the battery assembly. The electronic device may include a circuit board assembly having stacked circuit boards. The electronic device may further include a dual camera assembly.
    Type: Grant
    Filed: August 6, 2018
    Date of Patent: May 4, 2021
    Assignee: Apple Inc.
    Inventors: David A. Pakula, Daniel W. Jarvis, Shimon Elkayam, Brandon R. Garbus, Christopher S. Graham, Karl Ruben F. Larsson, Ashley E. Fletcher, Jared M. Kole, Eric S. Jol, Aaron A. Oro, Michael D. Quinones, Gregory N. Stephens, Ian A. Spraggs, James A. Bertin, Simon C. Helmore, Melissa A. Wah, Matthew D. Hill, Jon F. Housour, Douglas G. Fournier, Christopher S. Tomasetta
  • Patent number: 10999278
    Abstract: Proxied multi-factor authentication using credential and authentication management in scalable data networks is described, including initiating a request by an extension to authenticate a browser to access a data network, the request being associated with an address and transmitted over HTTP, receiving at a proxy browser a first message from the data network in response to the request, the first message comprising authentication data, the authentication data being forwarded to a server in data communication with the proxy browser and the browser, sending a second message from the server to the extension, the second message comprising the authentication data, and transferring authentication data to the data network from the browser and the extension in response to an query from the data network.
    Type: Grant
    Filed: October 11, 2018
    Date of Patent: May 4, 2021
    Assignee: Spredfast, Inc.
    Inventors: Michael Senftleber, Zachary Daniel Kloepping, Derek Joseph Wene, Blake T. Kobelan, Chad Walter Gowan
  • Patent number: 10997287
    Abstract: An update change request that is made against attributes of a directory object causes automatically collection of customized information for an initiator of the request. A correlation identifier for the change request is generated. The changes to the attributes are processed to update the directory object and the customized information is updated to an extension attribute for the directory object. A unique audit event is raised for each changed attribute including the extension attribute and each audit event includes the correlation identifier.
    Type: Grant
    Filed: October 5, 2017
    Date of Patent: May 4, 2021
    Assignee: Micro Focus Software Inc.
    Inventor: Paul Robert Judson
  • Patent number: 10992685
    Abstract: This disclosure relates to identity verification. In one aspect, a method includes obtaining verification information during a user application session of a user with an application component subsequent to a verification triggering request to perform identity verification on the user. A determination is made whether the verification information satisfies a first identity verification-free condition. When the verification information satisfies the first identity verification-free condition, an identity verification-free operation that does not include identity verification of the user is performed. When the verification information fails to satisfy the first identity verification-free condition, an identity verification process is performed to verify an identity of the user.
    Type: Grant
    Filed: March 6, 2020
    Date of Patent: April 27, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventors: Jue Mei, Xin Chen, Tong Zhu, Yiteng Tian
  • Patent number: 10991373
    Abstract: Techniques for processing voice commands from a locked device are described. A voice command received by a locked device is stored, a prompt requesting that the device be unlocked is generated, and the voice command is processed automatically after the device is unlocked. Thus, the system processes the voice command without the user repeating the voice command. In addition, the system may process certain voice commands even when the device is locked. For example, a whitelist filter compares an intent associated with the voice command to whitelisted intents from a whitelist database before the intent is dispatched to a speechlet, and intents included in the whitelist database are processed normally. Thus, the system performs certain voice commands while the device is locked, while other voice commands may be automatically processed after the device is unlocked without the user repeating the voice command.
    Type: Grant
    Filed: May 29, 2018
    Date of Patent: April 27, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Haitang Wang, Ankur Narendra Bhai Vachhani
  • Patent number: 10993161
    Abstract: In some examples, a first user equipment (UE) sends an indication to an application server that the first UE is to use a relay UE to access a network. The first UE receives, from the application server, a first identity different from a second identity of the first UE. The first UE uses the first identity to register with the network to authenticate the first UE.
    Type: Grant
    Filed: March 10, 2020
    Date of Patent: April 27, 2021
    Assignee: BlackBerry Limited
    Inventor: Adrian Buckley
  • Patent number: 10984450
    Abstract: A system to provide an integrated advertising platform includes a sensor unit, communication module, telecom server unit, consent database, database unit, application server unit, and retailer computing unit. The sensor unit is installed within a premise to detect the presence of a consented user equipment (UE) in proximity and retrieves an identification number associated with the consented UE. The communication module transmits the retrieved identification number and sensor identification number to the telecom server unit that matches the identification number with an MSISDN. The consent database stores the consent status of the MSISDN. The database unit receives a sensor identification number, system identification number, and MSISDN from the consent database. The application server unit customizes the offer corresponding to the user through a machine learning module and transmits the customized offer to the consented user equipment UE.
    Type: Grant
    Filed: October 2, 2018
    Date of Patent: April 20, 2021
    Inventor: Abhishek Pitti
  • Patent number: 10984095
    Abstract: Methods, apparatus, systems and articles of manufacture are described to manage password security. An example apparatus includes a hardware processor to implement a transmission delay manager to invoke a provisional transmission block of a candidate password in response to detecting entry of the candidate password and a vault hash manager to determine hash values of a set of passwords of a list of passwords. The hardware processor further implements a parity verifier to compare the determined hash values to a hash value of the candidate password to determine a count of a number of instances the hash value of the candidate password matches one of the hash values and an alarm action engine to identify a service category type associated with the candidate password, the service category type associated with a threshold and release the provisional transmission block of the candidate password when the count satisfies the threshold.
    Type: Grant
    Filed: July 2, 2018
    Date of Patent: April 20, 2021
    Assignee: Intel Corporation
    Inventors: Hong Li, Tobias M. Kohlenberg, Lawrence Hurst
  • Patent number: 10979549
    Abstract: The invention provides a handset that includes a finger-image sensor that provides finger-image-related signals or data for authentication purposes and functions as a telephone handset for use with a computer terminal. A system, including handsets and computer terminals, enables the terminal and/or the handset to access or otherwise participate in at least one network-related function and voice communication in response to authentication of finger-image data provided by the handset.
    Type: Grant
    Filed: April 17, 2019
    Date of Patent: April 13, 2021
    Assignee: Bloomberg Finance L.P.
    Inventors: Michael R. Bloomberg, John D. Waanders, Helmars Ericks Ozolins
  • Patent number: 10977360
    Abstract: Systems and methods are described to validate user connections to one or more application servers within a multi-tenant application system. A domain-level cookie at the client identifies any active connections for that client. As the client requests a connection to a particular application, the cookie is provided to a validation server that determines if any previously-established sessions with the multi-tenant system exist, and/or if such sessions remain active. If an active session already exists, then the client can be redirected to a particular server to continue the previously-established session. If no valid prior sessions are available, then the client can be validated and a new connection to an appropriate server can be established, as appropriate.
    Type: Grant
    Filed: May 8, 2018
    Date of Patent: April 13, 2021
    Assignee: salesforce.com, inc.
    Inventor: Jong Lee
  • Patent number: 10977259
    Abstract: A file receiver receives an electronic structure file that includes structure-file data associated with a spatial arrangement and detects a content object for processing that includes content-object data. A file transformation engine transforms the structure-file data from the structure file into an electronic record. A rendering engine renders an image of the transformed structure-file data arranged in the spatial arrangement. An interface engine detects an input corresponding to specification of a position of a data segment. A parsing engine defines a segment-position specification indicative of the position. A template engine generates an electronic template that associates an identifier of the data segment with the segment-position specification and associates the electronic template with a template identifier. A record classifier determines that the content object corresponds to the template identifier.
    Type: Grant
    Filed: July 26, 2018
    Date of Patent: April 13, 2021
    Assignee: PEARSON EDUCATION, INC.
    Inventors: Vishal Kapoor, Miles Loring, Cole Cecil, Jesse Peterson, Umamakeswaran Veerasingam, Sanjay Zope
  • Patent number: 10977470
    Abstract: A touch-panel control apparatus and an operation method thereof are provided. The touch-panel control apparatus includes a fingerprint sensing circuit, a touch detection circuit, and an application processor. The fingerprint sensing circuit is coupled to a touch panel to sense a fingerprint of an object. The touch detection circuit is coupled to the touch panel to detect a touch behavior of the object on the touch panel. The application processor is coupled to the fingerprint sensing circuit and the touch detection circuit. The application processor is configured to enter an encryption mode to sense the fingerprint via the fingerprint sensing circuit. The application processor detects the touch behavior via the touch detection circuit in the encryption mode. When the touch behavior changes in the encryption mode, the application processor ends the encryption mode early.
    Type: Grant
    Filed: November 27, 2019
    Date of Patent: April 13, 2021
    Assignee: Novatek Microelectronics Corp.
    Inventor: Tsen-Wei Chang
  • Patent number: 10972257
    Abstract: Techniques are provided to generate a secure communication for use in a transaction. In some embodiments, a user device is provided a first set of encryption keys associated with one or more authorizing entities. The user device may, prior to or during a transaction, receive one or more second encryption keys related to a second party to the transaction. In some embodiments, the one or more second encryption keys may be provided to the user device via a local communication means. Once the user device has been provided with transaction details, it may generate a transaction request using the multiple encryption keys that it has been provided, such that portions of the message are encrypted using different encryption keys.
    Type: Grant
    Filed: June 7, 2017
    Date of Patent: April 6, 2021
    Assignee: Visa International Service Association
    Inventors: Eric Le Saint, Yue Chen, Marc Kekicheff, Dominique Fedronic
  • Patent number: 10972262
    Abstract: A user device implements a certificate authority for issuing digital certificates that extend to other computing devices a level of trust to a particular user paired with the user device. The user device may obtain user persona information, generate a user key, and combine the user key with a device key for the generation of a digital certificate. The computing device may further transmit the digital certificate to a certificate management system, which manages interactions between other computing devices and the user device or authorizes operation of other computing devices by the particular user based on the digital certificate.
    Type: Grant
    Filed: December 30, 2015
    Date of Patent: April 6, 2021
    Assignee: T-Mobile USA, Inc.
    Inventors: Ahmad Arash Obaidi, Eric W. Yocam
  • Patent number: 10952074
    Abstract: The present disclosure relates to a sensor network, machine type communication (MTC), machine-to-machine (M2M) communication, and technology for Internet of things (IoT). The present disclosure may be applied to intelligent services based on the above technologies, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. A method and an authenticating system for authenticating users in an IoT environment are provided.
    Type: Grant
    Filed: June 12, 2019
    Date of Patent: March 16, 2021
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Pratik Verma, Aloknath De
  • Patent number: 10949774
    Abstract: The present disclosure is directed to supervising displayed content. In particular, the methods and systems of the present disclosure may: generate data representing a plurality of images of interfaces displayed by a computing device configured to supervise content displayed to a user; determine, based at least in part on one or more machine learning (ML) models and the data representing the plurality of images, whether the interfaces displayed by the computing device include content of a type designated by a content supervisor of the user for identification; and generate data representing a graphical user interface (GUI) for presentation to the content supervisor, the GUI indicating whether the interfaces displayed by the computing device include content of the type designated for identification.
    Type: Grant
    Filed: October 8, 2020
    Date of Patent: March 16, 2021
    Assignee: Safe Kids LLC
    Inventor: Abbas Valliani
  • Patent number: 10944579
    Abstract: Methods for system component pairing and authentication are described. A first system component may pair with a second system component in response to receiving a unique identifier from the second system component. The first system component may store the received unique identifier and, thereafter, may authenticate that it is, in fact, communicating with the second system component. The first component may communicate a challenge message directed to the second system component and if the contents of the reply message and the time taken to receive the reply message do not correspond to expected values, the first component may determine that it may not be communicating with the intended second component and may cease communications with the second component.
    Type: Grant
    Filed: May 26, 2017
    Date of Patent: March 9, 2021
    Assignee: Combined Conditional Access Development and Support, LLC
    Inventors: Lawrence W. Tang, Douglas M. Petty
  • Patent number: 10938561
    Abstract: A public operator processes data streams from multiple operators in different streaming applications to reduce resource costs and increase efficiency in a streaming system. The public operator uses tuple level security with a unique key for each streaming application to securely process the data streams. A stream security module (SSM) manages encryption to and from the public operators to insure other streaming applications with access to the shared public operator don't have access to data of other applications that may belong to other customers or users. The stream security module may be incorporated into the streams manager of a streaming system.
    Type: Grant
    Filed: June 21, 2018
    Date of Patent: March 2, 2021
    Assignee: International Business Machines Corporation
    Inventors: Jingdong Sun, Roger A. Mittelstadt, Jessica R. Eidem, Rafal P. Konik
  • Patent number: 10938809
    Abstract: A system performs mobile biometric identification system enrollment using a known biometric. The system receives a digital representation of a first biometric for a person. Prior to using the digital representation of the first biometric to identify the person, the system compares a received digital representation of a second biometric for the person to known biometric data for the person. When the digital representation of the first biometric has been thus verified, the system is operative to identify the person using the digital representation of the first biometric.
    Type: Grant
    Filed: December 30, 2019
    Date of Patent: March 2, 2021
    Assignee: ALCLEAR, LLC
    Inventor: Stewart Whitman
  • Patent number: 10931682
    Abstract: Aspects of a privileged identity management system and method provide users with the ability to request elevated privileges to perform tasks on computing systems and software applications. The privileged identity management system and method also provides users with the ability to extend the elevated privileges to access privileged features or perform tasks using elevated privileges. The privileged identity management system and method utilize a different device that is readily available to the user in order to provide communications relating to the elevated privileges.
    Type: Grant
    Filed: June 30, 2015
    Date of Patent: February 23, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Shimi Ezra, Natan Kfir, Noam Ben-Yochanan
  • Patent number: 10915623
    Abstract: According to an embodiment, an information processing apparatus includes processing circuitry. The processing circuitry is configured to detect writing on a first file and register, in a restriction target storage, file information on the first file and perform, when processing on a second file is requested and file information on the second file coincides with the file information stored in the restriction target storage, first restriction to restrict the processing on the second file.
    Type: Grant
    Filed: February 28, 2018
    Date of Patent: February 9, 2021
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Hiroyoshi Haruki, Masanobu Koike, Shinya Takumi, Naoki Ogura, Yoshikazu Hanatani
  • Patent number: 10909235
    Abstract: Various embodiments are directed to a password security warning system. An artificial neural network or other types of models may be used to determine whether a password that is created, input, or proposed by a user via an interface includes one or more predictable or typical transformations or combinations of characters derived from user-specific information. Based on the determination, a warning may be provided to the user.
    Type: Grant
    Filed: August 23, 2019
    Date of Patent: February 2, 2021
    Assignee: Capital One Services, LLC
    Inventors: Reza Farivar, Anh Truong, Vincent Pham, Austin Grant Walters, Galen Rafferty, Jeremy Edward Goodsitt
  • Patent number: 10910114
    Abstract: A computerized system provides a set of terminal devices accessible to physicians allowing for the electronic exchange of information through a display and data input device and the server system communicating between the anonymous medical record database and the terminal devices to: (1) allow a searching by a given physician of the anonymous medical record database according to search criteria entered by the given physician to provide a search result of patients; and (2) allow communication by the given physician with at least one patient's physician for a patient in the search result using the anonymous identifier to the patient's physician.
    Type: Grant
    Filed: August 27, 2018
    Date of Patent: February 2, 2021
    Assignee: Epic Systems Corporation
    Inventors: Carl D Dvorak, Brian M Weisberger, Matthew D Sidney, Janet L Campbell, Daniel J Donoghue, John Ji-hoon Kim, Bhavik Shah, Larry G Irwin, II
  • Patent number: 10911443
    Abstract: A method, implemented by a computer-implemented authentication system, for authenticating a user attempting to access a target component of a computer system, the method comprising: a) receiving, from a first user system via a computer network, user authentication information and a network address identifying the first user system within the computer network; b) obtaining at least one data item of contextual information indicative of a property of an environment of a wireless communications device associated with the user authentication information; c) authenticating the user based on at least the user authentication information; and d) subject to successful authentication, granting access to the target component and storing a data record comprising the received network address and the received contextual information.
    Type: Grant
    Filed: June 19, 2014
    Date of Patent: February 2, 2021
    Assignee: ENTRUST DATACARD DENMARK A/S
    Inventors: Claus Rosendal, Jakob Østergaard
  • Patent number: 10904237
    Abstract: Techniques for multifactor authentication as a network service are disclosed. In some embodiments, a system, process, and/or computer program product for multifactor authentication as a network service includes monitoring a session at a firewall, applying an authentication profile based on the new session, and performing an action based on the authentication profile.
    Type: Grant
    Filed: December 6, 2019
    Date of Patent: January 26, 2021
    Assignee: Palo Alto Networks, Inc.
    Inventors: Ashwath Sreenivasa Murthy, Karthik Ganesan, Prabhakar M V B R Mangam, Shriram S. Jandhyala, Martin Walter
  • Patent number: 10904002
    Abstract: Techniques for enhancing the security of storing sensitive information or a token on a communication device may include sending a request for the sensitive information or token. The communication device may receive a session key encrypted with a hash value derived from user authentication data that authenticates the user of the communication device, and the sensitive information or token encrypted with the session key. The session key encrypted with the hash value, and the sensitive information or token encrypted with the session key can be stored in a memory of the communication device.
    Type: Grant
    Filed: July 29, 2019
    Date of Patent: January 26, 2021
    Assignee: Visa International Service Association
    Inventor: Karthikeyan Palanisamy
  • Patent number: 10897705
    Abstract: Described herein are systems and methods that allow for secure wireless communication between a contact lens system and an accessory device to protect sensitive data and prevent unauthorized access to confidential information. In certain embodiments, tampering attempts by potential attackers are thwarted by using a Physically Unclonable Functions (PUF) circuit that is immune to reverse engineering. In addition, sensors monitor a to-be-protected electronic device to detect tampering attempts and physical attacks to ensure the physical integrity of the communication system.
    Type: Grant
    Filed: July 19, 2018
    Date of Patent: January 19, 2021
    Assignee: Tectus Corporation
    Inventors: Renaldi Winoto, Paul Lambert, Ashkan Olyaei, Michael Wiemer
  • Patent number: 10897361
    Abstract: Techniques for performing hash validation are provided. In one technique, a signature request that includes a first hash and a data identifier is received from a client. In response, the data identifier is identified and sent to a data repository, data that is associated with the data identifier is received from the data repository, a second hash is generated based on the data, and a determination is made whether the second hash matches the first hash. If the two hashes match, then the first hash is sent to a cryptographic device that generates a digital signature, which is eventually transmitted to the client. Alternatively, the digital signature is transmitted to the client prior to the first hash being validated. In a related technique, a server receives the signature request and sends the data identifier to a hash validator, which interacts with the data repository and generates the second hash.
    Type: Grant
    Filed: September 4, 2019
    Date of Patent: January 19, 2021
    Assignee: Garantir LLC
    Inventor: Kieran Miller
  • Patent number: 10893316
    Abstract: An image recognition based interactive control system and method for a smart television. The system comprises: an image acquisition module for acquiring a card image; a gesture recognition module for recognizing a gesture of a user holding a card and outputting a gesture recognition result, wherein the gesture recognition result is channel switching, program selecting or content searching; a card recognition module for recognizing the content of the card image and outputting a card recognition result; and an interactive control module for performing a relevant interactive operation according to the gesture recognition result and the card recognition result.
    Type: Grant
    Filed: July 31, 2015
    Date of Patent: January 12, 2021
    Assignee: Shenzhen Prtek Co. Ltd.
    Inventor: Guohua Liu
  • Patent number: 10885218
    Abstract: Embodiments of the present invention disclose a privacy protection method, a mode switching apparatus, and a terminal device. The method includes: receiving an input operation of a user; identifying the input operation and extracting an action feature; performing matching in an instruction library according to the action feature, and when the matching succeeds, generating instruction information corresponding to the action feature; determining a protection mode of the terminal device according to the instruction information, and determining an application that subscribes to the protection mode in the terminal device; and controlling display of the application according to the protection mode of the terminal device.
    Type: Grant
    Filed: March 31, 2014
    Date of Patent: January 5, 2021
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Zijun Li, Jingyu Lai
  • Patent number: 10887102
    Abstract: A method of managing servers of a distributed computer system by using an intent-based CLI (command line interface) executing by one or more processors of a remote computing device, the servers hosting a virtual cluster comprising one or more virtual machines. The method includes receiving, by a first server of the servers, a connection-request from the intent-based CLI to establish an encrypted connection between the first server and the remote computing device. The method includes authenticating the connection-request and establishing, in response to authenticating the connection-request, a first encrypted communication channel between the first server and the remote computing device. The method includes receiving, via the first encrypted communication channel, an operation-request for a list of intent-based operations supported by the first server.
    Type: Grant
    Filed: December 6, 2017
    Date of Patent: January 5, 2021
    Assignee: NUTANIX, INC.
    Inventors: Akshay Deodhar, Constantine Andrew Kousoulis, Gregory A. Smith, Hemanth Kumar Mantri
  • Patent number: 10880402
    Abstract: A method and system automatically and dynamically creates routes between message dropboxes in separate data center infrastructures. The method and system determines that a first message dropbox in a first data center infrastructure is routable to a second message dropbox in a second data center infrastructure based on the names or policies of the first and second message dropboxes. After routability is determined, the method and system automatically creates and implements a route between the first and second message dropboxes in real time.
    Type: Grant
    Filed: July 26, 2019
    Date of Patent: December 29, 2020
    Assignee: Intuit Inc.
    Inventors: Gabriel Badescu, Kiyanosh Kamdar, Chengappa D. Iychodianda, Pankaj Sikka, Samer Abdulaziz
  • Patent number: 10877785
    Abstract: Abstraction programming models of enclave security platforms are described, including receiving a request from an enclave according to an enclave abstraction protocol, converting the request into a native enclave protocol, and sending the converted request to a native platform. The request may be, for example: to create an attestation report, to seal data to the enclave, a request to call a function in a client of the enclave, read a monotonic counter, to take a trusted time measurement, or to allocate memory that is shared with both the enclave and the enclave client.
    Type: Grant
    Filed: January 24, 2017
    Date of Patent: December 29, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventor: Manuel Costa
  • Patent number: 10868437
    Abstract: A method for activating an electronic subassembly includes receiving at least one activation signal using a reception module of the electronic subassembly. The electronic subassembly is transferred from an idle state to an active state using the at least one activation signal. The electronic subassembly is intermittently supplied with electric power via the at least one activation signal.
    Type: Grant
    Filed: October 23, 2018
    Date of Patent: December 15, 2020
    Assignee: Robert Bosch GmbH
    Inventors: Sebastian Vornwald, Adrien Mouaffo Tiadjio, Christoph Maier, Jochen Mueller, Patric Brand, Peter Rehbein, Roman Ritter, Thomas Inderwies, Wolfgang Rueppel