System Access Control Based On User Identification By Cryptography Patents (Class 713/182)
  • Patent number: 10025691
    Abstract: A technique verifies a compound software code using a modularized architecture. The compound software code may be divided into smaller components or modules that provide various functions (e.g., services) of the code. A set of properties may be defined for the modules, such that the verification technique may be used to verify that the modules manifest those properties, wherein at least one property may be security related and the remaining properties may be related to the services of the modules. The compound software code is divided into smaller modules to facilitate verification of the properties related to the services provided by the modules. Properties of the modules may be verified in accordance with an enhanced verification procedure to demonstrate that the modules manifest those properties and transform those modules into verified code bases (VCBs).
    Type: Grant
    Filed: September 9, 2016
    Date of Patent: July 17, 2018
    Assignee: FireEye, Inc.
    Inventors: Osman Abdoul Ismael, Hendrik Tews, Ashar Aziz
  • Patent number: 10020935
    Abstract: Systems and methods for securing or encrypting data or other information arising from a user's interaction with software and/or hardware, resulting in transformation of original data into ciphertext. Generally, the ciphertext is generated using context-based keys that depend on the environment in which the original data originated and/or was accessed. The ciphertext can be stored in a user's storage device or in an enterprise database (e.g., at-rest encryption) or shared with other users (e.g., cryptographic communication). The system generally allows for secure federation across organizations, including mechanisms to ensure that the system itself and any other actor with pervasive access to the network cannot compromise the confidentially of the protected data.
    Type: Grant
    Filed: March 27, 2017
    Date of Patent: July 10, 2018
    Assignee: Ionic Security Inc.
    Inventors: Adam Ghetti, Jeffrey Howard, James Jordan, Nicholas Smith, Jeremy Eckman, Ryan Speers, Sohaib Bhatti
  • Patent number: 10020939
    Abstract: The present disclosure includes: a communication module; a memory that stores a secret key encryption and restoration program; and a processor that executes the program, wherein when a request for restoration of a secret key is received from a user, the processor restores the secret key of which restoration is requested on the basis of restoration information received from each of a key management server and one or more trusted devices according to execution of the program, the secret key of the user is generated and encrypted by the processor in response to the request from the user, and the restoration information is generated corresponding to the secret key and then transmitted to each of the key management server and the one or more trusted devices through the communication module.
    Type: Grant
    Filed: April 28, 2016
    Date of Patent: July 10, 2018
    Assignee: KOREA UNIVERSITY RESEARCH AND BUSINESS FOUNDATION
    Inventors: Heejo Lee, Hyundo Park
  • Patent number: 10021104
    Abstract: A method for operating a security element, preferably in the form of a chip card, having a processor, and a memory. stores an operating system comprising an operating-system kernel and at least one additional operating-system module for supplying optional operating-system functionalities, and at least one access permission associated with the operating-system module and determining whether the operating-system module can be accessed during operation of the security element. The method comprises the step of changing the access permission for the operating-system module for supplying optional operating-system functionalities in reaction to the receiving of a message from a server. The message from the server may be an OTA message sent from the server to the security element via a mobile radio network.
    Type: Grant
    Filed: August 1, 2014
    Date of Patent: July 10, 2018
    Assignee: GIESECKE+DEVRIENT MOBILE SECURITY GMBH
    Inventors: Martin Rösner, Carlos Maldonado Miranda
  • Patent number: 10021054
    Abstract: A method for implementing secured messages via public e-mail services includes: receiving a content of an original message to be transmitted to a recipient; parsing the content of the original message into a plurality of segments; dividing the plurality of segments into a first group of segments and a second group of segments; generating a first message including the first group of segments and a second message including the second group of segments; and forwarding the first message via a first messaging service and the second message via a second messaging service different from the first messaging service. Further, a method includes receiving the first and the second messages via the first and the second messaging services and merging the first and the second messages to generate the original message.
    Type: Grant
    Filed: September 23, 2013
    Date of Patent: July 10, 2018
    Assignee: CA, Inc.
    Inventors: Rongbiao Zhou, Yang Gao, Xunxiao Wang
  • Patent number: 10011156
    Abstract: A method for controlling a vehicle cabin climate is provided. The method includes the steps of receiving and aggregating data relating to one or more inputs, wherein at least some of the data is acquired at the vehicle and some of the data is acquired from sources located remotely from the vehicle. The method further includes using a climate control module to determine an optimal cabin climate based on the aggregated data, and controlling one or more climate features according to the optimal cabin climate.
    Type: Grant
    Filed: August 6, 2015
    Date of Patent: July 3, 2018
    Assignee: General Motors LLC
    Inventors: Seungeun Lee, Michael Kocheisen, Calvin C. Chou, Danny P. Jiang
  • Patent number: 10015324
    Abstract: A system and a method for performing purchase transactions over a network are provided. The system includes a server controlled by a service provider, including a link to a network; a processor circuit, the processor circuit configured to receive purchase requests from a mobile phone, and to transfer funds from a user account to a vendor account; and a memory circuit storing a plurality of mobile phone numbers and a plurality of personal identification numbers (PINs), wherein each mobile phone number and PIN is associated with a user account. A non-transitory machine-readable medium may include a plurality of machine-readable instructions which when executed by one or more processors of a server controlled by a service provider are adapted to cause the server to perform a method as above.
    Type: Grant
    Filed: March 13, 2014
    Date of Patent: July 3, 2018
    Assignee: PayPal, Inc.
    Inventor: Subha Gopalakrishnan
  • Patent number: 10002242
    Abstract: Methods, apparatus, and computer program products for controlling access to an electronic device based on biometric input are described. An example of such a method includes receiving a current biometric input, determining template similarity scores for the current biometric input, if at least one template similarity score satisfies a template similarity score criterion, then updating a false user counter value in a first numerical direction and performing an authentication process on the current biometric input, else, determining stored biometric input similarity scores for the current biometric input, if at least one stored biometric input similarity score satisfies a stored biometric input similarity score criterion, then maintaining the false user counter value, else, replacing a previously stored biometric input with the current biometric input, and updating the false user counter value in a second numerical direction opposite to the first numerical direction.
    Type: Grant
    Filed: November 18, 2015
    Date of Patent: June 19, 2018
    Assignee: QUALCOMM Incorporated
    Inventors: Bjorn Markus Jakobsson, Mark Bapst, Laurence Geoffrey Lundblade
  • Patent number: 10002240
    Abstract: According to an aspect of the present invention, there is a method, computer program product, and/or system that performs the following steps (not necessarily in the following order): (i) presenting a first challenge-response test to a requestor seeking access to a first application; (ii) receiving a first answer to the first challenge-response test from the requestor; (iii) storing a first test-answer set; and (iv) selecting a subsequent challenge-response test, based at least in part on the first test-answer set. The first test-answer set includes the first answer and a first test indicator. At least the selecting step is performed by computer software running on computer hardware.
    Type: Grant
    Filed: May 8, 2015
    Date of Patent: June 19, 2018
    Assignee: International Business Machines Corporation
    Inventors: Yuk L. Chan, Michael D. Essenmacher, James M. Hertzig, David B. Lection, Mark A. Scott
  • Patent number: 9996569
    Abstract: In searching an index in an original search structure for a database, portion(s) of the index are determined to be stored in a memory in an alternate search structure. The alternate search structure with the portion(s) is created and stored in the memory. The index is searched by traversing the alternate search structure and possibly the original search structure. The alternate search structure may be traversed more efficiently than the original search structure. The number of portions of the index may be a tunable parameter or selected based on a performance improvement/expense ratio. The search of the index begins at the alternate search structure. During traversal of the one or more portions in the alternate search structure, if traversal is to continue at a portion in the original search structure, the identity of this portion is obtained. The traversal is continued at this identified portion in the original search structure.
    Type: Grant
    Filed: March 18, 2015
    Date of Patent: June 12, 2018
    Assignee: International Business Machines Corporation
    Inventor: Robert W. Lyle
  • Patent number: 9996570
    Abstract: In searching an index in an original search structure for a database, portion(s) of the index are determined to be stored in a memory in an alternate search structure. The alternate search structure with the portion(s) is created and stored in the memory. The index is searched by traversing the alternate search structure and possibly the original search structure. The alternate search structure may be traversed more efficiently than the original search structure. The number of portions of the index may be a tunable parameter or selected based on a performance improvement/expense ratio. The search of the index begins at the alternate search structure. During traversal of the one or more portions in the alternate search structure, if traversal is to continue at a portion in the original search structure, the identity of this portion is obtained. The traversal is continued at this identified portion in the original search structure.
    Type: Grant
    Filed: March 17, 2016
    Date of Patent: June 12, 2018
    Assignee: International Business Machines Corporation
    Inventor: Robert W. Lyle
  • Patent number: 9998441
    Abstract: A method and an apparatus for client authentication. The server receives from a client a request for identity authentication corresponding to a user account. A social relationship similarity is computed as a result of matching social relationship data of the client and the stored social relationship data of the user account. If the similarity meets a preset passing condition, the client is allowed to pass the identity authentication.
    Type: Grant
    Filed: January 27, 2015
    Date of Patent: June 12, 2018
    Assignee: Alibaba Group Holding Limited
    Inventor: Kai Cao
  • Patent number: 9990516
    Abstract: Data may be masked on public networks, such as social networking sites. At a publishing node, the system may monitor data input fields in a webpage that are processed by an internet browser. The system may intercept data, such as text, images, and video input at the data input fields, prior to the data being posted online. The publishing node may control which users are permitted access to the posted data by defining a policy associated with the data input field. The posted data may be transformed or tokenized to ensure that it is inaccessible to a user (or group of users) unless that user/group has access to the decoding key under the policy. In this way, data security and data control may be provided to a publishing user node. Data that has already been posted may be destroyed, for example, by deleting the decryption key or a token.
    Type: Grant
    Filed: May 12, 2015
    Date of Patent: June 5, 2018
    Assignee: ESW Holdings, Inc.
    Inventors: Steven Sprague, Michael Sprague
  • Patent number: 9985792
    Abstract: The various technologies presented herein relate to binding data (e.g., software) to hardware, wherein the hardware is to utilize the data. The generated binding can be utilized to detect whether at least one of the hardware or the data has been modified between an initial moment (enrollment) and a later moment (authentication). During enrollment, an enrollment value is generated that includes a signature of the data, a first response from a PUF located on the hardware, and a code word. During authentication, a second response from the PUF is utilized to authenticate any of the content in the enrollment value, and based upon the authentication, a determination can be made regarding whether the hardware and/or the data have been modified. If modification is detected then a mitigating operation can be performed, e.g., the hardware is prevented from utilizing the data. If no modification is detected, the data can be utilized.
    Type: Grant
    Filed: March 22, 2016
    Date of Patent: May 29, 2018
    Assignee: National Technology & Engineering Solutions of Sandia, LLC
    Inventor: Jason Hamlet
  • Patent number: 9978106
    Abstract: A social graph may be modeled as a collection of claims. Each claim is associated with an author, an audience, and an assertion about a fact. Probabilistic information may be collected from various sources for a claim, enabling a social networking system to evaluate a truthfulness of the assertion made in the claim. User-declared profile information may be evaluated as claims. A user, entity, or application may make claims about any assertions made in the social networking system. Reputation scores may be determined for users based on evaluations of their historical assertions. Claims may be evaluated for truthfulness using a probabilistic prediction model using heuristics analysis, regression analysis, and machine learning methods. A claims-based profile of users may be provided to viewers based on the contexts in which the claims were made. Viewers may view claims made about users, such as the users' biographical information, contact information, expertise, and interests.
    Type: Grant
    Filed: April 24, 2012
    Date of Patent: May 22, 2018
    Assignee: Facebook, Inc.
    Inventors: Samuel Lessin, Michael Richter, Aaron Sittig
  • Patent number: 9977890
    Abstract: The present relates to a method and device for controlling access from the device to a card via a Near Field Communication (NFC) interface of the device. An Access Control List (ACL) is stored at a memory of the device. The ACL comprises application signatures and corresponding card identifiers. A request is received at a processor of the device from a specific application executing on the device. The request is for accessing a particular NFC enabled card via the NFC interface of the device. The request comprises a particular card identifier of the particular card and a specific signature of the specific application. A determination is made by the processor based on the specific signature, the particular card identifier and the ACL. The determination consists in whether the specific application is granted or alternatively denied access to the particular card via the NFC interface.
    Type: Grant
    Filed: August 21, 2015
    Date of Patent: May 22, 2018
    Assignee: MOBEEWAVE, INC.
    Inventors: Xavier Alberti, Vincent Alimi, Maxime De Nanclas, Benjamin Du Hays, Sebastien Fontaine
  • Patent number: 9970773
    Abstract: A navigation system stores navigation data in an access-protected manner. The navigation system includes navigation units that utilize the navigation data retained in a memory. The system includes a module for authenticating the access code. The system may include a module for generating an access protection code for storing the navigation data in memory. The access code and the access protection code may be used in a complementary scheme to secure the navigation data set.
    Type: Grant
    Filed: October 27, 2005
    Date of Patent: May 15, 2018
    Assignee: HARMAN BECKER AUTOMTOIVE SYSTEMS GMBH
    Inventor: Lars Ruβlies
  • Patent number: 9965609
    Abstract: Authenticating users comprises a computing device that receives a manual authentication input of a user and initiates a first user session between the user and the user computing device. The device communicates a request for a first user authorization data from an authentication technology associated with the one or more computing devices and receives the first user authentication data. The user or the device terminates the first user session and subsequently receives an input of the user to initiate a second user session. The device communicates a request for second user authentication data from the authentication technology and compares the first user authentication data and the second user authentication data. The device identifies a match of one or more features of the first user authentication data and one or more features of the second user authentication data and authorizes the user to conduct the second user session.
    Type: Grant
    Filed: March 29, 2017
    Date of Patent: May 8, 2018
    Assignee: GOOGLE LLC
    Inventor: Deepak Chandra
  • Patent number: 9965638
    Abstract: Although current conferencing applications provide many abilities, some of these abilities are limited. Various embodiments described herein provide one or more of systems, methods, software, and data structures that allow a document, or other file type, to be used to connect to a network-based conference, such as over the Internet, where a view of a local copy of the document is synchronized between participants. Participation abilities of certain network-based conference participants may be limited in such embodiments. Such limits may be enforced locally for each participant, on a server by preventing data representative of certain actions from being broadcast to other participants, or in other ways as described and would be readily apparent herein.
    Type: Grant
    Filed: January 28, 2008
    Date of Patent: May 8, 2018
    Assignee: Adobe Systems Incorporated
    Inventors: Jason T. Pittenger, Nigel Pegg
  • Patent number: 9955200
    Abstract: Computer-implemented systems, methods, and computer-readable media for selecting a sequence of content parts from polymorphic content of an audiovisual presentation based on at least one profile of a user include receiving content information associated with polymorphic content, receiving profile information of a user, and selecting for rendering, from amongst the alternative content parts, a sequence of content parts from the polymorphic content based on at least a portion of the profile information.
    Type: Grant
    Filed: March 28, 2014
    Date of Patent: April 24, 2018
    Assignee: IRDETO B.V.
    Inventors: Dmitri Jarnikov, Wim Mooij
  • Patent number: 9940482
    Abstract: A method may include receiving content included in a social media post of a user; analyzing the content included in the social media post to determine a likelihood that the social media post contains security information associated with the user; transmitting an alert to a computing device of the user, based on the analyzing, that the content includes the security information associated with the user; and presenting an option to change the security information.
    Type: Grant
    Filed: December 31, 2015
    Date of Patent: April 10, 2018
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Tambra Nichols, Matthew P. Schlachtman, Michael A. Tilaro, Tleytmas N. Stephenson, Roohi Moolla
  • Patent number: 9942261
    Abstract: An identity and access management (IAM) system is associated with a set of data sources from which data is collected. A set of vulnerabilities that the IAM system should attempt to detect is identified. For each vulnerability to be detected, a prioritized list of strategies used to detect that vulnerability is generated. Preferably, each strategy specifies the type(s) of data required to detect that vulnerability. An algorithm to determine a best strategy to be used for detecting each vulnerability, preferably based on the data available from the data sources, is then identified. The IAM system then collects data in an optimized manner. In particular, during the collection process, the IAM system preferably collects only what is necessary based on the configuration, even if the data source is capable of providing additional data. The collected data is then processed to detect security vulnerabilities associated with the IAM accounts.
    Type: Grant
    Filed: March 21, 2017
    Date of Patent: April 10, 2018
    Assignee: International Business Machines Corporation
    Inventors: John Leslie Harter, David Walsh Palmieri, Jeffrey Tobias Robke
  • Patent number: 9942224
    Abstract: A user, group, and device management and authentication system allows administrators to manage one or more directories with devices that are not associated with a domain of the one or more directories via a set of APIs. The system also allows applications and services that do not have direct access to a list of directory users to access the one or more directories. The user, group, and device management and authentication system may be an add-on system that works in conjunction with a centrally-managed directory service to provide such functionality. For example, the system may generate an access token associated with a particular directory that can be used by a service accessed by an administrator to call an API provided by the system. The API call may be translated into a directory-specific API call that can be used to perform an action in the particular directory.
    Type: Grant
    Filed: March 10, 2017
    Date of Patent: April 10, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Gaurang Pankaj Mehta, Neelam Satish Agrawal, Lawrence Hun-Gi Aung, Guruprakash Bangalore Rao, Shuo Wang, Sameer Palande, Krithi Rai, Chirag Pravin Pandya
  • Patent number: 9942043
    Abstract: Techniques for enhancing the security of storing sensitive information or a token on a communication device may include sending a request for the sensitive information or token. The communication device may receive a session key encrypted with a hash value derived from user authentication data that authenticates the user of the communication device, and the sensitive information or token encrypted with the session key. The session key encrypted with the hash value, and the sensitive information or token encrypted with the session key can be stored in a memory of the communication device.
    Type: Grant
    Filed: April 23, 2015
    Date of Patent: April 10, 2018
    Assignee: Visa International Service Association
    Inventor: Karthikeyan Palanisamy
  • Patent number: 9942041
    Abstract: Techniques for securely instantiating applications associated with computing resource service provider services on hardware that is controlled by third parties and/or customers of the computing resource service provider are described herein. A request to instantiate an application is received and fulfilled by selecting a computer system from computer systems that are controlled by a third party and/or a customer of the computing resource service provider. The computer system is selected based at least in part on the hardware capabilities of the computer system associated with instantiating a secure execution environment. The application is then instantiated within a secure execution environment operating on the computer system.
    Type: Grant
    Filed: September 3, 2014
    Date of Patent: April 10, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Gregory Branchek Roth, Aaron Douglas Dokey, Eric Jason Brandwine, Nathan Bartholomew Thomas
  • Patent number: 9928101
    Abstract: In an environment that includes a host computing system that executes virtual machines, and a secure cloud computing channel that communicatively couples the host to a client computing system that is assigned to a particular one of the virtual machines, the particular virtual machine generates a certificate, install the certificate on the itself, and returns a certificate representation to the client. This may occur when the virtual machine is provisioned. During a subsequent connection request from the client to the virtual machine, the virtual machine returns the certificate to the client. The client compares the certificate representation that was returned during provisioning with the certificate returned during the subsequent connection, and if there is a match, then the virtual machine is authenticated to the client. Thus, in this case, the virtual machine authenticates without the client having to generate, install, and manage security for a certificate.
    Type: Grant
    Filed: October 19, 2015
    Date of Patent: March 27, 2018
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Eron D. Wright, Muhammad Umer Azad, Sushant P. Rewaskar, Corey M. Sanders, Saad Syed
  • Patent number: 9930043
    Abstract: Systems and methods of virtual world interaction, operation, implementation, instantiation, creation, and other functions related to virtual worlds (note that where the term “virtual world” is used herein, it is to be understood as referring to virtual world systems, virtual environments reflecting real, simulated, fantasy, or other structures, and includes information systems that utilize interaction within a 3D environment). Various embodiments facilitate interoperation between and within virtual worlds, and may provide consistent structures for operating virtual worlds. The disclosed embodiments may further enable individuals to build new virtual worlds within a framework, and allow third party users to better interact with those worlds.
    Type: Grant
    Filed: December 23, 2013
    Date of Patent: March 27, 2018
    Assignee: Utherverse Digital, Inc.
    Inventors: Brian Mark Shuster, Aaron Burch, Frisco Kristiansen, Ian Neufeld, Dirk Herling, Patrick Tyroler, Gary Shuster
  • Patent number: 9924087
    Abstract: An information terminal apparatus includes: a first image pickup section that obtains a first picked-up image; a first communication section that receives a second picked-up image obtained by a second image pickup section according to a first communication standard; a second communication section that performs communication according to a second communication standard different from the first communication standard; and a display control section that displays the first picked-up image during the communication of the second communication section when communication of the first communication section is not established. Cooperative display control with respect to a plurality of picked-up images from a plurality of image pickup sections reduces a waiting time period before the picked-up images are displayed.
    Type: Grant
    Filed: February 15, 2016
    Date of Patent: March 20, 2018
    Assignee: Olympus Corporation
    Inventors: Yoshiyuki Fukuya, Kazuhiko Shimura, Kazuo Kanda, Takeshi Kindaichi, Osamu Nonaka
  • Patent number: 9923906
    Abstract: A method and technique for access authentication includes: responsive to receiving an access request from a user for a secure resource, transmitting a uniform resource locator (URL) to the user; responsive to transmitting the URL to the user, logging a timestamp for the URL transmission; responsive to receiving a request for the URL, logging a timestamp for the URL request; and responsive to verifying that a difference between the timestamp for the URL transmission and the timestamp for the URL request is within a predetermined time period, providing access to the secure resource.
    Type: Grant
    Filed: January 8, 2017
    Date of Patent: March 20, 2018
    Assignee: Webcetera, L.P.
    Inventors: Brian E. Shepler, Charles J. Holloway, Nagaraj V. Rao
  • Patent number: 9916436
    Abstract: An accessory for a host medical device that is capable of authenticating itself to the host medical device. The accessory includes an onboard facility for authenticating the accessory to the host medical device. Various embodiments of the accessory enable it to validate itself to the host medical device without the host medical device reading any stored information from the accessory.
    Type: Grant
    Filed: October 24, 2014
    Date of Patent: March 13, 2018
    Assignee: Physio-Control, Inc.
    Inventor: Matthew L. Bielstein
  • Patent number: 9916608
    Abstract: Techniques for providing friction-free transactions using geolocation and user identifiers are described herein. These techniques may ascertain a user's location based on a location of a mobile device. A transaction between the user and a merchant may be completed with zero or minimal input from the user based on the geolocation of the mobile device and the user identifiers. In some implementations, a transaction initiated earlier is completed when the mobile device arrives at the merchant. Additionally, a parent-child or similar relationship may be established between multiple devices. Security on the mobile device based may be provided by biometric identification and calculation of variance from regular movement patterns. Advertisements may be sent to the mobile device based on bids from merchants near to the mobile device. Promotions may be sent to the mobile device when more than a threshold number of mobile devices are located at the same merchant.
    Type: Grant
    Filed: December 21, 2012
    Date of Patent: March 13, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Harsha Ramalingam, Michael Carr, Paul J. Walsh
  • Patent number: 9904632
    Abstract: A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: February 27, 2018
    Assignee: Intel Corporation
    Inventors: Simon P. Johnson, Uday R. Savagaonkar, Vincent R. Scarlata, Francis X. McKeen, Carlos V. Rozas
  • Patent number: 9894118
    Abstract: Access to a user profile of a user device at a location may be provided to a destination device upon detecting that the location is within a proximity of a destination location. An expiring token may be generated, associated with the user profile, and communicated to the second device. Access to the user profile provided to the destination device may be terminated upon an expiration of the expiring token.
    Type: Grant
    Filed: January 17, 2014
    Date of Patent: February 13, 2018
    Assignee: International Business Machines Corporation
    Inventors: Lisa Seacat DeLuca, Lydia M. Do, Geetika T. Lakshmanan
  • Patent number: 9892269
    Abstract: Techniques for mitigating the transitive data problem using a secure asset manager are provided. These techniques include generating a secure asset manager compliant application by tagging source code for the application with a data tag to indicate that a data element associated with the source code is a sensitive data element, accessing a policy file comprising transitive rules associated with the sensitive data element, and generating one or more object files for the application from the source code. These techniques also include storing a sensitive data element in a secure memory region managed by a secure asset manager, and managing the sensitive data element according to a policy associated with the sensitive data element by an application from which the sensitive data element originates, the policy defining transitive rules associated with the sensitive data element.
    Type: Grant
    Filed: June 11, 2015
    Date of Patent: February 13, 2018
    Assignee: QUALCOMM Incorporated
    Inventors: Michael J. T. Chan, Lu Xiao, Rosario Cammarota, Olivier Jean Benoit, Saurabh Sabnis, Yin Ling Liong, Manish Mohan
  • Patent number: 9886721
    Abstract: Embodiments are directed towards employing a non-repudiation process for consumer credit requests based on an affirmative authentication of a one-time-pin (“OTP”) generated from a consumer biometric smartcard. The biometric smartcard may authenticate biometric information (e.g. fingerprint, facial image, iris image, or the like) of the consumer based on biometric templates stored on the biometric smartcard. In at least some of the various embodiments, the OTP may be authenticated by an identity authority, such that an associated credit request to a provider may be authenticated. In some embodiments, the provider may request and utilize a credit report for an authentic credit request to determine whether or not the consumer has an acceptable credit rating. If the consumer has an acceptable credit rating, then the provider may provide credit to the consumer.
    Type: Grant
    Filed: February 17, 2012
    Date of Patent: February 6, 2018
    Assignee: CreditRegistry Corporation
    Inventors: Taiwo Ayedun, Jameelah Ayedun
  • Patent number: 9881128
    Abstract: This invention relates to a method of healthcare data handling by a trusted agent possessing or having an access to decryption keys for accessing healthcare data. A request is received from a requestor requesting accessing healthcare data. A log is generated containing data relating to the request or the requestor or both. Finally, the requestor is provided with an access to the healthcare data.
    Type: Grant
    Filed: May 29, 2009
    Date of Patent: January 30, 2018
    Assignee: Koninklijke Philips N.V.
    Inventors: Robert Paul Koster, Milan Petkovic, Julien Kunzi
  • Patent number: 9881181
    Abstract: A device-installation-information distribution apparatus for distributing device installation information including a function of installing program on an information processing apparatus to enable the information processing apparatus to use a device over a network and a function of configuring operation settings of the program includes a distribution request obtaining unit configured to obtain a distribution request, which is transmitted from the information processing apparatus, requesting to distribute the device installation information, a device-installation-information update unit configured to obtain login information for use in logging into the information processing apparatus at a privilege authorized to install software based on the obtained distribution request and device installation information for the target device and update the device installation information by adding the login information to the device installation information, and a device-installation-information distribution unit configur
    Type: Grant
    Filed: June 16, 2015
    Date of Patent: January 30, 2018
    Assignee: RICOH COMPANY, LTD.
    Inventor: Toshio Akiyama
  • Patent number: 9876783
    Abstract: Distribution of verification of passwords for electronic account. Password verification is distributed (divided) across multiple entities to reduce potential exposure in the event of a server exposure.
    Type: Grant
    Filed: December 22, 2015
    Date of Patent: January 23, 2018
    Assignee: International Business Machines Corporation
    Inventors: Lawrence Koved, Gelareh Taban
  • Patent number: 9875350
    Abstract: A multi-vocal password verifying method includes the steps of: (1) displaying at least one set of candidate information units, the information units of the password being included in at least one set of candidate information units for being chosen; (2) accepting setting of relative location between a target selection region and the candidate information units such that the number of the candidate information units covered by the target selection region is two or more, the candidate information units covered by said target selection region being defined as a selection information unit set; and (3) comparing the information units of the password with the selection information unit set, and it being determined that the user has chosen correct information units from the predefined password when the selection information unit set contains the information units of the password.
    Type: Grant
    Filed: July 4, 2014
    Date of Patent: January 23, 2018
    Assignees: Smart Electronic Industrial (Dong Guan) Co., Ltd.
    Inventor: Lee Zheng
  • Patent number: 9870464
    Abstract: Techniques for maintaining potentially compromised authentication information for a plurality of accounts may be provided. An individual piece of authentication information may be associated with one or more tags that indicate access rights with respect to requestors that also provide and maintain other potentially compromised authentication information. A subset of the potentially compromised authentication information may be determined based on the one or more tags in response to a request from a requestor for the potentially compromised authentication information. In an embodiment, the subset of the potentially compromised authentication information may be provided to the requestor.
    Type: Grant
    Filed: November 15, 2016
    Date of Patent: January 16, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: David James Kane-Parry, Darren Ernest Canavor, Jesper Mikael Johansson
  • Patent number: 9866545
    Abstract: Provided is a process including: receiving, with an intermediary server, a request to access web content at a web server; submitting, from the intermediary server a value by which possession of an access credential is demonstrated, wherein the value is withheld from the client web browser; receiving, by the intermediary web browser, instructions to store in web browser memory an access token; and sending, from the intermediary server, to the client web browser executing on the client computing device, instructions to store the access token in browser memory of the client web browser, thereby authenticating the client web browser without the client web browser having access to the value by which possession of the access credential is demonstrated.
    Type: Grant
    Filed: August 11, 2017
    Date of Patent: January 9, 2018
    Assignee: ALTR Solutions, Inc.
    Inventor: James Douglas Beecham
  • Patent number: 9860059
    Abstract: A method and system for use in distributing token records is disclosed. At least one token record comprises a unique seed associated with a one-time password (OTP) token. An encryption key and a corresponding decryption key are generated for assisting selective encryption and decryption of a token record associated with a OTP token. The encryption key and the decryption key being unique to an end user of the token record. The token record is encrypted with the assistance of the encryption key. One of the decryption key and the encrypted token record is provided to the end user of the token record. The other of the decryption key and the encrypted token record is provided to the end user in response to secure receipt of the one of the decryption key and the encrypted token record by the end user. The encrypted token record can be decrypted with the assistance of the decryption key.
    Type: Grant
    Filed: December 23, 2011
    Date of Patent: January 2, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Christopher Duane, Robert S. Philpott, William Duane, Gareth Richards
  • Patent number: 9858631
    Abstract: A subscription-based personal medical information storage device comprises a data storage unit comprising a computer readable storage medium configured to store medical and non-medical information of a user, and facilitate the retrieval of medical and non-medical information of the user from a remote medical information storage device. The data storage unit is configured to automatically run an authentication routine upon connection with the general purpose computing device to confirm that the personal medical information storage device is neither lost nor stolen before granting access thereto. A communication module is configured to facilitate a communication connection with the remote medical information storage device, and wherein the remote medical information storage device comprises an advertisement module.
    Type: Grant
    Filed: October 25, 2012
    Date of Patent: January 2, 2018
    Assignee: Intelligent ID Solutions, LLC
    Inventors: Jason E. Farr, John G Coram, Greg T Meyers
  • Patent number: 9853979
    Abstract: Policy changes are propagated to access control devices of a distributed system. The policy changes are given immediate effect without having to wait for the changes to propagate through the system. A token encodes the policy change and can be provided in connection with access requests. Before an access control device has received a propagated policy change, the access control device can evaluate a token provided in connection with a request to determine, consistent with the policy change, whether to fulfill the request.
    Type: Grant
    Filed: March 11, 2013
    Date of Patent: December 26, 2017
    Assignee: AMAZON TECHNOLOGIES, INC.
    Inventors: Gregory Branchek Roth, Matthew James Wren
  • Patent number: 9853815
    Abstract: A password verifying method includes the following steps: providing a plurality of interactive regions in which several known password characters are arranged and shown randomly, at least one interactive region containing at least two characters; accepting selection of one of said plurality of interactive regions by a user, and after selection of one of the interactive regions by the user, randomly re-distributing said several known password characters into said interactive regions for subsequent selection by the user; and comparing characters contained in a predefined password sequence with characters contained in the interactive regions selected by the user, and outputting a signal representing a successful password verification when each character contained in the password sequence is identical to corresponding ones of the characters shown in respective ones of the interactive regions selected by the user.
    Type: Grant
    Filed: April 21, 2015
    Date of Patent: December 26, 2017
    Assignees: Smart Electronic Industrial (Dong Guan) Co., Ltd.
    Inventor: Lee Zheng
  • Patent number: 9853947
    Abstract: Embodiments of the present disclosure help protect network devices from unauthorized access. Among other things, embodiments of the disclosure allow full access to application servers and other network devices that a client is allowed to access, while preventing all access (or even knowledge) of network devices the client is not allowed to access.
    Type: Grant
    Filed: August 17, 2015
    Date of Patent: December 26, 2017
    Assignee: CRYPTZONE NORTH AMERICA, INC.
    Inventors: Kurt Glazemakers, Malcolm Hamilton, Gokhan Berberoglu
  • Patent number: 9854529
    Abstract: In one example, a wearable device includes one or more processors, a plurality of communication components, one or more motion sensors configured to detect motion of the wearable device and generate, based on the detected motion, motion data, and a storage device configured to store at least one module. The at least one module may be operable by the one or more processors to: responsive to determining that the wearable device is not connected to the computing device using the first communication technology, determine, based on the motion data, whether the wearable device is currently being worn, and responsive to determining that the wearable device is currently being worn, establish the wireless connection to the computing device using the second communication component.
    Type: Grant
    Filed: December 3, 2015
    Date of Patent: December 26, 2017
    Assignee: Google LLC
    Inventors: Peter Wilhelm Ludwig, Jiahu Deng
  • Patent number: 9848331
    Abstract: An approach for improving mobile device security is provided. The approach configures a passcode for accessing a mobile device, wherein configuring the passcode includes incorporating one or more hardware buttons into the passcode, such that the one or more hardware buttons are relevant when entering the passcode to gain entry to the mobile device. The approach receives a passcode attempt on the mobile device, wherein the passcode attempt includes a combination of one or more touch screen buttons and at least one of the one or more hardware buttons. The approach determines whether the passcode attempt matches the passcode. Responsive to a determination that the passcode attempt does not match the passcode, the approach denies access to the mobile device.
    Type: Grant
    Filed: November 20, 2015
    Date of Patent: December 19, 2017
    Assignee: International Business Machines Corporation
    Inventors: Darryl M. Adderly, Prasad Kashyap, Brian J. Murray, Wenjian Qiao
  • Patent number: 9847881
    Abstract: An audio/video content management apparatus, for use with an external hard drive, includes a control circuit that performs a trust token generation operation. The trust token generation operation includes obtaining first identification information and hard drive identification information, encrypting and combining the first identification information and the hard drive identification information as a trust token, and sending the trust token to the external hard drive. The control circuit also performs a trust token validation operation including obtaining the first identification information, the hard drive identification information, and the trust token from the external hard drive.
    Type: Grant
    Filed: September 16, 2015
    Date of Patent: December 19, 2017
    Assignee: ARRIS Enterprises LLC
    Inventors: Mahadevan Venkatesh Prabu, Belmannu Harekrishna Acharya
  • Patent number: 9846786
    Abstract: Methods, systems, and products create anonymous loan documents. Electronic loan documents are prepared for a borrower of a loan. An anonymous shadow copy of the electronic loan documents is generated that removes personally identifying information, such as names, addresses, and social security numbers. The anonymous shadow copy of the electronic loan documents may then be electronically published.
    Type: Grant
    Filed: July 5, 2015
    Date of Patent: December 19, 2017
    Assignee: ReverseVision, Inc.
    Inventor: Thomas M. Martignoni