Solely Password Entry (no Record Or Token) Patents (Class 713/183)
  • Patent number: 10255454
    Abstract: A security controller controls secure processing of queries in an encrypted relational database. A query controller receives, from a client device, a secure query in a format of an encrypted token generated using a structured query language (SQL) query in a conjunctive query form, and sends an encrypted response to the secure query to the client device. A search engine generates the encrypted response to the secure query by initiating a search on the encrypted relational database, without decrypting the secure query and without decrypting the encrypted multi-maps. The encrypted relational database includes encrypted multi-maps corresponding to a relational database hosted at the client device, and an encrypted dictionary, based on structured encryption, using structured encryption, in lieu of using property-preserving encryption (PPE), and in lieu of using fully homomorphic encryption (FHE).
    Type: Grant
    Filed: February 17, 2016
    Date of Patent: April 9, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Seny Kamara, Tarik Moataz
  • Patent number: 10256974
    Abstract: A cryptographic ASIC and method for enforcing a derivative key hierarchy for managing an information stream. A programming user provides a user passphrase that is used to generate a transform key and is then deleted. The transform key is inaccessibly, invisibly, and indelibly generated and stored in a one-time programmable memory with externally generated programming pulses during or after manufacture, without being reported out to the user who provided the user passphrase. A transform-enabled cryptographic circuit or method customized with the transform key processes a predetermined input message to obtain a predetermined output message indicating an identity of a particular information stream. Other input messages may also be processed, such as for verifying a blockchain, but replication requires knowledge of the transform key. Only a programming user with knowledge of the user passphrase is capable of creating an information stream, such as a blockchain.
    Type: Grant
    Filed: May 9, 2018
    Date of Patent: April 9, 2019
    Assignee: Blockchain ASICs LLC
    Inventor: Edward L. Rodriguez De Castro
  • Patent number: 10243942
    Abstract: The accessibility of a hyperlinked files is displayed. A hyperlink that references a resource is extracted from a target file. An attempt to acquire the resource is made by performing a first authentication operation. A first object is received in response to performing the authentication operation. A second object is acquired by performing a second authentication operation using pre-determined authentication information. The first object and the second object are compared to determine if the first object is the same as the second object. Information indicating the accessibility of the resource is presented via a display apparatus.
    Type: Grant
    Filed: September 20, 2017
    Date of Patent: March 26, 2019
    Assignee: International Business Machines Corporation
    Inventors: Tomoka Mochizuki, Tomonori Sugiura, Lianzi Wen
  • Patent number: 10242225
    Abstract: Messages exchanged among users of a relationship management and work collaboration system are organized within user-defined, secure communication channels organized according to user-defined hierarchies that represent the users' personal relationships with one another. Security of the communications channels is maintained using individual, dynamic keys, each of the keys being uniquely associated with a respective one of the channels, and being generated according to combinations of individual passwords established by each respective channel's participants. In-bound messages in the form of e-mails are received and associated with respective ones of the channels according to e-mail aliases associated with the inbound messages. Out-bound e-mails may be sent to channel participants according to e-mail addresses associated with the participants and channel preferences established by the system users.
    Type: Grant
    Filed: June 6, 2014
    Date of Patent: March 26, 2019
    Assignee: PrivateTree, LLC
    Inventors: Edward F. Wang, Timothy N. Jones
  • Patent number: 10242197
    Abstract: A data processing system (DPS) provides protection for firmware. The DPS comprises (a) a host module comprising a management engine and (b) a security module in communication with the host module. The security module comprises a security coprocessor and a secret identifier for the security module. The DPS also comprises at least one machine-accessible medium comprising host firmware and security firmware. The host firmware, when executed by the management engine, enables to management engine to determine whether the security module is in communication with the host module, based on the secret identifier for the security module. The security firmware, when executed by the security coprocessor, enables the security coprocessor (a) to verify integrity of the host firmware and (b) to prevent the host module from booting with the host firmware in response to a determination that the host firmware has lost integrity. Other embodiments are described and claimed.
    Type: Grant
    Filed: September 23, 2016
    Date of Patent: March 26, 2019
    Assignee: Intel Corporation
    Inventors: Justyna Zander, Marek Zmuda, Igor A. Tatourian, Pawel Szymanski
  • Patent number: 10235539
    Abstract: A server device 201 comprises a communication part 231, a search history storage region 213, a data storage part 210, and a checking part 220. The communication part receives a set of a trapdoor and a deterministic encrypted keyword from a search device 401. The search history storage region 213 stores the set of the trapdoor and the deterministic encrypted keyword. The data storage part 210 stores keyword information in which search target data and an encrypted keyword are associated with each other. If the deterministic encrypted keyword is obvious, a deterministic encrypted keyword corresponding to the encrypted keyword is additionally associated with the search target data and the encrypted keyword in the keyword information. The checking part 220 checks whether or not a deterministic encrypted keyword which matches the received deterministic encrypted keyword exists in the search history storage region 213.
    Type: Grant
    Filed: February 25, 2013
    Date of Patent: March 19, 2019
    Assignee: MITSUBISHI ELECTRIC CORPORATION
    Inventors: Takashi Ito, Nori Matsuda, Mitsuhiro Hattori, Takumi Mori, Takato Hirano
  • Patent number: 10230703
    Abstract: A first data item is encrypted at a client device using a first encryption key. The encrypted first data item is included in a data object. A second encryption key is received at the client device from a key management device. The first encryption key is encrypted using the second encryption key. The encrypted first encryption key is included in the data object, and the data object is stored at a storage device.
    Type: Grant
    Filed: October 27, 2016
    Date of Patent: March 12, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Michael P. Lepore, Scot DeDeo, Carl M. Phillips, Andrew Biggs, Matthew A. Miller
  • Patent number: 10223524
    Abstract: Techniques for maintaining potentially compromised authentication information for a plurality of accounts may be provided. An individual piece of authentication information may be associated with one or more tags that indicate access rights with respect to requestors that also provide and maintain other potentially compromised authentication information. A subset of the potentially compromised authentication information may be determined based on the one or more tags in response to a request from a requestor for the potentially compromised authentication information. In an embodiment, the subset of the potentially compromised authentication information may be provided to the requestor.
    Type: Grant
    Filed: December 6, 2017
    Date of Patent: March 5, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: David James Kane-Parry, Darren Ernest Canavor, Jesper Mikael Johansson
  • Patent number: 10225252
    Abstract: Techniques are disclosed for implementing a CAPTCHA access control system based on graphical representations of a watch or other timekeeping device. More particularly, the disclosed CAPTCHA system's request/challenge mechanism employs a graphical representation of a watch whose perturbation from a baseline visual presentation is controlled by a large number of attributes, each of which may assume a number of different values. The use of a large number of display attributes (e.g., 20 or more) and a relatively small number of difficulty levels allows each difficulty level to have an enormous number of possible graphical representation. Such a large number of potential challenge images essentially precludes the likelihood that any automated search for a matching image—providing the ability to correctly respond with certainty to the challenge query—will be successful.
    Type: Grant
    Filed: June 20, 2016
    Date of Patent: March 5, 2019
    Assignee: Apple Inc.
    Inventors: David A. den Boer, Shahid Ahmed, Jennifer A. Walton
  • Patent number: 10218684
    Abstract: A first device transmits data as encrypted portions that are communicated to one or more second devices as one or more of: a graphical animation rendered to a screen on a display of the first device and audio played out a speaker of the first device.
    Type: Grant
    Filed: January 30, 2015
    Date of Patent: February 26, 2019
    Assignee: NCR Corporation
    Inventors: Jonathan Simon Black, Adam Nicholas Brown
  • Patent number: 10212176
    Abstract: Entity group behavior profiling. An entity group is created that includes multiple entities, where each entity represents one of a user, a machine, and a service. A behavior profile is created for each one of the entities of the entity group. The behavior of each of one of the entities of the entity group is monitored to detect behavior change. An indicator of compromise is detected based on multiple ones of the entities experiencing substantially a same behavior change.
    Type: Grant
    Filed: June 18, 2015
    Date of Patent: February 19, 2019
    Assignee: Hewlett Packard Enterprise Development LP
    Inventor: Jisheng Wang
  • Patent number: 10192102
    Abstract: In one embodiment, a computing device determines a Completely Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA). The CAPTCHA includes a first static image that has image sections that are arranged in a first order. Each of the image sections corresponds to a unique identifier. The CAPTCHA further includes a second static image that includes each of the image sections of the first static image that are arranged in a second order. The computing device generates web-browser-executable code for converting the second static image to the first static image based on the first static image, the first order, and the unique identifiers. The computing device sends the second static image and the web-browser-executable code to a client device.
    Type: Grant
    Filed: April 17, 2017
    Date of Patent: January 29, 2019
    Assignee: Facebook, Inc.
    Inventor: Jonathan Frank
  • Patent number: 10182047
    Abstract: Systems and methods for determining a pictograph password sequence and association phrase are provided. In some example embodiments, an assigned pictograph sequence request is received from a client device, with the request causing the system to generate a template pictograph sequence, generate an association phrase based on the template pictograph sequence, store the template pictograph sequence and associated phrase on a memory, and transmit instructions to cause a display of the template pictograph sequence and the association phrase. In some example embodiments, the system requires an input of a pictograph sequence that matches the template pictograph sequence in order for a user to view content. In some example embodiments, the template pictograph sequence may be replaced by a user pictograph sequence.
    Type: Grant
    Filed: June 30, 2016
    Date of Patent: January 15, 2019
    Assignee: Snap Inc.
    Inventors: Eric Buehl, Michael Cieslak
  • Patent number: 10171239
    Abstract: Aspects of the subject matter described herein relate to disclosing recovery keys. In aspects, when a recovery key is disclosed, data is updated to indicate that the recovery key has been disclosed. A machine that has locked data may determine whether a recovery key for the locked data has been disclosed and whether a new key needs to be generated for the locked data. If a new key needs to be generated for the locked data, the machine may generate the new key and send it to a recovery store for storage. In addition, old keys that protect the locked data may be deleted after the new key has been generated and stored.
    Type: Grant
    Filed: November 7, 2016
    Date of Patent: January 1, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Sachin Goel, Stein Erik Dolan, William B. Lees
  • Patent number: 10146201
    Abstract: A numerical control apparatus which enables a numerical control apparatus for a machine tool suitable for executing a particular machining program to selectively execute the machining program. The numerical control apparatus includes a storage that stores unique information; a receiving part that receives a machining program including incidental information; a determination part that checks the incidental information included in the machining program received by the receiving part with the unique information stored in the storage, and determines whether information matching the unique information is included in the incidental information; and a machine controller that executes the machining program received by the receiving part to control the machine tool only when it is determined that information matching the unique information is included in the incidental information.
    Type: Grant
    Filed: December 15, 2016
    Date of Patent: December 4, 2018
    Assignee: FANUC CORPORATION
    Inventor: Hideki Otsuki
  • Patent number: 10146933
    Abstract: A technique controls access to a resource. The technique includes deriving, by processing circuitry, a password based on a phrase/thought provided by a user. The technique further includes confirming with the user that the password is to control access to the resource. The technique further includes, after confirming with the user that the password is to control access to the resource, imposing a requirement that the user provide the password before obtaining access to the resource. Such a password may be formed by concatenating multiple words (e.g., four words) that may be unrelated to each other. Such a password may be relatively strong since the resulting concatenation would not be found in any dictionary, and since it would be an extremely difficult and time consuming endeavor to predict such a password by attempting to combine words from a dictionary to form the concatenations.
    Type: Grant
    Filed: June 27, 2016
    Date of Patent: December 4, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Yihezkel Schoenbrun, Julia Roschak, Itzik Sorani, Tamar Vardy, Haim Raman, Mikael Peres
  • Patent number: 10129288
    Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for detecting malicious activities. One of the methods includes obtaining a collection of user event logs or receiving user events through real-time feeds; using data from the user event logs/feeds to determine IP address properties for individual IP addresses and IP address ranges; and for each incoming event, updating the IP address properties for the corresponding IP address and IP prefix properties.
    Type: Grant
    Filed: February 11, 2015
    Date of Patent: November 13, 2018
    Assignee: DataVisor Inc.
    Inventors: Yinglian Xie, Fang Yu
  • Patent number: 10116638
    Abstract: A method and device for uploading data to a social platform. The method includes a plugin set into an application program. The plugin integrates at least one Application Program Interface (API) possessing publishing function provided by at least one social platform. A request for uploading data to a social platform is received and data to be uploaded is obtained according to the request. The data is uploaded to the corresponding social platform through an API possessing publishing function integrated by the plugin. Date may be uploaded through the plugin to one or more social platforms simultaneously without launching a client terminal of the corresponding social platforms.
    Type: Grant
    Filed: June 9, 2015
    Date of Patent: October 30, 2018
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventor: Yonghua Li
  • Patent number: 10108796
    Abstract: A system for entering a secure Personal Identification Number (PIN) into a mobile computing device includes a mobile computing device and a peripheral device that are connected via a data communication link. The mobile computing device includes a mobile application and a display and the mobile application runs on the mobile computing device and displays a grid on the mobile computing device display. The peripheral device includes a display and an encryption engine, and the peripheral device display displays a grid corresponding to the grid displayed on the mobile computing device display. Positional inputs on the mobile computing device grid are sent to the peripheral device and the peripheral device decodes the positional inputs into PIN digits and generates an encrypted PIN and then sends the encrypted PIN back to the mobile computing device.
    Type: Grant
    Filed: December 9, 2013
    Date of Patent: October 23, 2018
    Assignee: BBPOS LIMITED
    Inventor: Chi Wah Lo
  • Patent number: 10102366
    Abstract: A method for user passcode authentication. The method includes accessing a user information database with predefined user input option parameters and generating a random arrangement of input options from the predefined user input option parameters. The method includes manifesting the random arrangement of input options on an interactive display interface and receiving a selection of the interactive display interface input options. The method also includes comparing the received selection of interactive display interface options to the predefined user input option parameters.
    Type: Grant
    Filed: July 21, 2016
    Date of Patent: October 16, 2018
    Assignee: Arcanum Technology LLC
    Inventors: Brian G. Finnan, Frank P. Brice, William Brooks Brown
  • Patent number: 10097651
    Abstract: According to a general aspect, a method can include receiving a request, triggered via a consumer account, to access, using a social media application, a plurality of sharer content. The sharer content can be associated with a sharer account using the social media application. The method can include retrieving, in response to the request, a consumer value and a relationship value. The consumer value can represent an interaction with the social media application via the consumer account and the relationship value can characterize a relationship between a consumer identifier of the consumer account and a sharer identifier of the sharer account. The method can include selecting a subset of sharer content from the plurality of sharer content based on a combination of the consumer value and the relationship value, and can include defining a portion of a presentation customized for the consumer account using the selected subset of sharer content.
    Type: Grant
    Filed: November 24, 2015
    Date of Patent: October 9, 2018
    Assignee: Google LLC
    Inventor: Ryan Hickman
  • Patent number: 10097346
    Abstract: One embodiment provides a system that facilitates efficient key retrieval by using key catalogs in a content centric network. During operation, the system generates, by a client computing device, a first interest for a key indicated in a signed key catalog. In response to receiving the key, the system verifies the received key by determining that a hash of the received key matches a hash of the key as indicated in the catalog based on a name for the received key. The system generates a second interest for a content object, wherein a name for the second interest includes a name prefix associated with the key as indicated in the catalog, wherein the first interest is transmitted before or concurrent with transmitting the second interest. In response to receiving the content object, the system verifies the received content object based on the key.
    Type: Grant
    Filed: December 9, 2015
    Date of Patent: October 9, 2018
    Assignee: Cisco Technology, Inc.
    Inventors: Christopher A. Wood, Glenn C. Scott
  • Patent number: 10083292
    Abstract: A method and computer for assessing whether a password can be generated by using characteristics of a physical arrangement of keys of an input device. A received password includes characters corresponding to respective select keys in a sequence of select keys of the input device. For each select key, a final detection frequency is calculated as a sum of an initial detection frequency and an additive correction. A password determination value is calculated as a ratio of a total number of select keys having a final detection frequency equal to a minimum detection frequency and the total number of select keys in the sequence of select keys. A determination of whether the calculated password determination value is, or is not, less than a predetermined threshold value indicates that the password cannot, or can, respectively, be generated by using the characteristics of the physical arrangement of keys of the input device.
    Type: Grant
    Filed: August 1, 2017
    Date of Patent: September 25, 2018
    Assignee: International Business Machines Corporation
    Inventors: Takeshi Miura, Hiroyuki Takenoshita, Yuji Yanagihara
  • Patent number: 10068105
    Abstract: A user authentication method and terminal, where the method includes acquiring an authentication interaction object and an interference interaction object where the authentication interaction object is a real interaction object stored in a terminal, the interference interaction object is a virtual interaction object constructed by the terminal, and the interference interaction object has a similar feature with the authentication interaction object to cause interference to a user when the user is selecting the authentication interaction object, displaying the authentication interaction object and the interference interaction object in an authentication interface for the user to select from, receiving a selection result and determining whether the selection result is the authentication interaction object, and determining, when the selection result is the authentication interaction object, that authentication succeeds.
    Type: Grant
    Filed: April 22, 2016
    Date of Patent: September 4, 2018
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventor: Zhengde Zhai
  • Patent number: 10068233
    Abstract: Systems and methods are provided for online transactions using pattern recognition. A user of a payment provider may create and register patterns drawn by the user on a pattern entry image. The user may register the patterns by associating transaction options with each drawn pattern. Each pattern may be used to execute a particular transaction such as a purchase transaction, a payment of a specific amount, a payment to a specific recipient, or a sales transaction. When the user wishes to execute a transaction such as an online payment to a particular recipient for a particular amount, the user can redraw the registered pattern associated with payments to that recipient for that amount. A pattern can be drawn at a particular location on the pattern entry image. Different transactions can be associated with patterns drawn at different locations.
    Type: Grant
    Filed: August 9, 2017
    Date of Patent: September 4, 2018
    Assignee: PAYPAL, INC.
    Inventor: Puvanenthiran Subbaraj
  • Patent number: 10033726
    Abstract: A conference setting method includes: displaying a first setting screen on a particular terminal configured to perform a setting operation of a teleconference, the first setting screen being switchable between: a first setting method having a plurality of password setting fields in which a password is set to each of at least three authorities having different numbers of executable functions; and a second setting method having a common authority setting field in which one of the at least three authorities is set as a common authority and having a common authority password setting field in which a password is set to the common authority; and storing, in a storage, passwords set in the password setting fields in association with respective ones of the at least three authorities; and storing, in the storage, a common authority password set in the common authority password setting field in association with the common authority.
    Type: Grant
    Filed: December 1, 2015
    Date of Patent: July 24, 2018
    Assignee: Brother Kogyo Kabushiki Kaisha
    Inventor: Kentaro Arai
  • Patent number: 10021089
    Abstract: Mechanisms and techniques for customized user validation. A login attempt is received from a remote electronic device with one or more computing devices that provide access to one or more resources. The login attempt is analyzed to determine a profile from a plurality of profiles corresponding to the login attempt. The one or more computing devices support the plurality profiles with each profile having a corresponding flow. The flow corresponding to the profile is performed prior to allowing continuation of the login attempt. The login attempt is continued, via the one or more computing devices, after the flow corresponding to the profile is completed. Access is granted to the one or more resources, via the one or more computing devices, in response to a successful completion of the login attempt.
    Type: Grant
    Filed: April 9, 2015
    Date of Patent: July 10, 2018
    Assignee: salesforce.com, inc.
    Inventors: William Charles Mortimore, Jr., Sergio Isaac Koren, Paul Anthony Mason, Alan Vangpat
  • Patent number: 9990513
    Abstract: The proliferation of personal computing devices in recent years, especially mobile personal computing devices, combined with a growth in the number of widely-used communications formats has led to increased concerns regarding the safety and security of documents and messages that are sent over networks. Users desire a system that provides for the setting of custom access permissions at a file-level or sub-file-level. Such a system may allow the user to apply customized privacy settings (and, optionally, encryption keys) differently to particular portions of a document—even if the document is of a ‘lossy’ file type, e.g., a JPEG image. According to some embodiments, the custom access permission settings may be implemented by obfuscating portions of the original file and then embedding “secret,” e.g., hidden and/or encrypted, versions of the obfuscated portions in parts of the data structure of the original lossy file before transmitting the file to the desired recipients.
    Type: Grant
    Filed: December 31, 2015
    Date of Patent: June 5, 2018
    Assignee: Entefy Inc.
    Inventor: Alston Ghafourifar
  • Patent number: 9990127
    Abstract: Methods of performing operations on a processor of an electronic device include establishing a programmatic association in a one-to-one relationship between mathematical operators and directions of movement that a user can make when selecting number keys among an arrangement of number keys. A first number is received from a user selection of a first number key, and a second number is received from a user selection of a second number key. A first direction of user movement from the first number key to the second number key is determined, and a first mathematical operator is selected among the mathematical operators that is programmatically associated with the first direction. The first and second numbers are combined using the first mathematical operator to generate an output number, and the output number is provided to a secure program to control user access to a protected operation of the secure program.
    Type: Grant
    Filed: June 17, 2015
    Date of Patent: June 5, 2018
    Assignee: CA, Inc.
    Inventor: Satish Kumar Sharaf
  • Patent number: 9979719
    Abstract: A method comprising includes detecting, in response to a user access attempt on an electronic access device, a one-time passcode authentication event; receiving, at an electronic authenticating device, notification of the one-time passcode authentication event; retrieving, in response to the notification, a one-time passcode from the authenticating device; transmitting the one-time passcode from the authenticating device to a facilitator software instance operating on the access device; and enabling population, using the facilitator software instance, of a one-time passcode entry form with the one-time passcode.
    Type: Grant
    Filed: December 8, 2015
    Date of Patent: May 22, 2018
    Assignee: Duo Security, Inc.
    Inventors: Jon Oberheide, Adam Goodman, Chris Czub, Patrick Garrity
  • Patent number: 9979537
    Abstract: A format-preserving cipher including an encryption and a decryption scheme supporting non-linear access to input data by allowing the selection of portions of data from a potentially larger dataset to be encrypted, thus avoiding a necessarily sequential access into the input plaintext data. The cipher first defines a forward mapping from the allowable ciphertext values to an integer set of the number of such allowable ciphertext values, and a corresponding reverse mapping. It also supports exclusion of a certain set of characters from the ciphering process. An encryption algorithm is provided that encrypts the input plaintext data while preserving its original format and length, and a corresponding decryption algorithm is provided. The cipher advantageously embodies the encryption and decryption of multi-byte values, composite datasets, and credit card numbers, thus fitting a variety of industrial needs.
    Type: Grant
    Filed: April 4, 2016
    Date of Patent: May 22, 2018
    Assignee: ZETTASET, INC.
    Inventor: Eric A. Murray
  • Patent number: 9967289
    Abstract: Embodiments described herein relate to apparatuses and methods for enabling applied key management operations at a client including establishing a data connection with a file kernel driver of the client to enable the applied key management operation, receiving a request pertaining to encryption key data, relaying the request pertaining to the encryption key data to an applied key management system, and receiving a response regarding the request from the applied key management system based on at least one policy of the applied key management system.
    Type: Grant
    Filed: March 11, 2016
    Date of Patent: May 8, 2018
    Assignee: FORNETIX LLC
    Inventors: Charles White, Stephen Edwards
  • Patent number: 9954867
    Abstract: Methods and systems are provided for verifying reset of credentials for user accounts. The methods and systems receive a request to change a credential associated with a user account. The user account has account privileges associated with a network service. The methods and systems set the user account to a cool-down status and send a reset notification to one or more trusted access points associated with the user account to inform a valid owner or user of the account that a credential has been reset. The methods and systems manage availability of at least a restricted subset of the account privileges for a cool-down time period or until a reset verification is received from a valid owner or user.
    Type: Grant
    Filed: December 15, 2015
    Date of Patent: April 24, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Jesper Mikael Johansson, Max Harwell Funderburk, Mian Zainulabadin Khurrum, Kripa Shankar Karukurichi Subramanian
  • Patent number: 9948338
    Abstract: Systems and methods for providing additional control over user equipment (UE) using standardized features of a subscriber identity module (SIM) is provided. The UE can impose SIMLocking criteria based on subscriber related attributes (such as rate plan, prepay, postpay, etc.). The SIM module can comprise multiple unique entries and one value for each entry. One or more entries on the SIM can be subdivided to provide additional values with each value made up of a subset of bits from a particular entry. Thus, a single entry can provide a plurality of values to make up a SIM configuration. The SIM configuration can be compared to a UE SIMLock configuration with the same, or similar, entries to determine if the SIM is compatible for use with the UE. The SIM configuration can be updated dynamically to reflect changes in the account associated with the UE or the SIM.
    Type: Grant
    Filed: October 16, 2017
    Date of Patent: April 17, 2018
    Assignee: T-Mobile USA, Inc.
    Inventor: Amela Kovacevic
  • Patent number: 9942752
    Abstract: A method for phishing detection, performed by a mobile device, is provided. The method includes receiving a first OTP (one-time password), from a remote caller purporting to be from a trusted organization, into the mobile device. The method includes generating a second OTP, using an OTP generation system provided by the trusted organization, and comparing, in the mobile device, the first OTP and the second OTP, wherein the first OTP matching the second OTP indicates legitimacy of the remote caller, and the first OTP mismatching the second OTP indicates illegitimacy of the remote caller. A mobile device and a computer readable media are also provided.
    Type: Grant
    Filed: December 30, 2016
    Date of Patent: April 10, 2018
    Assignee: SYMANTEC CORPORATION
    Inventor: Venkadesan Marimuthu
  • Patent number: 9936235
    Abstract: A personal base station (PBS) having wireless video capability. The PBS authenticates a mobile device within range for cellular services, and authenticates the user for a level of service for cable television. The PBS operates in accordance with a dual-purpose subscriber identity system (SIS) includes a subscriber mobile identity component (SMIC) and a video security component (VSC) such that the cellular and television services can be authenticated. Mobile devices incorporating the disclosed innovations, as well as the PBS, can access video content from a cable television provider through any available broadband link, regardless of the mobile device's physical location.
    Type: Grant
    Filed: August 21, 2014
    Date of Patent: April 3, 2018
    Assignee: AT&T MOBILITY II LLC
    Inventors: Jerald J. Gnuschke, David W. Holmes, David K. Smith, Christopher A. White
  • Patent number: 9935927
    Abstract: Disclosed are systems, methods, and computer-readable storage media for Bluetooth low energy (BLE) double authentication between a mobile device and server nodes. A system using BLE authentication can receive at a mobile device, an identifier of a dongle attached to a server that enables wireless communication and can establish a wireless low energy connection with the dongle without paring. The system can receive a server identifier and can determine whether the server has previously been authenticated to yield a determination. When the determination is that the server has not previously been authenticated, the system can receive a baseband management controller username and a password. When the determination is that the server has previously been authenticated, the system can determine whether to perform a double authentication to yield a second determination. The system can perform the double authentication when the second determination indicates that the double authentication should be performed.
    Type: Grant
    Filed: October 16, 2015
    Date of Patent: April 3, 2018
    Assignee: QUANTA COMPUTER INC.
    Inventor: Yen-Ping Tung
  • Patent number: 9930033
    Abstract: In one embodiment, a user password is received in relation to a user identifier, wherein the user identifier and user password are associated with a user account. A request to opt-in to use of system-generated passwords instead of the user password is received. A substitute password for the user account is generated and provided.
    Type: Grant
    Filed: December 1, 2015
    Date of Patent: March 27, 2018
    Assignee: Oath Inc.
    Inventors: Lovlesh Chhabra, Dylan Casey, Atte Lahtiranta, Jonathan Edward Hryn, Alice Francine Gutman
  • Patent number: 9922477
    Abstract: An access control system utilizes authorized users' mobile electronic devices for transmitting biometric identifiers in combination with using an access card, for authenticating the user's access privileges for unlocking a secure door. The system may further verify proximity of the user's device to the access control reader, which verifies correspondence of the access card with the transmitted biometric characteristics. The system may further require entry of a PIN into the user's device, for its transmission to the access control system for access confirmation. A scanner scans the area around its geographic location for signals emitted by mobile electronic devices, and identifies a position, a type, and an address of each device, using characteristics of the signals. Audio analytics detect/identify a position of sudden sound fluctuations indicating a gunshot/fight incident, and correlates the incident location to a device location. Video analytics correlate imaged people with detected electronic devices.
    Type: Grant
    Filed: September 21, 2017
    Date of Patent: March 20, 2018
    Inventors: Dan Kerning, Dharmesh Patel
  • Patent number: 9923851
    Abstract: Disclosed are systems, methods, and non-transitory computer-readable storage media for providing content management features in a messaging service. A messaging client receives a reference to a content item stored on a content management system and receives, from the content management system, a set of sharing options for the content item. The set of sharing options is presented to the user via the messaging client and a user selection of sharing options is received. The messaging client sends the user selection of sharing options to the content management system, wherein the content management system is configured to apply the user selection of sharing options to the content item.
    Type: Grant
    Filed: December 30, 2016
    Date of Patent: March 20, 2018
    Assignee: DROPBOX, INC.
    Inventors: Eric Sprauve, Jong-Moon Kim, Kristin Boyer, Thomas Le Jeune, Thomas Wright, Vinod Valloppillil
  • Patent number: 9904778
    Abstract: A function performing apparatus includes a function performing unit performing a specific function, a processor, and memory storing computer-readable instructions therein, the computer-readable instructions, when executed by the processor, causing the function performing apparatus to perform, in response to receiving a user authentication information when the user authentication information has been registered in an authentication memory, transitioning a state of the apparatus from a non-permission state to a permission state, registering, in the authentication memory, a device authentication information in association with the user authentication information upon establishing a first connection with a portable device, and transitioning the state of the apparatus from the non-permission state to the permission state when a second connection with the portable device is established and the device authentication information is obtained from the portable device.
    Type: Grant
    Filed: March 27, 2017
    Date of Patent: February 27, 2018
    Assignee: Brother Kogyo Kabushiki Kaisha
    Inventor: Kunihito Terashita
  • Patent number: 9894046
    Abstract: A method of operating a server comprises receiving an authorization request comprising a password, accessing an expiry date for the password, transmitting a response comprising the expiry date, ascertaining whether the password has expired, and receiving a new password, if the password has expired. Optionally, the transmitted response further comprises a date representing the last use of the password and/or an integer value representing a retry parameter.
    Type: Grant
    Filed: April 4, 2017
    Date of Patent: February 13, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventor: Peter E. Havercan
  • Patent number: 9886580
    Abstract: A method and information handling system (IHS) that optimizes boot time. The method includes a basic input output system (BIOS) performing an authentication check of drivers during an initial boot process. The results of the authentication check are stored along with an unified extensible firmware interface (UEFI) image for each driver in an authentication results data structure (ARDS). In response to receipt of a subsequent request to enable a secure boot of the IHS, when the initial boot process was performed with the secure boot disabled, the ARDS is accessed to determine if any of the drivers failed the authentication check. When none of the drivers have failed the authentication check, the boot process is continued using the UEFI images of the drivers. When at least one of the drivers has failed its authentication check, a notification is output indicating a failure of the authentication check.
    Type: Grant
    Filed: December 23, 2014
    Date of Patent: February 6, 2018
    Assignee: Dell Products, L.P.
    Inventors: Sundar Dasar, Yogesh P. Kulkarni, Sumanth Vidyadhara, Bill Munger, Raghavendra Venkataramudu
  • Patent number: 9886564
    Abstract: Provided is a network system which improves a security and prevents illegal use when providing services such as Internet banking services. A random graphic table (RMT) is issued to a user, and having text characters which a user inputs and figures which corresponds to the text characters, respectively, and which is unrelated to the text characters such as a photograph. A banking organization server (30) manages random graphic table data corresponding to the random graphic table (RMT), distributes data for input including a portion of the random graphic table data to a communication terminal device (10) when information is inputted, and executing a specification of information to be specified while comparing the data for input with the random graphic table (RMT).
    Type: Grant
    Filed: October 31, 2016
    Date of Patent: February 6, 2018
    Assignee: BankGuard, Inc.
    Inventors: Haruhiko Fujii, Shuichi Matsuda
  • Patent number: 9887989
    Abstract: A method and system are provided for authenticating a user to an application back-end using a key pair and one or more bearer tokens such as a password, a biometric code, or a biometric key, while protecting the bearer tokens against back-end security breaches. In one embodiment, an application front-end authenticates the user by sending the bearer tokens and a public key to the application back-end, and demonstrating knowledge of a private key. The application back-end compares an authentication-phase tag derived from a joint hash of the public key and the bearer tokens against a registration-phase tag stored in a device record within a back-end database. The public key is not stored in the database, thereby depriving an adversary who breaches back-end security of information needed to test guesses of the bearer tokens.
    Type: Grant
    Filed: April 22, 2016
    Date of Patent: February 6, 2018
    Assignee: Pomian & Corella, LLC
    Inventors: Francisco Corella, Karen Pomian Lewison
  • Patent number: 9887977
    Abstract: The accessibility of a hyperlinked files is displayed. A hyperlink that references a resource is extracted from a target file. An attempt to acquire the resource is made by performing a first authentication operation. A first object is received in response to performing the authentication operation. A second object is acquired by performing a second authentication operation using pre-determined authentication information. The first object and the second object are compared to determine if the first object is the same as the second object. Information indicating the accessibility of the resource is presented via a display apparatus.
    Type: Grant
    Filed: June 15, 2015
    Date of Patent: February 6, 2018
    Assignee: International Business Machines Corporation
    Inventors: Tomoka Mochizuki, Tomonori Sugiura, Lianzi Wen
  • Patent number: 9864849
    Abstract: Techniques related to view-based expiration of shared content are described. An online content management system receives a view access request from a client device. The view access request includes a shared link to a server-stored content item. A view access counter associated with the shared link is used to determine that the view access request is authorized. The shared link is resolved to the server-stored content item, and at least a portion of the server-stored content item is sent to the client device. Optionally, instructions that cause the client device to send an acknowledgement can also be sent to the client device. The acknowledgement indicates that one or more presentation conditions have been satisfied. The one or more presentation conditions can include presenting at least the portion of the server-stored content item at the client device. The online content management system receives the acknowledgement and increments the view access counter.
    Type: Grant
    Filed: December 29, 2015
    Date of Patent: January 9, 2018
    Assignee: Dropbox, Inc.
    Inventors: Zeya Yang, Nathaniel Herman, Michael Anderson, Tsahi Glik
  • Patent number: 9858400
    Abstract: An information processing system establishes connection between an information storage apparatus and an application installed in a terminal including a storage device for storing authentication information. The information processing system includes a setting information acquisition unit configured to acquire setting information from the information storage apparatus when the terminal receives an execution request to execute the application, the setting information indicating whether to prompt input of the authentication information.
    Type: Grant
    Filed: September 11, 2014
    Date of Patent: January 2, 2018
    Assignee: Ricoh Company, Ltd.
    Inventor: Kazuhiro Yamada
  • Patent number: 9860208
    Abstract: Techniques for bridging a honey network to a suspicious device in a network (e.g., an enterprise network) are disclosed. In some embodiments, a system for bridging a honey network to a suspicious device in an enterprise network includes a device profile data store that includes a plurality of attributes of each of a plurality of devices in the target network environment; a virtual clone manager executed on a processor that instantiates a virtual clone of one or more devices in the target network environment based on one or more attributes for a target device in the device profile data store; and a honey network policy that is configured to route an internal network communication from a suspicious device in the target network environment to the virtual clone for the target device in the honey network.
    Type: Grant
    Filed: September 30, 2014
    Date of Patent: January 2, 2018
    Assignee: Palo Alto Networks, Inc.
    Inventors: Taylor Ettema, Huagang Xie
  • Patent number: 9852280
    Abstract: An authentication scheme in which an instance of a designated element is shifted to proximity with a designated target to gain access a device may be enhanced by creating conditions that allow for either the designated element or the designated target to be different for each instance of authentication. In one embodiment, a secondary display portion may be used to provide an indication of a dynamic designated element. In another embodiment, a secondary display portion, in combination with a tertiary display portion, may be used to provide an indication of a dynamic designated target.
    Type: Grant
    Filed: January 8, 2015
    Date of Patent: December 26, 2017
    Assignee: BlackBerry Limited
    Inventors: Timothy Herbert Kyowski, Marc Elis Meunier, Jason Tyler Griffin