Using Record Or Token Patents (Class 713/185)
  • Patent number: 10346051
    Abstract: A method or system for determining a required certification level of storage area for storing data of a write request based on a characteristic of the data, selecting a target storage area based on a media certification table and the required determined certification level of the media area and storing data at the target storage area.
    Type: Grant
    Filed: September 29, 2017
    Date of Patent: July 9, 2019
    Inventor: Andrew Michael Kowles
  • Patent number: 10341118
    Abstract: A security network system may include a security gateway operable to establish a client session between the security gateway and a client device. The security gateway is operable to receive client session information from the client session. The client session information includes an identification of a server with which the client device needs to exchange data. The security network system may also include a Hardware Security Module (HSM) in communication with the security gateway. The HSM is operable to establish, in concert with the security gateway, a secure session between the security gateway and the server based on the client session data, a public key, a secret key, and context attributed to the secure session.
    Type: Grant
    Filed: August 1, 2016
    Date of Patent: July 2, 2019
    Assignee: A10 Networks, Inc.
    Inventors: Yang Yang, Xuyang Jiang, Ali Golshan
  • Patent number: 10331424
    Abstract: Dynamic user interfaces modules are configured to communicate with a web service that provides, through HTTP requests and responses, JavaScript Object Notation objects declaring instances of user interface elements according to a predefined specification. The dynamic user interface modules render the instances in accordance with the JSON objects received from the web service and the properties defined for each user interface element declared thereby.
    Type: Grant
    Filed: July 27, 2018
    Date of Patent: June 25, 2019
    Assignee: Modo Labs, Inc.
    Inventors: Thomas Hughes Speller, III, Brian Lawrence Patt, Peter Eugene Akins
  • Patent number: 10304269
    Abstract: Disclosed are systems and methods for performing entry access over two or more networks. The two or more networks are leveraged to accelerate the entry access and provide redundancy. Performance over each of the two or more networks is tracked in order to allow a mobile device to exchange entry access messaging over the particular network providing fastest start-to-unlock time. The mobile device can alternatively exchange the entry access messaging simultaneously over the two or more networks to create a race condition whereby the fastest start-to-unlock time is obtained without monitoring network performance. Performing the entry access messaging exchange over the two or more networks also ensures reliability in the event a particular network is down or congested, an authorization device on a particular network is down or overloaded, a radio of a mobile device communicating over a particular network is disabled or slow performing.
    Type: Grant
    Filed: September 18, 2017
    Date of Patent: May 28, 2019
    Inventors: Alexander A. Kazerani, Amir Reza Khakpour, Samy Kamkar, Robert J. Peters
  • Patent number: 10248763
    Abstract: A healthcare prescription delivery mechanism using a money transfer network is disclosed. In the healthcare prescription delivery mechanism, a prescription for a patient from a healthcare provider is sent to a designated pharmacy. The pharmacy then processes the prescription and delivers the prescribed medicine to a chosen address of the patient. A payment for the healthcare prescription order is made by either the patient or a third party through the money transfer network to the pharmacy.
    Type: Grant
    Filed: September 29, 2015
    Date of Patent: April 2, 2019
    Assignee: Moneygram International, Inc.
    Inventor: Bhavesh Patel
  • Patent number: 10235512
    Abstract: A system and/or method is provided to implement authentication via Bluetooth devices. In particular, a user's Bluetooth device, such as a smart phone, may be registered to be used for automatic authentication for an online user account. When the user is attempting to log onto the online user account at a user device, such as a laptop, the user device may detect that the user's Bluetooth device is in proximity to the user device and the user may be logged into the online user account at the user device automatically. Thus, the user may be logged into the online user account seamlessly without requiring the user to input credentials, such as user name and/or password.
    Type: Grant
    Filed: June 24, 2014
    Date of Patent: March 19, 2019
    Assignee: PayPal, Inc.
    Inventor: Venkatesh Gnanasekaran
  • Patent number: 10225240
    Abstract: The present invention relates to a method to protect, in a secured container using an encryption key, a set of mixed sensitive and public data to be transferred to an entity. The method includes the steps of: generating a random key, ciphering the set of mixed sensitive and public data using said random key to obtain a ciphered set of data, generating an initialization value, and defining configuration information for the secured container. The initialization value, the configuration information and random key form a preamble. The preamble and the ciphered set of data are encrypted. The initialization value renders the resulting encrypted data variable from a secured container to another even in case of repetitive configuration information in the preamble.
    Type: Grant
    Filed: October 31, 2014
    Date of Patent: March 5, 2019
    Assignee: GEMALTO SA
    Inventors: Frank Detcheverry, Thomas Gempp, Fabien Courtiade
  • Patent number: 10191831
    Abstract: An agent inserts one or more hooks into a sub-execution runtime environment that is configured to include a script and/or targeted to include the script. The agent including the one or more hooks monitors a behavior of the sub-execution runtime environment and/or the script. The agent subsequently obtains context information regarding the sub-execution runtime environment and/or the script so that it can control the runtime of at least the sub-execution runtime environment. Related systems, methods, and articles of manufacture are also disclosed.
    Type: Grant
    Filed: June 5, 2017
    Date of Patent: January 29, 2019
    Assignee: Cylance Inc.
    Inventor: Derek A. Soeder
  • Patent number: 10182349
    Abstract: Systems and methods for user identification and authentication are disclosed. In one embodiment, a method of authenticating a first party to a second party may include the following: (1) receiving, from one of an electronic device of a first party and an electronic device of a second party, a request to generate authenticating indicia; (2) using at least one of a plurality of computer processors, generating the authenticating indicia; (3) transmitting, over a network, the authenticating indicia to the electronic device of a first party and to the electronic device of the second party; (4) receiving, from an electronic device of the second party, an indication that the second party has confirmed that the first party is authentic; and (5) storing an identity of the first party, the second party, and the authenticating indicia in a database.
    Type: Grant
    Filed: April 22, 2016
    Date of Patent: January 15, 2019
    Assignee: JPMorgan Chase Bank, N.A.
    Inventors: Kelly W. Scott, Tina Sanders Pragoff, Ravi Acharya, Michael W. Andrews, Michael L. Traxler
  • Patent number: 10178125
    Abstract: A web application receives a request for a web site's login page. The web application sends, via a domain name, a response including the login page, a first token in a first field in the login page's header, and a second token in a second field in the login page's header, wherein the first field is modifiable only via a related domain name which is related to the domain name, and wherein the first token is a function of the second token. The web application receives a request to login to the site from a client, wherein the request to login includes a header that includes the first field and the second field. The web application establishes a session with the client if the first field in the header includes a token which is the function of a token in the second field in the header.
    Type: Grant
    Filed: May 3, 2016
    Date of Patent: January 8, 2019
    Assignee:, inc.
    Inventor: Amalkrishnan Chemmany Gopalakrishnan
  • Patent number: 10178085
    Abstract: Systems, devices and techniques for establishing a secure file transfer session for secure downloading of configuration files to a Demarcation device are disclosed. Communication is established with a first network device. A password challenge message is received from the first network device. A username is generated. A password is generated using the password challenge message and a locally stored salt key. The username and the password are communicated to a second network device via the first network device, to facilitate establishing a secure file transfer connection with the second network device.
    Type: Grant
    Filed: June 28, 2012
    Date of Patent: January 8, 2019
    Assignee: ZTE Portugal-Projectos de Telecommunicações Unipessoal Lda
    Inventor: Marek Hajduczenia
  • Patent number: 10171241
    Abstract: A method for authenticating a user seeking access to first and second resources that have different authentication levels. The method includes receiving a primary token that is associated with a first authentication event of the user and authenticates the user to access the first resource, and receiving a first request to access the second resource. The method further includes receiving first credentials of the user. The method further includes, responsive to validating the first credentials, generating a second authentication event, associating the second authentication event with the primary token, and issuing a first secondary token that authenticates the user to access the second resource.
    Type: Grant
    Filed: February 13, 2017
    Date of Patent: January 1, 2019
    Assignee: VMWare, Inc.
    Inventors: Emily Hong Xu, Shraddha Ladda, Dale Robert Olds
  • Patent number: 10164966
    Abstract: This invention provides for data generated by intelligent devices exchanging information about their operation and performance over the so-called “Internet of Things” to be unidentified. Where particulars about an individual associated with a networked device are relevant to the operation and performance of the device, this invention provides for said particulars to be made available in digital certificates bound to the device. Data records generated by the device when operating with a certain individual are digitally signed at the time and later verified using said certificates, thus reliably conveying those particulars with the data. The identity of the individual is decoupled from the device and the data generated by the device.
    Type: Grant
    Filed: February 24, 2014
    Date of Patent: December 25, 2018
    Inventor: Stephen Wilson
  • Patent number: 10164903
    Abstract: Embodiments of the present application provide a method for controlling access of an application to a network, and a device. The method includes: acquiring application configuration information, where the application configuration information includes identification information of an application that is allowed to access a network or identification information of an application that is prohibited from accessing a network. The method also includes receiving access control information that is sent by an access network device, and determining, according to the application configuration information and the access control information, whether to allow an application of user equipment to access the network.
    Type: Grant
    Filed: April 29, 2016
    Date of Patent: December 25, 2018
    Assignee: Huawei Technologies Co., Ltd
    Inventors: Yali Guo, De Chen, Wanqiang Zhang, Weisheng Jin
  • Patent number: 10127372
    Abstract: An electronic device, a method of an electronic device authenticating a user and a computer readable recording medium are provided, The electronic device includes a storage configured to store an identifier and attributes of a first object as authentication information, a display configured to display a plurality of authentication objects comprising a second object that has one or more of the attributes of the first object and has a form different from a form of the first object, in response to a request to perform an authentication procedure, and a controller configured to authenticate a user based on an attribute of an authentication object selected by the user from among the plurality of displayed authentication objects and the stored authentication information.
    Type: Grant
    Filed: February 18, 2015
    Date of Patent: November 13, 2018
    Inventors: Sandeep Gupta, Gaurav Kakkar
  • Patent number: 10115249
    Abstract: A biometric access-control system is disclosed, wherein the system is compatible with access cards, comprising a biometric reader that converts biometric data to emulate an access card number, wherein only the emulated access card number is stored in a database.
    Type: Grant
    Filed: May 23, 2017
    Date of Patent: October 30, 2018
    Inventor: Yevgeny Levitov
  • Patent number: 10114977
    Abstract: A facility for accessing information relating to a person is described. In a reader device, the facility accesses first credentials stored in a first storage device, second credentials stored in a second storage device, and third credentials stored in the reader device. In the reader device, the facility uses a combination of the first credentials, second credentials, and third credentials to decrypt information relating to the person stored in the first storage device.
    Type: Grant
    Filed: October 26, 2017
    Date of Patent: October 30, 2018
    Assignee: VYRTY Corporation
    Inventors: Raif Khassanov, Eugene Luskin, Yakov P. Grinberg, Eugene Kolker
  • Patent number: 10116665
    Abstract: This disclosure is directed to securely exchanging information between private domains. Methods and systems of the disclosure perform operations including providing a user identifier (“ID”) and a first session ID to a user of a first private domain. The operations further include receiving from the user a service call for a first analytic service. Additionally, the operations include providing a service message for a second analytic service residing in a second private domain. Moreover, the operations include receiving a first verification message from the second private domain. The operations also include validating the first verification message. The operations further include providing a second verification message. Additionally, the operations include receiving a response message from the second private domain, the response message including information determined by the second analytic service based on job information in the service message.
    Type: Grant
    Filed: December 3, 2015
    Date of Patent: October 30, 2018
    Inventors: Jian Dong, Michael W. Pieknik, Joshua L. DeLong, Sean T. Johnson
  • Patent number: 10104019
    Abstract: According to one aspect, a system for locating application-specific data that includes a server, a broker, and an agent. An operator may define a command using the server, and this command may be sent to the broker. The broker may then send the command to the agent operating on an end-point system. The agent may then conduct an application-specific data search on the end-point system in respect of the user command. Search results may then be sent to the broker. The broker may then sent the search results to the server.
    Type: Grant
    Filed: May 27, 2015
    Date of Patent: October 16, 2018
    Assignee: Magnet Forensics Inc.
    Inventors: Nicholas Bruce Alexander Cosentino, Tayfun Uzun
  • Patent number: 10097527
    Abstract: A method of managing authentication during a user session comprises the steps of operating a user session for a specific user, maintaining a user authentication level for the user session, monitoring one or more factors relating to the user's activity, applying one or more rules to the monitored factors, detecting that a rule has indicated the user's current authentication level is too high, and lowering the user's authentication level, without ending the user's session.
    Type: Grant
    Filed: August 21, 2015
    Date of Patent: October 9, 2018
    Assignee: International Business Machines Corporation
    Inventors: Kevin C. Brown, Peter W. Jenkins, Stephen D. Pipes, Larissa C. Romualdo Suzuki
  • Patent number: 10089483
    Abstract: The application relates to systems, devices and methods for controlling enablement of resources based on a number of tokens in a token store. A resource is enabled when a number of tokens in the token store is greater than a minimum value. The resource is disabled when the number of tokens in the token store is not greater than the minimum value. When used in combination with an authorisation source, such as an authorisation source stored on a server or storage means, the token store provides a grace period during which the resource is enabled, even if the authorisation source is unavailable due to network or hardware failure, or disconnection of the storage means, for example.
    Type: Grant
    Filed: December 2, 2014
    Date of Patent: October 2, 2018
    Assignee: Metaswitch Networks Limited
    Inventors: Max Dymond, Colin Michael Treganza Dancer
  • Patent number: 10083326
    Abstract: A method of accessing a physically secured rack includes assigning a task identification by a key computer system, which specifies a task for an administrator of an administration user group for access to the rack, transmitting the task identification from the key computer system to the administrator and an access control unit for the rack, prompting an input of the task identification by the access control unit, verifying the input task identification by the access control unit, prompting input of a personal access identification of the administrators by the access control unit, verifying the input personal access identification of the administrator by the access control unit, and releasing a physical access security system for the access to the administrator to the rack if both preceding verification steps are successful.
    Type: Grant
    Filed: January 26, 2015
    Date of Patent: September 25, 2018
    Assignee: Fujitsu Technology Solutions Intellectual Property GmbH
    Inventors: Heinz-Josef Claes, Ulrich Feldmann
  • Patent number: 10063655
    Abstract: An information processing method, a trusted server, and a cloud server. The method includes acquiring user data of a user terminal, extracting summary information of the user data, where the summary information includes privacy information and non-privacy information of a user, generating a unique identifier (UID) for the privacy information, and transmitting the non-privacy information and the UID to a cloud server, so that the cloud server saves a correspondence between the non-privacy information and the UID.
    Type: Grant
    Filed: August 7, 2015
    Date of Patent: August 28, 2018
    Inventors: Chan Wang, Huangwei Wu
  • Patent number: 10064052
    Abstract: Devices and methods are described to enable devices to be paired in a convenient and secure way based on proximity with the use of a single radio transmission protocol. Using devices configurable to perform the processes described, users are able to pair Bluetooth enabled devices or other radio communication protocols simply by putting the devices briefly in contact, or within close proximity, usually few centimeters. When the two devices touch or are in close proximity, the encryption key is shared across the two devices without further interaction required by the user. The encryption key is not made visible, so one potential source of security breach is eliminated. After first setup, proximity is not required and the device can communicate securely based on the previously exchanged security tokens (and encryption keys) without the requirement of proximity.
    Type: Grant
    Filed: June 25, 2014
    Date of Patent: August 28, 2018
    Assignee: QARDIO, INC.
    Inventors: Marco Peluso, Rosario Iannella
  • Patent number: 10043175
    Abstract: A secure fob that enables a user to pay for an item or items without needing to present a mobile device. A secure fob may include a proximity capability to ensure that a mobile device is within a particular range, thereby eliminating the risk of fraudulent charges on a stolen fob. In such an embodiment, a fob may be disabled if the fob is not paired with the mobile device by virtue of being disconnected and/or physically separated from the mobile device. The secure fob also may include enhanced features to authorize transactions and locate the mobile device and/or the secure fob.
    Type: Grant
    Filed: December 11, 2015
    Date of Patent: August 7, 2018
    Inventors: Thomas S. Poole, Paul Young Moreton, Hutch Douglas, Anthony Swider, III, Thomas Christopher Clarke
  • Patent number: 10021092
    Abstract: Systems and methods for providing access to secure information are disclosed. In one aspect, a computer-implemented method for providing access to secure information comprises receiving a first one-time password (OTP) from a computing device, and verifying whether the first OTP is valid. The method also comprises, if the first OTP is valid, performing the steps of generating a second OTP for accessing the secure information, and transmitting the second OTP to the computing device. In another aspect, a computer-implemented method for providing access to secure information comprises generating a first one-time password (OTP), and transmitting the first OTP to an OTP device. The method also comprises, in response to the first OTP, receiving a second OTP from the OTP device, and sending the second OTP to a system that controls access to the secure information, wherein the first OTP is different from the second OTP.
    Type: Grant
    Filed: March 3, 2016
    Date of Patent: July 10, 2018
    Assignee: GOOGLE LLC
    Inventors: Randall R. Spangler, Sumit Gwalani
  • Patent number: 10015159
    Abstract: Provided is a terminal authentication system including a client terminal and a server device. The client terminal transmits first information based on secret information different for each client terminal and a client certificate including a hash value of the secret information which is derived from the secret information, to a server device. The server device receives the first information and the client certificate, derives a hash value from the secret information based on the first information using a unidirectional function, and authenticates the client terminal on the basis of the derived hash value and the hash value of the secret information which is included in the client certificate.
    Type: Grant
    Filed: May 14, 2015
    Date of Patent: July 3, 2018
    Inventors: Saburo Toyonaga, Hiroyuki Tanaka, Kenjiro Ike, Masakatsu Matsuo
  • Patent number: 10007767
    Abstract: An extensible servicing hosting platform is provided that supports the design, build and concurrent deployment of multiple web accessible services on a services hosting platform. The services hosting platform comprises a services hosting framework capable of hosting multiple service applications, each of which may be shared by multiple tenants that each customize their use of a particular application service by extending the application service to exploit run time platform services within a service execution pipeline. The services hosting framework may easily be leveraged by applications to decrease the time associated with developing, deploying and maintaining high quality services in a cost effective manner.
    Type: Grant
    Filed: December 21, 2007
    Date of Patent: June 26, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Zahid N. Ahmed, Harsha Ramalingam, Andrew Wilson Homer
  • Patent number: 10009174
    Abstract: A key protecting device is provided. The key protecting device includes a crypto engine, a ROM and a processor. The ROM stores a chip unique key, and is exclusively accessible to the crypto engine. The processor receives a first salt value and a first encrypted key from a non-volatile memory. The crypto engine receives the chip unique key from the ROM, receives the first salt value and the first encrypted key from the processor, and generates a first key according to the first salt value, the chip unique key and the first encrypted key.
    Type: Grant
    Filed: July 21, 2015
    Date of Patent: June 26, 2018
    Assignee: MStar Semiconductor, Inc.
    Inventor: Chun-Ming Chou
  • Patent number: 10009288
    Abstract: Systems and methods of the present invention provide for one or more server computers communicatively coupled to a network and configured to: receive, from a sub domain registration settings control panel displayed on a client computer, rule or prerequisites required for a sub domain registrant to register a sub domain, and store these rules or prerequisites in a database. The server(s) may then receive: a sub domain registration request, an IP address directing HTTP requests to the sub domain; and an authentication verifying that the prerequisite has been fulfilled. If authenticated, the server(s) may automatically insert the IP address into an A record or NS record in a zone file for the domain.
    Type: Grant
    Filed: December 30, 2015
    Date of Patent: June 26, 2018
    Assignee: Go Daddy Operating Company, LLC
    Inventors: Arnold Blinn, Andrew Low Ah Kee
  • Patent number: 10009341
    Abstract: A keyboard includes a plurality of keys, a plurality of keyboard components coupled to the keys, and one-time password (OTP) generation hardware integrated with at least some of the keyboard components, where actuating at least one of the keys causes a one-time password to be generated. The OTP generation hardware may be actuated with a dedicated button on the keyboard, by pressing a button on the keyboard that is otherwise used for pairing the keyboard to a device, or by pressing a specific sequence of keys on the keyboard. The keyboard may maintain state information to cause input by the user for OTP generation to be provide to the OTP generation hardware instead of to a device paired with the keyboard. The keyboard may also include a display that is part of the keyboard, where the display shows the one-time password generated by the OTP hardware.
    Type: Grant
    Filed: May 27, 2016
    Date of Patent: June 26, 2018
    Assignee: ASSA ABLOY AB
    Inventors: Georges Robert Vieux, Eric Vila, Janice Girouard, Daniel Halber
  • Patent number: 9998878
    Abstract: A method includes sending a message to a mobile device via a first network, the message including set-up information related to a communication session. The method may further include establishing a wireless peer-to-peer communication session with the mobile device via a second network in response to a selection of a selectable link at the mobile device, the selectable link based on the set-up information.
    Type: Grant
    Filed: November 3, 2015
    Date of Patent: June 12, 2018
    Assignee: AT&T MOBILITY II LLC
    Inventor: Edward G. Schmit
  • Patent number: 9992028
    Abstract: The system, method, and computer program product described herein may provide the capability to handle a variety of types of transactions, not just payment transactions. In addition, system, method, and computer program product described herein may provide the capability for users to be able to control the confidentiality of their transactions, for the system to control access to transactions, for the system to be capable of auditing transactions, and to provide accountability of the validating entities.
    Type: Grant
    Filed: December 3, 2015
    Date of Patent: June 5, 2018
    Assignee: International Business Machines Corporation
    Inventors: Elli Androulaki, Angelo DeCaro, Thorsten Kramp, Alessandro Sorniotti, Marko Vukolic
  • Patent number: 9992171
    Abstract: Various aspects of a method and system for digital rights management of encrypted digital content are disclosed herein. The method includes determination of a seed value from a pre-stored vault file that corresponds to a registered user. The determination of the seed value is based on biometric information provided by the registered user. The method further includes generation of a set of intermediate values based on the determined seed value. The generation of the set of intermediate values is based on a pre-determined rule. The method further includes determination of a content key based on the generated set of intermediate values.
    Type: Grant
    Filed: November 3, 2014
    Date of Patent: June 5, 2018
    Inventors: Ravi Honnavalli Ramachandra Rao, Vishnuteja Chokkanahalli, Ajay Maruti Gaonkar
  • Patent number: 9992235
    Abstract: An information processing system includes at least one information processing terminal and a first information processing apparatus. When an instruction for selecting a user authentication mode, which is received, from a user, by a user interface of the information processing terminal, selects a second user authentication mode, circuitry of the first information processing apparatus determines whether a sum of charges for services used by the user while logging in the information processing terminal via the second user authentication mode after a most recent login via a first user authentication mode exceeds a predetermined amount, and generates an authentication result indicating that the user is not the authenticated user.
    Type: Grant
    Filed: April 20, 2016
    Date of Patent: June 5, 2018
    Assignee: RICOH COMPANY, LTD.
    Inventors: Mitsuru Satoh, Nobuhiro Morita, Tomoyuki Nozawa, Yoshihiro Ogura
  • Patent number: 9977907
    Abstract: Provided are an encryption processing method and device for an application, and a terminal. In the method, a first application to be encrypted is acquired, wherein the first application to be encrypted is selected by a user of the terminal; the user is prompted to input first information; a first key is generated according to the first information; the first application is encrypted by using the first key and the first key is stored in the first application. The technical solution can encrypt an application.
    Type: Grant
    Filed: August 28, 2013
    Date of Patent: May 22, 2018
    Inventor: Xipeng Li
  • Patent number: 9948826
    Abstract: In embodiments disclosed herein disclose methods and systems for providing a multitenant facsimile server. The computer instructions may be executable to maintain a set of entity information, wherein the entity information defines a plurality of tenants, and maintain a database configured to store transmitted and received fax documents corresponding to a plurality of tenants. The computer instructions may be further executable to receive a facsimile document at the fax server, wherein the facsimile document comprises one of a document to be transmitted or a received fax. The computer instructions may be further executable to identify a tenant associated with the document based on an identifier. Further, the computer instructions may be executable to store the document in the database, wherein the document is associated with the tenant in the database.
    Type: Grant
    Filed: January 27, 2015
    Date of Patent: April 17, 2018
    Assignee: Open Text SA ULC
    Inventors: Michael Riedel, Treber Rebert
  • Patent number: 9946852
    Abstract: A portable hardware device such as a USB memory stick is used to provide parental locking functionality to a computer. When the device is coupled to the computer, the computer is unlocked and allowed to operate normally. When the device is not coupled to the computer, the computer is locked, and some or all of the computing functionality is blocked. This enables parents to lock and unlock a child's computer with a “key.” A detecting module detects the coupling and uncoupling of devices to the computer. When a device is coupled to the computer, an identifying module identifies the device by reading its unique identifier, and determining whether the coupled device is the one being used as the key. If so, the computer is unlocked, and allowed to operate. If not, a blocking module blocks at least some capabilities of the computer.
    Type: Grant
    Filed: October 20, 2009
    Date of Patent: April 17, 2018
    Assignee: Symantec Corporation
    Inventors: Shaun Cooley, Rowan Trollope
  • Patent number: 9940450
    Abstract: The invention is a method and apparatus for managing the secure acquisition, storage and disclosure of confidential information, to facilitate identity rights management; and/or preemptively authorized data querying techniques to preserve the anonymity of disclosed personal data.
    Type: Grant
    Filed: June 15, 2015
    Date of Patent: April 10, 2018
    Inventor: Charles R. Bowers
  • Patent number: 9922186
    Abstract: A method of providing an additional safety mechanism comprising enabling a setting up of a transaction using a mobile device, between a recipient and a provider, the transaction to be completed face-to-face, providing a wearable device, capable of connecting to the mobile device of the recipient and the mobile device of the provider, the wearable device used to identify an owner of the wearable device as the indicated provider. The method further comprising using the connection between the wearable device and the recipient mobile device to provide an authentication of the recipient to the provider.
    Type: Grant
    Filed: March 30, 2016
    Date of Patent: March 20, 2018
    Assignee: DP Technologies, Inc.
    Inventors: Philippe Richard Kahn, Arthur Kinsolving, Mark Andrew Christensen, Sonia Lee Kahn
  • Patent number: 9917843
    Abstract: The present disclosure relates generally to secure data management techniques. Techniques are described for pairing devices and using the pairing information for granting or denying requests (e.g., data exchange requests) from the devices, for example, in a cloud environment, including Internet of Things (IoT) cloud. Devices can be paired with each other according to their identification information. Subsequently, when an original request is received from a first device, and a chasing request received from a second device, the pre-registered pairing information is used to determine whether the first and second devices form a valid pair and the original request is granted or denied based upon that determination. For example, the request may be granted only if it is determined that the first device and the second device have been previously paired.
    Type: Grant
    Filed: January 6, 2016
    Date of Patent: March 13, 2018
    Assignee: Kii, Inc.
    Inventors: Taro Muraoka, Susumu Ishizuka, Makoto Iguchi
  • Patent number: 9904809
    Abstract: Aspects of a method and system for multi-level security initialization and configuration are provided. A security system may comprise a security processor, a host processor, and at least one security component, such as a descrambler. The security processor may enable a security component based on information stored within a non-volatile memory integrated within the security processor. The host processor may enable generation of at least one configuration command communicated to the security processor for configuring the enabled security component. The configuration command may correspond to a security control operational mode for the security component that may indicate, for example, activation or deactivation of the security component. The security processor may authenticate a digital signature in the configuration command. Initialization and configuration may be performed during a system boot sequence of the security system.
    Type: Grant
    Filed: March 6, 2007
    Date of Patent: February 27, 2018
    Assignee: Avago Technologies General IP (Singapore) Pte. Ltd.
    Inventors: Shee-Yen Tan, Xuemin Chen, Iue-Shuenn Chen, Qiang Ye
  • Patent number: 9898598
    Abstract: An authentication system comprises a host computer; and a non-volatile memory that includes a memory cell array including a plurality of memory cells are arranged in array, the plurality of memory cells including: a memory cell in a variable state, in which a resistance value reversibly changes between a plurality of changeable resistance value ranges in accordance with an electric signal applied; and a memory cell in an initial state which does not change to the variable state unless a forming stress for changing the memory cell in the initial state to the variable state is applied thereto, a resistance value of the memory cell in the initial state being within an initial resistance value range which does not overlap with the plurality of changeable resistance value ranges, wherein in the memory cell array, data including first authentication data is stored on the basis of whether each of the plurality of memory cells is in the initial state or the variable state, wherein at least one of the host computer an
    Type: Grant
    Filed: April 13, 2015
    Date of Patent: February 20, 2018
    Assignee: Panasonic Intellectual Property Management Co., Ltd.
    Inventor: Yoshikazu Katoh
  • Patent number: 9852284
    Abstract: Techniques are described for logically isolating data I/O requests from different operating systems (OSes) for a same multi-tenant storage system (MTSS). Techniques provide for OSes and the MTSS to obtain security tokens associated with the OSes. In an embodiment, an OS uses a security token to generate an authentication token based on the contents of a data input/output (I/O) request and sends the authentication token to the MTSS along with the data I/O request. When an MTSS receives such data I/O request, MTSS retrieves its own copy of the security token associated with the OS and generates its own authentication token based on the contents of the received data I/O request. If the authentication token generated by the MTSS matches the authentication token generated by the OS, then the data I/O request is successfully authenticated. Otherwise, if the authorization tokens fail to match, then the data I/O request has been compromised.
    Type: Grant
    Filed: April 28, 2017
    Date of Patent: December 26, 2017
    Assignee: Oracle International Corporation
    Inventors: Samarjeet Tomar, Prasad Bagal, Harish Nandyala
  • Patent number: 9846778
    Abstract: In an resource-on-demand environment, dynamically created server instances are allowed to boot from encrypted boot volumes. Access keys to the boot volumes are provided from a key provider that authenticates new instances based on possession of a security token that has been previously shared between the key provider and the new instance through an out-of-band communication.
    Type: Grant
    Filed: December 30, 2016
    Date of Patent: December 19, 2017
    Assignee: Amazon Technologies, Inc.
    Inventor: Eric J. Brandwine
  • Patent number: 9847986
    Abstract: In a networked environment, a client side application executed on a client device may transmit a request to an authorization service for access to a resource. The authorization service may authenticate the user of client device and/or the client device based on user credentials and/or a device identifier. In response to authenticating the user and/or the client device, the authorization service may send to the client side application a request for confirmation that the client device complies with a distribution rule associated with the resource, where the distribution rule requires a specific application or specific type of application to be installed, enabled and/or executing on the client device as a prerequisite to accessing the resource. If the client device complies with the distribution rule, the client side application accesses the resource. Accessing the resource may include receiving an authorization credential required for access to the resource.
    Type: Grant
    Filed: November 17, 2015
    Date of Patent: December 19, 2017
    Assignee: AirWatch LLC
    Inventor: Erich Stuntebeck
  • Patent number: 9847882
    Abstract: Multiple factor authentication in an identity certificate service is disclosed. A certificate including a cryptographically-obscured identifier associated with the end entity is sent from an end entity to a service node. The service node uses both the certificate and the identifier to authenticate the end entity at least in part by comparing the identifier to a reference identifier. A service associated with the service node is accessed based at least in part on the authentication.
    Type: Grant
    Filed: March 24, 2017
    Date of Patent: December 19, 2017
    Assignee: MOBILE IRON, INC.
    Inventor: Mansu Kim
  • Patent number: 9804649
    Abstract: A system comprising at least one power device is provided. The at least one power device includes an input to receive power from a power source, an output operatively coupled to the input and configured to provide power, a data storage, a network interface, and a controller coupled to the input, the output, the data storage and the network interface. The controller is configured to provide, according to a reporting schedule, identification information directly to a cloud service via the network interface and provide, according to the reporting schedule, secured information directly to the cloud service, the secured information being descriptive of performance of the at least one power device.
    Type: Grant
    Filed: December 30, 2011
    Date of Patent: October 31, 2017
    Inventors: Daniel C. Cohen, Mark R. Melanson, James S. Spitaels
  • Patent number: 9774453
    Abstract: Disclosed are automated biometric enrollment workflow (ABEW) systems and method implemented on a mobile communications device that includes a processor, memory and a display. The method is executed by the processor and includes opening of ABEW user interface (UI), initiating automated biometric enrollment workflow in which first biometric mode of the automated biometric enrollment workflow is started, a biometric sensor/scanner connected to mobile communications device scanning or reading a first biometric, wherein the first biometric is associated with the first biometric mode, analyzing the quality of the read/scanned first biometric, determining if the quality is sufficient, if the quality is insufficient, repeating the scanning/reading, analyzing and determining for the first biometric until the quality of the first biometric is sufficient and if the quality is sufficient, storing the first biometric.
    Type: Grant
    Filed: April 1, 2015
    Date of Patent: September 26, 2017
    Inventors: Taylor D. Baldwin, Gregory T. Zarroli
  • Patent number: 9767267
    Abstract: Method and devices for making access decisions in a secure access network are provided. The access decisions are made by a portable credential using data and algorithms stored on the credential. Since access decisions are made by the portable credential non-networked hosts or local hosts can be employed that do not necessarily need to be connected to a central access controller or database thereby reducing the cost of building and maintaining the secure access network.
    Type: Grant
    Filed: March 25, 2015
    Date of Patent: September 19, 2017
    Assignee: Assa Abloy AB
    Inventors: Masha Leah Davis, Robert Wamsley, Tam Hulusi