Using Record Or Token Patents (Class 713/185)
-
Patent number: 11928083Abstract: Methods, systems and computer program products for recommendation systems. Embodiments commence by gathering a set of pathnames that refer to content objects of a collaboration system. A tokenizer converts at least some of the pathnames into vectors. The vectors comprise hierarchical path components such as folder names or file names, which vectors are labeled with an indication as to whether or not the folder or file referred to in a particular vector had been clicked on by one or more users. Some portion of the labeled vectors are used to train a predictive model. Another portion of the vectors are used to validate the predictive model. When the model exhibits sufficient precision and recall, the predictive model is then used to predict the probability that a particular user would have an interest in a particular folder or file. The folder name or file name is presented as a collaboration recommendation.Type: GrantFiled: January 31, 2019Date of Patent: March 12, 2024Assignee: Box, Inc.Inventors: David Vengerov, Sesh Jalagam, Victor De Vansa Vikramaratne
-
Patent number: 11928192Abstract: A host device, a storage device, and a method employ a vendor unique command (VUC) authentication system. The storage device includes a memory and a memory controller which includes a VUC authentication module and controls the memory. The VUC authentication module transmits first memory information about the memory to the host device, receives from the host device a one-time password generated by the first memory information, verifies the one-time password, and receives a vendor unique command from the host device when the one-time password is correct.Type: GrantFiled: July 29, 2022Date of Patent: March 12, 2024Assignee: Samsung Electronics Co., Ltd.Inventors: Bo Hyung Kim, Jang Hwan Kim, Moon Wook Oh, Da Woon Jung
-
Patent number: 11914713Abstract: An example computing device includes a user interface, a network interface, a non-volatile memory, a processor coupled to the user interface, the network interface, and the non-volatile memory, and a set of instructions stored in the non-volatile memory. The set of instructions, when executed by the processor, is to perform a hardware initialization of the computing device according to a setting, establish a local trust domain and a remote trust domain, use a local-access public key to issue a challenge via the user interface to grant local access to the setting, and use a remote-access public key to grant remote access via the network interface to remote access to the setting.Type: GrantFiled: February 28, 2019Date of Patent: February 27, 2024Assignee: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.Inventors: Jeffrey Kevin Jeansonne, Valiuddin Ali, Richard Alden Bramley, Jr., Adrian John Baldwin, Joshua Serratelli Schiffman
-
Patent number: 11907344Abstract: Systems and methods are provided for establishing personal connections between blinded secure non-random interested users. In an embodiment, at least one processor may be configured to execute instructions to perform operations comprising: receiving a first input from a first user comprising first identification parameters associated with a second user; receiving a second input from the second user comprising second identification parameters associated with the first user; determining a match based on the first and second inputs; and based on the determined match, notifying at least one of the first or second users of the determined match.Type: GrantFiled: May 27, 2022Date of Patent: February 20, 2024Assignee: Counseling and Development, Inc.Inventors: Soudabeh Larsen, Jill Polisner
-
Patent number: 11893105Abstract: User system authentication includes a service infrastructure system receiving, from the user system, an authentication request including a user account identifier, generating a first validation code by performing a hash algorithm on the user account identifier and a first timestamp associated with the authentication request, sending to an email account associated with the user account identifier, an email message including the first validation code, receiving from the user system, a verification code, in response to receiving the verification code, generating a second timestamp, validating the second timestamp, in response to determining that the second timestamp is valid, generating a second validation code by performing the hash algorithm on the user account identifier and the first timestamp associated with the authentication request, comparing the verification code and the second validation code, and authenticating the user system, in response to a determination that the verification code and the second vType: GrantFiled: June 8, 2022Date of Patent: February 6, 2024Assignee: Oversec, UABInventor: Kazimieras Celiesius
-
Patent number: 11888832Abstract: A computerized method supporting SSL-based or TLS-based communications with multiple cryptographically protected transmissions is described. Responsive to a first transmission including a first content encrypted with a public key of an intended recipient and a first digital signature for use in detect tampering to the first content, a second transmission is received. The second transmission includes a combined result including the first content and a second content, which is encrypted with a public key of the sender. Recovery of the first content verifies to the sender that the second transmission originated from the intended recipient. Thereafter, a third transmission is sent. The third transmission has data including at least the second content, being the remaining data after extraction of the first content from the combined result, which is encrypted with the public key of the intended recipient and a third digital signature for use in verifying non-tampering of the data.Type: GrantFiled: September 20, 2021Date of Patent: January 30, 2024Assignee: CHOL, Inc.Inventors: Michael R. Feinberg, Richard J. Blech
-
Patent number: 11880446Abstract: Systems and methods for decryption of payloads are disclosed herein. In various embodiments, systems and methods herein are configured for decrypting thousands of transactions per second. Further, in particular embodiments, the systems and methods herein are scalable, such that many thousands of transactions can be processed per second upon replicating particular architectural components.Type: GrantFiled: January 18, 2022Date of Patent: January 23, 2024Assignee: Bluefin Payment Systems LLCInventors: Timothy William Barnett, Alexander I. Kasatkin, Christopher Hozumi Miyata, Daniel Ruehle
-
Patent number: 11868966Abstract: A networking database and system into which profile information is aggregated from online websites and services to correlate discovered identities to one another via Intra-Personal Relationships, Inter-Personal Relationships, and Profile Information. Profile Information, Inter-Personal Relationships and related content of those identities which have been determined to have an Intra-Personal relationship are aggregated into Meta-Profiles. The aggregated Meta-Profiles' information is used in place of their component Intra-Related identities for optimized social graph operations, content customization, and audience operations such as: analysis, metrics, profiling and targeting. The system may define, categorize and group both identities and relationships belonging to individuals registered with the system and unregistered users through computational analysis. The system may be provided with Identities and Relationships directly from users, via third-party systems, or through automated discovery.Type: GrantFiled: August 4, 2021Date of Patent: January 9, 2024Inventor: Jonathan Brian Vanasco
-
Patent number: 11870766Abstract: An identity provider of a cloud computing service provides authentication for on-premise applications that is subject to a legacy authentication protocol that differs from the cloud-based network authentication protocol used by the identity provider. The identity provider generates a security ticket for use to gain access to the on-premise application. The security ticket is embedded in a security token associated with a cloud-based network authentication protocol. A client application seeking access to the on-premise application extracts the embedded security ticket from the security token which is then used to access the on-premise application via a legacy authentication protocol.Type: GrantFiled: December 16, 2020Date of Patent: January 9, 2024Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC.Inventors: Avraham Carmon, Joseph Isenhour, Aakashi Kapoor, Young Moon Ko, Sagar Bholanath Saha, Steven Syfuhs
-
Patent number: 11870906Abstract: Described is a system (and method) that provides a mechanism for guarding against cyber-attacks including ransomware, malware, and various other types of malicious attacks. The mechanism includes providing an isolated storage recovery account within a cloud-based storage infrastructure. The isolated storage recovery account secures data even in instances where credentials for a subscriber to a cloud-based service or the cloud-based provider itself is compromised. In order to ensure that data is still protected even when access credentials may be compromised (e.g. by a disgruntled employee), the mechanism requires a joint coordination between both the provider and the subscriber. The joint coordination may be mandated by the use of a particular multiple encryption technique for credentials that are required to access the isolated storage recovery account.Type: GrantFiled: September 6, 2018Date of Patent: January 9, 2024Assignee: EMC IP Holding Company LLCInventor: Yossef Saad
-
Patent number: 11859594Abstract: A management system for controlling a wind turbine according to prescribed rules and a safety system, separate from the management system, for monitoring the wind turbine on the basis of operational characteristic values, wherein the safety system transfers the wind turbine to a safe plant state independently of the management system if safety-critical operational characteristic values violate safety parameters stored in the safety system, in order to change at least one safety parameter stored in the safety system a parameter block comprising the at least one safety parameter and at least two safety features is supplied to the safety system and accepted by the safety system only after a positive check on the safety features, wherein the check on at least one of the safety features requires comparison against check information available directly on the wind turbine.Type: GrantFiled: May 7, 2019Date of Patent: January 2, 2024Assignee: Siemens Gamesa Renewable Energy Service GmbHInventors: Karsten Warfen, Stefan Behl
-
Patent number: 11861400Abstract: A method of selecting a distributed framework includes identifying, by a selection device coupled to a memory, at least a first cryptographic evaluator of a plurality of cryptographic evaluators, wherein identifying the at least a first cryptographic evaluator further comprises and evaluating a secure proof generated by the at least a first cryptographic evaluator, and identifying the at least a first cryptographic evaluator as a function of the secure proof, assigning, by the selection device, a confidence level of the at least a first cryptographic evaluator, and selecting, by a selection device, a distributed framework from the plurality of cryptographic evaluators as a function of the confidence level, and assigning a task to the distributed framework.Type: GrantFiled: June 14, 2022Date of Patent: January 2, 2024Assignee: Ares Technologies, IncInventor: Christian T. Wentz
-
Patent number: 11838416Abstract: [Object] To provide a communication system that makes it possible to improve security. [Solution] Provided is a communication system including: a first device configured to transmit encrypted information that is encrypted by using a first encryption key; and a second device configured to execute a predetermined process based on the encrypted information obtained from the first device, and a second encryption key that is common to the first encryption key. The first device includes a first change section configured to change the first encryption key in the case where a first condition is satisfied. The second device includes a second change section configured to change the second encryption key in the case where a second condition is satisfied, the second condition being common to the first condition.Type: GrantFiled: April 3, 2020Date of Patent: December 5, 2023Assignee: KABUSHIKI KAISHA TOKAI RIKA DENKI SEISAKUSHOInventors: Yosuke Ohashi, Masateru Furuta
-
Patent number: 11838424Abstract: A module has a processor for executing an encryption process to encrypt a message to a cipher-text with authentication. The encryption process includes generating a tag from a secret message authentication code (MAC) key, a nonce, a message, and optionally an additional data using a Poly1305 function, generating a pseudorandom initialization vector (IV) from a secret encryption key and the tag using a first encryption function, and generating a cipher-text from the secret encryption key, the generated IV, and the message using a second encryption function. The module or a similar module may execute a corresponding decryption process to decrypt the cipher-text to a decrypted message and verify the authenticity of the cipher-text. At least one of the first and second encryption functions may be an Advanced Encryption Standard (AES) encryption function such as an AES-CTR encryption function, an AES-like encryption function, and/or other suitable encryption functions.Type: GrantFiled: May 13, 2021Date of Patent: December 5, 2023Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Kassem Kalach, Ali Abbassi, Teng Wu
-
Patent number: 11831659Abstract: Methods and apparatus for real-time security monitoring on a computing device are presented. A system may define privileges to access hardware interfaces for each process of a plurality of processes executing on a computing device. The privileges may be defined in a privileged operating system level that controls root access to an operating system. In response to a determination that a process is attempting to access a hardware interface, the system may determine whether the process is privileged to access the hardware interface by checking the privileges. In response to determining that the process is not privileged to access the hardware interface, the intrusion detection agent may terminate the process.Type: GrantFiled: August 12, 2020Date of Patent: November 28, 2023Assignee: Comcast Cable Communications, LLCInventors: James Fahrny, Kyong Park
-
Patent number: 11823200Abstract: One or more embodiments include obtaining information from a physical payment card. Based on the information from the physical payment card, an output is obtained that includes a valid account number corresponding to the physical payment card. The valid account number is displayed to the cardholder. The physical payment card does not contain a visual indication of the valid account number and thus cannot be used by a malicious entity. One or more embodiments may include a physical payment card. The physical payment card includes a fake account number that cannot be used for executing a transaction based on funds associated with the physical payment card. They physical payment card may also include a key that can be mapped to a valid account number that can be used for executing a transaction based on funds associated with the physical payment card.Type: GrantFiled: July 6, 2020Date of Patent: November 21, 2023Assignee: Oracle International CorporationInventor: Girish Anantharaju
-
Patent number: 11823192Abstract: Systems, methods, and apparatuses for storing verified identification information in a distributed database and for verifying entities to requestors are provided herein. Identity information relating to an entity is verified by a generally recognized identity provider (GRIP). Once verified, the GRIP populates a distributed database with an entry corresponding to the verified identity information. The distributed database is publically accessible such that identity requestors can see the entries in the distributed database. In some arrangements, the distributed database is write-protected such that only an authorized GRIP can modify the distributed database. An entity can provide information to a requestor to verify an identity attribute of the entity to the requestor. The requestor uses information provided by the entity to retrieve verified entity identification information from the distributed database and to confirm that the identity attribute was verified by an authorized GRIP.Type: GrantFiled: March 13, 2023Date of Patent: November 21, 2023Assignee: Wells Fargo Bank, N.A.Inventor: Michael M. Dowling
-
Patent number: 11823114Abstract: An apparatus has a memory that stores instructions executed by a processor to receive from a source node machine in a network a unique identifier for an object, where the source node machine executes a first instance of an object tracking application. The source node is designated as a parent in a chain-of-custody. The unique identifier and source node information are recorded in an immutable ledger. Updates for the object are received from intermediate node machines in the network. The information updates are recorded in the immutable ledger. A final information update for the object is received from a destination node machine. The final information update is recorded in the immutable ledger. A chain-of-custody map is constructed for the object. The chain-of-custody map is augmented with layers of spatially related data to form a composite chain-of-custody map.Type: GrantFiled: April 4, 2022Date of Patent: November 21, 2023Assignee: KAMILO, INC.Inventors: William Robberson, Anna-Marie Cook
-
Patent number: 11816546Abstract: Fairness and output authenticity for secure distributed machine learning is provided by way of an encrypted output of a garbled circuit which is simultaneously provided to a garbler and an evaluator by an output discloser. Related systems, methods and articles of manufacture are also disclosed.Type: GrantFiled: November 9, 2022Date of Patent: November 14, 2023Assignee: SAP SEInventor: Laurent Y. Gomez
-
Patent number: 11805416Abstract: A method for communicating over a wireless network includes broadcasting, by a Multi-Link Device (MLD) device, service data indicative of one or more services for wireless communication with a client device; wherein the service data indicates that a service type is differentiated based on a type of the client device; establishing a security association with the client device; and in response to establishing a security association with the client device, granting access by the client device to a subset of the one or more services based on the type of the client device.Type: GrantFiled: July 8, 2021Date of Patent: October 31, 2023Assignee: Apple Inc.Inventors: Yong Liu, Jinjing Jiang, Jarkko Lauri Sakari Kneckt, Tianyu Wu, Qi Wang, Lochan Verma, Su Khiong Yong
-
Patent number: 11805112Abstract: This disclosure describes techniques for performing enhanced authentication of a device based on physical and logical proximity of the device to one or more other authenticated devices. An example method includes performing, at a first time, a first authentication of a first device or a first user of the first device and determining that the first device is connected to at least one second device in a communication session. The at least one second device or at least one second user of the at least one second device are authenticated. The example method further includes determining a reauthentication interval based on the first device being connected to the at least one second device in the communication session and initiating, at a second time that is after the first time by the reauthentication interval, a second authentication of the first device or the first user of the first device.Type: GrantFiled: February 17, 2021Date of Patent: October 31, 2023Assignee: Cisco Technology, Inc.Inventors: David J Zacks, Carlos M. Pignataro, Thomas Szigeti
-
Patent number: 11756036Abstract: Techniques for an identity-verification system to analyze image data representing palms of users using a segmented, characteristic-based approach. The system may compare palm-feature data representing characteristics of a palm of a user (or “query palm”) with stored palm-feature data of palms for user profiles (or “stored palms”). For instance, the system may identify characteristics of the query palm having salient or discriminative features, and compare palm-feature data for those discriminative characteristics to palm-feature data representing corresponding characteristics of stored palms of enrolled users. Additionally, the system may compare characteristics of the query palm with corresponding characteristics of stored palms until the system is confident that the query palm corresponds to a stored palm of a user profile.Type: GrantFiled: December 13, 2019Date of Patent: September 12, 2023Assignee: Amazon Technologies, Inc.Inventors: Manoj Aggarwal, Prithviraj Banerjee, Gerard Guy Medioni, Brad Musick
-
Patent number: 11750568Abstract: Cross domain resource access includes accessing resources in a first domain from a second domain. This may be performed using the methods, system, and devices described herein. This may include maintaining a mapping identifier for a user of a service provider based on user information. The service provider may provide first and second security domains for the user. The mapping identifier may be associated with an endpoint of a private cloud computing service of the first security domain. The may also include receiving, from the first security domain, a request associated with a resource of the second security domain, the request comprising the mapping identifier. This may also include routing the request from the first security domain to the second domain via a first private network link of the first security domain and a second private network link of the second security domain using a confidentiality controlled interface.Type: GrantFiled: September 7, 2021Date of Patent: September 5, 2023Assignee: Amazon Technologies, Inc.Inventors: Oren Meron Rasekh, Christian Joseph Johnson, Anton S Dahbura, Gary Alan Huber
-
Patent number: 11748119Abstract: A method includes storing a user interface (UI) hierarchy of one or more screens associated with an application. The one or more screens are presented by an electronic device. A first screen presented by the electronic device is identified as an authentication screen of the application based on the stored UI hierarchy and/or UI elements of the screen. An authentication result is determined based on a deviation of the first screen or presentation of a second screen by the electronic device.Type: GrantFiled: October 22, 2021Date of Patent: September 5, 2023Assignee: SAMSUNG ELECTRONICS CO., LTD.Inventor: Hashir Khan
-
Patent number: 11729171Abstract: Disclosed are various embodiments for preventing the unintended leakage of cookie data. In one embodiment, a browser application stores cookie data from a first network site having a high-level domain in a client computing device. The cookie data includes a sharing attribute. The cookie data is automatically made accessible to the first network site. A network service is queried to obtain data indicating a classification associated with the first network site. The cookie data is made accessible to a second network site having the same high-level domain based at least in part on the sharing attribute and the classification meeting at least one predetermined criterion.Type: GrantFiled: August 6, 2021Date of Patent: August 15, 2023Assignee: Amazon Technologies, Inc.Inventors: Muhammad Wasiq, Nima Sharifi Mehr
-
Patent number: 11729006Abstract: A method for securing the communications between a publisher and a subscriber in an Internet of things networks. An example method includes receiving a challenge vector from a subscriber and determining a response vector using a physically unclonable function (PUF) for each challenge value in the challenge vector to generate a response value. The response vector it is sent to the subscriber.Type: GrantFiled: March 31, 2021Date of Patent: August 15, 2023Assignee: Intel CorporationInventors: Davide Carboni, Michael Nolan, Ned M. Smith, Mo Haghighi
-
Patent number: 11700257Abstract: A computer implemented system for controlling access to data associated with an entity includes a data storage device having a protected memory region, and one or more processors, at least one of which is operable in the protected memory region. The one or more processors are configured for: storing a secret key associated with the entity in a portion of the protected memory region associated with the entity; upon receiving entity data, storing the entity data in the portion of the protected memory region associated with the entity; and upon receiving an access grant signal, generating a smart contract, the smart contract defining the entity data to be accessed and a recipient of the entity data to be accessed.Type: GrantFiled: March 11, 2022Date of Patent: July 11, 2023Assignee: ROYAL BANK OF CANADAInventors: Edison U. Ortiz, Arya Pourtabatabaie, Ambica Pawan Khandavilli, Margaret Inez Salter, Jordan Alexander Richards, Iustina-Miruna Vintila, Sarah Rachel Waigh Yean Wilkinson
-
Patent number: 11693936Abstract: A system is described for authenticating a user on a client device using the user's mobile device and utilizing the audio channel. An authentication server receives a request from the client to initiate a session for the user, creates the session, and sends a session token back to the client along with a request for authentication. The client broadcasts an audio transmission containing the token to the mobile device over an audio channel using data-over-sound transmission. The mobile device receives the transmission via a microphone, obtains the token and the server identity from the transmission, and sends user credentials that are stored on the mobile device along with the token identifying the session directly to the authentication server. The server verifies the received credentials, confirms the token, and logs the user into the session.Type: GrantFiled: July 24, 2018Date of Patent: July 4, 2023Assignee: VMware, Inc.Inventors: Shengbo Teng, Wen Wang, Bin Guo, Wenping Fan, Tony Lu, Daniel James Beveridge
-
Patent number: 11669606Abstract: Biometric features are derived from security data associated with a subject. The security data is obtained from a security device. A biometric value is calculated from the biometric features. The biometric value is anonymized to an identifier associated with the subject. The identifier is integrated with event data associated with a security system. In an embodiment, the security device is a Personal Identification Number (PIN) pad integrated into a transaction terminal, the security data is fingerprint data, which is read from a finger of the subject placed on a fingerprint reader integrated into the PIN pad, and the biometric value is a PIN calculated from fingerprint data during a transaction at the transaction terminal. In an embodiment, the security device is a security camera, the security data is a secure video stream, and the biometric features are facial features of the subject in the secure video stream.Type: GrantFiled: November 19, 2021Date of Patent: June 6, 2023Assignee: NCR CorporationInventors: Tomasz Kruczek, Tim Gerlach, Lucas Henrique Silva, Bruce McBain, Garrett Paul Schubiner
-
Patent number: 11663584Abstract: A system to indicate to a user to enter a personal identification number (PIN) on a commercial off the shelf (COTS) device, the system comprising: a secure card reader communicatively coupled to the COTS device, and wherein the secure card reader receives a payment card; a payment application installed on the COTS device; and one or more devices other than the COTS device. The payment application installed on the COTS device transmits one or more prompts to the one or more devices other than the COTS device based on a set of signals received from the secure card reader. The secure card reader transmits the set of signals after the payment card is received at the secure card reader, and the one or more prompts comprise at least one indication to the user to enter the PIN on a display of the COTS device.Type: GrantFiled: July 7, 2021Date of Patent: May 30, 2023Assignee: STRIPE, INC.Inventors: Hwai Sian Tsai, Chi Wah Lo
-
Patent number: 11658965Abstract: Systems and methods for adaptive token verification are disclosed. For example, a system may include at least one memory storing instructions and one or more processors configured to execute the instructions to perform operations. The operations may include training a verification model to verify tokenized requests based on system identifiers. The operations may include receiving a tokenized request from an external system, the request comprising a system identifier of the external system. The operations may include generating output of the verification model based on the system identifier, and, based on the output, performing one of granting the request or blocking the request.Type: GrantFiled: March 8, 2021Date of Patent: May 23, 2023Assignee: Capital One Services, LLCInventors: Allison Fenichel, Brice Elder, Varun Gupta
-
Patent number: 11650740Abstract: The present disclosure relates to a memory device comprising: an array of memory cells; and an access management architecture providing a secure access to a test mode of the array of memory cells, the access management architecture comprising: a register group comprising data identifying the memory device; a cryptographic algorithm calculating an internal signature having a mechanism for ensuring data freshness; a non volatile memory area storing specific data to be used by the cryptographic algorithm for calculating the internal signature; a comparison block for comparing the calculated internal signature with a user provided signature to generate an enable signal allowing access to a test mode of the array of memory cells. The disclosure also relates to a System-on-Chip (SoC) component comprising a memory device as well as to a method for managing access to a memory array into a test mode.Type: GrantFiled: July 15, 2022Date of Patent: May 16, 2023Assignee: Micron Technology, Inc.Inventors: Alberto Troia, Antonino Mondello
-
Patent number: 11645484Abstract: Unique physical unclonable function objects are created by molding pre-magnetized or post-magnetized particles into a resin. The particles form a unique physical “fingerprint” based on the random particle size, position, polar rotation, magnetization level, particle density, etc. This invention addresses devices for accurately measuring the physical fingerprint of a PUF, specifically including the X, Y, & Z components of the magnetic field at enough discrete points on the PUF to allow a confident recognition of the identification. A handheld wand is described for measuring the magnetic field along an arbitrary path.Type: GrantFiled: March 6, 2020Date of Patent: May 9, 2023Assignee: Lexmark International, Inc.Inventors: Scott Richard Castle, Robert Henry Muyskens, Brant Dennis Nystrom
-
Patent number: 11645862Abstract: Aspects of this disclosure relate to a biometric sensing device that combines sensing with an actuator for two way communication between a finger on a surface and the device. The sensor can also function as an actuator. A finger can be authenticated based on an image of the finger generated by the sensor and also based on a response to energy delivered to the finger by the actuator. Two way communication can provide more robust authentication than fingerprint sensing alone.Type: GrantFiled: May 12, 2021Date of Patent: May 9, 2023Assignees: The Board of Trustees of the Leland Stanford Junior University, Orchid Sound Technologies LLCInventors: Butrus T. Khuri-Yakub, Morten Fischer Rasmussen, Gerard Touma, John N. Irwin, III
-
Patent number: 11641573Abstract: A system and method for providing an authentication state of a function execution device to a communication terminal is described. In some examples, the authentication state indicates whether authentication information is needed from the communication terminal before the communication terminal can request performance of one or more functions performable by the function execution device. In other examples, the communication terminal may provide to the communication terminal the authentication information irrespective of whether the function execution terminal has previously provided its authentication state to the communication terminal.Type: GrantFiled: September 8, 2021Date of Patent: May 2, 2023Assignee: Brother Kogyo Kabushiki KaishaInventor: Satoshi Suzuki
-
Patent number: 11632374Abstract: A system includes at least one processor to receive training data and generate at least one machine learning rule based on the training data to apply when a condition occurs, continually monitor at least one resource associated with a computing network for the condition in the computing network that may trigger an authorization control modification, the condition comprising one of an active project that uses the at least one resource, a security alert level change, a resource locality change, metadata associated with the condition, a skill assessment, and a business state analysis, determine that the condition has occurred in the computing network, and dynamically and automatically modify a user authorization control for at least one particular user responsive to the machine learning rule.Type: GrantFiled: March 21, 2022Date of Patent: April 18, 2023Assignee: Cobalt Iron, Inc.Inventors: Richard Raymond Spurlock, Robert Merrill Marett, Gregory John Tevis
-
Patent number: 11625500Abstract: A system for secure commingling of tenant isolated data includes a commingling storage unit, an interface, and a processor. The interface is configured to receive an indication of tenant data to be commingled. The processor is configured to determine one or more instances of sensitive data included in the tenant data, and transfer the tenant data to the commingling storage unit without transferring the one or more instances of sensitive data, wherein an index identifier is transferred to be stored in the commingling storage unit in place of an instance of sensitive data of the one or more instances of sensitive data.Type: GrantFiled: January 8, 2020Date of Patent: April 11, 2023Assignee: Workday, Inc.Inventors: Denis Gulsen, Erol Guney, Eric James Ranstrom
-
Patent number: 11615411Abstract: Systems, and associated methods, involving both a trusted and an untrusted device where sensitive data or keys are shared between those devices are disclosed. A disclosed method includes storing a key in a secure memory on a first device, receiving sensitive data via a user interface on a second device, generating a set of white box encryption instructions based on the key using a white box encryption generator on the first device, generating a complete data representation of the set of white box encryption instructions using a secure processor on the first device, transmitting the complete data representation from the first device to the second device, and encrypting the sensitive data using the complete data representation on the second device. The complete data representation is not Turing complete and is not executable with respect to the second device.Type: GrantFiled: October 23, 2020Date of Patent: March 28, 2023Assignee: CLOVER NETWORK, LLC.Inventor: Brian Jeremiah Murray
-
Patent number: 11606351Abstract: In an approach for authentication of a username, a processor maintains a mapping of usernames and realms. A processor receives a username and a time-based one-time password code (TOTP code) for the username based on an authentication application. A processor, upon receiving the TOTP code: determines a realm from the mapping based on the received username and the received TOTP; and requests an entry of a credential relating to the username in the realm. A processor, upon receiving of the requested credential, authenticates the username by determining that the received credential matches an expected credential for the realm.Type: GrantFiled: December 15, 2020Date of Patent: March 14, 2023Assignee: International Business Machines CorporationInventors: Thomas Dürr, Michael Baessler, Holger Koenig, Oliver Koeth, Thomas Schwarz
-
Patent number: 11605082Abstract: Systems, methods, and apparatuses for storing verified identification information in a distributed database and for verifying entities to requestors are provided herein. Identity information relating to an entity is verified by a generally recognized identity provider (GRIP). Once verified, the GRIP populates a distributed database with an entry corresponding to the verified identity information. The distributed database is publically accessible such that identity requestors can see the entries in the distributed database. In some arrangements, the distributed database is write-protected such that only an authorized GRIP can modify the distributed database. An entity can provide information to a requestor to verify an identity attribute of the entity to the requestor. The requestor uses information provided by the entity to retrieve verified entity identification information from the distributed database and to confirm that the identity attribute was verified by an authorized GRIP.Type: GrantFiled: June 30, 2021Date of Patent: March 14, 2023Assignee: Wells Fargo Bank, N.A.Inventor: Michael D. Dowling
-
Patent number: 11601280Abstract: A first string, having a first string value, that is associated with a sample set of material is received, wherein a second string, having a complementary value relative to the first string value, is also associated with the sample set of material. A determinative hash is generated using the first string value and a symmetric generator polynomial. A second hash, corresponding to the second string, is generated directly from the determinative hash. A canonized hash is generated using the determinative hash and the second hash. It is determined whether at least one of the first string or the second string is stored in string storage that is configured to store a plurality of strings, including by searching a hash table for the canonized hash; in the event it is determined that at least one of the first string or the second string is not stored in the string storage, at least one of the first string or the second string is stored in the string storage.Type: GrantFiled: February 25, 2021Date of Patent: March 7, 2023Assignee: OmniTier Storage, Inc.Inventors: Jonathan Darrel Coker, Travis Roger Oenning, Balamurugan Anandan
-
Patent number: 11593493Abstract: Providing smart contracts including secrets encrypted with oracle-provided encryption keys is disclosed. In one example, a contract creator encrypts sensitive data necessary for executing a smart contract into ciphertext using a symmetric cryptographic key K, and also encrypts the symmetric cryptographic key K into a wrapper using a public cryptographic key e of a contract executor. The contract creator then generates an envelope using a public cryptographic key o of a contract oracle, where the envelope includes the wrapper encrypted using the public cryptographic key o and a policy that includes condition(s) precedent and is digitally authenticated. The smart contract, including the envelope and the ciphertext, is deployed to the contract executor. The sensitive data thus may be provided within the smart contract itself, while being protected from unauthorized access in the event the smart contract is malicious or is compromised.Type: GrantFiled: January 18, 2019Date of Patent: February 28, 2023Assignee: Red Hat, Inc.Inventors: Michael H. M. Bursell, Axel Simon, Nathaniel McCallum
-
Patent number: 11593124Abstract: There is provided a computer-implemented method, device and system for automatically configuring a computer device located at a particular location of an entity having an associated local network. The method, system and device further comprises: detecting from another computer device metadata characterizing the particular location; determining from the metadata whether the computer device requires configuration and if so, performing configuration steps of: automatically determining a device type for the computer device based on one or more connected peripheral devices, the device type defining a role of the computer device within the particular location; sending metadata comprising the particular location and the device type to a central server for requesting configuration of the computer device and in response, receiving configuration information for the computer device.Type: GrantFiled: January 14, 2020Date of Patent: February 28, 2023Assignee: THE TORONTO-DOMINION BANKInventors: Michael Reid Pearce, Chad Philip McKenzie
-
Patent number: 11595381Abstract: Techniques for secure authentication in virtual reality are provided. A virtual reality application executing on a virtual reality device can provide virtual reality environment. The virtual reality application may communicate with a server that provides a plurality of objects for display in the VR environment. The environment can include an object that, once selected, may initiate an authentication process. Once initiated, an authentication application may be launched on the VR device, so that a private authentication environment may be provided to the user. The user may be prompted to provide a biometric sample using one or more input devices coupled to the VR device. The biometric sample can then be sent to the authentication server, so that an authentication result may be determined from a comparison of the sample to a biometric template established during registration.Type: GrantFiled: August 23, 2017Date of Patent: February 28, 2023Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Christopher Szafranski, Lance Weber
-
Patent number: 11593506Abstract: Systems and methods for obtaining a SQL query, translating the SQL into a modified SQL query incorporating a privacy mechanism, and outputting the modified SQL query incorporating the privacy mechanism. In some embodiments, the modified SQL query incorporating the privacy mechanism is forwarded to a SQL database.Type: GrantFiled: June 3, 2020Date of Patent: February 28, 2023Assignee: IMMUTA, INC.Inventors: Kyle Thomas Lilly, Joseph J. Regensburger, Alfred V. Rossi, III, Mason Sharp
-
Patent number: 11586760Abstract: A method for resolving ambiguity in computer data includes processing a record creation request transmitted from a computing device. The record creation request includes entity creation data and a login key. The login key includes a primary identifier and a password. The method also includes executing a matching algorithm with a selectable combination of the entity creation data at an entity database to identify a single entity record matching a selectable combination of the record creation request. The single entity record is linked to multiple different login keys. The method also includes updating one or more attributes of the single entity record with the entity creation data. Further, the method includes storing session data created during a session associated with the login key by using the login key to segregate the session data in the entity database, and linking the session data to the single entity record.Type: GrantFiled: June 24, 2020Date of Patent: February 21, 2023Assignee: MAIN SEQUENCE TECHNOLOGY, INC.Inventor: Michael H. Snyder
-
Patent number: 11568389Abstract: A mobile device includes a display device; a processor; and a memory device configured to store instructions that, when executed by the processor, cause the processor to: present, by the display device, a user interface for accessing a mobile online banking application; receive a credential for authenticating and accessing the mobile online banking application; provide, by the display device, an option to create a mobile wallet during use of the mobile online banking application; and responsive to receiving an indication to create the mobile wallet, install a mobile wallet application on the mobile device for future mobile wallet transactions.Type: GrantFiled: December 29, 2016Date of Patent: January 31, 2023Assignee: Wells Fargo Bank, N.A.Inventors: Ashish Bhoopen Kurani, Nikolai Stroke, Bipin Sahni, Stephen M. Ellis
-
Patent number: 11546344Abstract: An ID is managed, and access information including the ID is displayed on a first web browser. Thereafter, in response to reception of an access request by use of the access information from a second web browser, the predetermined web page is displayed on the second web browser, based on the ID included in the access request. Then, in response to completion of predetermined processing which is performed based on the predetermined web page, a first web page is displayed. In a case where display of a second web page, which is provided by a predetermined server, is requested by the user on the first web browser of the apparatus, the first web browser is controlled to perform a display for prompting an access to the predetermined server from another apparatus.Type: GrantFiled: June 5, 2020Date of Patent: January 3, 2023Assignee: Canon Kabushiki KaishaInventor: Yu Tomioka
-
Patent number: 11526717Abstract: The present disclosure relates a new generation “smart card” designed to create a severable invisible “bond” between the cardholder and the smart card itself where this trusted bond relationship is used to enhance and simplify the authentication process and during the use of the multi-purpose smart card. This new smart card is initiated and connected to a specific user using biometric information added to the card and the user using biometric information connects via a trusted bond with the card by pairing the biometric information which can be severed in one of multiple ways. The trusted bond with the smart card can be broken in one of multiple ways including disconnection from a network, distancing from the user, impact accelerometers, outside parameters, etc. The multi-function smart card also uses this established trusted bond with the user to simplify the authentication of the user for use of the card in encrypted computer network, ground security, or other retail and payment function.Type: GrantFiled: May 19, 2021Date of Patent: December 13, 2022Assignee: SENTRYCARD TECHNOLOGIES, INC.Inventors: Mark W. Bennett, John P. Calzaretta
-
Patent number: 11521213Abstract: Various embodiments are generally directed to continuous authentication of a user to a digital service based on activity of a contactless card positioned proximate to a computing device on which the digital service operates. For example, a series of periodic status messages may be provided between a client device and the contactless card to verify whether the contactless card remains active, wherein authorization to access the digital service continues while the contactless card is active, and terminates when the contactless card is inactive.Type: GrantFiled: July 18, 2019Date of Patent: December 6, 2022Assignee: Capital One Services, LLCInventors: Jeffrey Rule, Rajko Ilincic