Using Record Or Token Patents (Class 713/185)
  • Patent number: 11568389
    Abstract: A mobile device includes a display device; a processor; and a memory device configured to store instructions that, when executed by the processor, cause the processor to: present, by the display device, a user interface for accessing a mobile online banking application; receive a credential for authenticating and accessing the mobile online banking application; provide, by the display device, an option to create a mobile wallet during use of the mobile online banking application; and responsive to receiving an indication to create the mobile wallet, install a mobile wallet application on the mobile device for future mobile wallet transactions.
    Type: Grant
    Filed: December 29, 2016
    Date of Patent: January 31, 2023
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Ashish Bhoopen Kurani, Nikolai Stroke, Bipin Sahni, Stephen M. Ellis
  • Patent number: 11546344
    Abstract: An ID is managed, and access information including the ID is displayed on a first web browser. Thereafter, in response to reception of an access request by use of the access information from a second web browser, the predetermined web page is displayed on the second web browser, based on the ID included in the access request. Then, in response to completion of predetermined processing which is performed based on the predetermined web page, a first web page is displayed. In a case where display of a second web page, which is provided by a predetermined server, is requested by the user on the first web browser of the apparatus, the first web browser is controlled to perform a display for prompting an access to the predetermined server from another apparatus.
    Type: Grant
    Filed: June 5, 2020
    Date of Patent: January 3, 2023
    Assignee: Canon Kabushiki Kaisha
    Inventor: Yu Tomioka
  • Patent number: 11526717
    Abstract: The present disclosure relates a new generation “smart card” designed to create a severable invisible “bond” between the cardholder and the smart card itself where this trusted bond relationship is used to enhance and simplify the authentication process and during the use of the multi-purpose smart card. This new smart card is initiated and connected to a specific user using biometric information added to the card and the user using biometric information connects via a trusted bond with the card by pairing the biometric information which can be severed in one of multiple ways. The trusted bond with the smart card can be broken in one of multiple ways including disconnection from a network, distancing from the user, impact accelerometers, outside parameters, etc. The multi-function smart card also uses this established trusted bond with the user to simplify the authentication of the user for use of the card in encrypted computer network, ground security, or other retail and payment function.
    Type: Grant
    Filed: May 19, 2021
    Date of Patent: December 13, 2022
    Assignee: SENTRYCARD TECHNOLOGIES, INC.
    Inventors: Mark W. Bennett, John P. Calzaretta
  • Patent number: 11522725
    Abstract: A method, system and computer program product for reducing the amount of helper data that needs to be stored using two innovative techniques. The first technique uses bit-error-rate (BER)-aware lossy compression. By treating a fraction of reliable bits as unreliable, it effectively reduces the size of the reliability mask. With the view of practical costs of production-time error characterization, the second technique enables economically feasible across-temperature per-bit BER evaluation for use in a number of fuzzy extractor optimizations based on bit-selection to reduce overall BER (with or without subsequent compression) using room-temperature only production-time characterization. The technique is based on stochastic concentration theory and allows efficiently forming confidence intervals for average across-temperature BER of a selected set of bits.
    Type: Grant
    Filed: March 28, 2018
    Date of Patent: December 6, 2022
    Assignee: Board of Regents, The University of Texas System
    Inventors: Michael Orshansky, Ye Wang
  • Patent number: 11521213
    Abstract: Various embodiments are generally directed to continuous authentication of a user to a digital service based on activity of a contactless card positioned proximate to a computing device on which the digital service operates. For example, a series of periodic status messages may be provided between a client device and the contactless card to verify whether the contactless card remains active, wherein authorization to access the digital service continues while the contactless card is active, and terminates when the contactless card is inactive.
    Type: Grant
    Filed: July 18, 2019
    Date of Patent: December 6, 2022
    Assignee: Capital One Services, LLC
    Inventors: Jeffrey Rule, Rajko Ilincic
  • Patent number: 11522709
    Abstract: An access control system which relies at least in part on a non-networked path for permitting an entity access to a secured location; the entity identified by the system by means of a unique entity identifier accorded the entity; entry to said secured location secured by a barrier; said barrier identified by the system by means of a unique barrier identifier accorded the barrier; said system including a local access unit located local to the barrier; said system including a barrier controller for actuation of the barrier; said local access unit issuing an open signal to the barrier controller whereby the barrier permits the entity access to the secured location if and only if data contained in a token communicated from an un-trusted communications device to the local access unit is verified by the local access unit with respect to at least a first parameter by the local access unit.
    Type: Grant
    Filed: May 1, 2018
    Date of Patent: December 6, 2022
    Assignee: HANGAR HOLDINGS PTY LTD
    Inventors: Peter Carey, Alex Taylor, Albert Issa
  • Patent number: 11522701
    Abstract: Methods, systems, computer-readable media, and apparatuses may provide creation and management of composite tokens for use with services in a virtual environment without the user having to re-authenticate each time the user accesses a different service. A composite identity server may receive a request to upgrade a first authentication token for a user. The composite identity server may redirect a user agent to an identity provider for authentication and, in response, may receive a second authentication token for the user. The composite identity server may send the second authentication token to a federated microservice and, in response, may receive one or more claims of the second authentication token designated for inclusion in a composite token. The composite identity server may generate a composite token including the one or more claims of the first authentication token and one or more claims of the second authentication token.
    Type: Grant
    Filed: November 15, 2019
    Date of Patent: December 6, 2022
    Assignee: Citrix Systems, Inc.
    Inventors: Bradley Markus Rowe, Ricardo Feijoo, Tom Michael Kludy, Ayush Jain, Gerald Haagsma
  • Patent number: 11516649
    Abstract: Some embodiments relate to methods and systems for initiating and transferring cellular subscription service using associated cellular communication devices. Cellular service may be initiated for a first cellular communication device via a second cellular communication device. The first cellular communication device may be provisioned to operate in an independent mode. In other scenarios, cellular service may be transferred from the first cellular communication device operating in independent mode to a third cellular communication device, which may be provisioned to operate in independent mode.
    Type: Grant
    Filed: June 4, 2019
    Date of Patent: November 29, 2022
    Assignee: Apple Inc.
    Inventors: Samy Touati, Chenzhi Yu, Li Li, Rafael L. Rivera-Barreto, Rohan C. Malthankar
  • Patent number: 11509134
    Abstract: An interface protection circuit and a device interface are disclosed. The interface protection circuit includes a capacitor and a transient voltage suppressor (TVS) transistor. A first end of the capacitor is connected to a connection port, a second end of the capacitor is connected to a first end of the TVS transistor and an interface chip, and a second end of the TVS transistor is grounded.
    Type: Grant
    Filed: March 21, 2019
    Date of Patent: November 22, 2022
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Chao Zan, Qiming Tang, Guangrong Zhou, Jun Yan
  • Patent number: 11507355
    Abstract: In an approach, a process intercepts a deployment resource associated with software prior to deploying the software to a node, where the deployment resource configures how the software is deployed and operates. A processor verifies authenticity of a digital signature present within the deployment resource. A processor, responsive to verifying the authenticity of the digital signature, deploys the software to the node in accordance with the deployment resource.
    Type: Grant
    Filed: July 20, 2020
    Date of Patent: November 22, 2022
    Assignee: International Business Machines Corporation
    Inventors: Michael S. McKay, Jacob Andrew Kitchener, Richard Adam King, Alexander Lewitt
  • Patent number: 11503093
    Abstract: A method, computer program product, and computing device for monitoring network activity associated with streaming a data load through a stream application including a plurality of stream operators deployed on a plurality of computing devices. One or more stream operators with one or more external connections may be identified from the plurality of stream operators. The identified one or more stream operators may be deployed based upon, at least in part, the one or more external connections.
    Type: Grant
    Filed: January 30, 2020
    Date of Patent: November 15, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Alexander Cook, Peter A. Nicholls, Jason A. Nikolai, John M. Santosuosso
  • Patent number: 11494780
    Abstract: A computer-implemented method for verifying cardholder authenticity when provisioning a token is provided. The method uses an authentication server system having a processor and a memory. The method includes receiving, by the processor, a payment card account identifier provided by a payment requestor. The payment card account identifier for identifying a payment account associated with a cardholder. The method also includes determining a plurality of authentication data associated with the payment requestor, and performing an authentication process using the plurality of authentication data. The authentication process is configured to determine if the payment requestor is the cardholder. The method further includes determining an assurance level associated with the authentication process. The assurance level represents a level of confidence in the authentication process.
    Type: Grant
    Filed: October 2, 2019
    Date of Patent: November 8, 2022
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Gregory Williamson, Robert Reany, Sherri Haymond, Salman Syed
  • Patent number: 11487862
    Abstract: Techniques are provided for basic input/output system (BIOS) protection using multi-factor authentication (MFA) based on digital identity values. One method comprises obtaining, by a BIOS of a hardware device, from a user device, (i) a request to access the BIOS, and (ii) a token based on a digital identity value for the user device; providing the token to an MFA chip on the hardware device, wherein the MFA chip evaluates the token and provides a verification result to the BIOS; and allowing the user device to access the BIOS based on the verification result. The digital identity value for the user device may be stored by the MFA chip during a fabrication of the MFA chip and/or a registration of the user device. The MFA chip may compare the digital identity value from the token received from the BIOS with the digital identity value for the user device stored by the MFA chip.
    Type: Grant
    Filed: January 18, 2021
    Date of Patent: November 1, 2022
    Assignee: EMC IP Holding Company LLC
    Inventors: Tomer Shachar, Yevgeni Gehtman, Maxim Balin, Or Herman Saffar
  • Patent number: 11488151
    Abstract: Methods and devices for of conducting a payment transaction between a mobile terminal and a payment terminal in communication with a payment backend system involve: (a) sending a unique mobile terminal identifier from the mobile terminal to the payment backend system; (b) returning a cryptogram from the payment backend system to the mobile terminal, wherein the cryptogram comprises a unique transaction identifier in encrypted form; (c) transforming the cryptogram into a proximity payment token such that the proximity payment token contains the unique transaction identifier in encrypted form and transmitting the proximity payment token to the payment terminal via a proximity communication channel; (d) forwarding a transaction record including the unique transaction identifier in encrypted form and the amount of the payment transaction from the payment terminal to the payment backend system; and (e) decrypting the unique transaction data identifier in encrypted form and processing the payment transaction.
    Type: Grant
    Filed: June 12, 2015
    Date of Patent: November 1, 2022
    Assignee: GIESECKE+DEVRIENT MOBILE SECURITY GMBH
    Inventors: Matthias Besch, Xiaomin Li, Xiaodong Zhang
  • Patent number: 11475111
    Abstract: A system and method for resuming a remote desktop for a networked client device. An access control system accepts login data from a user input to a networked client device, and/or user activity data collected by an agent running on the desktop. The networked client device may include a client application. A data center allows access to an activated desktop to the networked client device. The access control system suspends the desktop when the user is inactive in operating the client device. The access control system resumes the desktop on the networked client device in relation to a predicted start time. The predicted start time is based on login data from past logins by the user on networked client devices.
    Type: Grant
    Filed: October 4, 2019
    Date of Patent: October 18, 2022
    Assignee: Workspot, Inc.
    Inventors: Shiva Madishetti, Lisa Wing San Chui, Anushree Kunal Pole, Edward A. Seidman, Virabrahma Prasad Krothapalli, Amitabh Bhuvangyan Sinha, Jimmy Chang, David T. Sulcer
  • Patent number: 11477206
    Abstract: An example terminal includes a communication circuitry configured to communicate with a server; and a data processor configured to request the server to include a second user in a relationship group of a first user and to extend, to the relationship group, a range of authorization for an Internet of Things (IoT) apparatus registered as an apparatus of the first user.
    Type: Grant
    Filed: March 16, 2020
    Date of Patent: October 18, 2022
    Assignees: SAMSUNG ELECTRONICS CO., LTD., KOREA ELECTRONICS TECHNOLOGY INSTITUTE
    Inventors: Ji-min Chung, Seung-woo Kum, Young-sun Ryu, Tae-beom Lim
  • Patent number: 11475452
    Abstract: A transaction processing system (130) is arranged to receive a transaction request from a user device (110), the transaction processing system (130) comprises a cookie retriever (141) arranged to obtain a cookie (112) stored in a browser application (111) of the user device (110) containing outcome data indicative of an outcome of at least one prior transaction, a processing setter (142) arranged to determine based on the outcome data which of a plurality of transaction processes (152) is to be applied by the transaction processing system (130) to the transaction request, and a transaction processor (143) arranged to process the transaction in accordance with the determined transaction process.
    Type: Grant
    Filed: May 9, 2014
    Date of Patent: October 18, 2022
    Assignee: Afterpay Corporate Services Pty Ltd
    Inventor: Jason Andrew Van
  • Patent number: 11468719
    Abstract: It is provided a method for enabling access control for access to a physical space secured by a lock device. The method is performed in a security device and comprises the steps of: obtaining at least one image captured using a first camera of a portable key device, the at least one image being captured in a vicinity of the lock device; receiving a template decryption key from a lock device over a short-range communication link; obtaining a credential associated with the lock device; matching the at least one image with a plurality of templates, each template being associated with a lock device, which comprises obtaining the plurality of templates by decrypting encrypted templates using the template decryption key; and wherein a positive match is a necessary condition for opening the lock device.
    Type: Grant
    Filed: September 17, 2019
    Date of Patent: October 11, 2022
    Assignee: ASSA ABLOY AB
    Inventors: Fredrik Einberg, Fredrik Lindersson
  • Patent number: 11470085
    Abstract: Authorization for access to an application server and associated communication service can be desirably managed. When a device attempts to access an application server and service, an authorization server generates an encrypted token, comprising device identifier information, and communicates the token to the device. The device communicates the token to the application server. The application server communicates the token to the authorization server. The authorization server determines whether the device is validated to access the application server and service based on the encrypted token, private decryption key, and initialization vector, and based on subscriber-related information. The authorization server does not share the private decryption key or initialization vector with the application server. If validated, the authorization server communicates validation-related information, including a permitted portion of subscriber-related information, to the application server.
    Type: Grant
    Filed: June 16, 2020
    Date of Patent: October 11, 2022
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventors: Bhuvan C. Modi, Mohammad Khalid Hafeez, Robert B. Zegheru, Jerry Shih
  • Patent number: 11463419
    Abstract: Disclosed is a file security method for reinforcing file security. The method may include: by a first communication device, detecting an access to a file stored in a virtual drive; by the first communication device, requesting a decryption key of the file to a second communication device and receiving the decryption key; and by the first communication device, decrypting the access-detected file by using the decryption key.
    Type: Grant
    Filed: December 11, 2019
    Date of Patent: October 4, 2022
    Assignee: Facecon Co., Ltd.
    Inventors: Giho Yang, Jae-Yeob Hwang
  • Patent number: 11463433
    Abstract: An authentication system for detecting a phishing attack by a Man in Middle (MIM) on an end-user. The system includes a communicating device of the end-user and an authentication server for determining if a MIM (spoofing) or the end-user is communicating with the authentication server. The communicating device includes a bearer sensitive one-time password (BOTP) generator for generating a specific BOTP specifically associated with the communicating device where the BOTP is derived using a unique differentiating observable attribute (UDOA) of the communicating device. The communicating device sends the BOTP to the authentication server which uses the perceived UDOA of the received BOTP and calculates an authenticator server BOTP. The authentication server also determines if the received BOTP matches the BOTP calculated by the authenticating server and terminates/rejects the session if the BOTPs do not match. A similar system and method may be utilized to authenticate a digital object.
    Type: Grant
    Filed: December 9, 2019
    Date of Patent: October 4, 2022
    Inventors: Arpitha Chiruvolu, Girish Chiruvolu
  • Patent number: 11456081
    Abstract: A drug distribution system and method utilizes a central pharmacy and database to track all prescriptions for a sensitive drug. Information is kept in the database regarding all physicians allowed to prescribe the sensitive drug, and all patients receiving the drug. Abuses are identified by monitoring data in the database for prescription patterns by physicians and prescriptions obtained by patients and/or caregivers. Further verification is made that the physician is eligible to prescribe the drug by consulting a separate database, and optionally whether any actions are taken against the physician. Multiple controls beyond those for normal drugs are imposed on the distribution depending on the sensitivity of the drug.
    Type: Grant
    Filed: July 11, 2018
    Date of Patent: September 27, 2022
    Assignee: Jazz Pharmaceuticals, Inc.
    Inventors: Prasheel Vashdev Lillaney, Sherice Reneé Mills, Gary Joseph Appio
  • Patent number: 11451518
    Abstract: A communication device includes a signature encryption unit that encrypts input information with a secret key and transmits the information to a server device if the communication device belongs to a group, and a signature decryption unit that downloads, from the server device, encrypted n?1 pieces of the input information transmitted from other communication devices and decrypts the encrypted n?1 pieces of input information with the secret key if the communication device belongs to a group. The communication device transmits session key generation information to the server device via the signature encryption unit, generates a session key using n?1 pieces of session key generation information acquired via the signature decryption unit and session key generation information of the communication device, transmits a cipher text encrypted with the session key via the signature encryption unit to the server device, and decrypts n?1 cipher texts acquired via the signature decryption unit with the session key.
    Type: Grant
    Filed: January 16, 2019
    Date of Patent: September 20, 2022
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Tetsutaro Kobayashi, Yuto Kawahara, Hitoshi Fuji, Reo Yoshida, Kazuki Yoneyama
  • Patent number: 11443075
    Abstract: A secure storage system having authentication and cryptographic data protection is made by providing a mass-data memory and a security element communicatively coupled with the mass-data memory. This mass-data memory and the securing element are controlled by respective different control commands such that different drivers can be installed to operate the mass-data memory and the security element. A secured hardware data interface is provided between the mass-data memory and the security element, and the security element provides security-critical information concerning the data of the mass-data memory.
    Type: Grant
    Filed: November 30, 2017
    Date of Patent: September 13, 2022
    Assignee: SECUNET SECURITY NETWORKS AG
    Inventors: Jens Kulikowski, Soenke Schroeder
  • Patent number: 11434660
    Abstract: An electronic lockbox uses a rotary actuator with multiple positions to achieve multiple locking states. Multiple positions of the actuator are detected, using optical sensors. The locking mechanism includes an outer sleeve and an inner cylindrical barrel that are coupled with torsion springs. The lockbox has a shackle and a key bin that are retained by the inner barrel when in the locked state, and the barrel can be rotated to either release the shackle or to release the key bin that typically holds a building's key.
    Type: Grant
    Filed: November 29, 2019
    Date of Patent: September 6, 2022
    Assignee: Sentri Lock, LLC
    Inventors: Scott R. Fisher, Alan F. Deardoff, Nancy C. Griffiths, Daniel C. Cambron, Matthew K. Caskey
  • Patent number: 11431511
    Abstract: At least one processor of a central authority separate from a computing process may establish a first trust relationship between the computing process and a central authority separate from the computing process. The establishing may include authenticating the computing process, which may include providing a signed token to the computing process, receiving a request for the certificate from the computing process including the signed token and policy ID data, determining that the computing process is eligible for the certificate according to a policy that associates the certificate with the policy ID data, and validating the signed token. In response to the establishing, the at least one processor may obtain the certificate. The certificate may be signed by a third-party certificate authority with which the central authority has a second trust relationship separate from the first trust relationship. The at least one processor may provide the certificate to the computing process.
    Type: Grant
    Filed: June 3, 2019
    Date of Patent: August 30, 2022
    Assignee: INTUIT INC.
    Inventors: Gleb Keselman, Yaron Sheffer, Mike Rooz
  • Patent number: 11417159
    Abstract: The present disclosure discloses methods and systems for controlling a smart lock. The method may include establishing a secure connection with a network, obtaining security control information through the secure connection, obtaining an operation input; performing a security verification based on the security control information and the operation input, and performing a corresponding operation based on the operation input when the security verification is passed.
    Type: Grant
    Filed: November 8, 2021
    Date of Patent: August 16, 2022
    Assignee: YUNDING NETWORK TECHNOLOGY (BEIJING) CO., LTD.
    Inventors: Tao Li, Binghui Peng, Qi Yi, Yuchuan Liu, Xiancang Li
  • Patent number: 11412379
    Abstract: A method of controlling a moving object using an identification device may include recognizing the identification device by the moving object; identifying and authenticating a user with the recognized identification device; and providing a service to the authenticated user.
    Type: Grant
    Filed: February 5, 2020
    Date of Patent: August 9, 2022
    Assignees: Hyundai Motor Company, Kia Motors Corporation
    Inventors: Jae Jun Ha, Young Jun Moon
  • Patent number: 11410779
    Abstract: A drug distribution system and method utilizes a central pharmacy and database to track all prescriptions for a sensitive drug. Information is kept in the database regarding all physicians allowed to prescribe the sensitive drug, and all patients receiving the drug. Abuses are identified by monitoring data in the database for prescription patterns by physicians and prescriptions obtained by patients and/or caregivers. Further verification is made that the physician is eligible to prescribe the drug by consulting a separate database, and optionally whether any actions are taken against the physician. Multiple controls beyond those for normal drugs are imposed on the distribution depending on the sensitivity of the drug.
    Type: Grant
    Filed: July 11, 2018
    Date of Patent: August 9, 2022
    Assignee: Jazz Pharmaceuticals, Inc.
    Inventors: Prasheel Vashdev Lillaney, Sherice Reneé Mills, Gary Joseph Appio
  • Patent number: 11394706
    Abstract: The technology disclosed herein provides a system for allowing users to login into one or more devices without a password. Implementations of the system include one or more biometric data collection devices (shoe, glasses, watch) and a device configured to store one or more user identification data, receive a request for user verification, request user's biometric data from one or more of the biometric data collection devices, generate a personal unclonable function (PUF) value based on combination of at least one of the user identification data and the user's biometric data, and verify the user's identity by comparing the PUF value to the user's PUF benchmark.
    Type: Grant
    Filed: September 3, 2019
    Date of Patent: July 19, 2022
    Assignee: SEAGATE TECHNOLOGY LLC
    Inventors: Jiangnan Lin, Xiong Liu, Wendy Pui Lai Wong, Padmaja Kannan, Manuel Offenberg
  • Patent number: 11394785
    Abstract: A method and system for transmitting and receiving data packets between two network nodes via one or more end-to-end connections. An interface is provided for selecting one or more possible end-to-end connection(s) or established end-to-end connection(s). The method and system may further comprise receiving a policy, wherein one or more selected end-to-end connections are established based, at least in part, on the policy. The policy may also restrict or promote selection of certain established end-to-end connection(s) via the interface provided. The selected and established end-to-end connection(s) are used for transmitting and receiving data packets.
    Type: Grant
    Filed: October 30, 2020
    Date of Patent: July 19, 2022
    Assignee: Pismo Labs Technology Limited
    Inventors: Patrick Ho Wai Sung, Ho Ming Chan, Kit Wai Chau, Min-Fu Tsai
  • Patent number: 11386189
    Abstract: The present disclosure relates generally to implementing biometric authentication, including providing user interfaces for: a biometric enrollment process tutorial, aligning a biometric feature for enrollment, enrolling a biometric feature, providing hints during a biometric enrollment process, application-based biometric authentication, autofilling biometrically secured fields, unlocking a device using biometric authentication, retrying biometric authentication, managing transfers using biometric authentication, interstitial user interfaces during biometric authentication, preventing retrying biometric authentication, cached biometric authentication, autofilling fillable fields based on visibility criteria, automatic log-in using biometric authentication, retrying biometric authentication at a credential entry user interface, providing indications of error conditions during biometric authentication, providing indications about the biometric sensor during biometric authentication, and orienting the device to
    Type: Grant
    Filed: September 7, 2018
    Date of Patent: July 12, 2022
    Assignee: Apple Inc.
    Inventors: Marcel Van Os, Peter D. Anton, Lynne Devine, Alan C. Dye, Grant Paul
  • Patent number: 11388004
    Abstract: A system for preventing an excess user authentication token utilization condition in an enterprise computer environment, the system including an excess user authentication token utilization condition predictor operable for calculating a number of additional group memberships of each of the enterprise users that can be expected to result in an excess user authentication token utilization condition, a group membership estimator operable, for each the enterprise user, for estimating a number of additional group memberships of the enterprise user that will be created by an anticipated activity, and an anticipated excess user authentication token utilization condition alerter operable, before initiation of the anticipated activity, for providing an alert if the anticipated activity can be expected to result in an excess user authentication token utilization condition.
    Type: Grant
    Filed: October 3, 2018
    Date of Patent: July 12, 2022
    Assignee: VARONIS SYSTEMS, INC.
    Inventors: Yakov Faitelson, Ophir Kretzer-Katzir
  • Patent number: 11388013
    Abstract: The present disclosure is related to implementations of computing systems. In particular, it is related to the use of an array of PUFs to enhance security of distributed elements that use security systems.
    Type: Grant
    Filed: March 30, 2018
    Date of Patent: July 12, 2022
    Assignee: ARIZONA BOARD OF REGENTS ON BEHALF OF NORTHERN ARIZONA UNVERSITY
    Inventors: Abolfazl Razi, Bertrand Francis Cambou
  • Patent number: 11386018
    Abstract: Embodiments of the present disclosure relate to a memory system and an operating method thereof. According to the embodiments of the present disclosure, the memory system may generate a nonce based on a physical address of a target area of a memory device using a cryptographic algorithm, and request the memory device to authenticate the nonce. When the authentication for the nonce succeeds, the memory controller may set an authority to perform a read, write or erase operation on the target area. Through this operation, the memory system can prevent data leakage or damage by a user who has no access authority.
    Type: Grant
    Filed: January 19, 2021
    Date of Patent: July 12, 2022
    Assignee: SK hynix Inc.
    Inventors: Han Choi, Jae Wan Kim
  • Patent number: 11379263
    Abstract: A method of selecting a distributed framework includes identifying, by a selection device coupled to a memory, at least a first remote device of a plurality of remote devices, wherein identifying the at least a first remote device further comprises and evaluating a secure proof generated by the at least a first remote device, and identifying the at least a first remote device as a function of the secure proof, assigning, by the selection device, a confidence level of the at least a first remote device, and selecting, by a selection device, a distributed framework from the plurality of remote devices as a function of the confidence level, and assigning a task to the distributed framework.
    Type: Grant
    Filed: March 6, 2020
    Date of Patent: July 5, 2022
    Assignee: Ares Technologies, Inc.
    Inventor: Christian T. Wentz
  • Patent number: 11379125
    Abstract: An approach to creating a tamper-resistant field programmable gate array (FPGA) and remotely reprogramming the tamper-resistant FPGA. In one aspect, determining if an encryption key is stored in a physical unclonable function (PUF) of the FPGA. Further, responsive to the encryption key not being stored in a PUF, writing an encryption key in tamper resistant memory associated with a back end of the line (BEOL) of the FPGA. In another aspect, writing a program key and a look-up table (LUT) in the tamper resistant memory.
    Type: Grant
    Filed: March 31, 2021
    Date of Patent: July 5, 2022
    Assignee: International Business Machines Corporation
    Inventors: Jean-Olivier Plouchart, Arvind Kumar, Dirk Pfeiffer, Takashi Ando
  • Patent number: 11372953
    Abstract: A communication device is installed in between a client terminal and a web server which performs communication with the client terminal. The communication device includes a memory, and processing circuitry coupled to the memory and configured to of information included in communication between the web server and the client terminal, perform obfuscation with respect to information related to web application, and send communication, which includes information obfuscated at the performing, to destination.
    Type: Grant
    Filed: October 19, 2018
    Date of Patent: June 28, 2022
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Nariyoshi Chida, Yo Kanemoto, Kazufumi Aoki
  • Patent number: 11368462
    Abstract: HTTP requests and responses may be transmitted between cloud-based application instances. Each outgoing HTTP request may include authentication credentials and an “X-Snc-Integration-Source” header that identifies the source of the request. A table of approved users may be maintained, including each user's authentication credentials and one or more source instances from which they are expected to generate HTTP requests. When the HTTP request is received, the HTTP request will be parsed to identify the authentication credentials and the source of the request. The table of authorized users is then referenced to determine if the authentication credentials and the source of the request match those of an authorized user. If the authentication credentials and the source of the request match those of an authorized user, access will be granted. If the authentication credentials and the source of the request do not match those of an authorized user, access will be denied.
    Type: Grant
    Filed: September 6, 2018
    Date of Patent: June 21, 2022
    Assignee: ServiceNow, Inc.
    Inventors: Alexander North, Minaxi Pauranik
  • Patent number: 11368544
    Abstract: Disclosed are techniques and apparatuses that are configured to receive an indication that a web browsing session executing on an enterprise server needs additional information based on a request for additional information being sent to a client device. The request may include an identifier of the web browsing session and an identifier of an enterprise server that initiated the web browsing session. A globally unique identifier related to the web browsing session and an identifier of the enterprise server is stored in a common data store. The web browsing session may be paused when the web browsing session requests additional information from a client device. The client device may respond with the additional information. The system may provide the identifier of the enterprise server to a load balancing component so the identified web browsing session executing on the enterprise server may continue to be used.
    Type: Grant
    Filed: October 30, 2020
    Date of Patent: June 21, 2022
    Assignee: Capital One Services, LLC
    Inventors: Joshua Edwards, Shabnam Kousha, Daniel E. Miller
  • Patent number: 11366789
    Abstract: A computing device is described which has at least one application access record storing references to content items stored at the computing device. At least one local store stores other content items. A processor of the computing device executes at least one application, the application having ability to access the content items referenced in the application access record and restricted from accessing the other content items. An operating system of the computing device is configured to search the local store to identify at least one of the other content items on the basis of criteria, and to suggest the identified other content item(s) to a user of the computing device for access by the application.
    Type: Grant
    Filed: June 29, 2017
    Date of Patent: June 21, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Johannes Fredrik Strömberg, Henrik Jersling, Tor Andrae
  • Patent number: 11363055
    Abstract: Embodiments of the invention are directed to systems, methods, and computer program products for rapid assessment of cloud frameworks to evaluate those considered for use in an enterprise context. The invention may quickly and consistently identify gaps or weaknesses of cloud frameworks or resources, assess the potential negative impact of such gaps or weaknesses, and facilitate the communication of quantifiable data to responsible parties in order to facilitate the implementation of necessary controls or actions. Embodiments of the invention are highly adaptable and dynamic in fashion such that they can be quickly and easily updated based on the changing needs of the enterprise.
    Type: Grant
    Filed: November 2, 2020
    Date of Patent: June 14, 2022
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Rachel Yun Kim Bierner, Caryn Ann Adams, Carol McGee Anthony, Sandra Mereos Crosswell, Georgeann Paschal Gregory, Gerald Michael Kingsley, Alexis Aron Lavi, David Mortman, Rebbecca Danielle Nelson
  • Patent number: 11329980
    Abstract: Secure communications are provided between a user computing device and a server computing device. An enrollment request is received from a user computing device that is configured via a distributed client software application and is processed. The enrollment request is usable to enroll the user computing device in a network and includes an encrypted partial initial biometric vector associated with a user. An authentication request is processed that is subsequently received that includes an encrypted partial second biometric vector and that is associated with a user of the user computing device. A comparison of the encrypted partial initial biometric vector and the encrypted partial second biometric vector is performed, and a value representing the comparison is generated and transmitted to the user computing device. The user computing device is authenticated where the value is above a minimum threshold.
    Type: Grant
    Filed: July 23, 2019
    Date of Patent: May 10, 2022
    Assignee: VERIDIUM IP LIMITED
    Inventors: John Raymond Callahan, Asem Othman
  • Patent number: 11310237
    Abstract: A system includes at least one processor to receive training data and generate at least one machine learning rule based on the training data to apply when a condition occurs, continually monitor at least one resource associated with a computing network for the condition in the computing network that may trigger an authorization control modification, the condition comprising one of an active project that uses the at least one resource, a security alert level change, a resource locality change, metadata associated with the condition, a skill assessment, and a business state analysis, determine that the condition has occurred in the computing network, and dynamically and automatically modify a user authorization control for at least one particular user responsive to the machine learning rule.
    Type: Grant
    Filed: February 1, 2019
    Date of Patent: April 19, 2022
    Assignee: Cobalt Iron, Inc.
    Inventors: Richard Raymond Spurlock, Robert Merrill Marett, Gregory John Tevis
  • Patent number: 11301714
    Abstract: Techniques detecting usage of copyrighted video content using object recognition are provided. In one example, a computer-implemented method comprises determining, by a system operatively coupled to a processor, digest information for a video, wherein the digest information comprises objects appearing in the video and respective times at which the objects appear in the video. The method further comprises comparing, by the system, the digest information with reference digest information for reference videos, wherein the reference digest information identifies reference objects appearing in the reference videos and respective reference times at which the reference objects appear in the reference videos. The method further comprises determining, by the system, whether the video comprises content included in one or more of the reference videos based on a degree of similarity between the digest information and reference digest information associated with one or more of the reference videos.
    Type: Grant
    Filed: January 22, 2020
    Date of Patent: April 12, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Christopher J. Hardee, Steven Robert Joroff, Pamela Ann Nesbitt, Scott Edward Schneider
  • Patent number: 11290289
    Abstract: An apparatus is provided which comprises: a phase detector to receive a reference clock and a feedback clock; and one or more switchable heat elements controllable by an output of the phase detector, wherein the one or more switchable heat elements are coupled to a physically unclonable function circuit.
    Type: Grant
    Filed: September 27, 2018
    Date of Patent: March 29, 2022
    Assignee: Intel Corporation
    Inventors: Kuan-Yueh Shen, Rachael Parker
  • Patent number: 11277267
    Abstract: A computer-implemented method for a token-based authorization in a data processing environment may be provided. The data processing environment comprises at least a user system, an application, an authentication server and an access control server. The method comprises accessing the application via a user system request, redirecting the user access request to an authentication server, authenticating the user, wherein authentication credentials comprise a request for a restricted entitlement, wherein the restricted entitlement represents a subset of existing entitlements managed by the access control server for a resource. The method comprises also sending an access token from the authentication server to the application, requesting execution of an operation comprising invoking the operation by the application providing the access token comprising restricted entitlements, invoking the access control server, and providing the scope of the token comprising the subset of the existing entitlements.
    Type: Grant
    Filed: March 6, 2020
    Date of Patent: March 15, 2022
    Assignee: International Business Machines Corporation
    Inventors: Martin Smolny, Thomas Dürr, Michael Beck, Juergen Schaeck
  • Patent number: 11277414
    Abstract: Methods and apparatuses for a computerized system are disclosed. A data processing device receives information from at least one source of log information in the computerized system and detects, based at least in part on said received log information, at least one security protocol related event at a first host device, the at least one security protocol related event being initiated by a second host device. Information is then stored for determination of a trust relationship record based on the detected at least one security protocol related event and information of the second host device.
    Type: Grant
    Filed: March 3, 2020
    Date of Patent: March 15, 2022
    Assignee: SSH Communications Security OYJ
    Inventors: Tommi Linnakangas, Marko Teiste, Antti Huima, Tatu J. Ylonen
  • Patent number: 11269975
    Abstract: Systems, computer program products, and methods are described herein for authenticating a user using an application specific integrated circuit embedded within a user device. The present invention is configured to receive an indication that a user has initiated an application on the user device; determine that the application is associated with the application specific integrated circuit embedded within the user device; activate the application specific integrated circuit based on at least determining that the application is associated with the application specific integrated circuit; receive an indication that the user has initiated an execution of an action, via the application, with an entity; and execute the action using the application specific integrated circuit based on at least receiving the indication that the user has initiated the execution of the action.
    Type: Grant
    Filed: November 7, 2019
    Date of Patent: March 8, 2022
    Assignee: BANK OF AMERICA CORPORATION
    Inventor: Eren Kursun
  • Patent number: 11257086
    Abstract: A system includes one or more memory devices storing instructions, and one or more processors configured to execute the instructions to perform steps of a method providing sensor-based authentication of customers. The system may detect customer biometric data associated with an unknown customer present at a merchant location. The system may determine, based on a known customer identification profile and the detected customer biometric data, a confidence level that the unknown customer is the same individual as the known customer and authenticate the unknown customer based on a determination that the confidence level exceeds a predetermined threshold. The system may transmit identification information associated with the known customer to a financial service provider and receive payment credentials of one or more accounts associated with the known customer and authorization to utilize the one or more accounts to perform a financial transaction.
    Type: Grant
    Filed: June 6, 2019
    Date of Patent: February 22, 2022
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: David Gabriele, Justin Smith, Damaris Kroeber, Devin Barth