Data Processing Protection Using Cryptography Patents (Class 713/189)
  • Patent number: 11329963
    Abstract: According to one example, a system includes a first computing device that includes one or more processors configured to generate a first encryption key, and encrypt data, using the first encryption key, for transmittal to a second computing device. The one or more processors are further configured to determine a first set of tokens; determine, from the first set of tokens, a plurality of tokens for the first encryption key; generate a packet comprising the encrypted data, and further comprising the plurality of tokens; and transmit the packet for receipt by the second computing device.
    Type: Grant
    Filed: August 14, 2019
    Date of Patent: May 10, 2022
    Assignee: Eclypses, Inc.
    Inventor: Timothy W. Reynolds
  • Patent number: 11328087
    Abstract: Systems and methods for implementing a secure and efficient cryptographic protocol for analyzing data objects while providing assurances of data privacy and security. A data object may be obfuscated and provided for analysis (e.g., to a data analytics service) without necessarily providing access to the (e.g., plaintext) data object. For example, a first computing entity and second computing entity may agree upon a function or circuit that performs a certain type of computational task, such as comparing a first data set controlled by the first computing entity and a second data set controlled by the second computing entity. An event-driven function may be invoked by the event-driven compute service in response to detecting satisfaction of a condition as part of monitoring alerts that are generated as a result of the output of the computational task described above.
    Type: Grant
    Filed: September 25, 2018
    Date of Patent: May 10, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Nicholas Alexander Allen, Xianrui Jeri Meng
  • Patent number: 11329827
    Abstract: A method of unlocking a second device using a first device is disclosed. The method can include: the first device pairing with the second device; establishing a trusted relationship with the second device; authenticating the first device using a device key; receiving a secret key from the second device; receiving a user input from an input/output device; and transmitting the received secret key to the second device to unlock the second device in response to receiving the user input, wherein establishing a trusted relationship with the second device comprises using a key generated from a hardware key associated with the first device to authenticate the device key.
    Type: Grant
    Filed: October 5, 2016
    Date of Patent: May 10, 2022
    Assignee: Apple Inc.
    Inventors: Conrad Sauerwald, Alexander Ledwith, John Iarocci, Marc J. Krochmal, Wade Benson, Gregory Novick, Noah Witherspoon
  • Patent number: 11321161
    Abstract: Artificial Intelligence/Machine Learning-based performance monitoring of database applications to identify performance issues/bottlenecks that may lead to application failure. In response to identifying the performance issues, AI/ML-based analysis of the database is performed to determine the root cause of the performance issues and resolutions for addressing/overcoming the probable causes. As a result, a comprehensive system that capable of monitoring and determining database related performance issues within database application and capable of determining and implementing the resolution to such performance issues. In addition, an auto-correction feature for errors that may occur during the monitoring of the database applications and related analysis.
    Type: Grant
    Filed: February 7, 2020
    Date of Patent: May 3, 2022
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Ambica Poola, Praveen Kumar Bolla, Trishul Vuppalanchi, Srinath Chakinam
  • Patent number: 11323267
    Abstract: Systems and methods for securely sharing and authenticating a last secret. A system includes a dealer computing system and a combining computing system. The dealer computing system includes a public/private key pair, an encryption key established with the combining computing system, and a circuit structured to generate a last secret and a first key controlling access to a secure computing system. The last secret is the last cryptographic element controlling access to the first key. The circuit is structured to split the last secret into first and second splits. The circuit is structured to generate a first and second SigncryptedData messages by signcrypting each of the first split and the second split with the public/private key pair and the encryption key established with the combining computing system. The circuit is structured to transmit the first SigncryptedData message to a first share-holder and the second SigncryptedData message to a second share-holder.
    Type: Grant
    Filed: June 20, 2019
    Date of Patent: May 3, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Phillip H. Griffin, Jeffrey J. Stapleton
  • Patent number: 11323242
    Abstract: Disclosed herein are embodiment that are directed to a method comprising storing each encrypted data block, of a cyphertext page, with corresponding encrypted error correction code (ECC) bits in a persistent memory device (PMD). In exemplified embodiments, the encrypted ECC bits verify both an encryption counter value of an encryption operation and a plaintext block of the cyphertext page from a decryption operation. In other embodiments, the method includes decrypting, using the decryption operation during a read operation of a memory controller, a respective one block of the cyphertext file and the corresponding encrypted ECC bits stored in the PMD using a current counter value to form the plaintext block and decrypted ECC bits. Further, the may include verifying the plaintext block with the decrypted ECC bits; and performing a security check of the encryption counter value in response to the plaintext block failing the verification, using the decrypted ECC bits.
    Type: Grant
    Filed: June 20, 2019
    Date of Patent: May 3, 2022
    Assignee: UNIVERSITY OF CENTRAL FLORIDA RESEARCH FOUNDATION, INC.
    Inventors: Amro Awad, Mao Ye
  • Patent number: 11314869
    Abstract: A processor including hardware and performing control in accordance with an input signal is configured to: read, after the processor is booted, firmware information including an encrypted authentication file and an execution program to be executed by the processor; decrypt the encrypted authentication file with reference to the read encrypted authentication file and key information for decrypting the encrypted authentication file; execute the execution program in the processor when the encrypted authentication file is decrypted; and stop the execution of the execution program in the processor when the decryption of the encrypted authentication file fails.
    Type: Grant
    Filed: December 6, 2019
    Date of Patent: April 26, 2022
    Assignee: SONY OLYMPUS MEDICAL SOLUTIONS INC.
    Inventor: Masashige Kimura
  • Patent number: 11308203
    Abstract: In various examples there is a computing device in communication with at least one other computing device via a communications network. The computing device has a memory and a central processing unit having a trusted execution environment comprising trusted regions of the memory. The computing device has an operating system configured to create a memory mapping between a virtual address space of the memory and a memory of the at least one other computing device and to provide details of the memory mapping to the trusted execution environment. The trusted execution environment is configured to execute an application which is able to communicate with the other computing device directly using the memory mapping provided by the operating system.
    Type: Grant
    Filed: January 11, 2019
    Date of Patent: April 19, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Alexander Shamis, Sylvan Wesley Clebsch, Felix Schuster
  • Patent number: 11310211
    Abstract: The disclosed technology relates to securely sharing data between a hearing care professional (HCP) and a hearing device user. For example, the disclosed technology relates to securely accessing fitting data for a hearing device. The disclosed technology includes a hearing device that has a memory, where the memory stores a key that can be used for encryption and decryption. The key can be a symmetrical key. In addition to storing a key, the hearing device can store a uniform resource indicator (URI) in its memory.
    Type: Grant
    Filed: June 25, 2018
    Date of Patent: April 19, 2022
    Assignee: Sonova AG
    Inventors: Philipp Schneider, Aliaksei Tsitovich, Filip Wojcieszyn, Daniel Schmid
  • Patent number: 11310045
    Abstract: A method includes obtaining a plaintext query that includes a sequence of plaintext integers and generating a polynomial having coefficients that include the sequence of plaintext integers of the plaintext query. The method also includes encrypting the polynomial using a secret encryption key and transmitting the encrypted polynomial to a server. The secret encryption key is randomly sampled from a ciphertext space and the server is configured to expand the encrypted polynomial using a public encryption key to obtain a sequence of encrypted integers corresponding to the sequence of plaintext integers. The method also includes receiving an encrypted result from the server. The encrypted result is based on the sequence of encrypted integers.
    Type: Grant
    Filed: December 3, 2019
    Date of Patent: April 19, 2022
    Assignee: Google LLC
    Inventors: Kevin Yeo, Asra Ali, Tancrede Lepoint, Sarvar Patel
  • Patent number: 11303456
    Abstract: A single architected instruction to produce a signature for a message is obtained. The instruction is executed, and the executing includes determining a sign function of a plurality of sign functions supported by the instruction to be performed. Input for the instruction is obtained, and the input includes a message and a cryptographic key. A signature is produced based on the sign function to be performed and the input. The signature is to be used to verify the message.
    Type: Grant
    Filed: February 15, 2019
    Date of Patent: April 12, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Eric M. Schwarz, Jonathan D. Bradbury, Edward T. Malley, Christian Jacobi
  • Patent number: 11301547
    Abstract: A computer implemented method is disclosed for obfuscating an algorithm. The computer-implemented method includes (1) receiving ciphertext input data, and (2) executing obfuscated program instructions using the ciphertext input data and an obfuscation key. The ciphertext input data is based on plaintext input data encrypted using an input encryption key. The obfuscated program instructions are configured for concealing initial program instructions. The initial program instructions are configured for (1) receiving the plaintext input data, (2) providing plaintext output data based on an algorithm, and (3) providing ciphertext output data. The ciphertext output data is configured for decryption to provide the plaintext output data.
    Type: Grant
    Filed: May 1, 2019
    Date of Patent: April 12, 2022
    Assignee: GSFM LLC
    Inventors: Francois Jacques Malassenet, Glenn Daniel Sidle
  • Patent number: 11297085
    Abstract: Aspects of the disclosure relate to real-time validation of data transmissions based on security profiles. A computing platform may collect, in real-time, information associated with a plurality of data transmissions between applications, where the information may include, for each data transmission, an indication of a source application and a destination application. Then, the computing platform may retrieve, from a repository and for each data transmission, a first security profile associated with the source application, and a second security profile associated with the destination application. The computing platform may then compare, for each data transmission, the first security profile to the second security profile. Subsequently, the computing platform may detect, based on a determination that the first security profile does not match the second security profile, a potentially unauthorized data transmission.
    Type: Grant
    Filed: January 8, 2020
    Date of Patent: April 5, 2022
    Assignee: Bank of America Corporation
    Inventors: George Albero, Gulsen Saffel
  • Patent number: 11296893
    Abstract: A method for verifying the identity of a new user, the method comprising providing a Certification Authority platform that is accessible via the internet. The platform receives an identity verification request of the new user and requests the new user to enter the user's full name and at least one other personal identity data. The platform may then identify at least two already verified users in the proximity of the new user, and ask the existing verified users to vouch for the complete list of the personal identity data of the new user. The existing verified users may then vouch for the new user and the platform makes the new user a verified user and generates a digital certificate.
    Type: Grant
    Filed: January 19, 2020
    Date of Patent: April 5, 2022
    Inventor: Konstantinos Flokos
  • Patent number: 11296880
    Abstract: An exemplary system, method, and computer-accessible medium can include, for example, receiving at a first entity from a second entity, a first request for encrypted user information associated with at least one user, wherein the first request includes a user identifier associated with the at least one user, and wherein the first entity is different from the second entity, sending, from the first entity, a second request to a user device associated with the at least one user, wherein the second request includes a notification to the at least one user for an affirmation of the first request or a denial of the first request, receiving at the first entity from the user device, the affirmation or the denial, and sending, from the first entity to the second entity, (i) the encrypted user information if the affirmation is received or (ii) a denied notification if the denial is received.
    Type: Grant
    Filed: July 23, 2019
    Date of Patent: April 5, 2022
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Jeffrey Wieker, Zainab Zaki, Clayton Johnson
  • Patent number: 11288377
    Abstract: A virtual machine (VM) provisioned in the IaaS platform from a custom OS distribution that implements a remote attestation of itself. The VM can prove its privacy and integrity properties to an external party using a set of OS-level restrictions and IaaS-level validations. Remote attestation provides guarantees that the VM administrator cannot tamper with the VM operation and cannot access sensitive data. The attested properties are guaranteed by the correct operation of the underlying VM technology.
    Type: Grant
    Filed: October 3, 2019
    Date of Patent: March 29, 2022
    Inventor: Pavel Izhutov
  • Patent number: 11290426
    Abstract: Various embodiments that pertain to an enterprise network that employs a block chain portion and a non-block chain portion. For a single transaction, a header of the transaction can be sent over the block chain network and the non-header of the transaction can be sent over the non-block chain network. A hash-based cuckoo filter can be used for communication of the header along the block chain network.
    Type: Grant
    Filed: June 17, 2019
    Date of Patent: March 29, 2022
    Assignee: The Government of the United States, as represented by the Secretary of the Army
    Inventor: Radhika Roy
  • Patent number: 11290273
    Abstract: We present new designs to choose the parameter sets for more efficient HFEv-based signature schemes. The key method is to reduce the degree of the central HFEv-polynomial while, at the same time, increasing the number of Vinegar variables and Minus equations. The new design speeds up the signature generation process by two orders of magnitude (hundreds of times) compared to QUARTZ. We present also new methods to use multivariate signature schemes to build a white box encryption scheme. This technique is applicable to all existing multivariate signature designs including the HFEV-design and the improvements.
    Type: Grant
    Filed: March 25, 2016
    Date of Patent: March 29, 2022
    Inventor: Jintai Ding
  • Patent number: 11290257
    Abstract: To securely realize updating of a key shared between an apparatus on a transmission side and an apparatus on a reception side. A second apparatus encrypts a new shared key by an encryption processing unit, issues a signature for the encrypted new shared key from a signature processing unit, and transmits the signature and the encrypted new shared key to a first apparatus. When a signature processing unit fails in verifying the signature, the first apparatus performs control to prohibit at least one of processing executed after reception of the encrypted new shared key and required to store the new shared key into a storage unit.
    Type: Grant
    Filed: April 10, 2019
    Date of Patent: March 29, 2022
    Assignee: RENESAS ELECTRONICS CORPORATION
    Inventors: Tadaaki Tanimoto, Daisuke Moriyama
  • Patent number: 11290271
    Abstract: A secured device has a secure storage area and is configured to communicate with an authentication manager of a key server. A salt and a key identifier of a key are received to the secured device from the key server. Information corresponding to the key identifier is embedded into the salt to create a combined identifier-salt value. The combined identifier-salt value is stored in the secure storage area. The combined identifier-salt value is utilized as additional input to a hash function along with a password. The key is identified using the information corresponding to the key identifier embedded into the salt.
    Type: Grant
    Filed: February 27, 2020
    Date of Patent: March 29, 2022
    Assignee: Ford Global Technologies, LLC
    Inventors: Ali Hassani, Ryan Edwin Hanson, Daniel M. King, Hamid M. Golgiri, Cameron Smyth
  • Patent number: 11288767
    Abstract: Systems and methods for unmanned aerial vehicle (UAV) course profiling are provided. A plurality of images may be captured by a UAV flying along a course at a first location. A profile may be constructed for the course based on the images captured by the UAV. The constructed course profile is transmitted over a communication network to a virtual reality system at a second location. The virtual reality system may generate a virtual environment corresponding to the course based on the constructed course profile, and a second UAV at the second location may fly along the virtual course.
    Type: Grant
    Filed: June 23, 2020
    Date of Patent: March 29, 2022
    Assignee: SONY INTERACTIVE ENTERTAINMENT INC.
    Inventors: Michael Taylor, Dennis Dale Castleman
  • Patent number: 11283780
    Abstract: Collaboratively editing a document in a system of sharee clients includes creating a document change, generating a document token for encrypting the document change, encrypting the document change with the document token, making the encrypted document change available to the other sharee clients, and generating a plurality of copies of the sharee document token. Each sharee document token is encrypted with a respective sharee's public key. Each encrypted sharee document token is distributed to respective sharee clients. Each sharee client is configured to: decrypt a sharee document token using a respective private key, decrypt the encrypted document change using the share document token, and consolidate the document change into a document.
    Type: Grant
    Filed: May 4, 2020
    Date of Patent: March 22, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Mark Crosbie, Jason Flood, Juan Galiana Lara, Javier Marcos de Prado
  • Patent number: 11277270
    Abstract: Representative embodiments disclose mechanisms for flexible controls around use of cryptographic material such as encryption/decryption keys, key pairs, certificates, and so forth. The system replaces a local cryptographic agent or cryptographic service provider with a modified agent/service provider that redirects requests to utilize cryptographic key material used in a cryptographic operation to a backend system. The backend system receives the request and identifies a cryptographic process from context data associated with the request. The cryptographic process can have one or more controls attached to one or more operations in the cryptographic process. The controls are conditions that must be completed, in addition to successful completion of the underlying operation, in order to complete the underlying operation. A process owner can easily add, remove, and/or rearrange operations as well as controls to provide flexible controls around the use of cryptographic material.
    Type: Grant
    Filed: January 28, 2019
    Date of Patent: March 15, 2022
    Assignee: Venafi, Inc.
    Inventors: Peter Dennis Bartok, William Anthony Pereira
  • Patent number: 11275864
    Abstract: A system and method for privacy identity control for sharing media on a social media platform includes receiving a digital image encoded with a privacy identification data from a media capturing device for sharing on the social media platform, retrieving a first key based on the privacy identification data for decrypting an encrypted personal privacy protocol, wherein the personal privacy protocol is encrypted using a second key, decrypting the encrypted personal privacy protocol using the first key to obtain a decrypted personal privacy protocol, and displaying the digital image on the social media platform based on the decrypted personal privacy protocol.
    Type: Grant
    Filed: August 24, 2018
    Date of Patent: March 15, 2022
    Assignee: International Business Machines Corporation
    Inventors: Kuo-Liang Chou, Kate Lin, Peter Wu, I-Chien Lin, Chiwen Chang, Ci-Wei Lan, Tsai-Hsuan Hsieh
  • Patent number: 11269522
    Abstract: This document relates to performing video analytics on a cloud device that preserves privacy. One example uses data-oblivious algorithms to process input video data, where the data-oblivious algorithms can assist with preventing attackers from exploiting side-channels induced by data-dependent access patterns.
    Type: Grant
    Filed: July 16, 2019
    Date of Patent: March 8, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Ganesh Ananthanarayanan, Stavros Volos, Srinath T. V. Setty, Rishabh Poddar
  • Patent number: 11271723
    Abstract: An encryption specification named “MetaEncrypt” implemented as a method and associated apparatus is disclosed for unbreakable encryption of data, code, applications, and other information that uses a symmetric key for encryption/decryption and to configure the underlying encryption algorithms being utilized to increase the difficulty of mathematically modeling the algorithms without possession of the key. Data from the key is utilized to select several encryption algorithms utilized by MetaEncrypt and configure the algorithms during the encryption process in which block sizes are varied and the encryption technique that is applied is varied for each block. Rather than utilizing a fixed key of predetermined length, the key in MetaEncrypt can be any length so both the key length and key content are unknown.
    Type: Grant
    Filed: November 8, 2019
    Date of Patent: March 8, 2022
    Inventor: Daniel Eugene Hale
  • Patent number: 11270011
    Abstract: A system and method are disclosed for allowing a plurality of augmented and/or virtual reality users to interact with higher dimensional virtual or augmented environment models in which a plurality of objects are placed throughout in a pseudorandom fashion. The placed plurality of objects are subsequently assigned values either in a predetermined or real time manner. The system and method enable security countermeasures, thereby protecting the higher dimensional environmental model from malicious users.
    Type: Grant
    Filed: July 21, 2021
    Date of Patent: March 8, 2022
    Assignee: 8 BIT DEVELOPMENT INC.
    Inventors: Eric M. Pilnock, Kenneth E. Irwin, Jr., Michael T. Day, Andrew J. Mound
  • Patent number: 11269621
    Abstract: A method is provided for obfuscating program code to prevent unauthorized users from accessing video. The method includes receiving an original program code that provides functionality. The original program code is transformed into obfuscated program code defining a randomized branch encoded version of the original program code. The obfuscated program code is then stored, and a processor receiving input video data flow uses the obfuscated program code to generate an output data flow.
    Type: Grant
    Filed: January 27, 2016
    Date of Patent: March 8, 2022
    Assignee: ARRIS Enterprises LLC
    Inventor: Lex Aaron Anderson
  • Patent number: 11271732
    Abstract: Various embodiments relate to a method for generating a bit stream in a physical unclonable function (PUF) system, including: receiving a set of values from a plurality of physical devices in the PUF system in a first order; sorting the set of values into a second order; for each of the L highest values, setting a corresponding levelTag value to a first bit value and setting a corresponding usageTag value to a first usage value that indicates that the levelTag for the corresponding value is to be used to generate the bit stream, wherein L is a level setting; for each of the L lowest values, setting a corresponding levelTag value to a second bit value and setting a corresponding usageTag value to the first usage value, wherein the first bit value is different from the second bit value; setting the usageTag value for all other values that are not the highest L values or the lowest L values to a second usage value that indicates that the corresponding value is not to be used to generate the bit stream; generatin
    Type: Grant
    Filed: November 12, 2019
    Date of Patent: March 8, 2022
    Assignee: NXP B.V.
    Inventor: Bjorn Fay
  • Patent number: 11271425
    Abstract: In accordance with aspects of the present invention a distributed energy system edge unit is presented. An edge unit includes a power grid interface; one or more device interfaces; a processing unit coupled to the power grid interface and the one or more device interfaces, the processing unit including a communication state that allows communications with an external entity; a control and monitor state that communicates with the communication state; a check unit state that communicates with the control and monitor state and provides a unit state data; wherein the control and monitor state and the communication state provide an instruction data set, current operating parameters according to the unit state data, the instruction set data, and a characterization parameter data, and wherein the control and monitor state provides control signals to the power grid interface and the one or more device interfaces.
    Type: Grant
    Filed: April 14, 2020
    Date of Patent: March 8, 2022
    Assignee: Sunverge Energy, Inc.
    Inventors: Dean Sanders, Stu Statman
  • Patent number: 11265149
    Abstract: An encryption specification named “MetaEncrypt” implemented as a method and associated apparatus is disclosed for unbreakable encryption of data, code, applications, and other information that uses a symmetric key for encryption/decryption and to configure the underlying encryption algorithms being utilized to increase the difficulty of mathematically modeling the algorithms without possession of the key. Data from the key is utilized to select several encryption algorithms utilized by MetaEncrypt and configure the algorithms during the encryption process in which block sizes are varied and the encryption technique that is applied is varied for each block. Rather than utilizing a fixed key of predetermined length, the key in MetaEncrypt can be any length so both the key length and key content are unknown.
    Type: Grant
    Filed: November 8, 2019
    Date of Patent: March 1, 2022
    Inventor: Daniel Eugene Hale
  • Patent number: 11262714
    Abstract: A building management system includes building equipment operable to affect a physical state of a building. The building management system includes a system manager coupled to the building equipment via a system bus, the system manager comprising a schedule manager configured to control an operation schedule of the building equipment. A client device is configured to communicate with the schedule manager to modify operation schedules of the building equipment or add new operation schedules for the building equipment. The schedule manager comprises a list of available schedules for the building equipment and is configured to, in response to modification of the operation schedules or addition of new operation schedules, update the list of available schedules to include the modification or the new operation schedule.
    Type: Grant
    Filed: June 3, 2019
    Date of Patent: March 1, 2022
    Assignee: Johnson Controls Tyco IP Holdings LLP
    Inventors: Vivek V. Gupta, Yogesh Jalkote, Vikram Ashok Lunge, Mark T. Fischbach, John S. Jilek, Benjamin D. Sanfelippo
  • Patent number: 11265161
    Abstract: This document describes a system and method for generating two types of session keys for encoding digital communications between two devices. In particular, the first type of session key possesses escrow properties whereby a trusted third party will be able to generate the first type of session key to decode the digital communications between the two devices while the second type of session key does not possess escrow properties.
    Type: Grant
    Filed: August 7, 2020
    Date of Patent: March 1, 2022
    Assignee: Huawei International Pte. Ltd.
    Inventors: Rehana Yasmin, Yanjiang Yang, Zhuo Wei, Tieyan Li, Hai Yu
  • Patent number: 11259065
    Abstract: Described herein are systems and methods for hardware enforcement of hardware functionality in a television receiver. An activation message containing an activation code for a specific hardware component within the television receiver can be transmitted from a television service provider system to a television receiver having an associated smart card. The smart card can decrypt the activation message, security check the activation message, confirm the activation message is intended for the television receiver, encrypt the activation message with a local key, and transmit the activation message to a security processor on the television receiver. The security processor can decrypt the activation message, security check the activation message to ensure it is from the smart card and has not been tampered with, and enable the hardware component within the television receiver based on the activation code within the activation message.
    Type: Grant
    Filed: October 22, 2019
    Date of Patent: February 22, 2022
    Assignee: DISH TECHNOLOGIES L.L.C.
    Inventors: William Michael Beals, John Hamrick
  • Patent number: 11258861
    Abstract: Technologies disclosed herein provide a method for receiving at a device from a remote server, a request for state information from a first processor of the device, obtaining the state information from one or more registers of the first processor based on a request structure indicated by a first instruction of a software program executing on the device, and generating a response structure based, at least in part, on the obtained state information. The method further includes using a cryptographic algorithm and a shared key established between the device and the remote server to generate a signature based, at least in part, on the response structure, and communicating the response structure and the signature to the remote server. In more specific embodiments, both the response structure and the request structure each include a same nonce value.
    Type: Grant
    Filed: June 29, 2018
    Date of Patent: February 22, 2022
    Assignee: Intel Corporation
    Inventors: Prashant Dewan, Siddhartha Chhabra, Uttam K. Sengupta, Howard C. Herbert
  • Patent number: 11252569
    Abstract: A smart tag and methods of interacting with and authenticating interactions with the same are provided. The smart tag is enabled to generate a Tag Authentication Cryptogram (TAC) and include the TAC in response to a read request. Accordingly, each response generated by the smart tag will include a different TAC. It follows that interactions between the smart tag and a reading device can be authenticated as unique interactions if the TAC is validated as a unique and correct TAC.
    Type: Grant
    Filed: July 26, 2019
    Date of Patent: February 15, 2022
    Assignee: ASSA ABLOY AB
    Inventors: Philip Hoyer, Julian Eric Lovelock, Mark Robinton
  • Patent number: 11250133
    Abstract: A system is provided for configurably signing a secure data image that includes software code that interprets cryptographic atomic code. In the system, a code signing engine includes an interpreter that interprets atomic code signing operations presented in a recipe defined by a system administrator according to configuration parameter values supplied with the input image.
    Type: Grant
    Filed: January 14, 2019
    Date of Patent: February 15, 2022
    Assignee: ARRIS Enterprises LLC
    Inventors: Tat Keung Chan, Ting Yao, Alexander Medvinsky
  • Patent number: 11243840
    Abstract: In one or more embodiments, one or more methods, processes, and/or systems may modify a configuration of an information handling system (IHS) to prevent access of a first non-volatile memory medium, associated with the IHS, that stores a recovery operating system; may boot the information handling system from a second non-volatile memory medium of the IHS; may determine that at least one issue associated with a boot sequence has occurred; may modify the configuration of the IHS to provide access of the first non-volatile memory medium; may modify the configuration of the IHS to boot the information handling system from the first non-volatile memory medium; may restart the IHS; and may boot the recovery operating system from the first non-volatile memory medium.
    Type: Grant
    Filed: March 12, 2019
    Date of Patent: February 8, 2022
    Assignee: Dell Products L.P.
    Inventors: Wei G. Liu, Rui Shi
  • Patent number: 11245258
    Abstract: A method for state estimation of a distribution network comprises: (a) obtaining measurements from phasor measurement units (PMUs) placed at buses in the distribution network; (b) constructing a quotient gradient system (QGS) based on a constraint set H that relates the measurements to state variables of the distribution network; (c) integrating the QGS to reach a steady state; (d) identifying one or more of the state variables whose measurement residuals violate a measurement residual constraint in the constraint set H; (e) integrating a reconstructed QGS, which is reconstructed based on the constraint set H by setting the identified one or more state variables to values of corresponding PMU measurements; (f) iterating steps of (d) and (e) until no measurement residuals violate the measurement residual constraint, to thereby obtain the state estimation; and (g) reporting the state estimation to a control system during real-time monitoring of the distribution network.
    Type: Grant
    Filed: August 31, 2020
    Date of Patent: February 8, 2022
    Assignees: Bigwood Technology, Inc., Tianjin University
    Inventors: Hsiao-Dong Chiang, Qiancheng Lv, Xiangyu Kong
  • Patent number: 11244066
    Abstract: A system on chip includes a host controller and a secure controller for securing communication between the system on chip and external devices accessing a memory controlled by a memory and an encryption/decryption module for encrypting and decrypting the data.
    Type: Grant
    Filed: March 19, 2020
    Date of Patent: February 8, 2022
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Sung Hyun Kim, Jun Ho Huh
  • Patent number: 11237996
    Abstract: A reconfigurable data processor comprises an array of configurable units and a bus system configurable to define virtual machines. The system can partition the array of configurable units into a plurality of sets of configurable units, and block communications via the bus system between configurable units within a particular set and configurable units outside the particular set. A memory access controller can be connected to the bus system, configurable to confine access to memory outside the array of configurable units originating from within the particular set to memory space allocated to the particular.
    Type: Grant
    Filed: April 29, 2020
    Date of Patent: February 1, 2022
    Assignee: SambaNova Systems, Inc.
    Inventors: Gregory Frederick Grohoski, Sumti Jairath, Mark Luttrell, Raghu Prabhakar, Ram Sivaramakrishnan, Manish K. Shah
  • Patent number: 11238160
    Abstract: Techniques are disclosed relating to securely booting a computer system. In some embodiments, a bootloader initiates a boot sequence to load an operating system of the computing device and detects firmware of a peripheral device to be executed during the boot process to initialize the peripheral device for use by the computing device. In response to the detecting, the bootloader instantiates a sandbox that isolates the firmware from the bootloader. In various embodiments, the firmware is loaded from an option read-only memory (OROM) included the peripheral device and executed during the boot sequence to initialize the peripheral device. In some embodiments, the bootloader assigns one or more memory address ranges to the firmware, and the sandbox restricts the firmware from accessing memory addresses that are not included in the assigned one or more address ranges.
    Type: Grant
    Filed: May 31, 2019
    Date of Patent: February 1, 2022
    Assignee: Apple Inc.
    Inventors: Corey T. Kallenberg, Rafal Wojtczuk, Xeno S. Kovah, Andrew J. Fish
  • Patent number: 11238757
    Abstract: The Shifting Substitution Cipher Based Efficient Vaultless Data Tokenization Apparatuses, Methods and Systems (“VDT”) transforms tokenized data storage request, detokenized data retrieval request, tokenized data retokenization request inputs via VDT components into tokenized data storage response, detokenized data retrieval response, tokenized data retokenization response outputs. A tokenized data storage request datastructure is obtained. Data type and data type instance of a plaintext data value are determined. A first data tokenization key token for the data type instance is determined. A first data shift position for the first data tokenization key token is calculated. A first tokenized data value is generated by translating the plaintext data value from a plaintext alphabet to a first shifted ciphertext data alphabet generated by shifting the first data tokenization key token using the first data shift position.
    Type: Grant
    Filed: June 11, 2020
    Date of Patent: February 1, 2022
    Assignee: FMR LLC
    Inventors: Kyle Bush, Gang Cheng
  • Patent number: 11238163
    Abstract: A method for implementing an object based vulnerability model includes identifying each component in an information system and annotating such component in a database; decomposing each component into major functional objects and annotating each object in a database; identifying actions an attacker could take to modify a behavior of the functional objects in the information system and annotating such actions in a database; capturing a trust score and a trustworthiness score for each object and annotating the trust score and the trustworthiness score in the database; assessing each action on the structure, state, and inputs of each functional object to determine if an interaction exists and annotating the interaction existence in the database; and applying preventive and reactive countermeasures accordingly.
    Type: Grant
    Filed: June 27, 2019
    Date of Patent: February 1, 2022
    Assignee: RAYTHEON COMPANY
    Inventors: William Tin Wun Shih, Douglas E. Lapp, William Posey
  • Patent number: 11238137
    Abstract: A method of enabling program code stored on target data processing devices, the method comprising: receiving an in encrypted value of a permitted number of target data processing devices that are permitted to have program code stored on them enabled, and using a security data processing device to decrypt the encrypted value and store the decrypted value on the security data processing device; and for each target data processing device, using the security data processing device to: determine whether the value of the permitted number of target data processing devices is greater than zero; if so, obtain a device identifier from the target data processing device; generate a license key from the device identifier; store the license key on the target data processing device; and decrement the value of the permitted number of target data processing devices.
    Type: Grant
    Filed: April 11, 2018
    Date of Patent: February 1, 2022
    Assignee: SECURE THINGZ LIMITED
    Inventors: Haydn Povey, Steve Pancoast, Mike Moreton, Timothy John Woodruff
  • Patent number: 11233774
    Abstract: According to an aspect, there is provided a first node for evaluating an event using a function. A corresponding computer-implemented method of operating a first node to 5 evaluate an event using a function is also provided. The function is evaluated by two parties using garbled circuits, with each party garbling a circuit representing the function, and evaluating the circuit garbled by the other party.
    Type: Grant
    Filed: December 14, 2018
    Date of Patent: January 25, 2022
    Assignee: KONINKLIJKE PHILIPS N.V.
    Inventor: Meilof Geert Veeningen
  • Patent number: 11234045
    Abstract: Provided is a technology for supporting solution of a fault that has occurred in a system including an audio-visual device. A solution support program storage unit (7) is configured to store, for each potential fault, a solution support program for supporting a user's job for solving the each fault. At least one of the solution support programs for handling a fault having a plurality of possible causes includes processing for displaying a message for prompting the user to conduct a predetermined job, processing for displaying a question for the user, processing for receiving a user's answer to the question, and processing for displaying a message indicating a solution corresponding to the received answer. Then, a main control unit (9) determines a fault based on the information acquired through an audio-visual signal input interface unit (3) and an audio-visual signal output interface unit (4), and executes the solution support program for handling the determined fault.
    Type: Grant
    Filed: March 23, 2017
    Date of Patent: January 25, 2022
    Assignee: D&M Holdings, Inc.
    Inventor: Hiroyuki Uno
  • Patent number: 11233652
    Abstract: According to one embodiment, in response to receiving a temporary public key (PK_d) from a data processing (DP) accelerator, a system generates a first nonce (nc) at the host system, where the DP accelerator is coupled to the host system over a bus. The system transmits a request to create a session key from the host system to the DP accelerator, the request including a host public key (PK_O) and the first nonce. The system receives a second nonce (ns) from the DP accelerator, where the second nonce is encrypted using the host public key and a temporary private key (SK_d) corresponding to the temporary public key. The system generates a first session key based on the first nonce and the second nonce, which is utilized to encrypt or decrypt subsequent data exchanges between the host system and the DP accelerator.
    Type: Grant
    Filed: January 4, 2019
    Date of Patent: January 25, 2022
    Assignees: BAIDU USA LLC, BAIDU.COM TIMES TECHNOLOGY (BEIJING) CO., LTD.
    Inventors: Yueqiang Cheng, Yong Liu, Tao Wei, Jian Ouyang
  • Patent number: 11228420
    Abstract: Systems and methods include establishing a cryptographically secure communication between an application module and an audio module. The application module is configured to execute on an information-handling machine, and the audio module is coupled to the information-handling machine. The establishment of the cryptographically secure communication may be at least partially facilitated by a mutually trusted module.
    Type: Grant
    Filed: December 6, 2019
    Date of Patent: January 18, 2022
    Assignee: INTEL CORPORATION
    Inventors: Pradeep M. Pappachan, Reshma Lal, Rakesh A. Ughreja, Kumar N. Dwarakanath, Victoria C. Moore
  • Patent number: 11229023
    Abstract: Disclosed is an access point (AP) for a network that includes security features for interacting with devices on the network. The other devices on the network may be other APs, client devices, or a backend configuration server. The access point includes a private key that is used to verify signals to and from (the private key may be different for different functions). In the case of other APs, the private key is used to verify control signals sent between the APs to identify and prevent a hijacked AP from taking control of the network by sending false control signals. In the case of a client device, the client device may use the subject AP's private key to identify that the subject AP is a trusted member of the network that may receive data. In the case of the backend server, the subject AP may verify configuration updates via use of the private key to prevent loading of malicious firmware.
    Type: Grant
    Filed: December 14, 2017
    Date of Patent: January 18, 2022
    Assignee: NETGEAR, INC.
    Inventors: Peiman Amini, Joseph Amalan Arul Emmanuel