By Stored Data Protection Patents (Class 713/193)
-
Patent number: 12192350Abstract: An information processing apparatus includes: a first storage memory that stores data; a second storage memory that stores an encryption key; a controller that encrypts the first storage memory with the encryption key; and a communicator that communicates with a server device that stores the encryption key, wherein when the encryption key is acquirable from the server device via the communicator, the controller uses the encryption key acquired from the server device to decrypt the first storage memory, and when the encryption key is not acquirable from the server device via the communicator, the controller requests authentication and, after the authentication is performed, acquires the encryption key from the second storage memory and decrypts the first storage memory.Type: GrantFiled: October 11, 2022Date of Patent: January 7, 2025Assignee: SHARP KABUSHIKI KAISHAInventor: Kanji Nakagawa
-
Patent number: 12192332Abstract: The present technology relates to a file processing device and a file processing method for enabling restriction of viewing of an image. A file control unit generates a file that stores an encrypted image obtained by encrypting an image with a first encryption key, and an encrypted encryption key obtained by encrypting the first encryption key with a second encryption key, the encrypted image and the encrypted encryption key being associated with each other in the file. The file control unit also decrypts the encrypted encryption key in the file into the first encryption key, and, with the first encryption key obtained by the decryption, decrypts the encrypted image into the image. The present technology can be applied to a digital camera and the like that capture images, for example.Type: GrantFiled: November 6, 2020Date of Patent: January 7, 2025Assignee: Sony Group CorporationInventors: Ryo Jinnouchi, Ryogo Ito, Daisuke Funamoto
-
Patent number: 12189726Abstract: On-demand paging support for confidential computing is described. An example of an apparatus includes circuitry including one or more processors including a first processor, the first processor including a TEE and registers, wherein the one or more processors are to: receive a memory access request associated with a trust domain (TD), wherein one or more direct memory access payloads associated with the request being generated by a protocol engine (PE) of a peripheral device and written to a host interface (HIF), the HIF including an address translation engine (ATE); and, in response to a page fault being identified for a payload, divert the payload and forward a payload fault to one or more TD fault buffers in a set of registers, and resolve the page fault by an ATE driver and a virtual machine manager using the TEE.Type: GrantFiled: June 30, 2022Date of Patent: January 7, 2025Assignee: INTEL CORPORATIONInventors: Ravi Sahita, Anjali Singhai Jain, Reouven Elbaz
-
Patent number: 12191977Abstract: Systems, methods, and apparatus for satellite operations with secure enclave for secure inband hosted payload operations are disclosed. In one or more embodiments, a method for payload operations comprises receiving, by a vehicle, host commands from a satellite operation portion of a host spacecraft operations center (SOC). The method further comprises reconfiguring a payload and at least bus component on the vehicle according to the host commands. Also, the method comprises transmitting, by the vehicle, host telemetry to the satellite operation portion of the host SOC. In addition, the method comprises receiving, by the vehicle, hosted commands from a secure enclave of the host SOC. Additionally, the method comprises reconfiguring the payload on the vehicle according to the hosted commands. Further, the method comprises transmitting, by a payload antenna on the vehicle, host payload data, hosted payload data, and the encrypted hosted telemetry to the secure enclave.Type: GrantFiled: September 14, 2021Date of Patent: January 7, 2025Assignee: The Boeing CompanyInventors: Robert J. Winig, Yi-Feng J. Chen
-
Patent number: 12184936Abstract: Tools are provided for distributing access-restricted content in an internet protocol television (“IPTV”) environment based on portable entitlement keys. Such tools can include a decoder, an encoder, and a network entitlement handler. The decoder may be configured to receive a key associated with entitlement information, and transmit the entitlement information over a network. The encoder may be configured to receive content from content providers, and to encode the content to create IP-compatible content, with access restrictions based on entitlement. The network entitlement handler may be configured to receive a request for requested content from the decoder; receive the access-restricted content (including the requested content) from the encoder; and transmit the requested content over the network to the decoder using IP, when the decoder is entitled to receive the requested content.Type: GrantFiled: June 20, 2023Date of Patent: December 31, 2024Assignee: Adeia Media Holdings LLCInventors: Steven M. Casey, Gnanasegeran Selvadurai, Felipe Castro, Waqar Khan
-
Patent number: 12184598Abstract: The invention relates to systems and methods for managing emails where an email server that may comprise one or more computer systems, and which may be part of an email system, receives an email addressed to a specified first user. The email server may analyze the received email and access one or more electronic databases, which may comprise information related to one or more respective registered users of the email system. The databases may be stored on one or more computer-readable storage media operatively connected to the email server.Type: GrantFiled: October 31, 2023Date of Patent: December 31, 2024Inventors: Dana Brunetti, Kevin Spacey
-
Patent number: 12182427Abstract: An apparatus is provided for controlling the operating mode of control circuitry, such that the control circuitry may change between two operating modes. In an allocation mode, data that is loaded in response to an instruction is allocated into storage circuitry from an intermediate buffer, and the data is read from the storage circuitry. In a non-allocation mode, the data is not allocated to the storage circuitry, and is read directly from intermediate buffer. The control of the operating mode may be performed by mode control circuitry, and the mode may be changed in dependence on the type of instruction that calls the data, and whether the data may be used again in the near future, or whether it is expected to be used only once.Type: GrantFiled: October 14, 2022Date of Patent: December 31, 2024Assignee: Arm LimitedInventors: Stefano Ghiggini, Natalya Bondarenko, Luca Nassi, Geoffray Matthieu Lacourba, Huzefa Moiz Sanjeliwala, Miles Robert Dooley, Abhishek Raja
-
Patent number: 12182318Abstract: Methods, systems, and devices for cryptographic key management are described. A memory device can issue, by a firmware component, a command to generate a first cryptographic key for encrypting or decrypting user data stored on a memory device. The memory device can generate, by a hardware component, the first cryptographic key based on the command. The memory device can encrypt, by the hardware component, the first cryptographic key using a second cryptographic key and an initialization vector. The memory device can store the encrypted first cryptographic key in a nonvolatile memory device separate from the hardware component.Type: GrantFiled: February 22, 2023Date of Patent: December 31, 2024Assignee: Micron Technology, Inc.Inventors: Juane Li, Jiangli Zhu, Ying Yu Tai
-
Patent number: 12182316Abstract: A method for protecting an integrated circuit against reverse engineering including predefining a secret bit, forming a first clocked memory element having a first data input, a first data output and a first clock input in the integrated circuit, forming a second clocked memory element having a second data input, a second data output and a second clock input in the integrated circuit, forming a logic path in the integrated circuit and coupling the first data output to the second data input via the logic path and forming a clock signal line in the integrated circuit and coupling the first clock input to the second clock input via the clock signal line.Type: GrantFiled: January 12, 2023Date of Patent: December 31, 2024Assignee: Infineon Technologies AGInventors: Stefan Seidl, Joel Hatsch, Artur Wroblewski
-
Patent number: 12175000Abstract: A system and method may facilitate data matching between multiple data owners through the use of a common set of “pseudonymized” individuals or household identifiers without requiring any data owner to share personally identifiable information with any other party. Data owners may accurately match ID-level online and offline data across multiple platforms with other participants' online and offline data without requiring any party to disclose personally identifiable information about their users or households. This use of deterministic data, rather than probabilistic data or a combination of deterministic and probabilistic data, is more accurate while also lowering the risk of data breach since no personally identifiable information is shared.Type: GrantFiled: September 8, 2023Date of Patent: December 24, 2024Assignee: BLOCKGRAPH LLPInventors: Jason Manningham, Utpal Kalita
-
Patent number: 12174706Abstract: Disclosed herein are systems and method for forming and executing a backup strategy. In one aspect, an exemplary method comprises forming a respective backup strategy for each respective file of a plurality of files stored in a data source based on a frequency of occurrence, a desired recovery time, and a criticality of data loss for the respective file. The method further comprises executing the respective backup strategy for the respective file.Type: GrantFiled: September 29, 2021Date of Patent: December 24, 2024Assignee: Acronis International GmbHInventors: Stanislav Protasov, Serguei Beloussov, Dmitry Martynov, Sergey Ulasen
-
Patent number: 12176100Abstract: Computer-implemented methods and systems are provided that receive, at an implantable medical device (IMD), a programming package comprising a collection of configuration change requests, transaction credentials, and a signature indicative of a source of the programming package. The transaction credentials include a first hash of the collection of configuration change requests. The IMD validates an external device as the source by decrypting the signature using a key that is uniquely associated with the external device. The IMD verifies the transaction credentials and the configuration change requests of the programming package, and generates a second hash of the collection of configuration change requests. Responsive to both (i) the second hash matching the first hash and (ii) the transaction credentials and the configuration change requests being verified, the IMD executes the collection of configuration change requests to update an operating configuration of the IMD.Type: GrantFiled: June 7, 2022Date of Patent: December 24, 2024Assignee: Pacesetter, Inc.Inventors: Simon Skup, Mostafa Sadeghi, Eraj D. Kaluarachchi
-
Patent number: 12169571Abstract: A system for securely storing privacy information is provided. The system includes a plurality of nodes configured to maintain a distributed database containing consumer privacy information having a plurality of entries. Each entry of the plurality of entries in the distributed database is (i) encrypted with a unique encryption key associated with a consumer and the distributed database, and (ii) indexed based on a public encryption key associated with the consumer. A most recent entry associated with the consumer includes current personal information about the consumer. A first entry associated with the consumer includes an encrypted version of the unique encryption key.Type: GrantFiled: March 21, 2022Date of Patent: December 17, 2024Assignee: Cable Television Laboratories, Inc.Inventors: Brian A. Scriber, Steven J. Goeringer, Zane Hintzman
-
Patent number: 12164632Abstract: Techniques for automatically detecting unknown packers are disclosed. In some embodiments, a system/process/computer program product for automatically detecting unknown packers includes receiving a plurality of samples for malware packer detection analysis; performing a packer filter to determine whether each of the plurality of samples is packed; emulating each of the packed samples to extract a plurality of features; and clustering the packed samples based on the extracted features.Type: GrantFiled: May 25, 2022Date of Patent: December 10, 2024Assignee: Palo Alto Networks, Inc.Inventors: Chienhua Lu, Wenjun Hu
-
Patent number: 12164795Abstract: Methods, systems, and devices for improved inter-memory movement in a multi-memory system are described. A memory device may receive from a host device a command to move data from a first memory controlled by a first controller to a second memory controller by a second controller. The memory device may use the first and second controllers to facilitate the movement of the data from the first memory to the second memory via a path external to the host device. The memory device may indicate to the host device when to suspend activity to the first memory or the second memory and when to resume activity to the first memory or second memory.Type: GrantFiled: December 20, 2023Date of Patent: December 10, 2024Assignee: Micron Technology, Inc.Inventors: Sourabh Dhir, Kang-Yong Kim
-
Patent number: 12164441Abstract: A method, apparatus, and system for storing memory encryption realm key IDs is disclosed. A method comprises accessing a memory ownership table with a physical address to determine a realm ID associated with the physical address, accessing a key ID association structure with the realm ID to determine a realm key IS associated with the realm ID, and initiating a memory transaction based on the realm key ID. Once retrieved, the realm key ID may be stored in a translation lookaside buffer.Type: GrantFiled: August 28, 2023Date of Patent: December 10, 2024Assignee: QUALCOMM IncorporatedInventors: Darren Lasko, Roberto Avanzi, Thomas Philip Speier, Harb Abdulhamid, Vikramjit Sethi
-
Patent number: 12166761Abstract: Distinguishing between functional tracking domains and nonfunctional tracking domains on a host web page. In particular, a list of known tracking domains that load content into host web pages may be received. This list of tracking domains may include tracking domains that are functional and tracking domains that are nonfunctional. The tracking domains that are functional may be determined by evaluating various behaviors and characteristics of the tracking domains. Once functional tracking domains have been determined, these functional tracking domains may be allowed, and other tracking domains may be blocked from loading content onto host web pages thereby preserving the functionality of the web pages.Type: GrantFiled: February 2, 2024Date of Patent: December 10, 2024Assignee: GEN DIGITAL INC.Inventors: Iskander Sanchez Rola, Johann Roturier, David Luz Silva, Leylya Yumer, Daniel Marino, Petros Efstathopoulos
-
Patent number: 12164624Abstract: Disclosed are various embodiments for using machine learning models to identify appropriate security patterns to follow during the application development process. A computing device can receive a request to identify a collection of security patterns to apply to an application and then identify a plurality of features associated with the application. Next, the computing device can submit the plurality of features to a random forest machine learning model and receive a first set of security patterns in response. Then, the computing device can submit the plurality of features to a k-nearest neighbor (KNN) machine learning model and receive a second set of security patterns in response. Then, the computing device can identify a subset of the security patterns that is included in both the first set of security patterns and the second set of security patterns and return the subset of the security patterns.Type: GrantFiled: December 13, 2021Date of Patent: December 10, 2024Assignee: AMERICAN EXPRESS TRAVEL RELATED SERVICES COMPANY, INC.Inventors: Hiranmayi Palanki, Shankar Djeyassilane
-
Patent number: 12159052Abstract: A method of performing replication recovery operation in a disaggregated distributed storage system (DDSS) includes identifying an affected storage node included in the storage pool based on an occurrence of one or more predetermined conditions; selecting at least one replacement storage node from among one or more storage nodes included in the storage pool to recover replication data stored in the affected storage node; selecting at least one controller for performing a replication recovery operation from among one or more controllers included in the controller pool; and assigning one or more replication recovery jobs to the at least one controller; and receiving, by the replication recovery device, a notification from the at least one controller based on the one or more replication recovery jobs being completed.Type: GrantFiled: December 28, 2022Date of Patent: December 3, 2024Assignee: SAMSUNG ELECTRONICS CO., LTD.Inventors: Roshan R Nair, Arun George, Dinesh Ratra, Parag Jain, Preetham Parshwanath Jain, Rohit Kailash Sharma, Shivam, Vishak Guddekoppa
-
Patent number: 12160313Abstract: A transmitting device for supporting Hybrid Automatic Repeat Request (HARQ) includes scrambling and encoding, in which the order of scrambling and encoding is changed compared to the conventional transmitter. Likewise, a receiving device for supporting HARQ includes descrambling and decoding, in which the order of descrambling and decoding is changed compared to the conventional receiver. In particular, the transmitting device is configured to encode at least one data unit using Forward Error Correction (FEC) coding, scramble the encoded data unit based on a scrambling seed, provide an indication of the scrambling seed that is separate from the scrambled and encoded data unit, and transmit the indication of the scrambling seed and then the scrambled and encoded data unit to the receiving device.Type: GrantFiled: April 22, 2021Date of Patent: December 3, 2024Assignee: Huawei Technologies Co., Ltd.Inventors: Shimon Shilo, Leonid Epstein, Yaron Ben-Arie, Ezer Melzer
-
Patent number: 12153526Abstract: Technology for performing data duplication on data that was previously consolidated (e.g., deduplicated or merged). An example method may involve receiving a request to modify a memory page; causing the data at a first storage location to be decrypted using location dependent cryptographic input and then encrypted using a location independent cryptographic input; copying the encrypted data of the memory page from the first storage location to a second storage location; causing the encrypted data at the first and second storage locations to be decrypted using location independent cryptographic input and to each be encrypted using a different location dependent cryptographic input; updating, by the supervisor, one of the references of the plurality of memory pages from pointing to the first storage location in the physical memory to pointing to the second storage location; and modifying the memory page by altering data in the physical memory.Type: GrantFiled: June 6, 2022Date of Patent: November 26, 2024Assignee: Red Hat, Inc.Inventors: Henri Han Van Riel, Michael Tsirkin
-
Patent number: 12153721Abstract: A method of checking the authenticity of at least a first portion of the content of a non-volatile memory of an electronic device including a microcontroller and an embedded secure element is disclosed. The method includes starting the microcontroller with instructions stored in a first secure memory area associated with the microcontroller and starting the secure element. The secure element has a plurality of decipher keys, each associated with a portion of the content of a second reprogrammable non-volatile memory area associated with the microcontroller. The secure element performs a signature check on a first portion of the content of the second area. If the signature is verified, the secure element sends the decipher key associated with the first portion to the microcontroller. If the signature is not verified, the secure element executes a signature check on another portion of the content of the second memory area.Type: GrantFiled: August 8, 2023Date of Patent: November 26, 2024Assignee: PROTON WORLD INTERNATIONAL N.V.Inventor: Olivier Van Nieuwenhuyze
-
Patent number: 12147281Abstract: Example implementations include a method, apparatus, and computer-readable medium comprising downloading, from a backend server of a security/automation system of a premises, to a reset or replacement control panel of the security/automation system, backed-up device information of one or more devices in the security/automation system; and resuming operation of the one or more devices in the security/automation system, using the backed-up device information downloaded to the reset or replacement control panel.Type: GrantFiled: November 16, 2021Date of Patent: November 19, 2024Assignee: TYCO FIRE & SECURITY GMBHInventors: Andy Hu, David Laone, Ross Werner, Heather J. Shook
-
Patent number: 12149529Abstract: Systems and methods for adaptive token verification are disclosed. For example, a system may include at least one memory storing instructions and one or more processors configured to execute the instructions to perform operations. The operations may include training a verification model to verify tokenized requests based on system identifiers. The operations may include receiving a tokenized request from an external system, the request comprising a system identifier of the external system. The operations may include generating output of the verification model based on the system identifier, and, based on the output, performing one of granting the request or blocking the request.Type: GrantFiled: November 21, 2023Date of Patent: November 19, 2024Assignee: Capital One Services, LLCInventors: Allison Fenichel, Brice Elder, Varun Gupta
-
Patent number: 12143482Abstract: A storing information generation apparatus obtains registration information and an identifier capable of identifying the registration information, to generate a first individual key from the common key and the identifier, and to generate storing information obtained by linearly converting the registration information using the common key and the first individual key. A matching information concealment apparatus obtains matching information to generate concealed matching information concealing the matching information using an encryption key. A concealed similarity calculation apparatus calculates a concealed similarity from the storing information and the concealed matching information. A decryption apparatus generates a second individual key from the common key and the identifier, and calculates a similarity between the registration information and the matching information from the concealed similarity, a decryption key corresponding to the encryption key, the common key, and the second individual key.Type: GrantFiled: October 9, 2019Date of Patent: November 12, 2024Assignee: NEC CorporationInventors: Haruna Fukuda, Toshiyuki Isshiki, Masahiro Nara, Hiroto Tamiya, Toshihiko Okamura
-
Patent number: 12141306Abstract: A method for integrity auditing is provided. The method comprises: generate a challenge message for verifying data integrity of a file stored at a storage server (510); send the challenge message to the storage server (520); receive, from the storage server, a proof on the data integrity of the file, the proof being generated based on the challenge message (530); verify the data integrity of the file by verifying validity of the proof (540). In this way, integrity auditing for multi-copy storage can be enabled, where the overhead in updating data is independent of the number of copies of the data.Type: GrantFiled: July 18, 2019Date of Patent: November 12, 2024Assignee: NOKIA TECHNOLOGIES OYInventors: Anmin Fu, Jingyu Feng
-
Patent number: 12135799Abstract: The present disclosure relates to a method wherein a random value, generated by a random number generator, is stored, by a finite state machine coupled to the generator by a first dedicated bus, in a memory area of a non-volatile fuse-type memory of an integrated circuit, the memory area being only accessible by the finite state machine.Type: GrantFiled: March 15, 2022Date of Patent: November 5, 2024Assignee: STMicroelectronics (Grenoble 2) SASInventor: Mark Trimmer
-
Patent number: 12137172Abstract: In Secure-Asynchronous Signing, when a record is inserted into a collection of records by a user, the user specifies a registered digital certificate to associate with the record. The digital certificate was previously registered by the user. To subsequently sign a record, the user provides a digital signature. The digital signature is validated using data in the record and a public key of the digital certificate that was associated with the row. Invalid digital signatures are detected and rejected regardless of how long afterward the attempt to sign the row occurs after inserting the row.Type: GrantFiled: January 26, 2022Date of Patent: November 5, 2024Assignee: Oracle International CorporationInventors: Sachin Vijakumar Sonawane, Juan R. Loaiza, Mahesh Baburao Girkar, Mark Rakhmilevich, Wei-Ming Hu
-
Patent number: 12136482Abstract: The invention provides, in some aspects, a system for implementing a rule derived basis to display anonymized image sets. In various embodiments of the invention, users with the appropriate permission can launch a function inside a system in order to anonymize and export the currently loaded study or studies, or one or more studies identified by a search criteria. The data from the studies that were identified is then anonymized on the system using predefined rules. In an embodiment of the present invention, the data from selected studies is anonymized on a server, and only then transmitted to another network device thus minimizing the risk that protected health information can be inadvertently disclosed. In an alternative embodiment of the present invention, the data from selected studies is anonymized on a server, and only the anonymized data is stored to the hard disk or other media of a user viewing the study.Type: GrantFiled: October 26, 2023Date of Patent: November 5, 2024Assignee: PME IP PTY LTDInventors: Detlev Stalling, Malte Westerhoff
-
Patent number: 12131150Abstract: A method for patch management is described. The method includes downloading a patch that is incompatible with a patch management system. The method also includes creating an archive that is executable by the patch management system. The archive includes the incompatible patch. The method further includes sending the archive to the patch management system.Type: GrantFiled: November 22, 2019Date of Patent: October 29, 2024Assignee: Ivanti, Inc.Inventors: Michael Fahland, Nicholas Krueger, Sean McDonald
-
Patent number: 12130903Abstract: A method and system for authenticating soft part updates to an electronic control unit (ECU) or other processing device is contemplated. The authenticating may include a back office providing authentication data to a programming tool whereupon the ECU interacts with the programming tool to authenticate the soft part updates. The authenticating may optionally include the ECU identifying whether the soft part update is to be authenticated according to different types of authentications.Type: GrantFiled: March 17, 2022Date of Patent: October 29, 2024Assignee: GM Global Technology Operations LLCInventor: Brian Farrell
-
Patent number: 12131270Abstract: Described processes include: determining portions of instances of a cryptographic token to be allocated to record providers, like providers of an asset indicated by a record, wherein: the portions are determined based on network effects associated with the records the record provider supplied on performance of a computer-implemented network in which both record providers and record consumers participate, patterns indicative of inorganic consumption may be determined from one or more of interactions of individual consumers, interactions of collections of consumers, or consumer interactions in the aggregate for a given provider or record; and the effects on network performance are adjusted responsive to designation of one or more entities as exhibiting inauthentic behavior; and appending to a distributed ledger, records indicating the respective portions, and adjustments, are allocated to record providers.Type: GrantFiled: January 26, 2023Date of Patent: October 29, 2024Assignee: Rokfin, Inc.Inventors: Scott Augustine, Martin Floreani
-
Patent number: 12124597Abstract: Aspects of the subject disclosure may include, for example, a method that includes receiving user input to configure a secure storage unit (SSU) having a first portion attached to a network and storing encrypted data, a second portion attached to the network and storing unencrypted data, and a third portion attachable to the network. The user input defines a security level for each portion. The method also includes receiving a data object for storage in the SSU, and determining a data security level for the data object; the data security level is determined by user input regarding the data object and/or analysis of the data object by the processing system, and the analysis includes analysis of attributes of the data object and/or content of the data object. The method further includes storing the data object in the SSU according to the data security level. Other embodiments are disclosed.Type: GrantFiled: July 19, 2022Date of Patent: October 22, 2024Assignee: AT&T Intellectual Property I, L.P.Inventors: Stephen J. Griesmer, Himanshu Ranpura
-
Patent number: 12126716Abstract: An operator for a global total order broadcast domain may send an operation out of band to nodes of participating parties, receive a certificate and a signature on an operation identifier for each participating node, generate a randomness vectors for each party participating in the operation, generate a random symmetric encryption key, encrypt the certificates, the signatures, and the randomness vector for each participating party with the symmetric encryption key, encrypt the symmetric encryption key under each public key for each participating party, and hash the symmetric encryption key, and recording, by the operator, the hashed symmetric encryption key on the global total order broadcast domain.Type: GrantFiled: September 10, 2021Date of Patent: October 22, 2024Assignee: International Business Machines CorporationInventors: Yacov Manevich, Jason Karl Yellick
-
Patent number: 12120101Abstract: One example described herein includes a system that can perform an inflight encryption of data from a server to a network attached storage (NAS) device. The system can include a first network adapter card that can receive data from the server via a network file system (NFS) protocol. The first network adapter card can determine that the data is unencrypted based at least in part on receiving the data via an NFS port of the server. The first network adapter card can encrypt the data based at least in part on the data being received via the NFS port. The system can transmit the encrypted data to the NAS device via a second network adapter card, where the second network adapter card is configured to decrypt the encrypted data.Type: GrantFiled: June 29, 2022Date of Patent: October 15, 2024Assignee: Truist BankInventors: Kenneth Hall, Michael Radonis, Bobby Len Robins
-
Patent number: 12118130Abstract: Systems, methods, and apparatuses for low-latency page efficient chained decryption and decompression acceleration are described.Type: GrantFiled: March 27, 2021Date of Patent: October 15, 2024Assignee: Intel CorporationInventor: Vinodh Gopal
-
Patent number: 12120237Abstract: A computer-implemented method includes a request server receiving data representing user credentials from an application server and assigning a transient token to the received user credentials. The request server initiates transmission of the user credentials and the assigned transient token to a de-identification server. The de-identification server generates a unique token from the user credentials and initiates transmission of the generated unique token and the assigned transient token to a de-identified data server. The de-identified data server receives data representing personal information corresponding to the user credentials and initiates transmission of the received personal information and the assigned transient token to an analytic server. The analytic server initiates transmission to the request server personalized content attained from the received personal information and the transient token.Type: GrantFiled: March 29, 2024Date of Patent: October 15, 2024Assignee: Vigilytics LLCInventor: Andrew L. Paris, III
-
Patent number: 12114166Abstract: The invention relates to a method for setting up a subscription profile in a subscriber identity module, preferably an embedded UICC, wherein the following method steps take place in the subscriber identity module: receiving a subscription profile encrypted with a cryptographic key of a subscription server, wherein the cryptographic key for decrypting the subscription profile is unknown to the subscriber identity module at the time of receiving; storing the encrypted subscription profile without decrypting the subscription profile; receiving the cryptographic key at a time after the storing step; decrypting the encrypted subscription profile with the cryptographic key; and installing the decrypted subscription profile to set up the subscription profile in the subscriber identity module. The invention also relates to a corresponding method in a subscription server, a subscriber identity module, and a computer program product.Type: GrantFiled: May 19, 2020Date of Patent: October 8, 2024Assignee: GIESECK+DEVRIENT MOBILE SECURITY GERMANY GMBHInventor: Nils Nitsch
-
Patent number: 12105805Abstract: A method, computer program product, and a system where a secure interface control configures a hardware security module for exclusive use by a secure guest. The secure interface control (“SC”) obtains a configuration request (via a hypervisor) to configure the hardware security module (HSM), from a given guest of guests managed by the hypervisor. The SC determines if the HSM is already configured to a specific guest of the one or more guests, but based on determining that the HSM is not configured to the and is a secure guest the SC forecloses establishing a configuration of the HSM by limiting accesses by guests to the HSM exclusively to the given guest. The SC logs the given guest into the HSM by utilizing a secret of the given guest. The SC obtains, from the HSM, a session code and retains the session code.Type: GrantFiled: October 7, 2022Date of Patent: October 1, 2024Assignee: International Business Machines CorporationInventors: Reinhard T. Buendgen, Tamas Visegrady, Ingo Franzki
-
Patent number: 12108096Abstract: A processing service of a provider network may protect media content from being tampered with when it is transmitted from the provider network/transcoder to untrusted networks (e.g., third-party networks/CDNs) and to a media player. The processing service (e.g., the transcoder) generates a public and a private key. The service uses the private key to digitally sign content portions (e.g., video frames) before distribution to untrusted CDNs. The provider network creates a manifest that includes the public key. To play the media content, the media player obtains a manifest that includes the public key (via a secure/trusted connection with the provider network). The media player may then obtain the media content from an untrusted edge server/CDN and validate it using the public key that was separately obtained from the manifest (to verify the content was not tampered with).Type: GrantFiled: June 6, 2023Date of Patent: October 1, 2024Assignee: Amazon Technologies, Inc.Inventors: Selvanayagam Sendurpandian, Ross Engers, Luke Curley, Nikhil Purushe, Andrew Francis, Daniel Lin, Tarek Amara, Shuhan Jin, Levi Lovelock, Berk Taner, Yann Landry, Neeraj Satish Joshi, Jean-Sebastien Royer
-
Patent number: 12105811Abstract: A system and method that utilize an encryption engine endpoint to encrypt data in a data storage system are disclosed. In the system and method, the client controls the encryption keys utilized to encrypt and decrypt data such that the encryption keys are not stored together with the encrypted data. Therefore, once data is encrypted, neither the host of the data storage system, nor the encryption engine endpoint have access to the encryption keys required to decrypt the data, which increases the security of the encrypted data in the event of, for example, the data storage system being accessed by an unauthorized party.Type: GrantFiled: March 21, 2022Date of Patent: October 1, 2024Assignee: Eidetic Communications Inc.Inventors: Stephen Bates, Saeed Fouladi Fard
-
Patent number: 12105809Abstract: This disclosure relates to a non-intrusive method of detecting security flaws of a computer program APP. The method comprises a step of installing and executing an executable and non-instrumentalized version of the program APP in a computer system 1, the computer system 1 comprising at least one cryptographic function able to be called by the program APP. It also comprises, in the course of the execution of the program, a step of recording in a tracing file the modalities of calls to the cryptographic function and, after the execution of the program, a step of analyzing the tracing file so as to devise a data structure of the states taken by the cryptographic object manipulated in the course of the execution of the program. The data structure is analyzed to detect calls to the cryptographic function that are liable to form a security flaw.Type: GrantFiled: July 31, 2023Date of Patent: October 1, 2024Assignee: Cryptosense SASInventors: Bertrand Bonnefoy-Claudet, Etienne Millon, Nathan Rebours, Graham Steel
-
Patent number: 12099747Abstract: Write removal for solid-state drives can be managed. For example, a computing device can designate a space of a solid-state drive (SSD) for a write of container. The computing device can store the write for the container in the space in response to loading the container for executing the container. The computing device can determine an end to an execution phase for the container. In response to determining the end to the execution phase, the computing device can remove the write from the space of the SSD.Type: GrantFiled: December 22, 2020Date of Patent: September 24, 2024Assignee: RED HAT, INC.Inventors: Gabriel Zvi BenHanokh, Orit Wasserman
-
Patent number: 12099585Abstract: A computer-implemented method for remotely verifying an identity of a user is presented. The method comprises a first data processing device (120) receiving a live video stream (102) of the user from a second data processing device (140) via a video data connection (108) having a video bandwidth. Establishing a separate data connection (110) between the first (120) and second (140) data processing devices, the data connection (110) having a data bandwidth. The first data processing device (120) receiving, via the data connection (110), identifying data (104) captured from an identifying means from the second data processing device (140), or another data processing device. The first data processing device (120) determining first biometric data based on the identifying data (104) and comparing to second biometric data based on the live video stream (102).Type: GrantFiled: September 12, 2019Date of Patent: September 24, 2024Assignee: ISX IP LtdInventor: Nickolas John Karantzis
-
Patent number: 12093402Abstract: Replicating data using inferred trust, including: receiving, by a first storage system from a computing device, data encrypted using a first encryption key; decrypting, by the first storage system, the encrypted data using the first encryption key; encrypting, by the first storage system, the decrypted data using a second encryption key; storing, on the first storage system, the data encrypted using the second encryption key; sending, from the first storage system to the second storage system, the data; and servicing, by the second storage system, an input/output (‘I/O’) operation directed to the data.Type: GrantFiled: July 24, 2020Date of Patent: September 17, 2024Assignee: PURE STORAGE, INC.Inventors: Ronald Karr, Constantine Sapuntzakis, John Colgrove
-
Patent number: 12095756Abstract: Provided is an API invoker of performing an onboarding. The API invoker includes a transceiver and a processor coupled with the transceiver and configured to obtain, from a service provider, onboarding information including an onboarding credential and information of a CAPIF core function, establish a secure session with the CAPIF core function based on the onboarding information and control the transceiver to transmit, to the CAPIF core function, an onboard API invoker request message along with the onboarding credential and to receive an onboard API invoker response message based on a result of a validating the onboarding credential at the CAPIF core function.Type: GrantFiled: April 8, 2019Date of Patent: September 17, 2024Assignee: Samsung Electronics Co., LtdInventors: Nishant Gupta, Rajavelsamy Rajadurai, Narendranath Durga Tangudu
-
Patent number: 12088725Abstract: Disclosed is a method, a device, and/or a system of authentication through use of an unforgeable hash function-based credential. In one embodiment, method for electronic authentication includes receiving an authentication request including an identity claim from a first device, the identity claim including a device root hash computed by a hash function using inputs comprising a previously calculated hash value of the device. The method retrieves data of a user profile associated with the first device, the user profile including a profile root hash computed by the hash function using inputs comprising a previously calculated hash value of the user profile. The method extracts the profile root hash and compares the device root hash with the profile root hash. The method determines that the device root hash and the profile root hash are not identical, denies the authentication request, and optionally locks the user profile.Type: GrantFiled: April 26, 2022Date of Patent: September 10, 2024Assignee: THE ONLI CORPORATIONInventors: Dhryl Anton, Michael McFall
-
Patent number: 12087331Abstract: An End of Data Set (EOD) including a High Resolution Tape Directory (HRTD) is written at a position next to a last written user data set on a tape. When appending a new user data set, the new user data set is written starting from a position next to an end longitudinal position (LPOS) of the EOD to generate an overwritten EOD.Type: GrantFiled: December 19, 2022Date of Patent: September 10, 2024Assignee: International Business Machines CorporationInventor: Tsuyoshi Miyamura
-
Patent number: 12088710Abstract: This document describes techniques for rotating keys used to tokenize data stored in a streaming data store where data is stored for a maximum time [W]. In some embodiments, a data layer of such a data store can encrypt arriving original data values twice. The original data value is first encrypted with a first key, producing a first token. The original data value is encrypted with a second key, producing a second token. Each encrypted token can be stored separately in the data store. A field may be associated with two database columns, one holding the value encrypted with the first key and the second holding the value encrypted with the second key. Keys are rotated after time [K], which is at least equal to and preferably longer than [W]. Rotation can involve discarding the older key and generating a new key so that two keys are still used.Type: GrantFiled: October 20, 2023Date of Patent: September 10, 2024Assignee: Akamai Technologies, Inc.Inventors: Eugene (John) Neystadt, Jonathan Herzog, Ittay Dror, Elisha Ben-Zvi
-
Patent number: 12088862Abstract: A method for encapsulating encoded media data corresponding to a wide view of a scene, the method comprising: obtaining a projected picture from the wide view of the scene; splitting the projected picture into at least one sub-picture; encoding the at least one sub-picture into a plurality of tracks; generating descriptive metadata associated with the encoded tracks, the descriptive metadata comprise a first information associated with each track being indicative of a spatial relationship between the at least one sub-picture encoded in the track and a reference picture; wherein the descriptive metadata further comprises a second information indicating the reference picture.Type: GrantFiled: June 5, 2019Date of Patent: September 10, 2024Assignee: Canon Kabushiki KaishaInventors: Frédéric Maze, Franck Denoual, Naël Ouedraogo