By Stored Data Protection Patents (Class 713/193)
  • Patent number: 12192350
    Abstract: An information processing apparatus includes: a first storage memory that stores data; a second storage memory that stores an encryption key; a controller that encrypts the first storage memory with the encryption key; and a communicator that communicates with a server device that stores the encryption key, wherein when the encryption key is acquirable from the server device via the communicator, the controller uses the encryption key acquired from the server device to decrypt the first storage memory, and when the encryption key is not acquirable from the server device via the communicator, the controller requests authentication and, after the authentication is performed, acquires the encryption key from the second storage memory and decrypts the first storage memory.
    Type: Grant
    Filed: October 11, 2022
    Date of Patent: January 7, 2025
    Assignee: SHARP KABUSHIKI KAISHA
    Inventor: Kanji Nakagawa
  • Patent number: 12192332
    Abstract: The present technology relates to a file processing device and a file processing method for enabling restriction of viewing of an image. A file control unit generates a file that stores an encrypted image obtained by encrypting an image with a first encryption key, and an encrypted encryption key obtained by encrypting the first encryption key with a second encryption key, the encrypted image and the encrypted encryption key being associated with each other in the file. The file control unit also decrypts the encrypted encryption key in the file into the first encryption key, and, with the first encryption key obtained by the decryption, decrypts the encrypted image into the image. The present technology can be applied to a digital camera and the like that capture images, for example.
    Type: Grant
    Filed: November 6, 2020
    Date of Patent: January 7, 2025
    Assignee: Sony Group Corporation
    Inventors: Ryo Jinnouchi, Ryogo Ito, Daisuke Funamoto
  • Patent number: 12189726
    Abstract: On-demand paging support for confidential computing is described. An example of an apparatus includes circuitry including one or more processors including a first processor, the first processor including a TEE and registers, wherein the one or more processors are to: receive a memory access request associated with a trust domain (TD), wherein one or more direct memory access payloads associated with the request being generated by a protocol engine (PE) of a peripheral device and written to a host interface (HIF), the HIF including an address translation engine (ATE); and, in response to a page fault being identified for a payload, divert the payload and forward a payload fault to one or more TD fault buffers in a set of registers, and resolve the page fault by an ATE driver and a virtual machine manager using the TEE.
    Type: Grant
    Filed: June 30, 2022
    Date of Patent: January 7, 2025
    Assignee: INTEL CORPORATION
    Inventors: Ravi Sahita, Anjali Singhai Jain, Reouven Elbaz
  • Patent number: 12191977
    Abstract: Systems, methods, and apparatus for satellite operations with secure enclave for secure inband hosted payload operations are disclosed. In one or more embodiments, a method for payload operations comprises receiving, by a vehicle, host commands from a satellite operation portion of a host spacecraft operations center (SOC). The method further comprises reconfiguring a payload and at least bus component on the vehicle according to the host commands. Also, the method comprises transmitting, by the vehicle, host telemetry to the satellite operation portion of the host SOC. In addition, the method comprises receiving, by the vehicle, hosted commands from a secure enclave of the host SOC. Additionally, the method comprises reconfiguring the payload on the vehicle according to the hosted commands. Further, the method comprises transmitting, by a payload antenna on the vehicle, host payload data, hosted payload data, and the encrypted hosted telemetry to the secure enclave.
    Type: Grant
    Filed: September 14, 2021
    Date of Patent: January 7, 2025
    Assignee: The Boeing Company
    Inventors: Robert J. Winig, Yi-Feng J. Chen
  • Patent number: 12184936
    Abstract: Tools are provided for distributing access-restricted content in an internet protocol television (“IPTV”) environment based on portable entitlement keys. Such tools can include a decoder, an encoder, and a network entitlement handler. The decoder may be configured to receive a key associated with entitlement information, and transmit the entitlement information over a network. The encoder may be configured to receive content from content providers, and to encode the content to create IP-compatible content, with access restrictions based on entitlement. The network entitlement handler may be configured to receive a request for requested content from the decoder; receive the access-restricted content (including the requested content) from the encoder; and transmit the requested content over the network to the decoder using IP, when the decoder is entitled to receive the requested content.
    Type: Grant
    Filed: June 20, 2023
    Date of Patent: December 31, 2024
    Assignee: Adeia Media Holdings LLC
    Inventors: Steven M. Casey, Gnanasegeran Selvadurai, Felipe Castro, Waqar Khan
  • Patent number: 12184598
    Abstract: The invention relates to systems and methods for managing emails where an email server that may comprise one or more computer systems, and which may be part of an email system, receives an email addressed to a specified first user. The email server may analyze the received email and access one or more electronic databases, which may comprise information related to one or more respective registered users of the email system. The databases may be stored on one or more computer-readable storage media operatively connected to the email server.
    Type: Grant
    Filed: October 31, 2023
    Date of Patent: December 31, 2024
    Inventors: Dana Brunetti, Kevin Spacey
  • Patent number: 12182427
    Abstract: An apparatus is provided for controlling the operating mode of control circuitry, such that the control circuitry may change between two operating modes. In an allocation mode, data that is loaded in response to an instruction is allocated into storage circuitry from an intermediate buffer, and the data is read from the storage circuitry. In a non-allocation mode, the data is not allocated to the storage circuitry, and is read directly from intermediate buffer. The control of the operating mode may be performed by mode control circuitry, and the mode may be changed in dependence on the type of instruction that calls the data, and whether the data may be used again in the near future, or whether it is expected to be used only once.
    Type: Grant
    Filed: October 14, 2022
    Date of Patent: December 31, 2024
    Assignee: Arm Limited
    Inventors: Stefano Ghiggini, Natalya Bondarenko, Luca Nassi, Geoffray Matthieu Lacourba, Huzefa Moiz Sanjeliwala, Miles Robert Dooley, Abhishek Raja
  • Patent number: 12182318
    Abstract: Methods, systems, and devices for cryptographic key management are described. A memory device can issue, by a firmware component, a command to generate a first cryptographic key for encrypting or decrypting user data stored on a memory device. The memory device can generate, by a hardware component, the first cryptographic key based on the command. The memory device can encrypt, by the hardware component, the first cryptographic key using a second cryptographic key and an initialization vector. The memory device can store the encrypted first cryptographic key in a nonvolatile memory device separate from the hardware component.
    Type: Grant
    Filed: February 22, 2023
    Date of Patent: December 31, 2024
    Assignee: Micron Technology, Inc.
    Inventors: Juane Li, Jiangli Zhu, Ying Yu Tai
  • Patent number: 12182316
    Abstract: A method for protecting an integrated circuit against reverse engineering including predefining a secret bit, forming a first clocked memory element having a first data input, a first data output and a first clock input in the integrated circuit, forming a second clocked memory element having a second data input, a second data output and a second clock input in the integrated circuit, forming a logic path in the integrated circuit and coupling the first data output to the second data input via the logic path and forming a clock signal line in the integrated circuit and coupling the first clock input to the second clock input via the clock signal line.
    Type: Grant
    Filed: January 12, 2023
    Date of Patent: December 31, 2024
    Assignee: Infineon Technologies AG
    Inventors: Stefan Seidl, Joel Hatsch, Artur Wroblewski
  • Patent number: 12175000
    Abstract: A system and method may facilitate data matching between multiple data owners through the use of a common set of “pseudonymized” individuals or household identifiers without requiring any data owner to share personally identifiable information with any other party. Data owners may accurately match ID-level online and offline data across multiple platforms with other participants' online and offline data without requiring any party to disclose personally identifiable information about their users or households. This use of deterministic data, rather than probabilistic data or a combination of deterministic and probabilistic data, is more accurate while also lowering the risk of data breach since no personally identifiable information is shared.
    Type: Grant
    Filed: September 8, 2023
    Date of Patent: December 24, 2024
    Assignee: BLOCKGRAPH LLP
    Inventors: Jason Manningham, Utpal Kalita
  • Patent number: 12174706
    Abstract: Disclosed herein are systems and method for forming and executing a backup strategy. In one aspect, an exemplary method comprises forming a respective backup strategy for each respective file of a plurality of files stored in a data source based on a frequency of occurrence, a desired recovery time, and a criticality of data loss for the respective file. The method further comprises executing the respective backup strategy for the respective file.
    Type: Grant
    Filed: September 29, 2021
    Date of Patent: December 24, 2024
    Assignee: Acronis International GmbH
    Inventors: Stanislav Protasov, Serguei Beloussov, Dmitry Martynov, Sergey Ulasen
  • Patent number: 12176100
    Abstract: Computer-implemented methods and systems are provided that receive, at an implantable medical device (IMD), a programming package comprising a collection of configuration change requests, transaction credentials, and a signature indicative of a source of the programming package. The transaction credentials include a first hash of the collection of configuration change requests. The IMD validates an external device as the source by decrypting the signature using a key that is uniquely associated with the external device. The IMD verifies the transaction credentials and the configuration change requests of the programming package, and generates a second hash of the collection of configuration change requests. Responsive to both (i) the second hash matching the first hash and (ii) the transaction credentials and the configuration change requests being verified, the IMD executes the collection of configuration change requests to update an operating configuration of the IMD.
    Type: Grant
    Filed: June 7, 2022
    Date of Patent: December 24, 2024
    Assignee: Pacesetter, Inc.
    Inventors: Simon Skup, Mostafa Sadeghi, Eraj D. Kaluarachchi
  • Patent number: 12169571
    Abstract: A system for securely storing privacy information is provided. The system includes a plurality of nodes configured to maintain a distributed database containing consumer privacy information having a plurality of entries. Each entry of the plurality of entries in the distributed database is (i) encrypted with a unique encryption key associated with a consumer and the distributed database, and (ii) indexed based on a public encryption key associated with the consumer. A most recent entry associated with the consumer includes current personal information about the consumer. A first entry associated with the consumer includes an encrypted version of the unique encryption key.
    Type: Grant
    Filed: March 21, 2022
    Date of Patent: December 17, 2024
    Assignee: Cable Television Laboratories, Inc.
    Inventors: Brian A. Scriber, Steven J. Goeringer, Zane Hintzman
  • Patent number: 12164632
    Abstract: Techniques for automatically detecting unknown packers are disclosed. In some embodiments, a system/process/computer program product for automatically detecting unknown packers includes receiving a plurality of samples for malware packer detection analysis; performing a packer filter to determine whether each of the plurality of samples is packed; emulating each of the packed samples to extract a plurality of features; and clustering the packed samples based on the extracted features.
    Type: Grant
    Filed: May 25, 2022
    Date of Patent: December 10, 2024
    Assignee: Palo Alto Networks, Inc.
    Inventors: Chienhua Lu, Wenjun Hu
  • Patent number: 12164795
    Abstract: Methods, systems, and devices for improved inter-memory movement in a multi-memory system are described. A memory device may receive from a host device a command to move data from a first memory controlled by a first controller to a second memory controller by a second controller. The memory device may use the first and second controllers to facilitate the movement of the data from the first memory to the second memory via a path external to the host device. The memory device may indicate to the host device when to suspend activity to the first memory or the second memory and when to resume activity to the first memory or second memory.
    Type: Grant
    Filed: December 20, 2023
    Date of Patent: December 10, 2024
    Assignee: Micron Technology, Inc.
    Inventors: Sourabh Dhir, Kang-Yong Kim
  • Patent number: 12164441
    Abstract: A method, apparatus, and system for storing memory encryption realm key IDs is disclosed. A method comprises accessing a memory ownership table with a physical address to determine a realm ID associated with the physical address, accessing a key ID association structure with the realm ID to determine a realm key IS associated with the realm ID, and initiating a memory transaction based on the realm key ID. Once retrieved, the realm key ID may be stored in a translation lookaside buffer.
    Type: Grant
    Filed: August 28, 2023
    Date of Patent: December 10, 2024
    Assignee: QUALCOMM Incorporated
    Inventors: Darren Lasko, Roberto Avanzi, Thomas Philip Speier, Harb Abdulhamid, Vikramjit Sethi
  • Patent number: 12166761
    Abstract: Distinguishing between functional tracking domains and nonfunctional tracking domains on a host web page. In particular, a list of known tracking domains that load content into host web pages may be received. This list of tracking domains may include tracking domains that are functional and tracking domains that are nonfunctional. The tracking domains that are functional may be determined by evaluating various behaviors and characteristics of the tracking domains. Once functional tracking domains have been determined, these functional tracking domains may be allowed, and other tracking domains may be blocked from loading content onto host web pages thereby preserving the functionality of the web pages.
    Type: Grant
    Filed: February 2, 2024
    Date of Patent: December 10, 2024
    Assignee: GEN DIGITAL INC.
    Inventors: Iskander Sanchez Rola, Johann Roturier, David Luz Silva, Leylya Yumer, Daniel Marino, Petros Efstathopoulos
  • Patent number: 12164624
    Abstract: Disclosed are various embodiments for using machine learning models to identify appropriate security patterns to follow during the application development process. A computing device can receive a request to identify a collection of security patterns to apply to an application and then identify a plurality of features associated with the application. Next, the computing device can submit the plurality of features to a random forest machine learning model and receive a first set of security patterns in response. Then, the computing device can submit the plurality of features to a k-nearest neighbor (KNN) machine learning model and receive a second set of security patterns in response. Then, the computing device can identify a subset of the security patterns that is included in both the first set of security patterns and the second set of security patterns and return the subset of the security patterns.
    Type: Grant
    Filed: December 13, 2021
    Date of Patent: December 10, 2024
    Assignee: AMERICAN EXPRESS TRAVEL RELATED SERVICES COMPANY, INC.
    Inventors: Hiranmayi Palanki, Shankar Djeyassilane
  • Patent number: 12159052
    Abstract: A method of performing replication recovery operation in a disaggregated distributed storage system (DDSS) includes identifying an affected storage node included in the storage pool based on an occurrence of one or more predetermined conditions; selecting at least one replacement storage node from among one or more storage nodes included in the storage pool to recover replication data stored in the affected storage node; selecting at least one controller for performing a replication recovery operation from among one or more controllers included in the controller pool; and assigning one or more replication recovery jobs to the at least one controller; and receiving, by the replication recovery device, a notification from the at least one controller based on the one or more replication recovery jobs being completed.
    Type: Grant
    Filed: December 28, 2022
    Date of Patent: December 3, 2024
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Roshan R Nair, Arun George, Dinesh Ratra, Parag Jain, Preetham Parshwanath Jain, Rohit Kailash Sharma, Shivam, Vishak Guddekoppa
  • Patent number: 12160313
    Abstract: A transmitting device for supporting Hybrid Automatic Repeat Request (HARQ) includes scrambling and encoding, in which the order of scrambling and encoding is changed compared to the conventional transmitter. Likewise, a receiving device for supporting HARQ includes descrambling and decoding, in which the order of descrambling and decoding is changed compared to the conventional receiver. In particular, the transmitting device is configured to encode at least one data unit using Forward Error Correction (FEC) coding, scramble the encoded data unit based on a scrambling seed, provide an indication of the scrambling seed that is separate from the scrambled and encoded data unit, and transmit the indication of the scrambling seed and then the scrambled and encoded data unit to the receiving device.
    Type: Grant
    Filed: April 22, 2021
    Date of Patent: December 3, 2024
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Shimon Shilo, Leonid Epstein, Yaron Ben-Arie, Ezer Melzer
  • Patent number: 12153526
    Abstract: Technology for performing data duplication on data that was previously consolidated (e.g., deduplicated or merged). An example method may involve receiving a request to modify a memory page; causing the data at a first storage location to be decrypted using location dependent cryptographic input and then encrypted using a location independent cryptographic input; copying the encrypted data of the memory page from the first storage location to a second storage location; causing the encrypted data at the first and second storage locations to be decrypted using location independent cryptographic input and to each be encrypted using a different location dependent cryptographic input; updating, by the supervisor, one of the references of the plurality of memory pages from pointing to the first storage location in the physical memory to pointing to the second storage location; and modifying the memory page by altering data in the physical memory.
    Type: Grant
    Filed: June 6, 2022
    Date of Patent: November 26, 2024
    Assignee: Red Hat, Inc.
    Inventors: Henri Han Van Riel, Michael Tsirkin
  • Patent number: 12153721
    Abstract: A method of checking the authenticity of at least a first portion of the content of a non-volatile memory of an electronic device including a microcontroller and an embedded secure element is disclosed. The method includes starting the microcontroller with instructions stored in a first secure memory area associated with the microcontroller and starting the secure element. The secure element has a plurality of decipher keys, each associated with a portion of the content of a second reprogrammable non-volatile memory area associated with the microcontroller. The secure element performs a signature check on a first portion of the content of the second area. If the signature is verified, the secure element sends the decipher key associated with the first portion to the microcontroller. If the signature is not verified, the secure element executes a signature check on another portion of the content of the second memory area.
    Type: Grant
    Filed: August 8, 2023
    Date of Patent: November 26, 2024
    Assignee: PROTON WORLD INTERNATIONAL N.V.
    Inventor: Olivier Van Nieuwenhuyze
  • Patent number: 12147281
    Abstract: Example implementations include a method, apparatus, and computer-readable medium comprising downloading, from a backend server of a security/automation system of a premises, to a reset or replacement control panel of the security/automation system, backed-up device information of one or more devices in the security/automation system; and resuming operation of the one or more devices in the security/automation system, using the backed-up device information downloaded to the reset or replacement control panel.
    Type: Grant
    Filed: November 16, 2021
    Date of Patent: November 19, 2024
    Assignee: TYCO FIRE & SECURITY GMBH
    Inventors: Andy Hu, David Laone, Ross Werner, Heather J. Shook
  • Patent number: 12149529
    Abstract: Systems and methods for adaptive token verification are disclosed. For example, a system may include at least one memory storing instructions and one or more processors configured to execute the instructions to perform operations. The operations may include training a verification model to verify tokenized requests based on system identifiers. The operations may include receiving a tokenized request from an external system, the request comprising a system identifier of the external system. The operations may include generating output of the verification model based on the system identifier, and, based on the output, performing one of granting the request or blocking the request.
    Type: Grant
    Filed: November 21, 2023
    Date of Patent: November 19, 2024
    Assignee: Capital One Services, LLC
    Inventors: Allison Fenichel, Brice Elder, Varun Gupta
  • Patent number: 12143482
    Abstract: A storing information generation apparatus obtains registration information and an identifier capable of identifying the registration information, to generate a first individual key from the common key and the identifier, and to generate storing information obtained by linearly converting the registration information using the common key and the first individual key. A matching information concealment apparatus obtains matching information to generate concealed matching information concealing the matching information using an encryption key. A concealed similarity calculation apparatus calculates a concealed similarity from the storing information and the concealed matching information. A decryption apparatus generates a second individual key from the common key and the identifier, and calculates a similarity between the registration information and the matching information from the concealed similarity, a decryption key corresponding to the encryption key, the common key, and the second individual key.
    Type: Grant
    Filed: October 9, 2019
    Date of Patent: November 12, 2024
    Assignee: NEC Corporation
    Inventors: Haruna Fukuda, Toshiyuki Isshiki, Masahiro Nara, Hiroto Tamiya, Toshihiko Okamura
  • Patent number: 12141306
    Abstract: A method for integrity auditing is provided. The method comprises: generate a challenge message for verifying data integrity of a file stored at a storage server (510); send the challenge message to the storage server (520); receive, from the storage server, a proof on the data integrity of the file, the proof being generated based on the challenge message (530); verify the data integrity of the file by verifying validity of the proof (540). In this way, integrity auditing for multi-copy storage can be enabled, where the overhead in updating data is independent of the number of copies of the data.
    Type: Grant
    Filed: July 18, 2019
    Date of Patent: November 12, 2024
    Assignee: NOKIA TECHNOLOGIES OY
    Inventors: Anmin Fu, Jingyu Feng
  • Patent number: 12135799
    Abstract: The present disclosure relates to a method wherein a random value, generated by a random number generator, is stored, by a finite state machine coupled to the generator by a first dedicated bus, in a memory area of a non-volatile fuse-type memory of an integrated circuit, the memory area being only accessible by the finite state machine.
    Type: Grant
    Filed: March 15, 2022
    Date of Patent: November 5, 2024
    Assignee: STMicroelectronics (Grenoble 2) SAS
    Inventor: Mark Trimmer
  • Patent number: 12137172
    Abstract: In Secure-Asynchronous Signing, when a record is inserted into a collection of records by a user, the user specifies a registered digital certificate to associate with the record. The digital certificate was previously registered by the user. To subsequently sign a record, the user provides a digital signature. The digital signature is validated using data in the record and a public key of the digital certificate that was associated with the row. Invalid digital signatures are detected and rejected regardless of how long afterward the attempt to sign the row occurs after inserting the row.
    Type: Grant
    Filed: January 26, 2022
    Date of Patent: November 5, 2024
    Assignee: Oracle International Corporation
    Inventors: Sachin Vijakumar Sonawane, Juan R. Loaiza, Mahesh Baburao Girkar, Mark Rakhmilevich, Wei-Ming Hu
  • Patent number: 12136482
    Abstract: The invention provides, in some aspects, a system for implementing a rule derived basis to display anonymized image sets. In various embodiments of the invention, users with the appropriate permission can launch a function inside a system in order to anonymize and export the currently loaded study or studies, or one or more studies identified by a search criteria. The data from the studies that were identified is then anonymized on the system using predefined rules. In an embodiment of the present invention, the data from selected studies is anonymized on a server, and only then transmitted to another network device thus minimizing the risk that protected health information can be inadvertently disclosed. In an alternative embodiment of the present invention, the data from selected studies is anonymized on a server, and only the anonymized data is stored to the hard disk or other media of a user viewing the study.
    Type: Grant
    Filed: October 26, 2023
    Date of Patent: November 5, 2024
    Assignee: PME IP PTY LTD
    Inventors: Detlev Stalling, Malte Westerhoff
  • Patent number: 12131150
    Abstract: A method for patch management is described. The method includes downloading a patch that is incompatible with a patch management system. The method also includes creating an archive that is executable by the patch management system. The archive includes the incompatible patch. The method further includes sending the archive to the patch management system.
    Type: Grant
    Filed: November 22, 2019
    Date of Patent: October 29, 2024
    Assignee: Ivanti, Inc.
    Inventors: Michael Fahland, Nicholas Krueger, Sean McDonald
  • Patent number: 12130903
    Abstract: A method and system for authenticating soft part updates to an electronic control unit (ECU) or other processing device is contemplated. The authenticating may include a back office providing authentication data to a programming tool whereupon the ECU interacts with the programming tool to authenticate the soft part updates. The authenticating may optionally include the ECU identifying whether the soft part update is to be authenticated according to different types of authentications.
    Type: Grant
    Filed: March 17, 2022
    Date of Patent: October 29, 2024
    Assignee: GM Global Technology Operations LLC
    Inventor: Brian Farrell
  • Patent number: 12131270
    Abstract: Described processes include: determining portions of instances of a cryptographic token to be allocated to record providers, like providers of an asset indicated by a record, wherein: the portions are determined based on network effects associated with the records the record provider supplied on performance of a computer-implemented network in which both record providers and record consumers participate, patterns indicative of inorganic consumption may be determined from one or more of interactions of individual consumers, interactions of collections of consumers, or consumer interactions in the aggregate for a given provider or record; and the effects on network performance are adjusted responsive to designation of one or more entities as exhibiting inauthentic behavior; and appending to a distributed ledger, records indicating the respective portions, and adjustments, are allocated to record providers.
    Type: Grant
    Filed: January 26, 2023
    Date of Patent: October 29, 2024
    Assignee: Rokfin, Inc.
    Inventors: Scott Augustine, Martin Floreani
  • Patent number: 12124597
    Abstract: Aspects of the subject disclosure may include, for example, a method that includes receiving user input to configure a secure storage unit (SSU) having a first portion attached to a network and storing encrypted data, a second portion attached to the network and storing unencrypted data, and a third portion attachable to the network. The user input defines a security level for each portion. The method also includes receiving a data object for storage in the SSU, and determining a data security level for the data object; the data security level is determined by user input regarding the data object and/or analysis of the data object by the processing system, and the analysis includes analysis of attributes of the data object and/or content of the data object. The method further includes storing the data object in the SSU according to the data security level. Other embodiments are disclosed.
    Type: Grant
    Filed: July 19, 2022
    Date of Patent: October 22, 2024
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Stephen J. Griesmer, Himanshu Ranpura
  • Patent number: 12126716
    Abstract: An operator for a global total order broadcast domain may send an operation out of band to nodes of participating parties, receive a certificate and a signature on an operation identifier for each participating node, generate a randomness vectors for each party participating in the operation, generate a random symmetric encryption key, encrypt the certificates, the signatures, and the randomness vector for each participating party with the symmetric encryption key, encrypt the symmetric encryption key under each public key for each participating party, and hash the symmetric encryption key, and recording, by the operator, the hashed symmetric encryption key on the global total order broadcast domain.
    Type: Grant
    Filed: September 10, 2021
    Date of Patent: October 22, 2024
    Assignee: International Business Machines Corporation
    Inventors: Yacov Manevich, Jason Karl Yellick
  • Patent number: 12120101
    Abstract: One example described herein includes a system that can perform an inflight encryption of data from a server to a network attached storage (NAS) device. The system can include a first network adapter card that can receive data from the server via a network file system (NFS) protocol. The first network adapter card can determine that the data is unencrypted based at least in part on receiving the data via an NFS port of the server. The first network adapter card can encrypt the data based at least in part on the data being received via the NFS port. The system can transmit the encrypted data to the NAS device via a second network adapter card, where the second network adapter card is configured to decrypt the encrypted data.
    Type: Grant
    Filed: June 29, 2022
    Date of Patent: October 15, 2024
    Assignee: Truist Bank
    Inventors: Kenneth Hall, Michael Radonis, Bobby Len Robins
  • Patent number: 12118130
    Abstract: Systems, methods, and apparatuses for low-latency page efficient chained decryption and decompression acceleration are described.
    Type: Grant
    Filed: March 27, 2021
    Date of Patent: October 15, 2024
    Assignee: Intel Corporation
    Inventor: Vinodh Gopal
  • Patent number: 12120237
    Abstract: A computer-implemented method includes a request server receiving data representing user credentials from an application server and assigning a transient token to the received user credentials. The request server initiates transmission of the user credentials and the assigned transient token to a de-identification server. The de-identification server generates a unique token from the user credentials and initiates transmission of the generated unique token and the assigned transient token to a de-identified data server. The de-identified data server receives data representing personal information corresponding to the user credentials and initiates transmission of the received personal information and the assigned transient token to an analytic server. The analytic server initiates transmission to the request server personalized content attained from the received personal information and the transient token.
    Type: Grant
    Filed: March 29, 2024
    Date of Patent: October 15, 2024
    Assignee: Vigilytics LLC
    Inventor: Andrew L. Paris, III
  • Patent number: 12114166
    Abstract: The invention relates to a method for setting up a subscription profile in a subscriber identity module, preferably an embedded UICC, wherein the following method steps take place in the subscriber identity module: receiving a subscription profile encrypted with a cryptographic key of a subscription server, wherein the cryptographic key for decrypting the subscription profile is unknown to the subscriber identity module at the time of receiving; storing the encrypted subscription profile without decrypting the subscription profile; receiving the cryptographic key at a time after the storing step; decrypting the encrypted subscription profile with the cryptographic key; and installing the decrypted subscription profile to set up the subscription profile in the subscriber identity module. The invention also relates to a corresponding method in a subscription server, a subscriber identity module, and a computer program product.
    Type: Grant
    Filed: May 19, 2020
    Date of Patent: October 8, 2024
    Assignee: GIESECK+DEVRIENT MOBILE SECURITY GERMANY GMBH
    Inventor: Nils Nitsch
  • Patent number: 12105805
    Abstract: A method, computer program product, and a system where a secure interface control configures a hardware security module for exclusive use by a secure guest. The secure interface control (“SC”) obtains a configuration request (via a hypervisor) to configure the hardware security module (HSM), from a given guest of guests managed by the hypervisor. The SC determines if the HSM is already configured to a specific guest of the one or more guests, but based on determining that the HSM is not configured to the and is a secure guest the SC forecloses establishing a configuration of the HSM by limiting accesses by guests to the HSM exclusively to the given guest. The SC logs the given guest into the HSM by utilizing a secret of the given guest. The SC obtains, from the HSM, a session code and retains the session code.
    Type: Grant
    Filed: October 7, 2022
    Date of Patent: October 1, 2024
    Assignee: International Business Machines Corporation
    Inventors: Reinhard T. Buendgen, Tamas Visegrady, Ingo Franzki
  • Patent number: 12108096
    Abstract: A processing service of a provider network may protect media content from being tampered with when it is transmitted from the provider network/transcoder to untrusted networks (e.g., third-party networks/CDNs) and to a media player. The processing service (e.g., the transcoder) generates a public and a private key. The service uses the private key to digitally sign content portions (e.g., video frames) before distribution to untrusted CDNs. The provider network creates a manifest that includes the public key. To play the media content, the media player obtains a manifest that includes the public key (via a secure/trusted connection with the provider network). The media player may then obtain the media content from an untrusted edge server/CDN and validate it using the public key that was separately obtained from the manifest (to verify the content was not tampered with).
    Type: Grant
    Filed: June 6, 2023
    Date of Patent: October 1, 2024
    Assignee: Amazon Technologies, Inc.
    Inventors: Selvanayagam Sendurpandian, Ross Engers, Luke Curley, Nikhil Purushe, Andrew Francis, Daniel Lin, Tarek Amara, Shuhan Jin, Levi Lovelock, Berk Taner, Yann Landry, Neeraj Satish Joshi, Jean-Sebastien Royer
  • Patent number: 12105811
    Abstract: A system and method that utilize an encryption engine endpoint to encrypt data in a data storage system are disclosed. In the system and method, the client controls the encryption keys utilized to encrypt and decrypt data such that the encryption keys are not stored together with the encrypted data. Therefore, once data is encrypted, neither the host of the data storage system, nor the encryption engine endpoint have access to the encryption keys required to decrypt the data, which increases the security of the encrypted data in the event of, for example, the data storage system being accessed by an unauthorized party.
    Type: Grant
    Filed: March 21, 2022
    Date of Patent: October 1, 2024
    Assignee: Eidetic Communications Inc.
    Inventors: Stephen Bates, Saeed Fouladi Fard
  • Patent number: 12105809
    Abstract: This disclosure relates to a non-intrusive method of detecting security flaws of a computer program APP. The method comprises a step of installing and executing an executable and non-instrumentalized version of the program APP in a computer system 1, the computer system 1 comprising at least one cryptographic function able to be called by the program APP. It also comprises, in the course of the execution of the program, a step of recording in a tracing file the modalities of calls to the cryptographic function and, after the execution of the program, a step of analyzing the tracing file so as to devise a data structure of the states taken by the cryptographic object manipulated in the course of the execution of the program. The data structure is analyzed to detect calls to the cryptographic function that are liable to form a security flaw.
    Type: Grant
    Filed: July 31, 2023
    Date of Patent: October 1, 2024
    Assignee: Cryptosense SAS
    Inventors: Bertrand Bonnefoy-Claudet, Etienne Millon, Nathan Rebours, Graham Steel
  • Patent number: 12099747
    Abstract: Write removal for solid-state drives can be managed. For example, a computing device can designate a space of a solid-state drive (SSD) for a write of container. The computing device can store the write for the container in the space in response to loading the container for executing the container. The computing device can determine an end to an execution phase for the container. In response to determining the end to the execution phase, the computing device can remove the write from the space of the SSD.
    Type: Grant
    Filed: December 22, 2020
    Date of Patent: September 24, 2024
    Assignee: RED HAT, INC.
    Inventors: Gabriel Zvi BenHanokh, Orit Wasserman
  • Patent number: 12099585
    Abstract: A computer-implemented method for remotely verifying an identity of a user is presented. The method comprises a first data processing device (120) receiving a live video stream (102) of the user from a second data processing device (140) via a video data connection (108) having a video bandwidth. Establishing a separate data connection (110) between the first (120) and second (140) data processing devices, the data connection (110) having a data bandwidth. The first data processing device (120) receiving, via the data connection (110), identifying data (104) captured from an identifying means from the second data processing device (140), or another data processing device. The first data processing device (120) determining first biometric data based on the identifying data (104) and comparing to second biometric data based on the live video stream (102).
    Type: Grant
    Filed: September 12, 2019
    Date of Patent: September 24, 2024
    Assignee: ISX IP Ltd
    Inventor: Nickolas John Karantzis
  • Patent number: 12093402
    Abstract: Replicating data using inferred trust, including: receiving, by a first storage system from a computing device, data encrypted using a first encryption key; decrypting, by the first storage system, the encrypted data using the first encryption key; encrypting, by the first storage system, the decrypted data using a second encryption key; storing, on the first storage system, the data encrypted using the second encryption key; sending, from the first storage system to the second storage system, the data; and servicing, by the second storage system, an input/output (‘I/O’) operation directed to the data.
    Type: Grant
    Filed: July 24, 2020
    Date of Patent: September 17, 2024
    Assignee: PURE STORAGE, INC.
    Inventors: Ronald Karr, Constantine Sapuntzakis, John Colgrove
  • Patent number: 12095756
    Abstract: Provided is an API invoker of performing an onboarding. The API invoker includes a transceiver and a processor coupled with the transceiver and configured to obtain, from a service provider, onboarding information including an onboarding credential and information of a CAPIF core function, establish a secure session with the CAPIF core function based on the onboarding information and control the transceiver to transmit, to the CAPIF core function, an onboard API invoker request message along with the onboarding credential and to receive an onboard API invoker response message based on a result of a validating the onboarding credential at the CAPIF core function.
    Type: Grant
    Filed: April 8, 2019
    Date of Patent: September 17, 2024
    Assignee: Samsung Electronics Co., Ltd
    Inventors: Nishant Gupta, Rajavelsamy Rajadurai, Narendranath Durga Tangudu
  • Patent number: 12088725
    Abstract: Disclosed is a method, a device, and/or a system of authentication through use of an unforgeable hash function-based credential. In one embodiment, method for electronic authentication includes receiving an authentication request including an identity claim from a first device, the identity claim including a device root hash computed by a hash function using inputs comprising a previously calculated hash value of the device. The method retrieves data of a user profile associated with the first device, the user profile including a profile root hash computed by the hash function using inputs comprising a previously calculated hash value of the user profile. The method extracts the profile root hash and compares the device root hash with the profile root hash. The method determines that the device root hash and the profile root hash are not identical, denies the authentication request, and optionally locks the user profile.
    Type: Grant
    Filed: April 26, 2022
    Date of Patent: September 10, 2024
    Assignee: THE ONLI CORPORATION
    Inventors: Dhryl Anton, Michael McFall
  • Patent number: 12087331
    Abstract: An End of Data Set (EOD) including a High Resolution Tape Directory (HRTD) is written at a position next to a last written user data set on a tape. When appending a new user data set, the new user data set is written starting from a position next to an end longitudinal position (LPOS) of the EOD to generate an overwritten EOD.
    Type: Grant
    Filed: December 19, 2022
    Date of Patent: September 10, 2024
    Assignee: International Business Machines Corporation
    Inventor: Tsuyoshi Miyamura
  • Patent number: 12088710
    Abstract: This document describes techniques for rotating keys used to tokenize data stored in a streaming data store where data is stored for a maximum time [W]. In some embodiments, a data layer of such a data store can encrypt arriving original data values twice. The original data value is first encrypted with a first key, producing a first token. The original data value is encrypted with a second key, producing a second token. Each encrypted token can be stored separately in the data store. A field may be associated with two database columns, one holding the value encrypted with the first key and the second holding the value encrypted with the second key. Keys are rotated after time [K], which is at least equal to and preferably longer than [W]. Rotation can involve discarding the older key and generating a new key so that two keys are still used.
    Type: Grant
    Filed: October 20, 2023
    Date of Patent: September 10, 2024
    Assignee: Akamai Technologies, Inc.
    Inventors: Eugene (John) Neystadt, Jonathan Herzog, Ittay Dror, Elisha Ben-Zvi
  • Patent number: 12088862
    Abstract: A method for encapsulating encoded media data corresponding to a wide view of a scene, the method comprising: obtaining a projected picture from the wide view of the scene; splitting the projected picture into at least one sub-picture; encoding the at least one sub-picture into a plurality of tracks; generating descriptive metadata associated with the encoded tracks, the descriptive metadata comprise a first information associated with each track being indicative of a spatial relationship between the at least one sub-picture encoded in the track and a reference picture; wherein the descriptive metadata further comprises a second information indicating the reference picture.
    Type: Grant
    Filed: June 5, 2019
    Date of Patent: September 10, 2024
    Assignee: Canon Kabushiki Kaisha
    Inventors: Frédéric Maze, Franck Denoual, Naël Ouedraogo