Policy Patents (Class 726/1)
  • Patent number: 12038997
    Abstract: Systems and methods for snippet packet generation can include obtaining input data (e.g., input data descriptive of a gesture). The input data can be processed to determine a content item selected by the input. A snippet packet can be generated based on the content item, which can include the content item, address data, and location data. The snippet packet can be configured to be interacted with in order to navigate to the source web page of the content item including navigating to the specific portion of the web page that includes the content item.
    Type: Grant
    Filed: December 15, 2022
    Date of Patent: July 16, 2024
    Assignee: GOOGLE LLC
    Inventors: Srikanth Jalasutram, Wesley Stuurman, Xingyue Chen, Naoki Koguro, Ryuichi Hoshi, Xuchao Chen
  • Patent number: 12041026
    Abstract: In a reverse address resolution method, a sender electronic device broadcasts a first request packet. An Ethernet payload of the first request packet includes a media access control (MAC) address of a target electronic device. After receiving the first request packet, the target electronic device determines that an IP address of the target electronic device is requested, and returns a first reply packet. An Ethernet payload of the first reply packet includes the internet protocol (IP) address of the target electronic device. According to the technical solutions provided in this application, the sender electronic device obtains the IP address of the target electronic device based on the MAC address of the target electronic device through interaction at a data link layer. Therefore, in a mobile distributed system, the IP address of the target electronic device is quickly obtained without relying on a server.
    Type: Grant
    Filed: May 29, 2021
    Date of Patent: July 16, 2024
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventor: Gang Chen
  • Patent number: 12039043
    Abstract: A method of dynamic residential threat detection is disclosed. The method includes a packet selection component on a customer premises equipment (CPE) sending a predefined number of packets of each of a plurality of communication sessions to a detection engine based on packet selection rules. The method also includes the detection engine on the CPE receiving and inspecting the predefined number of packets. The method further includes a dynamic optimizing component on the CPE monitoring one or more factors and creating and sending updated packet selection rules based on the monitored factor(s) to the packet selection component. The method additionally comprises the packet selection component sending a different predefined number of packets of each of a second plurality of communication sessions to the detection engine based on the updated packet selection rules. The method further includes the detection engine receiving and inspecting the different predefined number of packets.
    Type: Grant
    Filed: November 30, 2021
    Date of Patent: July 16, 2024
    Assignee: CYBER ADAPT, INC.
    Inventors: Simon Williams, Michael Weinberger, Sam Stover, David Kramer
  • Patent number: 12040939
    Abstract: Embodiments described herein are directed to configuring managed computing devices utilizing containerized applications. For instance, a mobile device manager may provide configuration settings to a computing device via, for example, an enterprise network. A host operating system (OS) executing on the computing device determines and applies the settings that are applicable to the host OS. The configuration settings are stored for configuring containerized applications executing on the computing device. For instance, as new containerized applications are launched by the host OS, the containerized applications retrieve the configuration settings and determine and apply the settings that are applicable to the containerized applications. Results of applying the configuration settings to the host OS and the containerized applications are merged and sent to the mobile device manager.
    Type: Grant
    Filed: March 29, 2023
    Date of Patent: July 16, 2024
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Peter J. Kaufman, Shayak Lahiri, Yi Zhao, Go Komatsu
  • Patent number: 12041073
    Abstract: Systems and methods for mapping IP addresses to an entity include receiving at least one domain name associated with the entity. Embodiments may further include determining one or more variations of the at least one domain name based on analysis of domain name data collected from a plurality of domain name data sources that mention a variation of the at least one domain name. Some embodiments may also include identifying one or more IP addresses pointed to by the one or more variations of the entity's domain name based on analysis of IP address data collected from a plurality of IP address data sources. Additional embodiments include assigning weights to each of the identified one or more IP addresses and creating a mapping of IP addresses to associate with the entity based on analysis of the weighted one or more IP addresses.
    Type: Grant
    Filed: April 28, 2023
    Date of Patent: July 16, 2024
    Assignee: SecurityScorecard, Inc.
    Inventors: Aleksandr Yampolskiy, Rob Blackin, Samuel Kassoumeh, Nick Matviko
  • Patent number: 12041031
    Abstract: A method and scalable security service is implemented by a service provider in association with a set of cloud computing services. The method begins by the service provider provisioning a plurality of data lakes across one or more cloud computing services. A data lake is provisioned within a private data cloud of the one or more cloud computing services. To provide scalable security, the service provider configures a virtual firewall in each of two or more regions of the one or more cloud computing services. In particular, the firewall in a given region is associated with a subset of the plurality of data lakes, and wherein the subset comprises at least first and second data lakes associated to at least first and second distinct external enterprise networks. Using the virtual firewall, the service provider then enforces security requirements associated with the subset of the plurality of data lakes via the virtual firewall.
    Type: Grant
    Filed: August 3, 2021
    Date of Patent: July 16, 2024
    Assignee: Cazena, Inc.
    Inventors: Brian LaChance, Lisa Bielefeld, John Piekos
  • Patent number: 12039671
    Abstract: Systems and methods for detecting an unauthorized virtual object in a mobile device are disclosed. In an aspect, a mobile device may receive an image from a camera. The mobile device may detect a virtual object displayed on a display of a mobile device included in the image. The mobile device may receive data from an inertial measurement unit (IMU) after a movement of the mobile device. The mobile device may determine an estimated new position of the virtual object based on the data received from the IMU. The mobile device may determine an actual position of the virtual object after receiving the data from the IMU. The mobile device may determine a difference between the estimated new position and the actual position of the virtual object. The mobile device may determine whether the virtual object is the unauthorized virtual object based on the difference.
    Type: Grant
    Filed: July 21, 2022
    Date of Patent: July 16, 2024
    Assignee: QUALCOMM Incorporated
    Inventors: Diyan Teng, Mehul Soman
  • Patent number: 12039019
    Abstract: A computing system for securely managing access to resources of a computing device receives an input at a secure login of a user interface. The computing system compares the input to a plurality of stored security measures and activates one of an operating system or a configuration of a false desktop system. A user interface of the false desktop system shares characteristics with a user interface of an operating system and restricts access to specified files, data stores, applications, networking functions, and/or ports associated with the computing system. When configured, the false desktop system or the operating system is enabled based on the location of the computing system. When configured, the false desktop system deletes files, data stores, and applications of the operating system.
    Type: Grant
    Filed: October 27, 2022
    Date of Patent: July 16, 2024
    Assignee: Bank of America Corporation
    Inventors: Daniel Horne, George Albero, Robert A. Lang
  • Patent number: 12041077
    Abstract: One example method includes collecting, in a closed network, raw network traffic from one or more devices in the closed network, extracting metadata from the raw network traffic, processing the metadata, analyzing the metadata after the metadata has been processed, and based on the analyzing, determining whether or not an actual attack or attack threat is present in the closed network. If an attack or threat of attack is determined to exist, one or more remedial actions may then be taken.
    Type: Grant
    Filed: January 27, 2021
    Date of Patent: July 16, 2024
    Assignee: EMC IP Holding Company LLC
    Inventors: Ohad Arnon, Dany Shapiro, Shiri Gaber
  • Patent number: 12041092
    Abstract: Methods, devices and systems for providing a robust and secure cloud-based platform for data processing and management are described. In an example, a method for improving the configurability and compliance of a cloud-computing environment comprising a plurality of zones includes receiving, at a configuration engine, a plurality of parameters and a plurality of security rules for each of the plurality of zones, creating, based on the plurality of parameters, a virtual network and one or more subnets for each of the plurality of zones, and updating, based on the plurality of security rules, one or more routing tables assigned to the one or more subnets to ensure traffic to and from a zone of the plurality of zones passes through a corresponding firewall of the zone.
    Type: Grant
    Filed: July 2, 2021
    Date of Patent: July 16, 2024
    Assignee: Sentara Healthcare
    Inventors: Matthew Douglas, Jay Canfield, Samuel Snow, Jeffrey Thomas, Daniel Bowden
  • Patent number: 12041448
    Abstract: Methods and systems for controlling permissions of a UE for accessing a network. A method disclosed herein includes initiating, by a User Equipment (UE), a registration procedure with a serving network for accessing a selected network, wherein the selected network includes one of at least one CAG cell of an NPN and a VPLMN. The registration procedure indicates a network selection mode using which the UE has selected the network and the network selection mode includes one of an automatic mode and a manual mode. The method further incudes determining, by the serving network, a reject mode for rejecting the registration request of the UE based on the network selection mode indicated in the registration request, when the permissions of the UE to access the selected network have not been verified, wherein the reject mode includes a protected reject mode and an unprotected reject mode.
    Type: Grant
    Filed: September 29, 2020
    Date of Patent: July 16, 2024
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Rajavelsamy Rajadurai, Kundan Tiwari, Anikethan Ramakrishna Vijaya Kumar, Narendranath Durga Tangudu, Lalith Kumar
  • Patent number: 12041456
    Abstract: A local profile management method includes an embedded universal integrated circuit card (eUICC) and a terminal. The eUICC includes a primary platform and at least one installed bundle. The primary platform is a hardware platform. Each bundle includes at least one profile and an operating system (OS). The primary platform includes a processing module configured to receive a first message sent by a local profile assistant (LPA), where the first message is an operation instruction entered by a user, and separately send a second message to at least one OS corresponding to the at least one bundle, where the second message is used by the at least one OS to perform a corresponding operation. Local management of profiles of different OSs is implemented using the processing module disposed on the primary platform of the eUICC.
    Type: Grant
    Filed: October 25, 2022
    Date of Patent: July 16, 2024
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Xiaobo Yu, Shunan Fan
  • Patent number: 12032528
    Abstract: An information sharing method, an apparatus, an electronic device, and a storage medium are provided. The method includes: determining, in response to a file sharing request initiated by a sharing party, a file-for-sharing corresponding to the file sharing request; determining a sharing strategy for the file-for-sharing, including determining the sharing strategy for the file-for-sharing based on attribute information of the file-for-sharing, where the attribute information comprises a storage address; and sharing, based on the sharing strategy, the file-for-sharing to preset clients participating in sharing. In the method, the sharing strategy for the file-for-sharing is based on based on the storage address of the file in response to the storage address being a cloud address.
    Type: Grant
    Filed: October 2, 2023
    Date of Patent: July 9, 2024
    Assignee: BEIJING BYTEDANCE NETWORK TECHNOLOGY CO., LTD.
    Inventors: Zhihui Ha, Qianyi Xu, Guanghan Zhang, Jingyi Zhang, Xiaotao Nie, Zhongyang Guo, Tao Chen, Yutao Wu, Qi Zhang, Rundong Liu, Shun Huang, Minming Zhou, Gewei Yang, Jiaqi Chen, Yin Shi, Bin Zhu, Shuhan Lu
  • Patent number: 12034772
    Abstract: A system may include a traffic interception module configured to intercept network traffic of a host device. A traffic virtualization module may be configured to generate a virtual file on the host device containing the intercepted network traffic. A security system interface module may be configured to provide the virtual file to a secure digital security system over a virtualized file interface coupling the host device to the secure digital security system, and to receive instructions to allow or to deny the network traffic from the secure digital security system over the virtualized file interface. A traffic access management module may be configured to allow or to deny the network traffic based on the instructions.
    Type: Grant
    Filed: August 29, 2023
    Date of Patent: July 9, 2024
    Assignee: CUPP Computing AS
    Inventor: Omar Nathaniel Ely
  • Patent number: 12032703
    Abstract: According to an aspect, a method is provided that includes: receiving a first report from at least a first vulnerability evaluation tool; pre-processing the first report by at least tokenizing the first report and generating a first vector for a first text portion of the first report; providing, to a machine learning model, the first vector as an input; classifying, by the machine learning model, the first vector based on a plurality of vulnerability vectors generated from a database of vulnerability policies required for an evaluation of the application; and outputting, by the machine learning model, a first indication of a first match between the first vector and a first vulnerability vector of the plurality of vulnerability vectors, the first indication representing a presence in the application of a first vulnerability mapped to the first vulnerability vector of the plurality of vulnerability vectors generated from the database of vulnerability policies.
    Type: Grant
    Filed: July 6, 2021
    Date of Patent: July 9, 2024
    Assignee: SAP SE
    Inventor: Ronald Del Rosario
  • Patent number: 12032719
    Abstract: An electronic device and a method for controlling thereof is provided. The electronic device includes a memory including a neural network model, a display, a communicator including circuitry, and a processor configured to identify, based on a user command to transmit a first image to an external device being input, whether private information of a user is included in the first image by inputting the first image in the neural network model, based on identifying that private information of the user is included in the first image, display a first user interface (UI) asking whether to process at least one private information based on the private information included in the first image, and based on a user command input through the first UI, process the first image and control the communicator to transmit the processed to the external device.
    Type: Grant
    Filed: November 1, 2021
    Date of Patent: July 9, 2024
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Juyong Song, Ilgu Kang, Chiyoun Park, Dongjae Lim, Hyunjoo Jung, Sunghyun Choi, Jungwook Kim
  • Patent number: 12034735
    Abstract: A method includes: accessing objects, generated by a set of sources, representing attributes of assets, affiliated with a computer network, including a set of endpoint devices and a first application; partitioning the objects into object groups including a first object group representing the first application; aggregating objects in the first object group into a first user container representing the first application during the first time interval; and, in response to selection of the first application at an operator portal: generating a visualization representing a subset of endpoint devices, in the set of endpoint devices, on which the first application is installed during the first time interval based on a set of attributes, exhibited by the first application during the first time interval, contained in the first application container; and rendering the visualization at the operator interface.
    Type: Grant
    Filed: September 22, 2023
    Date of Patent: July 9, 2024
    Assignee: Sevco Security, Inc.
    Inventors: Jeffrey J. Guy, Dean Mekkawy, Nevins Bartolomeo, Luis Diego Cabezas, Aaron Griffin, Jacob Hackett, Michael Alfonse, Craig Cason, Mark Shipley, Jason McFarland, Nicholas Murdock, Steve Taylor, Aaron Smith
  • Patent number: 12034768
    Abstract: A system for phishing domain detection receives a communication associated with a particular domain. The system extracts a first set of features from the communication, the first set of features including a name of the sender, a name of the domain, a time of receipt, a sentiment message, and attachment file associated with the communication. The system compares the first set of features with a second set of features associated with a historical communication labeled with a phishing domain. In response to determining that the first set of features corresponds to the second set of features, the system determines that the particular domain is the phishing domain.
    Type: Grant
    Filed: April 14, 2021
    Date of Patent: July 9, 2024
    Assignee: Bank of America Corporation
    Inventors: Michael Robert Young, Kelly Renee-Drop Keiter, Richard Martin Seymour Scot, Cody Dean Searl
  • Patent number: 12034773
    Abstract: Embodiments govern cloud environments using a policy engine. A plurality of policy definitions for governing a plurality of managed environments can be received at a policy engine, each policy definition including one or more conditions and one or more actions, where the managed environments implement cloud based virtual machines that host cloud based applications. Events that relate to one or more of the managed environments can be received at the policy engine. Conditions for the policy definitions can be evaluated by the policy engine, where conditions for a first policy definition are triggered based on one or more of the received events. Based on the evaluating, one or more actions of the first policy definition can be performed, the one or more actions changing a first managed environment that is governed by the first policy definition.
    Type: Grant
    Filed: August 2, 2021
    Date of Patent: July 9, 2024
    Assignee: Oracle International Corporation
    Inventors: Asif Ibrahimkutty, Biju Narayanan
  • Patent number: 12034702
    Abstract: Apparatus and methods for enhanced kernel security in a cloud environment is provided. The apparatus may include a system architecture including a firewall intercepting all incoming data packets routed to the kernel. The firewall may accept or reject a packet based on a rules-based determination comprising extracting a packet header from the packet, identifying a rule stored in a rules database associated with the packet header, the rule defining an allowable executable command for being included in the packet. The system architecture may include a validator configured to extract a signature from the packet, the signature comprising cryptography hash values, and query a signature vault to identify a stored signature identical to the extracted signature. The system architecture may further include an approver for routing the packet to the kernel and the kernel for running one or more containers in the cloud environment.
    Type: Grant
    Filed: January 31, 2022
    Date of Patent: July 9, 2024
    Assignee: Bank of America Corporation
    Inventor: Elvis Nyamwange
  • Patent number: 12026239
    Abstract: A sound-based method and system of performing an authentication of a person in order to permit access to a secured resource is disclosed. The system and method are configured to collect audio data from an end-user in real-time that corresponds to ambient sounds for their alleged location. The audio data is compared to verified audio data for the actual location. The system can determine whether there is a match between the user audio data and audio data previously collected and stored in a database or obtained from an audio service provider. If there is a match, the system verifies an identity of the person and can further be configured to automatically grant the person access to one or more services, features, or information for which he or she is authorized.
    Type: Grant
    Filed: March 11, 2021
    Date of Patent: July 2, 2024
    Assignee: United Services Automobile Association (USAA)
    Inventors: Brian Tougas, William Daniel Farmer, Ruthie D. Lyle, Kelly Q. Baker, Ryan Thomas Russell, Noe Alberto Martinez
  • Patent number: 12026469
    Abstract: Aspects of the disclosure relate to detecting random and/or algorithmically-generated character sequences in domain names. A computing platform may train a machine learning model based on a set of semantically-meaningful words. Subsequently, the computing platform may receive a seed string and a set of domains to be analyzed in connection with the seed string. Based on the machine learning model, the computing platform may apply a classification algorithm to the seed string and the set of domains, where applying the classification algorithm to the seed string and the set of domains produces a classification result. Thereafter, the computing platform may store the classification result.
    Type: Grant
    Filed: November 18, 2021
    Date of Patent: July 2, 2024
    Assignee: Proofpoint, Inc.
    Inventors: Hung-Jen Chang, Gaurav Mitesh Dalal, Ali Mesdaq
  • Patent number: 12028373
    Abstract: A system for preventing communications from detected phishing domains receives a communication associated with a particular domain. The system determines that the particular domain is a phishing domain. In response, in one embodiment, the system registers the particular domain in a Domain Name System (DNS) server to block the communication and future communications associated with the particular domain from being received at computing devices operably coupled with the DNS server. In another embodiment, the system registers the particular domain in the DNS server, such that the communication and future communications associated with the particular domain are re-routed to a particular server to monitor phishing activities implemented on the communications, where the phishing activities comprise attempting to obtain login credentials and private information associated with receivers of the communication and future communications.
    Type: Grant
    Filed: April 14, 2021
    Date of Patent: July 2, 2024
    Assignee: Bank of America Corporation
    Inventors: Michael Robert Young, Kelly Renee-Drop Keiter, Richard Martin Seymour Scot, Cody Dean Searl
  • Patent number: 12027073
    Abstract: Polymorphic encryption is described in a way to restrict access and enhance security of a data vault. In an example, the data vault has a primary partition with a first subset of records having an encrypted value for each of at least a portion of the fields encrypted according to a first encryption scheme. A secondary partition has a second subset of the records encrypted according to a second encryption scheme that is different from the first encryption scheme. The first encryption scheme is configured to permit a first set of operations on the values when the values are encrypted and the second encryption scheme is configured to permit a second set of operations on the values when the values are encrypted.
    Type: Grant
    Filed: June 30, 2021
    Date of Patent: July 2, 2024
    Assignee: SKYFLOW, INC.
    Inventors: Anshu Sharma, Prakash Khot, Pradeep Reddy, Roshmik Saha
  • Patent number: 12028381
    Abstract: A system is provided including a database and a server. The database stores a plurality of cloud computing service accounts created on a cloud computing platform, a plurality of roles associated with each cloud computing service account, and a plurality of policies associated with each role. The server is in data communication with the database and containing a role risk rating engine. The role risk rating engine is configured to: select a first role of the plurality of roles from the database; retrieve the plurality of policies associated with the first role; determine a risk rating for the first role based on the plurality of policies associated with the first role; store the risk rating of the first role in the database; receive a query requesting the risk rating of the first role; and in response to the query, transmit the risk rating of the first role.
    Type: Grant
    Filed: April 25, 2023
    Date of Patent: July 2, 2024
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Stephen Cirelli, Daniel Girard, Ellis Hammer
  • Patent number: 12019638
    Abstract: Systems and methods are described herein for extrapolating trends in trust scores. A trust score may reflect the trustworthiness, reputation, membership, status, and/or influence of the entity in a particular community or in relation to another entity. An entity's trust score may be calculated based on data from a variety of data sources, and this data may be updated periodically as data is updated and new data becomes available. However, it may be difficult to update a trust score for an entity due to a scarcity of information. The trust score for such entities may be updated based on trends observed for the updated trust scores of other entities over a similar period of time. In this manner, trust scores may be updated for entities for which updated data is not available.
    Type: Grant
    Filed: April 21, 2022
    Date of Patent: June 25, 2024
    Assignee: WWW.TRUSTSCIENCE.COM INC.
    Inventors: Chris Trudel, Ashif Mawji
  • Patent number: 12021890
    Abstract: A method, apparatus, and system for a smart space rating service (106) are provided. A method includes receiving, from a user device (104a, 104b), a request for a security rating of a smart space (102), calculating the security rating of the smart space (102) based at least in part on security information regarding the smart space (102), the security information received from a plurality of user devices (104a, 104b), and transmitting the security rating of the smart space (102) to the user device (104a, 104b).
    Type: Grant
    Filed: June 23, 2022
    Date of Patent: June 25, 2024
    Assignee: DRNC Holdings, Inc.
    Inventors: Antti V. P. Evesti, Pia E. Raitio, Pekka P. Savolainen
  • Patent number: 12021892
    Abstract: There is disclosed in one example a remediation server including: a hardware platform, including a processor, a memory, and a network interface; and instructions encoded within the memory to instruct the processor to: receive an application binary; create an application logic model of the application binary; and create personalization rules for the application binary based on the application logic model.
    Type: Grant
    Filed: April 12, 2019
    Date of Patent: June 25, 2024
    Assignee: McAfee, LLC
    Inventors: Dattatraya Kulkarni, Srikanth Nalluri, Raja Sinha, Venkatasubrahmanyam Krishnapur
  • Patent number: 12022005
    Abstract: Signing source code using a vault device is described. An example method can include receiving, with a client device, source code that is to be committed to a repository. The method further can include sending, with a processing device to a vault device, a request to sign the source code. The method can further include receiving, from the vault device, a signed commit of the source code. In addition, the method can include pushing the source code and the signed commit to the repository, wherein the repository commits the source code and signed commit.
    Type: Grant
    Filed: January 27, 2023
    Date of Patent: June 25, 2024
    Assignee: Snowflake Inc.
    Inventors: Mark M. Manning, Nathan A. Sfard
  • Patent number: 12021901
    Abstract: The present disclosure relates to techniques for enforcing control policies on one more software as a service (SaaS) platforms from a centralized security control platform. An integration component is configured to integrate SaaS accounts with the security enforcement platform. The security enforcement platform executes functions that facilitate the creation of control policies on SaaS accounts. Exemplary control polices can be created to manage or control file sharing activities, user authentication, plugin usage, and/or other functions and features that may impact the security of the files or content included on the SaaS accounts. Activity events generated by the integrated SaaS accounts can be monitored by the security control platform. The activity events monitored by the security enforcement platform can be utilized to enforce the control policies and facilitate verification of file sharing activities.
    Type: Grant
    Filed: February 10, 2023
    Date of Patent: June 25, 2024
    Assignee: DOCONTROL, INC.
    Inventors: Adam Gavish, Omri Weinberg, Liel Ran
  • Patent number: 12021828
    Abstract: Methods and systems provide for improved security for domain name resolution (DNS) and browsing. User privacy may be improved for client devices by first transmitting authentication information and the domain name to a server. After determining that the requesting security component on the client device is authorized to access a domain resolution service, the domain name is resolved to obtain an internet protocol (IP) address. Classification data is then retrieved from a third-party service for the domain name and/or the IP address. This classification data may then be evaluated against a first policy associated with the client device. When the evaluation indicates the client device is not allowed to access the IP address, the client device is sent information indicating that access is not permitted. When access is permitted, the client device may be sent the IP address and the classification data used for the evaluation.
    Type: Grant
    Filed: September 8, 2023
    Date of Patent: June 25, 2024
    Assignee: LOOKOUT, INC.
    Inventors: Brian James Buck, Stephen Lind, Brian Sullivan
  • Patent number: 12021758
    Abstract: A multisession remote game scheme in a distributed network architecture including a dedicated network slice for gaming. A remote game rendering application service deployed in a trusted edge data network includes a remote render system (RRS) manager operative to instantiate one or more remote game rendering engines coupled to respective game engines. RRS manager interfaces to a remote gaming back office disposed in an external network, wherein the RRS manager instantiates and manages a plurality of gaming sessions responsive to game session setup requests propagated from the back office on behalf of clients. An edge routing application is configured to provide edge network location information of the game engines to the remote game back office. A multisession game slice bandwidth manager is operative to allocate a respective bandwidth to each of the plurality of gaming sessions from a dedicated bandwidth of the network slice serving the plurality of gaming sessions.
    Type: Grant
    Filed: October 29, 2020
    Date of Patent: June 25, 2024
    Assignee: Telefonaktiebolaget LM Ericsson (Publ)
    Inventors: Chris Phillips, Robert Hammond Forsman, Jr., Per-Erik Brodin
  • Patent number: 12021832
    Abstract: Some embodiments provide a local controller on a set of host computers that reduce the volume of data that is communicated between the server set and the set of host computers. The local controller executing on a particular host computer, in some embodiments, receives a portion of the namespace including only the policies (e.g., opcode) that are relevant to API-authorization processing for the applications executing on the particular host computer provided by a local agent executing on the computer to authorize the API requests based on policies and parameters. The local controller analyzes the received policies (e.g., policy opcodes) and identifies the parameters (e.g. operands), or parameter types, needed for API-authorization processing (e.g., evaluating the policy opcode upon receiving a particular API request) by the local agent. In some embodiments, the local controller performs this analysis for each updated set of policies (e.g., policy opcodes).
    Type: Grant
    Filed: February 13, 2023
    Date of Patent: June 25, 2024
    Assignee: STYRA, INC.
    Inventors: Teemu Koponen, Timothy L. Hinrichs, Torin Sandall, Stan Lagun
  • Patent number: 12015591
    Abstract: Some embodiments provide a method for modifying a firewall rule of a security policy implemented in a network. The method identifies a set of compute machines to be added to a match condition for the firewall rule. The match condition is expressed using one or more groups of compute machines. The method selects a set of groups for the identified set of compute machines from a plurality of existing groups of compute machines based on a user-specified threshold indicating tolerance for inclusion of compute machines that are not in the identified set of compute machines in the selected groups. The method uses the selected set of groups for the match condition of the firewall rule.
    Type: Grant
    Filed: December 6, 2021
    Date of Patent: June 18, 2024
    Assignee: VMware LLC
    Inventors: Kavya Kambi Ravi, Radha Popuri, Sunitha Krishna, Margaret Petrus, Yiwei Zhang
  • Patent number: 12015613
    Abstract: An edge device may be configured to generate a secure container to perform a software application on the edge device. A security daemon operating on a processor of the edge device may receive a security policy for the software application from a secure container platform, retrieve a license associated with the software application, and determine permissions of the software application based on the retrieved license. The edge device may create a user or group account and updating a system service access-control list (ACL) based on the received security policy and the determined permissions, and generate and send a policy ready message to the secure container platform in response to creating the user or group account and updating the system service ACL.
    Type: Grant
    Filed: February 4, 2022
    Date of Patent: June 18, 2024
    Assignee: VEEA INC.
    Inventors: Jim Sienicki, Roger Lucas, Perry Wintner, Nick Jelbert, Clint Smith
  • Patent number: 12015923
    Abstract: Methods, systems, and computer readable media for mitigating effects of access token misuse are disclosed. One example method for mitigating effects of access token misuse comprises: at a network function (NF) comprising at least one processor: receiving, from a sender, a service request comprising an access token, wherein the access token includes an access token identifier and usage attributes indicating a message rate limit and/or a message count limit; determining, using the usage attributes associated with the access token, that the service request should be rejected; and rejecting the service request.
    Type: Grant
    Filed: December 21, 2021
    Date of Patent: June 18, 2024
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventors: Rajiv Krishan, Doki Satish Kumar Patro
  • Patent number: 12013971
    Abstract: Systems and methods of dynamic management of private data during communication between a remote server and a user's device, including receipt of a request for retrieval of at least one data packet from the user's device, wherein the user's device is configured to provide a response corresponding to the received request, determination of at least one communication data type of the at least one data packet corresponding to the received request, receipt of a privacy preference for the user's device, wherein the privacy preference comprises a list of allowed data packet communication types for sharing during communication, modification of data packets corresponding to requests for sharing of responses that are not compatible with the received privacy preference and maintenance of communication between the remote server and the user's device, with sharing of the modified data packet.
    Type: Grant
    Filed: August 19, 2021
    Date of Patent: June 18, 2024
    Assignee: Privacy Rating Ltd.
    Inventors: Yoseph Koren, Yehonatan Wasserman
  • Patent number: 12014100
    Abstract: Electronic devices are used to provide content data and information to users based on their positional and user contexts. Methods and systems herein determine locations of the devices and provide content data from the devices based on their locations and based on content delivery settings, categories, and classifications. Some methods include distribution systems for providing content data and settings to a devices based on their locations. Thus, content data delivered by the devices is prioritized to improve the utility of the devices and the information they present. When multiple electronic devices are brought into proximity with each other, they can also interact to provide content data in different ways, including splitting up the content data, showing extensions, enlargements, or expansions of the content data, or otherwise differentiating the data provided by each device to improve the utility of the information provided by the devices.
    Type: Grant
    Filed: July 29, 2022
    Date of Patent: June 18, 2024
    Assignee: APPLE INC.
    Inventors: Paul G. Puskarich, Fiona P. O'Leary
  • Patent number: 12015538
    Abstract: A system of specifying link layer information in a URL is described. In an embodiment, a URL is generated which includes both a link layer network type and information which is used by a resolving device to identify a particular link layer network of the specified type. In various embodiments, the URL includes a link layer network type and a corresponding link layer network name or pairs of link layer network types and corresponding link layer network names. Where the URL comprises more than one link layer network name, the resolving device may determine at runtime which of the named link layer networks to connect to and this decision may be based on criteria or preference information included within the URL.
    Type: Grant
    Filed: April 28, 2022
    Date of Patent: June 18, 2024
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: James W. Scott, Nicolas Villar, Stephen E. Hodges
  • Patent number: 12013906
    Abstract: In some implementations, a user device (e.g., a computing device) can perform client-side personalization of search results. For example, a computing device can obtain search results matching user specified search parameters from a server device and/or from various services on the user device. The user device can score the search results based on various search result item attributes. After scoring, the user device can promote or demote search results items based on whether the search results item is relevant to recent user behavior. The promotion and/or demotion of search results items can cause search results items scores to be adjusted to generate a personalized score for each search result. The search results can then be ordered and/or presented based on the personalized score for each search results item. When presenting search results items, the user device can present information indicative of the source of the search results items.
    Type: Grant
    Filed: December 15, 2022
    Date of Patent: June 18, 2024
    Assignee: Apple Inc.
    Inventors: Saurabh V. Pendse, Giacomo Saccardo, Jason Dizon, Bernard K. Huang, Manmeet Singh, Sayantini Nag, Usama M. Hajj
  • Patent number: 12013934
    Abstract: Provided is an intrusion detection technique configured to: obtain kernel-filter criteria indicative of which network traffic is to be deemed potentially malicious, determine that a network packet is resident in a networking stack, access at least part of the network packet, apply the kernel-filter criteria to the at least part of the network packet and, based on applying the kernel-filter criteria, determining that the network packet is potentially malicious, associate the network packet with an identifier of an application executing in userspace of the operating system and to which or from which the network packet is sent, and report the network packet in association with the identifier of the application to an intrusion-detection agent executing in userspace of the operating system of the host computing device, the intrusion-detection agent being different from the application to which or from which the network packet is sent.
    Type: Grant
    Filed: May 24, 2023
    Date of Patent: June 18, 2024
    Assignee: Huntress Labs Incorporated
    Inventors: Robert Julian Noeth, Ernest Gregory Ake
  • Patent number: 12010141
    Abstract: A technique to improve security for a VLAN is disclosed. A security appliance is set as the default gateway for intra-LAN communication. Message traffic is analyzed and anomalies are detected relative to normal message traffic that correspond to device health problems that may require service by a field technician. Access to a cloud-based resource may be further protected by enforcing user-based access policies.
    Type: Grant
    Filed: July 10, 2023
    Date of Patent: June 11, 2024
    Assignee: Airgap Networks Inc.
    Inventors: Lokesh Mogra, Balireddy Ramesh Kumar Reddy, Satish M. Mohan, Vinay Adavi, Ritesh R. Agrawal
  • Patent number: 12009997
    Abstract: According to one or more embodiments of the disclosure, an example method herein may comprise: managing a particular cell of a multi-celled architecture for an extensibility platform having one or more tenants served by datastores of the particular cell; connecting to a global cell manager for global cell management of all cells of the multi-celled architecture; identifying a consumption limit indicating a maximum amount of system resources that a particular tenant of the one or more tenants is allowed to consume of the particular cell; enforcing the consumption limit on the particular tenant; and ensuring that the particular tenant is provided system resources of the particular cell up to the consumption limit without limitation.
    Type: Grant
    Filed: March 31, 2023
    Date of Patent: June 11, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Sergey Sergeev, Anna Igorevna Bokhan-Dilawari, Geoffrey R. Hendrey
  • Patent number: 12010149
    Abstract: Integrated controls frameworks are disclosed. In one embodiment, in an information processing apparatus comprising at least one computer processor, a method for using an integrated control framework for an application comprising a plurality of application modules may include: (1) defining an application profile, an application model, and a target cloud environment for an application; (2) identifying a plurality of security, resiliency, and controls requirements for the target cloud environment; (3) configuring a plurality of security controls for the application based on the plurality of security, resiliency, and controls requirements; and (4) deploying the security controls to the target cloud environment.
    Type: Grant
    Filed: March 16, 2023
    Date of Patent: June 11, 2024
    Assignee: JPMORGAN CHASE BANK, N.A.
    Inventors: Mark F. Novak, Todd Hrycenko, Roy E. Crowder, III, Marshall C. McCain
  • Patent number: 12010142
    Abstract: A generative adversarial network and a reinforcement learning system are combined to generate phishing emails with adaptive complexity. A plurality of phishing emails are obtained from a trained generative adversarial neural network, including a generator neural network and a discriminator neural network. A subset of phishing emails is selected, from the plurality of phishing emails, using a reinforcement learning system trained on user-specific behavior. One or more of the subset of phishing emails are sent to a user email account associated with a particular user. The reinforcement learning system is then adjusted based on user action feedback to the one or more of the subset of phishing emails.
    Type: Grant
    Filed: September 8, 2021
    Date of Patent: June 11, 2024
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Alok Singh, Nitish Kumar, Kanishka Kayathwal
  • Patent number: 12010117
    Abstract: Embodiments disclosed herein may relate to systems and methods for secure authentication that enable a user to set up an account or log in an existing account upon an existing user vouching for the user. Embodiments disclosed herein relate to verifying one or more attributes of the user by transmitting multiple decentralized verification notifications to multiple existing users. Upon receiving a verification quorum, a request may be authenticated.
    Type: Grant
    Filed: August 6, 2021
    Date of Patent: June 11, 2024
    Assignee: United Services Automobile Association (USAA)
    Inventors: Corinne Schuster, Gabriel Carlos Fernandez, Ameer A. Noorani
  • Patent number: 12008139
    Abstract: Disclosed herein is a method of facilitating sharing of medical information associated with a patient among user devices. Accordingly, the method may include transmitting a software plugin to a first user device and a second user device, transmitting indicators corresponding to a plurality of users to the first user device, receiving a communication message from the first user device, retrieving a second user information associated with a second user, analyzing the second user information and a message content based on a medical compliance guideline, determining a compliance score, retrieving a second device characteristic, transforming the communication message according to the second device characteristic, generating a transformed communication message, and transmitting the transformed communication message to the second user device.
    Type: Grant
    Filed: October 11, 2023
    Date of Patent: June 11, 2024
    Inventor: Omar Hassad
  • Patent number: 12003543
    Abstract: Some embodiments of the invention provide a method of modifying and validating API requests received at an API server. At a mutating admission controller of the API server, the method intercepts an API request received at the API server. The method invokes a mutating webhook to query a policy agent that includes a set of policies for modifying API requests to determine whether the API request requires modifications. When the policy agent determines that the API request requires modifications based on an identified policy from the set of policies, the method performs the modifications and forwards the modified API request for validation by the API server. After the API server has validated the API request, the method intercepts the API request at a validating admission controller and invokes a validating webhook to query the policy agent to determine whether the API request is valid.
    Type: Grant
    Filed: April 23, 2021
    Date of Patent: June 4, 2024
    Assignee: STYRA, INC.
    Inventors: Sayed Asad Ali, Andrew Curtis, Marco Sanvido, Timothy L. Hinrichs, Teemu Koponen
  • Patent number: 12003482
    Abstract: A system and method are provided for a network device for use with a client device having a hostname and a MAC address. The network device contains a memory that has a second hostname and a second MAC address stored within the memory. The second MAC address corresponds to the second hostname. The memory also contains a processor configured to execute instructions stored on the memory to cause the network device to: receive, from the client device, the hostname and the MAC address; determine whether the MAC address is randomized; provide an instruction to the client device to inform a user of the client device that the client device hostname is registered when the hostname matches the second hostname and the MAC address is randomized.
    Type: Grant
    Filed: March 22, 2023
    Date of Patent: June 4, 2024
    Assignee: ARRIS ENTERPRISES LLC
    Inventors: Jagdeep Shivajirao, Muralidharan Narayanan, Sathish Arumugam Chandrasekaran
  • Patent number: 12001566
    Abstract: Techniques described herein relate to a method for generating security findings acquisition (SFA) records. The method includes obtaining, by a security finding acquisition system (SFAS) orchestrator, an entity context request associated with an entity; making a first determination, by the SFAS orchestrator, that the entity is not associated with an entity directed acyclic graph (DAG); in response to the first determination: obtaining, by the SFAS orchestrator, the entity DAG associated with the entity from a lineage builder; making a second determination, by the SFAS orchestrator, that the entity is not associated with SFA anchors; in response to the second determination: obtaining, by the SFAS orchestrator, the SFA anchors associated with the entity from a resolver; obtaining, by the SFAS orchestrator, the SFA records associated with the entity from an extractor using the SFA anchors; and performing, by the SFAS orchestrator, security actions using the SFA records.
    Type: Grant
    Filed: September 30, 2021
    Date of Patent: June 4, 2024
    Assignee: DELL PRODUCTS L.P.
    Inventor: Sameer Sehgal