Policy Patents (Class 726/1)
  • Patent number: 11929984
    Abstract: Techniques for associating manufacturer usage description (MUD) security profiles for Internet-of-Things (IoT) device(s) with secure access service edge (SASE) solutions, providing for automated and scalable integration of IoT devices with SASE frameworks. A MUD controller may utilize a MUD uniform resource identifier (URI) emitted by an IoT device to fetch an associated MUD file from a MUD file server associated with a manufacturer of the IoT device. The MUD controller may determine that a security recommendation included in the MUD file is to be implemented by a cloud-based security service provided by the SASE service and cause the IoT device to establish a connection with a secure internet gateway associated with the cloud-based security service. Additionally, or alternatively, the MUD file may include SASE extensions indicating manufacturer recommended cloud-based security services. Further, cloud-based security services may be implemented if local services are unavailable.
    Type: Grant
    Filed: May 5, 2021
    Date of Patent: March 12, 2024
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: David Hanes, Gonzalo Salgueiro, Sebastian Jeuk, Robert Edgar Barton
  • Patent number: 11930025
    Abstract: A device that is configured to receive user activity information that includes information about user interactions with a network device for a plurality of users. The device is further configured to input the user activity information into a first machine learning model that is configured to receive user activity information and to output a set of bad actor candidates based on the user activity information. The device is further configured to filter the user activity information based on the set of bad actor candidates. The device is further configured to input the filtered user activity information into a second machine learning model that is configured to receive the filtered user activity information and to output system exposure information that identifies network security threats. The device is further configured to identify network security actions based on the network security threats and to execute the network security actions.
    Type: Grant
    Filed: April 15, 2021
    Date of Patent: March 12, 2024
    Assignee: Bank of America Corporation
    Inventors: Daniel Joseph Serna, Marcus Raphael Matos, Patrick N. Lawrence, Christopher Lee Danielson
  • Patent number: 11928231
    Abstract: An authentication model dynamically adjusts authentication factors required for access to a remote resource based on changes to a risk score for a user, a device, or some combination of these. For example, the authentication model may conditionally specify the number and type of authentication factors required by a user/device pair, and may dynamically alter authentication requirements based on changes to a current risk assessment for the user/device while the remote resource is in use.
    Type: Grant
    Filed: March 7, 2023
    Date of Patent: March 12, 2024
    Assignee: Sophos Limited
    Inventors: Joseph H. Levy, Andrew J. Thomas, Daniel Salvatore Schiappa, Kenneth D. Ray
  • Patent number: 11928241
    Abstract: A system, method, and computer program product are provided for consent management. A method may include receiving a first data request for user data associated with a user, the user data stored in a user data database; communicating a consent request to the requester system; receiving a consent response from the requester system; storing consent data associated with the consent response for the user data requested in the first data request in an immutable ledger; receiving a consent verification request from the user data database, the consent verification request based on a second data request for the user data from the requester system to the user data database; verifying the consent verification request based on the consent data; and communicating a consent verification response to the user data database, the consent verification response indicating consent from the user to share the user data with the requester system.
    Type: Grant
    Filed: August 31, 2022
    Date of Patent: March 12, 2024
    Assignee: Visa International Service Association
    Inventors: Kimberly E. Bella, Nirmal Kumar Baid, Robert B. Hedges, Jr., David Alan Henstock, Shashi Kumar Velur, Sonia Gupta, Cindy Hong, Jonathan Twichell
  • Patent number: 11929999
    Abstract: A node provides a service to a client node in a network. The node is configured to execute a code for providing the service to the client node in an enclave of a trusted execution environment (TEE) and to execute a code library in the enclave to attest to the client node the identity of the service provided. The service provided to the client node may be a distributed service including a result of a cooperation of a plurality of neighbor nodes, which are connected to the node either directly or through other intermediate nodes. The code library is configured to attest to the client node the identity of the distributed service.
    Type: Grant
    Filed: March 12, 2021
    Date of Patent: March 12, 2024
    Assignee: HUAWEI CLOUD COMPUTING TECHNOLOGIES CO., LTD.
    Inventors: Dan Touitou, Avigail Oron
  • Patent number: 11921853
    Abstract: A vehicle computer system includes one or more sensors configured to receive input regarding a vehicle's environment, and a controller in communication with the one or more sensors of the vehicle. The controller is configured to identify a cyber-attack on one or more vehicle controllers in the vehicle, and respond to the cyber-attack based upon at least the vehicle environment.
    Type: Grant
    Filed: July 23, 2019
    Date of Patent: March 5, 2024
    Assignee: Denso Corporation
    Inventors: Stefan Filipek, Remma Takeuchi
  • Patent number: 11914674
    Abstract: Specification covers new algorithms, methods, and systems for: Artificial Intelligence; the first application of General-AI (versus Specific, Vertical, or Narrow-AI) (as humans can do) (which also includes Explainable-AI or XAI); addition of reasoning, inference, and cognitive layers/engines to learning module/engine/layer; soft computing; Information Principle; Stratification; Incremental Enlargement Principle; deep-level/detailed recognition, e.g., image recognition (e.g., for action, gesture, emotion, expression, biometrics, fingerprint, tilted or partial-face, OCR, relationship, position, pattern, and object); Big Data analytics; machine learning; crowd-sourcing; classification; clustering; SVM; similarity measures; Enhanced Boltzmann Machines; Enhanced Convolutional Neural Networks; optimization; search engine; ranking; semantic web; context analysis; question-answering system; soft, fuzzy, or un-sharp boundaries/impreciseness/ambiguities/fuzziness in class or set, e.g.
    Type: Grant
    Filed: December 6, 2021
    Date of Patent: February 27, 2024
    Assignee: Z ADVANCED COMPUTING, INC.
    Inventors: Lotfi A. Zadeh, Saied Tadayon, Bijan Tadayon
  • Patent number: 11916942
    Abstract: Techniques for automated identification of false positives in DNS tunneling detectors are disclosed. In some embodiments, a system, process, and/or computer program product for automated identification of false positives in DNS tunneling detectors includes receiving a set of passive DNS data, wherein the set of passive DNS data includes a DNS query and a DNS response for resolution of the DNS query for each of a plurality of DNS queries; extracting a plurality of features associated with each domain in the set of passive DNS data; and classifying DNS tunneling activities and performing false positive reduction using the plurality of features associated with each domain in the set of passive DNS data to reduce false positive detections.
    Type: Grant
    Filed: July 2, 2021
    Date of Patent: February 27, 2024
    Assignee: Infoblox Inc.
    Inventor: Peter Boord
  • Patent number: 11916962
    Abstract: Disclosed are examples related to data driven interfaces for decoupling management system components from a manufacturer or a platform of client devices managed by the management system. In some examples, among others, a system can generate a data driven interface template that can be used to cause rendering of a data driven user interface for configuring a profile payload of a device profile for the client device. The system can generate, based on values associated with the data driven user interface, a profile document in an instance in which values are obtained from the data driven user interface. In some aspects, the profile document is a generic representation of the profile payloads for the platform, the manufacturer or the type of the client device.
    Type: Grant
    Filed: December 29, 2020
    Date of Patent: February 27, 2024
    Assignee: VMware, Inc.
    Inventors: Adarsh Subhash Chandra Jain, Bhavesh Krishna Kumar, Sachin Ramachandran, Naveen Pitchandi, Allan Howard, Kai Chen
  • Patent number: 11914398
    Abstract: A method for controlling a robot is provided. The method includes the steps of: acquiring information on status of communication connections between a plurality of robots located in a serving place, wherein the status of communication connections between the plurality of robots is specified with respect to at least one relay robot among the plurality of robots; and determining a communication scheme to be used between the plurality of robots, with reference to the information on the status of communication connections between the plurality of robots.
    Type: Grant
    Filed: June 7, 2021
    Date of Patent: February 27, 2024
    Assignee: Bear Robotics, Inc.
    Inventor: John Jungwoo Ha
  • Patent number: 11916775
    Abstract: A control plane system for providing data exchange between a plurality of gateway endpoints using a secure tunnel between the gateway endpoints. The system includes an end-user device, a cloud control plane, and a cloud provider. The end-user device includes a client endpoint providing a request for accessing data using a gateway device by sending data packets. The cloud control plane uses a data plane and a control plane for provisioning the request. The control plane is isolated from the data plane. Routing information of network traffic is received, a tenant associated with the request is identified and isolated. A network policy associated with the access to the data is identified based on the network patterns. The network policy specifies routing for access to the data and the secure tunnel. The access to the data is provided from the cloud provider to the client endpoint on the gateway device.
    Type: Grant
    Filed: March 17, 2023
    Date of Patent: February 27, 2024
    Assignee: Netskope, Inc.
    Inventors: Parag Pritam Thakore, Sunil Mukundan, Anupam Rai
  • Patent number: 11917080
    Abstract: There is disclosed in one example a network gateway device, including: a hardware platform including a processor and a memory; a network interface, including network interface hardware; and instructions encoded within the memory to instruct the processor to: receive from an endpoint device, via the network interface, a signed security posture data structure, the signed security posture data structure including information about a security posture of the endpoint device; cryptographically verify the signed security posture data structure; and according to the signed security posture data structure, assign a network security policy to the endpoint device.
    Type: Grant
    Filed: March 31, 2021
    Date of Patent: February 27, 2024
    Assignee: McAfee, LLC
    Inventors: Tirumaleswar Reddy Konda, Shashank Jain, Piyush Pramod Joshi, Himanshu Srivastava
  • Patent number: 11916968
    Abstract: Embodiments are directed to managing and monitoring endpoint activity in secured networks. In response to a client request being provided to an agent associated with the resource server. A driver associated with the resource server may be determined based on the client request. The client request may be provided to the resource server via a second network connection. Responses from the resource server may be provided to a server-tee module such that the server-tee module provides a copy of the responses to the server-handler module; employing the server-handler module to generate log information based on the copied responses; employing the server-tee module to modify the responses from the resource server such that the responses are forwarded to the client via the first network connection over the overlay network; or the like.
    Type: Grant
    Filed: August 21, 2023
    Date of Patent: February 27, 2024
    Assignee: strongDM, Inc.
    Inventors: Carlos Ulderico Cirello Filho, Philip D. Hassey
  • Patent number: 11916874
    Abstract: Provided in some embodiments are systems and methods for determining a data flow path including a plurality of network devices for routing data from a first network device to a second network device; determining for the network devices one or more flow rules that specify an input for receiving data, an output for outputting data, and a role tag indicative of a role of a network device, where the role tag for one or more flow rules for a first network device of the network devices indicates a source role; distributing, to the network devices, the one or more flow rules; determining malicious activity on the data flow path; determining that the first network device is a source based at least in part on the role tag for the first network device; and sending, to the first network device, a blocking flow rule to inhibit routing of malicious data.
    Type: Grant
    Filed: March 31, 2021
    Date of Patent: February 27, 2024
    Assignee: McAfee, LLC
    Inventors: Shivakrishna Anandam Mulka, Shankar Subramanian, Jayakrishnan Karunakaran Nair, Gopal Agrawal, Shankar Ganesh Pillaiyar Nattamai Jeyaprakash
  • Patent number: 11916949
    Abstract: A computer-implemented method of monitoring activity of devices in a network is provided. The method comprises passively collecting data regarding how the devices access the network, and for each device on the network, identifying all other devices on the network with which the device communicates. All communication traffic from the devices to outside the network is identified. A determination is made if there are any required updates and if patches for the devices execute in a fashion defined as safe. A number of risk indicators for privacy risks are determined according to device communication within the network, device communication to outside the network, and update and patch execution. A visualization of any identified risk factors is displayed to a user through a user interface.
    Type: Grant
    Filed: November 18, 2020
    Date of Patent: February 27, 2024
    Assignee: National Technology & Engineering Solutions of Sandia, LLC
    Inventors: Vincent Urias, Brian P. Van Leeuwen, Douglas M. Kayatt, Jr.
  • Patent number: 11907402
    Abstract: Computer-implemented methods, apparatuses, and computer program products are provided for frequency based operations. An example computer-implemented method includes receiving a request for data transfer of a plurality of data elements of a production data environment to a non-production data environment. The method includes determining an access frequency associated with each data element and grouping each data element into a first set of data elements or a second set of data elements based upon the determined access frequency. The method further includes refreshing the first set of data elements according to a first refresh protocol defining a first refresh rate and refreshing the second set of data elements according to a second refresh protocol defining a second refresh rate less than the first refresh rate. The method also includes outputting the plurality of data elements to the non-production data environment.
    Type: Grant
    Filed: April 28, 2021
    Date of Patent: February 20, 2024
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Ananya Bandyopadhyay, Shalini Jha
  • Patent number: 11909773
    Abstract: Systems and methods disclosed can evaluate security detection rules in a network security computing environment. Results for a processed log of security events can be retrieved. The results can identify determined outcomes for instances triggering security detection rules. The security detection rules can detect specific behavior on a network by being processed against a log of security events. Scores for the security detection rules can be determined based on the results of the processed log of security events and the determined outcomes. The security detection rules can be ranked based on the scores, from highest to lowest score. The highest score can indicate that a corresponding rule is performing worst among the security detection rules and the lowest score can indicate that a corresponding rule is performing best among the security detection rules. A rules score report can be generated based on the ranked rules.
    Type: Grant
    Filed: January 28, 2022
    Date of Patent: February 20, 2024
    Assignee: Target Brands, Inc.
    Inventors: Paul Hutelmyer, Adam Blake
  • Patent number: 11907407
    Abstract: Implementations of the present disclosure include providing a graph representative of a network, a set of nodes representing respective assets, each edge representing one or more lateral paths between assets, the graph data including configurations affecting at least one impact that has an effect on an asset, determining multiple sets of fixes for configurations, each fix having a cost associated therewith, incorporating fix data of the sets of fixes into the graph, defining a set of fixes including one or more fixes from the multiple sets of fixes by defining an optimization problem that identifies one or more impacts that are to be nullified and executing resolving the optimization problem to define the set of fixes, each fix in the set of fixes being associated with a respective configuration in the graph, and scheduling performance of each fix in the set of fixes based on one or more operational constraints.
    Type: Grant
    Filed: December 15, 2021
    Date of Patent: February 20, 2024
    Assignee: Accenture Global Solutions Limited
    Inventors: Eitan Hadar, Amin Hassanzadeh, Anup Nayak
  • Patent number: 11907399
    Abstract: A highly secure networked system and methods for storage, processing, and transmission of sensitive information are described. Sensitive, e.g. personal/private, information is cleansed, salted, and hashed by data contributor computing environments. Cleansing, salting, and hashing by multiple data contributor computing environments occurs using the same processes to ensure output hashed values are consistent across multiple sources. The hashed sensitive information is hashed a second time by a secure facility computing environment. The second hashing of the data involves a private salt inaccessible to third parties. The second hashed data is linked to previously hashed data (when possible) and assigned a unique ID. Data dictionaries are created for particular individuals provided access to the highly secure information, e.g. researchers.
    Type: Grant
    Filed: April 13, 2023
    Date of Patent: February 20, 2024
    Assignee: Optum, Inc.
    Inventor: Robin Edison
  • Patent number: 11907212
    Abstract: Provided herein are systems and methods for configuring trace events. A system includes at least one hardware processor coupled to a memory and configured to instantiate a user code runtime to execute user-defined function (UDF) code. The user code runtime is instantiated within a sandbox process of an execution node. An application programming interface (API) call is detected during execution of the UDF code. The API call includes one or more configurations of a trace event. Telemetry information is collected based on the one or more configurations. The telemetry information is associated with the trace event using a telemetry API. The telemetry API corresponds to the API call. The telemetry information is formatted using the telemetry API, to generate structured telemetry information. The at least one hardware processor causes ingestion of the structured telemetry information into an event table.
    Type: Grant
    Filed: March 31, 2023
    Date of Patent: February 20, 2024
    Assignee: Snowflake Inc.
    Inventors: Tyson J. Hamilton, Qinye Li, Steven Parkes, Xie Xu
  • Patent number: 11909723
    Abstract: Techniques for auto-starting a VPN in a MAM environment are disclosed. A MAM-controlled application is launched on a computer system. Policy is queried and a determination is made as to whether to auto-start a VPN application based on the policy. Based on the policy, the VPN application is auto-started, and the VPN application initiates a VPN tunnel that is usable by at least the MAM-controlled application. Network communications transmitted to or from the MAM-controlled application then pass through the VPN tunnel.
    Type: Grant
    Filed: June 15, 2021
    Date of Patent: February 20, 2024
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: James Matthew Hamilton Oakley, Neil Adam Jacobson
  • Patent number: 11906322
    Abstract: Provided are an environment map management device, an environment map management system, an environment map management method, and a program that are capable of generating a common environment map that takes into consideration privacy of each of users simultaneously with securing a space covered by an environment map available to the each of users. A processing data transmitting section accesses an individual environment map available to a user of interest. The processing data transmitting section accesses a common environment map available to a plurality of users including the user of interest. A SLAM processing execution section adds, to the individual environment map, environment information generated on the basis of sensing data acquired by a tracker used by the user of interest. A transmitting control section controls whether or not to add the environment information to the common environment map, according to a privacy attribute corresponding to the environment information.
    Type: Grant
    Filed: March 1, 2019
    Date of Patent: February 20, 2024
    Assignee: Sony Interactive Entertainment Inc.
    Inventor: Yoshinori Ohashi
  • Patent number: 11907314
    Abstract: Methods and systems for generating an integrated structure for the data from disparate data domains that may be used to aggregate, compare, and/or provide recommendations based on the data available from the disparate domains. The integrated structure may further be accessible to users to perform functions (e.g., searches, filtering operations, etc.) in real-time and receive outputs (e.g., in a user interface).
    Type: Grant
    Filed: September 21, 2021
    Date of Patent: February 20, 2024
    Assignee: Snagajob.com, Inc.
    Inventors: John Moon, Keith Forshew, Ruhollah Farchtchi, Fabio Rosati
  • Patent number: 11907366
    Abstract: The technology disclosed teaches incident-driven and user-targeted data loss prevention that includes a CASB controlling infiltration via cloud-based services storing documents in use by organization users, by monitoring manipulation of the documents. The CASB identifies the cloud-based services that the particular user has access to and at least one document location on the cloud-based services to inspect for sensitive documents, in response to receiving an indication that user credentials have been compromised. The CASB performs deep inspection of documents identified as stored at the location and detects at least some sensitive documents. Based on the detected sensitive documents, the CASB determines an exposure for the organization due to the particular user.
    Type: Grant
    Filed: July 22, 2022
    Date of Patent: February 20, 2024
    Assignee: Netskope, Inc.
    Inventor: Krishna Narayanaswamy
  • Patent number: 11907396
    Abstract: Described are methods and systems for using policies to comply with a person's request for data pertaining to the person, pursuant to applicable data privacy laws. A policy is retrieved responsive to receiving a query that includes data to identify records that store data pertaining to the person. The policy indicates first and second database objects, and respective first and second sets of fields, which store data that pertains to persons. The policy is applied. Applying the policy includes retrieving, as first values, data stored in the first set of fields of a first record associated with the data in the query, and retrieving, as second values, data stored in the second set of fields of a second record associated with the first record. The first and second values, and the names of the fields from which they were retrieved, are stored in a document.
    Type: Grant
    Filed: January 24, 2020
    Date of Patent: February 20, 2024
    Assignee: Salesforce, Inc.
    Inventors: Shivan Kaul Sahib, Marla Hay, Yvonne Zhou, Yu Chen
  • Patent number: 11907943
    Abstract: Embodiments disclosed are directed to ensuring resource compliance within a cloud-based environment using a compliance system. The embodiments include steps for performing pre-provisioning checks of resources, such as network protocols, prior to their deployment within the cloud-based environment. The compliance system may include a number of components for performing the pre-provisioning check including a maintenance module, a collection module, and an evaluation module, which are used to evaluate the resource prior to deployment in the cloud-based environment.
    Type: Grant
    Filed: November 1, 2021
    Date of Patent: February 20, 2024
    Assignee: Capital One Services, LLC
    Inventors: Brian Lee Wong, Virendra K. Abelak, Steven Lott, Philip Austin Kedy
  • Patent number: 11909765
    Abstract: Established user habits in carrying multiple wirelessly detectable devices are used to provide or substantiate authentication. In some embodiments, simply detecting that expected devices are co-located within a limited spatial region is sufficient to establish that the devices are being carried by a single individual. In other embodiments, particularly where the potential for spoofing by multiple individuals is a concern, single-user possession of the devices may be confirmed by various corroborative techniques. This approach affords convenience to users, who may be working at a device that lacks the necessary modality (e.g., a fingerprint or vein reader) for strong authentication.
    Type: Grant
    Filed: May 10, 2019
    Date of Patent: February 20, 2024
    Assignee: Imprivata, Inc.
    Inventors: David M. T. Ting, Alain Slak, Kyle Vernest
  • Patent number: 11909771
    Abstract: A Domain Name System (DNS) device stores data indicative of a user device and data indicative of a policy setting a level of access of the user device to a responding device. The DNS device receives, from the user device, a request for an Internet Protocol address of the responding device. The DNS device determines, based upon the request and the data indicative of the user device, that the policy applies to the request. The DNS device applies the policy in response to the determining.
    Type: Grant
    Filed: June 1, 2020
    Date of Patent: February 20, 2024
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Darrin Joseph Miller, Kevin Patrick Regan, Einar Nilsen-Nygaard
  • Patent number: 11899719
    Abstract: The system determines whether content such as an image is suitable for content modification based on one or more criteria. The system includes decision engines or modules configured to evaluate one or more suitability metrics based on corresponding criteria such as publication status, restriction status, context, compatibility, and classification. If content is unsuitable for content modification because of entities or context depicted therein, privacy status, incompatibility with content modification, properties of the content file itself, or other aspects, the system generates a tag indicating the content is unsuitable for content modification. If content is suitable for content modification because of entities or context depicted therein, publication status, compatibility with content modification, properties of the content file itself, or other aspects, the system generates a content modification tag indicating the content is suitable for content modification.
    Type: Grant
    Filed: February 10, 2022
    Date of Patent: February 13, 2024
    Assignee: Rovi Guides, Inc.
    Inventor: Alejandro Sanchez Pulido
  • Patent number: 11899761
    Abstract: The present invention extends to methods, systems, and computer program products for identifying and consenting to permissions for workflow and code execution. Aspects of the invention can be used to automatically scan a workflow or code definition to identify (potentially all) the actions/triggers a workflow or program intends to perform on behalf of a user. The user is shown the actions/triggers the workflow or program intends to perform (e.g., at a user interface) before consent to perform the actions/triggers is granted. As such, a user is aware of intended actions/triggers of a workflow or program before granting consent. Further, since actions/triggers are identified from the workflow or code definition (and not formulated by an author), permission requests better align with permissions that workflow or program functionality actually uses during execution.
    Type: Grant
    Filed: May 26, 2022
    Date of Patent: February 13, 2024
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Sunay Vaishnav, Merwan Vishnu Hade, Stephen Christopher Siciliano, David Nissimoff, Fnu Anubhav
  • Patent number: 11899760
    Abstract: An automated system tracks digital service providers (DSP) data management agreements, and user behavior, individually and in aggregate, to determine potential changes for a personal/corporate privacy charter. The personal/corporate privacy charter is thus dynamically adaptable to permit users to continue to engage seamlessly in accordance with user/corporate target goals with digital service providers (DSPs) and similar entities.
    Type: Grant
    Filed: December 19, 2020
    Date of Patent: February 13, 2024
    Assignee: CAMBRIAN DESIGNS, INC.
    Inventors: Olaf Jonny Groth, Mark Jay Nitzberg, Manu Kalia, Tobias Christopher Straube, Daniel A Zehr
  • Patent number: 11902329
    Abstract: A system for managing security on a cloud management platform portal (CMPP (1)), the system comprising a set of routines (scripts) which are executed on a computing device or processor allowing the cloud management platform portal to contact a cloud automation service (CAS (4)) so as to provision services to a customer, and a ServiceNow (2) (SNOW) application comprising at least one of a set of routines comprising at least one of certain specified network Standard Service Requests and/or network activity Standard Service Requests.
    Type: Grant
    Filed: December 16, 2020
    Date of Patent: February 13, 2024
    Assignee: AGARIK SAS
    Inventors: Konrad Clapa, Olena Zhuk
  • Patent number: 11902233
    Abstract: Disclosed herein is an example communication apparatus that includes processor circuitry to execute instructions to: determine a context of a message; perform a comparison of the context of the message with a target recipient emotional state; apply a rule to select an action for the message based on the comparison; cause performance of the action; determine an effect of the action on an emotional state of a user; and update the rule based on the effect.
    Type: Grant
    Filed: August 23, 2022
    Date of Patent: February 13, 2024
    Assignee: Intel Corporation
    Inventors: Daria A. Loi, Ramune Nagisetty, Glen J. Anderson, Pete A. Denman
  • Patent number: 11895125
    Abstract: The present invention relates to a method and system for tracking the movement of data elements as they are shared and moved between authorized and unauthorized devices and among authorized and unauthorized users.
    Type: Grant
    Filed: April 24, 2023
    Date of Patent: February 6, 2024
    Assignee: QUICKVAULT, INC.
    Inventors: Steven V. Bacastow, Michael Royd Heuss
  • Patent number: 11893456
    Abstract: In one embodiment, a device classification service receives telemetry data indicative of behavioral characteristics of a plurality of devices in a network. The service obtains side information for the telemetry data. The service applies metric learning to the telemetry data and side information, to construct a distance function. The service uses the distance function to cluster the telemetry data into device clusters. The service associates a device type label with a particular device cluster.
    Type: Grant
    Filed: June 7, 2019
    Date of Patent: February 6, 2024
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: David Tedaldi, Pierre-Andre Savalle, Sharon Shoshana Wulff, Jean-Philippe Vasseur, Grégory Mermoud
  • Patent number: 11895579
    Abstract: A system and method for automatic offload in multi SIM devices. The system comprises a learning module [108] to learn the SIM slot ID of the inserted desired operator, the structure alignment and field information, wherein feedback of the learnt information is provided to the network server [114]. A method selection module [110] analyzes the structure alignment and field information for mapping unique connection methods to different devices. A WiFi configuration and connection module [112] uses appropriate WiFi configuration and attempts connection to desired Service Providers enterprise Wi-Fi AP using the determined connection method.
    Type: Grant
    Filed: December 31, 2021
    Date of Patent: February 6, 2024
    Assignee: JIO PLATFORMS LIMITED
    Inventors: Devesh Chauhan, Vinita Kaushik, Hiren Patel, Abhilash Shrivastava
  • Patent number: 11895130
    Abstract: Various embodiments of the present invention provide methods, apparatuses, systems, computing devices, and/or the like that are configured to enable effective and efficient monitoring of software application frameworks. For example, certain embodiments of the present invention provide methods, apparatuses, systems, computing devices, and/or the like that are configured to perform software application framework monitoring using an interactive software application platform monitoring dashboard comprises a set of user interfaces (e.g.
    Type: Grant
    Filed: September 16, 2022
    Date of Patent: February 6, 2024
    Assignees: ATLASSIAN PTY LTD., ATLASSIAN US, INC.
    Inventors: Benjamin Walther, Brianna Malcolmson
  • Patent number: 11895158
    Abstract: A system, method, and computer-readable medium are disclosed for implementing a cybersecurity system having security policy visualization. At least one embodiment is directed to a computer-implemented method for implementing security policies in a secured network, including: retrieving a set of rules of a security policy; analyzing the set of rules of the security policy using one or more Satisfiability Modulo Theory (SMT) operations to reduce a dimensionality of the security policy; and generating a visual presentation on a user interface using results of the SMT operations, where the visual presentation includes visual indicia representing one or more targeted policy dimensions with respect to one or more fixed policy dimensions. In at least one embodiment, two or more security policies are presented with visual indicia representing differences between the security policies, including representations of one or more targeted policy dimensions with respect to one or more fixed policy dimensions.
    Type: Grant
    Filed: May 19, 2020
    Date of Patent: February 6, 2024
    Assignee: Forcepoint LLC
    Inventors: Lawrence Bruce Huston, III, David Coffey, Andrew Mortensen
  • Patent number: 11893131
    Abstract: A system, method, and computer-readable media for providing contextual data loss prevention (DLP) within a group-based communication system. At least a portion of a DLP policy may be suspended within a DLP engine based on a context for which a user input is to be displayed. Accordingly, the user input may be displayed without interference from the DLP engine.
    Type: Grant
    Filed: January 29, 2021
    Date of Patent: February 6, 2024
    Assignee: Salesforce, Inc.
    Inventor: Felipe Ryan
  • Patent number: 11895121
    Abstract: A method includes executing a configuration engine on one or more data processing device(s) of a computing system. In accordance with the execution, the method also includes discovering at least a subset of a number of resources associated with a target environment of the computing system, generating an environment definition associated with the target environment, building baseline configurations, policies, and metadata for at least the subset of the number of resources, and versioning the aforementioned data.
    Type: Grant
    Filed: March 20, 2023
    Date of Patent: February 6, 2024
    Assignee: CAPITIS SOLUTIONS INC.
    Inventors: Samiul Karim, Vikas K. Gupta, Eric C. Hein, Sanjay K. Kunchakarra, Prasad V. Kunchakarra
  • Patent number: 11895151
    Abstract: A computer-implemented method, executed by one or more email detection computers, receives from a computer network, a first email message from a first sender account to a first recipient account and having a plurality of attributes. The method determines that the first email message is a phishing email, extracts a subset of attributes, normalizes transformable attributes, and generates a hash representation from fixed attributes and the normalized transformable attributes, stores the hash representation in a database, receives a second email message, and determines that the second email message is a phishing email based on the stored hash representation.
    Type: Grant
    Filed: January 12, 2022
    Date of Patent: February 6, 2024
    Assignee: CLOUDFLARE, INC.
    Inventor: Javier Castro
  • Patent number: 11893123
    Abstract: In some aspects, a method for mediation of a screenshot capture by a client application based on policy includes identifying, by a client application on a client device, a policy for mediating one or more screenshots of content displayed via the client application. An embedded browser within the client application accesses a network application of one or more servers. The method further includes intercepting, by the client application, a request to capture a screenshot of at least a portion of the network application being displayed, determining, by the client application, one or more mediation actions to perform on the screenshot responsive to the policy, performing, by the client application, the one or more mediation actions on the screenshot, and providing, by the client responsive to the request, the screenshot resulting from the one or more mediation actions.
    Type: Grant
    Filed: March 4, 2021
    Date of Patent: February 6, 2024
    Inventor: Abhishek Chauhan
  • Patent number: 11888900
    Abstract: In one embodiment, a service receives captured traffic flow data regarding a traffic flow sent via a network between a first device assigned to a first network zone and a second device assigned to a second network zone. The service identifies, from the captured traffic flow data, one or more cryptographic parameters of the traffic flow. The service determines whether the one or more cryptographic parameters of the traffic flow satisfy an inter-zone policy associated with the first and second network zones. The service causes performance of a mitigation action in the network when the one or more cryptographic parameters of the traffic flow do not satisfy the inter-zone policy associated with the first and second network zones.
    Type: Grant
    Filed: April 24, 2020
    Date of Patent: January 30, 2024
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Matthew Scott Robertson, David McGrew, Timothy David Keanini, Sunil Amin, Ellie Marie Daw
  • Patent number: 11888804
    Abstract: Methods and systems are disclosed for enhancements in email communication. In some embodiments, address-context information of an email message is rendered to aid the user in various user interface scenarios. These scenarios include user interfaces for a Reply All command and a Send command. The activation of the Reply All command in some embodiments is enabled with a predefined gesture on the user interface that is different from a gesture or gestures used for other commands such as the Reply command. The gesture required for the activation of the Send command can be changed based on the command that was activated to create the email message to be sent.
    Type: Grant
    Filed: November 29, 2021
    Date of Patent: January 30, 2024
    Assignee: Zoho Corporation Private Limited
    Inventor: Sudheer A Grandhi
  • Patent number: 11888968
    Abstract: A signature device (30) acquires a signature key SK(x?) in which an attribute vector x? is set over a basis B* of a basis B and the basis B*, which are dual bases in dual vector spaces. The signature device (30) generates a signature sig for a message MSG by setting predicate information of arithmetic branching programs (ABP) for the signature key SK(x?). The signature device (30) outputs the signature sig and the message MSG to a verification device (40).
    Type: Grant
    Filed: July 22, 2021
    Date of Patent: January 30, 2024
    Assignees: MITSUBISHI ELECTRIC CORPORATION, NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Katsuyuki Takashima, Tatsuaki Okamoto, Pratish Datta
  • Patent number: 11888857
    Abstract: A risk-aware access control system and related methods are provided. In accordance with one aspect of the present disclosure, there is a provided a method of risk-aware access control, comprising: detecting a request to perform an action with respect to two factors, the factors being of a factor type selecting people, devices, documents, and location, wherein the factors are of a different factor type; determining a coupling associated with the requested action based on the factors of the requested action; determining a risk level associated with the coupling; denying the requested action in response to a determination that the risk level does not match a security policy; and allowing the requested action in response to a determination that the risk level matches the security policy.
    Type: Grant
    Filed: December 21, 2020
    Date of Patent: January 30, 2024
    Assignee: BlackBerry Limited
    Inventors: Andrew James Malton, Andrew Eric Walenstein, Jinxin Liu, Burak Kantarci, Melike Erol Kantarci, Murat Simsek
  • Patent number: 11886310
    Abstract: Systems, computer program products, and methods are described herein for implementing an intelligent validation protocol within a cloud infrastructure. The present invention is configured to receive a request to invoke the intelligent validation protocol on one or more cloud service component clusters; determine one or more operating systems associated with the one or more cloud service component clusters; determine one or more validation requirements for the one or more operating systems; dynamically invoke, using the intelligent validation protocol, a multi-checkpoint validation subroutine on the one or more operating systems; determine whether the one or more operating systems meet the one or more validation requirements; initiate a dashboard script configured to generate an analysis interface indicating whether the one or more operating systems meet the one or more validation requirements; and transmit control signals configured to cause the computing device of the user to display the analysis interface.
    Type: Grant
    Filed: August 3, 2021
    Date of Patent: January 30, 2024
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Syed Kareemuddin, Mohammed Abdul Azam
  • Patent number: 11886577
    Abstract: Disclosed herein are systems and methods for protecting a user's devices based on types of anomalies. In one aspect, an exemplary method comprises, determining, by a feature determiner, one or more values of features of a user's activity performed using at least one of the user's devices, detecting, by an anomaly detector, anomalies indicative of at least one threat to information security of the user's devices based on the one or more values of the features, for each detected anomaly, identifying, by the anomaly detector, a type of the anomaly and at least one device that is a source of the anomaly, wherein the type of anomaly is identified using an anomaly classifier and one or more values of features, and for each user's device, modifying, by a device protector, one or more information security settings of the user's device based on the identified type of the anomaly.
    Type: Grant
    Filed: April 19, 2021
    Date of Patent: January 30, 2024
    Assignee: AO Kaspersky Lab
    Inventors: Anton V. Tikhomirov, Evgenii Shchetinin
  • Patent number: 11886558
    Abstract: Methods and systems for authenticating users based on contextual data in a privacy preserving way are disclosed.
    Type: Grant
    Filed: November 22, 2021
    Date of Patent: January 30, 2024
    Assignee: OneSpan North America Inc.
    Inventor: Pradip Mainali
  • Patent number: RE49870
    Abstract: A system for controlling an electricity supply to a load comprises at least one battery for storing energy. The system also comprises a controller for determining when to switch between a first mode wherein electricity is supplied to the load from a mains electricity circuit; and a discharging mode wherein electricity is supplied from the battery to the load via the mains electricity circuit. The determining is based on information associated with the electricity supply.
    Type: Grant
    Filed: August 22, 2018
    Date of Patent: March 12, 2024
    Assignee: The Technology Partnership PLC
    Inventors: Mathew R. Palmer, Antony W. Rix, David R. Anderson, David S. Smith, Matthew C. B. Lumb