Tickets (e.g., Kerberos Or Certificates, Etc.) Patents (Class 726/10)
  • Patent number: 10728226
    Abstract: A portable encryption format wraps encrypted files in a self-executing container that facilitates transparent, identity-based decryption for properly authenticated users while also providing local password access to wrapped files when identity-based decryption is not available.
    Type: Grant
    Filed: April 14, 2016
    Date of Patent: July 28, 2020
    Assignee: Sophos Limited
    Inventors: Stefan Ortner, Andreas Berger, Vincent Vanbiervliet, Kenneth D. Ray
  • Patent number: 10728034
    Abstract: Examples of the present disclosure describe systems and methods for monitoring the security privileges of a process. In aspects, when a process is created, the corresponding process security token and privilege information is detected and recorded. At subsequent “checkpoints,” the security token is evaluated to determine whether the security token has been replaced, or whether new or unexpected privileges have been granted to the created process. When a modification to the security token is determined, a warning or indication of the modification is generated and the process may be terminated to prevent the use of the modified security token.
    Type: Grant
    Filed: February 23, 2018
    Date of Patent: July 28, 2020
    Assignee: WEBROOT INC.
    Inventors: Andrew Sandoval, Eric Klonowski
  • Patent number: 10719423
    Abstract: An apparatus and associated method are provided for application deployment assessment. In use, a plurality of deployment parameters associated with one or more applications, and a workload profile are received. Further, an application deployment specification is generated, based on the workload profile and the deployment parameters. Still yet, a type of one or more orchestrators on one or more systems is identified. The application deployment specification is processed, based on the identified type of the one or more orchestrators on the one or more systems. Further, the one or more processors execute the instructions to deploy, via an application program interface (API), the one or more applications to the one or more orchestrators on at least one of the one or more systems, and at least one workload generator to at least one of the one or more systems, utilizing the processed application deployment specification. Operational data is collected from one or more monitoring agents on the one or more systems.
    Type: Grant
    Filed: July 12, 2017
    Date of Patent: July 21, 2020
    Assignee: Futurewei Technologies, Inc.
    Inventors: Xiaoyun Zhu, Jinzhong Zhang, Huichao Zhao, Sid Askary, Daniel Chen, CJ Hersh, Yue Chen, Shu Zhang, Jing Ye
  • Patent number: 10715516
    Abstract: Methods and apparatuses are described for time-series database user authentication and access control. A server computing device receives a request from a remote computing device to access a time-series database coupled to the server computing device, wherein the request includes one or more authentication credentials associated with the remote computing device. The server computing device validates the one or more authentication credentials associated with the remote computing device. The server computing device connects to an access control layer associated with the time-series database. The access control layer authorizes the remote computing device to access data in the time-series database based upon an access profile associated with the validated authentication credentials. The server computing device retrieves data from the time-series database in response to the request.
    Type: Grant
    Filed: August 30, 2019
    Date of Patent: July 14, 2020
    Assignee: FMR LLC
    Inventors: Edward Colletta, Mrinal Vala
  • Patent number: 10706362
    Abstract: Certain relationships representing material insights are identified from among a set of discovered relationships. Cognitive discovery of relationships in a knowledge base, or corpus, are ranked according to one or more metrics indicative of material insights, including recentness and degree of alignment.
    Type: Grant
    Filed: October 9, 2017
    Date of Patent: July 7, 2020
    Assignee: International Business Machines Corporation
    Inventors: John B. Gordon, John P. Hogan, Sanjay F. Kottaram
  • Patent number: 10686889
    Abstract: A handshake procedure to establish a first connection between a client and a server is monitored at an intermediate network device. A request message sent to the server from the client is received at the intermediate network device. The request message includes parameters defining a manner of receiving information from the server. The parameters defining the manner of receiving information from the server are modified to produce modified parameters. A redirect message is sent from the intermediate network device to the client to induce or cause the client to establish a second connection with the server based upon the modified parameters, wherein the redirect message contains the modified parameters.
    Type: Grant
    Filed: February 27, 2019
    Date of Patent: June 16, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: Manish Pathak, Venkatesh N. Gautam, Jianxin Wang
  • Patent number: 10671375
    Abstract: Systems and methods are provided for managing mobile device updates. In some embodiments, the disclosed systems can include a key provisioning system, a key system, and mobile devices. The key provisioning system can provide keys to the mobile devices and the key system. The key system can receive a key from the key provisioning system, receive a request from an application system, calculate a first token, and provide the first token to the application system for transmission to a mobile device. The mobile device can receive a key from the key provisioning system, establish a local connection with a connected device, receive an application and the first token from the connected device, generate a second token using the application and the key, compare the first token and the second token, and update the mobile device according to the application based on a result of the comparison.
    Type: Grant
    Filed: June 21, 2019
    Date of Patent: June 2, 2020
    Assignee: Capital One Services, LLC
    Inventor: Adam Koeppel
  • Patent number: 10673837
    Abstract: Aspects of the disclosure relate to processing systems using improved domain pass-through authentication techniques. A computing platform may send, to an external cloud computing platform, one or more registration requests that each may cause an RLS endpoint corresponding to each of a plurality of resource location connectors to be stored at the external cloud computing host platform. The computing platform may receive one or more requests for a resource location identifier. The computing platform may determine an accessible resource location connector and may send, to the user device, a corresponding resource location identifier. After receiving a pass-through authentication request, the computing platform may receive, from the ticketing service stored on the external cloud computing platform, a one-time ticket. The computing platform may send, to the user device, the one-time ticket, which may allow the user device to perform pass-through authentication with the external cloud computing platform.
    Type: Grant
    Filed: June 1, 2018
    Date of Patent: June 2, 2020
    Assignee: Citrix Systems, Inc.
    Inventor: Feng Huang
  • Patent number: 10667136
    Abstract: Systems and methods for disabling applications on a client device remotely are disclosed. An example method may comprise establishing, via a network interface device, a communication connection with a client computing device, receiving, via the communication connection, a list of applications installed on the client computing device, comparing the received list of applications to a blacklist of applications, identifying, in view of the comparing, an installed application on the received list of applications, the installed application comprised in the blacklist of applications, identifying a severity score corresponding to the installed application and an action corresponding to the severity score, and responsive to the identifying the severity score and the corresponding action, causing, by the processing device, the corresponding action to be performed with respect to the client computing device, the corresponding action pertaining to the installed application.
    Type: Grant
    Filed: January 20, 2017
    Date of Patent: May 26, 2020
    Assignee: Red Hat, Inc.
    Inventor: Mark Cameron Little
  • Patent number: 10645094
    Abstract: Systems, methods, and devices for securely provisioning a roadside unit (RSU) that includes an application certificate, wherein the RSU is geographically restricted according to the application certificate. An enhanced SCMS system may receive a request for an application certificate for the RSU; determine, in response to the request, an operating geolocation for the RSU; verify that the operating geolocation is within the allowed geo-region for the RSU; generate an application certificate that includes the operating geolocation; and provide the application certificate to the RSU device.
    Type: Grant
    Filed: February 15, 2019
    Date of Patent: May 5, 2020
    Assignee: INTEGRITY SECURITY SERVICES LLC
    Inventors: Daniel R. Fynaardt, William L. Lattin, Alan T. Meyer
  • Patent number: 10620797
    Abstract: A method for controlling media presentation is disclosed. In some implementations, the method is performed at a first electronic device having one or more processors and memory storing one or more programs for execution by the one or more processors. The first electronic device displays a webpage including a control element, such as a “play” button. The webpage originates from a webpage server. The first electronic device receives a user input, such as a mouse click, selecting the control element. In response to the user input, the first electronic device sends a media control request to a media server. The media control request is configured to cause the media server to control presentation of first media content at a second electronic device associated with the user, wherein the second electronic device is different from the first electronic device, and wherein the media server is different from the webpage server.
    Type: Grant
    Filed: June 26, 2013
    Date of Patent: April 14, 2020
    Assignee: Spotify AB
    Inventors: Sten Garmark, Karl Magnus Röös, Andreas Öman, Per Gunnar Joachim Bengtsson, Marcus Per Vesterlund
  • Patent number: 10621355
    Abstract: A method for initializing a computerized system by executing a boot-script having an associated private security key, wherein the computerized system comprises a first secure storage device for storing a plurality of public keys each having a public key index assigned thereto and a second secure storage device for storing a current key index, wherein the boot-script is only executed if a public key selected from the plurality of public keys is uniquely related to the private security key such as to form a unique key pair with the private security key and has a booting key index having a predetermined relationship with the current key index.
    Type: Grant
    Filed: January 11, 2018
    Date of Patent: April 14, 2020
    Assignee: OMRON Corporation
    Inventor: Jasper Spanjers
  • Patent number: 10620940
    Abstract: Systems and methods are provided for managing mobile device updates. In some embodiments, the disclosed systems can include a key provisioning system, a key system, and mobile devices. The key provisioning system can provide keys to the mobile devices and the key system. The key system can receive a key from the key provisioning system, receive a request from an application system, calculate a first token, and provide the first token to the application system for transmission to a mobile device. The mobile device can receive a key from the key provisioning system, establish a local connection with a connected device, receive an application and the first token from the connected device, generate a second token using the application and the key, compare the first token and the second token, and update the mobile device according to the application based on a result of the comparison.
    Type: Grant
    Filed: June 21, 2019
    Date of Patent: April 14, 2020
    Assignee: Capital One Services, LLC
    Inventor: Adam Koeppel
  • Patent number: 10616207
    Abstract: In some examples, a target device may store a policy that includes one or more conditions. For example, a condition of the policy may specify that each device of the multiple devices have a certificate that was deployed to each device when each device was provisioned. A condition of the policy may specify that each device of the multiple devices be within a predetermined distance (or within a particular distance range) from the target device. A condition of the policy may specify that each device of the plurality of devices have a beacon secret that is periodically broadcast out-of-band by a local beacon. While the conditions of the policy are satisfied, the target device may grant the multiple devices access to the target device. If the target device determines that the conditions of the policy are no longer being satisfied, the target device may deny (or reduce) access.
    Type: Grant
    Filed: October 12, 2017
    Date of Patent: April 7, 2020
    Assignee: Dell Products, L.P.
    Inventors: Charles D. Robison, Daniel L. Hamlin
  • Patent number: 10601595
    Abstract: To secure an application, a request to establish a communication session with a client is received from the application, at a server. The server sends the request to establish the communication session to the client. The request to establish the communication session generates a request for a user to approve the application. If the request is approved, a client token is received. A certificate with a public key and a private key is created and the public key is sent to the application. An application token that is encrypted using the public key is received from the application. The application token is unencrypted using the private key and compared to the client token. In response to the unencrypted application token matching the client token, an approval message is sent to the client to establish the communication session. The application can then establish a secure communication session with the client.
    Type: Grant
    Filed: May 4, 2016
    Date of Patent: March 24, 2020
    Assignee: Avaya Inc.
    Inventor: Rifaat Shekh-Yusef
  • Patent number: 10560271
    Abstract: An apparatus may include a communication interface configured to receive a first message including a first data portion and a second data portion, wherein the first data portion is associated with a security token, wherein the first data portion includes a first instance of a session key, and wherein the second data portion includes a second instance of the session key. The apparatus may also include a security component configured to perform message validation associated with the first message. The apparatus may further include a message generation component configured to generate, if the first message is valid, a second message including the first data portion. The communication interface may be configured to communicate, if the first message is valid, the second message.
    Type: Grant
    Filed: November 16, 2018
    Date of Patent: February 11, 2020
    Assignee: Idaax Technologies Private Limited
    Inventor: Vishnu Sharma
  • Patent number: 10552495
    Abstract: A system for providing a directory service for generating network presence documents may include a computer processor and memory having instructions stored thereon. These may instruct the processor to parse registration information of a member to obtain a set of keywords. Using the set of keywords, the network maybe searched for information about the member, and registration information may be created based on the information. A trusted network presence document may be generated to include at least a first portion of the registration information as read only content. A link may be created between a profile document and the trusted network presence document. The profile document may include at least a second portion of the registration information as customizable content customizable by the member. The document may then be published on the network.
    Type: Grant
    Filed: August 9, 2016
    Date of Patent: February 4, 2020
    Assignee: AFILIAS LIMITED
    Inventors: Cedarampattu Mohan, James Galvin
  • Patent number: 10554652
    Abstract: Techniques are disclosed relating to authenticating a user based on a partial password. In one embodiment, a computer system stores masking criteria defining how a mask is to be applied to generated passwords. In some embodiments, the computer system receives a request from a user to generate a one-time password. In response to the request, in some embodiments, the computer system generates the one-time password having a sequence of characters, applies the mask to the generated one-time password to select a subset of the sequence of characters usable to authenticate the user, and presents the selected subset of characters to the user as a partial password for authentication.
    Type: Grant
    Filed: March 6, 2017
    Date of Patent: February 4, 2020
    Assignee: CA, Inc.
    Inventor: Gyaneshwar Bhabbur
  • Patent number: 10552376
    Abstract: Standard I/O library functions for accessing files stored on mass storage devices are modified to enable access to files stored in firmware volumes. An application can be compiled against the modified standard I/O library functions to generate a pre-boot application. When the pre-boot application is executed within a pre-boot execution environment, it can utilize standard I/O library functions to access files stored in a firmware volume. In response to receiving a request to open a file from a pre-boot application, the called I/O function searches a file cross-reference table to locate the filename for the file. If the filename is in the file cross-reference table, the GUID associated with the filename is retrieved from the file cross-reference table and used to obtain a file handle to the file. The file handle can then be returned to the pre-boot application and used to perform other types of operations on the file.
    Type: Grant
    Filed: January 10, 2017
    Date of Patent: February 4, 2020
    Assignee: AMERICAN MEGATRENDS INTERNATIONAL, LLC
    Inventors: Stefano Righi, Madhan B. Santharam, Arun Subramanian
  • Patent number: 10547606
    Abstract: An information processing apparatus includes a signing unit and first and second obtaining units. The signing unit signs a document by using a certificate used for connecting to an access point. The document is obtained via the access point. The first obtaining unit obtains, in response to an access request to access the signed document, identification information concerning the certificate used for signing the signed document. The second obtaining unit obtains identification information concerning a certificate used for connecting to an access point when the access request is received. The display controller performs control so that the sighed document will be displayed if the identification information obtained by the first obtaining unit and the identification information obtained by the second obtaining unit coincide with each other.
    Type: Grant
    Filed: May 8, 2017
    Date of Patent: January 28, 2020
    Assignee: FUJI XEROX CO., LTD.
    Inventor: Koichiro Mino
  • Patent number: 10545496
    Abstract: Disclosed are systems and methods for securely controlling a vehicle using a mobile device. An exemplary method comprises authenticating, by a mobile device, a user attempting to perform commands controlling one or more vehicle systems of a coupled vehicle, retrieving profile information related to the user's preference associated with the coupled vehicle, establishing a connection between the mobile device and a security device of the coupled vehicle, authenticating the mobile device with the security device, forming, by the mobile device, commands to control the one or more vehicle systems based on command forming algorithms, the one or more vehicle systems comprising actuating devices of the vehicle and electronic systems of the vehicle, modifying the formed commands based on the profile information and safety information related to a location of the vehicle and transmitting the formed commands to the one or more vehicle systems via the security device to securely control the vehicle.
    Type: Grant
    Filed: September 7, 2018
    Date of Patent: January 28, 2020
    Assignee: AO Kaspersky Lab
    Inventors: Eugene V. Kaspersky, Andrey P. Doukhvalov, Pavel V. Dyakin, Dmitry A. Kulagin, Sergey V. Konoplev, Anton V. Tikhomirov
  • Patent number: 10540695
    Abstract: There is provided an information providing device which, even when one advertisement display area is shared between a plurality of advertisers, can increase the probability that, for example, a banner advertisement of each advertiser is specified and efficiently display information matching each advertiser. The information providing device is configured to, when a user of a terminal device specifies an advertisement display area, specify a partial area including a position specified in the advertisement display area, and transmit information matching a provider allocated to the partial area to the terminal device.
    Type: Grant
    Filed: June 28, 2011
    Date of Patent: January 21, 2020
    Assignee: Rakuten, Inc.
    Inventors: Kenji Sugiura, Yasuaki Shirogane
  • Patent number: 10530831
    Abstract: A system performs threat protection for real-time communications (“RTC”). The system receives, by a signaling engine of a gateway, a request of a client according to a protocol, where the request has successfully traversed one or more security devices between the client and the gateway. The system determines, by a protocol handler corresponding to the protocol, whether the request includes a threat. When the request includes the threat, the system indicates the threat to the one or more security devices, and when the request does not include the threat, the system sends the request to an application server at the gateway.
    Type: Grant
    Filed: May 15, 2015
    Date of Patent: January 7, 2020
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventors: Andreas E. Jansson, Terje Strand, Diwakar Goel
  • Patent number: 10522244
    Abstract: The present disclosure relates to systems and methods for facilitating trusted handling of genomic and/or other bioinformatic information. Certain embodiments may facilitate policy-based governance of access to and/or use of bioinformatic information, improved interaction with and/or use of distributed bioinformatic information, parallelization of various processes involving bioinformatic information, and/or reduced user involvement in bioinformatic workflow processes, and/or the like. Further embodiments may provide for memoization processes that may persistently store final and/or intermediate results of computations performed using genomic data for use in connection with future computations.
    Type: Grant
    Filed: October 10, 2018
    Date of Patent: December 31, 2019
    Assignee: Intertrust Technologies Corporation
    Inventors: Jarl Nilsson, William Knox Carey
  • Patent number: 10516680
    Abstract: A computer-implemented method for assessing cyber risks using incident-origin information may include (1) receiving a request for a cyber-risk assessment of an entity of interest, (2) using an Internet-address data source that maps identifiers of entities to public Internet addresses of the entities to translate an identifier of the entity into a set of Internet addresses of the entity, (3) using an incident-origin data source that maps externally-detected security incidents to public Internet addresses from which the security incidents originated to translate the set of Internet addresses into a set of security incidents that originated from the entity, and (4) using the set of security incidents to generate the cyber-risk assessment of the entity. Various other methods, systems, and computer-readable media may have similar features.
    Type: Grant
    Filed: June 22, 2016
    Date of Patent: December 24, 2019
    Assignee: NortonLifeLock Inc.
    Inventors: Pierre-Antoine Vervier, Leylya Bilge, Yufei Han, Matteo Dell'Amico
  • Patent number: 10516653
    Abstract: Disclosed are various approaches for validating public keys pinned to services or servers on private networks. A client device can request a first certificate from a trust service. The client device can then validate that the first certificate from the trust service is signed by a preinstalled certificate stored on the client device. Subsequently, the client device can receive a uniform resource locator identifying a network location of an secure sockets layer (SSL) pinning service, wherein the SSL pinning service is configured to provide a hash value for a first public key issued to a computing device. Finally, the client device can receive a second public key from the trust service, wherein the second public key is configured to encrypt network traffic sent to the SSL pinning service.
    Type: Grant
    Filed: June 29, 2016
    Date of Patent: December 24, 2019
    Assignee: AirWatch, LLC
    Inventor: Jonathon Deriso
  • Patent number: 10467436
    Abstract: A system stores and manages regulated content items on a non-regulated storage platform. The system creates a representation of a regulated content item representing its content that is subject to one or more regulations. The system provides representation of the regulated content item to the non-regulated storage platform for storage. The representation of the regulated content item is configured to be accessible on the non-regulated storage platform. If the system receives a request to access the regulated content item using the representation of the regulated content item, the system retrieves the regulated content item from the non-regulated storage platform to fulfill the request.
    Type: Grant
    Filed: August 5, 2016
    Date of Patent: November 5, 2019
    Assignee: CHITA Inc.
    Inventors: Kevin Anthony Barrett, Patrick Michael Pollard, Patrick Roberts, Martin Frid-Nielsen
  • Patent number: 10470017
    Abstract: Embodiments of this application provide an identity information processing method, a database control system, a service capability exposure function, and a home subscriber server, so as to dynamically establish a correspondence between external identity information and intra-network identity information, thereby simplifying an operation process of establishing the correspondence. In this way, the correspondence between the external identity information and the intra-network identity information is dynamically established, so as to reduce correspondence establishment complexity.
    Type: Grant
    Filed: March 4, 2019
    Date of Patent: November 5, 2019
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Wei Lu, Weisheng Jin
  • Patent number: 10454683
    Abstract: Computer-implemented systems and methods for user authentication based on blockchain technology. The authentication may comprise operations including receiving, from a user system, an authentication request for a user. The operations may also include determining a root system for the user using a blockchain, and redirecting a member system to the root system. The operations may include receiving, following redirection, a verification message indicating that the root system successfully authenticated the user, and including an authorization code for receiving, from the root system, a root system secret. The operations may include receiving from a database, identification data using the root system secret. Determining the root system may comprise identifying, using the authentication request and index information stored in the blockchain, a block of the blockchain storing root system information for the user. Receiving the identification data may comprise retrieving identification data from the database.
    Type: Grant
    Filed: June 16, 2017
    Date of Patent: October 22, 2019
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Jonathan Weimer, Ryan Fox
  • Patent number: 10452736
    Abstract: In some implementations, a device may detect loading of a first web page associated with a domain, and may create an inline frame element that references a second web page associated with the domain. The second web page may require an authenticated user session to access particular content of the second web page. The device may insert the inline frame element into code for the first web page, and may transmit a request for the second web page based on inserting the inline frame element into the code for the first web page. The device may receive a response to the request for the second web page, and may determine whether there is an authenticated user session for the domain based on the response. The device may selectively perform an action based on determining whether there is an authenticated user session for the domain.
    Type: Grant
    Filed: February 21, 2019
    Date of Patent: October 22, 2019
    Assignee: Capital One Services, LLC
    Inventors: Vu Nguyen, Joshua Edwards, Adam Vukich, Mykhaylo Bulgakov, Abdelkadar M'Hamed Benkreira, David Gabriele, Andrea Montealegre, Ljubica Chatman, Jonatan Yucra Rodriguez
  • Patent number: 10454915
    Abstract: Embodiments authenticate a user in response to receiving from a Kerberos key distribution center (“KDC”) a request to authenticate the user that includes a user identification (“ID”). Embodiments retrieve a user record corresponding to the user ID, the user record including a principal key. Embodiments decrypt the principal key using a tenant-specific encryption key and encrypt the decrypted principal key using a Kerberos master key to generate an encrypted principal key. Embodiments retrieve a password policy corresponding to the user ID. Based on the retrieved password policies, embodiments construct password state attributes and return to the KDC the encrypted principal key, the password policy and the password state attributes.
    Type: Grant
    Filed: October 30, 2017
    Date of Patent: October 22, 2019
    Assignee: Oracle International Corporation
    Inventors: Mohamad Raja Gani Mohamad Abdul, Gregg Wilson
  • Patent number: 10397191
    Abstract: Systems and methods are disclosed for securely passing context information from a server to a client device. In particular, in one or more embodiments, the disclosed systems and methods embed an identifier in a digital file provided to a client device. In one or more embodiments, the disclosed systems and methods utilize the embedded identifier to securely pass context information between a client device and server, such that the client device can utilize the context information with regard to the digital file. In particular, one or more embodiments include systems and methods that securely pass login credentials from a remote server to a client device such that the client device can utilize a digital file to access one or more features of a native software application.
    Type: Grant
    Filed: December 1, 2015
    Date of Patent: August 27, 2019
    Assignee: Adobe Inc.
    Inventors: Sourabh Goel, Shilpi Aggarwal
  • Patent number: 10389581
    Abstract: In order to configure an access point, the access point requests information specifying an associated cloud-based controller when the access point is first turned on at a user location. In particular, the access point may provide, to a configuration device, a controller query requesting information specifying a unique network address of a cloud-based controller associated with the access point. This controller query may include an identifier of the access point (such as a serial number). Then, the access point receives, from the configuration device, the information specifying the unique network address of the cloud-based controller, such as a fully qualified domain name of the cloud-based controller. Note that the cloud-based controller may be one of multiple cloud-based controllers from different providers, and the access point may be associated with the cloud-based controller based on the received information specifying unique network address.
    Type: Grant
    Filed: September 23, 2017
    Date of Patent: August 20, 2019
    Assignee: ARRIS Enterprises LLC
    Inventors: David Sheldon Stephenson, William S. Kish
  • Patent number: 10382408
    Abstract: Technology for migration of a computing instance is provided. In one example, a method may include receiving instructions to initiate migration of the computing instance from a first host to a second host. A first message for sending to the first host may be generated which includes instructions to send data representing the computing instance to the second host. The first message may further include encryption information for use in deriving at least one key for encrypting communications to the second host from the first host. A second message for sending to the second host may be generated which includes instructions to receive the data representing the computing instance from the first host. The second message may further include information for use in deriving at least one key for decrypting communications from the first host. The first and second messages may be sent to the respective first and second hosts.
    Type: Grant
    Filed: July 18, 2017
    Date of Patent: August 13, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Khaja Ehteshamuddin Ahmed, Diwakar Gupta, Matthew Shawn Wilson
  • Patent number: 10380519
    Abstract: A device may identify a ticket associated with an issue, a user associated with resolving the issue, and a particular business process including a particular business process step associated with the issue. The device may present information regarding a particular business process workflow, corresponding to the particular business process, associated with a business process steps. The device may identify the particular business process step from the business process steps, and may identify a particular technical solution corresponding to the particular business process step. The device may present information regarding a particular technical solution workflow, corresponding to the particular technical solution, associated with technical solution steps. The device may identify a particular technical solution step, from the technical solution steps, associated with resolving the issue.
    Type: Grant
    Filed: March 26, 2015
    Date of Patent: August 13, 2019
    Assignee: Accenture Global Services Limited
    Inventors: Arpan Shukla, Bhaskar Ghosh, Rajendra T. Prasad, Vijayaraghavan Koushik, Siddharth Mehta, Priya Athreyee, Sandeep Rathod
  • Patent number: 10367826
    Abstract: Methods and systems for verifying the identity and trustworthiness of a user of an online system are disclosed. In one embodiment, the method comprises receiving online and offline identity information for a user and comparing them to a user profile information provided by the user. Furthermore, the user's online activity in a third party online system and the user's offline activity are received. Based on the online activity and the offline activity a trustworthiness score may be calculated.
    Type: Grant
    Filed: December 12, 2018
    Date of Patent: July 30, 2019
    Assignee: Airbnb, Inc.
    Inventors: Stephen Kirkham, Michael Lewis
  • Patent number: 10359983
    Abstract: A continuous glucose monitor for wirelessly transmitting data relating to glucose value to a plurality of displays is disclosed, as well as systems and methods for limiting the number of display devices that can connect to a continuous glucose transmitter. In addition, security, including hashing techniques and a changing application key, can be used to provide secure communications between the continuous glucose transmitter and the displays. Also provided is a continuous glucose monitor and techniques for authenticating multiple displays, providing secure data transmissions to multiple displays, and coordinating the interaction of commands and data updates between multiple displays.
    Type: Grant
    Filed: January 20, 2016
    Date of Patent: July 23, 2019
    Assignee: DexCom, Inc.
    Inventors: Hari Hampapuram, Eric Cohen, Brian Christopher Smith, Jose Hector Hernandez-Rosas, Francis William Pascual, Michael Robert Mensinger, Shawn Larvenz
  • Patent number: 10348697
    Abstract: A portable encryption format wraps encrypted files in a self-executing container that facilitates transparent, identity-based decryption for properly authenticated users while also providing local password access to wrapped files when identity-based decryption is not available.
    Type: Grant
    Filed: April 14, 2016
    Date of Patent: July 9, 2019
    Assignee: Sophos Limited
    Inventors: Stefan Ortner, Andreas Berger, Vincent Vanbiervliet, Kenneth D. Ray
  • Patent number: 10327114
    Abstract: A message sending method, a mobile broadband (MBB) device, and a host, where the method includes receiving, by an MBB device, authentication information sent by a host, requesting, by the MBB device, authentication from a notification server according to the authentication information, to establish a transmission path between the MBB device and the notification server, determining, by the MBB device, a message required to be transmitted to the host, and sending, by the MBB device, the message to the notification server using the transmission path such that the notification server sends the message to the host. The message can be actively pushed to the host when the message required to be transmitted to a host is determined such that signaling overheads can be significantly reduced, and power consumption can be reduced.
    Type: Grant
    Filed: June 12, 2015
    Date of Patent: June 18, 2019
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Dedong Yang, Zhen Zhong, Wei Chen
  • Patent number: 10320788
    Abstract: A method for transferring authorization information, a relay device, and a server are provided. The method includes: receiving, by a DHCPv6 relay device, authorization information delivered by an AAA server; and inserting an option into a DHCPv6 Relay-Forward message, encapsulating the authorization information in the option, and sending the option to a DHCPv6 server. By using the technical solutions of the present application, a DHCPv6 relay device sends authorization information delivered by an AAA server to a DHCPv6 server, so that the DHCPv6 server can provide a correct configuration for a DHCPv6 client according to the authorization information delivered by the AAA server.
    Type: Grant
    Filed: August 10, 2018
    Date of Patent: June 11, 2019
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Yuxu Ye, Min Zha
  • Patent number: 10313287
    Abstract: Exemplary embodiments relate to techniques for introducing asynchronous messaging concepts into a synchronous messaging system. As a conversation is carried out, different topics may be identified and highlighted as separate threads within the conversation. A new thread may be identified based on a number of factors, including (for example) time between messages, questions raised in a communication, discussions of dates, the inclusion of links, and any mentions of specific names. Further embodiments relate to techniques for navigating in asynchronous message threads. For example, a synchronous message alias may be created that redirects a display to a location of an asynchronous message. An indication may be displayed to designate that the asynchronous message is displayed out-of-order.
    Type: Grant
    Filed: June 1, 2016
    Date of Patent: June 4, 2019
    Assignee: FACEBOOK, INC.
    Inventors: Eric Carl Ertmann, Charles Donald Deets, Jr., Daniel M Giuditta
  • Patent number: 10313363
    Abstract: A system for proactive intrusion protection comprises a memory operable to store data identifying a plurality of compromising entities, comprising at least one of a device identifier or a contact identifier, and a processor communicatively coupled to the memory and operable to receive, from a remote application associated with a remote device and with the system, information regarding a destination of the outgoing communication. The processor is further operable to determine an entity associated with the destination of the outgoing communication and to determine that the entity associated with the destination matches at least one of the plurality of compromising entities based on comparing the data identifying the plurality of compromising entities and the entity associated with the destination of the outgoing communication. Furthermore, the processor is operable to send to the remote application, before the outgoing communication is sent, a signal configured to block the outgoing communication.
    Type: Grant
    Filed: November 24, 2015
    Date of Patent: June 4, 2019
    Assignee: Bank of America Corporation
    Inventors: Manu J. Kurian, David N. Hillis
  • Patent number: 10284366
    Abstract: In existing mobile implementations, there is a disconnect between the mobile device accessing the network and the applicative services inasmuch as the entity responsible for network access, such as the VPN Gateway, differs from the entity governing access to applications, such as email servers and SharePoint repositories. Therefore existing solutions typically employ two authentication methods. Of these, the first may be used to authenticate the mobile device to the VPN Gateway, while the second may be used to authenticate the mobile device towards the applications server. In order to facilitate strong authentication it is often desired to utilize a mechanism that uses or combines two different factors, e.g. “something you have” (such as but not limited to a smart card) and “something you know” (such as but not limited to a password). Most currently available mobile devices offer limited options to connect external devices to them, rendering most “Something you have” solutions irrelevant.
    Type: Grant
    Filed: September 27, 2012
    Date of Patent: May 7, 2019
    Assignee: ELTA SYSTEMS LTD.
    Inventor: Yonathan Striem-Amit
  • Patent number: 10275723
    Abstract: Policy enforcement via attestations is provided. A principal operates within an environment and assumes roles having certain access rights to resources and the principal takes actions while assuming those roles. The roles and actions are monitored and attestations are raised under the proper set of circumstances. The attestations trigger policy restrictions that are enforced against the principal. The policy restrictions circumscribe the access rights to the resources.
    Type: Grant
    Filed: December 13, 2006
    Date of Patent: April 30, 2019
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventors: Duane Fredrick Buss, Stephen R. Carter
  • Patent number: 10270756
    Abstract: A service providing method, the method comprises transmitting, by a first information processing device, a certification token including a first role information on a service provided by the first information processing device to a terminal device when a certification is successful in response to a certification demand from the terminal device, receiving, by the first information processing device, the certification token and a first address information, that identifies a service providing device and indicates the first information processing device, from the terminal device, and transmitting, by the first information processing device, a first token including the first role information indicated by the certification token which is received and a second address information, that identifies the service providing device and indicates a second information processing device, to the second information processing device which is either one of the service providing device or a way device to the service providing dev
    Type: Grant
    Filed: August 23, 2016
    Date of Patent: April 23, 2019
    Assignee: FUJITSU LIMITED
    Inventors: Shouhei Mizuno, Akio Shimono, Mamoru Yoshimuta, Naoki Miyoshi
  • Patent number: 10237269
    Abstract: A method of operating an electronic device and an electronic device are provided. The method includes generating biometric information using at least one sensor of the electronic device, and storing the generated biometric information in a memory of the electronic device, generating access right information relating to the biometric information, determining whether an external electronic device is connected to the electronic device, and when the external electronic device is connected to the electronic device, transmitting the generated access right information to the external electronic device.
    Type: Grant
    Filed: October 15, 2015
    Date of Patent: March 19, 2019
    Assignee: Samsung Electronics Co., Ltd
    Inventors: Su-Young Park, Su-Ha Yoon, Eui-Chang Jung
  • Patent number: 10230566
    Abstract: A system, medium and method for dynamically constructing a service principal name is disclosed. A client request from a user to access a service is received at a network traffic management device which identifies an internet protocol (IP) address of a selected backend server to provide the requested service to the client. The network traffic management device identifies a hostname of the selected backend server based at least on the identified IP address and dynamically generates a service principal name (SPN) of the selected backend server based on the determined host name. The network traffic management device obtains a service ticket from a domain controller server using at least the generated SPN of the selected backend server. The network traffic management device uses the obtained service ticket along with the client request to provide the user access to the selected backend server for the client request.
    Type: Grant
    Filed: December 31, 2012
    Date of Patent: March 12, 2019
    Assignee: F5 Networks, Inc.
    Inventors: Amit Jain, Konstantin Martynenko, Jeff Costlow, David Holmes
  • Patent number: 10212149
    Abstract: In a method for enabling support for backwards compatibility in a User Domain, in one of a Rights Issuer (RI) and a Local Rights Manager (LRM), a Rights Object Encryption Key (REK) and encrypted REK are received from an entity that generated a User Domain Authorization for the one of the RI and the LRM and the REK is used to generate a User Domain Rights Object (RO) that includes the User Domain Authorization and the encrypted REK.
    Type: Grant
    Filed: July 25, 2016
    Date of Patent: February 19, 2019
    Assignee: GOOGLE TECHNOLOGY HOLDINGS LLC
    Inventor: David W. Kravitz
  • Patent number: 10193691
    Abstract: According to an embodiment, an information processing device includes a conversion unit, an encryption unit, and a transmission unit. The conversion unit converts a first encryption key to be used for generation of a master key to be shared with a server device by using a second conversion rule to generate a third encryption key to be a new master key. The second conversion rule is different from a first conversion rule used for generation of a second encryption key that is the master key currently used for encrypted communication with the server device. The encryption unit generates a ciphertext so that the server device derives the third encryption key on a basis of the second encryption key and the third encryption key. The transmission unit transmits the ciphertext to the server device.
    Type: Grant
    Filed: February 27, 2017
    Date of Patent: January 29, 2019
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Yuichi Komano, Takeshi Kawabata
  • Patent number: 10181978
    Abstract: Technology is described for sharing device capabilities between a plurality of Internet of Things (IoT) devices. A first IoT device within a localized network may identify a desired device capability that is capable of augmenting device capabilities of the first IoT device. The first IoT device may identify a second IoT device within the localized network that possesses the desired device capability. The first IoT device may identify the second IoT device using a registry of device capabilities stored in the localized network. The first IoT device may obtain access to the desired device capability of the second IoT device to augment the device capabilities of the first IoT device.
    Type: Grant
    Filed: June 29, 2016
    Date of Patent: January 15, 2019
    Assignee: Amazon Technologies, Inc.
    Inventor: Marco Argenti