Tickets (e.g., Kerberos Or Certificates, Etc.) Patents (Class 726/10)
  • Patent number: 11171791
    Abstract: The systems and methods of aggregate signing of digital signatures on multiple messages simultaneously, comprising: receiving two or more digital messages wherein each message is signed using two or more digitally split keys from a private key and the two or more digital signatures of the message using the split key are combined to get a compressed short signature; receiving the compressed short signature for each message; receiving a public key associated with the private key for each message; aggregate signing the messages to output an aggregate signature. The aggregate signature can be further verified against any or all of the messages.
    Type: Grant
    Filed: January 15, 2019
    Date of Patent: November 9, 2021
    Assignee: 0Chain, LLC
    Inventors: Saswata Basu, Siva Dirisala
  • Patent number: 11172362
    Abstract: A method of managing and verifying a certificate of a terminal is provided. The method includes obtaining certificate information that is usable when downloading and installing a specific bundle corresponding to at least one of a secondary platform bundle family identifier or a secondary platform bundle family custodian identifier, transmitting, to a secondary platform bundle manager, the certificate information corresponding to the at least one of the secondary platform bundle family identifier or the secondary platform bundle family custodian identifier of the specific bundle, and receiving, from the secondary platform bundle manager, at least one of a certificate of the secondary platform bundle manager, certificate information to be used by a smart secure platform (SSP), the secondary platform bundle family identifier, or the secondary platform bundle family custodian identifier.
    Type: Grant
    Filed: May 11, 2020
    Date of Patent: November 9, 2021
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Kangjin Yoon, Jonghoe Koo, Duckey Lee, Taehyung Lim
  • Patent number: 11171967
    Abstract: Apparatus and methods for generating a unique token that can be imprinted on a document to attest to the verification of an executor's signature. The apparatus and methods may include a platform that may present a token electronically to the executor via a first electronic channel. The executor may use a registered device to capture a portion of the token, and transmit the portion from the registered device to the platform via a second channel to the platform. The platform may verify that the portion is registered to the executor. The platform may combine the portion with another portion of the token, and imprint the pair of combined portions on the document with another token.
    Type: Grant
    Filed: July 28, 2019
    Date of Patent: November 9, 2021
    Assignee: Bank of America Corporation
    Inventors: Manu Kurian, Thomas J. Durkin, Linda Haddad
  • Patent number: 11157918
    Abstract: In an example, a subject using a user mobile-identification-credential device (UMD) requests vetting by a vetting system, which receives verified part or all of subject information associated with a level-n mobile identification credential (MIC-n) that UMD received from a level-n authorizing party system (APS-n). The MIC-n is linked to lower level MIC-0 to MIC-(n?1). The vetting system, as level-n relying party system (RPS-n), uses the verified subject information associated with the linked MIC-0 to MIC-n to verify or not verify the identity of the subject, develops an identity profile of the subject, and determines a vetting result of the subject. MIC-i (i=1 to n) is linked to MIC-(i?1) which UMD received from APS-(i?1), and the APS-i is RPS-(i?1) which verified the identity of the subject using verified part or all of subject information associated with the MIC-(i?1), such that MIC-0 to MIC-n from level-0 to level-n are linked.
    Type: Grant
    Filed: February 5, 2021
    Date of Patent: October 26, 2021
    Assignee: The Government of the United States of America, as represented by the Secretary of Homeland Security
    Inventors: Chang Ellison, Kelli L. Biegger, Daniel A. Boyd, Brandon P. Gutierrez, Jason Lim
  • Patent number: 11153098
    Abstract: A system for recording a digitally signed assertion using an authorization token, includes a cryptographic evaluator designed and configured to receive a dataset and an authorization token. The authorization token includes a verification datum of a device-specific secret possessed by the cryptographic evaluator, a digital signature of a certificate authority generating the authorization token, and a secure temporal attribute. The cryptographic evaluator is configured to produce a secure proof using the device-specific secret. The cryptographic evaluator is configured to generate a first digitally signed assertion as a function of the dataset, the secure proof, and the authorization token. The cryptographic evaluator is configured to enter the first digitally signed assertion in at least an instance of a first temporally sequential listing.
    Type: Grant
    Filed: October 9, 2019
    Date of Patent: October 19, 2021
    Assignee: Ares Technologies, Inc.
    Inventor: Christian T Wentz
  • Patent number: 11138003
    Abstract: A method and system for automatically determining a device-specific configuration for a software application operating on a user device. A configuration monitoring program monitors local user data stored on a user device and generates a device-specific prediction model using a machine learning algorithm applied to the monitored local data. The configuration monitoring program also receives a global prediction model generated remotely using global user data collected from a plurality of user devices. The configuration monitoring program generates a predicted device-specific configuration of the application operating on the user device using prediction data from both the device-specific prediction model and the global prediction model and updates the configuration of the given application using the predicted device-specific configuration.
    Type: Grant
    Filed: April 1, 2020
    Date of Patent: October 5, 2021
    Assignee: Taplytics Inc.
    Inventors: Aaron Mosha Glazer, Jonathan Taylor Norris, Adam James Wootton, Imaad Ahmad Umar, Victor Nikola Vucicevich
  • Patent number: 11132372
    Abstract: The present disclosure provides a method and an apparatus for precise positioning of a scholar based on mining of the scholar's scientific research achievement. The method includes: extracting text information in the scholar's scientific research achievement P to obtain key information, and constructing structural information; mining and constructing implicit information O with a geographic directivity in the scholar's scientific research achievement P according to the key information and the structural information; performing a structural arrangement on the structural information, and acquiring a final result R; and acquiring a mapping of A?R according to the final result R and the matrix U, acquiring and outputting the positioning information of the authors in the set A.
    Type: Grant
    Filed: June 5, 2019
    Date of Patent: September 28, 2021
    Assignee: TSINGHUA UNIVERSITY
    Inventors: Jie Tang, Zhou Shao, Bo Gao, Debing Liu
  • Patent number: 11128534
    Abstract: In one embodiment, a device classification service receives data indicative of network traffic policies assigned to a plurality of device types. The device classification service associates measures of policy restrictiveness with the device types, based on the received data indicative of the network traffic policies assigned to the plurality of device types. The device classification service determines misclassification costs associated with a machine learning-based device type classifier of the service misclassifying an endpoint device of one of the plurality device types with another of the plurality of device types, based on their associated measures of policy restrictiveness. The device classification service adjusts the machine learning-based device type classifier to account for the determined misclassification costs.
    Type: Grant
    Filed: November 19, 2018
    Date of Patent: September 21, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Grégory Mermoud, Pierre-André Savalle, Jean-Philippe Vasseur
  • Patent number: 11109229
    Abstract: Systems, methods, and articles of manufacture comprising processor-readable storage media are provided for implementing security for a network environment using a centralized smart security system. For example, a method includes implementing a network comprising a plurality of network devices which collectively generate data that is utilized by a computing system to execute an application, and implementing a centralized security system as a computing node within the network to manage security operations within the network and to establish secured and trusted communications between the network devices and the computing system. The network devices may comprise wireless sensor devices operating in a wireless sensor network, wherein the computing system executes an IoT (Internet of Things) application which processes the data that is generated by the wireless sensor devices.
    Type: Grant
    Filed: July 9, 2019
    Date of Patent: August 31, 2021
    Assignee: EMC IP Holding Company LLC
    Inventors: Mohamed Sohail, Stephen Todd, Said Tabet, Khaled Ahmed
  • Patent number: 11100209
    Abstract: Systems, methods, and apparatus for authenticating and authorizing clients. A client certificate is used to authenticate and authorize a client (or user). When the client certificate is received, the certificate is authenticated. If the certificate is valid, a username included in the certificate is used to authorize the client. This may be done based on privileges or permissions associated with the user name. Once the client or user is authenticated and authorized, operations requested by the client can be performed as long as permitted by the privileges or permissions.
    Type: Grant
    Filed: December 9, 2019
    Date of Patent: August 24, 2021
    Assignee: EMC IP HOLDING COMPANY LLC
    Inventors: Anjali Anjali, Duc The Dang, Naveen Rastogi, Srinivas Paranthanate, Zhiying Lin, Alan Davie, Mojgan Ghanbaran, Yingjie Ma, Jingwen Zhang
  • Patent number: 11068896
    Abstract: Devices and methods for granting requests for authorization using data of devices associated with requestors are disclosed. A method includes: receiving, by a computing device, a request for authorization; receiving, by the computing device, identification information for at least one device of a requestor; determining, by the computing device, a risk score using the received identification information for the at least one device of the requestor; and in response to the risk score exceeding a predetermined threshold, the computing device granting the request for authorization.
    Type: Grant
    Filed: November 30, 2017
    Date of Patent: July 20, 2021
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Spyridon Skordas, Lawrence A. Clevenger, Richard C. Johnson
  • Patent number: 11070539
    Abstract: A network security system and method implements dynamic access control for a protected resource using run-time contextual information. In some embodiments, the network security system and method implements a dynamic access ticket scheme for access control where the access ticket is based on run-time application context. In other embodiments, the network security system and method implements policy enforcement actions in response to detected violations using application programming interface (API) to effectively block detected policy violations without negatively impacting the operation of the application or the user of the application. In some embodiments, the network security system uses enterprise social collaboration tools to interact with the end-user or with the system administrator in the event of detected security incidents.
    Type: Grant
    Filed: April 4, 2019
    Date of Patent: July 20, 2021
    Assignee: ArecaBay, Inc.
    Inventors: Robert Dykes, Lebin Cheng, Ravindra K. Balupari
  • Patent number: 11070376
    Abstract: A device that includes a secure element or a secure environment receives a token for authenticating a user that has an account with a service provider. The device generates, based on the token, a set of keys that include at least a private key and a public key. The device performs a key authentication procedure to compare the set of keys and a configured set of keys and selects a public key, of the set of keys or the configured set of keys, based on a result of the key authentication procedure. The device causes a device identifier of the device and the public key to be provided to another device that uses the device identifier and the public key to perform an authentication procedure to authenticate the user. The device receives, from the other device, an indication of whether the device is connected to a network.
    Type: Grant
    Filed: June 26, 2019
    Date of Patent: July 20, 2021
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Warren Hojilla Uy, Manuel Enrique Caceres, Bruno Mendez
  • Patent number: 11068575
    Abstract: A system for creating authenticating a user from user information, hardware profile, and combinations thereof, where the hardware profile includes user generated data stored on an electronic device.
    Type: Grant
    Filed: July 12, 2019
    Date of Patent: July 20, 2021
    Assignee: TRAITWARE, INC.
    Inventors: Herbert W. Spencer, III, Christopher M. Canfield, Harlan Hutson, Vince Conroy, Steven A. Hickerson
  • Patent number: 11063927
    Abstract: Techniques for an identity-aware load balancer (ALB) are described. An identity-aware ALB can securely authenticate users when accessing web-based applications accessed through the ALB, or a node of the ALB. An application owner can configure an authentication action in the ALB. When a request for the application is received, the ALB inspects the request for a session cookie to determine whether the requesting user is logged-in. If the request includes a session cookie, the ALB can decrypt the session cookie and provide identity information with the request to the application. If no session cookie is included, or if the session cookie is expired, the ALB can authenticate the user with an identity provider specified in the authentication action. Integrating authentication into an ALB simplifies application development and maintenance, and improves security, since fewer changes to the application stack reduce the chances of errors being introduced.
    Type: Grant
    Filed: May 2, 2018
    Date of Patent: July 13, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Lodaya Varun Mukesh, Hamza Muhammad Arain, Anurag Sanjay Katey, Jing Gao, Alexander Ray Curtis, Oleg Mitrofanov, Prerna Rustagi
  • Patent number: 11063930
    Abstract: A managed directory service receives, from a computer system operated in a first network, a request to obtain a set of credentials usable to access resources in a second network. In response to the request, the managed directory service determines, based at least in part on a first set of permissions in a directory maintained in the second network, that the computer system is authorized to receive the set of credentials. The managed directory service provides the set of credentials to the computer system, which enables use of the set of credentials to identify a second set of permissions for accessing resources in the second network.
    Type: Grant
    Filed: January 12, 2018
    Date of Patent: July 13, 2021
    Assignee: Amazon Technologies, Inc.
    Inventor: Avik Bose
  • Patent number: 11050899
    Abstract: In a case where a driver for a system authentication application preinstalled in an image formation apparatus is active, a display unit displays a screen such that issuance of an instruction to perform authentication based on an authentication method using an IC card is performable. In a case where a driver for a general authentication application installed in the image formation apparatus in accordance with an instruction from a user is active, the display unit displays the screen such that issuance of an instruction to perform authentication based on the authentication method using the IC card is not performable.
    Type: Grant
    Filed: January 13, 2020
    Date of Patent: June 29, 2021
    Assignee: Canon Kabushiki Kaisha
    Inventor: Tetsuya Yamada
  • Patent number: 11025594
    Abstract: Embodiments of the present disclosure disclose a secret information distribution method. The method includes: receiving, by a network functions virtualization infrastructure NFVI, secret information sent by management and orchestration (MANO); creating a virtual trusted platform module (vTPM) in the NFVI, and writing the secret information into the vTPM; receiving, by the network functions virtualization infrastructure NFVI, a virtualized network function VNF initialization command from the MANO, and creating a VNF; and obtaining, by the VNF, the secret information from the vTPM.
    Type: Grant
    Filed: June 28, 2019
    Date of Patent: June 1, 2021
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Fanglong Men, Mihai Serb, Fangzhan Li
  • Patent number: 11023842
    Abstract: Data processing systems and methods, according to various embodiments, are adapted for determining an applicable privacy policy based on various criteria associated with a user and the associated product or service. User and product criteria may be obtained automatically and/or based on user input and analyzed by a privacy policy rules engine to determine the applicable policy. Text from the applicable policy can then be presented to the user. A default policy can be used when no particular applicable policy can be identified using by the rules engine. Policies may be ranked or prioritized so that a policy can be selected in the event the rules engine identifies two, conflicting policies based on the criteria.
    Type: Grant
    Filed: November 2, 2020
    Date of Patent: June 1, 2021
    Assignee: OneTrust, LLC
    Inventors: Richard A. Beaumont, Jonathan Blake Brannon
  • Patent number: 11025610
    Abstract: The described embodiments employ aspects of distributed ledger technologies to facilitate electronic verification and sharing of profile information. Nodes maintaining a distributed ledger include—a first node that generates profile data, and second nodes that generate certificates verifying the generated profile data. The first node can be employed by a client device to generate profile data associated with a first identifier and referencing a second identifier for inclusion on a personal profile, such as a social media webpage. The client device can send the first node a request to have the profile data verified by the referenced second identifier. The profile data can be stored on a distributed ledger so that a second node associated with the second identifier can generate, on behalf of the second identifier, a certificate that verifies the stored profile data.
    Type: Grant
    Filed: November 20, 2018
    Date of Patent: June 1, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Phanindra Krishna Rao Dasika Venkata Devi, Mukunda Dwarkanath Singaiyengar Heragu, Ramprasath Lekshmana Sarma, Bhaveshkumar Rameshchandra Rana, Palli Madhusudhana Reddy, Honey Krishnan Poomalaveetil, Uday Sai Jagannadh Nandipati, Ganesh Prasad Raokutam
  • Patent number: 11016931
    Abstract: Various embodiments relate generally to data science and data analysis, and computer software and systems to provide an interface between repositories of disparate datasets and computing machine-based entities that seek access to the datasets, and, more specifically, to a computing and data storage platform that facilitates consolidation of one or more datasets, whereby data ingestion is performed to form data representing layered data files and data arrangements to facilitate, for example, interrelations among a system of networked collaborative datasets. In some examples, a method may include forming a first layer data file and a second layer data file, assigning addressable identifiers to uniquely identify units of data and data units to facilitate the linking of data, and implementing selectively one or more of a unit of data and a data unit as a function of a context of a data access request for a collaborative dataset.
    Type: Grant
    Filed: March 20, 2018
    Date of Patent: May 25, 2021
    Assignee: data.world, Inc.
    Inventors: David Lee Griffith, Bryon Kristen Jacob, Shad William Reynolds
  • Patent number: 11012495
    Abstract: A method includes receiving an authentication request for a remote session between a managed device and a client device, the authentication request comprising an identifier of a user of the client device and a one-time remote service credential (RSC) passcode. The method also includes providing the user identifier and the one-time RSC passcode to an identity provider and receiving, from the identity provider, a user token for the user of the client device. The method further includes authenticating the user token using a service provider, receiving a set of attributes of the user of the client device responsive to successful authentication of the user token and providing an authentication response to the managed device, the authentication response comprising the set of attributes of the user of the client device which are used to establish the remote session between the managed device and the client device.
    Type: Grant
    Filed: January 9, 2018
    Date of Patent: May 18, 2021
    Assignee: EMC IP Holding Company LLC
    Inventors: Ramakrishna Vakalapudi, Adel Hanna
  • Patent number: 10992667
    Abstract: A first controller generates a first group key, executes first mutual authentication with devices within a group, and shares the first group key with the devices that have succeeded in first mutual authentication. When a second controller joins the group, the first controller decides a coordinator that manages a group key used in common in the group. The first controller executes second mutual authentication with the coordinator, and shares the first group key with the coordinator when the second mutual authentication is successful. The coordinator performs encrypted communication within the group using the first group key, generates a second group key when valid time of the first group key is equal to or smaller than a predetermined value, executes third mutual authentication with the devices and a third controller, and updates the first group key of the devices and the third controller that have succeeded in the third authentication.
    Type: Grant
    Filed: August 27, 2019
    Date of Patent: April 27, 2021
    Assignee: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA
    Inventors: Yuji Unagami, Manabu Maeda, Tomoki Takazoe, Yoichi Masuda, Hideki Matsushima
  • Patent number: 10970193
    Abstract: The disclosed technology relates to a system configured to generate an initial tree state, wherein the initial tree state includes three tree data structures configured to aid in the synchronization of content items managed by a content management system. The system is configured to provide the initial tree state to a client synchronization service, retrieve a final tree state from the client synchronization service, and determine whether the final tree state is correctly synchronized.
    Type: Grant
    Filed: May 23, 2018
    Date of Patent: April 6, 2021
    Assignee: Dropbox, Inc.
    Inventor: Isaac Goldberg
  • Patent number: 10965455
    Abstract: An electronic device is provided. The electronic device includes a first short-range communication module configured to execute short-range communication with a second electronic device, a security module configured to store security information, and a processor configured to receive, from the second electronic device, a pairing key that registers the electronic device as being linked to the second electronic device, transmit session key generation information to the second electronic device when authentication with the second electronic device is completed based on the pairing key, generate a session key based on the session key generation information, encrypt the security information based on the session key, and transmit the encrypted information to the second electronic device.
    Type: Grant
    Filed: October 5, 2018
    Date of Patent: March 30, 2021
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Chol-Seo Park, Eun-Jik Kim
  • Patent number: 10956569
    Abstract: A method for defending a computing system against ransomware attacks is disclosed. In one embodiment, such a method includes identifying, on a computing system, files to be protected against ransomware attacks. The method appends a public key to each of the files. Upon receiving a request to modify a specific file, the method reads the public key appended to the file, requests an authentication token from a user, and computes a private key associated with the files. The method combines the public key, authentication token, and private key to generate an unlock key. This unlock key is compared to a validation key. The method authorizes modification of the file in the event the unlock key matches the validation key. A corresponding system and computer program product are also disclosed.
    Type: Grant
    Filed: September 6, 2018
    Date of Patent: March 23, 2021
    Assignee: International Business Machiness Corporation
    Inventors: Harry R. McGregor, Christopher B. Moore, Oded Margalit, Itzhack Goldberg
  • Patent number: 10958653
    Abstract: A computing resource service provider grants a first set of security permissions to a principal (e.g., a user) which may be used to access a plurality of computing resources. The permissions may be associated with a first security token. The principal may access resources using the first set of security permissions, and a system (e.g., a service provider) may identify a subset of security permissions that are sufficient to provide access to the computing resources accessed by the principal using the first set of permissions. The subset may be associated with the principal. In some cases, the principal operating under the subset of permissions may be denied access to a computing resource and may be granted access to the computing resource by operating under the first set of permissions.
    Type: Grant
    Filed: June 27, 2017
    Date of Patent: March 23, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Kevin Christopher Miller, Rebecca Claire Weiss
  • Patent number: 10939279
    Abstract: The present disclosure relates to a communication technique for combining a 5G communication system for supporting a higher data transmission rate than a 4G system with an IoT technology, and a system therefor. The present disclosure can be applied to 5G communication and IoT related technology-based intelligent services (for example, smart homes, smart buildings, smart cities, smart cars or connected cars, health care, digital education, retail business, security and safety related services, etc.).
    Type: Grant
    Filed: March 24, 2016
    Date of Patent: March 2, 2021
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Jong-Han Park, Duc-Key Lee, Sang-Soo Lee, Tae-Sun Yeoum, Song-Yean Cho
  • Patent number: 10924926
    Abstract: Techniques for using sending communication data using a first communication system and a second communication system are described. When a request is received to send communication data, it is determined that sending the communication data includes the second communication system. A request for updated identification information, such as a security token, is therefore sent to the second communication system prior to, for example, determining further account information related to the initiator of the communication and/or an identity of a recipient of the communication. While the request is pending, additional requests for the identification information are delayed. When the new identification information is received, the communication data is sent.
    Type: Grant
    Filed: February 28, 2019
    Date of Patent: February 16, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Vinaya Nadig, Tu Dien Do
  • Patent number: 10904074
    Abstract: One embodiment provides event handling in a cloud based multi-tenant identity management system. Embodiments receive a plurality of individual events and a request to create a group from the individual events. Embodiments publish the group as a composite event and persist the composite event in a composite queue. Embodiments then dispatch the composite event to a composite handler, parse the composite event and persist the individual events in respective event queues.
    Type: Grant
    Filed: September 18, 2017
    Date of Patent: January 26, 2021
    Assignee: Oracle International Corporation
    Inventors: Gregg Wilson, Arun Theebaprakasam, Manoj Kumar, Rohit Jalan, Yang Li
  • Patent number: 10903996
    Abstract: Selecting a persona for a Decentralized Identifier (DID) and associated DID document based on a trust score. A request for data or services associated with an owner of various decentralized identifiers (DID) is received. Each of the plurality of DIDs may have an associated DID document. The associated DID document for each of the DIDs defines a persona based on an amount of identifying information included in the DID document. Based on the received request, a trust score is assigned to an entity that generated the received request. The trust score is at least partially based on the verifiability of an identity of the entity that generated the received request. Based on the trust score, the persona and the associated DID and DID document that should be used by the owner for interacting with the entity that generated the request is selected.
    Type: Grant
    Filed: May 31, 2018
    Date of Patent: January 26, 2021
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Ankur Patel, Daniel James Buchner
  • Patent number: 10880087
    Abstract: The invention relates to a computer-implemented system and method for service-to-service authentication. The method may comprise deploying the SSA service, deploying a micro service, and providing an SSA client that serves as an interface between the micro service and the SSA service. The micro service can send a request to the SSA service for an authentication token. The SSA service then generates the authentication token for the micro service, which is signed by the SSA service using an SSA service private key. The authentication token can be encrypted so that it is secure when sent by the SSA service to the micro service. The authentication token carries information necessary for the micro service to access a second micro service directly through validation of the authentication token by the second micro service based in part on a private key of the micro service previously generated by the SSA service.
    Type: Grant
    Filed: August 20, 2018
    Date of Patent: December 29, 2020
    Assignee: JPMorgan Chase Bank, N.A.
    Inventors: Dennis Martynov, Atit Shah
  • Patent number: 10880099
    Abstract: This disclosure relates method and system for protecting a computing device from a malware. In one embodiment, the method may include determining a digital trust certificate of a set of computing instructions to be executed by the computing device. The set of computing instructions may form a part of a boot process of the computing device, and may be a firmware, a boot loader, a kernel, a system driver, a start-up file, or an antimalware. The method may further include establishing a chain of trust by validating the digital trust certificate with the computing device. The digital trust certificate may be pre-registered with a local database, accessible by the computing device, by communicating with a centralized certificate authority and policy server. Upon a positive establishment of the chain of trust, the method may further include allowing an execution of the set of computing instructions by the computing device.
    Type: Grant
    Filed: July 24, 2018
    Date of Patent: December 29, 2020
    Assignee: Wipro Limited
    Inventor: Rajeev Kumar Ujjwal
  • Patent number: 10868831
    Abstract: A communication system for authenticate a second communication device to a first communication device, wherein the communication system comprises a physical connection between a first communication device and a second communication device, where a first message may be transmitted from the first communication device, via the physical connection, to the second communication device.
    Type: Grant
    Filed: December 21, 2016
    Date of Patent: December 15, 2020
    Assignee: SENNHEISER COMMUNICATIONS A/S
    Inventors: Arne Lindbjerg Pedersen, Johnny Kristensen, Ole Dahl Spanter
  • Patent number: 10855478
    Abstract: Disclosed is a device and method to secure software update information for authorized entities. In one embodiment, a device for receiving secured software update information from a server, the device includes: a physical uncolonable function (PUF) information generator, comprising a PUF cell array, configured to generate PUF information, wherein the PUF information comprises at least one PUF response output, wherein the at least one PUF response output is used to encrypt the software update information on the server so as to generate encrypted software update information; a first encrypter, configured to encrypt the PUF information from the PUF information generator using one of at least one public key from the server so as to generate encrypted PUF information; and a second encrypter, configured to decrypt the encrypted software update information using one of the at least one PUF response output so as to obtain the software update information.
    Type: Grant
    Filed: August 13, 2018
    Date of Patent: December 1, 2020
    Assignee: Taiwan Semiconductor Manufacturing Co., Ltd.
    Inventor: Shih-Lien Linus Lu
  • Patent number: 10831931
    Abstract: A method for preserving privacy in an HTTP communication between a client and a server includes: intercepting an HTTP request that is sent from the client to the server; extracting a cookie from the HTTP request, the cookie including a cookie name and a cookie value; splitting the cookie value into information segments; and modifying one or more of the information segments based on predefined modification rules.
    Type: Grant
    Filed: March 31, 2016
    Date of Patent: November 10, 2020
    Assignee: NEC LABORATORIES EUROPE GMBH
    Inventors: Roberto Gonzalez Sanchez, Miriam Marciel, Lili Jiang
  • Patent number: 10789352
    Abstract: Method, apparatus and computer program product for multi-device user authentication are described herein. For example, the apparatus includes at least one processor and at least one non-transitory memory including program code.
    Type: Grant
    Filed: October 19, 2018
    Date of Patent: September 29, 2020
    Assignee: Slack Technologies, Inc.
    Inventors: Faisal Yaqub, Chase Rutherford-Jenkins, Graham Hicks
  • Patent number: 10791097
    Abstract: A portable encryption format wraps encrypted files in a self-executing container that facilitates transparent, identity-based decryption for properly authenticated users while also providing local password access to wrapped files when identity-based decryption is not available.
    Type: Grant
    Filed: April 14, 2016
    Date of Patent: September 29, 2020
    Assignee: Sophos Limited
    Inventors: Stefan Ortner, Andreas Berger, Vincent Vanbiervliet, Kenneth D. Ray
  • Patent number: 10785816
    Abstract: A display unit displays an image including information which is necessary to share communication parameters for establishing a wireless connection and information about a scheme for establishing a wireless connection, whereby the connection scheme to be performed is shared with a target apparatus, and a wireless connection is established by using the desired connection scheme.
    Type: Grant
    Filed: March 30, 2016
    Date of Patent: September 22, 2020
    Assignee: Canon Kabushiki Kaisha
    Inventor: Kazuo Moritomo
  • Patent number: 10778663
    Abstract: Aspects of the disclosure relates to managed access to content and/or services. In certain aspects, tokens or other artifacts can be utilized for authentication and authorization.
    Type: Grant
    Filed: March 18, 2014
    Date of Patent: September 15, 2020
    Assignee: Cox Communications, Inc.
    Inventors: Keith Alan Rothschild, Edgar V. Shrum, Muhammad Asif Raza, Richard M. Thomas
  • Patent number: 10756885
    Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for blockchain-based cross-entity authentication are provided. One of the methods includes: obtaining an authentication request by a first entity for authenticating a user, wherein the authentication request comprises a decentralized identifier (DID) of the user; in response to determining that the first entity is permitted to access authentication information of the user endorsed by a second entity, generating a blockchain transaction for obtaining an authentication result of the user by the second entity, wherein the authentication result is associated with the DID; and transmitting the blockchain transaction to a blockchain node for adding to a blockchain.
    Type: Grant
    Filed: January 8, 2020
    Date of Patent: August 25, 2020
    Assignee: Alibaba Group Holding Limited
    Inventors: Shubo Li, Jiawei Liu, Renhui Yang
  • Patent number: 10750050
    Abstract: An image processing apparatus provided with a biological information sensor receives an authentication request including a verification parameter from a service providing system, transmits the verification parameter to an information processing apparatus provided with an authentication module for biometric authentication, and a tamper-resistant storage device configured to store a user's biological information required when an authentication process is performed by the authentication module and a private key generated with respect to the biological information, transmits the biological information acquired by the biological information sensor using an encryption technique to the information processing apparatus, receives signature data, created using the private key extracted when biometric authentication based on the transmitted biological information has succeeded and the verification parameter, from the information processing apparatus, and transmits the signature data to the service providing system.
    Type: Grant
    Filed: October 25, 2018
    Date of Patent: August 18, 2020
    Assignee: CANON KABUSHIKI KAISHA
    Inventor: Tetsuya Matsumoto
  • Patent number: 10728226
    Abstract: A portable encryption format wraps encrypted files in a self-executing container that facilitates transparent, identity-based decryption for properly authenticated users while also providing local password access to wrapped files when identity-based decryption is not available.
    Type: Grant
    Filed: April 14, 2016
    Date of Patent: July 28, 2020
    Assignee: Sophos Limited
    Inventors: Stefan Ortner, Andreas Berger, Vincent Vanbiervliet, Kenneth D. Ray
  • Patent number: 10728034
    Abstract: Examples of the present disclosure describe systems and methods for monitoring the security privileges of a process. In aspects, when a process is created, the corresponding process security token and privilege information is detected and recorded. At subsequent “checkpoints,” the security token is evaluated to determine whether the security token has been replaced, or whether new or unexpected privileges have been granted to the created process. When a modification to the security token is determined, a warning or indication of the modification is generated and the process may be terminated to prevent the use of the modified security token.
    Type: Grant
    Filed: February 23, 2018
    Date of Patent: July 28, 2020
    Assignee: WEBROOT INC.
    Inventors: Andrew Sandoval, Eric Klonowski
  • Patent number: 10719423
    Abstract: An apparatus and associated method are provided for application deployment assessment. In use, a plurality of deployment parameters associated with one or more applications, and a workload profile are received. Further, an application deployment specification is generated, based on the workload profile and the deployment parameters. Still yet, a type of one or more orchestrators on one or more systems is identified. The application deployment specification is processed, based on the identified type of the one or more orchestrators on the one or more systems. Further, the one or more processors execute the instructions to deploy, via an application program interface (API), the one or more applications to the one or more orchestrators on at least one of the one or more systems, and at least one workload generator to at least one of the one or more systems, utilizing the processed application deployment specification. Operational data is collected from one or more monitoring agents on the one or more systems.
    Type: Grant
    Filed: July 12, 2017
    Date of Patent: July 21, 2020
    Assignee: Futurewei Technologies, Inc.
    Inventors: Xiaoyun Zhu, Jinzhong Zhang, Huichao Zhao, Sid Askary, Daniel Chen, CJ Hersh, Yue Chen, Shu Zhang, Jing Ye
  • Patent number: 10715516
    Abstract: Methods and apparatuses are described for time-series database user authentication and access control. A server computing device receives a request from a remote computing device to access a time-series database coupled to the server computing device, wherein the request includes one or more authentication credentials associated with the remote computing device. The server computing device validates the one or more authentication credentials associated with the remote computing device. The server computing device connects to an access control layer associated with the time-series database. The access control layer authorizes the remote computing device to access data in the time-series database based upon an access profile associated with the validated authentication credentials. The server computing device retrieves data from the time-series database in response to the request.
    Type: Grant
    Filed: August 30, 2019
    Date of Patent: July 14, 2020
    Assignee: FMR LLC
    Inventors: Edward Colletta, Mrinal Vala
  • Patent number: 10706362
    Abstract: Certain relationships representing material insights are identified from among a set of discovered relationships. Cognitive discovery of relationships in a knowledge base, or corpus, are ranked according to one or more metrics indicative of material insights, including recentness and degree of alignment.
    Type: Grant
    Filed: October 9, 2017
    Date of Patent: July 7, 2020
    Assignee: International Business Machines Corporation
    Inventors: John B. Gordon, John P. Hogan, Sanjay F. Kottaram
  • Patent number: 10686889
    Abstract: A handshake procedure to establish a first connection between a client and a server is monitored at an intermediate network device. A request message sent to the server from the client is received at the intermediate network device. The request message includes parameters defining a manner of receiving information from the server. The parameters defining the manner of receiving information from the server are modified to produce modified parameters. A redirect message is sent from the intermediate network device to the client to induce or cause the client to establish a second connection with the server based upon the modified parameters, wherein the redirect message contains the modified parameters.
    Type: Grant
    Filed: February 27, 2019
    Date of Patent: June 16, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: Manish Pathak, Venkatesh N. Gautam, Jianxin Wang
  • Patent number: 10671375
    Abstract: Systems and methods are provided for managing mobile device updates. In some embodiments, the disclosed systems can include a key provisioning system, a key system, and mobile devices. The key provisioning system can provide keys to the mobile devices and the key system. The key system can receive a key from the key provisioning system, receive a request from an application system, calculate a first token, and provide the first token to the application system for transmission to a mobile device. The mobile device can receive a key from the key provisioning system, establish a local connection with a connected device, receive an application and the first token from the connected device, generate a second token using the application and the key, compare the first token and the second token, and update the mobile device according to the application based on a result of the comparison.
    Type: Grant
    Filed: June 21, 2019
    Date of Patent: June 2, 2020
    Assignee: Capital One Services, LLC
    Inventor: Adam Koeppel
  • Patent number: 10673837
    Abstract: Aspects of the disclosure relate to processing systems using improved domain pass-through authentication techniques. A computing platform may send, to an external cloud computing platform, one or more registration requests that each may cause an RLS endpoint corresponding to each of a plurality of resource location connectors to be stored at the external cloud computing host platform. The computing platform may receive one or more requests for a resource location identifier. The computing platform may determine an accessible resource location connector and may send, to the user device, a corresponding resource location identifier. After receiving a pass-through authentication request, the computing platform may receive, from the ticketing service stored on the external cloud computing platform, a one-time ticket. The computing platform may send, to the user device, the one-time ticket, which may allow the user device to perform pass-through authentication with the external cloud computing platform.
    Type: Grant
    Filed: June 1, 2018
    Date of Patent: June 2, 2020
    Assignee: Citrix Systems, Inc.
    Inventor: Feng Huang