Proxy Server Or Gateway Patents (Class 726/12)
  • Patent number: 11902147
    Abstract: A communication system includes: a management server that receives, from an information terminal connectable to a first network, a connection request for connecting to a web service provided by a web server connectable to a second network; first communication control circuitry that controls communication of a communication apparatus connectable to the second network, and second communication control circuitry that controls communication of the information terminal. The first communication control circuitry connects to a relay server that relays communication between the second network and the first network. The second communication control circuitry connects the information terminal to the relay server. A request for the web service provided by the web server and a response to the request are transmitted and received between a web browser of the information terminal and the web server via the relay server and the first communication control circuitry.
    Type: Grant
    Filed: April 12, 2022
    Date of Patent: February 13, 2024
    Assignee: Ricoh Company, Ltd.
    Inventors: Hiroshi Ota, Motohiro Nagao
  • Patent number: 11886593
    Abstract: A method of certifying a state of a platform includes receiving one or more software elements of a software stack of the platform by an authentication module and performing a hash algorithm on the software stack to generate one or more hash values. The software stack uniquely determines a software state of the platform. The method includes generating creation data, a creation hash, and a creation ticket, corresponding to the hash values and sending the creation ticket to the platform. The method also includes receiving the creation ticket by the authentication module and certifying the creation data and the creation hash based on the creation ticket. The method further includes generating a certified structure based on the creation data and performing the hash algorithm on the certified structure to generate a hash of the certified structure. The certified structure uniquely determines the software state of the platform.
    Type: Grant
    Filed: February 13, 2023
    Date of Patent: January 30, 2024
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Ludovic Emmanuel Paul Noel Jacquin, Hamza Attak, Nigel Edwards
  • Patent number: 11882108
    Abstract: Systems and methods are disclosed for accessing protected data. A computing device may have a secured stared storage accessible by two or more applications operating on the mobile device. The computing device may obtain a first token from an authorization service to verify user identity for a first application. The first token may be stored in the shared storage area, and be accessible to one or more applications sharing the storage space. In response to a user attempt to access a web service using a second application, the user identity may be verified using the first token. The authorization service may verify user credentials, and send a second token to the computing device. The second token may be a proxy ticket authorizing access and exchange of protected data between the second application and a web service. The second token may also be stored in the secure storage area.
    Type: Grant
    Filed: February 23, 2023
    Date of Patent: January 23, 2024
    Assignee: TRANSFORM SR BRANDS LLC
    Inventors: Eui Chung, Jen-Hao Yang, Bharath Sridharan, Jim Pier
  • Patent number: 11882098
    Abstract: A method that is performed to access data nodes of a data cluster. The method includes obtaining, by a data access gateway (DAG), a request from a host; and in response to the request, obtaining bidding counters from the data nodes; obtaining metadata mappings from the data nodes; identifying, based on the bidding counters and metadata mappings, a data node of the data nodes associated with a highest bidding counter of the bidding counters and an appropriate metadata mapping of the metadata mappings; and sending the request to the data node.
    Type: Grant
    Filed: July 23, 2020
    Date of Patent: January 23, 2024
    Assignee: Dell Products L.P.
    Inventors: Dharmesh M. Patel, Ravikanth Chaganti
  • Patent number: 11863569
    Abstract: Various systems and methods for bus-off attack detection are described herein. An electronic device for bus-off attack detection and prevention includes bus-off prevention circuitry coupled to a protected node on a bus, the bus-off prevention circuitry to: detect a transmitted message from the protected node to the bus; detect a bit mismatch of the transmitted message on the bus; suspend further transmissions from the protected node while the bus is analyzed; determine whether the bit mismatch represents a bus fault or an active attack against the protected node; and signal the protected node indicating whether a fault has occurred.
    Type: Grant
    Filed: November 17, 2021
    Date of Patent: January 2, 2024
    Assignee: INTEL CORPORATION
    Inventors: Marcio Rogerio Juliato, Shabbir Ahmed, Santosh Ghosh, Christopher Gutierrez, Manoj R. Sastry
  • Patent number: 11855977
    Abstract: A device may determine that a network function of a network is to use a secure communication protocol. The network function may be configured to facilitate communication via the network. The device may identify a component of a resource configuration that is to instantiate the network function. The device may instantiate, using the component, a proxy for the network function. The device may configure the proxy to obtain a certificate that is associated with the secure communication protocol. The device may cause the proxy to use the certificate to communicate with another proxy that is associated with the network function to perform an operation associated with the network function.
    Type: Grant
    Filed: October 12, 2022
    Date of Patent: December 26, 2023
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Amit Mahajan, Jayesh Kumar Laad, John M. Bittenbender
  • Patent number: 11848962
    Abstract: Disclosed are various approaches for providing authentication of a user and a client device. A user's credentials can be authenticated by an identity provider. In addition, a device posture assessment that analyzes the device from which the authentication request originates is also performed. An authentication request can be authenticated based upon whether the device posture assessment reveals that device to be a managed device that is in compliance with compliance rules.
    Type: Grant
    Filed: September 24, 2020
    Date of Patent: December 19, 2023
    Assignee: AirWatch, LLC
    Inventors: Craig Farley Newell, Jonathan Blake Brannon, Kabir Barday, Ashish Jain
  • Patent number: 11841698
    Abstract: Arrangement and method for securely executing an automation program in a cloud computing environment, wherein the automation program is installed on computer hardware in a public IT infrastructure, and wherein the computer hardware is connected via a data connection to a cloud server, where the connection and a dedicated runtime environment of the computer hardware are configured such that the automation program is transferrable onto the computer hardware and its execution can be monitored via the server and data connection, such that the automation program and sensitive information, i.e.
    Type: Grant
    Filed: September 23, 2020
    Date of Patent: December 12, 2023
    Assignee: SIEMENS AKTIENGESELLSCHAFT
    Inventors: Markus Höfele, Peter Kob, Rolf Schrey, Armin Zeltner
  • Patent number: 11838323
    Abstract: Methods, systems, and devices for server-initiated secure sessions are described. A browser application may connect to a portal, where the portal may transmit a command to a server agent to initiate a secure session with an endpoint device. The server agent may be housed in a destination server, and may establish a secure connection with an intermediary server using a secure communication protocol. The secure connection may be made by directing the destination server to open an out-bound connection through a firewall of the destination server. A browser session may be redirected to the intermediary server from the browser application, and the intermediary server may route the browser session traffic to the secure connection.
    Type: Grant
    Filed: May 12, 2021
    Date of Patent: December 5, 2023
    Assignee: JumpCloud, Inc.
    Inventors: Rajat Bhargava, Christopher Marie, James Brown
  • Patent number: 11831545
    Abstract: This disclosure relates to a fully software-defined, fully virtualized, and customizable mobile communication platform deployed on public cloud infrastructure. Such mobile networks allows for end to end control of automatic and programmatic deployment and configuration of the mobile network components. The implementations below effectively enables instant creation and deployment of a true private global end-to-end Software Defined Network (SDN) for 3G, 4G, LTE, and 5G mobile communication from the ground up. Users will effectively act their own mobile carrier, allowing them to customize the features available to them via a programmatic interface.
    Type: Grant
    Filed: February 28, 2020
    Date of Patent: November 28, 2023
    Assignee: Telnyx LLC
    Inventors: Anirudh Tyagi, Mohamed Kamar, David Casem
  • Patent number: 11822679
    Abstract: The host computer securitization architecture, which comprises: an offline source server, an offline provisioning server configured to connect with a portable mobile securitization server via a wired communication, an administration server configured to monitor and interact with at least one portable mobile securitization server, at least one portable mobile securitization server configured to connect via a wired communication to a host computer, said portable mobile securitization server comprising: a connector to mechanically connect and establish a removable wired communication between the mobile server and the host computer, a first wired bidirectional communicator with the host computer, a second of bidirectional communicator with a data storage peripheral or a data network and a unit securing the communication between the host computer and the data storage mobile server or the data network, this communication being established between the first and the second communicator, a blockchain comprising
    Type: Grant
    Filed: February 7, 2022
    Date of Patent: November 21, 2023
    Inventor: Vladimir Mickael Leal Monteiro
  • Patent number: 11811799
    Abstract: A method, system and computer-usable medium for constructing a distribution of interrelated event features. The constructing a distribution of interrelated event features includes receiving a stream of events, the stream of events comprising a plurality of events; extracting features from the plurality of events; constructing a distribution of the features from the plurality of events; and, analyzing the distribution of the features from the plurality of events.
    Type: Grant
    Filed: August 31, 2018
    Date of Patent: November 7, 2023
    Assignee: Forcepoint LLC
    Inventors: Eduardo Luiggi, Christopher Poirel, Ann Irvine
  • Patent number: 11811553
    Abstract: A vehicle relay device includes a plurality of communication ports. Each of the plurality of communication ports communicate with a communication device as a node in accordance with an Ethernet standard. A connection permission node that is a node to be connected is predefined for each of the plurality of communication ports. The vehicle relay device does not communicate with an unregistered node that is a node not registered as the connection permission node.
    Type: Grant
    Filed: March 10, 2021
    Date of Patent: November 7, 2023
    Assignee: DENSO CORPORATION
    Inventor: Shuhei Itoda
  • Patent number: 11797670
    Abstract: A determination method includes determining an attack type of an attack code included in an attack request on a server, carrying out emulation of an attack by the attack code on the server in accordance with the determined attack type, extracting a feature related to a backdoor operation appearing in an attack code on the server in a case of succeeding in an attack on the server as a result of the emulation, and determining that an attack by the attack code has succeeded in a case where a communication log of the server has the extracted feature, by a processor.
    Type: Grant
    Filed: April 15, 2019
    Date of Patent: October 24, 2023
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Yo Kanemoto, Kazufumi Aoki
  • Patent number: 11799871
    Abstract: A security level of data generated by an application may be communicated from the application layer to the network layer and that security level used to determine of several available network connects for transmitting the data. A method of communicating may include associating the plurality of network connections with security levels to form associations, the associations indicating security levels of data that may be transmitted over each of the plurality of network connections; receiving, at the network layer, data for transmission; determining, at the network layer, a security level for the data; determining, at the network layer, at least one network connection of a plurality of network connections to transmit the data based, at least in part, on the security level; and transmitting the data packet over the at least one network connection.
    Type: Grant
    Filed: October 22, 2020
    Date of Patent: October 24, 2023
    Assignee: Dell Products L.P.
    Inventors: Dileep Kumar Soma, Harpreet Narula, Brian E. Manser
  • Patent number: 11777906
    Abstract: A method for enforcing entitlements includes configuring a wide variety of entitlements at a server; determining applicable combination of entitlements for a given client request; sending entitlements to the requesting client securely; handling entitlement information securely on a plurality of client devices at run time; storing entitlement information securely on a plurality of client devices for offline use; and enforcing entitlements on a plurality of client devices. The method employs manipulation of manifest files by a proxy that may be included in the client device or located in the network.
    Type: Grant
    Filed: September 30, 2022
    Date of Patent: October 3, 2023
    Assignee: Ericsson AB
    Inventors: Mikhail Mikhailov, Raj Nair
  • Patent number: 11755721
    Abstract: The present disclosure relates to a computer implemented method for executing an application. The method comprises: executing a bootloader in a trusted execution environment, wherein the executing comprises: decrypting received encrypted secrets using decryption keys of the boot loader, storing the decrypted secrets in a storage accessible by the application, creating a proof record indicating the application, the secrets and the trusted execution environment, storing the proof record in the storage, and deleting the decryption keys. The application may be executed in the trusted execution environment using the decrypted secrets. The proof record may be provided by the application for proving authenticity.
    Type: Grant
    Filed: October 25, 2021
    Date of Patent: September 12, 2023
    Assignee: International Business Machines Corporation
    Inventors: Angel Nunez Mencias, Nicolas Maeding, Peter Morjan, Dirk Herrendoerfer
  • Patent number: 11757880
    Abstract: A method and system for performing authentication are described. The method and system include receiving, from a client, a communication for a data source at a wrapper. The wrapper includes a dispatcher and a service. The dispatcher receives the communication and is data agnostic. The communication is provided from the dispatcher to the service. The service determines whether the client is authorized to access the data source utilizing multi-factor authentication.
    Type: Grant
    Filed: August 22, 2019
    Date of Patent: September 12, 2023
    Assignee: Cyral Inc.
    Inventors: Manav Ratan Mital, Srinivas Nageswarrao Vadlamani, Pramod Chandraiah, Hugo Araújo de Sousa
  • Patent number: 11757917
    Abstract: The disclosure provides an approach for detecting and preventing attacks in a network. Embodiments include receiving network traffic statistics of a system. Embodiments include determining a set of features of the system based on the network traffic statistics. Embodiments include inputting the set of features to a classification model that has been trained using historical features associated with labels indicating whether the historical features correspond to attacks. Embodiments include receiving, as output from the classification model, an indication of whether the system is a target of an attack. Embodiments include receiving additional statistics related to the system. Embodiments include analyzing, in response to the indication that the system is the target of the attack, the additional statistics to identify a source of the attack. Embodiments include performing an action to prevent the attack based on the source of the attack.
    Type: Grant
    Filed: October 23, 2020
    Date of Patent: September 12, 2023
    Assignee: VMware, Inc.
    Inventors: Santosh Pallagatti Kotrabasappa, Sairam Veeraswamy, Jayneeta Sinha, Suriyan S.
  • Patent number: 11748132
    Abstract: A method is implemented by a computing device to configure and monitor a virtual application in a cloud environment. The method includes generating instructions for configuring and monitoring the virtual application based on configuration data for the virtual application, modifying an injection virtual appliance image to include the instructions for configuring and monitoring the virtual application, where the injection virtual appliance image is a template for instantiating an injection virtual appliance (e.g., a software container or unikernel) that is to configure and monitor the virtual application according to the instructions, modifying a virtual application deployment descriptor for the virtual application to indicate that the injection virtual appliance is to be injected into the virtual application, and causing the virtual application, with the injection virtual appliance, to be deployed in the cloud environment using the modified virtual application deployment descriptor.
    Type: Grant
    Filed: April 17, 2020
    Date of Patent: September 5, 2023
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Hoang Do, Sergey Odobetskiy
  • Patent number: 11750618
    Abstract: A system for protecting public cloud-hosted virtual resources features cloud visibility logic. According to one embodiment, the cloud visibility logic includes credential evaluation logic, data collection logic, correlation logic, and reporting logic. The credential evaluation logic is configured to gain authorized access to a cloud account within a first public cloud network. The data collection logic is configured to retrieve account data from the cloud account, while the correlation logic is configured to conduct analytics on the account data to determine whether the cloud account is subject to a cybersecurity threat or misconfiguration. The reporting logic is configured to generate an alert when the cloud account is determined by the correlation logic to be subject to the cybersecurity threat or misconfiguration.
    Type: Grant
    Filed: March 31, 2022
    Date of Patent: September 5, 2023
    Assignee: FireEye Security Holdings US LLC
    Inventors: Sai Vashisht, Sumer Deshpande, Sushant Paithane, Rahul Khul
  • Patent number: 11750481
    Abstract: A method for visualizing network flows of a network is provided. The method monitors network flows between a group of machines in a network. The method associates identifiers with the monitored network flows. The method aggregates the monitored network flows into a set of groups based on the associated identifiers. The method displays a set of flow records for the each group of the set of groups.
    Type: Grant
    Filed: February 21, 2022
    Date of Patent: September 5, 2023
    Assignee: NICIRA, INC.
    Inventors: Kaushal Bansal, Uday Masurekar, Srinivas Nimmagadda, Jingmin Zhou, Abhishek Goliya, Amit Chopra, Kausum Kumar
  • Patent number: 11743956
    Abstract: The invention relates to a multi-carrier base station and a method performed at the multi-carrier base station configured to enable wireless access to wireless communication terminals. In an aspect, a device is provided configured to provide wireless communication access to wireless communication terminals. The device comprises a Base Transceiver Station (BTS), configured to be connectable to a core network, a tethering access point, and at least one antenna. The BTS is configured to provide at least a first carrier via the at least one antenna for Third Generation Partnership Project (3GPP) wireless access, and further to provide the tethering access point via a wired connection with at least a second carrier exclusively used by the tethering access point for 3GPP access. Moreover, the tethering access point is configured to provide non-3GPP wireless access via the at least one antenna.
    Type: Grant
    Filed: February 19, 2016
    Date of Patent: August 29, 2023
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Sajjadul Latif, Chenguang Lu, Kim Laraqui
  • Patent number: 11743299
    Abstract: System, method, and apparatus of securing and managing Internet-connected devices and networks. A wireless communication router is installed at a customer venue, and provides Internet access to multiple Internet-connected devices via a wireless communication network that is served by the router. A monitoring and effecting unit of the router performs analysis of traffic that passes through the router; identifies which Internet-connected devices send or receive data; and selectively enforces traffic-related rules based on policies stored in the router. Optionally, the monitoring and effecting unit is pre-installed in the router in a disabled mode; and is later activated after the router was deployed at a customer venue. Optionally, the router notifies the Internet Service Provider the number and type of Internet-connected devices that are served by the router.
    Type: Grant
    Filed: April 29, 2021
    Date of Patent: August 29, 2023
    Assignee: ALLOT LTD.
    Inventors: Yair Manor, Yaron Muzikant
  • Patent number: 11743232
    Abstract: Systems, methods, and computer-readable media are provided for software defined branch single IP orchestration. An example method can include establishing, by a controller, a secure tunnel agent to an orchestrator, generating, by the controller, a single IP address on a virtual router for a virtual branch site, and monitoring, by the controller, reachability of the single IP address on the virtual router.
    Type: Grant
    Filed: July 29, 2021
    Date of Patent: August 29, 2023
    Assignee: Cisco Technology, Inc.
    Inventors: Alexander Yeh, Yanping Qu, Kaushik Pratap Biswas
  • Patent number: 11736447
    Abstract: A method that is performed to access data nodes of a data cluster. The method includes obtaining, by a data access gateway (DAG), a first request from a host; and in response to the first request, obtaining first bidding counters from the data nodes; obtaining first metadata mappings from the data nodes; making a first determination that the first request may not be served using any data node in an accelerator pool of the data cluster; and in response to the first determination, identifying, based on the bidding counters and metadata mappings, a data node in a non-accelerator pool of the data cluster associated with a first highest bidding counter of the bidding counters and a first appropriate metadata mapping of the metadata mappings; and sending the first request to the data node in the non-accelerator pool of the data cluster.
    Type: Grant
    Filed: July 23, 2020
    Date of Patent: August 22, 2023
    Assignee: Dell Products L.P.
    Inventors: Dharmesh M. Patel, Ravikanth Chaganti
  • Patent number: 11729143
    Abstract: The present disclosure relates to network security software cooperatively configured on plural nodes to authenticate and authorize devices, applications, users, and data protocol in network communications by exchanging nonpublic identification codes, application identifiers, and data type identifiers via pre-established communication pathways and comparing against pre-established values to provide authorized communication and prevent compromised nodes from spreading malware to other nodes.
    Type: Grant
    Filed: February 17, 2021
    Date of Patent: August 15, 2023
    Assignee: Stealthpath, Inc.
    Inventors: Mike Clark, Andrew Gordon, Matt Clark
  • Patent number: 11711343
    Abstract: Web-filtering operations may be implemented on the user device, rather than on a centralized proxy server, to improve reliability, performance, and/or security of the web-filtering operations. Some or all of the necessary functions related to web-filtering may be performed on the end user device to remove the complexity and security issues inherent with the current methodology. One technique for allowing operation of proxy servers on user devices is to install smart agents on the user device. The smart agents, under control of a management server, may configure the proxy server, issue trust certificates to applications on the device, and/or provide proxy access configuration (PAC) files to applications on the device.
    Type: Grant
    Filed: October 14, 2020
    Date of Patent: July 25, 2023
    Assignee: Lightspeed Solutions, LLC
    Inventors: Robert Chambers, Kevin Sanders
  • Patent number: 11706098
    Abstract: Embodiments are described herein for systems and methods for continuously monitoring a network structure of one or more networks using a cloud-based network monitoring system, and rearranging, using the cloud-based network monitoring system, the network structure of the one or more networks to protect confidential and/or prioritized assets of the one or more networks based at least in part on the monitoring of the network structure of the one or more networks. In certain embodiments, the cloud-based network monitoring system is configured to continuously monitor a network structure of one or more networks, and to automatically rearrange the network structure of the one or more networks to protect confidential and/or prioritized assets of the one or more networks based at least in part on the continuous monitoring of the network structure of the one or more networks.
    Type: Grant
    Filed: June 29, 2022
    Date of Patent: July 18, 2023
    Assignee: United Services Automobile Association (USAA)
    Inventor: Timothy Blair Chalmers
  • Patent number: 11671246
    Abstract: A data provisioning device is arranged for provisioning a data processing entity from a set of data processing entities sharing the same joint decryption key. The data provisioning device comprises: a network interface configured to receive the provisioning data for provisioning the data processing entity, a joint encryption key associated with the joint decryption key, and control information indicating a processing scheme to be deployed by the data provisioning device when provisioning the data processing entity; a processor configured to process the provisioning data according to the control information to obtain processed provisioning data, to cryptographically encrypt the processed provisioning data using the received joint encryption key to obtain encrypted processed provisioning data; and a device interface configured to transmit the encrypted processed provisioning data to the data processing entity.
    Type: Grant
    Filed: October 29, 2020
    Date of Patent: June 6, 2023
    Assignee: Secure Thingz Limited
    Inventors: Stephan Spitz, Haydn Povey
  • Patent number: 11652693
    Abstract: The present disclosure relates to a method for anchoring an edge cloud to a central cloud, the method being performed in a cloud environment comprising a central cloud and an edge cloud, the method comprising obtaining (S238, S310), by a connectivity controller of an edge cloud, an address of an anchoring registry of a central cloud; sending (S240, S312), by the connectivity controller, to the anchoring registry, information about networking configuration of the edge cloud; setting up (S246, S314), by an orchestrator of the central cloud, a virtual private network, VPN, service in the central cloud; requesting (S248, S316), by the orchestrator of the central cloud, edge VPN configuration information from the central VPN service, based on the information about networking configuration of the edge cloud; sending (S252, S318), by the anchoring registry, the edge VPN configuration information, to an orchestrator of the edge cloud; creating (S258, S320), by an orchestrator of the edge cloud, an edge VPN service, b
    Type: Grant
    Filed: September 4, 2019
    Date of Patent: May 16, 2023
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Miljenko Opsenica, Tero Kauppinen, Miika Komu, Timo Simanainen
  • Patent number: 11652799
    Abstract: A method including receiving, at a first VPN server during an established VPN connection, a first data request and a second data request from a user device; transmitting, by the first VPN server during the established VPN connection, the first data request and the second data request to a second VPN server; and receiving, by the first VPN server from the second VPN server during the established VPN connection, first data associated with the first data request and second data associated with the second data request, the first data being retrieved by the second VPN server using a first exit IP address associated with the second VPN server and the second data being retrieved by the second VPN server using a second exit IP address associated with the second VPN server, the second exit IP address being different from the first exit IP address. Various other aspects are contemplated.
    Type: Grant
    Filed: February 26, 2022
    Date of Patent: May 16, 2023
    Assignee: Oversec, UAB
    Inventors: Tomas Kolaitis, Vytautas Neubauer
  • Patent number: 11641344
    Abstract: The invention relates to a housing (30) for managing access to an industrial network (10), to which industrial equipment (U1, U2, U3) is connected, the management housing (30) comprising: —a channel (30a) for access to an internet-type data network, said channel (30a) for access to the data network comprising a cut-off unit (33); —a channel (30b) for controlling the channel (30a) for access to the data network, said control channel (30a) comprising a controller (31) configured to control the cut-off unit (33) so as to allow communication between the industrial network and the data network, the cut-off unit comprising a cut-off relay that can be activated by means of a control signal emitted by the controller (31).
    Type: Grant
    Filed: March 14, 2019
    Date of Patent: May 2, 2023
    Assignee: SAFRAN AIRCRAFT ENGINES
    Inventors: Pascal Noirfalise, Thibaut Barrouillet, Sylvain Eric Alain Belrepayre, Fabien Fouillet, Jean Vias
  • Patent number: 11625723
    Abstract: There are provided systems and methods for a machine learning-based network trained to perform risk assessment through device data. A service provider server receives device data of a user device associated with a merchant account registered with a merchant server for a merchant service, and receives, from the merchant server, a request containing a unique token identifier for initiating a risk assessment operation to generate a device assessment score for the user device, where the device assessment score indicates a level of risk between the user device and the merchant account. The service provider server selects a risk assessment engine to perform the risk assessment operation and generates the device assessment score and a narrative for the device assessment score, and sends, to the merchant server through an application programming interface, a message containing a unique device identifier for the user device, the device assessment score and the narrative.
    Type: Grant
    Filed: May 28, 2020
    Date of Patent: April 11, 2023
    Assignee: PAYPAL, INC.
    Inventors: Manickkam Pandian, Souradeep Sen, Ranjit K. Valasa, Suchita Shridhar Shirke, Sabarirajan Jeeva
  • Patent number: 11616771
    Abstract: Systems and methods are disclosed for accessing protected data. A computing device may have a secured stared storage accessible by two or more applications operating on the mobile device. The computing device may obtain a first token from an authorization service to verify user identity for a first application. The first token may be stored in the shared storage area, and be accessible to one or more applications sharing the storage space. In response to a user attempt to access a web service using a second application, the user identity may be verified using the first token. The authorization service may verify user credentials, and send a second token to the computing device. The second token may be a proxy ticket authorizing access and exchange of protected data between the second application and a web service. The second token may also be stored in the secure storage area.
    Type: Grant
    Filed: August 17, 2018
    Date of Patent: March 28, 2023
    Assignee: TRANSFORM SR BRANDS LLC
    Inventors: Eui Chung, Jen-Hao Yang, Bharath Sridharan, Jim Pier
  • Patent number: 11601519
    Abstract: Methods, systems, and computer programs are presented for lowering network latency for cloud-based services. Service-delivery edge locations allow customers to improve communication-providers public and private network connectivity for improved performance. One method includes operations for performing, by an edge server, a handshake to establish a communication session between a client and a main server, and for exchanging data between the client and the main server via the edge server. The handshake includes exchanging, by the edge server, communication initiation messages with the client, and validating, by the edge server, authentication credentials for the communication session based on the communication initiation messages.
    Type: Grant
    Filed: August 12, 2020
    Date of Patent: March 7, 2023
    Assignee: Twilio Inc.
    Inventors: Alexander Philip Lowe, Madeleine Genevieve Muscari, Robert Charles Hagemann, III, Christer Jan Erik Fahlgren, Jeremy Andrew McEntire, Erik A. Jansson, Humberto Reyes, Evan Kyle Fossier, Jingming Niu
  • Patent number: 11593708
    Abstract: An integrated neural network and semantic system applies a neural network to interpret an image, determines a syntactical element corresponding to the image in accordance with the interpretation, and determines a first probability that represents a confidence level that the correspondence is accurate. A semantic chain and associated second probability are then generated based on the syntactical element and the first probability, whereby the second probability represents the system's confidence level that the semantic chain accurately reflects objective reality. A natural language communication is generated for delivery to a user that comprises syntactical elements that are in accordance with the semantic chain and the second probability. The communication may further be expected to result in receiving information that will influence the confidence level that the semantic chain accurately reflects objective reality.
    Type: Grant
    Filed: October 23, 2019
    Date of Patent: February 28, 2023
    Assignee: ManyWorlds, Inc.
    Inventors: Steven Dennis Flinn, Naomi Felina Moneypenny
  • Patent number: 11588786
    Abstract: According to one or more embodiments, a system can comprise a processor and a memory that can store executable instructions that, when executed by the processor, facilitate performance of operations. The operations can include establishing a wireless connection to a wireless network. The operations can further include receiving, via the wireless connection, data from a gateway device, that has been communicated via a network device of a publicly accessible network, wherein the data has been compared, by the gateway device, to a template of anomalous activity.
    Type: Grant
    Filed: December 2, 2019
    Date of Patent: February 21, 2023
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventors: Mike Iapalucci, Myra Agostino, Zhi Cui, Jason Robbins, Gregory Stockman
  • Patent number: 11575709
    Abstract: Disclosed herein are methods, systems, and processes for monitoring scan attempts in a network. A virtual security appliance with multiple ports is deployed in a network. One or more ports are obfuscated via the virtual security appliance to make the various ports appear to be closed. An address of the virtual security appliance within the network is modified, the several ports are adjusted to assume a predetermined profile, a network neighbor's profile is discovered and emulated, and a received connection attempt intended for the virtual security appliance is monitored.
    Type: Grant
    Filed: March 15, 2021
    Date of Patent: February 7, 2023
    Assignee: Rapid7, Inc.
    Inventors: Roy Hodgman, Jeffrey D. Myers
  • Patent number: 11570208
    Abstract: An electronic device and a control method thereof are provided. The electronic device includes an Internet protocol (IP) address corresponding to a domain name of a web page when a user command inputting the domain name is received, identifies a number of hops included in a network path connecting a server corresponding to the obtained IP address and the electronic device to each other, and determines that a man-in-the-middle attack exists in a network when a communication connection with the server is established on the basis of a smaller number of hops than the identified number of hops.
    Type: Grant
    Filed: January 29, 2020
    Date of Patent: January 31, 2023
    Assignee: Samsung Electronics Co., Ltd.
    Inventor: Joonghwan Lee
  • Patent number: 11550608
    Abstract: Guest-to-host virtual networking can include linking a virtual entity proxy to a network adapter of a host machine through a virtual bridge. In response to a request that starts a guest running on the host machine, the guest can be configured to point to the virtual entity proxy and to communicatively couple to a network through the virtual entity proxy linked to the network adapter of the host machine. The virtual entity proxy can be bound to the network, such that the virtual entity proxy intermediates communications between the guest and one or more other guests running on one or more different host machines that are also communicatively coupled to the network.
    Type: Grant
    Filed: October 31, 2019
    Date of Patent: January 10, 2023
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Akshay Nair, Phil Coulthard, Vadim Berestetsky, Farhan Arshad, Aditya Jain, Hsing Gen Alexander Wu, Sami El Cheikh
  • Patent number: 11546370
    Abstract: Methods and systems are disclosed for anti-replay protection for network packet communications. A scorecard is stored that includes packet sequence numbers for received packets associated with a network packet flow. For each received packet, an anti-replay unit accesses the scorecard for an initial check to determine if the current packet represents a late packet and/or a replay packet. After further processing, the anti-replay unit accesses the scorecard for a final check to determine if the current packet represents a replay packet. For one embodiment, the initial check uses a first window of packet sequence numbers, and the final check uses a second window of packet sequence numbers that is larger than the first window. For further embodiments, multiple processing units operate in parallel to process received packets and to share the anti-replay unit, and each processing unit requests initial and final checks for received packets it processes.
    Type: Grant
    Filed: January 31, 2018
    Date of Patent: January 3, 2023
    Assignee: NXP USA, Inc.
    Inventors: Steve D. Millman, Michael J. Torla, David Abdoo
  • Patent number: 11544152
    Abstract: Systems and methods for providing data protection operations including cyber-threat protection operations. A sentiment analysis may be performed using language analysis to identify or determine a general or specific sentiment with or without intent to do harm. A score of the sentiment is then determined to assess risk. The data backup policy can be updated based on the assessed risk.
    Type: Grant
    Filed: July 19, 2019
    Date of Patent: January 3, 2023
    Assignee: EMC IP HOLDING COMPANY LLC
    Inventors: Amihai Savir, Assaf Natanzon, Avitan Gefen
  • Patent number: 11516258
    Abstract: The present disclosure is a method for managing capabilities of network security functions (NSF) by a security controller in a security management system.
    Type: Grant
    Filed: July 24, 2020
    Date of Patent: November 29, 2022
    Assignee: Research & Business Foundation Sungkyunkwan University
    Inventors: Jaehoon Jeong, Jinyong Kim
  • Patent number: 11516860
    Abstract: A method and device for managing establishment of a communications link between an external instrument (EI) and an implantable medical device (IMD) are provided. The method stores, in a memory in at least one of the IMD or the EI, a base scanning schedule that defines a pattern for scanning windows over a scanning state. The method enters the scanning state during which a receiver scans for advertisement notices during the scanning windows. At least a portion of the scanning windows are grouped in a first segment of the scanning state. The method stores, in the memory, a scan reset pattern for restarting the scanning state. Further, the method automatically restarts the scanning state based on the scan reset pattern to form a pseudo-scanning schedule that differs from the base scanning schedule and establishes a communication session between the IMD and the EI.
    Type: Grant
    Filed: April 2, 2020
    Date of Patent: November 29, 2022
    Assignee: Pacesetter, Inc.
    Inventors: Yongjian Wu, Jyoti Bhayana, Chao-Wen Young, Tejpal Singh, Samir Shah
  • Patent number: 11514031
    Abstract: A system for a product navigator is provided. The system receives a search string at a business-type classification interface on an interactive user display. A search type associated with the search string may be determined based on a search type selection from a plurality of search types. A search of a database may be initiated for an entry matching the search string according to the search type, where the entry has corresponding business-type classification data including a brief classification description, an extended classification description, and an associated classification code. The brief classification description and the extended classification description may be output on the interactive user display based on receiving the corresponding business-type classification data from the database.
    Type: Grant
    Filed: October 30, 2014
    Date of Patent: November 29, 2022
    Assignee: THE TRAVELERS INDEMNITY COMPANY
    Inventors: Monica N. Blanco, Sarah C. Strange, Hayden Crumrine, Brett Mortimer, Venkata N. Chikyala, Frederica K. Werkheiser
  • Patent number: 11509622
    Abstract: Some embodiments provide a method for connecting a client of a first network to a service of a second network. The method includes registering the service of the second network. The method then receives, from a client of the first network, a request to communicate with the service, the client not having an address of the service. The method further assigns an IP address to the service and sends the IP address to the client. Additionally, the method sends, to an inter-network hub that connects the first network and the second network, a message in order for the inter-network hub to establish a first tunnel between the inter-network hub and a first gateway associated with the client and a second tunnel between the inter-network hub and a second gateway associated with the service.
    Type: Grant
    Filed: December 15, 2020
    Date of Patent: November 22, 2022
    Assignee: SAP SE
    Inventors: Jan Mikael Loefstrand, Rajesh Narayanan, Mohamed Ghassen Gargouri
  • Patent number: 11502918
    Abstract: System and techniques are described which apply a method for automatic database schema migration. An initial database is installed, according to rules that define tables of data, in an adaptive private network (APN) having a centralized management system including a network control node (NCN) coupled through the APN to a plurality of client nodes, wherein the NCN provides timing and control to the client nodes. An update to the initial database is received, wherein the initial database includes a first table of data stored in a first set of columns and the updated database includes a modified first table having a second set of columns that has a different number of columns as compared to the first table is automatically detected. One or more columns from the second set of columns that are different than the first set of columns are updated for data content.
    Type: Grant
    Filed: May 29, 2020
    Date of Patent: November 15, 2022
    Assignee: TALARI NETWORKS INCORPORATED
    Inventors: Todd Martin, Christopher Wayne Parsons, Wei Huang, Adam Phillip Schultz, Robert W. Dickey, III
  • Patent number: 11489730
    Abstract: Methods, apparatuses and systems for cloud-based disaster recovery are provided. The method, for example, includes receiving, at a cloud-based computing platform, first internet protocol (IP) information relating to a first network environment associated with a server used by a client machine; translating the first IP information, without having to interpose a camouflage layer into the first IP information, and generating second IP information based on the translated first IP information, the second IP information used for creating a second network environment for the server; creating the second network environment for the server; and deploying the server in the created second environment.
    Type: Grant
    Filed: December 18, 2018
    Date of Patent: November 1, 2022
    Assignee: Storage Engine, Inc.
    Inventors: Trevor Savino, James Patrick Hart, Justin Furniss, Charles Wooley
  • Patent number: 11489825
    Abstract: A device may determine that a network function of a network is to use a secure communication protocol. The network function may be configured to facilitate communication via the network. The device may identify a component of a resource configuration that is to instantiate the network function. The device may instantiate, using the component, a proxy for the network function. The device may configure the proxy to obtain a certificate that is associated with the secure communication protocol. The device may cause the proxy to use the certificate to communicate with another proxy that is associated with the network function to perform an operation associated with the network function.
    Type: Grant
    Filed: May 26, 2020
    Date of Patent: November 1, 2022
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Amit Mahajan, Jayesh Kumar Laad, John M. Bittenbender