Proxy Server Or Gateway Patents (Class 726/12)
-
Patent number: 11929991Abstract: Certain aspects of the present disclosure provide techniques for entering user credentials through a proxy. One example method generally includes receiving, at a user device, a push request for user data from a cloud server and receiving a request file from an aggregation system. The method further includes injecting user credentials stored on the user device into the request file, wherein when injected the user credentials replace at least one dummy entry of the request file, and transmitting the request file to a data source associated with the request file. The method further includes receiving user data from the data source and transmitting the user data to the aggregation system.Type: GrantFiled: May 8, 2023Date of Patent: March 12, 2024Assignee: Intuit, Inc.Inventors: Muniyaraj Samayavel, Prashant Asthana
-
Patent number: 11902147Abstract: A communication system includes: a management server that receives, from an information terminal connectable to a first network, a connection request for connecting to a web service provided by a web server connectable to a second network; first communication control circuitry that controls communication of a communication apparatus connectable to the second network, and second communication control circuitry that controls communication of the information terminal. The first communication control circuitry connects to a relay server that relays communication between the second network and the first network. The second communication control circuitry connects the information terminal to the relay server. A request for the web service provided by the web server and a response to the request are transmitted and received between a web browser of the information terminal and the web server via the relay server and the first communication control circuitry.Type: GrantFiled: April 12, 2022Date of Patent: February 13, 2024Assignee: Ricoh Company, Ltd.Inventors: Hiroshi Ota, Motohiro Nagao
-
Patent number: 11886593Abstract: A method of certifying a state of a platform includes receiving one or more software elements of a software stack of the platform by an authentication module and performing a hash algorithm on the software stack to generate one or more hash values. The software stack uniquely determines a software state of the platform. The method includes generating creation data, a creation hash, and a creation ticket, corresponding to the hash values and sending the creation ticket to the platform. The method also includes receiving the creation ticket by the authentication module and certifying the creation data and the creation hash based on the creation ticket. The method further includes generating a certified structure based on the creation data and performing the hash algorithm on the certified structure to generate a hash of the certified structure. The certified structure uniquely determines the software state of the platform.Type: GrantFiled: February 13, 2023Date of Patent: January 30, 2024Assignee: Hewlett Packard Enterprise Development LPInventors: Ludovic Emmanuel Paul Noel Jacquin, Hamza Attak, Nigel Edwards
-
Patent number: 11882108Abstract: Systems and methods are disclosed for accessing protected data. A computing device may have a secured stared storage accessible by two or more applications operating on the mobile device. The computing device may obtain a first token from an authorization service to verify user identity for a first application. The first token may be stored in the shared storage area, and be accessible to one or more applications sharing the storage space. In response to a user attempt to access a web service using a second application, the user identity may be verified using the first token. The authorization service may verify user credentials, and send a second token to the computing device. The second token may be a proxy ticket authorizing access and exchange of protected data between the second application and a web service. The second token may also be stored in the secure storage area.Type: GrantFiled: February 23, 2023Date of Patent: January 23, 2024Assignee: TRANSFORM SR BRANDS LLCInventors: Eui Chung, Jen-Hao Yang, Bharath Sridharan, Jim Pier
-
Patent number: 11882098Abstract: A method that is performed to access data nodes of a data cluster. The method includes obtaining, by a data access gateway (DAG), a request from a host; and in response to the request, obtaining bidding counters from the data nodes; obtaining metadata mappings from the data nodes; identifying, based on the bidding counters and metadata mappings, a data node of the data nodes associated with a highest bidding counter of the bidding counters and an appropriate metadata mapping of the metadata mappings; and sending the request to the data node.Type: GrantFiled: July 23, 2020Date of Patent: January 23, 2024Assignee: Dell Products L.P.Inventors: Dharmesh M. Patel, Ravikanth Chaganti
-
Patent number: 11863569Abstract: Various systems and methods for bus-off attack detection are described herein. An electronic device for bus-off attack detection and prevention includes bus-off prevention circuitry coupled to a protected node on a bus, the bus-off prevention circuitry to: detect a transmitted message from the protected node to the bus; detect a bit mismatch of the transmitted message on the bus; suspend further transmissions from the protected node while the bus is analyzed; determine whether the bit mismatch represents a bus fault or an active attack against the protected node; and signal the protected node indicating whether a fault has occurred.Type: GrantFiled: November 17, 2021Date of Patent: January 2, 2024Assignee: INTEL CORPORATIONInventors: Marcio Rogerio Juliato, Shabbir Ahmed, Santosh Ghosh, Christopher Gutierrez, Manoj R. Sastry
-
Patent number: 11855977Abstract: A device may determine that a network function of a network is to use a secure communication protocol. The network function may be configured to facilitate communication via the network. The device may identify a component of a resource configuration that is to instantiate the network function. The device may instantiate, using the component, a proxy for the network function. The device may configure the proxy to obtain a certificate that is associated with the secure communication protocol. The device may cause the proxy to use the certificate to communicate with another proxy that is associated with the network function to perform an operation associated with the network function.Type: GrantFiled: October 12, 2022Date of Patent: December 26, 2023Assignee: Verizon Patent and Licensing Inc.Inventors: Amit Mahajan, Jayesh Kumar Laad, John M. Bittenbender
-
Patent number: 11848962Abstract: Disclosed are various approaches for providing authentication of a user and a client device. A user's credentials can be authenticated by an identity provider. In addition, a device posture assessment that analyzes the device from which the authentication request originates is also performed. An authentication request can be authenticated based upon whether the device posture assessment reveals that device to be a managed device that is in compliance with compliance rules.Type: GrantFiled: September 24, 2020Date of Patent: December 19, 2023Assignee: AirWatch, LLCInventors: Craig Farley Newell, Jonathan Blake Brannon, Kabir Barday, Ashish Jain
-
Patent number: 11841698Abstract: Arrangement and method for securely executing an automation program in a cloud computing environment, wherein the automation program is installed on computer hardware in a public IT infrastructure, and wherein the computer hardware is connected via a data connection to a cloud server, where the connection and a dedicated runtime environment of the computer hardware are configured such that the automation program is transferrable onto the computer hardware and its execution can be monitored via the server and data connection, such that the automation program and sensitive information, i.e.Type: GrantFiled: September 23, 2020Date of Patent: December 12, 2023Assignee: SIEMENS AKTIENGESELLSCHAFTInventors: Markus Höfele, Peter Kob, Rolf Schrey, Armin Zeltner
-
Patent number: 11838323Abstract: Methods, systems, and devices for server-initiated secure sessions are described. A browser application may connect to a portal, where the portal may transmit a command to a server agent to initiate a secure session with an endpoint device. The server agent may be housed in a destination server, and may establish a secure connection with an intermediary server using a secure communication protocol. The secure connection may be made by directing the destination server to open an out-bound connection through a firewall of the destination server. A browser session may be redirected to the intermediary server from the browser application, and the intermediary server may route the browser session traffic to the secure connection.Type: GrantFiled: May 12, 2021Date of Patent: December 5, 2023Assignee: JumpCloud, Inc.Inventors: Rajat Bhargava, Christopher Marie, James Brown
-
Patent number: 11831545Abstract: This disclosure relates to a fully software-defined, fully virtualized, and customizable mobile communication platform deployed on public cloud infrastructure. Such mobile networks allows for end to end control of automatic and programmatic deployment and configuration of the mobile network components. The implementations below effectively enables instant creation and deployment of a true private global end-to-end Software Defined Network (SDN) for 3G, 4G, LTE, and 5G mobile communication from the ground up. Users will effectively act their own mobile carrier, allowing them to customize the features available to them via a programmatic interface.Type: GrantFiled: February 28, 2020Date of Patent: November 28, 2023Assignee: Telnyx LLCInventors: Anirudh Tyagi, Mohamed Kamar, David Casem
-
Patent number: 11822679Abstract: The host computer securitization architecture, which comprises: an offline source server, an offline provisioning server configured to connect with a portable mobile securitization server via a wired communication, an administration server configured to monitor and interact with at least one portable mobile securitization server, at least one portable mobile securitization server configured to connect via a wired communication to a host computer, said portable mobile securitization server comprising: a connector to mechanically connect and establish a removable wired communication between the mobile server and the host computer, a first wired bidirectional communicator with the host computer, a second of bidirectional communicator with a data storage peripheral or a data network and a unit securing the communication between the host computer and the data storage mobile server or the data network, this communication being established between the first and the second communicator, a blockchain comprisingType: GrantFiled: February 7, 2022Date of Patent: November 21, 2023Inventor: Vladimir Mickael Leal Monteiro
-
Patent number: 11811799Abstract: A method, system and computer-usable medium for constructing a distribution of interrelated event features. The constructing a distribution of interrelated event features includes receiving a stream of events, the stream of events comprising a plurality of events; extracting features from the plurality of events; constructing a distribution of the features from the plurality of events; and, analyzing the distribution of the features from the plurality of events.Type: GrantFiled: August 31, 2018Date of Patent: November 7, 2023Assignee: Forcepoint LLCInventors: Eduardo Luiggi, Christopher Poirel, Ann Irvine
-
Patent number: 11811553Abstract: A vehicle relay device includes a plurality of communication ports. Each of the plurality of communication ports communicate with a communication device as a node in accordance with an Ethernet standard. A connection permission node that is a node to be connected is predefined for each of the plurality of communication ports. The vehicle relay device does not communicate with an unregistered node that is a node not registered as the connection permission node.Type: GrantFiled: March 10, 2021Date of Patent: November 7, 2023Assignee: DENSO CORPORATIONInventor: Shuhei Itoda
-
Patent number: 11797670Abstract: A determination method includes determining an attack type of an attack code included in an attack request on a server, carrying out emulation of an attack by the attack code on the server in accordance with the determined attack type, extracting a feature related to a backdoor operation appearing in an attack code on the server in a case of succeeding in an attack on the server as a result of the emulation, and determining that an attack by the attack code has succeeded in a case where a communication log of the server has the extracted feature, by a processor.Type: GrantFiled: April 15, 2019Date of Patent: October 24, 2023Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATIONInventors: Yo Kanemoto, Kazufumi Aoki
-
Patent number: 11799871Abstract: A security level of data generated by an application may be communicated from the application layer to the network layer and that security level used to determine of several available network connects for transmitting the data. A method of communicating may include associating the plurality of network connections with security levels to form associations, the associations indicating security levels of data that may be transmitted over each of the plurality of network connections; receiving, at the network layer, data for transmission; determining, at the network layer, a security level for the data; determining, at the network layer, at least one network connection of a plurality of network connections to transmit the data based, at least in part, on the security level; and transmitting the data packet over the at least one network connection.Type: GrantFiled: October 22, 2020Date of Patent: October 24, 2023Assignee: Dell Products L.P.Inventors: Dileep Kumar Soma, Harpreet Narula, Brian E. Manser
-
Patent number: 11777906Abstract: A method for enforcing entitlements includes configuring a wide variety of entitlements at a server; determining applicable combination of entitlements for a given client request; sending entitlements to the requesting client securely; handling entitlement information securely on a plurality of client devices at run time; storing entitlement information securely on a plurality of client devices for offline use; and enforcing entitlements on a plurality of client devices. The method employs manipulation of manifest files by a proxy that may be included in the client device or located in the network.Type: GrantFiled: September 30, 2022Date of Patent: October 3, 2023Assignee: Ericsson ABInventors: Mikhail Mikhailov, Raj Nair
-
Patent number: 11755721Abstract: The present disclosure relates to a computer implemented method for executing an application. The method comprises: executing a bootloader in a trusted execution environment, wherein the executing comprises: decrypting received encrypted secrets using decryption keys of the boot loader, storing the decrypted secrets in a storage accessible by the application, creating a proof record indicating the application, the secrets and the trusted execution environment, storing the proof record in the storage, and deleting the decryption keys. The application may be executed in the trusted execution environment using the decrypted secrets. The proof record may be provided by the application for proving authenticity.Type: GrantFiled: October 25, 2021Date of Patent: September 12, 2023Assignee: International Business Machines CorporationInventors: Angel Nunez Mencias, Nicolas Maeding, Peter Morjan, Dirk Herrendoerfer
-
Patent number: 11757880Abstract: A method and system for performing authentication are described. The method and system include receiving, from a client, a communication for a data source at a wrapper. The wrapper includes a dispatcher and a service. The dispatcher receives the communication and is data agnostic. The communication is provided from the dispatcher to the service. The service determines whether the client is authorized to access the data source utilizing multi-factor authentication.Type: GrantFiled: August 22, 2019Date of Patent: September 12, 2023Assignee: Cyral Inc.Inventors: Manav Ratan Mital, Srinivas Nageswarrao Vadlamani, Pramod Chandraiah, Hugo Araújo de Sousa
-
Patent number: 11757917Abstract: The disclosure provides an approach for detecting and preventing attacks in a network. Embodiments include receiving network traffic statistics of a system. Embodiments include determining a set of features of the system based on the network traffic statistics. Embodiments include inputting the set of features to a classification model that has been trained using historical features associated with labels indicating whether the historical features correspond to attacks. Embodiments include receiving, as output from the classification model, an indication of whether the system is a target of an attack. Embodiments include receiving additional statistics related to the system. Embodiments include analyzing, in response to the indication that the system is the target of the attack, the additional statistics to identify a source of the attack. Embodiments include performing an action to prevent the attack based on the source of the attack.Type: GrantFiled: October 23, 2020Date of Patent: September 12, 2023Assignee: VMware, Inc.Inventors: Santosh Pallagatti Kotrabasappa, Sairam Veeraswamy, Jayneeta Sinha, Suriyan S.
-
Patent number: 11748132Abstract: A method is implemented by a computing device to configure and monitor a virtual application in a cloud environment. The method includes generating instructions for configuring and monitoring the virtual application based on configuration data for the virtual application, modifying an injection virtual appliance image to include the instructions for configuring and monitoring the virtual application, where the injection virtual appliance image is a template for instantiating an injection virtual appliance (e.g., a software container or unikernel) that is to configure and monitor the virtual application according to the instructions, modifying a virtual application deployment descriptor for the virtual application to indicate that the injection virtual appliance is to be injected into the virtual application, and causing the virtual application, with the injection virtual appliance, to be deployed in the cloud environment using the modified virtual application deployment descriptor.Type: GrantFiled: April 17, 2020Date of Patent: September 5, 2023Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Hoang Do, Sergey Odobetskiy
-
Patent number: 11750618Abstract: A system for protecting public cloud-hosted virtual resources features cloud visibility logic. According to one embodiment, the cloud visibility logic includes credential evaluation logic, data collection logic, correlation logic, and reporting logic. The credential evaluation logic is configured to gain authorized access to a cloud account within a first public cloud network. The data collection logic is configured to retrieve account data from the cloud account, while the correlation logic is configured to conduct analytics on the account data to determine whether the cloud account is subject to a cybersecurity threat or misconfiguration. The reporting logic is configured to generate an alert when the cloud account is determined by the correlation logic to be subject to the cybersecurity threat or misconfiguration.Type: GrantFiled: March 31, 2022Date of Patent: September 5, 2023Assignee: FireEye Security Holdings US LLCInventors: Sai Vashisht, Sumer Deshpande, Sushant Paithane, Rahul Khul
-
Patent number: 11750481Abstract: A method for visualizing network flows of a network is provided. The method monitors network flows between a group of machines in a network. The method associates identifiers with the monitored network flows. The method aggregates the monitored network flows into a set of groups based on the associated identifiers. The method displays a set of flow records for the each group of the set of groups.Type: GrantFiled: February 21, 2022Date of Patent: September 5, 2023Assignee: NICIRA, INC.Inventors: Kaushal Bansal, Uday Masurekar, Srinivas Nimmagadda, Jingmin Zhou, Abhishek Goliya, Amit Chopra, Kausum Kumar
-
Patent number: 11743956Abstract: The invention relates to a multi-carrier base station and a method performed at the multi-carrier base station configured to enable wireless access to wireless communication terminals. In an aspect, a device is provided configured to provide wireless communication access to wireless communication terminals. The device comprises a Base Transceiver Station (BTS), configured to be connectable to a core network, a tethering access point, and at least one antenna. The BTS is configured to provide at least a first carrier via the at least one antenna for Third Generation Partnership Project (3GPP) wireless access, and further to provide the tethering access point via a wired connection with at least a second carrier exclusively used by the tethering access point for 3GPP access. Moreover, the tethering access point is configured to provide non-3GPP wireless access via the at least one antenna.Type: GrantFiled: February 19, 2016Date of Patent: August 29, 2023Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Sajjadul Latif, Chenguang Lu, Kim Laraqui
-
Patent number: 11743299Abstract: System, method, and apparatus of securing and managing Internet-connected devices and networks. A wireless communication router is installed at a customer venue, and provides Internet access to multiple Internet-connected devices via a wireless communication network that is served by the router. A monitoring and effecting unit of the router performs analysis of traffic that passes through the router; identifies which Internet-connected devices send or receive data; and selectively enforces traffic-related rules based on policies stored in the router. Optionally, the monitoring and effecting unit is pre-installed in the router in a disabled mode; and is later activated after the router was deployed at a customer venue. Optionally, the router notifies the Internet Service Provider the number and type of Internet-connected devices that are served by the router.Type: GrantFiled: April 29, 2021Date of Patent: August 29, 2023Assignee: ALLOT LTD.Inventors: Yair Manor, Yaron Muzikant
-
Patent number: 11743232Abstract: Systems, methods, and computer-readable media are provided for software defined branch single IP orchestration. An example method can include establishing, by a controller, a secure tunnel agent to an orchestrator, generating, by the controller, a single IP address on a virtual router for a virtual branch site, and monitoring, by the controller, reachability of the single IP address on the virtual router.Type: GrantFiled: July 29, 2021Date of Patent: August 29, 2023Assignee: Cisco Technology, Inc.Inventors: Alexander Yeh, Yanping Qu, Kaushik Pratap Biswas
-
Patent number: 11736447Abstract: A method that is performed to access data nodes of a data cluster. The method includes obtaining, by a data access gateway (DAG), a first request from a host; and in response to the first request, obtaining first bidding counters from the data nodes; obtaining first metadata mappings from the data nodes; making a first determination that the first request may not be served using any data node in an accelerator pool of the data cluster; and in response to the first determination, identifying, based on the bidding counters and metadata mappings, a data node in a non-accelerator pool of the data cluster associated with a first highest bidding counter of the bidding counters and a first appropriate metadata mapping of the metadata mappings; and sending the first request to the data node in the non-accelerator pool of the data cluster.Type: GrantFiled: July 23, 2020Date of Patent: August 22, 2023Assignee: Dell Products L.P.Inventors: Dharmesh M. Patel, Ravikanth Chaganti
-
Patent number: 11729143Abstract: The present disclosure relates to network security software cooperatively configured on plural nodes to authenticate and authorize devices, applications, users, and data protocol in network communications by exchanging nonpublic identification codes, application identifiers, and data type identifiers via pre-established communication pathways and comparing against pre-established values to provide authorized communication and prevent compromised nodes from spreading malware to other nodes.Type: GrantFiled: February 17, 2021Date of Patent: August 15, 2023Assignee: Stealthpath, Inc.Inventors: Mike Clark, Andrew Gordon, Matt Clark
-
Patent number: 11711343Abstract: Web-filtering operations may be implemented on the user device, rather than on a centralized proxy server, to improve reliability, performance, and/or security of the web-filtering operations. Some or all of the necessary functions related to web-filtering may be performed on the end user device to remove the complexity and security issues inherent with the current methodology. One technique for allowing operation of proxy servers on user devices is to install smart agents on the user device. The smart agents, under control of a management server, may configure the proxy server, issue trust certificates to applications on the device, and/or provide proxy access configuration (PAC) files to applications on the device.Type: GrantFiled: October 14, 2020Date of Patent: July 25, 2023Assignee: Lightspeed Solutions, LLCInventors: Robert Chambers, Kevin Sanders
-
Patent number: 11706098Abstract: Embodiments are described herein for systems and methods for continuously monitoring a network structure of one or more networks using a cloud-based network monitoring system, and rearranging, using the cloud-based network monitoring system, the network structure of the one or more networks to protect confidential and/or prioritized assets of the one or more networks based at least in part on the monitoring of the network structure of the one or more networks. In certain embodiments, the cloud-based network monitoring system is configured to continuously monitor a network structure of one or more networks, and to automatically rearrange the network structure of the one or more networks to protect confidential and/or prioritized assets of the one or more networks based at least in part on the continuous monitoring of the network structure of the one or more networks.Type: GrantFiled: June 29, 2022Date of Patent: July 18, 2023Assignee: United Services Automobile Association (USAA)Inventor: Timothy Blair Chalmers
-
Patent number: 11671246Abstract: A data provisioning device is arranged for provisioning a data processing entity from a set of data processing entities sharing the same joint decryption key. The data provisioning device comprises: a network interface configured to receive the provisioning data for provisioning the data processing entity, a joint encryption key associated with the joint decryption key, and control information indicating a processing scheme to be deployed by the data provisioning device when provisioning the data processing entity; a processor configured to process the provisioning data according to the control information to obtain processed provisioning data, to cryptographically encrypt the processed provisioning data using the received joint encryption key to obtain encrypted processed provisioning data; and a device interface configured to transmit the encrypted processed provisioning data to the data processing entity.Type: GrantFiled: October 29, 2020Date of Patent: June 6, 2023Assignee: Secure Thingz LimitedInventors: Stephan Spitz, Haydn Povey
-
Patent number: 11652693Abstract: The present disclosure relates to a method for anchoring an edge cloud to a central cloud, the method being performed in a cloud environment comprising a central cloud and an edge cloud, the method comprising obtaining (S238, S310), by a connectivity controller of an edge cloud, an address of an anchoring registry of a central cloud; sending (S240, S312), by the connectivity controller, to the anchoring registry, information about networking configuration of the edge cloud; setting up (S246, S314), by an orchestrator of the central cloud, a virtual private network, VPN, service in the central cloud; requesting (S248, S316), by the orchestrator of the central cloud, edge VPN configuration information from the central VPN service, based on the information about networking configuration of the edge cloud; sending (S252, S318), by the anchoring registry, the edge VPN configuration information, to an orchestrator of the edge cloud; creating (S258, S320), by an orchestrator of the edge cloud, an edge VPN service, bType: GrantFiled: September 4, 2019Date of Patent: May 16, 2023Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Miljenko Opsenica, Tero Kauppinen, Miika Komu, Timo Simanainen
-
Patent number: 11652799Abstract: A method including receiving, at a first VPN server during an established VPN connection, a first data request and a second data request from a user device; transmitting, by the first VPN server during the established VPN connection, the first data request and the second data request to a second VPN server; and receiving, by the first VPN server from the second VPN server during the established VPN connection, first data associated with the first data request and second data associated with the second data request, the first data being retrieved by the second VPN server using a first exit IP address associated with the second VPN server and the second data being retrieved by the second VPN server using a second exit IP address associated with the second VPN server, the second exit IP address being different from the first exit IP address. Various other aspects are contemplated.Type: GrantFiled: February 26, 2022Date of Patent: May 16, 2023Assignee: Oversec, UABInventors: Tomas Kolaitis, Vytautas Neubauer
-
Patent number: 11641344Abstract: The invention relates to a housing (30) for managing access to an industrial network (10), to which industrial equipment (U1, U2, U3) is connected, the management housing (30) comprising: —a channel (30a) for access to an internet-type data network, said channel (30a) for access to the data network comprising a cut-off unit (33); —a channel (30b) for controlling the channel (30a) for access to the data network, said control channel (30a) comprising a controller (31) configured to control the cut-off unit (33) so as to allow communication between the industrial network and the data network, the cut-off unit comprising a cut-off relay that can be activated by means of a control signal emitted by the controller (31).Type: GrantFiled: March 14, 2019Date of Patent: May 2, 2023Assignee: SAFRAN AIRCRAFT ENGINESInventors: Pascal Noirfalise, Thibaut Barrouillet, Sylvain Eric Alain Belrepayre, Fabien Fouillet, Jean Vias
-
Patent number: 11625723Abstract: There are provided systems and methods for a machine learning-based network trained to perform risk assessment through device data. A service provider server receives device data of a user device associated with a merchant account registered with a merchant server for a merchant service, and receives, from the merchant server, a request containing a unique token identifier for initiating a risk assessment operation to generate a device assessment score for the user device, where the device assessment score indicates a level of risk between the user device and the merchant account. The service provider server selects a risk assessment engine to perform the risk assessment operation and generates the device assessment score and a narrative for the device assessment score, and sends, to the merchant server through an application programming interface, a message containing a unique device identifier for the user device, the device assessment score and the narrative.Type: GrantFiled: May 28, 2020Date of Patent: April 11, 2023Assignee: PAYPAL, INC.Inventors: Manickkam Pandian, Souradeep Sen, Ranjit K. Valasa, Suchita Shridhar Shirke, Sabarirajan Jeeva
-
Patent number: 11616771Abstract: Systems and methods are disclosed for accessing protected data. A computing device may have a secured stared storage accessible by two or more applications operating on the mobile device. The computing device may obtain a first token from an authorization service to verify user identity for a first application. The first token may be stored in the shared storage area, and be accessible to one or more applications sharing the storage space. In response to a user attempt to access a web service using a second application, the user identity may be verified using the first token. The authorization service may verify user credentials, and send a second token to the computing device. The second token may be a proxy ticket authorizing access and exchange of protected data between the second application and a web service. The second token may also be stored in the secure storage area.Type: GrantFiled: August 17, 2018Date of Patent: March 28, 2023Assignee: TRANSFORM SR BRANDS LLCInventors: Eui Chung, Jen-Hao Yang, Bharath Sridharan, Jim Pier
-
Patent number: 11601519Abstract: Methods, systems, and computer programs are presented for lowering network latency for cloud-based services. Service-delivery edge locations allow customers to improve communication-providers public and private network connectivity for improved performance. One method includes operations for performing, by an edge server, a handshake to establish a communication session between a client and a main server, and for exchanging data between the client and the main server via the edge server. The handshake includes exchanging, by the edge server, communication initiation messages with the client, and validating, by the edge server, authentication credentials for the communication session based on the communication initiation messages.Type: GrantFiled: August 12, 2020Date of Patent: March 7, 2023Assignee: Twilio Inc.Inventors: Alexander Philip Lowe, Madeleine Genevieve Muscari, Robert Charles Hagemann, III, Christer Jan Erik Fahlgren, Jeremy Andrew McEntire, Erik A. Jansson, Humberto Reyes, Evan Kyle Fossier, Jingming Niu
-
Patent number: 11593708Abstract: An integrated neural network and semantic system applies a neural network to interpret an image, determines a syntactical element corresponding to the image in accordance with the interpretation, and determines a first probability that represents a confidence level that the correspondence is accurate. A semantic chain and associated second probability are then generated based on the syntactical element and the first probability, whereby the second probability represents the system's confidence level that the semantic chain accurately reflects objective reality. A natural language communication is generated for delivery to a user that comprises syntactical elements that are in accordance with the semantic chain and the second probability. The communication may further be expected to result in receiving information that will influence the confidence level that the semantic chain accurately reflects objective reality.Type: GrantFiled: October 23, 2019Date of Patent: February 28, 2023Assignee: ManyWorlds, Inc.Inventors: Steven Dennis Flinn, Naomi Felina Moneypenny
-
Patent number: 11588786Abstract: According to one or more embodiments, a system can comprise a processor and a memory that can store executable instructions that, when executed by the processor, facilitate performance of operations. The operations can include establishing a wireless connection to a wireless network. The operations can further include receiving, via the wireless connection, data from a gateway device, that has been communicated via a network device of a publicly accessible network, wherein the data has been compared, by the gateway device, to a template of anomalous activity.Type: GrantFiled: December 2, 2019Date of Patent: February 21, 2023Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Mike Iapalucci, Myra Agostino, Zhi Cui, Jason Robbins, Gregory Stockman
-
Patent number: 11575709Abstract: Disclosed herein are methods, systems, and processes for monitoring scan attempts in a network. A virtual security appliance with multiple ports is deployed in a network. One or more ports are obfuscated via the virtual security appliance to make the various ports appear to be closed. An address of the virtual security appliance within the network is modified, the several ports are adjusted to assume a predetermined profile, a network neighbor's profile is discovered and emulated, and a received connection attempt intended for the virtual security appliance is monitored.Type: GrantFiled: March 15, 2021Date of Patent: February 7, 2023Assignee: Rapid7, Inc.Inventors: Roy Hodgman, Jeffrey D. Myers
-
Patent number: 11570208Abstract: An electronic device and a control method thereof are provided. The electronic device includes an Internet protocol (IP) address corresponding to a domain name of a web page when a user command inputting the domain name is received, identifies a number of hops included in a network path connecting a server corresponding to the obtained IP address and the electronic device to each other, and determines that a man-in-the-middle attack exists in a network when a communication connection with the server is established on the basis of a smaller number of hops than the identified number of hops.Type: GrantFiled: January 29, 2020Date of Patent: January 31, 2023Assignee: Samsung Electronics Co., Ltd.Inventor: Joonghwan Lee
-
Patent number: 11550608Abstract: Guest-to-host virtual networking can include linking a virtual entity proxy to a network adapter of a host machine through a virtual bridge. In response to a request that starts a guest running on the host machine, the guest can be configured to point to the virtual entity proxy and to communicatively couple to a network through the virtual entity proxy linked to the network adapter of the host machine. The virtual entity proxy can be bound to the network, such that the virtual entity proxy intermediates communications between the guest and one or more other guests running on one or more different host machines that are also communicatively coupled to the network.Type: GrantFiled: October 31, 2019Date of Patent: January 10, 2023Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Akshay Nair, Phil Coulthard, Vadim Berestetsky, Farhan Arshad, Aditya Jain, Hsing Gen Alexander Wu, Sami El Cheikh
-
Patent number: 11546370Abstract: Methods and systems are disclosed for anti-replay protection for network packet communications. A scorecard is stored that includes packet sequence numbers for received packets associated with a network packet flow. For each received packet, an anti-replay unit accesses the scorecard for an initial check to determine if the current packet represents a late packet and/or a replay packet. After further processing, the anti-replay unit accesses the scorecard for a final check to determine if the current packet represents a replay packet. For one embodiment, the initial check uses a first window of packet sequence numbers, and the final check uses a second window of packet sequence numbers that is larger than the first window. For further embodiments, multiple processing units operate in parallel to process received packets and to share the anti-replay unit, and each processing unit requests initial and final checks for received packets it processes.Type: GrantFiled: January 31, 2018Date of Patent: January 3, 2023Assignee: NXP USA, Inc.Inventors: Steve D. Millman, Michael J. Torla, David Abdoo
-
Patent number: 11544152Abstract: Systems and methods for providing data protection operations including cyber-threat protection operations. A sentiment analysis may be performed using language analysis to identify or determine a general or specific sentiment with or without intent to do harm. A score of the sentiment is then determined to assess risk. The data backup policy can be updated based on the assessed risk.Type: GrantFiled: July 19, 2019Date of Patent: January 3, 2023Assignee: EMC IP HOLDING COMPANY LLCInventors: Amihai Savir, Assaf Natanzon, Avitan Gefen
-
Patent number: 11516258Abstract: The present disclosure is a method for managing capabilities of network security functions (NSF) by a security controller in a security management system.Type: GrantFiled: July 24, 2020Date of Patent: November 29, 2022Assignee: Research & Business Foundation Sungkyunkwan UniversityInventors: Jaehoon Jeong, Jinyong Kim
-
Patent number: 11516860Abstract: A method and device for managing establishment of a communications link between an external instrument (EI) and an implantable medical device (IMD) are provided. The method stores, in a memory in at least one of the IMD or the EI, a base scanning schedule that defines a pattern for scanning windows over a scanning state. The method enters the scanning state during which a receiver scans for advertisement notices during the scanning windows. At least a portion of the scanning windows are grouped in a first segment of the scanning state. The method stores, in the memory, a scan reset pattern for restarting the scanning state. Further, the method automatically restarts the scanning state based on the scan reset pattern to form a pseudo-scanning schedule that differs from the base scanning schedule and establishes a communication session between the IMD and the EI.Type: GrantFiled: April 2, 2020Date of Patent: November 29, 2022Assignee: Pacesetter, Inc.Inventors: Yongjian Wu, Jyoti Bhayana, Chao-Wen Young, Tejpal Singh, Samir Shah
-
Patent number: 11514031Abstract: A system for a product navigator is provided. The system receives a search string at a business-type classification interface on an interactive user display. A search type associated with the search string may be determined based on a search type selection from a plurality of search types. A search of a database may be initiated for an entry matching the search string according to the search type, where the entry has corresponding business-type classification data including a brief classification description, an extended classification description, and an associated classification code. The brief classification description and the extended classification description may be output on the interactive user display based on receiving the corresponding business-type classification data from the database.Type: GrantFiled: October 30, 2014Date of Patent: November 29, 2022Assignee: THE TRAVELERS INDEMNITY COMPANYInventors: Monica N. Blanco, Sarah C. Strange, Hayden Crumrine, Brett Mortimer, Venkata N. Chikyala, Frederica K. Werkheiser
-
Patent number: 11509622Abstract: Some embodiments provide a method for connecting a client of a first network to a service of a second network. The method includes registering the service of the second network. The method then receives, from a client of the first network, a request to communicate with the service, the client not having an address of the service. The method further assigns an IP address to the service and sends the IP address to the client. Additionally, the method sends, to an inter-network hub that connects the first network and the second network, a message in order for the inter-network hub to establish a first tunnel between the inter-network hub and a first gateway associated with the client and a second tunnel between the inter-network hub and a second gateway associated with the service.Type: GrantFiled: December 15, 2020Date of Patent: November 22, 2022Assignee: SAP SEInventors: Jan Mikael Loefstrand, Rajesh Narayanan, Mohamed Ghassen Gargouri
-
Patent number: 11502918Abstract: System and techniques are described which apply a method for automatic database schema migration. An initial database is installed, according to rules that define tables of data, in an adaptive private network (APN) having a centralized management system including a network control node (NCN) coupled through the APN to a plurality of client nodes, wherein the NCN provides timing and control to the client nodes. An update to the initial database is received, wherein the initial database includes a first table of data stored in a first set of columns and the updated database includes a modified first table having a second set of columns that has a different number of columns as compared to the first table is automatically detected. One or more columns from the second set of columns that are different than the first set of columns are updated for data content.Type: GrantFiled: May 29, 2020Date of Patent: November 15, 2022Assignee: TALARI NETWORKS INCORPORATEDInventors: Todd Martin, Christopher Wayne Parsons, Wei Huang, Adam Phillip Schultz, Robert W. Dickey, III
-
Patent number: 11489730Abstract: Methods, apparatuses and systems for cloud-based disaster recovery are provided. The method, for example, includes receiving, at a cloud-based computing platform, first internet protocol (IP) information relating to a first network environment associated with a server used by a client machine; translating the first IP information, without having to interpose a camouflage layer into the first IP information, and generating second IP information based on the translated first IP information, the second IP information used for creating a second network environment for the server; creating the second network environment for the server; and deploying the server in the created second environment.Type: GrantFiled: December 18, 2018Date of Patent: November 1, 2022Assignee: Storage Engine, Inc.Inventors: Trevor Savino, James Patrick Hart, Justin Furniss, Charles Wooley