Security Protocols Patents (Class 726/14)
  • Patent number: 10154005
    Abstract: The invention presented herein is a system and method for automatically discovering communication capabilities for direct communication between endpoints across one or more unknown networks, the system comprising: a plurality of network enabled endpoints configured with a module in wireless communication with a management database, the module configured to establish a communication path for direct communication between the network-enabled endpoints, independent of a NAT router.
    Type: Grant
    Filed: January 19, 2018
    Date of Patent: December 11, 2018
    Inventors: Gary Mitchell, Scott Whittle, Kurt Quasebarth
  • Patent number: 10146964
    Abstract: Embodiments herein relate to a die to form a system-on-chip (SOC) with one or more other dies, with a policy arbitrator disposed on the die to manage security policies of the plurality of dies of the SOC, where the PA is to receive information about a security policy and a die type from a first of the one or more other dies, compare at least the received information about the security policy and the die type of the first other die with a security policy and a die type of the die, determine, based on the comparison, a common security policy for the plurality of dies of the SOC, and transmit the determined common security policy and the die type of the die to at least a second of the one or more other dies.
    Type: Grant
    Filed: June 6, 2017
    Date of Patent: December 4, 2018
    Assignee: INTEL CORPORATION
    Inventors: Neel Shah, Michael Neve De Mevergnies
  • Patent number: 10140447
    Abstract: Implementations of the present disclosure include methods, systems, and computer-readable storage mediums for receiving parameters defining a detection technique, an attack scenario, and detection logic, receiving configuration data that is specific to a target system that is to be monitored, providing an attack pattern based on the parameters and the configuration data, monitoring the target system based on the attack pattern and data provided by one or more logs of the target system, and selectively generating, based on monitoring, an alert indicating a potential end-to-end intrusion into the target system.
    Type: Grant
    Filed: December 11, 2015
    Date of Patent: November 27, 2018
    Assignee: SAP SE
    Inventors: Mohammad Ashiqur Rahaman, Cedric Hebert, Juergen Frank
  • Patent number: 10135793
    Abstract: Methods and a system are provided that, in turn, are for providing security between a user device and a computer related device. A method includes providing a distributed registry service that specifies a plurality of services available to support communications between the user device and the computer related device. The method further includes at least one of dynamically constructing and altering one or more multi-node transient processing pathways between the user device and the computer related device based on respective selected ones of the plurality of services. For at least one node in each of the one or more transient processing pathways, an address thereof and a time period the at least one node is active and capable of being used is set or changed, based on at least one of an application programming interface type and a data request type implicated by a received packet.
    Type: Grant
    Filed: June 26, 2015
    Date of Patent: November 20, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Timothy Durniak, Robert R. Friedlander, James R. Kraemer, Jeb Linton
  • Patent number: 10136311
    Abstract: The subject matter describes devices, networks, systems, media, and methods to create secure communications between wireless devices and cellular networks, where the wireless devices communicate with the cellular networks via multi-hopping methods in non-cellular networks.
    Type: Grant
    Filed: December 12, 2014
    Date of Patent: November 20, 2018
    Assignee: M87, INC.
    Inventors: Vidur Bhargava, Eric Kord Henderson, Peter Matthew Feldman
  • Patent number: 10129156
    Abstract: Concepts and technologies disclosed herein are directed to the dynamic creation and management of ephemeral coordinated feedback instances. In accordance with one aspect disclosed herein, a system can receive a feedback instance creation request. The feedback instance creation request can be received from a policy engine in response to the policy engine attempting to satisfy a policy request. The system can examine the feedback instance creation request to determine an objective to be met by a new feedback instance model. The system can build a specification for the new feedback instance model. The specification can be built in accordance with a feedback instance building policy. The system can create the new feedback instance model in accordance with the specification. The system can store the new feedback instance model and a unique identifier associated with the new feedback instance model in a feedback instance model repository.
    Type: Grant
    Filed: March 31, 2015
    Date of Patent: November 13, 2018
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: James W. Fan, Jeffrey A. Aaron
  • Patent number: 10122622
    Abstract: A method implemented by a network element (NE), comprising receiving a classification message comprising a classification rule for identifying a service function chain (SFC) in a network, wherein the SFC comprises an ordered set of service functions (SFs) that provides services to an application, and a dynamic application-specific contextual data associated with an operation of the application, receiving a first of a plurality of application data packets, determining that the first of the application data packets matches the classification rule, generating a first SFC packet by adding the dynamic application-specific contextual data to the first of the application data packets according to the classification rule to enable communication of the dynamic application-specific contextual data to at least one of the SFs in the SFC, and sending the first SFC packet towards a next NE according to an SF path in the network associated with the SFC.
    Type: Grant
    Filed: May 29, 2015
    Date of Patent: November 6, 2018
    Assignee: Futurewei Technologies, Inc.
    Inventors: Xiaobo Wang, Hong Zhang
  • Patent number: 10102379
    Abstract: Published enterprise threat detection (ETD) security notes are accessed in a computer data store. Applicability of the published ETD security notes are determined for an information technology computing (IT) landscape. A determination is made that a particular applicable ETD security note has not yet been implemented in the IT computing landscape. Aggregated impact of compromise (IoC) and state of compromise (SoC) values associated with the published ETD security note are analyzed and a computing system patching action is performed based on the aggregated IoC and SoC values.
    Type: Grant
    Filed: June 30, 2017
    Date of Patent: October 16, 2018
    Assignee: SAP SE
    Inventors: Hartwig Seifert, Nan Zhang, Harish Mehta, Florian Chrosziel, Hristina Dinkova, Thomas Kunz, Lin Luo, Rita Merkel, Wei-Guo Peng, Eugen Pritzkau, Marco Rodeck
  • Patent number: 10078648
    Abstract: In general, in one aspect, a method for managing data in a data storage system includes receiving identifiers corresponding to different respective entries of a map stored in the data storage system, with a particular identifier corresponding to a particular entry of the map, the particular entry including a computed value corresponding to a particular portion of data stored in the data storage system and metadata indicating a location where the particular portion of data is stored in the data storage system, selecting, according to a first selection criterion, at least some of the identifiers for storage in a first portion of an index, and selecting, according to a second selection criterion, at least some of the identifiers for storage in a second portion of the index.
    Type: Grant
    Filed: April 27, 2015
    Date of Patent: September 18, 2018
    Assignee: Red Hat, Inc.
    Inventors: Michael Fortson, Jonathan Coburn, Michael Sclafani, Thomas Jaskiewicz, Assar Westerlund, Hooman Vassef
  • Patent number: 10050954
    Abstract: A method may include performing secure device configuration, via a configuration service manager device, for a SIP user device. The method includes monitoring, via the configuration service manager device, the SIP user device for device authentication problems, configuration file download problems, device registration problems and device third party registration problems. The method may also include detecting the device authentication problems, and logging and reporting the detected device authentication problems. The method may also include automated testing of the device and logging and reporting of detected device test problems. The method further includes resolving the detected device authentication, registration or testing problems.
    Type: Grant
    Filed: February 1, 2016
    Date of Patent: August 14, 2018
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Paul T. Schultz, Robert A. Sartini, Tim D. Paiement, Elliot G. Eichen
  • Patent number: 10050781
    Abstract: Embodiments of the present application provide apparatus and methods for generating a shared key, including setting up a key negotiation connection, and determining an algorithm code by negotiating using the key negotiation connection. An algorithm corresponding to the algorithm code is retrieved from a pre-stored algorithm library, and a pre-stored seed key is calculated using the algorithm to obtain a shared key. Compared with traditional key generation methods, embodiments of the present invention avoid the problem of a high bit error rate that occurs in the traditional quantum key generation methods, especially quantum key generation methods. One exemplary method determines an algorithm code through negotiation, retrieves a pre-stored algorithm corresponding to the algorithm code, and generates a new shared key using a seed key.
    Type: Grant
    Filed: August 19, 2016
    Date of Patent: August 14, 2018
    Assignee: Alibaba Group Holding Limited
    Inventors: Peng Yuan, Yingfang Fu, Shaojie Liu, Zhiqiang Wang
  • Patent number: 10037422
    Abstract: Embodiments as disclosed herein may provide systems and methods for component integration and security. In particular, in one embodiment, a native component that presents a network based interface may be on a device, where that native component may expose a network based interface for access by other components. This native component can then be accessed through the network based interface. To address security concerns and other issues, the native component may be configured to determine if a received request is associated with the same user space and only respond to requests originating from the same user space.
    Type: Grant
    Filed: January 19, 2016
    Date of Patent: July 31, 2018
    Assignee: Open Text SA ULC
    Inventors: Jonathan Carroll, Michel Gagnon, Gregory Pekofsky, Khanh Tuan Vu
  • Patent number: 10038646
    Abstract: Provided are a method and apparatus for acquiring a port range resource, and method and apparatus for allocating a port range resource. In the method, a first Router Solicitation (RS) message is sent to a server-end device, wherein information carried in the first RS message includes at least one of an Internet Protocol (IP) address multiplexing request and a port range resource allocation request; and a Router Advertisement (RA) message from the server-end device is received, wherein information carried in the RA message includes: a port range resource allocated according to the IP address multiplexing request and/or according to the port range resource allocation request. By virtue of the technical solution, an Address Plus Port (A+P) technology can be applied to an application scenario where stateless configuration of an Internet Protocol Version 6 (IPv6) address is performed via Neighbour Discovery (ND), thereby expanding the application range of the A+P technology.
    Type: Grant
    Filed: May 23, 2014
    Date of Patent: July 31, 2018
    Assignee: ZTE CORPORATION
    Inventor: Kun Zheng
  • Patent number: 9985956
    Abstract: A client authentication system receives authentication requests associated with a web page in response to a client computing system requesting access to the web page. The authentication system determines whether a storage device contains configurations for the authentication requests. The authentication system configures client authentication for the client authentication requests in view of whether the storage device includes the configurations for the authentication requests. The GUI allows control to change the client authentication configuration for at least one of the authentication requests.
    Type: Grant
    Filed: November 16, 2015
    Date of Patent: May 29, 2018
    Assignee: Red Hat, Inc.
    Inventor: Kai Wolfgang Engert
  • Patent number: 9979738
    Abstract: Described is a system for detecting attacks on networks. A hierarchical representation of activity of a communication network is used to detect and predict sources of misinformation in the communication network. The hierarchical representation includes temporal patterns of communication between at least one pair of nodes, each temporal pattern representing a motif, having a size, in the hierarchical representation. Changes in motifs provide a signal for a misinformation attack.
    Type: Grant
    Filed: March 18, 2016
    Date of Patent: May 22, 2018
    Assignee: HRL Laboratories, LLC
    Inventors: Gavin D. Holland, Michael D. Howard, Chong Ding, Tsai-Ching Lu
  • Patent number: 9973570
    Abstract: A system for providing an isolated testing model for testing the disaster recovery capabilities of a streamlined backup network backing up a primary network. The primary network provides one or more users access to critical data and critical services. The system is configured to be switched between a production mode and a test mode. When the system is in the production mode, the primary network and the streamlined backup network form a live production environment and the streamlined backup network provides the one or more users access to the critical data and the critical services in the event the primary network is unable to do so. When the system is in the test mode, the streamlined backup network is removed from the live production environment by physically and logically isolating the streamlined backup network from the primary network.
    Type: Grant
    Filed: May 1, 2015
    Date of Patent: May 15, 2018
    Assignee: Hartford Fire Insurance Company
    Inventors: Kerry R Anderson, John G Buccetti, Joseph E Merola, Jr., Kenneth A Saucier
  • Patent number: 9960835
    Abstract: Embodiments are provided for processing voice communication requests intended for a destination electronic device connected to an on-board communications network. According to certain aspects, a server may receive a request for a routing number and provide the routing number to a service provider network. The server may also identify an identification of a destination electronic device included in a voice communication request, modify the voice communication request to indicate the identification of the destination electronic device, and transmit, to an on-board communications network for delivery to the destination electronic device, a communication according to the voice communication request that was modified.
    Type: Grant
    Filed: March 24, 2016
    Date of Patent: May 1, 2018
    Assignee: GOGO LLC
    Inventors: Bryan Adrian Lauer, Kathy Wang, Tony LaMarca, Paresh Kanabar, Premkumar Bangole, Pat Walsh
  • Patent number: 9954823
    Abstract: An engineering method for establishing an engineering system includes establishing the engineering system in a virtual system by performing a communication and permitting an access to the virtual system via an internet, the communication being performed by using a service which is provided via the internet, the service being used by a first communication system which is connected to the internet, the virtual system being disposed in the first communication system, and the virtual system virtually implementing the engineering system, and inspecting the engineering system by performing an access to an inspection system via a virtual private network, the access is performed by a second communication system which is connected to the virtual private network, the inspection system being disposed in the second communication system, and the inspection system inspecting operations of the engineering system which is established in the virtual system.
    Type: Grant
    Filed: April 2, 2015
    Date of Patent: April 24, 2018
    Assignee: Yokogawa Electric Corporation
    Inventor: Takahiro Kurose
  • Patent number: 9826432
    Abstract: An arrangement for a wireless communication device is disclosed. The arrangement is adapted to set up an application connection between an application of an application layer of the device and a remote server. The device comprises a modem subsystem (comprising the application layer, a remote socket client and a remote socket API between the application layer and the remote socket client), an application processor (comprising a remote socket server and an IP stack, wherein the application processor is associated with a wireless communication access unit and the IP stack is adapted to connect to a communication network using the access unit), and a remote socket protocol communication channel between the remote socket client and the remote socket server. The application is adapted to send an application connection setup request to the remote socket client via the remote socket API.
    Type: Grant
    Filed: November 4, 2014
    Date of Patent: November 21, 2017
    Assignee: TELEFONAKTIEBBOLAGET LM ERICSSON (PUBL)
    Inventor: Stefan Runeson
  • Patent number: 9811682
    Abstract: Techniques for providing security policy for device data are described. In implementations, data on a device is stored in an encrypted form. To protect the encrypted data from being decrypted by an unauthorized entity, techniques enable a decryption key to be occluded if an attempt to gain unauthorized access to device data is detected. In implementations, a decryption key can be occluded in a variety of ways, such as by deleting the decryption key, overwriting the encryption key in memory, encrypting the encryption key, and so on. Embodiments enable an occluded decryption key to be recovered via a recovery experience. For example, a recovery experience can include an authentication procedure that requests a recovery password. If a correct recovery password is provided, the occluded decryption key can be provided.
    Type: Grant
    Filed: January 25, 2016
    Date of Patent: November 7, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Dustin Michael Ingalls, Nathan J. Ide, Christopher R. Macaulay, Octavian T. Ureche, Michael J. Grass, Sai Vinayak, Preston Derek Adam
  • Patent number: 9804876
    Abstract: A system and method for hibernating virtual machines (VMs) are disclosed. In accordance with one embodiment, a computer system that executes a hypervisor and a virtual machine (VM) determines that the virtual machine is to be put to sleep, wherein the determining is performed without involvement of a guest operating system hosted by the virtual machine. In response, the hypervisor stops a first virtual processor of the VM and persists the state of the first virtual processor.
    Type: Grant
    Filed: February 28, 2012
    Date of Patent: October 31, 2017
    Assignee: Red Hat Israel, Ltd.
    Inventors: Michael Tsirkin, Dor Laor
  • Patent number: 9800550
    Abstract: End-to-end file transfer security for file transfer is provided over a network such as the Internet between a client, using a secure communication protocol which is pervasively available, such as HTTPS, to a secure file server which is accessible only through a secure file transfer protocol which is not pervasively available by using a secure proxy for accessing the secure file server rather than providing a protocol break merely for traversing a firewall. The secure proxy is arranged to provide a protocol conversion between the pervasively available secure protocol and the communication protocol through which the server is accessible and which is not pervasively available. By doing so, the secure proxy inherits secure functions of the secure server which thus need not be separately or independently provided in the secure proxy.
    Type: Grant
    Filed: January 31, 2008
    Date of Patent: October 24, 2017
    Assignee: International Business Machines Corporation
    Inventor: Brent E. Davis
  • Patent number: 9794191
    Abstract: Methods and apparatus for uploading data from a sender to a receiver. A data deduplication technique is described that may reduce the bandwidth used in uploading data from the sender to the receiver. In the technique, the receiver, rather than the sender, maintains a fingerprint dictionary for previously uploaded data. When a sender has additional data to be uploaded, the sender extracts fingerprints for units of the data and sends the fingerprints to the receiver. The receiver checks its fingerprint dictionary to determine the data units to be uploaded and notifies the sender of the identified units, which then sends the identified units of data to the receiver. The technique may, for example, be applied in virtualized data store systems to reduce bandwidth usage in uploading data.
    Type: Grant
    Filed: August 24, 2015
    Date of Patent: October 17, 2017
    Assignee: Amazon Technologies, Inc.
    Inventor: James Christopher Sorenson, III
  • Patent number: 9792424
    Abstract: A service receives a request from a user of a group of users to perform one or more operations requiring group authentication in order for the operations to be performed. In response, the service provides a first user of the group with a musical seed and an ordering of the group of users. Each user of the group applies a transformation algorithm to the seed to create an authentication claim. The service receives this claim and determines, based at least in part on the ordering of the group of users, an ordered set of transformations, which are used to create a reference audio signal. If the received claim matches the reference audio signal, the service enables performance of the requested one or more operations.
    Type: Grant
    Filed: September 18, 2014
    Date of Patent: October 17, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Jon Arron McClintock, Darren Ernest Canavor, George Nikolaos Stathakopoulos
  • Patent number: 9794297
    Abstract: A method and system for improving usage of a security compliance framework is provided. The method includes authenticating a user for: access to the security compliance frame work, access to an authoritative source component of the compliance framework, and access to a data store component of the compliance framework. A functionality status of the security compliance framework and a request associated with contents of the data store are presented to a user via a dashboard interface. In response, the request is triggered and associated results are generated.
    Type: Grant
    Filed: October 3, 2016
    Date of Patent: October 17, 2017
    Assignee: International Business Machines Corporation
    Inventors: Rick A. Hamilton, II, Heather M. Hinton, Darren J. Moore, Neil Toussaint
  • Patent number: 9781141
    Abstract: Secured automated or semi-automated systems are provided herein. In one embodiment, a sensor system includes a sensor, a legacy computing environment that is configured to communicate with the sensor and process sensor raw data output, and transmit the processed sensor output to a first network node over the network, and a trusted computing environment configured to receive raw sensor output directly from the sensor and transmit the raw sensor output to an additional network node or the first network node over the network.
    Type: Grant
    Filed: March 4, 2016
    Date of Patent: October 3, 2017
    Inventor: Mordecai Barkan
  • Patent number: 9755833
    Abstract: An identification information management system according to the present invention comprises a plurality of terminals communicable with servers and a site management apparatus which manages site containing the terminals. The terminal has an identification information processing unit which assuming that a one-way hash function is f(x) and a terminal-unique ID is a, generates values x satisfying a conditional equation f(x)=a as identification information. When acquiring multiple items of identification information, the site management apparatus substitutes the identification information as the value x into f(x) and decides whether f(x)=a is satisfied, thereby deciding the terminals.
    Type: Grant
    Filed: December 3, 2009
    Date of Patent: September 5, 2017
    Assignee: NEC Corporation
    Inventor: Hiroshi Kitamura
  • Patent number: 9740791
    Abstract: Techniques and solutions for providing a cloud browse service are described. For example, a client can request a web page. In response to the request, the client can receive a processed layer tree representing the web page. The processed layer tree can be created by a server environment (e.g., by creating an original DOM from obtained HTML and associated web page resources for the web page and creating the processed layers from the original DOM). The client can create a simplified DOM from the received processed layers and display the web page using the simplified DOM. Techniques and solutions for providing a browser as a service are described. For example, a web browser component can receive a processed layer tree representing a web page, create a simplified DOM, and display the web page.
    Type: Grant
    Filed: September 23, 2014
    Date of Patent: August 22, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: David Andrew Killian, Dhruva Lakshmana Rao Batni, Rohit Krishna Kumar, Nikhil Dinkar Joshi, Samuel John Young, Saral Jain, James Alan Umstot
  • Patent number: 9727729
    Abstract: In an example embodiment, a system determines a set of instructions from the available instructions for a computer application. The determined set of instructions provides specific functionality of the computer application. The system may determine the set of instructions by performing functional testing and negative testing on the specific functionality. The system may reorganize and randomize the set of instructions in memory and write the reorganized set of instructions to a smaller memory space. For each available instruction not in the set of instructions, the system changes the respective instruction to inoperative to prevent execution of the respective instruction. The system may change the respective instruction to inoperative by overwriting the instruction with a NOP instruction. The system then captures a memory address of the computer application being accessed at runtime.
    Type: Grant
    Filed: June 24, 2015
    Date of Patent: August 8, 2017
    Assignee: Virsec Systems, Inc.
    Inventor: Satya Vrat Gupta
  • Patent number: 9729579
    Abstract: A computer-implemented method for increasing security on computing systems that launch application containers may include (1) authenticating an application container that facilitates launching at least one application on a host computing system by verifying that the application container meets a certain trustworthiness threshold, (2) intercepting, via a policy-enforcement proxy, a command to perform a deployment action on the host computing system in connection with the authenticated application container, (3) determining that the deployment action potentially violates a security policy applied to the authenticated application container, and then in response to determining that the deployment action potentially violates the security policy, (4) modifying, via the policy-enforcement proxy, the command to prevent the potential violation of the security policy. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: April 27, 2015
    Date of Patent: August 8, 2017
    Assignee: Symantec Corporation
    Inventors: Daniel Marino, Petros Efstathopoulos, Mingwei Zhang
  • Patent number: 9692791
    Abstract: A software application may be registered for network-based security services that help ensure that the software application only communicates with network devices (e.g., application servers) for which permission is expressly given or network devices otherwise deemed trustworthy. A network server may monitor network traffic originating from the software application installed on a user device. When the software application causes the user device to communicate with a network device for which permission has not been given and/or that is untrustworthy (e.g., for having a reputation of being associated with malicious software), the network server may prohibit the software application from sending information to the network device.
    Type: Grant
    Filed: March 22, 2016
    Date of Patent: June 27, 2017
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Siddharth Mishra, Jeffrey R. Stribling
  • Patent number: 9686153
    Abstract: Techniques for placing a virtual edge gateway appliance on at least one host computing system are described. In one embodiment, a virtual switch assigned to a tenant for creating virtual networks is identified. Further, at least one host computing system having access to the virtual switch is identified. Furthermore, placing a virtual edge gateway appliance on the at least one identified host computing system is recommended to allow connectivity to networks created using the virtual switch assigned to the tenant.
    Type: Grant
    Filed: January 12, 2016
    Date of Patent: June 20, 2017
    Assignee: VMware, Inc.
    Inventors: Tanmay Dalvi, Amita Savagaonkar
  • Patent number: 9686292
    Abstract: A system and method for monitoring, modeling and assessing networked devices. A continuous device profiling (CDP) system builds and maintains device-specific and network-specific behavioral models based on observation of network traffic. The behavioral models may be used for network management, detecting misconfigured or malware infected devices, performing network asset inventory, network access control, network discovery in support of network integration, and information security incident response management. CDP models and monitors the active roles that devices assume on the network based on a set of matching profiles, monitors transitions between roles, and triggers corrective action when role transitions violate the policies of the network.
    Type: Grant
    Filed: June 9, 2015
    Date of Patent: June 20, 2017
    Assignee: Observable Networks, Inc.
    Inventor: Patrick Crowley
  • Patent number: 9672360
    Abstract: Secure computer architectures, systems, and applications are provided herein. An exemplary system includes a legacy environment which is an off-the-shelf computing system, a trusted environment device that communicates with a network, and at least one peripheral that is communicatively coupled with the trusted environment device or having an authentication module.
    Type: Grant
    Filed: January 27, 2015
    Date of Patent: June 6, 2017
    Inventor: Mordecai Barkan
  • Patent number: 9652192
    Abstract: A sink device in a Wireless Display (WD) system may establish a user input device control communication channel between a source device and sink device in a WD system to allow the sink device to send device control inputs to the source device. The user input device control communication channel may include a reverse channel architecture referred to as the Wi-Fi User Input Back Channel (UIBC) that has been modified to transport one or more additional input types over UDP. For example, UIBC may be extended to transport voice input and VNC input types.
    Type: Grant
    Filed: January 23, 2014
    Date of Patent: May 16, 2017
    Assignee: QUALCOMM Incorporated
    Inventors: Phanikumar Kanakadurga Bhamidipati, Xiaolong Huang, Vijayalakshmi Rajasundaram Raveendran
  • Patent number: 9652174
    Abstract: In an example, an analytic function to be performed on data stored in an input block is managed through an interface to a framework through which a user is to define the analytic function. The framework is to buffer batches of the data into a memory through implementation of a Reader, a Writer, a PreReader, and a PreWriter on the data stored in the input block when the user-defined analytic function is performed, and wherein the Reader, the Writer, the PreReader, and the PreWriter are individually movable with respect to each other in the input block. In addition, the user-defined analytic function is received through the interface.
    Type: Grant
    Filed: June 4, 2012
    Date of Patent: May 16, 2017
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Neil Earnest Chao, Hongmin Fan
  • Patent number: 9635077
    Abstract: Techniques are disclosed for low latency live video streaming. A client can be configured to send a single HTTP request for live video streaming to a server. The server can be configured to push one or more video segments to the client in response to the request, following a pre-defined push strategy. For example, using a so-called all-push strategy, the client sends only one request to the server, and in response, the server sends all of the video segments to the client as soon as each segment is complete. The HTTP 2.0 protocol may be used for pushing the video from the server to the client. This technique eliminates the request explosion problem when small segments are used. Further, the number of segments pushed with each request can be varied, which is to facilitate adaptive bitrate switching.
    Type: Grant
    Filed: March 14, 2014
    Date of Patent: April 25, 2017
    Assignee: Adobe Systems Incorporated
    Inventors: Viswanathan Swaminathan, Sheng Wei
  • Patent number: 9626872
    Abstract: An avionics system comprising a human machine interface configured to display a user interface and a control device is provided. The control device coupled to the human machine interface, wherein the control device is configured to send and receive controller/pilot data link communications (CPDLC) messages and adjust the user interface based on a first CPDLC version of an established first CPDLC session.
    Type: Grant
    Filed: April 30, 2010
    Date of Patent: April 18, 2017
    Assignee: Honeywell International Inc.
    Inventors: Thomas D. Judd, Michael J. Kayser, Thomas F. McGuffin, Reetu Gupta
  • Patent number: 9628292
    Abstract: Wi-Fi flows are intelligently bridged in a software-defined network (SDN) controller of a wireless communication network that centrally coordinates data plane behavior. A default mode tunnels packets received at an access point to the SDN controller for layer 2 routing decisions. A bridging policy concerning bridging of specific types of traffic flows for the wireless communication network is received at the SDN. Data plane traffic flow for each of a plurality of access points distributed around the wireless communication network is centrally monitored. New data streams tunneled to the SDN controller are matched to bridging policies with deep packet inspection. Responsive to matching, the tunnel mode is converted to a bridge mode by sending a rule concerning the new data stream to the access point. As a result, subsequent packets of the new data stream are transferred at the access point without tunneling additional packets to the SDN controller).
    Type: Grant
    Filed: April 23, 2015
    Date of Patent: April 18, 2017
    Assignee: Fortinet, Inc.
    Inventors: Lakshmi Narayana Dronadula, Ajay Malik, Avinash Bhagtani, Saurabh Kumar Agarwal, Nuwas Ponnambathayil
  • Patent number: 9628490
    Abstract: Embodiments of the present invention address deficiencies of the art in respect to validating a specified identity for a participant to a chat session and provide a novel and non-obvious method, system and computer program product for trusted contact name validation for an instant messaging session. In one embodiment of the invention, an instant messaging contact name validation method can be provided. The method can include establishing a trusted relationship among at least two instant messaging servers in a trusted community of instant messaging servers, receiving a request to add a specified contact to a list of instant messaging contacts in association within one of the instant messaging servers in the trusted community of instant messaging servers, and validating the specified contact with another of the instant messaging servers in the trusted community of instant messaging servers.
    Type: Grant
    Filed: November 27, 2006
    Date of Patent: April 18, 2017
    Assignee: International Business Machines Corporation
    Inventors: Patrick O'Sullivan, James P. Galvin, Jr.
  • Patent number: 9602476
    Abstract: In a method of selectively applying a data encryption function, a CoAP client and a CoAP server perform a DTLS handshake process. The CoAP client generates a CoAP message when the DTLS handshake process has been completed, and then indicates that encryption does not need to be applied to the CoAP message. The CoAP client generates only the authentication value of the CoAP message via a DTLS record layer protocol. The CoAP client sets the value of the specific field of a DTLS record layer protocol header to a specific value via the DTLS record layer protocol. The CoAP client sends the CoAP message and the authentication value to the CoAP server.
    Type: Grant
    Filed: July 9, 2015
    Date of Patent: March 21, 2017
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Jaeduck Choi, Gunhee Lee, Sinkyu Kim
  • Patent number: 9571439
    Abstract: An electronic message may be reconfigured to effect an enhanced notification using an input interface to receive at least one electronic message created by or on behalf of a message source for delivery to an intended recipient. A matching engine determines whether the electronic message corresponds to a predetermined definition of an enhanced notification. An enhancement engine reconfigures the electronic message to the enhanced notification if stored information related to the intended recipient indicates that the intended recipient is subscribed to receive the enhanced notification. Reconfiguring the electronic message may include reconfiguring the message to provide special handling, routing or presentation.
    Type: Grant
    Filed: February 14, 2013
    Date of Patent: February 14, 2017
    Assignee: FACEBOOK, INC.
    Inventors: Barry Appelman, Muhammad Mohsin Hussain
  • Patent number: 9536113
    Abstract: According to an embodiment, an information processing apparatus includes a main processor, a secure operating system (OS) module, a non-secure OS module, a secure monitor memory setting module, a timer, and an address space controller. When receiving a notification of an interrupt from the timer, a secure monitor instructs the secure OS module to execute certain processing. The secure OS module is configured to execute certain processing instructed by the secure monitor and store data of a result of the processing in a first memory area.
    Type: Grant
    Filed: September 10, 2014
    Date of Patent: January 3, 2017
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Hiroshi Isozaki, Jun Kanai, Shintarou Sano, Shunsuke Sasaki, Toshiki Kizu
  • Patent number: 9479479
    Abstract: A device may receive rule information, associated with a firewall policy, that includes a set of N rules. The device may add a rule, of the set of N rules, to a detector tree associated with the firewall policy. The device may identify other rules to which the rule is to be compared. The other rules may be included in the set of N rules, and may include a quantity of rules approximately equal to a result of a logarithm to base 2 of N. The device may compare the rule and the other rules, and may detect a rule anomaly based on comparing the rule to the other rules. The rule anomaly may be associated with a conflict between the rule and a particular rule of the other rules. The device may identify the rule anomaly within the detector tree, and may output information regarding the rule anomaly.
    Type: Grant
    Filed: September 25, 2014
    Date of Patent: October 25, 2016
    Assignee: Juniper Networks, Inc.
    Inventors: Vinuth Tulasi, Arnav Shrivastava, Srivathsa Sarangapani
  • Patent number: 9471774
    Abstract: A method for providing secure access to a virtual machine includes dispensing an image corresponding to a virtual machine from a management appliance to a distributed computing system such that the virtual machine is implemented by at least one of a plurality of interconnected physical computing devices in the distributed computing system; establishing a trusted relationship between the management appliance and the virtual machine; and providing a user with access to the virtual machine from the management appliance without further authentication credentials from the user.
    Type: Grant
    Filed: March 14, 2012
    Date of Patent: October 18, 2016
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Rohith Kottamangalam Ashok, Daniel Everett Jemiolo, Todd Eric Kaplinger, Aaron Kyle Shook
  • Patent number: 9460311
    Abstract: The method includes determining, using an in-memory database, a privacy risk associated with a resultant dataset of a query, returning, by the in-memory database, an anonymized dataset if the privacy risk is above a threshold value, the anonymized dataset being based on an anonymization, by the in-memory database, of the resultant dataset, and returning, by the in-memory database, the resultant dataset if the privacy risk is below a threshold value.
    Type: Grant
    Filed: June 26, 2013
    Date of Patent: October 4, 2016
    Assignee: SAP SE
    Inventors: Michele Bezzi, Antonino Sabetta
  • Patent number: 9450915
    Abstract: A method for creating a secure link between any two endpoints in a network comprises: assigning a unique identifier to each endpoint of a network; for each endpoint in the network, transmitting the unique identifiers associated with each of the remaining endpoints in the network to said endpoint; establishing a secure link between a source endpoint and a destination comprising: transmitting a data-session establishment packet from the source endpoint to the destination endpoint via a symmetric NAT device; wherein the data-session establishment packet comprises the unique identifier associated with the source endpoint; performing a matching operation at the destination endpoint to match the unique identifier associated with the source endpoint with a unique identifier known to the destination endpoint; and upon matching of unique identifiers then creating a forwarding table entry for the destination endpoint based on the source address and source port associated with the source endpoint.
    Type: Grant
    Filed: January 2, 2014
    Date of Patent: September 20, 2016
    Assignee: VIPTELA INC.
    Inventor: Lars Olof Stefan Olofsson
  • Patent number: 9443078
    Abstract: A management appliance includes at least one processor; and a memory communicatively coupled to the at least one processor. The memory comprising executable code stored thereon such that the at least one processor, upon executing the executable code, is configured to: dispense an image corresponding to a virtual machine to a distributed computing system comprising a plurality of interconnected computing devices, such that at least one of the computing devices implements the virtual machine; establish a trusted relationship with the virtual machine; and provide an authenticated user with access to the virtual machine without further authentication credentials from the user.
    Type: Grant
    Filed: April 20, 2010
    Date of Patent: September 13, 2016
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Rohith Kottamangalam Ashok, Daniel Everett Jemiolo, Todd Eric Kaplinger, Aaron Kyle Shook
  • Patent number: 9438549
    Abstract: Embodiments of the present invention provide a method, system and computer program product for controlling expiration of electronic mail (e-mail) single store attachments. A method to control expiration of e-mail single store attachments can include sending an e-mail message, the e-mail message including one or more attachments, creating a single store linked e-mail message by removing the one or more attachments from the sent e-mail message and replacing each of the one or more attachments with a corresponding single store attachment link. The method further can include storing the removed one or more attachments in an attachment server, where each of the one or more attachments has an expiration date, sending the single store linked e-mail message having the one or more store attachment links to one or more recipients and deleting an attachment stored on the attachment server based upon its respective expiration date having expired. When there is e-mail activity (e.g., forward, reply, etc.
    Type: Grant
    Filed: September 27, 2007
    Date of Patent: September 6, 2016
    Assignee: International Business Machines Corporation
    Inventor: Mark E. Maresh
  • Patent number: 9401922
    Abstract: Systems and methods are provided for detecting an anomalous condition in a virtual computing environment having a virtualization control system coupled to a physical server, disk drive, and networking resources, where the virtualization control system is configured to partition the physical resources into virtual resources including virtual processor, memory, and storage resources for a plurality of virtual servers. Contents of a plurality of virtual memory storage locations are determined, where the virtual memory storage locations span multiple virtual servers. A runtime state of the virtual environment is determined based on the contents of the virtual memory storage locations. The runtime state of the virtual environment is verified for correctness or compared with a baseline state to identify a deviation from the baseline state, and a corrective action is performed when the discrepancy meets a predetermined criteria.
    Type: Grant
    Filed: December 9, 2011
    Date of Patent: July 26, 2016
    Assignee: Verizon Patent and Licensing Inc.
    Inventor: Aaron Walters