Authorization Patents (Class 726/17)
  • Patent number: 11144371
    Abstract: A digital assistant includes an extensibility client that interfaces with application extensions that are built by third-party developers so that various aspects of application user experiences, content, or features may be integrated into the digital assistant and rendered as native digital assistant experiences. Application extensions can use a variety of services provided from cloud-based and/or local sources such as language/vocabulary, user preferences, and context services that add intelligence and contextual relevance while enabling the extensions to plug in and operate seamlessly within the digital assistant context. Application extensions may also access and utilize general digital assistant functions, data structures, and libraries exposed by the services and implement application domain-specific context and behaviors using the programming features captured in the extension.
    Type: Grant
    Filed: October 12, 2018
    Date of Patent: October 12, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Tanvi Surti, Michael Patten, Sean Lyndersay, Chee Chen Tong
  • Patent number: 11127410
    Abstract: A method executed by a voice decoding device includes the following steps: receiving and determining whether an identification data is correct; if the identification data is incorrect, showing a decoding array, including plural characters, wherein positions of the plural characters are randomly distributed; receiving a numerical voice command, wherein the numerical voice command includes plural arranged decoding characters in regular turn; determining whether the numerical voice command corresponds to a preset decoding trace; arranging the plural decoding characters corresponding to the decoding array to form an arranged trace; when the arranged trace is the same as the decoding trace, unlocking the voice decoding device. By randomly displaying the decoding array, the invention permits a user to speak the sequence corresponding to the preset decoding trace so that unauthorized users cannot decode the voice decoding device by eavesdropping the pin, so as to achieve the better anti-theft effect.
    Type: Grant
    Filed: November 12, 2019
    Date of Patent: September 21, 2021
    Inventor: Wen-Ta Chiu
  • Patent number: 11128613
    Abstract: Passwords are used in various system access applications in order to ascertain that the user seeking access to a system resource is indeed the person with said access. Passwords are usually supposed to be entered through a keyboard and are a combination of alphanumeric values. With the advent of devices equipped with visual displays and touch inputs, it is possible to create a system which utilizes a person's visual memory to authenticate the person. A system and method is described which uses multiple images to perform authentication. This system does not require its user to input a text value as a password. The password is created by user's actions. These actions are in the form of selecting a segment on a displayed image. Few different systems are described. One system is capable of creating variable passwords which by design keep changing from one authentication attempt to another. Another system uses one high resolution image to effectively hide the password in an image with lots of detail.
    Type: Grant
    Filed: March 25, 2019
    Date of Patent: September 21, 2021
    Inventor: Rajul Johri
  • Patent number: 11100245
    Abstract: A system includes a secure storage database maintaining a plurality of secure data, a storage access interface, and an access controller. The storage access interface receives a first request to retrieve a first secure data from the secure storage domain. The access controller receives the first request; determines, using a first access module, if the first request satisfies a first access condition based on the first secure data requested to be retrieved; extracts, from the first request, an indication of a role of a user associated with the first request; initializes, responsive to receiving the first request, a second access module; determines, using the second access module, if the first request satisfies a second access condition based on the indication of the role of the user; and outputs the first secure data responsive to the first request satisfying the first access condition and the second access condition.
    Type: Grant
    Filed: September 13, 2018
    Date of Patent: August 24, 2021
    Assignee: Rockwell Collins, Inc.
    Inventors: Ryan P. Littler, Joseph M. Dusio
  • Patent number: 11089027
    Abstract: Systems and methods for authenticating access to multiple data stores substantially in real-time are disclosed. The system may include a server coupled to a network, a client device in communication with the server via the network and a plurality of data stores. The server may authenticate access to the data stores and forward information from those stores to the client device. An exemplary authentication method may include receipt of a request for access to data. Information concerning access to that data is stored and associated with an identifier assigned to a client device. If the identifier is found to correspond to the stored information during a future request for access to the store, access to that store is granted.
    Type: Grant
    Filed: April 9, 2021
    Date of Patent: August 10, 2021
    Assignee: Seven Networks, LLC
    Inventors: Jay Sutaria, Brian Daniel Gustafson, Robert Paul van Gent, Ruth Lin, David Merriwether, Parvinder Sawhney
  • Patent number: 11068603
    Abstract: Systems and techniques are provided for trust agents. Trust agents may be enabled. A state determination may be received from each of the enabled trust agents. The state determination may indicate either a trusted state or an untrusted state. The received state determinations may be combined to determine a security state. A security measure may be enabled or disabled based on the determined security state.
    Type: Grant
    Filed: October 22, 2019
    Date of Patent: July 20, 2021
    Assignee: Google LLC
    Inventors: James Brooks Miller, Michael Andrew Cleron
  • Patent number: 11068195
    Abstract: The systems and methods of distributed backup on a private network, comprising: establishing a secure and encrypted private network with one or more profile computing devices; establishing a whitelist of trusted profiles on a first profile computing device; selecting two or more profiles from the whitelist to backup information from the first profile computing device; tracking any updates to the network address of the selected profiles for backup; tracking information on remote profile computing devices that originated from the first profile computing device; sending differential information for backup that does not exist on other remote profile computing devices to the selected profile computing devices.
    Type: Grant
    Filed: July 22, 2019
    Date of Patent: July 20, 2021
    Assignee: Whitestar Communications, Inc.
    Inventor: Billy Gayle Moon
  • Patent number: 11061565
    Abstract: According to one embodiment, an electronic device includes a first cursor button, a second cursor button, and a processor. The processor prompts a user to select a first direction by selecting one of the first cursor button or the second cursor button, and assigns the first direction to the first cursor button and a second direction to the second cursor button when the first cursor button is selected.
    Type: Grant
    Filed: December 26, 2018
    Date of Patent: July 13, 2021
    Assignee: Toshiba Client Solutions CO., LTD.
    Inventor: Shigeki Kizaki
  • Patent number: 11057362
    Abstract: A method of dynamic adaptive authentication includes receiving a request from a user to access a resource of a network and determining whether the resource is protected. In response to determining that the resource is protected, a dynamic authentication chain is generated. The dynamic authentication chain includes a plurality of authentication schemes that are arranged in a particular order. The method also includes challenging the user with the dynamic authentication chain and receiving a set of credentials from the user based at least in part on the particular order of the dynamic authentication chain. The method includes determining whether the set of credentials satisfies the dynamic authentication chain. In response to determining that the set of credentials satisfies the dynamic authentication chain, the user is authenticated.
    Type: Grant
    Filed: October 5, 2017
    Date of Patent: July 6, 2021
    Assignee: CA, Inc.
    Inventors: Murali Krishna Segu, Venkata Swamy Karukuri
  • Patent number: 11036956
    Abstract: The present disclosure provides a mobile terminal and a radio frequency fingerprint identification apparatus and method thereof. The apparatus comprises a plurality of fingerprint identification units disposed under the touch screen, a power supply control module and a fingerprint identification control module. The touch screen of the mobile terminal is configured for obtaining area information of a finger touching area when receiving a touch operation instruction. The fingerprint identification control module is configured to generate a fingerprint identification area according to the received area information. The fingerprint identification area corresponds to at least part of the plurality of fingerprint identification units, and the at least part of the plurality of the fingerprint identification units are defined as target fingerprint identification units. The power supply control module is triggered to supply power to the target fingerprint identification units so as to collect fingerprint information.
    Type: Grant
    Filed: January 22, 2020
    Date of Patent: June 15, 2021
    Inventor: Wei Li
  • Patent number: 11023080
    Abstract: An apparatus and a method for detecting a touch input to a touchscreen and distinguishing between different types of touch inputs are provided. The method includes detecting the input to a touch screen of the terminal, and determining an input type that is input to the touch screen based on characteristics of the input.
    Type: Grant
    Filed: August 19, 2019
    Date of Patent: June 1, 2021
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Nitin Bajaj, Madan Ankapura
  • Patent number: 11018867
    Abstract: Embodiments described herein disclose methods and systems for authorizing transactions received from client applications. The transaction request can include a first access token. After validating the first access token, the system can determine whether additional authentication is needed to authorize the transaction. If additional authentication is needed, the system can determine the authentication requirements. Once the additional authentication is received and verified, the system can generate a second access token and authorize the transaction by releasing the first access token.
    Type: Grant
    Filed: June 10, 2020
    Date of Patent: May 25, 2021
    Inventors: Hoang Trung Vo, Hieu Nguyen
  • Patent number: 11003781
    Abstract: A root key processing method and an associated device are disclosed. The root key processing method is performed by a processor connected to a memory configured with an RPMB section, and includes the following steps. The processor detects whether a root key of the RPMB section is already written in the memory after the processor is powered on. If not, in a secure activation process of the processor, the root key of the RPMB section is written to the memory, wherein the secure activation process is that the processor does not activate a non-secure operation system. The method is capable of preventing leakage of the root key from the memory.
    Type: Grant
    Filed: November 5, 2018
    Date of Patent: May 11, 2021
    Assignee: MEDIATEK, INC.
    Inventor: Ming Yong Sun
  • Patent number: 11005849
    Abstract: The disclosed embodiments relate to systems and methods for secure and efficient resource access using distributed directory caching techniques. Techniques include obtaining, from a directory service, client directory data associated with a client; providing the client directory data to a computing device associated with the client for caching on the computing device; identifying a request from the client; receiving, from the computing device, the client directory data that was cached on the computing device; and evaluating the request based on the received client directory data.
    Type: Grant
    Filed: June 30, 2020
    Date of Patent: May 11, 2021
    Assignee: CyberArk Software Ltd.
    Inventors: Dima Barboi, Arthur Bendersky, Tal Zigman
  • Patent number: 10983764
    Abstract: A method of providing application-oriented software for a desired application-oriented functionality within a computer system includes transferring configuration data to the computer system, wherein the configuration data predefine a functionality of an application-oriented software to be created, using one or more program components from a plurality of program components stored locally within the computer system depending on the functionality predefined by the configuration data, creating the application-oriented software by the locally used program components depending on the functionality defined by the configuration data, and embedding the created application-oriented software in an operating environment in the computer system to provide the desired application-oriented functionality.
    Type: Grant
    Filed: May 15, 2019
    Date of Patent: April 20, 2021
    Assignee: Fujitsu Technology Solutions Intellectual Property GmbH
    Inventors: Timo Bruderek, J├╝rgen Atzkern
  • Patent number: 10949651
    Abstract: The present invention relates to an electrocardiogram-based face recognition security system and method using a smart watch, and more particularly, to a security system and a method for enhancing security by simultaneously performing biometric human identification based on an electrocardiogram and biometric human identification using face recognition for user identification in a portable PTT communication device such as smart watch.
    Type: Grant
    Filed: December 27, 2018
    Date of Patent: March 16, 2021
    Assignee: DODOTDO CO., LTD
    Inventors: In Gyeom Kim, So Yeong Sim
  • Patent number: 10951608
    Abstract: A technique is disclosed for remotely managing isolated domains on mobile devices. A request is received from the mobile device to instantiate a managed domain. A managed domain configuration is determined and comprises a security policy controlling access to content of the managed domain of the subscribing mobile device, a content specification identifying the content to be downloaded by the subscribing mobile device into the managed domain, and a content configuration identifying a configuration of the content on the subscribing mobile device. The managed domain configuration is sent to the subscribing mobile device to instantiate a secure, managed domain whose policy, content and content configuration is remotely controlled. The technique is useful for advertising and brand promotion on mobile devices as it simultaneously enables detailed control over the presentation of content by a curator while ensuring privacy and security protection of the other apps, accounts and data on the mobile device.
    Type: Grant
    Filed: March 11, 2019
    Date of Patent: March 16, 2021
    Assignee: CIS MAXWELL, LLC
    Inventors: Alexander James Main, Ron Vandergeest, Paul Litva
  • Patent number: 10949445
    Abstract: The disclosed technology relates to a system configured to compute a difference between a remote tree data structure representing a server state for content items associated with an account on a content management system and a sync tree data structure representing a known synchronization state between the content management system and the computing system. The system is configured to generate, based on the difference, a set of operations that when performed on the computing system update the content items stored on the client device to converge a file system state on the computing system and the server state.
    Type: Grant
    Filed: January 11, 2018
    Date of Patent: March 16, 2021
    Assignee: Dropbox, Inc.
    Inventors: Isaac Goldberg, Sujay Jayakar, John Lai, Robert Ying, Nipunn Koorapati, Gautam Gupta, Geoffry Song, Elmer Charles Jubb, IV
  • Patent number: 10942991
    Abstract: Parental control of child's web-based digital content experience, which can be applied to other contexts such as education, the workplace or other organizations. Trust relationships authorize specified users or organizations to permit access to content or resources by other users. Collection curation including content reputation and age appropriate ratings disclosed.
    Type: Grant
    Filed: April 1, 2019
    Date of Patent: March 9, 2021
    Assignee: Kiddofy, LLC
    Inventor: Eric D. Kidd
  • Patent number: 10936704
    Abstract: One embodiment provides a method, including: assigning a machine learning model signature to a machine learning model, wherein the machine learning model signature is generated using (i) data points and (ii) corresponding data labels from training data; receiving input comprising identification of a target machine learning model; acquiring a target signature for the target machine learning model by generating a signature for the target machine learning model using (i) data points from the assigned machine learning model signature and (ii) labels assigned to those data points by the target machine learning model; determining a stolen score by comparing the target signature to the machine learning model signature and identifying the number of data labels that match between the target signature and the machine learning model signature; and classifying the target machine learning model as stolen based upon the stolen score reaching a predetermined threshold.
    Type: Grant
    Filed: February 21, 2018
    Date of Patent: March 2, 2021
    Inventors: Sameep Mehta, Rakesh R. Pimplikar, Karibik Sankaranarayanan
  • Patent number: 10932117
    Abstract: A method and system for connecting a power tool with a mobile device. The mobile device receives a user request to connect to a power tool and transmits a short-range advertisement. The power tool receives the short-range advertisement and transmits a signal. The mobile device receives the signal from the power tool and determines a signal strength. The mobile device compares the signal strength to a predetermined signal strength value. When the signal strength value exceeds the predetermined signal strength value, the mobile device connects with the power tool.
    Type: Grant
    Filed: January 21, 2020
    Date of Patent: February 23, 2021
    Assignee: Milwaukee Electric Tool Corporation
    Inventors: Christian Paul Coulis, Jason Glenn Rothman, Steven M. Stefanik
  • Patent number: 10931712
    Abstract: A method and associated circuits protect data stored in a secure data circuit of a telecommunication device equipped with a near-field communication (NFC) router, a microcontroller, and the secure data circuit. In the method, each message received with the NFC router is parsed to retrieve a communication pipe identifier and an instruction code. The communication pipe identifier and the instruction code are compared to corresponding information in a filter table. Instruction codes of particular messages that attempt to modify a communication pipe by reassigning one end of the communication pipe from the port of the NFC router to a different circuit are acted upon. These messages are blocked from reaching the secure data circuit when the instruction code is not authorized in the filter table, and these messages are permitted when the instruction code is authorized in the filter table.
    Type: Grant
    Filed: November 27, 2019
    Date of Patent: February 23, 2021
    Inventors: Thierry Huque, Olivier Van Nieuwenhuyze, Alexandre Charles
  • Patent number: 10922441
    Abstract: A computing device includes: a trusted execution environment with access to a memory storing a deletable root key, the memory inaccessible by a second execution environment; and at least one processor operable in the trusted execution environment, wherein when operating in the trusted execution environment, the at least one processor is configured for: based on requests from the second execution environment, performing a root key operation on an encryption key utilized by the second execution environment to secure data the second execution environment; and deleting the root key upon detection of a security event.
    Type: Grant
    Filed: May 4, 2018
    Date of Patent: February 16, 2021
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Zhijun Mo, Jianfei Ye
  • Patent number: 10911421
    Abstract: Disclosed are various embodiments for an authentication service. A unique identifier is associated with a device access token for a client to be authenticated. An authentication identifier is sent to an authenticated client. The client to be authenticated communicates the authentication identifier and unique identifier to the authentication service to complete authentication.
    Type: Grant
    Filed: October 9, 2017
    Date of Patent: February 2, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Yogesh Vilas Golwalkar, Bharath Kumar Bhimanaik
  • Patent number: 10904475
    Abstract: Methods, apparatus, and software are described for using an optically-readable code. The optically-readable code may be caused to be displayed. Data may be received based on the optically-readable code. Content or other items may be determined based on the optically-readable code.
    Type: Grant
    Filed: June 19, 2017
    Date of Patent: January 26, 2021
    Assignee: Comcast Cable Communications, LLC
    Inventors: Shaun Gehring, Jason Smith, Michael J. Cook, Bruce Bradley, Daniel T. Grady, Charlie Herrin, Robert Philibert
  • Patent number: 10904261
    Abstract: The invention comprises a personal data sharing system comprising an aggregator for aggregating data from a plurality of disparate sources and for categorising said aggregated data into discrete groups of data, a platform configured to enable the assignment of an access permission level for each one of said discrete groups of data by allowing the user to configure said access permission level or by automatically assigning said access permission level from a number of pre-determined access permission levels; said platform being further configured to permit access to a discrete group of data dependent upon said access permission level.
    Type: Grant
    Filed: November 5, 2015
    Date of Patent: January 26, 2021
    Inventor: Dele Atanda
  • Patent number: 10887755
    Abstract: A method for activating a first terminal from a second terminal, the first terminal and the second terminal being connected via a communication network. The method includes associating the first terminal with the second terminal, detecting an action on an input peripheral device associated with the second terminal, and transmitting a notification to the first terminal, the notification having at least one command suitable for authorizing unlocking of the first terminal.
    Type: Grant
    Filed: May 28, 2019
    Date of Patent: January 5, 2021
    Assignee: ORANGE
    Inventor: Cedric Floury
  • Patent number: 10880333
    Abstract: Systems and processes that may be implemented to manage access by software applications to various resources of a user telecommunications device are disclosed. The systems and processes may implement a trust policy which reflects privacy criteria selected by a user of the user telecommunications device, wherein the trust policy overrides registered permissions of the software applications. The user telecommunication device may include a memory that stores a software application has been granted registered permissions to access a input and/or output component of the user telecommunications device as well as a trust policy has been set by the user to proscribe access by that particular software application to the input and/or output component. In implementing the trust policy, the software application may be prevented from accessing the input and/or output component notwithstanding the software application having registered permissions to access the input and/or output component.
    Type: Grant
    Filed: May 9, 2019
    Date of Patent: December 29, 2020
    Assignee: T-Mobile USA, Inc.
    Inventors: Ahmad Arash Obaidi, Eric W. Yocam
  • Patent number: 10867074
    Abstract: An electronic device capable of controlling an access right of an application and a controlling method thereof are provided. The controlling method of the electronic device for executing the application includes, in response to an event for inquiring about whether to allow an access right to a function of the electronic device required for executing an application, displaying a user interface (UI) to confirm whether to allow the access right, and in response to a user command being input through the UI, matching and storing a state of the application according to the event and a determination of whether to allow the access right according to the user command.
    Type: Grant
    Filed: November 6, 2018
    Date of Patent: December 15, 2020
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Yun Jin Lee, Seung Hyun Ha
  • Patent number: 10833862
    Abstract: The present application provides identity registration and authorization methods using biometric feature information of user. In one example method, a terminal device receives biometric feature information of a user that is to be verified in association with a service processing request. The terminal device can then match the received biometric feature information to be verified with a pre-stored biometric feature of the user, where the pre-stored biometric feature of the user is associated with a corresponding identifier. In response to matching the received biometric feature information to be verified to a particular pre-stored biometric feature of the user, a private key store is searched for a private key associated with the identified of the particular pre-stored biometric feature of the user. In response to determining that no private is associated with the identifier, a user identity of the user is registered with a server.
    Type: Grant
    Filed: September 18, 2018
    Date of Patent: November 10, 2020
    Assignee: Alibaba Group Holding Limited
    Inventor: Fei Meng
  • Patent number: 10812332
    Abstract: Techniques for generating a stream processing pipeline are provided. In one embodiment, a method includes generating a plurality of pipeline stages of a stream processing pipeline in accordance with a configuration file. The plurality of pipeline stages includes a first buffer stage designated for a first data service and a second buffer stage designated for a second data service. The method further includes collecting data items; processing the collected data items; and storing at least a portion of the processed data items in the first buffer stage and at least a portion of the processed data items in the second buffer stage. The method further includes transmitting the data items stored in the first buffer stage to the first data service at a first transmission rate; and transmitting the data items stored in the second buffer stage to the second data service at a second transmission rate.
    Type: Grant
    Filed: February 28, 2018
    Date of Patent: October 20, 2020
    Assignee: VMware Inc.
    Inventor: Deep P. Desai
  • Patent number: 10795707
    Abstract: A processing system including a host system having a host processor, an associated host memory system, user interface, and a host operating system. The host operating system runs a virtualization program for creating a virtual machine including virtual hardware, a virtual operating system, and a virtual application program running in conjunction with the virtual operating system. The virtual machine instantiates the virtual application program in response to a user request through the user interface to initiate a function. In response to user inputs through the user interface, the virtual machine executes operations with the virtual application in conjunction with the virtual operating system to implement the requested function such that the host system is isolated from an attack initiated during execution of the virtual application program by the virtual machine.
    Type: Grant
    Filed: May 14, 2015
    Date of Patent: October 6, 2020
    Inventors: Peter McClelland Hay, Donald William Hay
  • Patent number: 10785628
    Abstract: The present invention includes a device for the transmission of a communication transmission with a communication menu facilitating communication between a user and an operator with bespoke information.
    Type: Grant
    Filed: February 19, 2019
    Date of Patent: September 22, 2020
    Assignee: Safe Sex Consent, Inc.
    Inventor: Wendy Geller
  • Patent number: 10783534
    Abstract: Disclosed is a computer implemented method of creating a profile of a user based on user behavior. The method may include receiving a plurality of Universal Resource Locators (URLs) corresponding to a plurality of webpages visited by the user. Further, the method may include retrieving content from each of the plurality of webpages based on the plurality of URLs. Furthermore, the method may include analyzing content from each of the plurality of webpages. Additionally, analyzing content from a webpage may include analyzing content corresponding to each content type present on the webpage. Further, the method may include identifying a plurality of keywords corresponding to the webpage based on the analyzing. Furthermore, the plurality of keywords may be associated with a plurality of affinity values. The plurality of keywords and the plurality of affinity values may constitute the profile of the user.
    Type: Grant
    Filed: June 8, 2016
    Date of Patent: September 22, 2020
    Assignee: Clickagy, LLC
    Inventors: Harry Russell Maugans, III, Cody Alan Carrell
  • Patent number: 10778688
    Abstract: Case management systems and techniques are disclosed. In various embodiments, a definition is received that associates a descendant case role alias with a first case node at a first hierarchical level of a hierarchical data model, the definition further associating a permission with the descendant case role alias and referencing a referenced case role associated with a second case node at a second hierarchical level of the hierarchical data model. The definition is used to extend the permission to a user assigned to the referenced case role with respect to a case instance comprising the hierarchical data model.
    Type: Grant
    Filed: December 17, 2018
    Date of Patent: September 15, 2020
    Assignee: Open Text Corporation
    Inventors: Satyapal P. Reddy, Muthukumarappa Jayakumar, Julian M. Hjortshoj, Ravikumar Meenakshisundaram
  • Patent number: 10762183
    Abstract: In general, the techniques of this disclosure describe a computing device in a secure domain that is configured to receive, via a guard device, an authentication factor from a biometric authentication device in a non-secure domain. The biometric authentication device is in a non-secure domain, and the authentication factor comprises an identifier of a prospective user of the biometric authentication device. The computing device may then determine, based on the received authentication factor, whether the prospective user is a trusted user of the computing device based on the authentication factor. Responsive to determining that the prospective user of the biometric authentication device is the trusted user, the computing device may enable access to one or more applications on the computing device.
    Type: Grant
    Filed: January 9, 2018
    Date of Patent: September 1, 2020
    Inventors: Deborah K. Charan, Ranga Ramanujan
  • Patent number: 10742822
    Abstract: Concepts and technologies are disclosed herein for mobile network handling of simultaneous data usage session records. A system can include a network session server that has a processor and a memory storing instructions that configure a processor to perform operations. The operations can include obtaining, from a session probe within a core network device, a raw mobile data set associated with a user equipment. The operations can include determining that the user equipment engages in a simultaneous usage session based on the raw mobile data set. The operations can include identifying targeted domains that are present within the raw mobile data set, and creating a raw session record for each of the targeted domains associated with the simultaneous usage session.
    Type: Grant
    Filed: December 18, 2018
    Date of Patent: August 11, 2020
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Sheldon Meredith, William C. Cottrill
  • Patent number: 10671544
    Abstract: Provided herein may be a storage device and a method of operating the same. The method of operating a storage device including a replay protected memory block (RPMB) may include receiving a write request for the RPMB from an external host, selectively storing data in the RPMB based on an authentication operation, receiving a read request from the external host, and providing result data to the external host in response to the read request, wherein the read request includes a message indicating that a read command to be subsequently received from the external host is a command related to the result data.
    Type: Grant
    Filed: August 28, 2018
    Date of Patent: June 2, 2020
    Assignee: SK hynix Inc.
    Inventor: Kwang Su Kim
  • Patent number: 10659237
    Abstract: This document discloses a system and method for verifying system integrity of an electronic device. The electronic device includes a verifier device provided within a secure environment of the electronic device and a scanner device provided within a normal environment of the electronic device whereby the secure environment comprises hardware that is isolated from the hardware in the normal environment, i.e. these two environments are hardware isolated.
    Type: Grant
    Filed: September 28, 2017
    Date of Patent: May 19, 2020
    Assignee: Huawei International Pte. Ltd.
    Inventors: Yongzheng Wu, Xuejun Wen, Chengfang Fang, Tieyan Li
  • Patent number: 10616240
    Abstract: Techniques and technologies for protocols for accessing hosts are described. In at least some embodiments, a system includes a processing component, and a host protocol component. The host protocol component is configured to receive at a host a request from a client device, the request including a Uniform Resource Locator (URL) string locating a container or an ecosystem stored by the host; determine using at least a portion of the URL string whether the request is a container-related request or an ecosystem-related request; generate a response at the host including information responsive to the request, the information including the URL string locating the container or the ecosystem, and at least one response parameter corresponding to the request and associated with the container or the ecosystem; and transmit the response from the host to the client device.
    Type: Grant
    Filed: April 29, 2019
    Date of Patent: April 7, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Matthew J. Ruhlen, Christopher J. Brown, Tyler W. Butler
  • Patent number: 10599826
    Abstract: Systems and methods for performing decoupled authorization, whereby authorizing access permissions of a user to a resource is performed separate and independent from authorizing intent of the user to access the resource. Once both authorizations are successfully completed within a specified timeout interval, the access state of the resource is changed, thereby granting the user access to the resource. The decoupled authorizations are independently performed over different networks, in response to different triggers, or by leveraging different hardware. Access to the resource can therefore be provided prior to the user arriving before the resource, with little to no action by the user, and without comprising security as the resources will remain restricted or locked if the either of the user's intent or access permissions cannot be verified.
    Type: Grant
    Filed: September 5, 2017
    Date of Patent: March 24, 2020
    Inventors: Alexander A. Kazerani, Robert J. Peters, Samy Kamkar
  • Patent number: 10599848
    Abstract: A system may be configured to receive via a user interface a user-initiated prompt to begin start-up of a computer system firmware via access to a firmware start-up utility. The system may also generate a request for user authentication, and detect a private key for user authentication. The system may also determine whether the private key corresponds to a public key previously registered with the computer system firmware, and initiate, when the private key corresponds to the public key, completion of the start-up of the computer system firmware and allowance of operation of the computer system firmware via access to the firmware start-up utility. When the private key does not correspond to the public key, the system may prevent at least one aspect of an operation associated with the start-up of the computer system firmware.
    Type: Grant
    Filed: May 9, 2017
    Date of Patent: March 24, 2020
    Assignee: American Megatrends International, LLC
    Inventors: Kai Yau, William Gysin, Eric Law
  • Patent number: 10579681
    Abstract: The privilege information management system stores a group tree configured with group nodes each representing a group configured with a member enabled to use a privilege, stores an object tree configured with object nodes each representing a target object to be used with a privilege, stores, in a releasable manner, privilege-valid link information indicating a connection between an arbitrary group node and an arbitrary object node in a privilege-valid mode, and regarding a first group node of the group nodes and a first object node of the object nodes connected by the privilege-valid link information, grants a privilege to use a target object of the first object node and a subordinate object node if there are any under the first object node to a member belonging to the first group node and a subordinate group node if there are any under the first group node.
    Type: Grant
    Filed: September 8, 2015
    Date of Patent: March 3, 2020
    Assignee: Infoscience Corporation
    Inventor: Norio Miya
  • Patent number: 10560517
    Abstract: Managing a storage array includes: receiving, by a client-side array services module from a cloud-based security module through data communications on a wide area network, a token representing authentication of user credentials; and managing, by the client-side array services module, a storage array only through data communications on a local area network, including sending, to the storage array, the token with a management instruction.
    Type: Grant
    Filed: April 30, 2018
    Date of Patent: February 11, 2020
    Assignee: Pure Storage, Inc.
    Inventors: Jimmy T. Hu, Terence W. Noonan, Neil A. Vachharajani, Daquan Zuo
  • Patent number: 10558798
    Abstract: Methods and systems are disclosed for sandbox based internet isolation system in a trusted network. A networked computer system may include a trusted local area network (LAN) and at least one host computer system connected to the trusted LAN. The host computer system may include a host-based firewall, an operating system, a first memory space, and a second memory space. The host-based firewall may be configured to prevent unauthorized communication between the host computer system and one or more other devices on the trusted LAN. The second memory space may be configured to enable storage and/or operation of one or more applications and/or processes associated with a sandboxed computing environment. The host computer system may include a sandbox firewall that enforces a separation of the first and second memory spaces.
    Type: Grant
    Filed: June 29, 2017
    Date of Patent: February 11, 2020
    Assignee: L3Harris Technologies, Inc.
    Inventors: Jay Weinstein, Mark Fenkner, Charles King, Ismael Lopez, Peter Martz
  • Patent number: 10555112
    Abstract: Exemplary embodiments are disclosed of systems and methods for providing location-based security and/or privacy for restricting user access. In an exemplary embodiment, a system is configured to restrict and condition access to the system and/or data based on a user's selection of location-based data from a plurality of options presented by the system for selection by the user. The plurality of options include the location-based data and one or more other options that are selectable by the user.
    Type: Grant
    Filed: December 13, 2017
    Date of Patent: February 4, 2020
    Inventor: David H. Williams
  • Patent number: 10534730
    Abstract: A first processor that has a trusted relationship with a trusted memory region (TMR) that includes a first region for storing microcode used to execute a microcontroller on a second processor and a second region for storing data associated with the microcontroller. The microcontroller supports a virtual function that is executed on the second processor. An access controller is configured by the first processor to selectively provide the microcontroller with access to the TMR based on whether the request is to write in the first region. The access controller grants read requests from the microcontroller to read from the first region and denies write requests from the microcontroller to write to the first region. The access controller grants requests from the microcontroller to read from the second region or write to the second region.
    Type: Grant
    Filed: December 20, 2018
    Date of Patent: January 14, 2020
    Assignee: ATI Technologies ULC
    Inventors: Kathirkamanathan Nadarajah, Anthony Asaro
  • Patent number: 10531243
    Abstract: A method for transmitting data in a mobile device includes transmitting, to a reception device, a connection request message comprising information indicating whether the transmission device supports message transmission having temporal correlation; receiving, from the reception device, a connection response message comprising information indicating whether the reception device supports the message transmission in response to the connection request message; and if both the transmission device and the reception device support the message transmission, transmitting, to the reception device, at least two of messages having temporal correlation, the at least two of messages comprising identification information, wherein the identification information indicates that the at least two of messages have temporal correlation.
    Type: Grant
    Filed: November 4, 2016
    Date of Patent: January 7, 2020
    Assignees: Samsung Electronics Co., Ltd., Seoul National University R&DB Foundation
    Inventors: Yong-Seok Park, Soo-Young Jang, Daedong Park, Seongsoo Hong, Sangwook Kim
  • Patent number: 10511638
    Abstract: Technologies for providing policy-based secure containers for multiple enterprise applications include a client computing device and an enterprise policy server. The client computing device sends device attribute information and a request for access to an enterprise application to the enterprise policy server. The enterprise policy server determines a device trust level based on the device attribute information and a data sensitivity level based on the enterprise application, and sends a security policy to the client computing device based on the device trust level and the data sensitivity level. The client computing device references or creates a secure container for the security policy, adds the enterprise application to the secure container, and enforces the security policy while executing the enterprise application in the secure container. Multiple enterprise applications may be added to each secure container. Other embodiments are described and claimed.
    Type: Grant
    Filed: October 23, 2018
    Date of Patent: December 17, 2019
    Assignee: Intel Corporation
    Inventors: Tarun Viswanathan, Uri Kahana, Alan D. Ross, Eran Birk
  • Patent number: 10459226
    Abstract: A method including determining occurrence of a virtual information region event, the virtual information region event indicating a change of information that is allocated to a virtual information region that is at least partially beyond a field of view of a head mounted display, the virtual information region having a virtual information region location that is in a direction from the field of view, causing rendering of a non-visual notification that is indicative of the direction from the field of view in response to the virtual information region event, receiving information indicative of a visual notification invocation input, determining a visual notification that is visually descriptive of at least one aspect of the virtual information region event in response to the visual notification invocation input, and causing display of the visual notification on the head mounted display is disclosed.
    Type: Grant
    Filed: May 26, 2016
    Date of Patent: October 29, 2019
    Assignee: Nokia Technologies Oy
    Inventors: Jussi Leppanen, Antti Eronen, Arto Lehtiniemi, Lasse Laaksonen