Credential Management Patents (Class 726/18)
  • Patent number: 10970482
    Abstract: A piece of text is saved for security verification on a computing device. One or more pieces of related text corresponding to the piece of saved text are generated, where each text element of the one or more pieces of related text is generated based on its proximity to the corresponding text element of the piece of saved text on one or more keyboards on the computing device. A piece of input text is received for information verification. A piece of input text is compared with the piece of saved text and the one or more pieces of related text. A determination is made that the piece of input text matches one of the one or more pieces of related text and input guidance for re-entering a piece of text for security authentication is provided.
    Type: Grant
    Filed: November 27, 2017
    Date of Patent: April 6, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventor: Yong He
  • Patent number: 10949524
    Abstract: User authentication techniques are provided using a scene composed of selected objects. An exemplary method comprises obtaining enrollment information from a user, wherein the enrollment information comprises a first scene comprised of a first selection of objects; initiating a challenge to the user in connection with an authentication request by the user to access a protected resource; processing a second scene comprised of a second selection of objects submitted by the user in response to the challenge, and wherein the processing comprises determining a likelihood that the submitted second scene comprised of the second selection of objects matches the first scene comprised of the first selection of objects submitted by the user with the enrollment information; and resolving the authentication request based on the likelihood. Objects in the first selection of objects are optionally selected from a catalog and arranged into the first scene.
    Type: Grant
    Filed: October 31, 2018
    Date of Patent: March 16, 2021
    Assignee: RSA Security LLC
    Inventors: Brian Mullins, Salah Machani, Millie Ng
  • Patent number: 10891374
    Abstract: The disclosed computer-implemented method for improving performance of cascade classifiers for protecting against computer malware may include receiving a training dataset usable to train a cascade classifier of a machine-learning classification system. A sample to add to the training dataset may be received. A weight for the sample may be calculated. The training dataset may be modified using the sample and the weight. A weighted training for the cascade classifier of the machine-learning classification system may be performed using the modified training dataset. Computer malware may be identified using the cascade classifier. In response to identifying the computer malware, a security action may be performed to protect the one or more computing devices from the computer malware. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: March 28, 2018
    Date of Patent: January 12, 2021
    Assignee: CA, INC.
    Inventors: Ryan Curtin, Keith Kenemer
  • Patent number: 10868807
    Abstract: Systems and methods for determining a pictograph password sequence and association phrase are provided. In some example embodiments, an assigned pictograph sequence request is received from a client device, with the request causing the system to generate a template pictograph sequence, generate an association phrase based on the template pictograph sequence, store the template pictograph sequence and associated phrase on a memory, and transmit instructions to cause a display of the template pictograph sequence and the association phrase. In some example embodiments, the system requires an input of a pictograph sequence that matches the template pictograph sequence in order for a user to view content. In some example embodiments, the template pictograph sequence may be replaced by a user pictograph sequence.
    Type: Grant
    Filed: December 6, 2018
    Date of Patent: December 15, 2020
    Assignee: Snap Inc.
    Inventors: Eric Buehl, Michael Cieslak
  • Patent number: 10867026
    Abstract: Techniques are described for providing control of a security system. A user is authorized in the security system and user identification inputs, provided through an input unit of a personal mobile device of the authorized user of the security system, are accessed. One or more signatures of the authorized user are defined and stored in a signature map. Subsequently, user identification input is received from an unauthenticated user using the personal mobile device. The user identification input received from the unauthenticated user is compared to one or more defined signatures in the signature map. The unauthenticated user is determined to be the authorized user if the received user identification input matches one of the defined signatures. The unauthenticated user is allowed to control the security system based on the determination that the unauthenticated user is the authorized user.
    Type: Grant
    Filed: June 13, 2019
    Date of Patent: December 15, 2020
    Assignee: Alarm.com Incorporated
    Inventors: Stephen Scott Trundle, Alison Jane Slavin
  • Patent number: 10862682
    Abstract: The present disclosure describes methods of encrypting and decrypting blocks of data stored in computer readable memory for a device using a block cipher with a nonce. In particular, methods of encrypting and decrypting blocks of data where the value of the nonce is based on previous execution instructions of a program executed by the device for a previously executed block are described. Embodiments disclosed include a method of encrypting blocks of data bits stored in computer readable memory for a device using a block cipher with a nonce and a key, the method comprising for each block of data: generating a value of the nonce based on previous execution instructions of a program executed by the device for a previously executed block of data; and encrypting the block of data with the nonce and key using the block cipher.
    Type: Grant
    Filed: July 20, 2015
    Date of Patent: December 8, 2020
    Assignee: NXP B.V.
    Inventor: Hugues de Perthuis
  • Patent number: 10853472
    Abstract: In one embodiment, an apparatus includes a non-volatile storage to store a seed value and a signature that is based on an iterative execution of a function for a predetermined number of intervals. The apparatus may further include the security processor coupled to the non-volatile storage, where the security processor is to independently recover a credential for an updated version of the firmware based at least in part on the seed value and a security version number for the updated version of the firmware. Other embodiments are described and claimed.
    Type: Grant
    Filed: June 28, 2018
    Date of Patent: December 1, 2020
    Assignee: Intel Corporation
    Inventors: Xiaoyu Ruan, William A. Stevens, Jr.
  • Patent number: 10855692
    Abstract: A system, method, and computer-readable medium are disclosed for generating an adaptive trust profile via an adaptive trust profile operation. In various embodiments the adaptive trust profile operation includes: monitoring a plurality of electronically-observable actions of an entity, the plurality of electronically-observable actions of the entity corresponding to a respective plurality of events enacted by the entity, the monitoring comprising monitoring at least one of the plurality of electronically-observable actions via a protected endpoint; converting the plurality of electronically-observable actions of the entity to electronic information representing the plurality of actions of the entity; and generating an adaptive trust profile based upon the action of the entity.
    Type: Grant
    Filed: May 17, 2019
    Date of Patent: December 1, 2020
    Assignee: Forcepoint, LLC
    Inventor: Richard A. Ford
  • Patent number: 10838668
    Abstract: A managing device used in an apparatus managing system including a print relational apparatus, terminals of users and a storing device manages the print relational apparatus and the users. The storing device stores user information of each user. The managing device includes a user authorizing part, a notification transmitting part and an information changing part. The user authorizing part authorizes, based on use history of the apparatus of each user, the user whose a nonuse period of the apparatus exceeds a predetermined period, as a registration erasure candidate user. The notification transmitting part transmits a registration erasure proposal notification having a proposal to erase registration of the candidate user to the terminal of a management user. The information changing part erases registration of the candidate user by erasing or changing the user information of the candidate user, according to indication inputted by the management user.
    Type: Grant
    Filed: July 5, 2019
    Date of Patent: November 17, 2020
    Assignee: KYOCERA Document Solutions Inc.
    Inventors: Kazuki Nishikai, Takeshi Nakamura, Satoshi Goshima, Dukil Park, Yuichi Obayashi, Takumi Nakamura, Koki Nakajima, Yasuo Nakashima
  • Patent number: 10834097
    Abstract: A system, method, and computer-readable medium are disclosed for generating an adaptive trust profile via an adaptive trust profile operation. In various embodiments the adaptive trust profile operation includes: monitoring a plurality of electronically-observable actions of an entity, the plurality of electronically-observable actions of the entity corresponding to a plurality of respective events enacted by the entity; converting the plurality of electronically-observable actions of the entity to electronic information representing the plurality of actions of the entity; and generating the adaptive trust profile based upon the plurality of actions of the entity, the adaptive trust profile comprising a plurality of adaptive trust profile components.
    Type: Grant
    Filed: May 17, 2019
    Date of Patent: November 10, 2020
    Assignee: Forcepoint, LLC
    Inventor: Richard A. Ford
  • Patent number: 10826694
    Abstract: The present disclosure relates to a method for using a secret key for cryptographically processing a data item in an enclave enabled system. The method comprises: computing a first set of shares of the secret key and storing them in an encrypted format. Each encrypted share may be sent to respective component in a first set of components. In response to sending the encrypted shares, a modified encryption of the respective share may be received from each of the first set of components. Each of the received modified encryptions may be encrypted and the resulting modified share is sent to the respective first set of components. In response to sending the decrypted modified shares, a data item cryptographically processed using the respective share may be received from each of the first set of components. The received data items may be combined to obtain a cryptographically processed data item.
    Type: Grant
    Filed: April 23, 2018
    Date of Patent: November 3, 2020
    Assignee: International Business Machines Corporation
    Inventors: Jan L. Camenisch, Manu Drijvers, Anja Lehmann, Kai Wilhelm Samelin
  • Patent number: 10810369
    Abstract: A piece of text is saved for security verification on a computing device. One or more pieces of related text corresponding to the piece of saved text are generated, where each text element of the one or more pieces of related text is generated based on its proximity to the corresponding text element of the piece of saved text on one or more keyboards on the computing device. A piece of input text is received for information verification. A piece of input text is compared with the piece of saved text and the one or more pieces of related text. A determination is made that the piece of input text matches one of the one or more pieces of related text and input guidance for re-entering a piece of text for security authentication is provided.
    Type: Grant
    Filed: November 27, 2017
    Date of Patent: October 20, 2020
    Assignee: Alibaba Group Holding Limited
    Inventor: Yong He
  • Patent number: 10778691
    Abstract: Various embodiments provide for the consolidation of policies across multiple identities that are respectively associated with multiple active directory (AD) groups to which a user belongs. Present embodiments provide for dynamically generating a new identity in the resource provider environment that includes permissions to all of the resources that may otherwise be distributed across multiple identities. Specifically, in accordance with various embodiments, when a user login is detected, the active directory is queried to determine the AD groups to which the user belongs. As mentioned, the user's AD groups are mapped to respective identities in the resource provider environment, in which each identity includes policy defining access to one or more resources. The policies of all the respective identities are consolidated and assigned to a new identity. The user may assume the new identity and access all the resources in tandem.
    Type: Grant
    Filed: December 7, 2017
    Date of Patent: September 15, 2020
    Assignee: AMAZON TECHNOLOGIES, INC.
    Inventors: Robert W. Kissell, Eric Andrew Scholz
  • Patent number: 10771256
    Abstract: A method for generating an electronic signature of a user for an electronic document including establishing a secure Internet session between a telecommunication terminal of a user and a signature server computer system; receiving a code from the signature server computer system via a separate and/or separately secured side channel by the telecommunication terminal; transmitting a combination of code and authentication information of the user via the secure Internet session to the signature server computer system; checking the validity of the combination of code and authentication information by the signature server computer system; and generating the electronic signature of the user by a high-security module of the signature server computer system, wherein the private key of the user for generating the electronic signature is stored in the high-security module.
    Type: Grant
    Filed: April 25, 2016
    Date of Patent: September 8, 2020
    Assignee: BUNDESDRUCKEREI GMBH
    Inventor: Christian Seegebarth
  • Patent number: 10740358
    Abstract: Embodiments of the invention provide systems and methods for managing and processing large amounts of complex and high-velocity data by capturing and extracting high-value data from low value data using big data and related technologies. Illustrative database systems described herein may collect and process data while extracting or generating high-value data. The high-value data may be handled by databases providing functions such as multi-temporality, provenance, flashback, and registered queries. In some examples, computing models and system may be implemented to combine knowledge and process management aspects with the near real-time data processing frameworks in a data-driven situation aware computing system.
    Type: Grant
    Filed: March 23, 2015
    Date of Patent: August 11, 2020
    Assignee: Oracle International Corporation
    Inventors: Eric S. Chan, Dieter Gawlick, Adel Ghoneimy, Zhen Hua Liu
  • Patent number: 10726118
    Abstract: A secured computerized system comprising a computerized environment secured to prevent access thereto, other than by end-users who have passed a what-you-know authentication test: what-you-know testing functionality for administering a what-you-know user authentication test to end-user/s, including presenting image/s to end-user, and approving end-user to enter the computerized environment if end-user correctly selects predetermined location/s within the image; and a graphic what-you-know test-configuring functionality for displaying system-selected location/s within the image; providing a graphic interface operative for accepting, from, end-user/s, a user-selected modification of system-selected location/s; and storing, for each individual end-user, the user-selected modification as the individual end-user's predetermined location/s; or if no user-selected modification exists for an individual end-user, storing the system-selected location as the individual end-user's predetermined location.
    Type: Grant
    Filed: June 16, 2016
    Date of Patent: July 28, 2020
    Assignee: GOOGALE (2009) LTD.
    Inventors: Nir Michalowitz, Michal Peled Rosenvald
  • Patent number: 10686841
    Abstract: This disclosure provides an apparatus and method for dynamic customization of cyber-security risk item rules. A method includes interacting with a user, by a risk manager system, to define a plurality of rules for risk items to be monitored among a plurality of connected devices. The method also includes mapping each of the rules to a corresponding one or more of the connected devices by the risk manager system. The method further includes monitoring the connected devices according to the rules by the risk manager system. In addition, the method includes displaying an output based on the rules and a status of the connected devices by the risk manager system.
    Type: Grant
    Filed: May 24, 2018
    Date of Patent: June 16, 2020
    Assignee: Honeywell International Inc.
    Inventor: Seth G. Carpenter
  • Patent number: 10686966
    Abstract: Displaying an authentication interface on an operation panel associated with a printing device, the operation panel including a plurality of authentication areas. Receiving a user authentication request. Detecting a particular authentication pattern associated with the user authentication request. Retrieving a registered authentication pattern associated with the user. Comparing the particular authentication pattern with the registered authentication pattern. Determining, based on the comparing, whether the user authentication request is authorized. If the user authentication request is authorized, retrieving a first electronic document associated with the user, and printing the first electronic document.
    Type: Grant
    Filed: June 13, 2019
    Date of Patent: June 16, 2020
    Assignee: KYOCERA Document Solutions, Inc.
    Inventor: Arturo Becerra
  • Patent number: 10686767
    Abstract: Some embodiments provide convenient auto-authentication for user data on a primary device, while still providing a significant level of security, by taking advantage of existing security and cryptographic measures used to communicate with a secondary device. The primary device of some embodiments encrypts the user data on the primary device using a cryptographic key based on a set of keys received from the secondary device. In some embodiments, the primary device encrypts authentication data, or a local key generated from the authentication data, using a remote key received from the secondary device, and encrypts the user data with the local key. In some embodiments, the keys received from the secondary device are an existing set of keys for establishing an encrypted channel of communication for transmitting digital rights management (DRM) protected content according to a DRM protection scheme.
    Type: Grant
    Filed: September 23, 2016
    Date of Patent: June 16, 2020
    Assignee: Apple Inc.
    Inventors: Mitchell D. Adler, Andrew Roger Whalley
  • Patent number: 10638315
    Abstract: A method and an apparatus are provided for notifying a password in a mobile communication terminal. It is checked whether a password notification function is set. Input of a stored password is requested. An input password is received. It is checked whether the input password is identical to the stored password. Input of a stored secondary password is requested if the input password is not identical to the stored password. An input secondary password is received. It is checked whether the input secondary password is identical to the stored secondary password. A password is sent if the input secondary password is identical to the stored secondary password.
    Type: Grant
    Filed: March 6, 2015
    Date of Patent: April 28, 2020
    Assignee: Samsung Electronics Co., Ltd
    Inventor: Kyong-Su Kim
  • Patent number: 10635919
    Abstract: The purpose of the present invention is, when a portion of a subject to be detected is occluded, to simplify detecting that the occluded subject to be detected is the subject to be detected, regardless of the position which is occluded. Provided is an information processing device (110), comprising: a computation unit (111) which computes local scores for each of a plurality of positions which are contained in an image of a prescribed scope, said scores indicating the likelihood of an object to be detected being present; and a change unit (112) which changes the scores for the positions, among the plurality of positions, which are included in a prescribed region which is determined according to the plurality of scores which have been computed for said plurality of positions, such that the likelihood of the object to be detected being present increases.
    Type: Grant
    Filed: April 2, 2019
    Date of Patent: April 28, 2020
    Assignee: NEC CORPORATION
    Inventor: Kenta Araki
  • Patent number: 10621987
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for obtaining, for each of multiple words or sub-words, audio data corresponding to multiple users speaking the word or sub-word; training, for each of the multiple words or sub-words, a pre-computed hotword model for the word or sub-word based on the audio data for the word or sub-word; receiving a candidate hotword from a computing device; identifying one or more pre-computed hotword models that correspond to the candidate hotword; and providing the identified, pre-computed hotword models to the computing device.
    Type: Grant
    Filed: October 30, 2019
    Date of Patent: April 14, 2020
    Assignee: Google LLC
    Inventor: Matthew Sharifi
  • Patent number: 10581853
    Abstract: Systems, methods, and a security management apparatus, for password management including the determination of the identity of a service requesting a security token for access to the service. The security management apparatus generates personal identification data based on a personal identification input such as a touch selection or gesture, in order to access a service on a secured device. Responsive to the personal identification data satisfying an access criterion, a communication channel is established with the secured device. The identity of the service on the secured device is determined and a security token, such as a password, is sent to the secured device via the communication channel.
    Type: Grant
    Filed: August 3, 2016
    Date of Patent: March 3, 2020
    Assignee: Huami Inc.
    Inventors: Zhenye Zhu, Xiao-feng Li
  • Patent number: 10581893
    Abstract: Techniques of preventing sabotage attacks in cyber-physical systems involve automatically identifying links between nodes of a graph representing cyber-physical systems as vulnerable to sabotage attacks according to a vulnerability metric for each link. The vulnerability metric used depends on the particular sabotage attack used to determine the vulnerable links. Once a computer configured to design cyber-physical systems based on vulnerability to sabotage attacks receives data representing the graph, the computer enumerates the possible links between nodes of the graph along which a sabotage attack may be performed. For each of those links, the computer computes the vulnerability metric. The computer then ranks the links according to respective values of the vulnerability metric. Based on the ranking, a designer may then perform a mitigation analysis that results in changes to the graph to reduce the vulnerability at each node accessible to a malicious actor.
    Type: Grant
    Filed: December 6, 2017
    Date of Patent: March 3, 2020
    Assignees: Brigham Young University (BYU), Washington State University
    Inventors: Sean Warnick, Sandip Roy
  • Patent number: 10575171
    Abstract: A communication apparatus receives information encrypted based on encryption information obtained by capturing an image of code information about the communication information from a different communication apparatus operating as an access point to form a wireless network. The communication apparatus and the different communication apparatus perform encrypted communication based on the information.
    Type: Grant
    Filed: January 23, 2017
    Date of Patent: February 25, 2020
    Assignee: Canon Kabushiki Kaisha
    Inventor: Fumihide Goto
  • Patent number: 10573171
    Abstract: A method includes determining a status of a first device, receiving a first user input, and associating the first user input with the first device, wherein the first user input and the status of the first device is used to associate the first user input with the first device.
    Type: Grant
    Filed: May 23, 2017
    Date of Patent: February 25, 2020
    Assignee: Lenovo (Singapore) Pte. Ltd.
    Inventors: Russell Speight VanBlon, Nathan J. Peterson, John Carl Mese, Arnold S. Weksler
  • Patent number: 10530784
    Abstract: Provided is process including receiving a request to authenticate a user; sending instructions to present an authentication user interface including a geographic map; receiving geolocations on the geographic map selected by the user; comparing the geolocations to a sequence of geolocations in an authentication credential to determine whether to authenticate the user.
    Type: Grant
    Filed: October 29, 2018
    Date of Patent: January 7, 2020
    Assignee: CA, Inc.
    Inventors: Sreenivasulu Bandi, Gaurav Kumar, Mitta Sarath Kumar, Shaik Mokhinuddeen
  • Patent number: 10509574
    Abstract: Techniques for implementing container credentialing by a host are described herein. In one example, a system for providing credentials includes a memory device for storing instructions and a processing device for executing instructions. The system can also include a container to execute a runtime environment for an application through the memory device and processing device, the application to request access to a credential locked resource. The system can also include a host environment to share the memory and the processing device with the container. In an example, the host environment may detect a request for a credential for the credential locked resource from the container. In an example, the host environment may also provide a credential for a credential locked resource to the container if the container is approved to receive the credential based on a policy.
    Type: Grant
    Filed: May 24, 2016
    Date of Patent: December 17, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Mark Novak, Benjamin Moore
  • Patent number: 10482236
    Abstract: Exemplary embodiments relate to the secure storage of security questions through an immutable log, such as a blockchain. The security questions may be stored in a centralized location, accessible from an application or browser tab running on the user's device. When a security question is required, such as to perform a password reset on a website, the website may interact with the application or browser tab, which retrieves the question(s) from the blockchain. The user may enter their answers to the question(s), which may be hashed by the application or tab. The hashed answers may be entered into the original requesting website, which may verify with the blockchain that the correct answers have been provided. Thus, the requesting website sees neither the questions nor the answers. Additional security features may include logging requests for questions, so that a user can determine if a security question may have been compromised.
    Type: Grant
    Filed: March 6, 2019
    Date of Patent: November 19, 2019
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Vincent Pham, Austin Grant Walters, Jeremy Edward Goodsitt, Fardin Abdi Taghi Abad, Anh Truong, Kate Key, Kenneth Taylor
  • Patent number: 10462149
    Abstract: A system comprises a policy storage separately located relative to the user device, the policy database arranged to store information indicative of at least one usage policy set applicable to at least one respective user device. The system is arranged to store user device identification information for each user device associated with the system, the user device identification information being indicative of and unique to a user device associated with the system and being stored separately relative to the user device. The system is also arranged to associate a usage policy set with a user device using the device identification information unique to the user device. The system is also arranged to determine a usage request from a user device and to allow or deny the usage request based on the at least one usage policy set associated with the user device.
    Type: Grant
    Filed: October 5, 2016
    Date of Patent: October 29, 2019
    Assignee: Family Zone Cyber Safety Ltd
    Inventors: Benjamin Shaun Dixon Trigger, Timothy David Levy, Paul Russell Robinson
  • Patent number: 10446153
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for obtaining, for each of multiple words or sub-words, audio data corresponding to multiple users speaking the word or sub-word; training, for each of the multiple words or sub-words, a pre-computed hotword model for the word or sub-word based on the audio data for the word or sub-word; receiving a candidate hotword from a computing device; identifying one or more pre-computed hotword models that correspond to the candidate hotword; and providing the identified, pre-computed hotword models to the computing device.
    Type: Grant
    Filed: December 11, 2018
    Date of Patent: October 15, 2019
    Assignee: Google LLC
    Inventor: Matthew Sharifi
  • Patent number: 10419435
    Abstract: A system using mobile devices and a network provides access authentication, authorization and accounting to computing resources using a two-person access rule solution approach. A central access control server coordinates a rule-based authorization process in which a requesting user and one or more authorizing users are engaged in real-time communications to facilitate approved access to a sensitive resource. The technique utilizes mobile cellular interfaces and location service technologies, while also providing traditional security control measures of voice and visual verification of user identities.
    Type: Grant
    Filed: February 24, 2017
    Date of Patent: September 17, 2019
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventor: Michael R. Horton
  • Patent number: 10417408
    Abstract: Systems, methods, and computer program products are disclosed for authenticating access to a user device using tactile-based feedback provided to a user of the device. A user device may include a display layer and a tactile layer. The user device may be configured to selectively activate portions of the tactile layer to cause opposing regions of a surface of the display layer to become raised relative to other regions of the display surface. A user may be required to specify a sequence of directional movements corresponding to a correct passcode pattern by traversing a path along the raised regions. The particular arrangement of raised regions may change each time access to the user device is requested by activating different portions of the tactile layer, thereby giving the appearance to a third party that a different passcode pattern is being entered each time, and thus, minimizing likelihood of unauthorized passcode detection.
    Type: Grant
    Filed: March 10, 2017
    Date of Patent: September 17, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Christopher J. Hardee, Steven R. Joroff, Pamela A. Nesbitt, Scott E. Schneider
  • Patent number: 10395016
    Abstract: For communication pattern recognition, an apparatus is disclosed. The apparatus includes a baseline analysis module that samples predefined sources associated with a user and generates a baseline fingerprint for the user. The apparatus includes an active analysis module that re-samples the predefined sources associated with the user after a predefined time interval and generates an active fingerprint for the user. The apparatus includes a verification module that compares the active fingerprint to the baseline fingerprint and determines whether the active fingerprint closely matches the baseline fingerprint. If the active fingerprint closely matches the baseline fingerprint, then the verification module replaces the baseline fingerprint with the active fingerprint. If the active fingerprint does not match the baseline fingerprint, then the verification module performs a predefined action to rectify differences between the baseline fingerprint and the active fingerprint.
    Type: Grant
    Filed: January 24, 2017
    Date of Patent: August 27, 2019
    Assignee: International Business Machines Corporation
    Inventors: Timothy J. Baldwin, Andrew Johnson, Peter J. Johnson, Ben Sasson, Fenglian Xu
  • Patent number: 10382620
    Abstract: A first mobile device may receive user-input data for generation of an electronic message. The electronic message may be generated as the user-input data is received. The first mobile device may identify sensitive information, within the electronic message. The first mobile device may secure the sensitive information. The first mobile device may disable a screen capture function of the first mobile device. The first mobile device may send the electronic message to a second mobile device. The sending of the electronic message to the second mobile device may include the sending of the secured sensitive information.
    Type: Grant
    Filed: August 3, 2018
    Date of Patent: August 13, 2019
    Assignee: International Business Machines Corporation
    Inventors: Corville O. Allen, Shikhar Kwatra, Andrew R. Freed, Joseph Kozhaya
  • Patent number: 10348816
    Abstract: A method and apparatus for facilitating access to a plurality of resources is provided. A message that includes a context resource identifier is received at a proxy server from a client through a gateway in communication with both the client and the proxy server. Access to a resource associated with an interface that is referenced by the context resource identifier is controlled by the proxy server using a profile that is dynamically built for a user of the client based on a plurality of resource profiles received from a plurality of interfaces in communication with the proxy server.
    Type: Grant
    Filed: October 14, 2015
    Date of Patent: July 9, 2019
    Assignee: ADP, LLC
    Inventors: Jigesh Saheba, Roberto A. Masiero, Isabel Espina Carvajal
  • Patent number: 10331337
    Abstract: In one embodiment, the invention can be a touch input device capable of unlocking a passcode accordance with a touch pressure. The device can include a touch screen which displays a passcode input window; a controller which generates a first control signal as to whether or not a touch on the passcode input window matches a predetermined passcode; and a memory which stores the predetermined passcode. The passcode input window can include a plurality of nodes which are disposed in different positions. The number of touched nodes among the plurality of nodes, the order of the touched nodes among the plurality of nodes, and a pressure level of the touch on each of the touched nodes among the plurality of nodes can be set as the predetermined passcode. Further, the pressure level of the touch can be classified into at least two levels.
    Type: Grant
    Filed: April 11, 2017
    Date of Patent: June 25, 2019
    Assignee: HiDeep Inc.
    Inventors: Yunjoung Kim, Seyeob Kim, Hyongsub Yun, Sangsic Yoon, Bonkee Kim, Hojun Moon, Taehoon Kim, Sunyoung Kwon
  • Patent number: 10325086
    Abstract: A computing device with a graphical authentication interface in which the device displays a base image and authenticates a user when a pre-selected element in a secondary image overlying the base image is aligned with a pre-selected element in the base image.
    Type: Grant
    Filed: June 15, 2010
    Date of Patent: June 18, 2019
    Assignee: BlackBerry Limited
    Inventor: Martin Philip Riddiford
  • Patent number: 10303577
    Abstract: The present disclosure relates to a method, a device and a storage medium for determining a health state of an information system. At first, a baseline configuration document corresponding to the information system is received, and data records under inspection of the information system are acquired. The baseline configuration document defines baselines. Then, each of the data records under inspection is compared with at least one baseline defined in the baseline configuration document to obtain a comparing result between each of the data records under inspection and the at least one baseline. At last, the health state of the information system is determined according to the comparing result between each of the data records under inspection and the at least one baseline. A health-determining apparatus relative to the above-mentioned method is also provided.
    Type: Grant
    Filed: June 22, 2018
    Date of Patent: May 28, 2019
    Assignee: Tencent Technology (Shenzhen) Company Limited
    Inventors: Bin Zhou, Dong Shan Xu, Shan Yang Fu
  • Patent number: 10257198
    Abstract: A system is provided wherein a network control access device that is already in a network, called a Gatekeeper, generates a random short password in the form of a series of audio or visual cues that are visible to the user of a joining device. The joining device can be a simple one button device, or even a no-button device that is part of the internet of things (IOT) standard. The response to each cue can be entered by the user on a single-button joining device. For a no-button joining device, an alternate input method may be utilized on the joining device in response to the audio and visual cues. Alternatively, a password can be generated by the no-button joining device and be entered by the user one bit at-a-time directly onto the Gatekeeper keypad. Once the password is received, the Gatekeeper performs a password verification procedure.
    Type: Grant
    Filed: September 12, 2016
    Date of Patent: April 9, 2019
    Assignee: ARRIS Enterprises LLC
    Inventor: Alexander Medvinsky
  • Patent number: 10230752
    Abstract: The disclosure is directed towards systems and methods for improving security in a computer network. The system can include a planner and a plurality of controllers. The controllers can be deployed within each zone of the production network. Each controller can be configured to assume the role of an attacker or a target for malicious network traffic. Simulations of malicious behavior can be performed by the controllers within the production network, and can therefore account for the complexities of the production network, such as stateful connections through switches, routers, and other intermediary devices. In some implementations, the planner can analyze data received from the controllers to provide a holistic analysis of the overall security posture of the production network.
    Type: Grant
    Filed: February 24, 2017
    Date of Patent: March 12, 2019
    Assignee: VERODIN, INC.
    Inventors: Christopher B. Key, Paul E. Holzberger, Jr.
  • Patent number: 10211981
    Abstract: Disclosed herein is a method for generating a high entropy password using a low entropy password and low-entropy login data comprising supplying the low entropy password to a system comprising a generating client and/or a recovery client; and at least n servers; submitting request data derived, at least in part, from the user's low entropy password, where the request data includes authentication data; engaging in a distributed protocol with at least t servers to generate high-entropy values based on stored cryptographic information and a set of authentication information stored on the at least n servers which is checked against the authentication data provided by the user and/or the generating client and/or a recovery client; and generating the high entropy password.
    Type: Grant
    Filed: November 16, 2017
    Date of Patent: February 19, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jan L. Camenisch, Franz-Stefan Preiss, Kai Samelin, Dieter M. Sommer
  • Patent number: 10198963
    Abstract: A secured computerized social networking system for pupils including a mail server operative to interface with a secured parent environment; and a secured pupil environment, the system comprising a computerized environment secured to prevent access thereto, other than by end-users who have passed a what-you-know authentication test; a what-you-know testing functionality; and a graphic what-you-know test-configuring functionality, the system being operative to perform a plurality of selectable system-actions responsive to user input, the system being accessible to non-literate users via a touch screen defining a plurality of touch screen locations respectively corresponding to the plurality of selectable system-actions, the touch screen being operative to detect and distinguish between first and second gestures, the system comprising: a processor-controlled touch-triggered actor; and a processor-controlled touch-triggered oral presenter.
    Type: Grant
    Filed: December 11, 2017
    Date of Patent: February 5, 2019
    Assignee: GOOGALE (2009) LTD.
    Inventors: Nir Michalowitz, Michal Peled Rosenvald
  • Patent number: 10182067
    Abstract: The present disclosure relates to a method, a device and a storage medium for determining a health state of an information system. At first, a baseline configuration document corresponding to the information system is received, and data records under inspection of the information system are acquired. The baseline configuration document defines baselines. Then, each of the data records under inspection is compared with at least one baseline defined in the baseline configuration document to obtain a comparing result between each of the data records under inspection and the at least one baseline. At last, the health state of the information system is determined according to the comparing result between each of the data records under inspection and the at least one baseline. A health-determining apparatus relative to the above-mentioned method is also provided. Therefore, by these method and apparatus, the health state of the information system is quantifiable.
    Type: Grant
    Filed: January 7, 2015
    Date of Patent: January 15, 2019
    Assignee: Tencent Technology (Shenzhen) Company Limited
    Inventors: Bin Zhou, Dong Shan Xu, Shan Yang Fu
  • Patent number: 10176318
    Abstract: Techniques for maintaining and updating authentication information for a plurality of accounts may be provided. In an example a first set of authentication information for the plurality of accounts may be maintained. A second set of authentication information that has been marked as potentially compromised may be received. A third set of authentication information may be generated based on the overlap between the first set of authentication information and the second set of authentication information. The first set of authentication information may be updated based at least in part on one or more security authentication protocols and the third set of authentication information.
    Type: Grant
    Filed: October 27, 2017
    Date of Patent: January 8, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: David James Kane-Parry, Darren Ernest Canavor, Jesper Mikael Johansson
  • Patent number: 10162948
    Abstract: An authentication system in accordance with an example includes an image capture device to scan an object. The authentication system also includes an authentication module to identify imperfections in the object based on the scan, to generate model data based on the identified imperfections, and to authenticate the user based on a comparison of currently identified imperfections to the model data.
    Type: Grant
    Filed: December 6, 2013
    Date of Patent: December 25, 2018
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Valentin Popescu, James Robert Waldron
  • Patent number: 10164969
    Abstract: A computer security system comprises a security module adapted to control access to a secure computer resource by a user via a client based on verification of a security credential provided by the user. The computer security system also comprises verification data disposed on the client and accessible by the security module. The security module is adapted to enable the user to recover the security credential based on a response received from the user associated with the verification data.
    Type: Grant
    Filed: January 11, 2017
    Date of Patent: December 25, 2018
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Valuiddin Ali, Manuel Novoa, Matthew J. Wagner
  • Patent number: 10120995
    Abstract: A device unlock pattern (“pattern password”) is static in that the same pattern is entered each time to unlock a device. Due to this repetition, a pattern password may be discovered by an application that captures touchscreen gestures, by inspection of fingerprints or smudges on a screen, or simply by an onlooker that views the pattern password being entered. A variable hint pattern can be used to impede discovery. A hint pattern is a sub-pattern (“hint”) of the pattern password to be completed for device unlock. A variable hint pattern can impede discovery by changing the sub-pattern at a defined change threshold related to unlock attempts. The device can randomly change the sub-pattern or randomly change the missing portions of the pattern password at each change threshold. As a result, different inputs complete the pattern password. This variance stymies the methods typically used to discover pattern passwords.
    Type: Grant
    Filed: December 22, 2015
    Date of Patent: November 6, 2018
    Assignee: CA, Inc.
    Inventors: Yashwant Ramkishan Sawant, Mohammed Mujeeb Kaladgi, Ruqiya Nikhat Kaladgi, Junaid Ahmed Jameel, Jameel Ahmed Kaladgi
  • Patent number: 10120989
    Abstract: A process including: displaying icons used for password entry into an electronic system, in such a way that a hand movement associated with entry of the password into the system is randomized.
    Type: Grant
    Filed: June 4, 2014
    Date of Patent: November 6, 2018
    Assignee: NOWWW.US Pty. Ltd.
    Inventor: Mark Rodney Anson
  • Patent number: RE47518
    Abstract: Image based login procedures for computer systems include: (a) displaying a first image on a computer screen; (b) receiving user input indicating a portion of the first image; (c) determining if the user input corresponds to a first acceptable user input for user authentication; and (d) proceeding with the authentication procedure when this user input corresponds to the first acceptable user input for user authentication. Additionally or optionally, when proceeding with this authentication procedure, the systems and methods further may include: displaying a second image on the screen; receiving new user input indicating a portion of the second image; and determining if this new input corresponds to a second acceptable user input for user authentication.
    Type: Grant
    Filed: January 12, 2017
    Date of Patent: July 16, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Matthew E. Kowalczyk, Russell Humphries, Erik L. Holt