Credential Management Patents (Class 726/18)
  • Patent number: 11429722
    Abstract: An example system with a pre-OS (Operating System) environment, the pre-OS environment includes a private memory that is isolated from a processor of the system. The pre-OS environment also includes an embedded controller (EC) coupled to the private memory, where the EC includes an embedded key. The EC is to execute instructions to generate an encryption key based on the embedded key; generate a signature key; obtain data; produce an integrity-verification tag based on a hash of the obtained data, where the hash employs the signature key; encrypt the obtained data based on the encryption key; store the encrypted data in the private memory; and store the integrity-verification tag in the private memory in association with the stored encrypted data.
    Type: Grant
    Filed: January 29, 2018
    Date of Patent: August 30, 2022
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Jeffrey Kevin Jeansonne, Rosilet Retnamoni Braduke, Joshua Serratelli Schiffman, David Plaquin
  • Patent number: 11388194
    Abstract: An identity verification method and a verifying device, where the verifying device receives an account for requesting password reset. When the account is invalid, the verifying device sends a fake identification and a first verification request to a requesting device. The verification request mentioned requests a user to determine whether to send verification information to a first communication address. The fake identification and the first communication address are associated with the first account.
    Type: Grant
    Filed: June 11, 2020
    Date of Patent: July 12, 2022
    Assignee: HUAWEI CLOUD COMPUTING TECHNOLOGIES CO., LTD.
    Inventor: Duanhao Ou
  • Patent number: 11361068
    Abstract: Various systems and methods are provided for using dummy characters to provide enhanced security of a user's login credentials. The functionality disclosed herein provides specific steps for the creation, evaluation, storage, and use of such dummy characters in conjunction with a user's login credentials. Dummy characters can be thought of as characters that are not part of a user's actual password, but which are mixed in and around the actual characters when the password is being entered, in order to protect a user's true password from prying eyes and nefarious actors. Dummy characters can be associated with a specific user and/or a specific device or devices associated with a specific user. The functionality provided herein prevents a nefarious actor from simply repeating an entire password string (including the dummy characters) on a device that is not associated with the user whose credentials the nefarious actor is attempting to misappropriate.
    Type: Grant
    Filed: November 27, 2019
    Date of Patent: June 14, 2022
    Assignee: Dell Products L.P.
    Inventors: Parminder Singh Sethi, Lakshmi Saroja Nalam
  • Patent number: 11356849
    Abstract: A method of authenticating a transponder communicating with a server, including: calculating a one-time password in the transponder with a dedicated algorithm, on the basis of the state of a counter and a physical quantity, such as a transmission delay determined in the transponder during reading by a reading device; transmitting the password to the server by the reading device, which determines a transmission delay of the transponder, and transmitting to the server, in addition to the password, the information about the transmission delay determined in the reading device; decrypting by the dedicated algorithm the password, and checking if the decrypted transmission delay of the received password corresponds to the transmission delay determined by the reading device within a determined temporal margin, and if the state of the counter is different from a received previous state of the counter so as to authenticate the transponder.
    Type: Grant
    Filed: November 19, 2019
    Date of Patent: June 7, 2022
    Assignee: EM MICROELECTRONIC-MARIN S.A.
    Inventors: Stéphanie Salgado, Julian Guilloux
  • Patent number: 11251960
    Abstract: Techniques for providing a server-based Wi-Fi Protected Setup (WPS) PIN procedure are described. In an example, a computing device generates a PIN associated with a WPS-PIN procedure. The computing device encrypts the PIN to generate an encrypted PIN based on a public key associated with a server. Further, the computing device sends, to another computing device that is communicatively coupled with the server via an access point, a WPS probe request that includes the encrypted PIN. Based on the WPS probe request, the computing device receives, from at least one of the other computing devices or the server, a credential associated with the access point. The computing devices connects to the access point based on the credential.
    Type: Grant
    Filed: October 19, 2018
    Date of Patent: February 15, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: QingYun Wei, Andrew Roths, James Edwin Christy
  • Patent number: 11252562
    Abstract: The invention relates to a method for securing a command to be applied to a motor vehicle, characterized in that said method comprises: a first step of generating first data, via a vehicle electronic control unit; a second step of sending said first data to a mobile terminal comprising a screen, via the electronic control unit; a third step of displaying the first data on the screen of the mobile terminal; a fourth step in which a human user processes the first data in order to obtain second data; a fifth step of sending the second data to the electronic control unit via the mobile terminal; a sixth step of comparing said second data to a key of the first data, via the electronic control unit; if the second data is validated by the key of the first data, a seventh step of activating the motor vehicle via the electronic control unit, in order to implement at least part of the control.
    Type: Grant
    Filed: June 25, 2014
    Date of Patent: February 15, 2022
    Assignee: VALEO SECURITE HABITACLE
    Inventors: Eric Menard, Frédéric Gehin, Fabienne Masson
  • Patent number: 11210431
    Abstract: In some examples, a computing device may determine, based on sensor data, that the computing device is in a public environment. In response, the computing device may display an entry wheel to enable a user to enter a password. The entry wheel may include multiple input symbols arranged equidistant around a circle. In some cases, one or more geometric patterns linking a portion of the input symbols may be displayed. After receiving an individual character of the password, the computing device may display the entry wheel rotated a number of positions in either a clockwise or counter-clockwise direction and display zero or more of the geometric patterns. After all the characters of the password have been received, the computing device may determine if the password matches a previously stored password. If the password matches, the computing device may transition from a low power state to an active state.
    Type: Grant
    Filed: June 7, 2019
    Date of Patent: December 28, 2021
    Assignee: Dell Products L.P.
    Inventors: Sathish Kumar Bikumala, Parminder Singh Sethi, Lakshmi Saroja Nalam, Sean Creedon
  • Patent number: 11195170
    Abstract: a user profile of behavior of a specific user is generated, including obtaining a plurality of dummy user profiles. An initial behavioral dataset relating to the behavior of the specific user during a specific transaction is collected, and compared to each of the plurality of dummy user profiles. When the initial behavioral dataset matches at least one of the plurality of dummy user profiles, the method further includes initiating a new user profile of the specific user to be equivalent to the at least a portion of at least one of the plurality of dummy user profiles, and further training the new user profile based on the initial behavioral dataset, to modify the new user profile to more accurately reflect behavior of the specific user.
    Type: Grant
    Filed: May 31, 2021
    Date of Patent: December 7, 2021
    Assignee: BEHAVIOSEC INC
    Inventors: Tony Libell, Jorge Diez Ferreras
  • Patent number: 11188633
    Abstract: A password authentication device includes a display control unit that displays plurality of input key groups, an input operation unit operated by a user to select a soft key on the display screen to enable the input of a password, a sight line detection sensor that detects the direction of the line of sight of a user who operates the input operation unit, an operation target specifying part that specifies an input key group located at the end of the line of sight of the user among the plurality of input key groups, based on the direction of the line of sight detected by the sight line detection sensor, and a password acquisition part assumes an operation in the input operation unit as an operation for the input key group specified by the operation target specifying part and acquires a password inputted through the input operation unit.
    Type: Grant
    Filed: June 19, 2019
    Date of Patent: November 30, 2021
    Assignee: KYOCERA DOCUMENT SOLUTIONS INC.
    Inventor: Toru Michigami
  • Patent number: 11184353
    Abstract: The embodiments set forth systems and techniques to authenticate a user device for device services, such as by transferring or extending a trusted device status from a separate and trusted associated user device, which can be paired with the user device. This can be done automatically without requiring the user to sign in at or on behalf of the user device, and the automated process can include verifying a trusted status for the associated user device, receiving data items from both devices, evaluating the data items, and facilitating an authentication of the user device when the evaluating returns a favorable result. Data items can include provisioned machine identifiers, temporally limited one-time user passwords, and a provisioned password reset key. Authentication or trusted device status transfer can be achieved by way of an authentication token that is given to the user device.
    Type: Grant
    Filed: February 20, 2019
    Date of Patent: November 23, 2021
    Assignee: Apple Inc.
    Inventors: James C. Wilson, Lestat Ali, Aniwat Arromratana
  • Patent number: 11182784
    Abstract: Example embodiments of systems and methods for data transmission system between transmitting and receiving devices are provided. In an embodiment, each of the transmitting and receiving devices can contain a master key. The transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can generate the diversified key based on the master key and can decrypt the data and validate the protected counter value using the diversified key.
    Type: Grant
    Filed: October 21, 2019
    Date of Patent: November 23, 2021
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Kaitlin Newman, Kimberly Haynes, Charles Nathan Crank, Andrew Cogswell, Colin Hart, Jeffrey Rule, Lara Mossler, Latika Gulati, Abdelkader Benkreira, Sarah Jane Cunningham, Sophie Bermudez, Michael Mossoba, Wayne Lutz
  • Patent number: 11151245
    Abstract: Examples associated with user authentication are described. One example method includes authenticating a user of a device using a static authentication technique. A behavior profile associated with the user is loaded. The behavior profile describes a pattern of device usage behavior by the user in a three-dimensional space over a time slice. The behavior profile also identifies distinctive user habits. Usage of the device is monitored, and a behavior similarity index is periodically updated. The behavior similarity index describes a similarity between the usage of the device and the pattern of device usage behavior. The behavior similarity index is weighted based on the distinctive user habits. Access to the device is restricted when the behavior similarity index reaches a predefined threshold.
    Type: Grant
    Filed: September 9, 2016
    Date of Patent: October 19, 2021
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Lei Liu, Ning Ge, Steven J. Simske, Helen A. Holder
  • Patent number: 11144629
    Abstract: Systems and methods for multi-factor authentication using graphical passwords. An access request that includes an identifier and which identifies a protected resource is received from a client device. An interface is generated having a plurality of graphical objects for presentation at random locations on a display of the client device as defined by an object map. The plurality of graphical objects include a null object and a set of user-defined objects associated with the identifier that define a graphical password. Input data including an input event for each detected interaction with the interface is received. Each input event identifies a position on the display at which a corresponding interaction was detected. Using the object map, it is determined that the input data satisfies the graphical password. Access to the protected resource is granted in response to determining that the input data satisfies the graphical password.
    Type: Grant
    Filed: October 15, 2019
    Date of Patent: October 12, 2021
    Assignee: AMADEUS S.A.S.
    Inventors: Mohamed-Amine Maaroufi, Florent Maupay
  • Patent number: 11140169
    Abstract: A system includes an interface, a tenant authentication processor, and an application routing processor. The interface is configured to receive a first request for access. The tenant authentication processor is configured to provide a tenant token request to a tenant process associated with the first request; receive a tenant token from the tenant process; determine a signed tenant token based on the tenant token and a key; and provide the signed tenant token for access to an application routing platform. The application routing processor of the application routing platform is configured to receive an API call comprising the signed tenant token; determine that the signed tenant token is valid; determine an application platform token; determine routing information to an application platform based on the API call; and provide the application platform the API call and the application platform token using the routing information to gain access to the application platform.
    Type: Grant
    Filed: October 31, 2018
    Date of Patent: October 5, 2021
    Assignee: Workday, Inc.
    Inventors: Bjorn Hamel, Dylan Owen, Jonathan David Ruggiero
  • Patent number: 11134382
    Abstract: A method of authenticating a transponder in communication with a server. The method includes the steps of defining a word in the transponder with a previous state of a counter of the transponder, incremented by a random number generated in the transponder, calculating a one-time password in the transponder with the aid of an HOTP algorithm and of a secret key on the basis of the word, transmitting the word and the one-time password to the server, calculating another one-time password in the server with the word received from the transponder by the HOTP algorithm and with one and the same secret key, and checking whether the passwords are identical so as to authenticate the transponder and authorize access to a site determined by the server.
    Type: Grant
    Filed: February 5, 2019
    Date of Patent: September 28, 2021
    Assignee: EM Microelectronic-Marin SA
    Inventors: Tomas Novak, Julian Guilloux, Stephanie Salgado
  • Patent number: 11120123
    Abstract: In accordance with some embodiments, a method is performed at an electronic device with a display device and one or more input devices. The method includes displaying, via the display device, a user interface that includes a new-password field. The method includes detecting, via the one or more input devices, a user input that corresponds to selection of the new-password field. In response to detecting the user input that corresponds to selection of the new-password field, the method includes displaying, on the display device, a representation of a new automatically-generated password in the new-password field and displaying, on the display device, an affordance to accept the new automatically-generated password and an affordance to decline to use the new automatically-generated password.
    Type: Grant
    Filed: May 30, 2019
    Date of Patent: September 14, 2021
    Assignee: Apple Inc.
    Inventors: Conrad A. Shultz, Richard J. Mondello, Reza Abbasian, Ivan Krstic, Darin Adler, Charilaos Papadopoulos, Maureen Grace Daum, Guillaume Borios, Patrick Robert Burns, Alexander David Sanciangco, Brent Michael Ledvina, Chelsea Elizabeth Pugh, Kyle Brogle, Marc J. Krochmal, Jacob Klapper, Paul Russell Knight, Connor David Graham, Shengkai Wu, I-Ting Liu, Steven Jon Falkenburg
  • Patent number: 11119648
    Abstract: A computer-implemented a method for authenticating a user includes: displaying, by a computer device, a first user interface on a display; receiving, by the computer device, user input defining a first pattern; displaying, by the computer device, a second pattern on the display, wherein the second pattern is different than the first pattern; comparing, by the computer device, the first pattern to a predefined pattern; and based on the comparing, the computer device performing one of: re-displaying the first user interface when the first pattern does not match the predefined pattern; and displaying a second user interface when the first pattern does match the predefined pattern.
    Type: Grant
    Filed: November 7, 2019
    Date of Patent: September 14, 2021
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Chris R. Bean, Stephen R. F. Head, Sophie D. Green, Madeleine R. Neil Smith
  • Patent number: 11106352
    Abstract: While displaying the wake screen user interface, in response to detecting a first input that is directed to a portion of the wake screen user interface: if the first input includes first movement in a first direction, the computer system displays of a home screen user interface; and the first movement is in a second direction, the computer system displays a widget screen user interface that is different from the wake screen user interface and the home screen user interface, wherein the widget screen user interface includes a plurality of user interface objects corresponding to different applications, wherein a respective user interface object of the plurality of user interface objects contains application content from an application corresponding to the respective user interface object, and when selected, causes display of an application corresponding to the respective user interface object.
    Type: Grant
    Filed: June 29, 2020
    Date of Patent: August 31, 2021
    Assignee: APPLE INC.
    Inventor: William M. Tyler
  • Patent number: 11102200
    Abstract: In general, the techniques of this disclosure describe a computing device that is configured to verify an identity of a user based on authentication factors received from multiple authentication devices. The computing device, which may be configured to operate as a server device, may receive an authentication factor from at least three authentication devices in a group of three or more authentication devices via a guard device. The computing device may determine a probability that the respective user of each respective authentication device is a particular trusted user based on the received authentication factors. If the probability exceeds a threshold authentication probability, the computing device may send an authentication confirmation to a client device.
    Type: Grant
    Filed: January 12, 2018
    Date of Patent: August 24, 2021
    Assignee: ARCHITECTURE TECHNOLOGY CORPORATION
    Inventors: Benjamin L. Burnett, Ranga Ramanujan
  • Patent number: 11089012
    Abstract: A reader configured to perform dual-factor authentication is provided. The reader is configured to analyze credential data as well as event-based user inputs. The event-based user inputs are received in response to the reader presenting one or more events to a user and monitoring the user's reaction thereto. Utilization of an event-based user input enables the reader to perform dual-factor authentication without necessarily being provided with a keyboard or other advanced user input device.
    Type: Grant
    Filed: September 18, 2017
    Date of Patent: August 10, 2021
    Assignee: ASSA ABLOY AB
    Inventors: Masha Leah Davis, Mark Robinton, Peter F. Klammer
  • Patent number: 11082418
    Abstract: A system, method, apparatus, and computer program product for a privacy ensured brokered identity federation system. The privacy ensured brokered identity federation system connects a user in a brokered identity federation environment that blinds relying parties (RP) from credential service providers (CSP), blinds CSPs from RPs, and blinds a user's identity and data from the federation middleware hubs. The system utilizes ring signatures to attest to CSPs that a valid RP of the federation is making a request. The process utilizes CSP ring signatures to assure RPs that a valid CSP of the federation has provided a response. The process utilizes per transaction encryption keys created by the RP to ensure the federation has no access to data messages. It can further ensure that only the correct RP can decrypt a CSP response.
    Type: Grant
    Filed: February 13, 2018
    Date of Patent: August 3, 2021
    Assignee: Avalanche Cloud Corporation
    Inventors: Mark A. Nelson, George S. Rathbun, Scott Kern
  • Patent number: 11061999
    Abstract: Embodiments described include systems and methods for incorporating tags in content of network applications. An embedded browser, which is executable on one or more processors of a client device, may detect content from a network application accessed via the embedded browser. A DRM engine of the embedded browser identifies a DRM scheme for the network application from the plurality of DRM schemes and according to the network application. The DRM engine generates a DRM tag for the content according to the DRM scheme identified for the network application. The DRM tag includes a classification of the content. The DRM engine incorporates the DRM tag into the content for managing usage of the content according to the classification.
    Type: Grant
    Filed: November 6, 2018
    Date of Patent: July 13, 2021
    Assignee: Citrix Systems, Inc.
    Inventors: Vipin Borkar, Santosh Sampath, Deepak Sharma, Arvind SankaraSubramanian
  • Patent number: 11062709
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for obtaining, for each of multiple words or sub-words, audio data corresponding to multiple users speaking the word or sub-word; training, for each of the multiple words or sub-words, a pre-computed hotword model for the word or sub-word based on the audio data for the word or sub-word; receiving a candidate hotword from a computing device; identifying one or more pre-computed hotword models that correspond to the candidate hotword; and providing the identified, pre-computed hotword models to the computing device.
    Type: Grant
    Filed: March 2, 2020
    Date of Patent: July 13, 2021
    Assignee: Google LLC
    Inventor: Matthew Sharifi
  • Patent number: 11057435
    Abstract: A method is provided for identifying a strength of an input picture password formed by performing a sequence of gestures relative to a picture. The method includes storing, in a memory device, a crowdsource history of picture passwords each of which include a picture and a sequence of gestures on the picture. The method further includes generating, by a processor-based demography-based pattern usage assessment generator, a demography-based pattern usage assessment by analyzing the crowd source history. The method also includes providing, by a user-perceptible indication device, an indication of the strength of the input picture password in accordance with the demography-based pattern usage assessment.
    Type: Grant
    Filed: July 18, 2019
    Date of Patent: July 6, 2021
    Assignee: International Business Machines Corporation
    Inventors: Yuk L. Chan, Heidi Lagares-Greenblatt, Deepti Naphade
  • Patent number: 11025664
    Abstract: Systems, methods, and software described herein provide security actions based on the current state of a security threat. In one example, a method of operating an advisement system in a computing environment with a plurality of computing assets includes identifying a security threat within the computing environment. The method further includes, in response to identifying the security threat, obtaining state information for the security threat within the computing environment, and determining a current state for the security threat within the computing environment. The method also provides obtaining enrichment information for the security threat and determining one or more security actions for the security threat based on the enrichment information and the current state for the security threat.
    Type: Grant
    Filed: January 7, 2020
    Date of Patent: June 1, 2021
    Assignee: SPLUNK INC.
    Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
  • Patent number: 11025658
    Abstract: A method includes obtaining messages associated with assets in an enterprise system, splitting each of the messages into a set of tokens, determining a count of a number of occurrences of each of the tokens, and assigning weights to the tokens based at least in part on the counts of the number of occurrences of the tokens. The method also includes determining a score for each of the messages based at least in part on a combined sum of the weights for the set of tokens of that message, generating a summary of the messages by selecting a subset of the messages for based at least in part on the scores. The method further includes identifying remedial actions to be applied to assets in the enterprise system based at least in part on the summary of the messages, and implementing at least one of the identified remedial actions.
    Type: Grant
    Filed: May 3, 2019
    Date of Patent: June 1, 2021
    Assignee: EMC IP Holding Company LLC
    Inventors: Sashka T. Davis, Kevin J. Arunski, Zulfikar A. Ramzan, Scott Moore, Abram Q. Thielke, Ed G. Quackenbush, Matthew D. Tharp
  • Patent number: 11010762
    Abstract: Systems and methods for authentication code entry in touch-sensitive screen enabled devices are disclosed. In one embodiment, a method for entering data to a data entry device comprising at least one computer processor and a touch-sensitive screen may include (1) the touch-sensitive screen sensing a first input comprising at least one finger touch; (2) the touch-sensitive screen sensing a release of the first input; (3) the at least one computer processor determining a first number of finger touches in the first input; and (4) the at least one computer processor using the first number of finger touches to identify a first portion of an authentication code.
    Type: Grant
    Filed: October 8, 2018
    Date of Patent: May 18, 2021
    Assignee: VeriFone, Inc.
    Inventors: Imran A. Hajimusa, Glen Robson, Davey Faoro
  • Patent number: 11010044
    Abstract: Methods, systems and devices are provided for input of a sequence of digits such as a PIN code or password. A user can use swipe motions to choose the value of a digit and double tap to accept a digit, and swipe up to confirm that input of the sequence of digits is complete. Embodiments can be implemented on point of sale devices, merchant devices and customer devices including mobile devices.
    Type: Grant
    Filed: May 28, 2019
    Date of Patent: May 18, 2021
    Assignee: Shopify Inc.
    Inventors: Luke James Sartori, Mir Mustafa Ali, Theresa Jia Ying Zeng, David Grant Seal
  • Patent number: 11003723
    Abstract: System and method to acquire data from a deep web are provided. The system includes a processing subsystem. The processing subsystem includes a local virtual private network module configured to create at least one first virtual private network within a router. The system also includes a cloud virtual private network (VPN) module configured to create a plurality of second virtual private networks based on the at least one first virtual private network. The plurality of second virtual private networks is configured to enable an access to the deep web. The system also includes a plurality of virtual computing devices configured to access the deep web by one or more crawlers based on one or more parameters and to acquire the data from the deep web based on the one or more parameters. The system also includes a storage device configured to store the data acquired from the deep web.
    Type: Grant
    Filed: August 22, 2018
    Date of Patent: May 11, 2021
    Assignee: Marlabs Innovations Private Limited
    Inventor: Bimodh Jo Mathew
  • Patent number: 10986086
    Abstract: Techniques for protecting passwords and/or password entry by a user are provided. User identification data for a user can be received from a remote computing device. An identity of the user can be determined based on the user identification data. A password for the user can be determined. A modified keyboard configuration associated with the user can be determined. A request can be transmitted to the remote computing device for the password for the user based on the modified keyboard configuration. A modified password from the remote computing device can be received. A converted password based on the modified password and the modified keyboard configuration can be determined. The converted password can be compared to the password for the user. The user can be authorized when the converted password matches the password for the user.
    Type: Grant
    Filed: August 29, 2019
    Date of Patent: April 20, 2021
    Assignee: Capital One Services, LLC
    Inventors: Fardin Abdi Taghi Abad, Reza Farivar, Jeremy Edward Goodsitt, Anh Truong, Kenneth Taylor, Mark Louis Watson, Kate Key, Vincent Pham, Austin Grant Walters
  • Patent number: 10977343
    Abstract: A display input device includes a reception processing portion, a change processing portion, and a display processing portion. The reception processing portion, based on correspondence information indicating a correspondence between a plurality of characters and a plurality of operation keys used for inputting a password of a preset number of characters, receives an operation of any one of the operation keys as an input operation of a character corresponding to the operation key. The change processing portion changes the correspondence relationship when the operation of the operation key is performed a preset specific number of times that is less than the number of characters of the password, or at a preset specific interval. The display processing portion displays the correspondence information at a predetermined position, different from a position of the operation keys, on an input screen used for inputting the password.
    Type: Grant
    Filed: September 14, 2018
    Date of Patent: April 13, 2021
    Assignee: KYOCERA Document Solutions Inc.
    Inventor: Hiromi Sakata
  • Patent number: 10970482
    Abstract: A piece of text is saved for security verification on a computing device. One or more pieces of related text corresponding to the piece of saved text are generated, where each text element of the one or more pieces of related text is generated based on its proximity to the corresponding text element of the piece of saved text on one or more keyboards on the computing device. A piece of input text is received for information verification. A piece of input text is compared with the piece of saved text and the one or more pieces of related text. A determination is made that the piece of input text matches one of the one or more pieces of related text and input guidance for re-entering a piece of text for security authentication is provided.
    Type: Grant
    Filed: November 27, 2017
    Date of Patent: April 6, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventor: Yong He
  • Patent number: 10949524
    Abstract: User authentication techniques are provided using a scene composed of selected objects. An exemplary method comprises obtaining enrollment information from a user, wherein the enrollment information comprises a first scene comprised of a first selection of objects; initiating a challenge to the user in connection with an authentication request by the user to access a protected resource; processing a second scene comprised of a second selection of objects submitted by the user in response to the challenge, and wherein the processing comprises determining a likelihood that the submitted second scene comprised of the second selection of objects matches the first scene comprised of the first selection of objects submitted by the user with the enrollment information; and resolving the authentication request based on the likelihood. Objects in the first selection of objects are optionally selected from a catalog and arranged into the first scene.
    Type: Grant
    Filed: October 31, 2018
    Date of Patent: March 16, 2021
    Assignee: RSA Security LLC
    Inventors: Brian Mullins, Salah Machani, Millie Ng
  • Patent number: 10891374
    Abstract: The disclosed computer-implemented method for improving performance of cascade classifiers for protecting against computer malware may include receiving a training dataset usable to train a cascade classifier of a machine-learning classification system. A sample to add to the training dataset may be received. A weight for the sample may be calculated. The training dataset may be modified using the sample and the weight. A weighted training for the cascade classifier of the machine-learning classification system may be performed using the modified training dataset. Computer malware may be identified using the cascade classifier. In response to identifying the computer malware, a security action may be performed to protect the one or more computing devices from the computer malware. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: March 28, 2018
    Date of Patent: January 12, 2021
    Assignee: CA, INC.
    Inventors: Ryan Curtin, Keith Kenemer
  • Patent number: 10868807
    Abstract: Systems and methods for determining a pictograph password sequence and association phrase are provided. In some example embodiments, an assigned pictograph sequence request is received from a client device, with the request causing the system to generate a template pictograph sequence, generate an association phrase based on the template pictograph sequence, store the template pictograph sequence and associated phrase on a memory, and transmit instructions to cause a display of the template pictograph sequence and the association phrase. In some example embodiments, the system requires an input of a pictograph sequence that matches the template pictograph sequence in order for a user to view content. In some example embodiments, the template pictograph sequence may be replaced by a user pictograph sequence.
    Type: Grant
    Filed: December 6, 2018
    Date of Patent: December 15, 2020
    Assignee: Snap Inc.
    Inventors: Eric Buehl, Michael Cieslak
  • Patent number: 10867026
    Abstract: Techniques are described for providing control of a security system. A user is authorized in the security system and user identification inputs, provided through an input unit of a personal mobile device of the authorized user of the security system, are accessed. One or more signatures of the authorized user are defined and stored in a signature map. Subsequently, user identification input is received from an unauthenticated user using the personal mobile device. The user identification input received from the unauthenticated user is compared to one or more defined signatures in the signature map. The unauthenticated user is determined to be the authorized user if the received user identification input matches one of the defined signatures. The unauthenticated user is allowed to control the security system based on the determination that the unauthenticated user is the authorized user.
    Type: Grant
    Filed: June 13, 2019
    Date of Patent: December 15, 2020
    Assignee: Alarm.com Incorporated
    Inventors: Stephen Scott Trundle, Alison Jane Slavin
  • Patent number: 10862682
    Abstract: The present disclosure describes methods of encrypting and decrypting blocks of data stored in computer readable memory for a device using a block cipher with a nonce. In particular, methods of encrypting and decrypting blocks of data where the value of the nonce is based on previous execution instructions of a program executed by the device for a previously executed block are described. Embodiments disclosed include a method of encrypting blocks of data bits stored in computer readable memory for a device using a block cipher with a nonce and a key, the method comprising for each block of data: generating a value of the nonce based on previous execution instructions of a program executed by the device for a previously executed block of data; and encrypting the block of data with the nonce and key using the block cipher.
    Type: Grant
    Filed: July 20, 2015
    Date of Patent: December 8, 2020
    Assignee: NXP B.V.
    Inventor: Hugues de Perthuis
  • Patent number: 10855692
    Abstract: A system, method, and computer-readable medium are disclosed for generating an adaptive trust profile via an adaptive trust profile operation. In various embodiments the adaptive trust profile operation includes: monitoring a plurality of electronically-observable actions of an entity, the plurality of electronically-observable actions of the entity corresponding to a respective plurality of events enacted by the entity, the monitoring comprising monitoring at least one of the plurality of electronically-observable actions via a protected endpoint; converting the plurality of electronically-observable actions of the entity to electronic information representing the plurality of actions of the entity; and generating an adaptive trust profile based upon the action of the entity.
    Type: Grant
    Filed: May 17, 2019
    Date of Patent: December 1, 2020
    Assignee: Forcepoint, LLC
    Inventor: Richard A. Ford
  • Patent number: 10853472
    Abstract: In one embodiment, an apparatus includes a non-volatile storage to store a seed value and a signature that is based on an iterative execution of a function for a predetermined number of intervals. The apparatus may further include the security processor coupled to the non-volatile storage, where the security processor is to independently recover a credential for an updated version of the firmware based at least in part on the seed value and a security version number for the updated version of the firmware. Other embodiments are described and claimed.
    Type: Grant
    Filed: June 28, 2018
    Date of Patent: December 1, 2020
    Assignee: Intel Corporation
    Inventors: Xiaoyu Ruan, William A. Stevens, Jr.
  • Patent number: 10838668
    Abstract: A managing device used in an apparatus managing system including a print relational apparatus, terminals of users and a storing device manages the print relational apparatus and the users. The storing device stores user information of each user. The managing device includes a user authorizing part, a notification transmitting part and an information changing part. The user authorizing part authorizes, based on use history of the apparatus of each user, the user whose a nonuse period of the apparatus exceeds a predetermined period, as a registration erasure candidate user. The notification transmitting part transmits a registration erasure proposal notification having a proposal to erase registration of the candidate user to the terminal of a management user. The information changing part erases registration of the candidate user by erasing or changing the user information of the candidate user, according to indication inputted by the management user.
    Type: Grant
    Filed: July 5, 2019
    Date of Patent: November 17, 2020
    Assignee: KYOCERA Document Solutions Inc.
    Inventors: Kazuki Nishikai, Takeshi Nakamura, Satoshi Goshima, Dukil Park, Yuichi Obayashi, Takumi Nakamura, Koki Nakajima, Yasuo Nakashima
  • Patent number: 10834097
    Abstract: A system, method, and computer-readable medium are disclosed for generating an adaptive trust profile via an adaptive trust profile operation. In various embodiments the adaptive trust profile operation includes: monitoring a plurality of electronically-observable actions of an entity, the plurality of electronically-observable actions of the entity corresponding to a plurality of respective events enacted by the entity; converting the plurality of electronically-observable actions of the entity to electronic information representing the plurality of actions of the entity; and generating the adaptive trust profile based upon the plurality of actions of the entity, the adaptive trust profile comprising a plurality of adaptive trust profile components.
    Type: Grant
    Filed: May 17, 2019
    Date of Patent: November 10, 2020
    Assignee: Forcepoint, LLC
    Inventor: Richard A. Ford
  • Patent number: 10826694
    Abstract: The present disclosure relates to a method for using a secret key for cryptographically processing a data item in an enclave enabled system. The method comprises: computing a first set of shares of the secret key and storing them in an encrypted format. Each encrypted share may be sent to respective component in a first set of components. In response to sending the encrypted shares, a modified encryption of the respective share may be received from each of the first set of components. Each of the received modified encryptions may be encrypted and the resulting modified share is sent to the respective first set of components. In response to sending the decrypted modified shares, a data item cryptographically processed using the respective share may be received from each of the first set of components. The received data items may be combined to obtain a cryptographically processed data item.
    Type: Grant
    Filed: April 23, 2018
    Date of Patent: November 3, 2020
    Assignee: International Business Machines Corporation
    Inventors: Jan L. Camenisch, Manu Drijvers, Anja Lehmann, Kai Wilhelm Samelin
  • Patent number: 10810369
    Abstract: A piece of text is saved for security verification on a computing device. One or more pieces of related text corresponding to the piece of saved text are generated, where each text element of the one or more pieces of related text is generated based on its proximity to the corresponding text element of the piece of saved text on one or more keyboards on the computing device. A piece of input text is received for information verification. A piece of input text is compared with the piece of saved text and the one or more pieces of related text. A determination is made that the piece of input text matches one of the one or more pieces of related text and input guidance for re-entering a piece of text for security authentication is provided.
    Type: Grant
    Filed: November 27, 2017
    Date of Patent: October 20, 2020
    Assignee: Alibaba Group Holding Limited
    Inventor: Yong He
  • Patent number: 10778691
    Abstract: Various embodiments provide for the consolidation of policies across multiple identities that are respectively associated with multiple active directory (AD) groups to which a user belongs. Present embodiments provide for dynamically generating a new identity in the resource provider environment that includes permissions to all of the resources that may otherwise be distributed across multiple identities. Specifically, in accordance with various embodiments, when a user login is detected, the active directory is queried to determine the AD groups to which the user belongs. As mentioned, the user's AD groups are mapped to respective identities in the resource provider environment, in which each identity includes policy defining access to one or more resources. The policies of all the respective identities are consolidated and assigned to a new identity. The user may assume the new identity and access all the resources in tandem.
    Type: Grant
    Filed: December 7, 2017
    Date of Patent: September 15, 2020
    Assignee: AMAZON TECHNOLOGIES, INC.
    Inventors: Robert W. Kissell, Eric Andrew Scholz
  • Patent number: 10771256
    Abstract: A method for generating an electronic signature of a user for an electronic document including establishing a secure Internet session between a telecommunication terminal of a user and a signature server computer system; receiving a code from the signature server computer system via a separate and/or separately secured side channel by the telecommunication terminal; transmitting a combination of code and authentication information of the user via the secure Internet session to the signature server computer system; checking the validity of the combination of code and authentication information by the signature server computer system; and generating the electronic signature of the user by a high-security module of the signature server computer system, wherein the private key of the user for generating the electronic signature is stored in the high-security module.
    Type: Grant
    Filed: April 25, 2016
    Date of Patent: September 8, 2020
    Assignee: BUNDESDRUCKEREI GMBH
    Inventor: Christian Seegebarth
  • Patent number: 10740358
    Abstract: Embodiments of the invention provide systems and methods for managing and processing large amounts of complex and high-velocity data by capturing and extracting high-value data from low value data using big data and related technologies. Illustrative database systems described herein may collect and process data while extracting or generating high-value data. The high-value data may be handled by databases providing functions such as multi-temporality, provenance, flashback, and registered queries. In some examples, computing models and system may be implemented to combine knowledge and process management aspects with the near real-time data processing frameworks in a data-driven situation aware computing system.
    Type: Grant
    Filed: March 23, 2015
    Date of Patent: August 11, 2020
    Assignee: Oracle International Corporation
    Inventors: Eric S. Chan, Dieter Gawlick, Adel Ghoneimy, Zhen Hua Liu
  • Patent number: 10726118
    Abstract: A secured computerized system comprising a computerized environment secured to prevent access thereto, other than by end-users who have passed a what-you-know authentication test: what-you-know testing functionality for administering a what-you-know user authentication test to end-user/s, including presenting image/s to end-user, and approving end-user to enter the computerized environment if end-user correctly selects predetermined location/s within the image; and a graphic what-you-know test-configuring functionality for displaying system-selected location/s within the image; providing a graphic interface operative for accepting, from, end-user/s, a user-selected modification of system-selected location/s; and storing, for each individual end-user, the user-selected modification as the individual end-user's predetermined location/s; or if no user-selected modification exists for an individual end-user, storing the system-selected location as the individual end-user's predetermined location.
    Type: Grant
    Filed: June 16, 2016
    Date of Patent: July 28, 2020
    Assignee: GOOGALE (2009) LTD.
    Inventors: Nir Michalowitz, Michal Peled Rosenvald
  • Patent number: 10686841
    Abstract: This disclosure provides an apparatus and method for dynamic customization of cyber-security risk item rules. A method includes interacting with a user, by a risk manager system, to define a plurality of rules for risk items to be monitored among a plurality of connected devices. The method also includes mapping each of the rules to a corresponding one or more of the connected devices by the risk manager system. The method further includes monitoring the connected devices according to the rules by the risk manager system. In addition, the method includes displaying an output based on the rules and a status of the connected devices by the risk manager system.
    Type: Grant
    Filed: May 24, 2018
    Date of Patent: June 16, 2020
    Assignee: Honeywell International Inc.
    Inventor: Seth G. Carpenter
  • Patent number: 10686966
    Abstract: Displaying an authentication interface on an operation panel associated with a printing device, the operation panel including a plurality of authentication areas. Receiving a user authentication request. Detecting a particular authentication pattern associated with the user authentication request. Retrieving a registered authentication pattern associated with the user. Comparing the particular authentication pattern with the registered authentication pattern. Determining, based on the comparing, whether the user authentication request is authorized. If the user authentication request is authorized, retrieving a first electronic document associated with the user, and printing the first electronic document.
    Type: Grant
    Filed: June 13, 2019
    Date of Patent: June 16, 2020
    Assignee: KYOCERA Document Solutions, Inc.
    Inventor: Arturo Becerra
  • Patent number: RE48707
    Abstract: A system for a secure display module includes a display element array, a driver controller, a communication interface, a host controller and a cryptographic engine. The display element array includes one or more segments, and the driver outputs are configured to drive the one or more segments, respectively. The host controller is configured to send commands and data to the driver controller via the communication interface and the cryptographic engine is configured to encrypt communication data between the display element array and the host controller.
    Type: Grant
    Filed: April 24, 2019
    Date of Patent: August 24, 2021
    Assignee: BBPOS LIMITED
    Inventors: Chi Wah Lo, Hwai Sian Tsai