Credential Management Patents (Class 726/18)
  • Patent number: 10482236
    Abstract: Exemplary embodiments relate to the secure storage of security questions through an immutable log, such as a blockchain. The security questions may be stored in a centralized location, accessible from an application or browser tab running on the user's device. When a security question is required, such as to perform a password reset on a website, the website may interact with the application or browser tab, which retrieves the question(s) from the blockchain. The user may enter their answers to the question(s), which may be hashed by the application or tab. The hashed answers may be entered into the original requesting website, which may verify with the blockchain that the correct answers have been provided. Thus, the requesting website sees neither the questions nor the answers. Additional security features may include logging requests for questions, so that a user can determine if a security question may have been compromised.
    Type: Grant
    Filed: March 6, 2019
    Date of Patent: November 19, 2019
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Vincent Pham, Austin Grant Walters, Jeremy Edward Goodsitt, Fardin Abdi Taghi Abad, Anh Truong, Kate Key, Kenneth Taylor
  • Patent number: 10462149
    Abstract: A system comprises a policy storage separately located relative to the user device, the policy database arranged to store information indicative of at least one usage policy set applicable to at least one respective user device. The system is arranged to store user device identification information for each user device associated with the system, the user device identification information being indicative of and unique to a user device associated with the system and being stored separately relative to the user device. The system is also arranged to associate a usage policy set with a user device using the device identification information unique to the user device. The system is also arranged to determine a usage request from a user device and to allow or deny the usage request based on the at least one usage policy set associated with the user device.
    Type: Grant
    Filed: October 5, 2016
    Date of Patent: October 29, 2019
    Assignee: Family Zone Cyber Safety Ltd
    Inventors: Benjamin Shaun Dixon Trigger, Timothy David Levy, Paul Russell Robinson
  • Patent number: 10446153
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for obtaining, for each of multiple words or sub-words, audio data corresponding to multiple users speaking the word or sub-word; training, for each of the multiple words or sub-words, a pre-computed hotword model for the word or sub-word based on the audio data for the word or sub-word; receiving a candidate hotword from a computing device; identifying one or more pre-computed hotword models that correspond to the candidate hotword; and providing the identified, pre-computed hotword models to the computing device.
    Type: Grant
    Filed: December 11, 2018
    Date of Patent: October 15, 2019
    Assignee: Google LLC
    Inventor: Matthew Sharifi
  • Patent number: 10419435
    Abstract: A system using mobile devices and a network provides access authentication, authorization and accounting to computing resources using a two-person access rule solution approach. A central access control server coordinates a rule-based authorization process in which a requesting user and one or more authorizing users are engaged in real-time communications to facilitate approved access to a sensitive resource. The technique utilizes mobile cellular interfaces and location service technologies, while also providing traditional security control measures of voice and visual verification of user identities.
    Type: Grant
    Filed: February 24, 2017
    Date of Patent: September 17, 2019
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventor: Michael R. Horton
  • Patent number: 10417408
    Abstract: Systems, methods, and computer program products are disclosed for authenticating access to a user device using tactile-based feedback provided to a user of the device. A user device may include a display layer and a tactile layer. The user device may be configured to selectively activate portions of the tactile layer to cause opposing regions of a surface of the display layer to become raised relative to other regions of the display surface. A user may be required to specify a sequence of directional movements corresponding to a correct passcode pattern by traversing a path along the raised regions. The particular arrangement of raised regions may change each time access to the user device is requested by activating different portions of the tactile layer, thereby giving the appearance to a third party that a different passcode pattern is being entered each time, and thus, minimizing likelihood of unauthorized passcode detection.
    Type: Grant
    Filed: March 10, 2017
    Date of Patent: September 17, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Christopher J. Hardee, Steven R. Joroff, Pamela A. Nesbitt, Scott E. Schneider
  • Patent number: 10395016
    Abstract: For communication pattern recognition, an apparatus is disclosed. The apparatus includes a baseline analysis module that samples predefined sources associated with a user and generates a baseline fingerprint for the user. The apparatus includes an active analysis module that re-samples the predefined sources associated with the user after a predefined time interval and generates an active fingerprint for the user. The apparatus includes a verification module that compares the active fingerprint to the baseline fingerprint and determines whether the active fingerprint closely matches the baseline fingerprint. If the active fingerprint closely matches the baseline fingerprint, then the verification module replaces the baseline fingerprint with the active fingerprint. If the active fingerprint does not match the baseline fingerprint, then the verification module performs a predefined action to rectify differences between the baseline fingerprint and the active fingerprint.
    Type: Grant
    Filed: January 24, 2017
    Date of Patent: August 27, 2019
    Assignee: International Business Machines Corporation
    Inventors: Timothy J. Baldwin, Andrew Johnson, Peter J. Johnson, Ben Sasson, Fenglian Xu
  • Patent number: 10382620
    Abstract: A first mobile device may receive user-input data for generation of an electronic message. The electronic message may be generated as the user-input data is received. The first mobile device may identify sensitive information, within the electronic message. The first mobile device may secure the sensitive information. The first mobile device may disable a screen capture function of the first mobile device. The first mobile device may send the electronic message to a second mobile device. The sending of the electronic message to the second mobile device may include the sending of the secured sensitive information.
    Type: Grant
    Filed: August 3, 2018
    Date of Patent: August 13, 2019
    Assignee: International Business Machines Corporation
    Inventors: Corville O. Allen, Shikhar Kwatra, Andrew R. Freed, Joseph Kozhaya
  • Patent number: 10348816
    Abstract: A method and apparatus for facilitating access to a plurality of resources is provided. A message that includes a context resource identifier is received at a proxy server from a client through a gateway in communication with both the client and the proxy server. Access to a resource associated with an interface that is referenced by the context resource identifier is controlled by the proxy server using a profile that is dynamically built for a user of the client based on a plurality of resource profiles received from a plurality of interfaces in communication with the proxy server.
    Type: Grant
    Filed: October 14, 2015
    Date of Patent: July 9, 2019
    Assignee: ADP, LLC
    Inventors: Jigesh Saheba, Roberto A. Masiero, Isabel Espina Carvajal
  • Patent number: 10331337
    Abstract: In one embodiment, the invention can be a touch input device capable of unlocking a passcode accordance with a touch pressure. The device can include a touch screen which displays a passcode input window; a controller which generates a first control signal as to whether or not a touch on the passcode input window matches a predetermined passcode; and a memory which stores the predetermined passcode. The passcode input window can include a plurality of nodes which are disposed in different positions. The number of touched nodes among the plurality of nodes, the order of the touched nodes among the plurality of nodes, and a pressure level of the touch on each of the touched nodes among the plurality of nodes can be set as the predetermined passcode. Further, the pressure level of the touch can be classified into at least two levels.
    Type: Grant
    Filed: April 11, 2017
    Date of Patent: June 25, 2019
    Assignee: HiDeep Inc.
    Inventors: Yunjoung Kim, Seyeob Kim, Hyongsub Yun, Sangsic Yoon, Bonkee Kim, Hojun Moon, Taehoon Kim, Sunyoung Kwon
  • Patent number: 10325086
    Abstract: A computing device with a graphical authentication interface in which the device displays a base image and authenticates a user when a pre-selected element in a secondary image overlying the base image is aligned with a pre-selected element in the base image.
    Type: Grant
    Filed: June 15, 2010
    Date of Patent: June 18, 2019
    Assignee: BlackBerry Limited
    Inventor: Martin Philip Riddiford
  • Patent number: 10303577
    Abstract: The present disclosure relates to a method, a device and a storage medium for determining a health state of an information system. At first, a baseline configuration document corresponding to the information system is received, and data records under inspection of the information system are acquired. The baseline configuration document defines baselines. Then, each of the data records under inspection is compared with at least one baseline defined in the baseline configuration document to obtain a comparing result between each of the data records under inspection and the at least one baseline. At last, the health state of the information system is determined according to the comparing result between each of the data records under inspection and the at least one baseline. A health-determining apparatus relative to the above-mentioned method is also provided.
    Type: Grant
    Filed: June 22, 2018
    Date of Patent: May 28, 2019
    Assignee: Tencent Technology (Shenzhen) Company Limited
    Inventors: Bin Zhou, Dong Shan Xu, Shan Yang Fu
  • Patent number: 10257198
    Abstract: A system is provided wherein a network control access device that is already in a network, called a Gatekeeper, generates a random short password in the form of a series of audio or visual cues that are visible to the user of a joining device. The joining device can be a simple one button device, or even a no-button device that is part of the internet of things (IOT) standard. The response to each cue can be entered by the user on a single-button joining device. For a no-button joining device, an alternate input method may be utilized on the joining device in response to the audio and visual cues. Alternatively, a password can be generated by the no-button joining device and be entered by the user one bit at-a-time directly onto the Gatekeeper keypad. Once the password is received, the Gatekeeper performs a password verification procedure.
    Type: Grant
    Filed: September 12, 2016
    Date of Patent: April 9, 2019
    Assignee: ARRIS Enterprises LLC
    Inventor: Alexander Medvinsky
  • Patent number: 10230752
    Abstract: The disclosure is directed towards systems and methods for improving security in a computer network. The system can include a planner and a plurality of controllers. The controllers can be deployed within each zone of the production network. Each controller can be configured to assume the role of an attacker or a target for malicious network traffic. Simulations of malicious behavior can be performed by the controllers within the production network, and can therefore account for the complexities of the production network, such as stateful connections through switches, routers, and other intermediary devices. In some implementations, the planner can analyze data received from the controllers to provide a holistic analysis of the overall security posture of the production network.
    Type: Grant
    Filed: February 24, 2017
    Date of Patent: March 12, 2019
    Assignee: VERODIN, INC.
    Inventors: Christopher B. Key, Paul E. Holzberger, Jr.
  • Patent number: 10211981
    Abstract: Disclosed herein is a method for generating a high entropy password using a low entropy password and low-entropy login data comprising supplying the low entropy password to a system comprising a generating client and/or a recovery client; and at least n servers; submitting request data derived, at least in part, from the user's low entropy password, where the request data includes authentication data; engaging in a distributed protocol with at least t servers to generate high-entropy values based on stored cryptographic information and a set of authentication information stored on the at least n servers which is checked against the authentication data provided by the user and/or the generating client and/or a recovery client; and generating the high entropy password.
    Type: Grant
    Filed: November 16, 2017
    Date of Patent: February 19, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jan L. Camenisch, Franz-Stefan Preiss, Kai Samelin, Dieter M. Sommer
  • Patent number: 10198963
    Abstract: A secured computerized social networking system for pupils including a mail server operative to interface with a secured parent environment; and a secured pupil environment, the system comprising a computerized environment secured to prevent access thereto, other than by end-users who have passed a what-you-know authentication test; a what-you-know testing functionality; and a graphic what-you-know test-configuring functionality, the system being operative to perform a plurality of selectable system-actions responsive to user input, the system being accessible to non-literate users via a touch screen defining a plurality of touch screen locations respectively corresponding to the plurality of selectable system-actions, the touch screen being operative to detect and distinguish between first and second gestures, the system comprising: a processor-controlled touch-triggered actor; and a processor-controlled touch-triggered oral presenter.
    Type: Grant
    Filed: December 11, 2017
    Date of Patent: February 5, 2019
    Assignee: GOOGALE (2009) LTD.
    Inventors: Nir Michalowitz, Michal Peled Rosenvald
  • Patent number: 10182067
    Abstract: The present disclosure relates to a method, a device and a storage medium for determining a health state of an information system. At first, a baseline configuration document corresponding to the information system is received, and data records under inspection of the information system are acquired. The baseline configuration document defines baselines. Then, each of the data records under inspection is compared with at least one baseline defined in the baseline configuration document to obtain a comparing result between each of the data records under inspection and the at least one baseline. At last, the health state of the information system is determined according to the comparing result between each of the data records under inspection and the at least one baseline. A health-determining apparatus relative to the above-mentioned method is also provided. Therefore, by these method and apparatus, the health state of the information system is quantifiable.
    Type: Grant
    Filed: January 7, 2015
    Date of Patent: January 15, 2019
    Assignee: Tencent Technology (Shenzhen) Company Limited
    Inventors: Bin Zhou, Dong Shan Xu, Shan Yang Fu
  • Patent number: 10176318
    Abstract: Techniques for maintaining and updating authentication information for a plurality of accounts may be provided. In an example a first set of authentication information for the plurality of accounts may be maintained. A second set of authentication information that has been marked as potentially compromised may be received. A third set of authentication information may be generated based on the overlap between the first set of authentication information and the second set of authentication information. The first set of authentication information may be updated based at least in part on one or more security authentication protocols and the third set of authentication information.
    Type: Grant
    Filed: October 27, 2017
    Date of Patent: January 8, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: David James Kane-Parry, Darren Ernest Canavor, Jesper Mikael Johansson
  • Patent number: 10162948
    Abstract: An authentication system in accordance with an example includes an image capture device to scan an object. The authentication system also includes an authentication module to identify imperfections in the object based on the scan, to generate model data based on the identified imperfections, and to authenticate the user based on a comparison of currently identified imperfections to the model data.
    Type: Grant
    Filed: December 6, 2013
    Date of Patent: December 25, 2018
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Valentin Popescu, James Robert Waldron
  • Patent number: 10164969
    Abstract: A computer security system comprises a security module adapted to control access to a secure computer resource by a user via a client based on verification of a security credential provided by the user. The computer security system also comprises verification data disposed on the client and accessible by the security module. The security module is adapted to enable the user to recover the security credential based on a response received from the user associated with the verification data.
    Type: Grant
    Filed: January 11, 2017
    Date of Patent: December 25, 2018
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Valuiddin Ali, Manuel Novoa, Matthew J. Wagner
  • Patent number: 10120989
    Abstract: A process including: displaying icons used for password entry into an electronic system, in such a way that a hand movement associated with entry of the password into the system is randomized.
    Type: Grant
    Filed: June 4, 2014
    Date of Patent: November 6, 2018
    Assignee: NOWWW.US Pty. Ltd.
    Inventor: Mark Rodney Anson
  • Patent number: 10120995
    Abstract: A device unlock pattern (“pattern password”) is static in that the same pattern is entered each time to unlock a device. Due to this repetition, a pattern password may be discovered by an application that captures touchscreen gestures, by inspection of fingerprints or smudges on a screen, or simply by an onlooker that views the pattern password being entered. A variable hint pattern can be used to impede discovery. A hint pattern is a sub-pattern (“hint”) of the pattern password to be completed for device unlock. A variable hint pattern can impede discovery by changing the sub-pattern at a defined change threshold related to unlock attempts. The device can randomly change the sub-pattern or randomly change the missing portions of the pattern password at each change threshold. As a result, different inputs complete the pattern password. This variance stymies the methods typically used to discover pattern passwords.
    Type: Grant
    Filed: December 22, 2015
    Date of Patent: November 6, 2018
    Assignee: CA, Inc.
    Inventors: Yashwant Ramkishan Sawant, Mohammed Mujeeb Kaladgi, Ruqiya Nikhat Kaladgi, Junaid Ahmed Jameel, Jameel Ahmed Kaladgi
  • Patent number: 10097994
    Abstract: Techniques for resetting authentication for touch-enabled devices are presented. When a user authenticates to a mobile device a touch profile (TP) is recorded. Each subsequent time the user unlocks a locked mobile device via touch, a new TP is noted. The new TP is compared to the recorded TP and if the deviation is within an acceptable tolerance, the user is permitted access to the mobile device without re-authentication. When the new TP is not within the acceptable tolerance of the recorded TP, the user is forced to re-authenticate before access is granted to the mobile device.
    Type: Grant
    Filed: March 14, 2016
    Date of Patent: October 9, 2018
    Assignee: NetIQ Corporation
    Inventors: Lloyd Leon Burch, Michael F. Angelo, Baha Masoud
  • Patent number: 10032015
    Abstract: The invention discloses a password input method based on a two-stage conversion. The method specifically includes providing password symbols and randomly providing password-proxy symbols, and building a two-sage association between the password symbols and the password-proxy symbols.
    Type: Grant
    Filed: August 7, 2017
    Date of Patent: July 24, 2018
    Inventor: Yongpeng Sang
  • Patent number: 10013546
    Abstract: A computer-implemented method of authenticating a user with a computing device is disclosed. The method involves displaying a grid of selectable visually-distinguishable graphical elements on a device display, receiving from a user of the device a drawn pattern across the selectable graphical elements, comparing the received drawn pattern to information representing a stored authentication pattern for the user, and unlocking access to functions on the device if the received drawn pattern substantially matches the stored authentication pattern.
    Type: Grant
    Filed: October 28, 2014
    Date of Patent: July 3, 2018
    Assignee: Google LLC
    Inventors: Daniel Johansson, Tobias Arréhn, Simon M. Thorsander, Erick Tseng
  • Patent number: 9971920
    Abstract: This specification describes technologies relating to biometric authentication based on images of the eye. In general, one aspect of the subject matter described in this specification can be embodied in methods that include obtaining images of a subject including a view of an eye. The methods may further include determining a behavioral metric based on detected movement of the eye as the eye appears in a plurality of the images, determining a spatial metric based on a distance from a sensor to a landmark that appears in a plurality of the images each having a different respective focus distance, and determining a reflectance metric based on detected changes in surface glare or specular reflection patterns on a surface of the eye. The methods may further include determining a score based on the behavioral, spatial, and reflectance metrics and rejecting or accepting the one or more images based on the score.
    Type: Grant
    Filed: July 2, 2015
    Date of Patent: May 15, 2018
    Assignee: EyeVerify LLC
    Inventors: Reza R. Derakhshani, Casey Hughlett, Jeremy Paben, Joel Teply, Toby Rush
  • Patent number: 9965761
    Abstract: Described are apparatus and methods for providing secure identification, payment processing and/or signing using a gesture-based input device without biometrics.
    Type: Grant
    Filed: January 7, 2015
    Date of Patent: May 8, 2018
    Assignee: NOD, INC.
    Inventors: Anusankar Elangovan, Subash R. Patel
  • Patent number: 9922188
    Abstract: Embodiments described herein relate to a device operable to process input for a picture password for proof of knowledge. In some embodiments, the device includes a display, an input subsystem, processor(s), and memory containing instructions executable by the processor(s) such that the device is operative to display, on the display of the device, an image for the picture password proof of knowledge. The image is associated with an overlaid grid comprising a plurality of elements, and each element corresponds to a distinct area of the image. The device is further operative to, determine an offset to be used and, in response to receiving an input via the input subsystem at a first location of the display, highlight an element of the overlaid grid at a second location on the first image on the display. The second location is offset from the first location by the offset.
    Type: Grant
    Filed: January 18, 2017
    Date of Patent: March 20, 2018
    Assignee: Antique Books, Inc.
    Inventors: Robert H. Thibadeau, Sr., Justin D. Donnell, Robert Thibadeau, Jr.
  • Patent number: 9881148
    Abstract: The present invention is to enable a user to input authentication information without burden, such that the user only has to memorize part of the authentication information even when inputting lengthy authentication information in order to ensure high-level security. When an operation of inputting and arranging authentication information in an information arrangement region is performed in a state where an arrangement status of a specified portion in the information arrangement region is set in advance as partial-authentication reference information in a reference authentication information memory, a CPU detects an arrangement status of the specified portion from an overall arrangement status in the information arrangement region, and performs, as partial authentication, processing of matching the detected arrangement status of the specified portion and the arrangement status of the specified portion set as the partial-authentication reference information.
    Type: Grant
    Filed: December 8, 2015
    Date of Patent: January 30, 2018
    Assignee: CASIO COMPUTER CO., LTD.
    Inventor: Shinichi Hagiwara
  • Patent number: 9858406
    Abstract: An authenticity accuracy, corresponding to a personal identification number, is determined. A device presents a correct image (or group of images) and an incorrect image (or group of images). Selections from a user are received until a sufficient number of correct images are selected to satisfy the authenticity accuracy. For example, a counter may be incremented when the correct image is selected, and the user may be considered to be authenticated if the counter reaches a sufficient level.
    Type: Grant
    Filed: March 24, 2015
    Date of Patent: January 2, 2018
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Jeffrey M. Getchius, Guy Getchius
  • Patent number: 9807090
    Abstract: According to one embodiment, a person authentication method includes obtaining, from a medium carried by a person who passes through a first position, first information indicating the gender and the age of the person; performing a first authentication operation with respect to a person whose face image is included in a first image obtained by capturing a person passing through the first position; and setting, as the first authentication operation, an authentication operation to be performed using the face image of a person having the gender and the age specified in the first information.
    Type: Grant
    Filed: March 10, 2016
    Date of Patent: October 31, 2017
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Hiroo Saito, Hiroshi Sukegawa
  • Patent number: 9779225
    Abstract: A method of providing access to secure features of a device includes detecting motion of a secured device during entry of first access credentials on the secured device, storing first motion data in association with the first access credentials, the first motion data indicating a pattern of the detected motion, and granting access to a secured feature of the secured device when a user enters user access credentials matching the first access credentials accompanied by detected motion that produces user motion data matching the first motion data to a degree within a defined valid data range of the first motion data.
    Type: Grant
    Filed: April 8, 2015
    Date of Patent: October 3, 2017
    Assignee: Google Inc.
    Inventors: J. Eric Mason, Kenneth Louis Herman, Yash Modi
  • Patent number: 9756218
    Abstract: A user detecting unit detects a mobile identification device in a communicable range of a wireless communication device, and determines a user in association with the detected mobile identification device and determines user authority of the user among general user authority and administrator user authority. The general user authority is prohibited from using a specific function allowed to the administrator user authority. The login processing unit performs a login process based on the detected user authority for the user. If the mobile identification device with the administrator user authority is detected after the login process based on the general user authority and a distance is less than a predetermined value between the detected mobile identification devices with the general user authority and the administrator user authority, then the authority changing unit changes the user authority of the user from the general user authority to the administrator user authority.
    Type: Grant
    Filed: September 29, 2016
    Date of Patent: September 5, 2017
    Assignee: Kyocera Document Solutions, Inc.
    Inventor: Takushi Dandoko
  • Patent number: 9721090
    Abstract: A system and method of efficiently inspecting content is provided. Embodiments of the invention may inspect files accessed by an application prior to an activation of the application. Selective inspection of files accessed by an application may be based on a previous inspection. Inspection of files accessed by an application may be postponed or performed concurrently with the access. A prioritized queue may include references to files, a priority may be related to a risk level and an inspection order may be according to a risk level.
    Type: Grant
    Filed: April 27, 2011
    Date of Patent: August 1, 2017
    Assignee: Safend Ltd.
    Inventors: Pavel Berengoltz, Leonid Dorrendorf, Adam Carmi, Ofer Diamant
  • Patent number: 9720513
    Abstract: Provided are an apparatus and method for inputting a character The apparatus includes a recognition unit configured to measure lengths from arbitrary points on a user's hands to respective fingertips and recognize a click gesture using the measured lengths, a control unit configured to control character input according to the recognized click gesture, and a display unit configured to display a character pad for the character input and display a character input according to the click gesture recognized on the character pad.
    Type: Grant
    Filed: July 20, 2015
    Date of Patent: August 1, 2017
    Assignee: Korea Electronics Technology Institute
    Inventors: Yang Keun Ahn, Kwang Mo Jung
  • Patent number: 9716706
    Abstract: The present invention relates to an application that is configured to provide secure access to confidential information. To protect the confidential information, the application may include functions that utilize a decoy application to disguise the functionality of the application. A unique sequence of inputs received through an interface associated with the decoy application may permit a user to access the confidential information. An authorized user that has been provided access to the confidential information may access configuration interfaces that permit the user to define the inputs that will serve as login credentials and to customize the appearance and functionality of the decoy application.
    Type: Grant
    Filed: December 29, 2016
    Date of Patent: July 25, 2017
    Inventor: Joseph Fitzgerald
  • Patent number: 9705878
    Abstract: A method of operating a server comprises receiving an authorization request comprising a password, accessing an expiry date for the password, transmitting a response comprising the expiry date, ascertaining whether the password has expired, and receiving a new password, if the password has expired. Optionally, the transmitted response further comprises a date representing the last use of the password and/or an integer value representing a retry parameter.
    Type: Grant
    Filed: April 1, 2009
    Date of Patent: July 11, 2017
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventor: Peter E. Havercan
  • Patent number: 9701280
    Abstract: A mobile communication system that includes a vehicle and a mobile device is provided. The method pertains to revoking communication control privileges of the mobile device previously authorized to control the vehicle. The method includes the steps of receiving a revocation request at the vehicle via a user interface device, the revocation request including a request to revoke the communication control privileges of the previously authorized mobile device, wherein the control privileges includes a capacity to remotely command at least one of a plurality of vehicle functions; and based on the revocation request, revoking at the vehicle the communication control privileges of the previously authorized mobile device.
    Type: Grant
    Filed: April 3, 2015
    Date of Patent: July 11, 2017
    Assignee: GM Global Technology Operations LLC
    Inventors: Jennifer J. Schussmann, Karl B. Leboeuf, Lynn Saxton, Alessandro Testa
  • Patent number: 9674177
    Abstract: A personal computing device, server or other type of processing device authenticates a user attempting to access a protected resource by verifying user knowledge of one or more extracted characteristics of stored information indicative of an internal operating state of that resource. The one or more extracted characteristics are characteristics that would likely be known to the user if that user had made one or more previous authenticated accesses to the protected resource. For example, the extracted characteristics may be indicative of a manner in which the user had utilized the protected resource during the one or more previous authenticated accesses to the protected resource. The processing device receives input from the user regarding the one or more extracted characteristics, and grants or denies access to the protected resource based at least in part on the input received from the user.
    Type: Grant
    Filed: December 12, 2008
    Date of Patent: June 6, 2017
    Assignee: EMC IP Holding Company LLC
    Inventor: Magnus Nyström
  • Patent number: 9659171
    Abstract: In accordance with embodiments of the present disclosure, a method may include storing a system fingerprint of an information handling system, the system fingerprint comprising information associated with one or more information handling resources of the information handling system recorded during creation of the system fingerprint including information regarding a security seed, wherein the security seed comprises a value stored at a location of a non-transitory computer readable medium integral to an information handling resource of the one or more information handling resources. The method may also include during a verification mode, based on the information in the system fingerprint, determining whether potential tampering of the information handling system has occurred, and if potential tampering has occurred, issuing an alert indicating potential tampering with the information handling system.
    Type: Grant
    Filed: August 21, 2015
    Date of Patent: May 23, 2017
    Assignee: Dell Producrs L.P.
    Inventors: Lisa B. Treweek, Christopher C. Dumas, Alaric J. N. Silveira
  • Patent number: 9660982
    Abstract: Disclosed are various embodiments for management functions relating to security credentials. Account data, which includes multiple security credentials for multiple network sites for a user, is stored in an encrypted form. A request to temporarily change the account data is obtained from a client. The request specifies a master security credential for accessing the account data. In response to the request, the multiple security credentials for the account data are changed to a single temporary security credential, as specified by a user. After an expiration period expires, the multiple security credentials are automatically reset to a plurality of different security credentials.
    Type: Grant
    Filed: August 17, 2016
    Date of Patent: May 23, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Daniel W. Hitchcock, Brad Lee Campbell
  • Patent number: 9632603
    Abstract: A method and apparatus for password entry, the method comprising: displaying a password inputting keyboard on a display, the keyboard including a character carrier and a position carrier, the character carrier and the position carrier are capable of relative movement between each other so that when the position of a character in the character carrier is corresponding to a position mark on the position carrier, the position of at least one other character in the character carrier is corresponding to at least one other position mark in the position carrier; in response to a user causing relative movement between the character carrier and the position carrier, aligning a character in the character carrier with a position mark in the position carrier; and in response to a lapse of a predetermined time, recording the character and its input order and changing the layout of the password inputting keyboard.
    Type: Grant
    Filed: August 21, 2015
    Date of Patent: April 25, 2017
    Assignee: International Business Machines Corporation
    Inventors: Wu Song Fang, Su Liu, Jun Su, Cheng Xu, Quan Wen Zhang
  • Patent number: 9626395
    Abstract: A document management apparatus includes a reception unit, an operation information extraction unit, a memory, an executability determination unit, and an operation execution unit. The reception unit receives an operation request for an electronic document from an operator. The operation information extraction unit extracts operation information related to the operation request. The memory stores operation history information which is an accumulation of previous operation information which is operation information related to previous operation requests previously made for electronic documents. The executability determination unit reads the operation history information from the memory to determine whether or not an operation pertaining to the operation request is executable on the basis of the operation information and the operation history information.
    Type: Grant
    Filed: June 20, 2014
    Date of Patent: April 18, 2017
    Assignee: FUJI XEROX CO., LTD.
    Inventor: Mai Suzuki
  • Patent number: 9628465
    Abstract: Methods and systems are described for state driven orchestration of authentication components to access a resource protected by an access manager framework. In response to a client request for a protected resource, relevant authentication components and their respective order are determined. Upon successful authentication of the first authentication component, proper state information of the authentication process is stored by the client indicating the next authentication component. In response to a request for additional credential information for the authentication process from the next authentication component, the client provides the stored state information so that the authentication process continues with the second authentication component according to the determined order of the authentication components within an authentication process.
    Type: Grant
    Filed: June 29, 2015
    Date of Patent: April 18, 2017
    Assignee: Oracle International Corporation
    Inventors: Aarathi Balakrishnan, Ramya Kukkehali Subramanya, Deepak Ramakrishnan
  • Patent number: 9613201
    Abstract: A technique provides access control on a mobile device (e.g., a smart phone, a tablet, etc.). The technique involves displaying an image on a touch screen of the mobile device. The technique further involves, while the image is displayed on the touch screen, receiving user input from a user. The user input includes user gestures applied to the touch screen over the displayed image. The technique further involves performing an access control operation which provides an access control result based on the user input, the access control result (i) providing access to a set of protected resources when the user input matches expected input and (ii) denying access to the set of protected resources when the user input does not match the expected input.
    Type: Grant
    Filed: September 30, 2013
    Date of Patent: April 4, 2017
    Assignee: EMC IP Holding Company LLC
    Inventors: Yedidya Dotan, Lawrence N. Friedman, Gareth Richards, Daniel V. Bailey
  • Patent number: 9600077
    Abstract: The present invention provides an image display device comprising: a sensing unit for sensing an input gesture of a user; a display unit for outputting visual information among the executed data of an application when the application is executed; a collection unit for collecting control gesture information included in the executed data; and a control unit for executing an event of the application which is included in the executed data and corresponds to the control gesture information if the control gesture information and the input gesture sensed by the sensing unit are matching while the application is executed.
    Type: Grant
    Filed: October 23, 2013
    Date of Patent: March 21, 2017
    Assignee: LG ELECTRONICS INC.
    Inventors: Soonbo Han, Hyojin Song, Sangjo Park, Dongyoung Lee
  • Patent number: 9596231
    Abstract: Systems and methods for generating secure passwords, personal identification numbers (PINs), and other user credentials using touch-aware devices are described. In some cases, an end user of a computing device may use a touch-sensitive interface (e.g., a touchscreen) to indirectly enter user credentials for accessing protected information or a protected computing resource using the computing device. The end user may indirectly enter the user credentials by entering information that is different from the actual user credentials. In one example, the touch-sensitive interface may display a plurality of numbers and paths connecting the plurality of numbers and the end user of the computing device may select a sequence of numbers of the plurality of numbers using a touch gesture. The computing device may generate a user credential different from the sequence of numbers using the sequence of numbers selected by the end user.
    Type: Grant
    Filed: August 21, 2015
    Date of Patent: March 14, 2017
    Assignee: CA, INC.
    Inventors: Vikrant Nandakumar, Naveen Harry Michael, Hemanth Pinninti, Vardhineedi Satyanarayana Murthy
  • Patent number: 9589001
    Abstract: A document management apparatus includes a reception unit, an operation information extraction unit, a memory, an executability determination unit, and an operation execution unit. The reception unit receives an operation request for an electronic document from an operator. The operation information extraction unit extracts operation information related to the operation request. The memory stores operation history information which is an accumulation of previous operation information which is operation information related to previous operation requests previously made for electronic documents. The executability determination unit reads the operation history information from the memory to determine whether or not an operation pertaining to the operation request is executable on the basis of the operation information and the operation history information.
    Type: Grant
    Filed: June 20, 2014
    Date of Patent: March 7, 2017
    Assignee: FUJI XEROX CO., LTD.
    Inventor: Mai Suzuki
  • Patent number: 9571487
    Abstract: The present invention relates to an application that is configured to provide secure access to confidential information. To protect the confidential information, the application may include functions that utilize a decoy application to disguise the functionality of the application. A unique sequence of inputs received through an interface associated with the decoy application may permit a user to access the confidential information. An authorized user that has been provided access to the confidential information may access configuration interfaces that permit the user to define the inputs that will serve as login credentials and to customize the appearance and functionality of the decoy application.
    Type: Grant
    Filed: February 3, 2016
    Date of Patent: February 14, 2017
    Inventor: Joseph Fitzgerald
  • Patent number: 9565020
    Abstract: Disclosed herein is a method for generating a high entropy password using a low entropy password and low-entropy login data comprising supplying the low entropy password to a system comprising a generating client and/or a recovery client; and at least n servers; submitting request data derived, at least in part, from the user's low entropy password, where the request data includes authentication data; engaging in a distributed protocol with at least t servers to generate high-entropy values based on stored cryptographic information and a set of authentication information stored on the at least n servers which is checked against the authentication data provided by the user and/or the generating client and/or a recovery client; and generating the high entropy password.
    Type: Grant
    Filed: February 2, 2016
    Date of Patent: February 7, 2017
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jan L. Camenisch, Franz-Stefan Preiss, Kai Samelin, Dieter M. Sommer
  • Patent number: RE47518
    Abstract: Image based login procedures for computer systems include: (a) displaying a first image on a computer screen; (b) receiving user input indicating a portion of the first image; (c) determining if the user input corresponds to a first acceptable user input for user authentication; and (d) proceeding with the authentication procedure when this user input corresponds to the first acceptable user input for user authentication. Additionally or optionally, when proceeding with this authentication procedure, the systems and methods further may include: displaying a second image on the screen; receiving new user input indicating a portion of the second image; and determining if this new input corresponds to a second acceptable user input for user authentication.
    Type: Grant
    Filed: January 12, 2017
    Date of Patent: July 16, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Matthew E. Kowalczyk, Russell Humphries, Erik L. Holt