Access Control Or Authentication Patents (Class 726/2)
-
Patent number: 12200497Abstract: An embodiment includes a method to increase the efficiency of security checkpoint operations. A security checkpoint kiosk serves as a Relying Party System (RPS). The RPS establishes a secure local connection between the RPS and a User Mobile-Identification-Credential Device (UMD). The RPS sends a user information request to the UMD, via the secure local connection, seeking release of user information associated with a Mobile Identification Credential (MIC). The RPS obtains authentication of the user information received in response to the user information request. The RPS retrieves user travel information based on the user information. The RPS determines that the user travel information matches the user information. When the user travel information matches the user information, the RPS approves the user to proceed past the security checkpoint kiosk.Type: GrantFiled: January 4, 2024Date of Patent: January 14, 2025Assignee: Apple Inc.Inventors: Haya Iris Villanueva Gaviola, Gianpaolo Fasoli, Vinay Ganesh, Irene M. Graff, Martijn Theo Haring, Ahmer A. Khan, Franck Farian Rakotomalala, Gordon Y. Scott, Ho Cheung Chung, Antonio Allen, Mayura Dhananjaya Deshpande, Thomas John Miller, Christopher Sharp, David W. Silver, Policarpo B. Wood, Ka Yang
-
Patent number: 12197564Abstract: A computer stores, within a single user account, multiple supervised computing resources and multiple additional computing resources. The multiple supervised computing resources are associated with a security policy. The computer executes a first instance of a specified application that lacks read access and lacks write access to any and all of the multiple supervised computing resources. The computer executes, simultaneously with the first instance, a second instance of the specified application that accesses at least a portion of the multiple supervised computing resources. The computer applies rules from the security policy to the second instance of the specified application while foregoing applying the rules from the security policy to the first instance of the specified application.Type: GrantFiled: August 19, 2022Date of Patent: January 14, 2025Assignee: Venn Technology CorporationInventors: Aleksandr Osipov, Jacob Kazakevich, David Matalon, Alexander Chermyanin, Aleksandr Sedunov
-
Patent number: 12199966Abstract: The invention relates to an electronic device, and more particularly, to systems, devices and methods of authenticating the electronic device using a challenge-response process that is based on a physically unclonable function (PUF). The electronic device comprises a PUF element, a processor and a communication interface. The PUF element generates an input signal based on at least one PUF that has unique physical features affected by manufacturing variability. A challenge-response database, comprising a plurality of challenges and a plurality of corresponding responses, is set forth by the processor based on the PUF-based input and further provided to a trusted entity. During the trusted transaction, the processor generates a response in response to a challenge sent by the trusted entity based on the PUF-based input, and thereby, the trusted entity authenticates the electronic device by comparing the response with the challenge-response database.Type: GrantFiled: July 11, 2023Date of Patent: January 14, 2025Assignee: Maxim Integrated Products, Inc.Inventor: Christophe Tremlet
-
Patent number: 12189804Abstract: Systems and methods are provided herein for enabling a user to download a blocked asset. These systems and methods allow a user to request that a parent, or another user, can approve download of the blocked asset. The request may be transmitted as a notification to a mobile phone or another suitable device, such that the parent, or the other user, can approve the request, even though they may be remote from the requesting user. Both the requesting user and the user whose approval is required to unblock the media asset (i.e., the approver), are identified by the system based on an identifier associated with each user. This informs the approver which user submitted the request. Additionally, this also adds a layer of security, since the approver must enter an identifier to authenticate their identity to the system before being able to unblock the asset for the requesting user.Type: GrantFiled: December 21, 2022Date of Patent: January 7, 2025Assignee: Adeia Guides Inc.Inventor: Reda Harb
-
Patent number: 12177261Abstract: Zero trust and micro-segmentation techniques may be collectively used to enhance network security. To establish, refine, and enforce a zero-trust least-privileged policy, the network may be segmented to put each device of the network into a respective network of one, which forces all network traffic to pass through a zero-trust gatekeeper. The gatekeeper may then monitor and analyze the traffic to establish, refine, and enforce the zero-trust least-privileged policy, which reduces network access to only a limited set of network actions and/or paths. Using the gatekeeper, network traffic may be monitored to progressively establish the policy as well as to continually refine the policy. Recommended actions may be determined based on the analysis of the monitored network traffic and provided to the user to allow user feedback on the communication rules of zero-trust policy.Type: GrantFiled: March 28, 2024Date of Patent: December 24, 2024Assignee: ColorTokens Inc.Inventors: Harish Akali, Satyam Tyagi, Wyn Owen, Surya Kollimarla, Rajesh Khazanchi
-
Patent number: 12170902Abstract: A cyber security appliance can inoculate a fleet of network devices by analyzing each endpoint of a secure connection. The appliance can receive a hostname for a malicious web server. The appliance can generate an unencrypted target fingerprint based on sending a series of unencrypted connection protocol requests to the malicious web server and an encrypted target fingerprint based on sending a series of encrypted secure connection protocol requests to the malicious web server. The appliance can build a combined web server fingerprint for the malicious web server based on both the encrypted target fingerprint derived and the unencrypted target fingerprint. The appliance can determine a set of suspicious IP addresses based on the combined web server fingerprint for the malicious web server. The appliance can inoculate a fleet of network devices against a cyberattack using the IP addresses to preemptively alert the fleet of cyber-attack.Type: GrantFiled: January 7, 2022Date of Patent: December 17, 2024Assignee: Darktrace Holdings LimitedInventor: Carl Joseph Salji
-
Patent number: 12169833Abstract: Various aspects of the disclosure relate to automated compliance verification systems for authenticating and verifying compliance associated with electronic transactions. A compliance verification platform may be an intermediary between an application for managing and/or recording transactions and a transaction processing platform for processing a transaction. Based on successful compliance verification and authentication, the compliance verification platform may send notifications to the transaction processing platform to process a transaction requested via the application.Type: GrantFiled: July 7, 2021Date of Patent: December 17, 2024Assignee: Bank of America CorporationInventors: Jesse S. Newsom, III, Kevin A. Delson, Gilbert M. Gatchalian
-
Patent number: 12169557Abstract: Techniques described herein relate to a method for predicting results using ensemble models. The method may include receiving trained model data sets from a model source nodes, each trained model data set comprising a trained model, an important feature list, and a missing feature generator; receiving a prediction request data set; making a determination that the prediction request data set does not include an input feature for a trained model; generating, based on the determination and using a missing feature generator, a substitute feature to replace the input feature; executing the trained model using the prediction request data set and the substitute feature to obtain a first prediction; executing a second trained model using the prediction request data set to obtain a second prediction; and obtaining a final prediction using the first prediction, the second prediction, and an ensemble model.Type: GrantFiled: June 18, 2021Date of Patent: December 17, 2024Assignee: EMC IP HOLDING COMPANY LLCInventors: Shiri Gaber, Ohad Arnon, Dany Shapiro
-
Patent number: 12164610Abstract: Embodiments of the present invention provide a system for interconnection, translation, and transition between disparate digital ecosystems. The system is configured for determining that a user is requesting to access a first digital ecosystem, receiving a first authentication credentials of the user from the first digital ecosystem for verification, determining that the verification of the first authentication credentials is successful and provide access to the first digital ecosystem, determining that the user is requesting transition to a second digital ecosystem from the first digital ecosystem, receiving second authentication credentials of the user from the second digital ecosystem for verification, determining that the verification of the second authentication credentials is successful and provide access to the second digital ecosystem, and preparing and transmitting a data payload to the second digital ecosystem.Type: GrantFiled: July 26, 2022Date of Patent: December 10, 2024Assignee: BANK OF AMERICA CORPORATIONInventors: Puneetha Polasa, Saurabh Arora, Sandeep Kumar Chauhan, Bhagya Lakshmi Sudha Lavanya Mallidi
-
Patent number: 12160744Abstract: A user plane integrity protection method sending, by a user equipment (UE), user plane integrity protection information of the UE to a first base station, wherein the user plane integrity protection information indicates whether the UE supports a user plane integrity protection, and enabling the user plane integrity protection according to a user plane integrity protection algorithm when the UE supports the user plane integrity protection.Type: GrantFiled: January 5, 2021Date of Patent: December 3, 2024Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Xuwen Zhao, Li Hu
-
Patent number: 12149937Abstract: A method for extended authentication sessions on an electronic device may include an authentication service computer program executed by an authentication service electronic device: receiving a customer identifier for a customer and a unique identifier for a mobile electronic device; authenticating the customer based on the customer identifier and the unique identifier for the mobile electronic device; setting a device cookie that is specific to the mobile electronic device on the mobile electronic device; and providing the device cookie and a client secret to an OAuth services backend, wherein the OAuth services backend validates the customer identifier and client secret and generates a first token and a second token, the first token having an expiration that is shorter than that of the second token. The mobile electronic device is configured to receive and store the first token and the second token.Type: GrantFiled: May 19, 2022Date of Patent: November 19, 2024Assignee: JPMORGAN CHASE BANK, N.A.Inventors: Jasbir Banga, Ryan S Yoder, Mizan Miah, Muralidhar Somapalli, Neill Clayton-Smith, Reetu Bok, Sandeep Reddy Banala, Scott R Moser, Bipin More, Suresh Madhavan
-
Patent number: 12143394Abstract: Embodiments of the present disclosure provide methods, systems, apparatuses, and computer program products that enable client devices to install integrations of a third party application that supports variable host address identification.Type: GrantFiled: May 27, 2022Date of Patent: November 12, 2024Assignee: Salesforce, Inc.Inventors: Sachin Ranchod, Brian Stephen O'Neill, Amy Dong Shan, Steven Chen
-
Patent number: 12133091Abstract: A security system generates a digital signature for a small cell of a wireless network and assigns the digital signature to the small cell for connecting to the wireless network. The digital signature can be generated based on a connectivity schedule for the small cell. When the security system obtains a connection request from the small cell to connect to the wireless network, the security system compares an instance of the digital signature included in the connection request with an expected digital signature and compares the point in time when the connection request was communicated with an expected time indicated in the connectivity schedule. The security system detects an anomaly when the instance of the digital signature deviates from the expected digital signature or the point in time deviates from the expected time, and causes performance of an action based on a type or degree of the anomaly.Type: GrantFiled: May 8, 2023Date of Patent: October 29, 2024Assignee: T-Mobile USA, Inc.Inventors: Venson Shaw, Gaviphat Lekutai
-
Patent number: 12120757Abstract: An electronic device is provided. The electronic device identifies, in a state paired with a first external device providing content data, an occurrence of event for pairing with a second external device; releases the pairing with the first external device and performs the pairing with the second external device; sets up the electronic device as a primary device for pairing with the first external device; transmits information about the primary device to the first external device to perform the pairing with the first external device; and based on the content data received form the first external device, outputs content and transmits the content data to the second external device.Type: GrantFiled: June 14, 2021Date of Patent: October 15, 2024Assignee: SAMSUNG ELECTRONICS CO., LTD.Inventors: Jehwan Seo, Yongjin Kang, Geunsam Yang, Sanggi Oh, Hyungyong Lee
-
Patent number: 12107900Abstract: A solution is proposed for facilitating a maintenance of an access control system. A corresponding method comprises evaluating one or more trigger policies according to one or more policy parameters; the policy parameters of the trigger policies in part relate to risks of the access control system and/or to countermeasures for mitigating the risks. A revision of the access control system, comprising a corresponding mining activity, is triggered according to a result of the evaluation of the trigger policies. A computer program and a computer program product for performing the method are also proposed. Moreover, a system for implementing the method is proposed.Type: GrantFiled: March 16, 2021Date of Patent: October 1, 2024Assignee: International Business Machines CorporationInventors: Gianluca Gargaro, Raffaele Giulio Sperandeo, Luigi Lombardi, Davide Fazzone
-
Patent number: 12105841Abstract: Aspects of the technology described herein provide for controlled access to a secure computing resource. A first device may receive a child token from a second device having a parent token. The child token may grant the first device access to a subset of data accessible to the second device. Based on a degree of physical proximity between the first device and a third device associated with a user satisfying a threshold proximity, an indication of a user identifier for the user may be received from the third device. A request for access to a secure computing resource associated with the user may be sent to the second device. The request may include the indication of the user identifier and an indication of the secure computing resource. Access to the secure computing resource may be granted based on the child token and the indication of the identifier.Type: GrantFiled: March 1, 2023Date of Patent: October 1, 2024Assignee: Nike, Inc.Inventor: Justus Post
-
Patent number: 12093390Abstract: A method of operating a media scanner to protect a target machine from malware on a removable storage device is disclosed. The target machine and the removable storage device each include a respective data line, and the media scanner comprises a data switch. Data is scanned on the removable storage device with malware detection software of the media scanner via a first data path, the first data path comprising the data line of the removable storage device connected to the data line of the media scanner by the data switch in a first switching state. After the data has been scanned with the malware detection software, the data switch is operated to switch from the first switching state to a second switching state, thereby disconnecting the data line of the removable storage device from the data line of the media scanner and connecting the data line of the removable storage device to the data line of the target machine.Type: GrantFiled: October 5, 2020Date of Patent: September 17, 2024Assignees: AIRBUS OPERATIONS LIMITED, AIRBUS DEFENCE AND SPACE GmbHInventors: Hugh Soulsby, Adam Wedgbury, Kevin Ian Jones, Khan-Ferdous Wahid
-
Patent number: 12088591Abstract: Systems and method for verifying an identity of a user during interaction with a resource provider are disclosed. Embodiments enable using an authorization request message to inquire about an identity attribute (e.g. age) of a user during an interaction between the user and a resource provider. An authorizing entity (e.g. issuer) or a processing entity provides an answer to the inquiry within an authorization response message. The answer to the inquiry may establish whether the consumer meets a threshold (e.g. minimum age requirement).Type: GrantFiled: May 19, 2022Date of Patent: September 10, 2024Assignee: Visa International Service AssociationInventors: Prasanna Vanguri, Luba Goldberg, Jeffrey Moore, Alex Godshall, Neil Mumm
-
Patent number: 12079354Abstract: A computing device includes a high-security OS application, a low-security OS communication application, and a user interface application. The high-security OS application runs on a high-security operating system. The low-security OS communication application and the user interface application run on a low-security operating system whose security level is lower than the high-security operating system. A data communication between the high-security OS application and the low-security OS communication application is performed by an in-chip applications communication or a wired communication. Data transmitted from the high-security OS application to the low-security OS communication application is encrypted. The low-security OS communication application is configured to decrypt the encrypted data and control, based on the decrypted data, contents displayed on a display.Type: GrantFiled: December 28, 2021Date of Patent: September 3, 2024Assignee: DENSO CORPORATIONInventors: Kenichi Hamaguchi, Nobuhiko Tanibata
-
Patent number: 12081679Abstract: A computer-implemented method is for providing a digital certificate to a device. In an embodiment, the method is based on receiving, from the device, authentication data via a secure communication channel. Furthermore, the method is based on receiving, from the device, or determining, by the server, a first certificate identifier. In particular, the first certificate identifier is a hash value. Further aspects of the method are verifying the authentication data and receiving, from the device, a first public key created by the device. In an embodiment, the method is furthermore based on sending a first certificate signing request related to a first domain name based on the first public key to a certificate authority. Herein, the first domain name comprises the certificate identifier, and a domain related to the first domain name is controlled by the server. In particular, the first domain name is a wildcard domain.Type: GrantFiled: April 26, 2023Date of Patent: September 3, 2024Assignee: SIEMENS HEALTHINEERS AGInventors: Ivan Murphy, Michael Rommel, Martin Siegmund
-
Patent number: 12079341Abstract: In one embodiment, an apparatus comprises a processor to: receive a request to configure a secure execution environment for a first workload; configure a first set of secure execution enclaves for execution of the first workload, wherein the first set of secure execution enclaves is configured on a first set of processing resources, wherein the first set of processing resources comprises one or more central processing units and one or more accelerators; configure a first set of secure datapaths for communication among the first set of secure execution enclaves during execution of the first workload, wherein the first set of secure datapaths is configured over a first set of interconnect resources; configure the secure execution environment for the first workload, wherein the secure execution environment comprises the first set of secure execution enclaves and the first set of secure datapaths.Type: GrantFiled: June 22, 2021Date of Patent: September 3, 2024Assignee: Intel CorporationInventors: Kapil Sood, Ioannis T. Schoinas, Yu-Yuan Chen, Raghunandan Makaram, David J. Harriman, Baiju Patel, Ronald Perez, Matthew E. Hoekstra, Reshma Lal
-
Patent number: 12074852Abstract: Private network request forwarding can include receiving a request from a user for Internet services over a public network. Private network request forwarding can include analyzing the request and determining whether the request is legitimate. Private network request forwarding can include forwarding the request to an entity through a private network when it is determined that the request is legitimate, wherein the user has access to the entity through a proxy.Type: GrantFiled: June 17, 2022Date of Patent: August 27, 2024Assignee: United Services Automobile Association (USAA)Inventors: Donald E. Clemons, Jr., Christopher T. Wilkinson
-
Patent number: 12075239Abstract: Systems, methods, and instrumentalities are provided for vehicle to everything (V2X) service oriented link establishment. A first wireless transmit receive unit (WTRU) may broadcast a direct communication request message. The direct communication request message may include a first security context identifier (ID). The first WTRU may receive a direct security mode command message from a second WTRU. The direct security mode command message may include a second security context ID. The first may determine a third security context ID by combining the first security context ID and the second security context ID. The first WTRU may establish, using the third security context ID, a secure direct communication link with the second WTRU. The first WTRU may generate, based on the third security context ID, a security context entry for the secure direct communication link with the second WTRU.Type: GrantFiled: January 20, 2020Date of Patent: August 27, 2024Assignee: InterDigital Patent Holdings, Inc.Inventors: Michelle Perras, Saad Ahmad, Samir Ferdi, Khalid Anwar
-
Patent number: 12067111Abstract: A health ticket minting process operates in a secure enclave on a computing device to ensure liveness of the enclave should a maliciously-compromised operating system deny service to starve the enclave. Cryptographically-secured health tickets provided by the minting process reset an authenticated watchdog timer (AWDT) that reboots the device from a hardware-protected recovery operating system if the timer expires. The health tickets are written to a secure channel using a symmetric key that is provisioned by repurposing an existing Intel SGX (Software Guard Extension) Versioning Support protocol that enables migration of secrets between enclaves that have the same author. In the event that the enclave fails to make forward progress and health tickets are not minted, then the AWDT expires and forces the reboot and re-imaging to a known good state to evict the malware from the computing device.Type: GrantFiled: December 8, 2021Date of Patent: August 20, 2024Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Stefan Saroiu, Varun Gandhi, Alastair Wolman, Landon Prentice Cox
-
Patent number: 12069056Abstract: There are provided systems and methods for an authorization and access control system for access rights using relationship graphs. A service provider may provide an authorization and access control system that allows users within the service provider and/or customer entities to assign and change access rights or permissions to computing resources. When providing control of these access rights, the service provider may utilize relationship graphs, queried and generated using a graph database, to visualize and determine access rights that are inherited through different relationships and policies defining these access rights. The relationship graph may show edges for nodes that correspond to related objects, such as actors, groups, and resources. Paths over the relationship graph may be used to determine access rights that may be inherited by users. Once determined, these access rights may be established and/or updated with computing systems.Type: GrantFiled: December 29, 2021Date of Patent: August 20, 2024Assignee: Brex Inc.Inventor: Jeff Venable
-
Patent number: 12056262Abstract: Examples to restore a trusted backup configuration for a node. Example techniques include failover to an alternate firmware of the node, in response to an unverifiable condition of an existing firmware of the node. The node may validate a first configuration file stored in the node. The first configuration file includes a first backup configuration. The node may validate a second configuration file stored in the node based on the validation of the first configuration file. The second configuration file includes a second backup configuration. In response to the validation of at least one of the first configuration file and the second configuration file, the node may select one of the first backup configuration and the second backup configuration, and apply the selected backup configuration to the node.Type: GrantFiled: August 26, 2022Date of Patent: August 6, 2024Assignee: Hewlett Packard Enterprise Development LPInventors: Justin York, Brian Collum
-
Patent number: 12058265Abstract: Techniques for verifiable computation for cross-domain information sharing are disclosed. An untrusted node in a distributed cross-domain solution (CDS) system is configured to: receive a first data item and a first cryptographic proof associated with the first data item; perform a computation on the first data item including one or more of filtering, sanitizing, or validating the first data item, to obtain a second data item; generate, using a proof-carrying data (PCD) computation, a second cryptographic proof that indicates (a) validity of the first cryptographic proof and (b) integrity of the first computation on the first data item; and transmits the second data item and the second cryptographic proof to a recipient node in the distributed CDS system. Alternatively or additionally, the untrusted node may be configured to transmit a cryptographic proof to a trusted aggregator in the CDS system.Type: GrantFiled: April 24, 2023Date of Patent: August 6, 2024Assignee: RAYTHEON BBN TECHNOLOGIES CORP.Inventors: Joud Khoury, Michael Hassan Atighetchi, Zachary Ratliff, Katarzyna Lucja Olejnik
-
Patent number: 12056227Abstract: Systems and methods are described for authorizing users and/or devices. An example method may comprise receiving, from a user device, a request to access a function associated with a service account. The request may comprise an identifier of the user device. The example method may comprise determining, based on the identifier, a primary authority holder of the service account. The example method may comprise determining that a first record on a first distributed ledger associated with the primary authority holder indicates that the user device is associated with the primary authority holder. The example method may comprise determining that a second record on a second distributed ledger associated with the user device indicates that the user device is associated with the primary authority holder. The example method may comprise granting, based on the request, the first record, and the second record, the user device access to the function.Type: GrantFiled: May 22, 2023Date of Patent: August 6, 2024Assignee: COMCAST CABLE COMMUNICATIONS, LLCInventors: Andrew Antar, Asad Haque
-
Patent number: 12047256Abstract: Systems and methods are provided for a computer-implemented method of implementing an on-demand computing network environment. A network specification is received from a user. Resources from one or more resource providers are provisioned. The on-demand computing network is configured, where configuring comprises assigning a first provisioned resource as an interior device and assigning one or more second provisioned resources as rim devices.Type: GrantFiled: June 22, 2022Date of Patent: July 23, 2024Assignee: Cyber IP Holdings, LLCInventors: Christopher Edward Delaney, Carl Bailey Jacobs, Chava Louis Jurado, Christopher Edward Jackson
-
Patent number: 12034860Abstract: Methods, systems, and devices for memory write access control are described. In some examples, memory systems may include storage that is access-protected (e.g., write access protected). To enable access to the protected storage, a server node may communicate a command to the memory system that is signed with a private key that is inaccessible to the memory system. They memory system may verify the command using a public key and may enable access to the protected storage. Access commands associated with the protected storage may be processed until access to the protected storage is disabled.Type: GrantFiled: August 26, 2020Date of Patent: July 9, 2024Assignee: Micron Technology, Inc.Inventor: Zhan Liu
-
Patent number: 12034718Abstract: Secure user authentication is provided by leveraging the use of quantum keys, steganography and random user keys/passcodes. Random user passcodes limit both the entity's control over the user and potential exposure of the passcode to wrongdoers. From a security standpoint, use of quantum keys and quantum communication channels heightens security during transmission of keys, such that if a wrongdoer would attempt to hack the transmission, the quantum sequence would break, which would not only prevent the hack but also result in remedial actions, such as preventing the authentication-requiring event, providing alerts and the like. Further, use of steganography also heightens security by preventing exposure to the keys during transmission and/or while the authentication process is occurring on the display of the user's mobile device.Type: GrantFiled: February 23, 2022Date of Patent: July 9, 2024Assignee: BANK OF AMERICA CORPORATIONInventor: Swetapadma Mohanty
-
Patent number: 12035214Abstract: Embodiments of the present disclosure leverage near field communication (NFC) technology to provide dynamic and interactive monitoring of an environment. NFC devices may be used to check items in and out of a storage facility, obtain readings from instruments or other machinery present in the environment (e.g., to perform tests on the items, etc.), track movement of users and items within the environment, and to prompt users with information about the environment, such as information about the instruments or machinery currency being used to perform operations with respect to one or more items checked out to the user. Additionally, the NFC device may be used to configure the instruments with appropriate settings for the particular item(s) for which the instrument is currently being used or for other purposes.Type: GrantFiled: May 19, 2021Date of Patent: July 9, 2024Assignee: Accenture Global Solutions LimitedInventors: Mark Edward Fish, Guy Richard Talbot
-
Patent number: 12027169Abstract: The system provides a voice command recommendation to a user to avoid a non-voice command. The system determines a command that is expected to be received, and generates a voice command recommendation that corresponds to the predicted command. The predicted command can be based on the user's behavior, a plurality of users' behavior, environmental circumstances such as a phone call ring, or a combination thereof. The system may access one or more databases to determine the predicted command. The voice command recommendation may include a displayed notification that describes the recommended voice command, and exemplary voice inputs that are recognized. The system also activates an audio interface, such as a microphone, that is configured to receive a voice input. If the system receives a recognizable voice input at the audio interface that corresponds to the recommendation, the system performs the predicted command in response to receiving the voice input.Type: GrantFiled: April 26, 2023Date of Patent: July 2, 2024Assignee: Rovi Guides, Inc.Inventors: Jeffry Copps Robert Jose, Ankur Aher
-
Patent number: 12026283Abstract: The present disclosure relates to methods for “cookieless” tracking across a wide range of websites and mobile applications. The methods do not involve the use of cookies or code on individual webs pages, and associated web or other servers and may be achieved through use of a single URL for tracking a user across multiple websites. Methods of enhanced tracking of user activity without requiring tracking pixels are also described herein.Type: GrantFiled: July 10, 2023Date of Patent: July 2, 2024Assignee: DataTrendz, LLCInventor: Kenneth Tola
-
Patent number: 12028345Abstract: A system for identifying trusted machines for Machine-to-Machine (M2M) validation receives a query message from a first trusted computing device, requesting whether an unrecognized computing device is in a list of trusted devices associated with a second trusted computing device. The system determines whether the unrecognized computing device is in the list of trusted devices by determining whether an identification associated with the unrecognized computing device is among the list of trusted devices. In response to determining that the unrecognized computing device is in the list of trusted devices, the system sends a response message to the first trusted computing device, indicating that the unrecognized computing device is in the list of trusted devices.Type: GrantFiled: May 19, 2021Date of Patent: July 2, 2024Assignee: Bank of America CorporationInventors: Maharaj Mukherjee, George Albero
-
Patent number: 12019764Abstract: A method of modifying encryption of a storage system includes: receiving an instruction to rekey data on a storage system, wherein the instruction identifies first encryption information and second encryption information; determining that the instruction is authorized; decrypting, by a processing device of a storage system controller, the data using a current key included in the first encryption information to generate decrypted data; and encrypting, by the processing device of the storage system controller, the decrypted data using the second encryption information to generate encrypted data.Type: GrantFiled: September 2, 2021Date of Patent: June 25, 2024Assignee: PURE STORAGE, INC.Inventors: Constantine P. Sapuntzakis, Kiron Vijayasankar, Yuval Frandzel
-
Patent number: 12019649Abstract: The cloud hybrid application storage management system spans local data center and cloud-based storage and provides a unified view of content and administration throughout an enterprise. The system manages synchronization of storage locations, ensuring that files are replicated, uniquely identified, and protected against corruption. The system ingests digital media assets and creates instances of the assets with their own identification and rights and houses the identification and relationships in a CAR (Central Asset Registry). The system tracks the different instances of the assets in multiple storage locations using the CAR, which is a central asset registry that ties together disparate digital asset management repository systems (DAMs) and cloud-based storage archives in which the instances reside. While the invention treats and manages multiple files/instances independently, the CAR identifies them as related to each other.Type: GrantFiled: January 5, 2023Date of Patent: June 25, 2024Assignee: SCRIPPS NETWORKS INTERACTIVE, INC.Inventors: Brant Boehmann, Alex Garrison, Wade Chandler, Sean Considine, Ramesh Mendu
-
Patent number: 12013952Abstract: The disclosed computer-implemented method for protecting user data privacy against the use of fake first-party domains by hidden web trackers may include (i) identifying a group of subdomains associated with one or more websites, (ii) comparing an Internet Protocol (IP) address range for each of the subdomains, (iii) determining, based on the comparison, that an IP address range for a target subdomain is potentially utilized by a hidden web tracker as a fake first-party subdomain in the websites, (iv) detecting similarities between any scripts loaded by websites associated with the target subdomain and any functions performed by the scripts, and (v) perform a security action that protects against utilizing fake domains for evading web browser tracking protection by identifying the target subdomain as the fake first-party subdomain based on the detected similarities. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: December 22, 2021Date of Patent: June 18, 2024Assignee: GEN DIGITAL INC.Inventor: Iskander Sanchez Rola
-
Patent number: 12015619Abstract: The technology discloses processing incoming access requests of packets through cloud-based components that perform (a) packet-level access control and traffic inspection, (b) protocol-level access control and traffic inspection, (c) threat detection, and (d) activity contextualization, including a packet and stream router conveying each incoming access request of packets through all of components (a)-(d) that apply, at least until one of the components sets a restrictive state on at least one object corresponding to the incoming access request or until all of the components that apply have passed the incoming access request.Type: GrantFiled: January 30, 2021Date of Patent: June 18, 2024Assignee: Netskope, Inc.Inventors: Kartik Subbanna, Amit Ganesh Datar, Kand Ly
-
Patent number: 12008138Abstract: Datasource processors may communicate with an artificial intelligence (AI) engine in order to generate, in parallel, object summaries from datasource objects received from datasources. Each object summary may include an object identifier, one or more local entities, and a mapping from each of the one or more local entities to one or more attributes. A global entity resolver may augment the object summaries by mapping each of the local entities to a global entity. Policy engines may evaluate, in parallel, the object summaries with respect to a security and/or privacy policy. If a security and/or privacy violation is recognized, a remediation measure may be applied in connection with the datasource object for which the security and/or privacy violation exists.Type: GrantFiled: September 29, 2023Date of Patent: June 11, 2024Assignee: Lightbeam.ai, Inc.Inventors: Aditya Ramesh, Abhinay Nagpal, Himanshu Shukla
-
Patent number: 12005927Abstract: Aspects of the disclosure relate to enabling playing of content at an autonomous vehicle. For example, a request to transport a user on a trip may be received. The autonomous vehicle may be assigned to the trip. Whether the user has enabled a content feature may be determined. In response to determining that the user has enabled the content feature a request for a device identifier is sent to the autonomous vehicle. The device identifier generated at the autonomous vehicle is received. The received device identifier may be sent to a content-enabling computing system including one or more processors in order to enable the user to play content from the client computing device at the autonomous vehicle during the trip.Type: GrantFiled: September 7, 2021Date of Patent: June 11, 2024Assignee: Waymo LLCInventors: Matthew Corey Hall, Maria Moon, Orlee Smith, Erik Wolsheimer, Kyle Bechtel
-
Patent number: 11992116Abstract: A wearable electronic device includes a watch body including a touch-sensitive display configured to receive a first input and a first wireless circuit configured to receive a wireless input signal. The wearable electronic device further includes a band coupled to the watch body and configured to attach the watch body to a user and a wireless module coupled to the band and including an input device configured to receive a second input and a second wireless circuit configured to transmit the wireless input signal to the first wireless circuit in response to receiving the second input.Type: GrantFiled: September 17, 2021Date of Patent: May 28, 2024Assignee: APPLE INC.Inventors: Ryan C. Perkins, Devon K. Copeland, Erik G. de Jong
-
Patent number: 11997175Abstract: A system obtains a use condition for restricting use of an application in a first client device of a first user. The system obtains a use status of the application in the first client device. Responsive to the use status not satisfying the use condition, the system sends a notification to a second client device of a second user different from the first user, and/or restricts the use of the application in the first client device.Type: GrantFiled: June 14, 2021Date of Patent: May 28, 2024Assignee: GREE, INC.Inventors: Tomoki Umeya, Junko Yamanokuchi, Masato Nozaki
-
Patent number: 11997479Abstract: A method for key derivation for non-3GPP access. The method includes determining a particular non-3GPP access type, wherein the particular non-3GPP access type is one of N different particular non-3GPP access types (N>1), and each one of the N particular non-3GPP access types is associated with a unique access type distinguisher value. The method also includes generating (s604) a first access network key using a key derivation function and the unique access type distinguisher value with which the determined particular non-3GPP access type is associated, thereby generating a first access network key for the particular non-3GPP access type.Type: GrantFiled: February 13, 2020Date of Patent: May 28, 2024Assignee: Telefonaktiebolaget LM Ericsson (Publ)Inventors: Vesa Lehtovirta, Christine Jost, Helena Vahidi Mazinani
-
Patent number: 11991153Abstract: A system having an off-premises proxy server residing in a cloud computing environment and backend servers residing in an enterprise computing environment are provided. Requests received by the off-premises proxy server for access to a first, non-publicly accessible backend server are routed to a tunnel server which stores the request and waits to be polled by a tunnel agent connected to the first backend server. When the tunnel server is polled, the request is forwarded through an HTTP tunnel to the tunnel agent, which forwards it to the backend server for processing. Responsive information is returned to the tunnel agent, which forwards it through the HTTP tunnel to the tunnel server and returned through the off-premises proxy server to the remote application. Requests for access to a first, publicly accessible backend server are routed by the off-premises proxy server directly to the backend server for processing and return of responsive information.Type: GrantFiled: May 17, 2023Date of Patent: May 21, 2024Assignee: OPEN TEXT CORPORATIONInventors: Harish Rawat, Sachin Gopaldas Totale, Ahson M. Ahmad
-
Patent number: 11983281Abstract: One example method includes receiving, by a backup appliance, a request concerning a dataset, performing, by the backup appliance, an inquiry to determine if end-to-end encryption is enabled for a volume of a target storage array, receiving, by the backup appliance, confirmation from the storage array that end-to-end encryption is enabled for the volume, and based on the confirmation that end-to-end encryption is enabled for the volume, storing the dataset in the volume without performing encryption, compression, or deduplication, of the dataset prior to storage of the dataset in the volume.Type: GrantFiled: June 9, 2021Date of Patent: May 14, 2024Assignee: EMC IP HOLDING COMPANY LLCInventors: Jehuda Shemer, Arieh Don, Krishna Deepak Nuthakki
-
Patent number: 11985148Abstract: Systems and methods for detecting a rogue network device at a physical layer include monitoring physical layer characteristics of a wired link at both a first network device and a second network device; determining whether there are detectable variances in the physical layer characteristics; and detecting a rogue network device inserted on the link based on the detectable variances.Type: GrantFiled: October 3, 2022Date of Patent: May 14, 2024Assignee: Ciena CorporationInventors: Kevin Estabrooks, Greg Vanderydt, Bashar Abdullah
-
Patent number: 11985144Abstract: Techniques are disclosed relate to systems, methods, and non-transitory computer readable media for implementing a browser extension for cyber threat intelligence and response. One system to perform operations comprising: receiving, in a sandbox of a browser by a browser extension, a selection of at least one particular indicator of compromise of the at least one of the indicator of compromise of at least scanned part of a web page; displaying one or more orchestrated responses; receiving a selection of at least one particular orchestrated response of the one or more orchestrated responses; transmitting the selected at least one particular orchestrated response to the cloud-based enrichment and analysis of cybersecurity threat intelligence system; receiving a response including a result of the at least one particular orchestrated response; and displaying the result of the at least one particular orchestrated response.Type: GrantFiled: June 25, 2021Date of Patent: May 14, 2024Assignee: ThreatConnect, Inc.Inventors: Edward Hinkle, Mashell Rodriguez, Marika Chauvin, Daniel Cole, Andrew Pendergast, Kathryn Grayson Nanz
-
Patent number: 11974225Abstract: A method of operating a terminal device in a wireless telecommunications system comprising the terminal device and a plurality of network access nodes, wherein the method comprises: establishing first wake-up signalling configuration information for a first network access node covering a current location for the terminal device, wherein the first wake-up signalling configuration information comprises an indication of a first wake-up signalling format to be transmitted by the first network access node in advance of transmitting a paging message to indicate the terminal device should seek to decode the paging message, and an indication of an associated first wake-up signalling validity period for the first wake-up signalling format; monitoring for signalling transmitted by one of the plurality of network access nodes in accordance with the first wake-up signalling format during the first wake-up signalling validity period, and seeking to decode a subsequent paging message if wake-up signalling in accordance witType: GrantFiled: June 14, 2022Date of Patent: April 30, 2024Assignee: SONY GROUP CORPORATIONInventors: Vivek Sharma, Shin Horng Wong, Martin Warwick Beale, Samuel Asangbeng Atungsiri
-
Patent number: 11962639Abstract: Systems, methods, and computer-readable media are disclosed for extracting data from web applications. An exemplary embodiment includes monitoring web traffic between a client terminal and a server, the web traffic corresponding to a user's interaction with a web browser to send a request for data, such as a web page, from the client terminal to the server. A data log is created reflecting the monitored web traffic, and processed to extract the request for data. A command is generated for accessing the server based on the request for the data that was extracted from the data log. When the generated command is executed, it downloads the data from the server to the client terminal. Some embodiments are able to specify a pattern to search for in the downloaded web page, search the downloaded data for the pattern to identify data of interest and provide the identified data to a user.Type: GrantFiled: October 19, 2022Date of Patent: April 16, 2024Assignee: FEDERAL HOME LOAN MORTGAGE CORPORATION (FREDDIE MAC)Inventor: Qiming He