Access Control Or Authentication Patents (Class 726/2)
  • Patent number: 10999279
    Abstract: A command to load or unload data at a storage location is received. In response to the command, a storage integration object associated with the storage location is identified. The storage integration object identifies a cloud identity object that corresponds to a cloud identity that is associated with a proxy identity object corresponding to a proxy identity granted permission to access the storage location. The data is loaded or unloaded at the storage location by assuming the proxy identity.
    Type: Grant
    Filed: June 25, 2020
    Date of Patent: May 4, 2021
    Assignee: Snowflake Inc.
    Inventors: Polita Paulus, Peter Povinec, Saurin Shah, Srinidhi Karthik Bisthavalli Srinivasa
  • Patent number: 10986188
    Abstract: Methods, systems, and computer program products for handling multi-pipe connections is provided. A primary pipe request for a connection between a client and a server is received. The connection includes a plurality of pipes between the client and the server. The primary pipe request includes a number corresponding to the amount of pipes required for the connection. A first response acknowledging the receipt of the primary pipe request is transmitted. The first response includes a token. A plurality of subsequent pipe requests are received for the connection between the client and the server. Each subsequent pipe request includes the token. A subsequent response to each subsequent pipe request is transmitted. A count of the number of pipe requests received is maintained. The established pipes are released after a period of time has elapsed when the number of pipe requests received doesn't reach the number of pipes required for the connection.
    Type: Grant
    Filed: November 11, 2019
    Date of Patent: April 20, 2021
    Assignee: International Business Machines Corporation
    Inventors: Michael D. Brooks, Alan Hollingshead, Julian C. Horn, Philip I. Wakelin
  • Patent number: 10979510
    Abstract: Methods, systems, and computer program products for handling multi-pipe connections is provided. A primary pipe request for a connection between a client and a server is received. The connection includes a plurality of pipes between the client and the server. The primary pipe request includes a number corresponding to the amount of pipes required for the connection. A first response acknowledging the receipt of the primary pipe request is transmitted. The first response includes a token. A plurality of subsequent pipe requests are received for the connection between the client and the server. Each subsequent pipe request includes the token. A subsequent response to each subsequent pipe request is transmitted. A count of the number of pipe requests received is maintained. The established pipes are released after a period of time has elapsed when the number of pipe requests received doesn't reach the number of pipes required for the connection.
    Type: Grant
    Filed: November 11, 2019
    Date of Patent: April 13, 2021
    Assignee: International Business Machines Corporation
    Inventors: Michael D. Brooks, Alan Hollingshead, Julian C. Horn, Philip I. Wakelin
  • Patent number: 10977709
    Abstract: Systems and methods of displaying product information relating to multiple purchase options are provided. A method includes displaying, in a first portion of a user interface, a web browser and displaying, in a second portion of the user interface, a decision organizing tool comprising a candidate icon portion comprising a plurality of candidate icons and an active icon portion. The method also includes receiving instructions to transfer of one of the plurality of candidate icons from the candidate icon portion to the active icon portion and, in response to the receiving, transferring the one of the plurality of candidate icons to the active icon portion, where the one of the plurality of candidate icons provides a link to an item currently displayed in the web browser and offered for sale. Effectively becoming a common shopping cart for multiple websites simultaneously.
    Type: Grant
    Filed: November 29, 2017
    Date of Patent: April 13, 2021
    Assignees: The Quantum Group, Inc.
    Inventors: Noel Guillama, Chester Heath
  • Patent number: 10979449
    Abstract: A file system extension for an endpoint controls access to files by selectively decrypting files under certain conditions. Where a pattern of access to the files suggests malicious and/or automated file access activity, the file system extension may limit the rate of file access by regulating the rate at which decryption is provided to requesting processes.
    Type: Grant
    Filed: October 1, 2019
    Date of Patent: April 13, 2021
    Assignee: Sophos Limited
    Inventors: Russell Humphries, Kenneth D. Ray, Anthony John Merry, Harald Schutz
  • Patent number: 10970107
    Abstract: An embodiment may involve a computational instance including persistent storage, the persistent storage containing representations of virtual machines previously discovered in a server cluster. The embodiment may also involve one or more processors configured to perform operations involving: (i) transmitting, to the server cluster, a request for an event log, the event log containing events related to virtual machines configured in the server cluster; (ii) receiving, from the server cluster, the event log; (iii) determining that the event log contains one or more significant events related to a particular virtual machine from virtual machines configured in the server cluster; (iv) performing a discovery pattern on the server cluster, wherein output from performing the discovery pattern includes a characterization of the particular virtual machine; and (v) causing an update to be written to the persistent storage, wherein the update includes the characterization of the particular virtual machine.
    Type: Grant
    Filed: December 30, 2019
    Date of Patent: April 6, 2021
    Assignee: ServiceNow, Inc.
    Inventors: Aviya Aron, Hail Tal, Sreenevas Subramaniam
  • Patent number: 10972899
    Abstract: In one embodiment, a method includes receiving, by a mobility management enhancer, device information from a device and determining, by the mobility management enhancer, a data session requested by the device based on the device information. The method also includes receiving, by the mobility management enhancer, service provider information from a service provider, requesting, by the mobility management enhancer, network information of a network, and receiving, by the mobility management enhancer, the network information. The method further includes determining, by the mobility management enhancer, an action associated with the data session requested by the device based on the device information, the service provider information, and the network information.
    Type: Grant
    Filed: February 27, 2020
    Date of Patent: April 6, 2021
    Assignee: AT&T Intellectual Property I, L.P.
    Inventor: Julius Mueller
  • Patent number: 10972455
    Abstract: An embodiment of the invention may include a method, computer program product and system for secure authentication within a communication protocol session. The embodiment may include retrieving, by a client computer of the TLS session, a challenge string associated with the TLS session. The embodiment may include generating, by the client computer, a first digest based on the challenge string and authentication information of a user of the client computer. The embodiment may include sending, by the client computer, the first digest to a server of the TLS session. The retrieving, generating and sending, by the client computer, are carried out after the TLS session has been established between the client computer and the server.
    Type: Grant
    Filed: April 24, 2018
    Date of Patent: April 6, 2021
    Assignee: International Business Machines Corporation
    Inventors: Sheng-Tung Hsu, Wei-Hsiang Hsiung, Kuo-Chun Chen, Wayne Chou
  • Patent number: 10963288
    Abstract: Embodiments relate to a virtualization layer capturing replayable execution traces of VMs managed by the virtualization layer. Execution tracing can be performed on any unit of execution managed by the virtualization layer, e.g., threads, processes, virtual processors, individual VMs, multiple VMs, etc. Traced execution units may be executing in parallel. Execution tracing involves capturing to a buffer: executed instructions, memory inputted to instructions, memory outputted by instructions, registers touched by instructions, and ordering markers. Trace data can be captured in chunks, where causality is preserved and ordering is preserved between chunks but not necessarily within chunks. The chunks may be delineated by inserting monotonically increasing markers between context switches, thus relatively ordering the chunks. Determinism may be partially provided by identifying non-deterministic events. VM tracing may be transparent to guest software, which need not be instrumented.
    Type: Grant
    Filed: April 3, 2019
    Date of Patent: March 30, 2021
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventor: Jordi Mola
  • Patent number: 10965667
    Abstract: In one embodiment, a user authentication server may use geo-location tracking to determine whether to present an enhanced identity challenge. A communication interface 180 may receive a user login attempt by a user and a current location of the user login attempt. A data storage 150 may store a user location profile of the user. A processor 120 may execute a comparison of the current location to the user location profile. The communication interface 180 may present the user with an enhanced identity challenge before allowing user access based on the comparison.
    Type: Grant
    Filed: December 9, 2019
    Date of Patent: March 30, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: David Steeves, Luke Abrams, Hersh Dangayach, Eric Fleischman, Prabu Raju, Krishna Vitaldevara, Niyantha Shekar, Payoj Baral, Meenakshi Ramaswamy, Winfred Wong, Yordan Rouskov, Ramesh Manne
  • Patent number: 10964180
    Abstract: Software intrusion protection systems to prevent remote access to sensitive data are very prevalent. In some cases, additional physical access protection may also be desired. By preventing physical access to a system an intruder may not be able to physically “steal” component parts of the system and then obtain their contents (or design criteria) at a remote site (e.g., after the physical theft). Monitors are provided to detect potential access to a secure computer system and identify if inappropriate access to the secure computer system is obtained (or is imminent). In a case where unauthorized access is predicted, warnings and alerts may be sent prior to an actual breach. Upon determination that a breach may be likely to occur, techniques to protect data (e.g., erasure, destruction, etc.) and component parts may be initiated. Sensors monitor internal and external physical environmental conditions to assist in detection of intrusion.
    Type: Grant
    Filed: May 30, 2018
    Date of Patent: March 30, 2021
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: David W. Engler, William James Walker
  • Patent number: 10965686
    Abstract: Systems and methods of identifying over-privileged access in a computing system are disclosed. The method includes receiving configuration information for the computing system, selecting an identity that can access the computing system and determining access privileges for the selected identity using at least the received configuration information, the access privileges identifying one or more computing resource or service accessible to the selected identity, determining at least one role assumable by the identified one or more computing resource or service accessible to the selected identity, and determining whether the identified one or more computing resource or service accessible to the selected identity can elevate its privileges. In a case where it is determined that the identified one or more computing resource or service accessible to the selected identity can elevate its privileges, the method provides notification that the identity has over-privileged access to the computing system.
    Type: Grant
    Filed: December 30, 2020
    Date of Patent: March 30, 2021
    Assignee: THREATMODELER SOFTWARE INC.
    Inventors: Anuraag Agarwwal, Irwin Emmanuel Dathala
  • Patent number: 10949806
    Abstract: A spatial event map system including server-side data processor that maintains a spatial event map which locates events in a workspace. The spatial event map includes a log of events, entries in the log having a location of a graphical target of the event in the workspace and a time. The system includes logic to send messages including an event, a location of a graphical target of the event in the workspace and a time, to client-side network nodes; and to receive messages identifying events that create or modify a graphical target, and to add corresponding entries to the log of events. The events can include history events that are sent to the other client-side network nodes, and added to the log for the corresponding history events, and ephemeral events that are sent to other client-side network nodes without adding corresponding entries in the log.
    Type: Grant
    Filed: August 3, 2017
    Date of Patent: March 16, 2021
    Assignee: HAWORTH, INC.
    Inventors: David M. Foley, Adam Pearson, Demian Entrekin
  • Patent number: 10945600
    Abstract: The present disclosure relates to systems, devices and methods for receiving biosensor data acquired by a medical device, e.g., relating to glucose concentration values, and controlling the access and distribution of that data. In some embodiments, systems and methods are disclosed for monitoring glucose levels, displaying data relating to glucose values and metabolic health information, and controlling distribution of glucose data between applications executing on a computer, such as a smart phone. In some embodiments, systems and methods are disclosed for controlling access to medical data such as continuously monitored glucose levels, synchronizing health data relating to glucose levels between multiple applications executing on a computer, and/or encrypting data.
    Type: Grant
    Filed: February 9, 2016
    Date of Patent: March 16, 2021
    Assignee: DexCom, Inc.
    Inventors: Michael Robert Mensinger, Esteban Cabrera, Jr., Eric Cohen, Nathaniel David Heintzman, Apurv Ullas Kamath, Gary A. Morris, Andrew Attila Pal, Eli Reihman, Jorge Valdes
  • Patent number: 10949523
    Abstract: Method and electronic device for providing image-based CAPTCHA challenge Embodiments herein achieve an electronic device for providing an image-based CAPTCHA challenge. The electronic device is configured to cause to display the image-based CAPTCHA challenge for a user of the electronic device. The image-based CAPTCHA challenge includes a first image and a second image of an object displayed from different viewpoints. The first image includes a challenge point in at least one portion of the object. The electronic device is further configured to detect at least one input from the user indicating the at least one challenge point on at least one portion of the second image. The electronic device is further configured to automatically determine whether the at least one portion of the second image on which the at least one input performed by the user corresponds to the at least one portion of the first image where the challenge point is displayed to qualify the user as a human.
    Type: Grant
    Filed: March 28, 2018
    Date of Patent: March 16, 2021
    Assignee: INDIAN INSTITUTE OF TECHNOLOGY BOMBAY
    Inventors: Vishal Agarwal, Lalduhbera Hlychho, Ajit Rajwade, Venkatakrishnan Ramaswamy
  • Patent number: 10929426
    Abstract: The present technology pertains to a organization directory hosted by a synchronized content management system. The corporate directory can provide access to user accounts for all members of the organization to all content items in the organization directory on the respective file systems of the members' client devices. Members can reach any content item at the same path as other members relative to the organization directory root on their respective client device. In some embodiments novel access permissions are granted to maintain path consistency.
    Type: Grant
    Filed: December 29, 2017
    Date of Patent: February 23, 2021
    Assignee: Dropbox, Inc.
    Inventors: Thomas Kleinpeter, Tony Xu, Alex Sydell, Nils Bunger, Sam Jau, Aaron Staley, Sara Lin
  • Patent number: 10932128
    Abstract: Systems, methods, and/or techniques for providing access network independent device provisioning of machine-to-machine (M2M) devices belonging to different M2M application domains may be disclosed. For example, a unique reference to a preliminary M2M ID module (PMI) associated with a M2M device. The M2M device with the PMI may be registered at a M2M ID provider (MIP). A M2M ID (MI) to replace the PMI may be generated using the MIP Additionally, a secure mutually authenticated communication channel may be set up with the M2M device within an application domain and/or may be provided for secure authorization of requests to the M2M device using the MI.
    Type: Grant
    Filed: September 17, 2015
    Date of Patent: February 23, 2021
    Assignee: PCMS Holdings, Inc.
    Inventor: Christian M. Gehrmann
  • Patent number: 10915642
    Abstract: A method, system, and computer program product for performing strong desensitization of sensitive data within a garbled circuit includes: compiling a predetermined program into a first program, where the compiled first program is encoded in a form of a garbled circuit, and where the predetermined program runs on sensitive data; and executing the first program, where executing the first program includes: executing an analytics function using tokenized data with a first set of sensitive information and analytics data with a second set of sensitive information, where the tokenized data originated from a data provider and the analytics data originated from an analytics provider; and generating an output of the first program using a result of the analytics function, where the output contains desensitized data.
    Type: Grant
    Filed: November 28, 2018
    Date of Patent: February 9, 2021
    Assignee: International Business Machines Corporation
    Inventors: Jeb R. Linton, Dennis Kramer, Irma Sheriff
  • Patent number: 10911180
    Abstract: A method for data integrity check in a network device of a computer network. The network device includes a communication module and a monitoring module. The monitoring module receives (a) the same data being received by a communication module from an input port of the network device, and (b) the same data the communication module transmits towards output port/s of the network device.
    Type: Grant
    Filed: April 18, 2019
    Date of Patent: February 2, 2021
    Assignee: TTTECH COMPUTERTECHNIK AG
    Inventors: Georg Gaderer, Günther Bauer
  • Patent number: 10911457
    Abstract: Policy changes are propagated to access control devices of a distributed system. The policy changes are given immediate effect without having to wait for the changes to propagate through the system. A token comprises the policy change and can be provided in connection with access requests. Before an access control device has received a propagated policy change, the access control device can evaluate a token provided in connection with a request to determine, consistent with the policy change, whether to fulfill the request.
    Type: Grant
    Filed: March 8, 2019
    Date of Patent: February 2, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Gregory Branchek Roth, Matthew James Wren
  • Patent number: 10893041
    Abstract: According to aspects of the present disclosure, a computer-implemented method includes generating, by a host processing system, a single use authentication map to map a private set of characters to a public set of characters. The method further includes transmitting, by the host processing system, the single use authentication map to a user processing system that presents an authentication interface comprising the public set of characters to enable a user to enter a user passcode using the public set of characters. The user processing system encodes the user passcode into a single use passcode using the single use authentication map. The method further includes the host processing system receiving the single use passcode from the user processing system, decoding the single use passcode back the user passcode using the single use authentication map, and determining whether the user passcode matches an expected passcode.
    Type: Grant
    Filed: October 10, 2018
    Date of Patent: January 12, 2021
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Mark Maresh, Colm Nolan, Juan F. Vargas, Michael J. Whitney
  • Patent number: 10891364
    Abstract: A request is received from an intelligent terminal by an intelligent wearable device for enabling a one-time password function, and the intelligent wearable device is configured with an embedded algorithm chip. Provisional data from a provisioning server is obtained using the intelligent terminal. The provisional data is verified. If the provisional data is verified, the verified provisional data is stored on the intelligent wearable device. Using a micro operating system, the embedded algorithm chip is invoked to generate a one-time password, and the one-time password is displayed on a computer display of the intelligent wearable device. The one-time password is configured to permit a verification server to verify the intelligent wearable device.
    Type: Grant
    Filed: November 9, 2018
    Date of Patent: January 12, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventors: Xiaochen Wang, Yuanbo Sun, Fei Meng, Mian Huang
  • Patent number: 10891089
    Abstract: A cloud-based server and a port monitor on a device provide authentication of a user to access print jobs on the server. An application may print or perform other operations from the cloud-based server to a printing device. The port monitor uploads data for a document to the cloud-based server. Once the data for the document is uploaded, a claim code is generated by the cloud-based server. The port monitor receives the claim code. The port monitor initiates the launch of a browser having a uniform resource locator (URL) address for the server along with the claim code. The user is authenticated using a login page and the claim code associated to the user to allow access to the document on the server.
    Type: Grant
    Filed: June 25, 2019
    Date of Patent: January 12, 2021
    Assignee: KYOCERA DOCUMENT SOLUTIONS INC.
    Inventors: Arthur Alacar, Michael Martin
  • Patent number: 10887345
    Abstract: Systems and methods for anti-phishing include determining that a user interface corresponding to a current web address has authentication input fields. A current hash value is generated based on a subset of a plurality of input characters that have been input into an authentication input field. The current hash value is compared to mapped hash values. If the current hash value matches one or more of the mapped hash values, a web address mapped to the matched, mapped hash value is identified. The mapped web address is compared to the current web address to determine whether they match. An alert is displayed in response to determining whether there is a match between the current web address and the mapped web address.
    Type: Grant
    Filed: June 26, 2019
    Date of Patent: January 5, 2021
    Assignee: PAYPAL, INC.
    Inventor: Riaz Ebrahim Mohamed
  • Patent number: 10885168
    Abstract: The methods described herein are configured for authenticating a user identity. Fingerprint data is collected from a digit via a fingerprint sensor and heartbeat data is collected from the digit, via an optical heartbeat sensor, based on light projected from a light source. The collected fingerprint data is verified by comparison to stored fingerprint data associated with the user identity. The collected heartbeat data is used to detect the presence of a heartbeat. Based on a successful verification of the collected fingerprint data and a successful detection of the heartbeat, the user identity is authenticated. Authenticating the user identity based on both fingerprint data and heartbeat data enhances the security of the authentication process by preventing fraudulent use of fingerprints.
    Type: Grant
    Filed: November 24, 2017
    Date of Patent: January 5, 2021
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventor: Aaron Braundmeier
  • Patent number: 10887733
    Abstract: Various examples of detecting whether a device meets an enrollment level are disclosed. A request to authenticate a user based upon user credentials is obtained. Applications for which the user is authorized are identified. An enrollment level associated with each of the plurality of applications is also identified. A user interface including the plurality of applications and the enrollment level associated with each of the plurality of applications is generated.
    Type: Grant
    Filed: April 16, 2018
    Date of Patent: January 5, 2021
    Inventors: Adam Stephen Rykowski, Ashish Jain, Dale Robert Olds, Emily Hong Xu, Kabir Barday, Kyle Austin, Sridhara Babu Kommireddy, Pratik Jagad, Krishna Kumar Bhavesh
  • Patent number: 10885919
    Abstract: A method, computer program product, and computing system for monitoring a portion of speech on an automated speech recognition system that includes a plurality of classifiers, thus defining a monitored portion of speech, wherein an operation is defined for each of the plurality of classifiers. A confidence score concerning the monitored portion of speech is associated with each of a plurality of classifiers, thus defining a plurality of confidence scores. If one of the plurality of confidence scores is an acceptable confidence score, the operation defined for the classifier associated with the acceptable confidence score is effectuated.
    Type: Grant
    Filed: January 5, 2018
    Date of Patent: January 5, 2021
    Assignee: Nuance Communications, Inc.
    Inventors: Songzhe Wang, Lior Ben-Gigi, Slawek Jarosz, David Ardman, Stefan Ortmanns
  • Patent number: 10878134
    Abstract: Technologies for secure I/O include a compute device, which further includes a processor, a memory, a trusted execution environment (TEE), one or more input/output (I/O) devices, and an I/O subsystem. The I/O subsystem includes a device memory access table (DMAT) programmed by the TEE to establish bindings between the TEE and one or more I/O devices that the TEE trusts and a memory ownership table (MOT) programmed by the TEE when a memory page is allocated to the TEE.
    Type: Grant
    Filed: March 29, 2019
    Date of Patent: December 29, 2020
    Assignee: INTEL CORPORATION
    Inventors: Krystof Zmudzinski, Siddhartha Chhabra, Reshma Lal, Alpa Narendra Trivedi, Luis S. Kida, Pradeep M. Pappachan, Abhishek Basak, Anna Trikalinou
  • Patent number: 10878067
    Abstract: A computer implemented method of correlating between detected access events to access client terminals in a monitored location and physical activity of people in the monitored location, comprising detecting one or more access events to access one or more of a plurality of client terminals located in a monitored location and operatively connected to a first network, obtaining sensory activity data from one or more activity detectors deployed in the monitored location to capture physical activity of people in the monitored location wherein the activity detector(s) are operatively connected to a second interconnection isolated from the first network, analyzing the sensory activity data to identify a spatiotemporal activity pattern of one or more persons in the monitored location, correlating between the access event(s) and the spatiotemporal activity pattern(s) to validate the access event(s) and initiating one or more actions according to the validation.
    Type: Grant
    Filed: July 13, 2018
    Date of Patent: December 29, 2020
    Assignee: NEC Corporation Of America
    Inventors: Tsvi Lev, Doron Gonen, Moshe Karako, Yaacov Hoch
  • Patent number: 10868835
    Abstract: A method manages data traffic within a network having controllers that each control a part of the network having a forwarding element (FE), the controllers being connected to a reference monitor (RM) for enforcing a security policy. The method includes: receiving a rule request by a controller and transmitting it its RM; the RM checking the rule request for policy compliance and authorizing a poly compliant part of the rule request. When the rule request has an outside modification: the controller contacts controllers impacted by the outside modification for obtaining an authorization, and upon receipt of authorization, sending the controller sends the modifications and authorizations to the impacted controllers to implement the modification in their FE.
    Type: Grant
    Filed: October 24, 2016
    Date of Patent: December 15, 2020
    Assignee: NEC CORPORATION
    Inventors: Ghassan Karame, Felix Klaedtke, Takayuki Sasaki
  • Patent number: 10862916
    Abstract: The technology disclosed simulates and analyzes spread of malware through an organization as a result of sharing files using cloud-based services. This analysis is based on actual user and file sharing characteristics collected on a user-by-user and file-by-file basis. The technology disclosed traces connections among the users by traversing a directed graph constructed from the user-by-user data and the file-by-file data. It then simulates the spread of malware, from an entry point user zero through the organization, via the cloud-based services, using the directed graph to simulate user exposure to, infection by, and transmission of the malware within the organization. It then produces a visualization of the spread from the entry point user zero, to users within a user partition to which the user zero belongs, at varying transmission distances from the user zero.
    Type: Grant
    Filed: March 2, 2018
    Date of Patent: December 8, 2020
    Assignee: Netskope, Inc.
    Inventors: Sean Hittel, Ravindra K. Balupari
  • Patent number: 10862909
    Abstract: Packets may be received by a packet security gateway. Responsive to a determination that an overload condition has occurred in one or more networks associated with the packet security gateway, a first group of packet filtering rules may be applied to at least some of the packets. Applying the first group of packet filtering rules may include allowing at least a first portion of the packets to continue toward their respective destinations. Responsive to a determination that the overload condition has been mitigated, a second group of packet filtering rules may be applied to at least some of the packets. Applying the second group of packet filtering rules may include allowing at least a second portion of the packets to continue toward their respective destinations.
    Type: Grant
    Filed: June 19, 2015
    Date of Patent: December 8, 2020
    Assignee: Centripetal Networks, Inc.
    Inventors: Sean Moore, Steven Rogers, John Daniel Scoggins, Sr.
  • Patent number: 10848482
    Abstract: Systems and methods for authenticating a user are provided. A method may comprise providing interactive media on a computing device associated with a user. The interactive media may comprise a plurality of images. The plurality of images may be presented on a graphical display of the computing device. The method may also comprise receiving input data from the computing device when the user selects a sequence of images from the plurality of images on the graphical display of the computing device. The selected sequence of images may correspond to a sequence of grammatical words. The method may further comprise analyzing the input data by comparing the sequence of grammatical words to a passcode, and authenticating the user when the sequence of grammatical words is equal to the passcode.
    Type: Grant
    Filed: February 21, 2017
    Date of Patent: November 24, 2020
    Assignee: Trusona, Inc.
    Inventors: Ori Eisen, Clayton Lengel-Zigich, Nikolas Mangu-Thitu
  • Patent number: 10846464
    Abstract: A system is provided for generating a permanent record for an, e.g., online transaction. The system includes a computer interface module which records movement of a cursor on a computer screen and outputs the recorded data. A signature generation module which receives the recorded data and generates a graphical image based upon the recorded data. A webpage reading module reads the webpage and the data input by a user and outputs the combined content and data to a rendering process, which renders a permanent computer record file that includes an image capture of the transaction (content and data) along with, optionally, the signature. According to the present invention, a record can be created that includes the exact content and other information presented to a party to an online transaction along with a signature of that party.
    Type: Grant
    Filed: December 12, 2018
    Date of Patent: November 24, 2020
    Inventors: Bill Hicks, Dave Liscum, Jason Napsky
  • Patent number: 10846385
    Abstract: In an example embodiment, a system for allowing one or more password errors may store a correct password for a user and receive an attempted login from a user device. The attempted login may include (1) an attempted password with one or more errors and (2) metadata. The system may assign a metadata risk score to the metadata, assign a password risk score to the attempted password, aggregate the scores, and grant or deny access to the user based on the aggregated score and a predetermined threshold.
    Type: Grant
    Filed: October 11, 2019
    Date of Patent: November 24, 2020
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Austin Walters, Jeremy Edward Goodsitt, Vincent Pham
  • Patent number: 10841660
    Abstract: Described herein is a methods and systems for providing a digital interactive experience. Interactive experiences include, but not limited to, synchronized video playback, video and text chat between two or more participants, and interactive live event participation combining synchronized video, text and video chatting. The system comprises persistent and non-persistent components to which a plurality of participants in the interactive experience may connect.
    Type: Grant
    Filed: December 28, 2017
    Date of Patent: November 17, 2020
    Assignee: DRESSBOT INC.
    Inventors: Sami Siddique, Brad Stimpson
  • Patent number: 10839066
    Abstract: A device may obtain an animation, wherein the animation comprises a set of frames to emulate a moving image. The device may obtain a label to associate with the animation. The device may generate a human authentication challenge, wherein the human authentication challenge includes a display using the animation, and directions for a user to complete a task by interpreting the animation. The device may generate instructions to cause a user device to display the human authentication challenge. The device may send, to the user device, the instructions to cause the user device to display the human authentication challenge. The device may receive an input to the human authentication challenge regarding the animation. The device may analyze the input using the label to determine whether to authenticate the user. The device may perform an action based on analyzing the input using the label to determine whether to authenticate the user.
    Type: Grant
    Filed: November 25, 2019
    Date of Patent: November 17, 2020
    Assignee: Capital One Services, LLC
    Inventors: Vincent Pham, Austin Walters, Jeremy Goodsitt, Fardin Abdi Tagh Abad, Reza Farivar, Mark Watson, Anh Truong
  • Patent number: 10841276
    Abstract: The invention relates to a method for carrying out a sensitive operation in the course of a communication between a processing unit and a first service server, said first server being accessible via a first domain name and/or first electronic address. The method comprises the step of using at least one second domain name different from the first and/or a second electronic address different from the first to carry out all or part of the sensitive operation. The invention also relates to a system corresponding to the method and comprising the server and/or the processing unit.
    Type: Grant
    Filed: December 1, 2017
    Date of Patent: November 17, 2020
    Assignee: THALES DIS FRANCE SA
    Inventor: Didier Hugot
  • Patent number: 10831897
    Abstract: A method and an information handling system (IHS) for authenticating unified extensible firmware interface (UEFI) images in an IHS. The method includes receiving, by a processor of the IHS, a request to authenticate an image. The method also includes determining a type of the image and retrieving, from an entry within a UEFI signature database, a certificate utilized to sign the image. The method further includes determining a verification entry of a verification database of the HIS that corresponds to the entry of the UEFI signature database and identifying, from the verification entry, a particular type of image which the certificate may be used to authenticate. The method further includes determining whether the type of the image is the particular type. In response to determining the type of the image is the particular type, the method includes authenticating the image using the certificate.
    Type: Grant
    Filed: July 14, 2017
    Date of Patent: November 10, 2020
    Assignee: Dell Products, L.P.
    Inventors: Mukund P. Khatri, William C. Munger
  • Patent number: 10834051
    Abstract: Disclosed are various embodiments for malware detection by way of proxy servers. In one embodiment, a proxied request for a network resource from a network site is received from a client device by a proxy server application. The proxied request is analyzed to determine whether the proxied request includes protected information transmitted in an unsecured manner. It is then determined whether the network resource comprises malware based at least in part on an execution of the network resource or whether the proxied request includes the protected information transmitted in the unsecured manner. The proxy server application refrains from sending data generated by the network resource to the client device in response to the proxied request when the network resource is determined to comprise the malware.
    Type: Grant
    Filed: December 22, 2016
    Date of Patent: November 10, 2020
    Assignee: AMAZON TECHNOLOGIES, INC.
    Inventors: Jon Arron McClintock, Jesper Mikael Johansson, Andrew Jay Roths
  • Patent number: 10831876
    Abstract: An identity authentication procedure of a user is initiated and a plurality of virtual reality articles is displayed. Selection operation information of the user is determined for the plurality of virtual reality articles. Whether the selection operation information matches predefined standard selection operation information is determined. In response to determining that the selection operation information matches the predefined standard selection operation information, whether the identity authentication procedure of the user succeeds is determined.
    Type: Grant
    Filed: April 25, 2019
    Date of Patent: November 10, 2020
    Assignee: ADVANCED NEW TECHNOLOGIES CO., LTD.
    Inventors: Jing Li, Liang Li
  • Patent number: 10824409
    Abstract: The present disclosure is directed towards systems and methods for managing application delivery in a network. A device intermediary to a client and one or more servers that provide a plurality of applications, receives a request from the client to access a first application of the plurality of applications. The device holds the request and retrieves, while holding the request, configuration information for an instance of the first application from a configuration repository. The device configures a virtual internet protocol (“VIP”) server using the configuration information for the instance of the first application. The device processes the request via the VIP server.
    Type: Grant
    Filed: September 5, 2018
    Date of Patent: November 3, 2020
    Assignee: Citrix Systems, Inc.
    Inventors: Mahesh Arumugam, Sergey Verzunov, Sandeep Kamath, Josephine Suganthi, Anil Shetty, Abhishek Chauhan
  • Patent number: 10819700
    Abstract: An apparatus in one embodiment comprises a client configured to perform client-side portions of one or more user authentication protocols carried out between the client and one or more authentication servers over a network. The client stores, for one or more instances of a given one of the user authentication protocols carried out for a particular user, an incorrect password history comprising identifiers of one or more passwords previously entered by the user and indicated as being incorrect passwords by at least one of the authentication servers, and determines, for an additional password entered by the user but not yet submitted by the client to the authentication servers, whether or not the additional password is part of the incorrect password history. Responsive to the additional password being part of the incorrect password history, the client generates an alert for presentation to the user to indicate that the additional password may be an incorrect password.
    Type: Grant
    Filed: February 12, 2018
    Date of Patent: October 27, 2020
    Assignee: EMC IP Holding Company LLC
    Inventor: Radia J. Perlman
  • Patent number: 10810387
    Abstract: Provided herein is an RFID reader system and method for determining an RFID tag distance. The RFID reader receives a first backscattered signal from an RFID tag in response to transmission of a first RF interrogation signal, and determines a first phase angle of the first backscattered signal. A radio transceiver device receives a second backscattered signal in response to transmission of a second RF interrogation signal, and determines a second phase angle of the second backscattered signal. A main control unit determines a plurality of first distances and a second distance between the RFID reader and the RFID tag based on the first phase angle and the second phase angle, and select one of the plurality of first distances with respect to the determined second distance as a final distance.
    Type: Grant
    Filed: July 30, 2018
    Date of Patent: October 20, 2020
    Assignee: HAND HELD PRODUCTS, INC.
    Inventors: Pavel Nikitin, Rene Martinez
  • Patent number: 10803874
    Abstract: An electronic device includes a communication interface that receives voice data and fingerprint data; and a processor that determines an access right to the electronic device based on at least one of a voice score obtained by comparing the received voice data with stored voice data and a fingerprint score obtained by comparing the received fingerprint data with stored fingerprint data.
    Type: Grant
    Filed: December 31, 2018
    Date of Patent: October 13, 2020
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventor: Chisang Jung
  • Patent number: 10798007
    Abstract: A method, apparatus, computer-readable medium, and/or system may comprise a user device configured to transmit, to a computing device, data indicative of a first routing network and data indicative of a second routing network. The computing device may comprise a processor and memory storing computer-executable instructions that, when executed by the processor, cause the computing device to receive, from the user device, the data indicative of the first routing network and the data indicative of the second routing network. The computing device may determine, based on the data indicative of the first routing network, a plurality of parameters for the first routing network. The computing device may determine, based on the data indicative of the second routing network, a plurality of parameters for the second routing network. The computing device may generate a secure session connection between the computing device and a server associated with the second routing network.
    Type: Grant
    Filed: September 18, 2019
    Date of Patent: October 6, 2020
    Assignee: Bank of America Corporation
    Inventors: Steven M. Twombly, Matthew Murphy, Mark Williams, Bradley Holland, Mark A. Nelson
  • Patent number: 10798017
    Abstract: Techniques are disclosed for reclaiming resources within a distributed computing system. A reclamation application searches the distributed computing architecture for unused resources, classifies the unused resources, and determines an expiration period based on the classification. The reclamation application determines a candidate owner of the resource based on one or more characteristics of the resource. The reclamation application then notifies the candidate owner that the resource is to be reclaimed unless claimed by the candidate owner within the expiration period. If the candidate owner claims the resource within the expiration period, then the reclamation application terminates the reclamation of the resource. If the candidate owner does not claim the resource within the expiration period, then the reclamation application reclaims the resource after the duration of the expiration period.
    Type: Grant
    Filed: February 20, 2017
    Date of Patent: October 6, 2020
    Assignee: NETFLIX, INC.
    Inventors: Ariel Tseitlin, Praveen Sadhu
  • Patent number: 10798570
    Abstract: Embodiments provide a terminal authentication method and device. The method includes that: a Service Provider (SP) device receives a first authentication request sent by a first terminal, the first authentication request including a first identity credential of a user; the SP device determines an Identifier (ID) of the user and a priority of the first identity credential according to the first authentication request; the SP device sends context data of the user to the first terminal through a cloud service; and the SP device enables a first service for the first terminal according to the priority of the first identity credential. In the embodiments, the SP device loads the context data of the user for the terminal according to the identity credential, sent by the terminal, of the user, and provides the corresponding service.
    Type: Grant
    Filed: September 25, 2015
    Date of Patent: October 6, 2020
    Assignee: GUNAGDONG OPPO MOBILE TELECOMMUNICATIONS CORP. LTD.
    Inventors: Bin Feng, Hai Tang
  • Patent number: 10798565
    Abstract: A method implemented by a control server for configuring a security module connected to a telecommunication terminal. In particular, the control server allocates a unique activation code corresponding to a subscription including a plurality of N profiles to allocate to a fleet of N respective terminals. Thus the control server: a) after activation of the code with a first terminal, allocates a profile to the first terminal and records the profile allocation to the first terminal, and b) for a new profile allocation request corresponding to the activation code, repeats step a) if the N profiles have not already been allocated.
    Type: Grant
    Filed: September 26, 2017
    Date of Patent: October 6, 2020
    Assignee: ORANGE
    Inventor: Eric Schouler
  • Patent number: 10791127
    Abstract: A packet transmission method and an apparatus pertain to the field of network technologies. The method includes obtaining, by a terminal device, a source IP (Internet Protocol) address in a to-be-transmitted packet and N IP addresses of the terminal device, where N is an integer, and when the source IP address in the to-be-transmitted packet is different from any one of the N IP addresses of the terminal device, determining that the source IP address in the to-be-transmitted packet is forged, and prohibiting transmitting the to-be-transmitted packet. The application can solve the problem that a virus such as Trojan in the terminal device may be prevented from forging a source IP address of another device to randomly transfer an attack packet in the network to improve network security.
    Type: Grant
    Filed: May 3, 2017
    Date of Patent: September 29, 2020
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Junyang Rao, Qing Gao, Jincheng Xie