Access Control Or Authentication Patents (Class 726/2)
  • Patent number: 11329979
    Abstract: Systems and methods are provided for secure access to data actions. In one embodiment, secondary device data is associated with a user profile, such that the secondary device data may be subsequently used to authenticate a user associated with the user profile.
    Type: Grant
    Filed: March 26, 2020
    Date of Patent: May 10, 2022
    Assignee: United Services Automobile Association (USAA)
    Inventors: Bharat Prasad, Charles Lee Oakes, III, Gunjan C. Vijayvergia, Vijay Jayapalan, Thomas Bret Buckingham
  • Patent number: 11330016
    Abstract: A computing device is described that is coupled to a set of web application layer attack detectors (ADs), which are coupled between clients and web application servers. The ADs apply security rules to traffic between clients and servers and send alert packages to the computing device in response to triggering one or more security rules, which identify web application layer attacks. The computing device automatically generates attribute identifier-value pairs based on alert packages and uses the attribute identifier-value pairs along with collection rule templates to generate collection rules, which are used to inspect traffic for additional analysis. The ADs apply the collection rules to traffic and send collection packages to the computing device in response to triggering one or more collection rules.
    Type: Grant
    Filed: December 28, 2018
    Date of Patent: May 10, 2022
    Assignee: Imperva, Inc.
    Inventors: Nadav Avital Arbel, Luda Lazar, Gilad Yehudai
  • Patent number: 11329895
    Abstract: A global cloud network quality measurement method may include generating an Internet protocol (IP) list of open web servers having at least one externally open port for each country; collecting packet data through communication with each of the open web servers based on the IP list; and analyzing a network quality with respect to at least one of a region, an Internet service provider (ISP), and an autonomous system number (ASN) based on the collected packet data.
    Type: Grant
    Filed: September 28, 2020
    Date of Patent: May 10, 2022
    Assignee: NAVER CLOUD CORPORATION
    Inventor: Ho Jin Lee
  • Patent number: 11321437
    Abstract: In accordance with a first aspect of the present disclosure, a method is conceived for enabling a biometric template in an authentication token, the method comprising: capturing, by a biometric sensor comprised in the authentication token, at least one biometric sample; creating, by a processing unit comprised in the authentication token, a biometric template from the at least one biometric sample and storing said biometric template in the authentication token; verifying, at a terminal device, said biometric template; verifying, by the terminal device, an identity of a user; enabling, by the terminal device, said biometric template if the biometric template and the identity of the user have been verified. In addition, a corresponding computer program, authentication token and terminal device are provided.
    Type: Grant
    Filed: February 14, 2020
    Date of Patent: May 3, 2022
    Assignee: NXP B.V.
    Inventors: Thomas Suwald, Jakob Friedrich Hille
  • Patent number: 11318912
    Abstract: A monitoring system in which a mounting device of a moving body and a monitoring center device are connected via a communication network, wherein the mounting device includes a photographing unit configured to photograph a passenger, and a feature transmission unit configured to transmit feature data of the passenger, and the monitoring center device includes a monitoring processing unit which determines whether the feature data is recorded in a database and performs monitoring processing on the basis of a result of the determination.
    Type: Grant
    Filed: August 28, 2020
    Date of Patent: May 3, 2022
    Assignee: NEC CORPORATION
    Inventor: Akiyoshi Ichimura
  • Patent number: 11317267
    Abstract: A power tool system includes a power tool configured to receive an input power via a cable from a power source. The power tool system also includes a communications system disposed within the power tool. The communications system includes communications circuitry configured to receive operating information related to the power tool. The power tool system includes a retrofit tag removably coupled to an external surface of a housing of the power tool. The retrofit tag is configured to wirelessly couple with the communications system to receive at least a portion of the operating information with a first wireless communication mode. The retrofit tag is configured to transmit at least a portion of the operating information with a second wireless communication mode. The first wireless communication mode is different than the second wireless communication mode.
    Type: Grant
    Filed: June 17, 2019
    Date of Patent: April 26, 2022
    Assignee: HILTI AKTIENGESELLSCHAFT
    Inventor: Marc Vetter
  • Patent number: 11310206
    Abstract: Systems, methods, and computer program products providing network security leveraging analytics and physical separation between computer systems and a network to prevent threats from infecting network devices. A specialized pluggable dongle like security device is inserted between ports of computer system(s) connecting to the network and port(s) of network hardware facilitating connections between the computer system and computer network. The security device uses a combination of onboard analytics and cloud-based analytic services to detect incoming threats from network traffic and whether to allow network traffic to pass through the security device and/or prevent network traffic from entering the computer system.
    Type: Grant
    Filed: August 6, 2019
    Date of Patent: April 19, 2022
    Assignee: Kyndryl, Inc.
    Inventors: Joseph Reyes, Bernhard Julius Klingenberg, Hamza Yaswi
  • Patent number: 11310062
    Abstract: The present disclosure relates to implementations of computing systems. Specifically, the disclosure describes implementations of physically unclonable functions (PUFs) that use ternary states for implementing security systems.
    Type: Grant
    Filed: March 30, 2018
    Date of Patent: April 19, 2022
    Assignee: ARIZONA BOARD OF REGENTS ON BEHALF OF NORTHERN ARIZONA UNIVERSITY
    Inventors: Bertrand Francis Cambou, Raul Chipana, Bilal Habib
  • Patent number: 11308502
    Abstract: A method for detecting web tracking services during browsing activity performed by clients having associated client identifiers includes the steps of extracting key-value pairs contained into navigation data, looking for one-to-one correspondence between said client identifiers and the values contained in said keys and selecting the keys for which at least a client-value one-to-one correspondence for at least a predetermined number of clients is observed, the keys identifying the associated services as services performing tracking activities.
    Type: Grant
    Filed: December 1, 2016
    Date of Patent: April 19, 2022
    Assignee: Politecnico Di Torino
    Inventors: Hassan Esam Hassan Metwalley, Stefano Traverso, Marco Mellia
  • Patent number: 11303708
    Abstract: A display control unit causes a projector display unit to display host-specifying information based on a first host address of a first IP address allocated to a projector. A communication establishment unit specifies, when the host-specifying information is inputted via an input unit, a third IP address based on the inputted host-specifying information and a second network address of a second IP address allocated to a communication terminal. The communication establishment unit executes communication establishment processing to establish communication between the projector and the communication terminal, using the third IP address.
    Type: Grant
    Filed: August 7, 2019
    Date of Patent: April 12, 2022
    Assignee: Seiko Epson Corporation
    Inventor: Kazuki Nagai
  • Patent number: 11295379
    Abstract: A virtual storage system and a method of storing and sharing electronic documents within a virtual storage system that includes at least one processor that processes a plurality of electronic documents, receives from the user computing device, a request for sharing an electronic document of the plurality of electronic documents, and input information including one or more of the following: access information that includes authentication information for secured access by the recipient and expiration information corresponding to the recipient's access to the electronic document; or download information that includes a number of times the electronic document is to be downloaded by the recipient and expiration information corresponding to the recipient's downloading the electronic document, and creates at least one share link corresponding to the electronic document based on the input information, for sharing the electronic document with a recipient.
    Type: Grant
    Filed: July 6, 2020
    Date of Patent: April 5, 2022
    Assignee: VIRTUAL STRONGBOX, INC.
    Inventors: Ronald M Daly, Jr., Leonard Giambalvo, Robert Jacob Smilie
  • Patent number: 11294860
    Abstract: A method and system including receiving a main input stream for a compressed file at an application server, wherein the main input stream includes two or more file streams; extracting a file-type extension from each file stream input stream; determining the file-type extension is supported; determining, for each file stream with the supported file-type extension, a signature for the file stream with the supported file-type extension is valid; determining, for each valid file stream, a size of the file is less than a threshold level; and storing the valid file stream on a storage device when the size of the file is less than the threshold level. Numerous other aspects are provided.
    Type: Grant
    Filed: June 7, 2018
    Date of Patent: April 5, 2022
    Assignee: SAP SE
    Inventor: Deepak Mp
  • Patent number: 11288530
    Abstract: Systems and methods for identity authentication based on liveness-verified biometric data that cannot be stolen/spoofed. In various embodiments, the disclosed systems and methods facilitate access to SaaS platforms, transactions, and/or physical assets via identity authentication based on comparison of liveness-verified biometric data (e.g., data that has been verified as derived from the correct actual live individual to avoid bad actors spoofing the data to gain access—in one embodiment, as one factor in a two factor authentication schema) to pre-verified identity data. Liveness-verified biometric data may, in various embodiments, be derived from facial features, fingerprints, voice recognition, DNA, etc. Generally, if the liveness and identity of the requesting individual cannot be verified, then the individual will not be permitted access.
    Type: Grant
    Filed: May 3, 2019
    Date of Patent: March 29, 2022
    Assignee: T Stamp Inc.
    Inventor: Gareth Genner
  • Patent number: 11289086
    Abstract: A system and method for selecting a target device out of a larger group of candidate devices for rendering a response from a virtual assistant to an end-user is disclosed. The system determines that a same trigger phrase included in an utterance has been received by multiple devices that are in proximity to one another at around the same time. These candidate devices can collect attention data, such as user gaze toward a device, to select the device that was most likely the intended recipient of the utterance. The system is configured to control the virtual assistant to render a response solely via the selected device.
    Type: Grant
    Filed: December 20, 2019
    Date of Patent: March 29, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Nicholas David Burton, Arash Ghanaie-Sichanie, Qi Liu, Senthil Kumar Velayutham, Jian Wu
  • Patent number: 11290491
    Abstract: A method for utilizing a security service engine (SSE) to assess security vulnerabilities on a security gateway element (SGE) includes establishing a security configuration for a SGE corresponding to a provisioned security service policy definition and configuring a plurality of SGE security service managers hosted by a SSE on the SGE based on policies included in the security service policy definition. The method further includes executing, by the SSE, each of the plurality of SGE security service managers as a software based service in real time to enforce the policies of the security service policy definition on the SGE and remediating the security configuration of the SGE if one or more of the plurality of SGE security service managers detects a security vulnerability corresponding to the operation of the SGE.
    Type: Grant
    Filed: March 14, 2019
    Date of Patent: March 29, 2022
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventors: Cheng Liu, Ge Guo
  • Patent number: 11283817
    Abstract: A method includes determining, based on login information corresponding to a plurality of login attempts, that a set of password spray criteria have been satisfied. The method also includes generating respective scoring patterns corresponding to one or more password lengths and based on the respective scoring patterns, generating a common digital signature for a set of common passwords. The method further includes generating a spray digital signature for a set of potential spray passwords based on the respective scoring patterns. Additionally, the method includes comparing the spray digital signature with the common digital signatures to determine a number of matching components between the spray digital signatures and the common digital signature. Based on the number of matching components, the method includes determining whether a password spray has been attempted.
    Type: Grant
    Filed: December 31, 2019
    Date of Patent: March 22, 2022
    Assignee: PAYPAL, INC.
    Inventor: George Chen Kaidi
  • Patent number: 11277402
    Abstract: An approach is provided that receives a login request from a selected user. The approach first authenticates the selected user using a unique user identifier and a password associated with the selected user. In response to a successful first authentication, the approach performs a second authentication of the selected user using a second factor authentication code that was included in the login request. The second authentication includes retrieval of an expected second factor authentication code using an index into a block of codes with the index and the block of codes both being associated with the selected user. The login request is allowed and the index is changed in response to the second factor authentication code matching the expected second factor authentication code. The login request is denied in response to the second factor authentication code failing to match the expected second factor authentication code.
    Type: Grant
    Filed: January 9, 2020
    Date of Patent: March 15, 2022
    Assignee: Levono (Singapore) Pte. Ltd.
    Inventors: Robert J. Kapinos, Robert Norton, Russell Speight VanBlon, Scott W. Li
  • Patent number: 11275841
    Abstract: A method and system of protecting an artificial intelligence (AI) application are provided. Parameters of the AI application are identified. An assessment of a vulnerability of the AI application is performed, including: applying a combination of protection measures comprising two or more protection measures against at least two different attacks and at least one dataset, and determining whether the combination of protection measures is successful in defending the AI application. A target configuration of an AI model to protect the AI application is determined based on the assessed vulnerability of the AI application. An AI enhanced algorithm is determined to adjust the AI model to include a combination of most computationally efficient defenses based on the target configuration. The adjusted AI model is used to protect the AI application.
    Type: Grant
    Filed: September 9, 2019
    Date of Patent: March 15, 2022
    Assignee: ADVERSA AI LTD
    Inventor: Aleksandr Poliakov
  • Patent number: 11269082
    Abstract: Sensor-assisted location technology is disclosed. Primary location technologies, such as GPS, can be used to determine the current location (e.g., a location fix) of a location-enabled device. In some instances, the primary location technology may be unreliable and/or consume more power than an alternative location technology. Sensors, such as accelerometers, compasses, gyrometers, and the like, can be used to supplement and/or increase the accuracy of location data. For example, a location-enabled device can identify an area with unreliable GPS location data and use sensors to calculate a more accurate location. Areas identified may be crowd-sourced. Sensors can be used to identify errors in the location data provided by primary location technology. Sensors can be used to modify a sampling interval of the primary location technology. Sensor can be used to smooth motion on a user interface between sampling intervals of the primary location technology.
    Type: Grant
    Filed: April 22, 2020
    Date of Patent: March 8, 2022
    Assignee: Apple Inc.
    Inventor: Devrim Varoglu
  • Patent number: 11269681
    Abstract: A system and method for performing a task on a computing device based on access rights are described. In one aspect, an exemplary method comprises, gathering data characterizing a task by intercepting function calls used to perform the task, and sending a request to an operating system of the computing device to temporarily interrupt the called functions until access rights are determined, determining a threat level of the task based on the gathered data and task templates, generating a test based on the threat level and test generating rules and presenting the test to the user, analyzing results of the test and determining access rights of the task based on the results, and performing the task based on the access rights.
    Type: Grant
    Filed: July 1, 2019
    Date of Patent: March 8, 2022
    Assignee: AO KASPERSKY LAB
    Inventors: Ivan I. Tatarinov, Nikita A. Pavlov
  • Patent number: 11271757
    Abstract: A monitoring device is configured to monitor a monitoring target device. The monitoring device includes a circuit information distribution program configured to distribute circuit information for programming a physically unclonable function (PUF) circuit to the monitoring target device; a transmission processing program configured to transmit a challenge value to the monitoring target device to which circuit information is distributed; a reception processing program configured to receive a response value corresponding to the challenge value of the PUF circuit programmed in the monitoring target device; and an authentication processing program configured to authenticate the monitoring target device based on input and output correspondence information of the PUF circuit programmed in the monitoring target device and the response value which has been received.
    Type: Grant
    Filed: December 21, 2018
    Date of Patent: March 8, 2022
    Assignee: MITSUBISHI HEAVY INDUSTRIES, LTD.
    Inventor: Fumikado Anzai
  • Patent number: 11262957
    Abstract: A cloud-based server and a port monitor on a device provide authentication of a user to access print jobs on the server. An application may print or perform other operations from the cloud-based server to a printing device. The port monitor uploads data for a document to the cloud-based server. Once the data for the document is uploaded, a claim code is generated by the cloud-based server. The port monitor receives the claim code. The port monitor initiates the launch of a browser having a uniform resource locator (URL) address for the server along with the claim code. The user is authenticated using a login page and the claim code associated to the user to allow access to the document on the server.
    Type: Grant
    Filed: December 23, 2020
    Date of Patent: March 1, 2022
    Assignee: KYOCERA DOCUMENT SOLUTIONS INC.
    Inventors: Arthur Alacar, Michael Martin
  • Patent number: 11263636
    Abstract: A method for providing a gift includes receiving a gift token creation request representative of a selection of a gift recipient and gift limitations from a first computing device. The method includes generating a tokenized PAN associated with a gift account and transmitting the tokenized PAN and gift limitations to a second computing device. The method includes detecting a transaction authorization request that is representative of an attempted transaction at a merchant POS device based on monitoring of transaction authorization data originating from a plurality of merchant POS devices. The transaction authorization request represents an attempted tokenized PAN, an attempted transaction amount and a merchant code. The method includes determining that the attempted tokenized PAN matches the tokenized PAN associated with the gift account.
    Type: Grant
    Filed: November 16, 2020
    Date of Patent: March 1, 2022
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Taurean Butler, Christine Berglund, Adam Vukich, Jessica Greenberg, Colin Hart, Mykhaylo Bulgakov, Jason Ji, Kaylyn Gibilterra
  • Patent number: 11258860
    Abstract: A computing system includes a server. The server is communicatively coupled to a data repository and is configured to store a data in the data repository. The server is further configured to create a server instance, wherein the server instance is associated with a user. The server is additionally configured to create a session based on an external entity requesting a resource from the server instance, and to execute a bot detection logic to determine if the external entity is a bot. If the external entity is a bot then the server is configured to perform a bot-based action, wherein the server is configured to provide for multi-instance support to a plurality of users.
    Type: Grant
    Filed: December 24, 2019
    Date of Patent: February 22, 2022
    Assignee: ServiceNow, Inc.
    Inventors: Jaheen Afsar Syed, Prabhat Mishra, Ramola Raj Teketi
  • Patent number: 11256794
    Abstract: Systems and methods for authenticating a user using an interactive voice response application. The method includes receiving data representing a spoken voice utterance corresponding to a user of an interactive voice response application. The method further includes processing the data representing the spoken voice utterance based on a length and a quality of the spoken voice utterance. The method also includes comparing the processed data representing the spoken voice utterance and a voiceprint associated with the user. The method further includes generating a security token in response to determining that the processed data representing the spoken voice utterance substantially matches the voiceprint associated with the user. The method also includes receiving the security token from the interactive voice application and validating the security token corresponding to the user in response to determining that the security token matches a security token generated by a server computing device.
    Type: Grant
    Filed: January 31, 2020
    Date of Patent: February 22, 2022
    Assignee: FMR LLC
    Inventors: Harmeet Singh, Robert Gage, David Marteney, Kevin Johnson
  • Patent number: 11258873
    Abstract: An architecture to allow the spatial separation of information sources, information processing, and information consumption using objects and tags, including in mobile/multi-access edge computing (MEC) communication environments, is disclosed. In an example, a request for information provided to a network entity (such as a MEC entity) results in the receipt of an object and a tag, as a device operates in an operational area of an information service. The object provides data for the information service, and the tag provides the metadata related to a context of the information service and the object from another entity, for another entity located within the operational area of the location service. The use of this object, including in the form of an application, data, or user object type, allows a transfer and use of data and context for the information service that is independent from the access network.
    Type: Grant
    Filed: November 9, 2018
    Date of Patent: February 22, 2022
    Assignee: Intel Corporation
    Inventors: Markus Dominik Mueck, Dario Sabella, Miltiadis Filippou, Michael Faerber
  • Patent number: 11250150
    Abstract: The present invention provides a file synchronization and centralization system and a file synchronization and centralization method, which forcibly transmit, to a central server, data corresponding to a synchronization condition, among data being operated or data having been operated, and deletes the transmitted data from a PC, thereby making it impossible to transfer the data (including files and documents) to the outside or completely blocking a route through which the data can be attacked by ransom ware. The file synchronization and centralization system includes a central server and a PC.
    Type: Grant
    Filed: November 28, 2017
    Date of Patent: February 15, 2022
    Assignee: MWSTORY CO., LTD.
    Inventors: Dae Gull Ryu, Sang Won Woo
  • Patent number: 11250155
    Abstract: A method for managing personal data stored in a distributed system, in which the personal data are transmitted from a terminal device to at least one network node; and in which there is furnished to the user, by the distributed system, a user interface by way of which the personal data are to be managed in respective network nodes of the distributed system which manage the personal data; and in which management instructions furnished via the user interface, for managing the personal data within the distributed system, are transmitted via a predefined interface that is configured at least on the respective network nodes of the distributed system which manage the personal data.
    Type: Grant
    Filed: August 29, 2017
    Date of Patent: February 15, 2022
    Assignee: Robert Bosch GmbH
    Inventors: Jan Zibuschka, Ralph Retter, Stefan Schmid
  • Patent number: 11245688
    Abstract: The present disclosure relates to a device authentication method as a procedure designed for authenticity of an apparatus. A connecting apparatus to be authenticated and an authentication box are connected to a trusted network through which authentication information is received by the connecting apparatus. The connecting apparatus is electrically connected to a non-trusted network through which the connecting apparatus and an intermediary server are electrically connected with each other; a virtual hub network is created by the intermediary server and electrically connected to both the authentication box and the connecting apparatus such that the connecting apparatus is authenticated by authentication box based on the authentication information.
    Type: Grant
    Filed: May 8, 2019
    Date of Patent: February 8, 2022
    Assignee: WALTON ADVANCED ENGINEERING INC.
    Inventors: Hong Chi Yu, Mao Ting Chang
  • Patent number: 11244330
    Abstract: Embodiments of the present disclosure relate to customizing an electronic survey using social networking information. One or more embodiments of a survey system receive social networking information associated with a respondent from a third-party social networking system in connection with a request to provide a survey to a client device of the respondent. One or more embodiments of the survey system use the social networking information to determine a plurality of survey questions for the electronic survey. Additionally, one or more embodiments of the survey generate a customized electronic survey to include the plurality of survey questions and then provide the customized survey to the respondent's client device.
    Type: Grant
    Filed: April 17, 2018
    Date of Patent: February 8, 2022
    Assignee: Qualtrics, LLC
    Inventor: Milind Kopikare
  • Patent number: 11240346
    Abstract: A method and apparatus include a terminal device receiving a first message from a server that hosts a service available to the terminal device. The first message includes information about at least one attribute relating to a changeability of that at least one attribute having been changed. The terminal device sends a second message to the server in response to the first message that includes information identifying the information about the at least one attribute of the first message. The terminal device receives a third message from the server that includes information indicating a changeability setting for each of the at least one attribute identified in the first message. The terminal device updates how a user interface for the service is to be displayed so the user interface is displayed with attributes relating to the service being indicated as changeable or unchangeable in accordance with the third message.
    Type: Grant
    Filed: October 29, 2018
    Date of Patent: February 1, 2022
    Assignee: Unify GmbH & Co. KG
    Inventors: Yu Bao, James Smith
  • Patent number: 11238148
    Abstract: Location-based, context-aware challenge-response authentication may be provided. First, a challenge may be provided to a user. The challenge may be based on a context corresponding to the user. The context corresponding to the user may comprise a location of a device associated with the user within an environment. Next, in response to providing the challenge, a response to the challenge may be received from the user. Then, in response to receiving the response to the challenge, it may be determined that the response is a correct answer to the challenge. In response to determining the response is the correct answer, a privilege may be provided to the user.
    Type: Grant
    Filed: February 12, 2019
    Date of Patent: February 1, 2022
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Abhishek Bhattacharyya, Abhishek Mukherji, Vinay S. Raghuram, Santosh Ramrao Patil
  • Patent number: 11228485
    Abstract: The present technology provides a system and method for automating on-boarding and management of IoT devices on data network. The disclosed technology further provides an interactive representation of various performance attribute with automatically generated actionable alert based on operator defined rules and performance-specific threshold values. Furthermore, disclosed technology provides for single-click activation of suggested actions at scale directed at once to all device units within one or more device groups reported in critical state. In this way the proposed technology enables rapid restoration of a network state. Offending device(s) may then be easily identified, from device units within the device category isolated in a resolution space, and managed according to one or more device-specific actionable alerts automatically generated on the offending device.
    Type: Grant
    Filed: March 14, 2019
    Date of Patent: January 18, 2022
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Mark Stephan Shurtleff, Jerome Henry, Bart Brinckman
  • Patent number: 11228605
    Abstract: A device and method for handling an anomaly in a communication network of a motor vehicle includes at least one detector analyzing a data stream in the communication network, recognizing at least one anomaly using a rule-based anomaly recognition method if at least one parameter for a data packet of the data stream deviates from a target value, and sending information about the at least one recognized anomaly via the communication network.
    Type: Grant
    Filed: May 29, 2019
    Date of Patent: January 18, 2022
    Assignee: Robert Bosch GmbH
    Inventors: Michael Herrmann, Janin Wolfinger, Paulius Duplys
  • Patent number: 11227054
    Abstract: A method for controlling access to preliminarily identified computer resources is disclosed. The access is controlled so as to prevent the circumventing, by malicious applications, of barriers set up to prevent them from communicating when they are executed on one or more processors of an electronic device The method is implemented by an electronic device having access to the resources to be controlled. The method includes: receiving a request, coming from a program, for access to a current resource; obtaining at least one access parameter for access to the current resource within a resource-characterizing data structure; and modulating access to the current resource as a function of the at least one access parameter.
    Type: Grant
    Filed: February 21, 2017
    Date of Patent: January 18, 2022
    Assignee: BANKS AND ACQUIRERS INTERNATIONAL HOLDING
    Inventors: Remi Geraud, David Naccache
  • Patent number: 11228587
    Abstract: Disclosed is a method of authorizing a user for accessing a server and/or for receiving of an on-line service and the steps of: capturing biometric data of the user using the sensor on a ME; forming from the biometric data a biometric template on the IDS and storing the biometric template on the MED; and via the IDS allowing access to a server by the user providing to the IDS, via the MED, matching biometric data and a biometric template. On the MED, a local check can be made for a match between biometric data of the user that are captured using the sensor on the MED and biometric data read out of the memory.
    Type: Grant
    Filed: February 16, 2017
    Date of Patent: January 18, 2022
    Assignee: MORPHO B.V.
    Inventors: Joost Van Prooijen, Claire Durand, Rodolphe Hugel, Jouri De Vos
  • Patent number: 11228434
    Abstract: Techniques are disclosed for securing data-at-rest at an internet-of-things (IoT) site with an unreliable or intermittent connectivity to the key manager operating at a corporate data center. The IoT site deploys one or more IoT devices/endpoints that generate IoT data according to the requirements of the site. The IoT data generated by these devices is collected/aggregated by one or more gateway devices. The gateways encrypt their data-at-rest gathered from the IoT devices using cryptographic keys. In the absence of a reliable connection to a backend corporate key manager, the design employs LAN key managers deployed locally at the IoT site. The gateways obtain keys from the LAN key managers to encrypt the IoT data before storing it in their local storage. The LAN key managers may periodically download keys from the corporate key manager or generate their own keys and then later synchronize with the corporate key manager.
    Type: Grant
    Filed: March 20, 2019
    Date of Patent: January 18, 2022
    Assignee: ZETTASET, INC.
    Inventors: Maksim Yankovskiy, Eric A. Murray
  • Patent number: 11223601
    Abstract: Methods and systems are disclosed for isolation of collaboration software on a host computer system. A networked computer system may include a network, a first host computer system, a border firewall and/or a web proxy. The host computer system may be configured to run a collaboration software application or process that enables interaction with one or more other host computer systems. The collaboration software application or process may be run within an untrusted memory space. The collaboration software application or process may enable interaction between a second host computer system and the untrusted memory space such that the second host computer system may access meeting data within a sandboxed computing environment operating within the untrusted memory space.
    Type: Grant
    Filed: September 25, 2018
    Date of Patent: January 11, 2022
    Assignee: L3 Technologies, Inc.
    Inventors: Glenn Coleman, Peter Martz, Kenneth Moritz
  • Patent number: 11212279
    Abstract: In one embodiment, a method comprises determining, by a link layer switch within a distributed link layer switched data network, a trust metric for a media access control (MAC) address used by a network device on a link layer connection provided by the link layer switch; receiving, by the link layer switch, a query originated by a second link layer switch in the distributed link layer switched data network, the query specifying the MAC address and a corresponding specified trust metric; and responding to the query, by the link layer switch, based on determining whether the specified trust metric indicates a higher trust level than the corresponding trust metric for the MAC address used by the network device on the link layer connection.
    Type: Grant
    Filed: February 4, 2019
    Date of Patent: December 28, 2021
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Eric Michel Levy-Abegnoli, Pascal Thubert, Patrick Wetterwald, Jean-Philippe Vasseur
  • Patent number: 11212256
    Abstract: A flexible hybrid firewall architecture is disclosed. A system implementing such an architecture includes an access control register, a memory having at least a region to which access is controllable by the access control register, the access control register including first field that contains a privilege identifier (ID) and a plurality of additional fields, each additional field containing control bits corresponding to a respective one of a plurality of permission levels, and control circuitry that, in response to receiving a transaction containing a transaction privilege ID, a security indicator, and a privilege indicator, controls access to the region when the transaction privilege ID matches the privilege ID contained in the first field by using the control bits of a field of the additional fields that corresponds to a security level indicated by the security indicator and a privilege level indicated by the privilege indicator of the transaction.
    Type: Grant
    Filed: February 10, 2020
    Date of Patent: December 28, 2021
    Assignee: TEXAS INSTRUMENTS INCORPORATED
    Inventors: Amritpal Singh Mundra, Brian J. Karguth, Timothy Anderson, Kai Chirca, Charles Fuoco
  • Patent number: 11206503
    Abstract: Technologies are described herein for enabling the automated testing of remote control units by providing a suitable test station. The test station includes features that allow it to interact with the remote control units inputs, such as buttons and microphone, and outputs, such as IR and RF remote control codes, status LEDs, and audio output. The test station may be controlled by a controller that executes test scripts or other routines that exercise the functionality of the remote control unit as desired.
    Type: Grant
    Filed: September 19, 2019
    Date of Patent: December 21, 2021
    Assignee: Contec, LLC
    Inventors: Rajeev Tiwari, Rafael Alberto Villanueva
  • Patent number: 11206285
    Abstract: Systems and methods are provided to implement moving target defense techniques for transportation systems. The moving target defense techniques can randomly change the IP addresses of the nodes associated with both the vehicles and the corresponding control centers. The nodes for the vehicles and the control centers can be “mobile” nodes that use a “care-of” IP address for communications. The care-of address used by the nodes can be updated through a binding update process. During the binding update process, the one node sends the binding update notice (with a new care-of address) to the care-of address of the other node while maintaining its prior care-of address. The node that receives the binding update notice can send a binding acknowledgement back to the node that sent the binding update. Once the binding acknowledgement is received, the prior care-of address can be removed by the node that sent the binding update.
    Type: Grant
    Filed: January 2, 2020
    Date of Patent: December 21, 2021
    Assignee: Board of Trustees of the University of Alabama, ...
    Inventor: Vahid Heydari
  • Patent number: 11200189
    Abstract: A technique includes holding a bus interface of a removable device that is inserted into a connector of a computer system in a state to prevent the device from communicating with a communication link. The communication link is coupled to the connector and is associated with operating system access to the device. The method includes a baseboard management controller communicating with the device using a channel other than the communication link while the bus interface of the device is held in the state; the baseboard management controller performing a security operation corresponding to the device based on the communication with the device using the channel; and the baseboard management controller releasing the bus interface of the device from the state to allow the device to communicate with the communication link in response to the baseboard management controller completing the security operation.
    Type: Grant
    Filed: November 21, 2019
    Date of Patent: December 14, 2021
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Paul A. Kaler, James T. Bodner
  • Patent number: 11200262
    Abstract: Systems and methods of manipulating and transforming data and sharing ideas include a map comprised of one or more diocards. Each diocard represents an individual idea and has the same group of functions including a distinctions function, a systems function, a relationships function, and a perspectives function. The distinctions function enables definition of the individual idea by attributes the individual idea is comprised of and by non-attributes the individual idea is not comprised of. The systems function enables definition of the individual idea as part of a whole or a whole that can be broken into parts. The relationships function enables definition of the individual idea as having a relationship with one or more different ideas and that this relationship may include action and reaction-like properties. The perspectives function enables definition of the individual idea as a point having a view with respect to one or more different ideas.
    Type: Grant
    Filed: October 11, 2018
    Date of Patent: December 14, 2021
    Assignee: Frameable Inc.
    Inventor: Derek Cabrera
  • Patent number: 11194918
    Abstract: The present disclosure provides techniques for data transmission. According to one technique, a request from a data sender for sending data to a data receiver is received, wherein the request comprises a content indicating a verification code. Then, a first solution to the verification code based on the request can be obtained. The verification code can be sent to the data receiver. A second solution to the verification code can be received from the data receiver, wherein the second solution is generated by the data receiver. Transmission of the data from the data sender to the data receiver can be enabled in response to the first solution consistent with the second solution.
    Type: Grant
    Filed: July 10, 2019
    Date of Patent: December 7, 2021
    Assignee: International Business Machines Corporation
    Inventors: Bo Yang, Anca Sailer, Messaoud Benantar, Ajay Mohindra
  • Patent number: 11196622
    Abstract: A method of initializing, provisioning, and managing a cable modem and a customer premise equipment device includes sending a customized configuration file to the cable modem. The configuration file contains service provisioning information and further includes information indicative of a network address type for the customer premise equipment device. A message is passed from the cable modem to the customer premise equipment device indicative of the network address type. The customer premise equipment device is provided with a network address in accordance with the network address type indicated in the message. In this way, the customer premise equipment device knows what kind of address to obtain, and excessive transactions are avoided.
    Type: Grant
    Filed: November 21, 2018
    Date of Patent: December 7, 2021
    Assignee: Comcast Cable Communications, LLC
    Inventors: Pak Siripunkaw, John Jason Brzozowski, Srinivas Avirneni, Emery J. Weber
  • Patent number: 11197331
    Abstract: A communication device (UE) conducting wired and/or wireless communications may issue service requests using zero-round-trip-time (zero-RTT) connectivity. The UE may obtain, prior to initiating an application, an address corresponding to a service and a security credential for use in accessing the service. The UE may receive, after initiating the application, an instruction to issue a service request, and generate the service request that may include a service identifier corresponding to the service, the address corresponding to the service, and the security credential for use in accessing the service. The UE may then transmit the service request to an edge server associated with the service. The edge server may route the service according to the service identifier. Multiple data centers/servers may advertise their services to the edge server associated with the service, facilitating fast routing of the service request by the edge server associated with the service.
    Type: Grant
    Filed: June 10, 2016
    Date of Patent: December 7, 2021
    Assignee: Apple Inc.
    Inventor: Christopher M. Bell
  • Patent number: 11184765
    Abstract: A method for authenticating a user includes connecting to a server from a user device, loading from the server to the user device data including executable data, detecting by the user device, while executing the executable data, whether an identifier relating to a short range communication device exists in a vicinity of the user device, sending from the user device to the server a user identifier accompanied with the detected short range communication device identifier, verifying by the server for the identified user whether a detected short range communication device identifier matches a predetermined part of a reference short range communication device identifier. Access is granted from the server only if the detected short range communication device identifier matches the predetermined part of the reference short range communication device identifier.
    Type: Grant
    Filed: July 21, 2017
    Date of Patent: November 23, 2021
    Assignee: THALES DIS FRANCE SA
    Inventors: Darmawan Suwirya, Asad Mahboob Ali
  • Patent number: 11184239
    Abstract: Methods, systems, devices, and tangible non-transitory computer readable media for checking computing device inactivity are provided. The disclosed technology can access, based on a device policy, organizational data associated with activity of a user's computing device. Based on the device policy and the organizational data, a valid inactivity time period including continuous organization approved time periods of valid inactivity beginning at a most recent time the computing device was active and ending a predetermined amount of time after the most recent time can be determined. Based on the device policy and the organizational data, a determination of whether inactivity criteria associated with inactivity of the computing device are satisfied is made. Satisfying the inactivity criteria can include the computing device being inactive after the valid inactivity time period. Furthermore, indications associated with the computing device's inactivity can be generated if the inactivity criteria are satisfied.
    Type: Grant
    Filed: April 30, 2021
    Date of Patent: November 23, 2021
    Assignee: PEOPLE CENTER, INC.
    Inventors: Siddhartha Gunda, Kyle Michael Boston, Daniel Robert Buscaglia, Dilanka Theshan Dharmasena
  • Patent number: 11182171
    Abstract: A preboot module of BIOS may be configured to create a partition mapping table for namespace identifiers of sub-partitions of a boot partition, determine a configuration policy for the information handling system, store the configuration policy in a partition of non-volatile memory, launch execution of an embedded operating system kernel, and communicate the partition mapping table to the embedded operating system kernel based on the configuration policy, such that the embedded operating system kernel is enabled to load the configuration policy from the non-volatile memory and load and execute one or more applications based on the partition mapping table and the configuration policy.
    Type: Grant
    Filed: October 6, 2020
    Date of Patent: November 23, 2021
    Assignee: Dell Products L.P.
    Inventors: Sumanth Vidyadhara, Lip Vui Kan, Neeraj Kumar Pant