Access Control Or Authentication Patents (Class 726/2)
  • Patent number: 10102365
    Abstract: An approach is described for authenticating a user. An associated method includes displaying a dynamic image on a display screen, detecting a user interaction with the displayed image, and detecting a duration of the detected user interaction. The method further includes comparing the detected user interaction and the detected duration with a stored user interaction and a stored duration. The method further includes authenticating the user upon determining that the detected user interaction matches the stored user interaction and the detected duration matches the stored duration. In an embodiment, the method further includes transmitting the detected user interaction and the detected duration to a remote device. In such embodiment, the method step of comparing the detected user interaction and the detected duration with the stored user interaction and the stored duration is performed by the remote device.
    Type: Grant
    Filed: January 23, 2015
    Date of Patent: October 16, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: David P. George, Benjamin J. Hardill, Stephen D. Pipes, Robert S. Smart
  • Patent number: 10097359
    Abstract: A system for automatic setting of system security comprises an input interface and a processor. The input interface is configured to receive an indication to set a secure mode. The processor is configured to: determine whether the indication to set the secure mode comprises an indication to set a certificate mode; in the event that the indication to set the secure mode comprises an indication to set a certificate mode: 1) detect one or more connected systems for which to set the certificate mode; 2) select one or more certificates for the certificate mode; 3) update initialization files for the certificate mode; and 4) reinitialize local and one or more connected systems.
    Type: Grant
    Filed: April 24, 2017
    Date of Patent: October 9, 2018
    Assignee: EMC Corporation
    Inventor: Raghavendra Anantha Rao
  • Patent number: 10096055
    Abstract: A server and method of providing an object for accessing a service of a service provider are provided. The server includes a context model providing unit configured to provide to the service provider at least one context model that is associated with the service, which is used by a device or a user, and a situation in which the device or the user uses the service; a purchase request receiving unit configured to receive a purchase request submitted by the service provider for a context model which is selected from among the at least one context model; and an object generation unit configured to generate the object for accessing the service of the service provider. The generated object is matched with the context model associated with the purchase request received from the service provider.
    Type: Grant
    Filed: February 6, 2014
    Date of Patent: October 9, 2018
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Jong-hyun Ryu, Nam-wook Kang, Jae-young Lee
  • Patent number: 10097558
    Abstract: Permissions can be delegated to enable access to resources associated with one or more different accounts, which might be associated with one or more different entities. Delegation profiles are established that are associated with at least one secured account of at least one customer. Each delegation profile includes information such as a name, a validation policy that specifies principals which may be external to the account and which are permitted to assume the delegation profile, and an authorization policy that indicates the permitted actions within the account for those principals which are acting within the delegation profile. Once a delegation profile is created, the profile can be available for external principals or services that provide a user credential delegated access under the account, where that credential is provided by a trusted identity service. Access can be provided across accounts using the user credential.
    Type: Grant
    Filed: August 15, 2016
    Date of Patent: October 9, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Gregory Branchek Roth, Daniel Stephen Popick, Bradley Jeffery Behm
  • Patent number: 10098000
    Abstract: An approach is provided that receives, from a radio frequency identification (RFID) tag included with a device, at least three different charge times. Each of the charge times corresponds to a different RFID reader that separately charges the RFID tag with each of the RFID readers being at a different geographic location. A distance between each of the RFID readers and the RFID tag is approximated based on the respective charge times and these approximate distances are used to identify a geographic position of the RFID tag using trilateration. The geographic position of the RFID tag is then used to determine whether to allow the device wireless access to a computer network.
    Type: Grant
    Filed: November 8, 2016
    Date of Patent: October 9, 2018
    Assignee: International Business Machines Corporation
    Inventors: Si Bin Fan, Yu Gu, Su Liu, Cheng Xu
  • Patent number: 10097369
    Abstract: Examples of a computing device for attaching to a host computing device are disclosed. In one example implementation according to aspects of the present disclosure, a computing device may include one or more processors, a memory, and a connection port to attach the computing device to a host computing device. Additionally, the computing device may include a driver installation module to cause a device driver to be installed on the host computing device to enable the computing device to send data to and receive data from the host computing device. The computing device may also include an operating system session module to initiate an operating system session on the computing device and to cause the operating system session to be accessible to a user of the host computing device via a web browser interface on the host computing device.
    Type: Grant
    Filed: June 28, 2013
    Date of Patent: October 9, 2018
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Fletcher Liverance, Thomas J Flynn
  • Patent number: 10083217
    Abstract: A computer-implemented method, computerized apparatus and computer program product, the method comprising: receiving a proposed reconfiguration command, the proposed reconfiguration command indicating a modification of a protocol version employed by a plurality of replica-set processes to an updated protocol version; tentatively agreeing on at least one proposed command following the proposed reconfiguration command, the at least one proposed command being in accordance with the updated protocol version, wherein said tentatively agreeing is decided prior to agreeing on the reconfiguration command; and, responsive to agreeing on the reconfiguration command, committing the tentatively agreed at least one proposed command.
    Type: Grant
    Filed: November 26, 2015
    Date of Patent: September 25, 2018
    Assignee: International Business Machines Corporation
    Inventors: Vita Bortnikov, Zvi Cahana, Shlomit Ifergan-Shachor, Ilya Shnayderman
  • Patent number: 10082974
    Abstract: Embodiments include providing content requested by a user via an access point capable of wireless communication. Aspects include receiving the content provided by the management server and storing the content provided by the management server into a volatile memory provided in the wireless communication apparatus. Aspects also include storing difference data into a nonvolatile memory if it is requested to change the content stored in the volatile memory and monitoring a state of communication connection with the access point and whether or not a packet giving an instruction to hold the content has been received. Aspects further include deleting the content stored in the volatile memory if communication with the access point is disconnected or if the packet is unreceived.
    Type: Grant
    Filed: October 28, 2015
    Date of Patent: September 25, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Yasunao Katayama, Daiju Nakano, Kohji Takano
  • Patent number: 10075461
    Abstract: A method for monitoring includes defining a plurality of different types of administrative activities in a computer system. Each administrative activity in the plurality includes an action performed by one of the computers in the system that can be invoked only by a user having an elevated level of privileges in the system. The administrative activities performed by at least a group of the computers in the system are tracked automatically. Upon detecting that a given computer in the system has performed an anomalous combination of at least two of the different types of administrative activities, an action is initiated to inhibit malicious exploitation of the given computer.
    Type: Grant
    Filed: May 31, 2015
    Date of Patent: September 11, 2018
    Assignee: PALO ALTO NETWORKS (ISRAEL ANALYTICS) LTD.
    Inventors: Michael Mumcuoglu, Giora Engel, Yaron Neuman, Eyal Firstenberg
  • Patent number: 10067701
    Abstract: An authentication circuit coupled to a plurality of memory bits includes a monitoring engine configured to provide a first data pattern to all the bits thereby causing each bit to be in a first data state, detect whether a transition from the first data state to a second data state occurs for each bit in response to a first reducing voltage applied to the plurality of bits, provide a second data pattern to all the bits thereby causing each bit to be in the second data state, and detect whether a transition from the second data state to the first data state occurs for each bit in response to a second reducing voltage applied to the plurality of bits, wherein the first data state is different from the second data state, and a PUF controller configured to generate a PUF signature based on the transitions of each bit.
    Type: Grant
    Filed: June 24, 2016
    Date of Patent: September 4, 2018
    Assignee: Taiwan Semiconductor Manufacturing Co., Ltd.
    Inventor: Shih-Lien Linus Lu
  • Patent number: 10069860
    Abstract: A computing system may be protected from revoked system updates. A computing system receives an object and scans it for revocation updates to a security structure of the computing system. The security structure is a monotonically nondecreasing collection of segments containing data on whether a system update is revoked and a system update's status as revoked signifies the revoked system update can no longer be used by the computing system. Based upon scanning the object, the computing system identifies and validates a revocation update. The computing system resolves the revocation update by applying the revocation update to the security structure, by adding or changing one or more segments of the security structure identified by the revocation update, in response to determining that the revocation update is valid, or by denying application of the revocation update to the security structure in response to determining that the revocation update is invalid.
    Type: Grant
    Filed: February 14, 2017
    Date of Patent: September 4, 2018
    Assignee: International Business Machines Corporation
    Inventors: Michael D. Hocker, Brandon S. Johnson
  • Patent number: 10063562
    Abstract: Techniques of controlling access to a resource involve selecting an authentication scheme for authenticating a user based on an environmental context in which the user is requesting access to the resource. Along these lines, the access control server receives application usage data from a user and separates the data into current environmental factors and current usage factors. In response, the access control server compares the current environmental factors to expected environmental factors for each of multiple predefined environmental contexts. Based on measures of closeness between the current and expected environmental factors, the access control server computes a familiarity score indicative of whether the request to access the resource is recognizable within the particular environmental context.
    Type: Grant
    Filed: March 31, 2016
    Date of Patent: August 28, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Andres D. Molina-Markham, Alina Oprea, Kevin D. Bowers
  • Patent number: 10057249
    Abstract: A computing platform may receive, from a client portal server, a request to authenticate a user to a user account associated with a client portal provided by the client portal server. Based on receiving the request to authenticate, the computing platform may send, to a social messaging server, an authentication token request message. Subsequently, the computing platform may receive, from the social messaging server, an authentication token. Thereafter, the computing platform may validate the authentication token received from the social messaging server. Based on validating the authentication token received from the social messaging server, the computing platform may generate a validation message directing the client portal server to provide the user with access to the user account. Subsequently, the computing platform may send, to the client portal server, the validation message directing the client portal server to provide the user with access to the user account.
    Type: Grant
    Filed: July 20, 2016
    Date of Patent: August 21, 2018
    Assignee: Bank of America Corporation
    Inventors: Elizabeth S. Votaw, Andrew T. Keys, Ashish Arora
  • Patent number: 10055560
    Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a possible attacker. The methods include monitoring of user-side input-unit interactions, in general and in response to an interference introduced to user-interface elements. The monitored interactions are used for detecting an attacker that utilizes a remote access channel; for detecting a malicious automatic script, as well as malicious code injection; to identify a particular hardware assembly; to perform user segmentation or user characterization; to enable a visual login process with implicit two-factor authentication; to enable stochastic cryptography; and to detect that multiple users are utilizing the same subscription account.
    Type: Grant
    Filed: September 27, 2016
    Date of Patent: August 21, 2018
    Assignee: BIOCATCH LTD.
    Inventor: Avi Turgeman
  • Patent number: 10057255
    Abstract: A computing platform may receive, from a client portal server, a request to authenticate a user to a user account a client portal. Based on identifying an activity the request, the computing platform may select a multi-device authentication method for authenticating the user. The computing platform may generate a first one-time passcode for a first registered device and a second one-time passcode for a second registered device, and may send the one-time passcodes to the registered devices. Thereafter, the computing platform may receive and validate one-time passcode input from the client portal server. Based on validating the one-time passcode input, the computing platform may generate a validation message directing the client portal server to provide the user with access to the user account, and may send the validation message to the client portal server. In some instances, different authentication methods may be selected for different activities.
    Type: Grant
    Filed: July 20, 2016
    Date of Patent: August 21, 2018
    Assignee: Bank of America Corporation
    Inventors: Elizabeth S. Votaw, Andrew T. Keys
  • Patent number: 10051018
    Abstract: Systems and methods for facilitating shared access-right evaluation using linked communication channels are provided. A first communication can be received over a first communication link from a first user device, and a second communication can be received over a second communication link from a second user device. The first and second communications can include requests for the assignment of access rights. Map data can be generated and transmitted to each of the first and second user devices. Each user device can display a visual representation of access-right data. Further, a communication session can be facilitated between the first user device and the second user device. The communication session can be presented on the visual representation for each user device so that the first user and the second user can collaboratively evaluate access rights.
    Type: Grant
    Filed: December 29, 2016
    Date of Patent: August 14, 2018
    Assignee: Live Nation Entertainment, Inc.
    Inventors: Dennis A. Denker, Raymond Yung-Chien Lew, Debbie Hsu, Michael Horowitz, Bradford J. Bensen, John Carnahan
  • Patent number: 10042996
    Abstract: A trusted device, such as a wristwatch, is provided with authentication circuitry, used to perform an authentication operation to switch the trusted device into an authenticated state. Retention monitoring circuitry monitors the physical possession of the trusted device by the user following the authentication operation and switches the trusted device out of an authenticated state if the trusted device does not remain in the physical possession of the user. While the trusted device remains in the physical possession of the user, communication triggering circuitry is used to detect a request to establish communication with a target device that is one of a plurality of different target devices and communication circuitry is used to communicate with that target device using an authenticated identity of the user.
    Type: Grant
    Filed: November 25, 2015
    Date of Patent: August 7, 2018
    Assignee: ARM IP Limited
    Inventors: Krisztian Flautner, Hugo John Martin Vincent, Amyas Edward Wykes Phillips, Robert George Taylor
  • Patent number: 10042752
    Abstract: In one example in accordance with the present disclosure, a method may include identifying, by a first operating system process in a computer system accessing a shared memory heap, a first object at a first memory address in the shared memory heap. The first object may have been previously allocated in the shared memory heap by a second operating system process. The method may also include identifying an object descriptor associated with the first object at a second memory address in the shared memory heap. The object descriptor occupies a number of bits of memory independent of the type. The method may also include determining a size of the first object based on the object descriptor, enumerating, based on the object descriptor, fields associated with the first object and performing an action based on each field of the enumerated fields.
    Type: Grant
    Filed: May 27, 2016
    Date of Patent: August 7, 2018
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Evan R. Kirshenbaum, Lokesh Gidra
  • Patent number: 10033721
    Abstract: Systems and methods for credential translation are described. In some embodiments, an Information Handling System (IHS) may include: a host processor; an embedded controller coupled to the processor; and an off-host authentication processing system coupled to the embedded controller and segregated from the host processor, the off-host authentication processing system further comprising: an off-host processor; and an off-host memory coupled to the off-host processor, the off-host memory having program instructions stored thereon that, upon execution, cause the off-host processor to: receive a certificate from a web-access management server; store the certificate in the off-host memory; and request that a user of the IHS provide a first authentication factor to be associated with the certificate such that, when the first authentication factor is presented to the off-host processor, the certificate is released from the off-host memory.
    Type: Grant
    Filed: June 17, 2016
    Date of Patent: July 24, 2018
    Assignee: Dell Products, L.P.
    Inventors: Charles D. Robison, Daniel L. Hamlin, Frank H. Molsberry
  • Patent number: 10027667
    Abstract: Methods and apparatus for provisioning and providing services to devices on a local network are described. The methods and apparatus allow for the provisioning of services to customer owned and managed devices on a local network on which another device, e.g., a first device, has already been authenticated and authorized to receive services corresponding to a customer account. After a first device on a local network is authenticated and associated with a customer account it detects the addition of new devices on the local network and assists in the registration of the new device by acting as an intermediary with a service provider device during the registration process. The security and registration established by the first device is leveraged allowing other devices on the network to be registered and authenticated for services corresponding to the same account as the first device without requiring user input of authentication and/or other information.
    Type: Grant
    Filed: November 12, 2014
    Date of Patent: July 17, 2018
    Assignee: Time Warner Cable Enterprises LLC
    Inventors: Albert William Straub, Miles Anton Johnson
  • Patent number: 10019741
    Abstract: The embodiments provide for legally transferring multimedia content stored on a medium to a personal content archive device. The device is configured to consolidate a user's content into a single device or secured storage that allows easy access to the content while preserving the digital rights of the content. When a content medium has been provided, the device queries a registration service over a network, such as the Internet, to register the content and indicate that it was legitimately obtained. The device may then be authorized to download and store an authorized version of the content into its secured storage. The authorized version may be the same or a variation of the registered content. The content may then be downloaded from one or more content sources. The registration process may be based on several criteria, such as an authenticity check of the medium, a fee payment, and the like.
    Type: Grant
    Filed: August 9, 2010
    Date of Patent: July 10, 2018
    Assignee: Western Digital Technologies, Inc.
    Inventor: Lambertus Hesselink
  • Patent number: 10021113
    Abstract: Systems and methods for authentication. At an authentication service, key synchronization information is stored for an enrolled authentication device for a user identifier of a service provider. The key synchronization information indicates that a private key stored by the authentication device is synchronized with a public key stored at the service provider. Responsive to an authentication request provided by the service provider for the user identifier, the authentication service determines an authentication device for the user identifier that stores a synchronized private key by using the key synchronization information, and provides the authentication request to the authentication device. The authentication service provides a signed authentication response to the service provider. The authentication response is responsive to the authentication request and signed by using the private key. The service provider verifies the signed authentication response by using the public key.
    Type: Grant
    Filed: July 27, 2017
    Date of Patent: July 10, 2018
    Assignee: Duo Security, Inc.
    Inventors: Jon Oberheide, Douglas Song
  • Patent number: 10013543
    Abstract: A system, device, and method for binding metadata, such as information derived from the output of a biometric sensor, to hardware intrinsic properties by obtaining authentication-related metadata and combining it with information pertaining to a root of trust, such as a physical unclonable function. The metadata may be derived from a sensor such as a biometric sensor, the root of trust may be a physical unclonable function, the combination of the metadata and root of trust information may employ a hash function, and output from such a hash process may he used as an input to the root of trust. The combined information can he used in interactive or non-interactive authentication.
    Type: Grant
    Filed: June 5, 2017
    Date of Patent: July 3, 2018
    Assignee: Analog Devices, Inc.
    Inventors: John J. Walsh, John Ross Wallrabenstein
  • Patent number: 10003612
    Abstract: A computing system may be protected from revoked system updates. A computing system receives an object and scans it for revocation updates to a security structure of the computing system. The security structure is a monotonically nondecreasing collection of segments containing data on whether a system update is revoked and a system update's status as revoked signifies the revoked system update can no longer be used by the computing system. Based upon scanning the object, the computing system identifies and validates a revocation update. The computing system resolves the revocation update by applying the revocation update to the security structure, by adding or changing one or more segments of the security structure identified by the revocation update, in response to determining that the revocation update is valid, or by denying application of the revocation update to the security structure in response to determining that the revocation update is invalid.
    Type: Grant
    Filed: September 28, 2017
    Date of Patent: June 19, 2018
    Assignee: International Business Machines Corporation
    Inventors: Michael D. Hocker, Brandon S. Johnson
  • Patent number: 9996290
    Abstract: Embodiments include providing content requested by a user via an access point capable of wireless communication. Aspects include receiving the content provided by the management server and storing the content provided by the management server into a volatile memory provided in the wireless communication apparatus. Aspects also include storing difference data into a nonvolatile memory if it is requested to change the content stored in the volatile memory and monitoring a state of communication connection with the access point and whether or not a packet giving an instruction to hold the content has been received. Aspects further include deleting the content stored in the volatile memory if communication with the access point is disconnected or if the packet is unreceived.
    Type: Grant
    Filed: December 15, 2015
    Date of Patent: June 12, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Yasunao Katayama, Daiju Nakano, Kohji Takano
  • Patent number: 9990786
    Abstract: A request is received by a member of a credential granting authority to issue an electronic visitor credential to a visitor of the credential granting authority, the electronic visitor credential enabling access to resources of the credential granting authority. It is determined that the member of the credential granting authority is authorized to issue the credential to the visitor. Based on the determination that the member of the credential granting authority is authorized to issue the credential to the visitor, the electronic visitor credential is issued with at least one timing restriction that defines a time period during which the electronic visitor credential is valid and at least one usage restriction that limits resources of the credential granting authority to which the electronic visitor credential enables access It is determined to withdraw the electronic visitor credential. Based on determining to withdraw the electronic visitor credential, the credential is withdrawn.
    Type: Grant
    Filed: January 16, 2015
    Date of Patent: June 5, 2018
    Assignee: MicroStrategy Incorporated
    Inventor: Siamak Ziraknejad
  • Patent number: 9992020
    Abstract: A request is received to change a first, current encryption root key used to encrypt and decrypt a set of data in a database. A new, second encryption root key is generated. The second encryption root key is stored in a secured area in disk storage as a new current encryption root key. The first encryption root key is maintained in the secured area as a historical encryption root key. New root key version information that identifies the new, second encryption root key is generated and stored as current root key version information. A request is received to encrypt the set of data. The second encryption root key is identified as the current encryption root key based on the current root key version information. The second encryption root key is used to encrypt the set of data to create an encrypted set of data.
    Type: Grant
    Filed: November 21, 2016
    Date of Patent: June 5, 2018
    Assignee: SAP SE
    Inventors: Fabian Garagnon, Thomas Wenckebach
  • Patent number: 9985969
    Abstract: Techniques are described for managing access to computing-related resources that, for example, may enable multiple distinct parties to independently control access to the resources (e.g., such that a request to access a resource succeeds only if all of multiple associated parties approve that access). For example, an executing software application may, on behalf of an end user, make use of computing-related resources of one or more types that are provided by one or more remote third-party network services (e.g., data storage services provided by an online storage service)—in such a situation, both the developer user who created the software application and the end user may be allowed to independently specify access rights for one or more particular such computing-related resources (e.g., stored data files), such that neither the end user nor the software application developer user may later access those resources without the approval of the other party.
    Type: Grant
    Filed: March 29, 2013
    Date of Patent: May 29, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Mark Joseph Cavage, John Cormie, Nathan R. Fitch, Don Johnson, Peter Sirota
  • Patent number: 9985965
    Abstract: A security verification method, apparatus, and system relate to the field of computer security technologies, and are used to improve reliability of the verification code technology. In the method, an image capture request carrying an image capture parameter is sent to a server end after a verification page starts; a live view picture returned by the server end is received, where the live view picture is obtained by the server end by performing live view image capture according to the image capture parameter and prestored street view tile information; and a security verification operation is performed according to the live view picture.
    Type: Grant
    Filed: May 27, 2016
    Date of Patent: May 29, 2018
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventor: Juan Du
  • Patent number: 9971566
    Abstract: A method of identifying a memory cell state for use in random number generation (RNG) includes comparing at least one physical parameter of a memory cell with a threshold value of the physical parameter and identifying a relationship of the at least one physical parameter of the memory cell to the threshold value. A state of 0, 1, or X is associated to the memory cell based on the relationship of the at least one physical parameter to the threshold value. At least one state storage memory cell is programmed with a value corresponding with the associated 0, 1, or X state. The programmed value of the at least one state storage memory cell is included in an RNG data stream.
    Type: Grant
    Filed: May 9, 2016
    Date of Patent: May 15, 2018
    Assignee: Arizona Board of Regents acting for and on behalf of Northern Arizona University
    Inventor: Bertrand Cambou
  • Patent number: 9965625
    Abstract: Provided are a control system and an authentication device capable of detecting abnormality of a development device for distributing a control program and of preventing destruction and tampering of the program caused by the abnormality. To solve the above problem, there is provided: a control device that controls a controlled object; a development device that manages a plurality of control programs executed by the control device and sends the predetermined control program and information accompanying the control program to the network; and an authentication device having an authentication list storing the information accompanying the control program in association with the control program.
    Type: Grant
    Filed: September 5, 2014
    Date of Patent: May 8, 2018
    Assignee: Hitachi, Ltd.
    Inventors: Hiromichi Endoh, Tsutomu Yamada, Satoshi Ohkubo
  • Patent number: 9965613
    Abstract: Systems and methods are described to validate user connections to one or more application servers within a multi-tenant application system. A domain-level cookie at the client identifies any active connections for that client. As the client requests a connection to a particular application, the cookie is provided to a validation server that determines if any previously-established sessions with the multi-tenant system exist, and/or if such sessions remain active. If an active session already exists, then the client can be redirected to a particular server to continue the previously-established session. If no valid prior sessions are available, then the client can be validated and a new connection to an appropriate server can be established, as appropriate.
    Type: Grant
    Filed: April 27, 2011
    Date of Patent: May 8, 2018
    Assignee: salesforce.com, inc.
    Inventor: Jong Lee
  • Patent number: 9959563
    Abstract: Systems and methods are disclosed for generating recommendation rules based on the attributes of items that are purchased together at a threshold rate. The attributes of the items may be extracted from item-detail content associated with the items. Using a count of the frequency with which pairs of items include pairs of attributes, a recommendation rule can be created that recommends items with particular attributes to users who access other items with particular attributes. Further, using the recommendation rules, items may be selected for recommendation to users who access an item that lacks historical access data from which to generate recommendations solving the “cold-start” problem. Moreover, negative rules may be generated based on historical access data and attributes of items purchased and/or not purchased together at a threshold rate to prevent the recommendation of particular items to users who access items associated with the negative rules.
    Type: Grant
    Filed: December 19, 2013
    Date of Patent: May 1, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Jianhui Wu, Debprakash Patnaik, Rui Wang
  • Patent number: 9961541
    Abstract: Data in a portable electronic device is protected by using external and internal status detection means to determine if the device is misplaced, lost, or stolen. The device then takes, singly or in combination, one of several actions to protect the data on the device, including declaring its location to an owner or service provider, locking the device or specific functions of the device to disable all data retrieval functionality, erasing or overwriting all the stored data in the device or, where the data has been stored in the device in an encrypted format, destroying an internally-stored encryption key, thereby preventing unauthorized access to the encrypted data in the device.
    Type: Grant
    Filed: November 4, 2016
    Date of Patent: May 1, 2018
    Assignee: Applied Minds, LLC
    Inventors: Bran Ferren, W. Daniel Hillis
  • Patent number: 9948645
    Abstract: Techniques for call-based user verification are described. In one embodiment, for example, an apparatus may comprise a processor circuit and a storage component. The apparatus may further comprise a session component, an identification (ID) component, a mapping component, and a verification component. The session component may be operative on the processor circuit and configured to receive session data from a client device and store the session data in the storage component. The ID component may be operative on the processor circuit and configured to request ID data from a server, receive ID data from the server, and send the ID data to the client device. The mapping component may be operative on the processor circuit and configured to map the session data with the ID data.
    Type: Grant
    Filed: September 12, 2016
    Date of Patent: April 17, 2018
    Assignee: FACEBOOK, INC.
    Inventors: Bradley Edward Hettervik, Surendra Gadodia, Xiao Liang, Antony T. Fu, Molly Jane Fowler
  • Patent number: 9946303
    Abstract: Provided herein are a multi smartphone and a method of controlling the same. The multi smartphone includes a display part configured to output a screen when an input signal is sensed; a memory part configured to store a plurality of operating systems (OSs) which are operated differently based on a time at which the input signal is sensed, a place at which the input signal is input, or a user who inputs the input signal; and a control part configured to perform control such that at least one OS of the plurality of OSs is selected and operated based on any one of a time at which the input signal is sensed, the place at which the input signal is input, and the user who inputs the input signal when the input signal is sensed.
    Type: Grant
    Filed: July 28, 2015
    Date of Patent: April 17, 2018
    Assignee: FOUNDATION OF SOONGSIL UNIVERSITY-INDUSTRY COOPERATION
    Inventor: Jongseong Kim
  • Patent number: 9942933
    Abstract: At least one processor and at least one memory coupled thereto associated with a first user terminal (UT) perform processes of previously storing pre-configuration information not derived from a base station, designating an area of resources for transmitting control information, determining a plurality of first radio resources within the area of resources for transmitting control information from the first UT to a second UT in a case that the first UT is out of coverage of the base station, and directly transmitting to the second UT the control information in each of the plurality of first radio resources by Device-to-Device (D2D) communication, each resource indicating a same at least one subframe of second radio resources to be used for transmitting data by the D2D communication. A second UT includes least one processor and at least one memory coupled thereto receives the control information from the first UT via D2D communication.
    Type: Grant
    Filed: October 13, 2017
    Date of Patent: April 10, 2018
    Assignee: KYOCERA Corporation
    Inventors: Naohisa Matsumoto, Kugo Morita, Masato Fujishiro, Takahiro Saiwai
  • Patent number: 9940121
    Abstract: An electronic apparatus includes a control portion (1) including: an installation portion (11) that associates the user who performs installation with the installed program; and a program use control portion (17) that permits all users to use a first installed program associated with a first user and permit a second user and a third user who attempts to install a second installed program associated with the second user to use the second installed program. When the third user who is a user other than an administrator attempts to install an application program that the third user is not permitted to use, if the application program is the second installed program, the installation portion (11) does not perform installation and causes the program use control portion (17) to permit the third user to use the second installed program.
    Type: Grant
    Filed: May 2, 2016
    Date of Patent: April 10, 2018
    Assignee: KYOCERA Document Solutions Inc.
    Inventors: Kentaro Okamoto, Kyota Mitsuyama, Koji Ikawa
  • Patent number: 9942937
    Abstract: A method, a device, and a non-transitory storage medium provide storing context information pertaining to an end device and previous attachments of the end device to the network; receiving an indication that the end device requests an attachment to the network subsequent to the storing and subsequent to previously occurring detachments of the end device; authenticating the end device using the context information during the attachment; and causing a creation of a bearer connection between the end device and the network using the context information and during the attachment.
    Type: Grant
    Filed: May 5, 2017
    Date of Patent: April 10, 2018
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Paul H. Siedelhofer, Abdul Subhan, Gregory L. Miceli
  • Patent number: 9935891
    Abstract: A computing resource policy specification (CRPRS) applies to a set of computing resources that share at least a portion of a first domain. The CRPRS comprises a plurality of rules describing a set of requirements with which a given computing resource in the set must comply. A determination is made, based at least in part on information received from a job scheduler, that an assessment of a particular computing resource for compliance with a first subset of rules included in the CRPRS should be initiated at a first time. A different subset of rules for compliance assessment is selected at a different time. A pre-scan associated with the particular computing resource is performed to assess functionality provided by the particular computing resource. A test set, of a subset of the tests associated with the assessment, is selected, and an assessment that uses the test set is dispatched and results of the assessment are delivered.
    Type: Grant
    Filed: September 30, 2014
    Date of Patent: April 3, 2018
    Assignee: Artemis Internet Inc.
    Inventor: Alexander Charles Stamos
  • Patent number: 9934504
    Abstract: A transaction is authorized using an authentication process that prompts the user to perform an action in view of a camera or sensor. The process identifies the user and verifies that the user requesting the transaction is a living human being. The user is identified using image information which is processed utilizing facial recognition. The device verifies that the image information corresponds to a living human using one or more human-verification processes. The device prompts the user to perform an action to confirm the transaction, and causes the transaction to be performed after verifying performance of the action by the identified user.
    Type: Grant
    Filed: October 19, 2015
    Date of Patent: April 3, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Yicong Wang, Haizhi Xu
  • Patent number: 9930034
    Abstract: A mobile device can receive, from an application installed on a wearable device, an authentication query. Based upon the authentication query, an application installed on the mobile device can be determined to have been authenticated. In response to determining that the application installed on the mobile device has been authenticated, a temporary password can be generated at the mobile device and converted into a vibration pattern. The vibration pattern can be vibrated at the mobile device. The temporary password sent from the mobile device can be compared with user input received via a tap interface on the wearable device. In response to determining that the user input corresponds to the temporary password, the application installed on the wearable device can be authenticated based on authentication parameters of the corresponding application on the mobile device.
    Type: Grant
    Filed: July 29, 2015
    Date of Patent: March 27, 2018
    Assignee: International Business Machines Corporation
    Inventors: Vijay Ekambaram, Ashish K. Mathur, Ashok Pon Kumar Sree Prakash
  • Patent number: 9924319
    Abstract: A tracking system is disclosed that enables the tracking of a beacon device and a credential device being held by the beacon device. The beacon device may communicate with readers of an access control system using a first communication protocol whereas the credential device being held by the beacon device may communicate with readers of the access control system using a second communication protocol. As the beacon device and the credential device being held by the beacon device may also communicate with readers at different times, a beacon device may be associated with a credential device being held thereby such that tracking of one device enables inferred tracking of the other device.
    Type: Grant
    Filed: July 14, 2016
    Date of Patent: March 20, 2018
    Assignee: ASSA ABLOY AB
    Inventors: Philip Hoyer, Julian Eric Lovelock, Mark Robinton
  • Patent number: 9922183
    Abstract: An electronic device and an information processing method are disclosed in the disclosure. The electronic device comprises: a wearable apparatus capable of forming a ring or an approximate ring, which is able to surround a first cylinder; a first sensor arranged at least partly in the wearable apparatus and towards an interior of the ring or the approximate ring, and configured to detect first biometric information of at least part of a wearer's body surrounded by the wearable apparatus if the wearable apparatus is worn on the part of the wearer's body; a first processor arranged in the wearable apparatus, and configured to determine whether the first biometric information matches first preset biometric information to obtain a determination result and to perform security processing corresponding to the determination result based on the determination result.
    Type: Grant
    Filed: September 29, 2015
    Date of Patent: March 20, 2018
    Assignees: BEIJING LENOVO SOFTWARE LTD., LENOVO (BEIJING) LIMITED
    Inventor: Yiqiang Yan
  • Patent number: 9917831
    Abstract: A method of authenticating a user of an image forming apparatus is provided that includes receiving, at the image forming apparatus, a one-time password (OTP) generating request, generating, at the image forming apparatus, an OTP according to the OTP generating request, receiving, at the image forming apparatus, an authentication request, from the host apparatus, including the OTP, and when the OTP received from the host apparatus matches the OTP generated according to the OTP generating request and absent a condition, approving an access to the image forming apparatus.
    Type: Grant
    Filed: July 29, 2014
    Date of Patent: March 13, 2018
    Assignee: S-PRINTING SOLUTION CO., LTD.
    Inventor: Kwang-woo Lee
  • Patent number: 9917834
    Abstract: A digital verified identification system and method are presented for verifying and/or authenticating the identification of an entity associated with an electronic file, such as, for example the digital signatory thereof. In particular, the system and method include a module generating assembly structured to receive at least one verification data element, and at least one digital identification module structured to be associated with at least one entity. The digital identification module is capable of being disposed or embedded within at least one electronic file. Further, the digital Identification module with the entity, and one or more metadata identification module includes at least one primary components identification module includes at least one primary component structured to at least partially associate the digital.
    Type: Grant
    Filed: June 8, 2015
    Date of Patent: March 13, 2018
    Inventor: Leigh M. Rothschild
  • Patent number: 9912670
    Abstract: Resource feature transfer is described. In one or more embodiments, information is collected about interaction of an unauthenticated user of a computing device with a resource, such as content (e.g., a web page) or an application. The information may identify the user, a device or application used to interact with the resource, and so on. This information is communicated to an identity management service (IMS) to determine features to make accessible to the unauthenticated user when interacting with the resource. During the interaction, the user initiates authentication to a corresponding user profile. To achieve a consistent user experience, the features made accessible to the user when unauthenticated are transferred so they are also accessible when authenticated. To do this, authentication information is communicated to the IMS with a token indicating the features determined for the unauthenticated user. The IMS then merges these features with features indicated by the user profile.
    Type: Grant
    Filed: April 19, 2016
    Date of Patent: March 6, 2018
    Assignee: ADOBE SYSTEMS INCORPORATED
    Inventors: Sanjeev Kumar Biswas, Mayank Goyal, John A. Trammel
  • Patent number: 9906544
    Abstract: Methods and systems for malicious non-human user detection on computing devices are described. The method includes collecting, by a processing device, raw data corresponding to a user action, converting, by the processing device, the raw data to features, wherein the features represent characteristics of a human user or a malicious code acting as if it were the human user, and comparing, by the processing device, at least one of the features against a corresponding portion of a characteristic model to differentiate the human user from the malicious code acting as if it were the human user.
    Type: Grant
    Filed: December 2, 2015
    Date of Patent: February 27, 2018
    Assignee: Akamai Technologies, Inc.
    Inventor: Sreenath Kurupati
  • Patent number: 9906469
    Abstract: The invention relates to an aircraft control system, situated in the avionics bay, including a computer, a remote equipment, such as an actuator of control surfaces, and an AFDX network. The computer includes a first module and a second module, respectively connected to a corresponding first module and a second module of the equipment, by a first and a second virtual link sharing a common path through the network, the first and second virtual links being segregated by a separate encoding at the applicative level. A replication and/or frame switching device is connected, on the one hand, to the common port and, on the other hand, to the ports of the first and second modules of the equipment.
    Type: Grant
    Filed: December 11, 2013
    Date of Patent: February 27, 2018
    Assignee: Airbus Operations (S.A.S.)
    Inventors: Marc Fervel, Antoine Maussion, Arnaud Lecanu, Sylvain Sauvant
  • Patent number: 9898874
    Abstract: A method of controlling the use of a custom image by a user in a value dispensing system, such as a mail processing system, that enables the system provider to account and charge for the use of the custom image without ever actually receiving the data representing custom image. The method includes steps of receiving a hash generated from at least the custom image at a provider location, such as a data center, generating a digital signature from data including at least the received hash, and transmitting the digital signature and data used to generate the digital signature to the user at a user location. The method may further include additional steps of determining whether the digital signature can be successfully verified, and allowing the custom image to be printed by the user only if it is determined that the digital signature can be successfully verified.
    Type: Grant
    Filed: May 31, 2005
    Date of Patent: February 20, 2018
    Assignee: Pitney Bowes Inc.
    Inventors: Andrei Obrea, Frederick W. Ryan, Jr.