Access Control Or Authentication Patents (Class 726/2)
  • Patent number: 11922359
    Abstract: A system and method for securely training a model comprises including the algorithms of the model into a training module, and communicating the training module from a vendor computer system to a customer computer system. The training module is operated on the customer's computer system using the data from the customer, and a trained training module is achieved after operating the training module on the customer's computer system. The trained training module is used to initialize at least one additional module, which is communicated from the customer's computer system to the vendor's computer system, is used to score observations.
    Type: Grant
    Filed: April 29, 2019
    Date of Patent: March 5, 2024
    Assignee: ABB Schweiz AG
    Inventors: Alok Kucheria, Karl Eric Harper
  • Patent number: 11921862
    Abstract: Systems and methods for rules-based automated penetration testing and regression to certify release candidates against known patterns that inject vulnerabilities are disclosed.
    Type: Grant
    Filed: February 5, 2021
    Date of Patent: March 5, 2024
    Assignee: JPMORGAN CHASE BANK , N.A.
    Inventor: Ambika Prasad Pathak
  • Patent number: 11924491
    Abstract: The techniques herein provide for enhanced overlay network-based transport of traffic, such as IPsec traffic, e.g., to and from customer branch office locations, facilitated through the use of the Internet-based overlay routing infrastructure. This disclosure describes a method of providing integrity protection for traffic on the overlay network.
    Type: Grant
    Filed: March 29, 2022
    Date of Patent: March 5, 2024
    Assignee: Akamai Technologies, Inc.
    Inventors: Brandon O. Williams, Liza Alenchery, Yixin Jin
  • Patent number: 11921882
    Abstract: Described is a secure, electronic, submission process providing and enabling applicants to initiate requests to desirous requestors seeking such submissions based on authenticated and trusted identities and/or credentials or which could be authenticated securely through other defined processes. SafeCase is an innovative process for convenience, ease and security in application submissions for anyone and everyone through an electronic interface that has been built innovatively on the strong foundations of Identity Management, giving irrevocable and irrefutable trust on the Identity and/or credentials and/or the purpose that an applicant is applying for or wishes to achieve. SafeCase is an end-to-end secure and transparent interface, wherein the applicant (i.e. the Candidate) utilizes his/her Authenticated Credential(s) or Identity(ies) to submit an application. The applicant remains updated in real time on the status of the submitted application till its final disposal.
    Type: Grant
    Filed: October 10, 2018
    Date of Patent: March 5, 2024
    Assignee: CertiSafe Private Limited
    Inventor: Gaurav Sharma
  • Patent number: 11924229
    Abstract: In one embodiment, a method comprises: monitoring, by a first security agent executed within a network device, for real-time detection of a cyber threat in the network device, the network device configured for secure communications in a secure peer-to-peer data network, the monitoring including detecting a detected cyber threat; communicating by the first security agent with at least one notified agent about the detected cyber threat, the at least one notified agent one of a second security agent executed within the network device, or a corresponding first security agent in a second network device having a two-way trusted relationship with the network device in the secure peer-to-peer data network; and executing, by the first security agent, a corrective action to at least mitigate the cyber threat based on the communicating with the at least one notified agent of the detected cyber threat.
    Type: Grant
    Filed: June 29, 2021
    Date of Patent: March 5, 2024
    Assignee: WhiteStar Communications, Inc.
    Inventor: Billy Gayle Moon
  • Patent number: 11914686
    Abstract: States of storage nodes in a storage cluster may be transitioned from a secured state to an unsecured state. When all the storage nodes are in the secured state, a first reboot of the storage nodes is initiated. The first reboot may involve the storage nodes rebooting from the secured state into an intermediate state. During the first reboot: storage nodes that have rebooted into the intermediate state are allowed to rejoin the distributed storage cluster, and storage nodes in the unsecured state are not allowed to join the distributed storage cluster. When all the storage nodes are in the intermediate state, a second reboot of the storage nodes may be initiated. The second reboot may involve rebooting the storage nodes from the intermediate state into the unsecured state. During the second reboot, storage nodes that have rebooted into the unsecured state are allowed to rejoin the storage cluster.
    Type: Grant
    Filed: October 15, 2021
    Date of Patent: February 27, 2024
    Assignee: Pure Storage, Inc.
    Inventor: Luis Pablo Pabón
  • Patent number: 11917075
    Abstract: Disclosed is a multi-signature security account control system. The present invention comprises a multi-signature security account in which at least three participating accounts have management authority, wherein the participating accounts are a first participating account corresponding to a user terminal, a second participating account corresponding to an HSM management server, and a third participating account corresponding to an exchange server, and the HSM management server may control the authority of the multi-signature security account to be controlled by using signature information provided from at least two of the participating accounts.
    Type: Grant
    Filed: June 28, 2019
    Date of Patent: February 27, 2024
    Assignee: PAY GATE CO., LTD.
    Inventor: Dong-San Lee
  • Patent number: 11907398
    Abstract: Systems and methods are provided for implementing stand-in network identities. One example computer-implemented method includes receiving, from a communication device associated with a user, an on-behalf-of (OBO) request from the user to share permission data with a relying party and, in response to the OBO request, generating a permission request for the permission data and transmitting the permission request to the communication device associated with the user. The method also includes receiving, from the communication device associated with the user, consent from the user to share the permission data with the relying party. The method then includes identifying, in a data structure, an OBO permission for the user with respect to the PII and in response to identifying the OBO permission for the user, transmitting the permission data identified in the OBO request to the relying party.
    Type: Grant
    Filed: June 7, 2022
    Date of Patent: February 20, 2024
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Aaron Shortell, Kristen Metropoulos, Andrew Haimes, Nicole M. Yap
  • Patent number: 11899813
    Abstract: Techniques are disclosed relating to multi-factor authentication for data security. In some embodiments, a computer system receives, from a user device, a database operation request that specifies a set of query data, where the computer system supports multiple different security levels requiring different subsets of a set of authentication factors supported by a known device of a user of the user device. Various devices may determine current contextual information for the database operation request, where the contextual information indicates the set of query data. In some embodiments, the computer system selects, based on the current contextual information, a security level from the multiple different security levels. In some embodiments, the computer system revokes, based on the selected security level, access privileges of the user for accessing a database corresponding to the database operation request.
    Type: Grant
    Filed: June 24, 2022
    Date of Patent: February 13, 2024
    Assignee: Salesforce, Inc.
    Inventors: Marla Hay, Joshua David Alexander
  • Patent number: 11900158
    Abstract: Task permissions for software services can be set in a distributed computing environment according to some examples described herein. In one example, a system can determine software services that are included in software products deployable to a user account of a distributed computing environment. The system can determine task permissions to be set in the user account for allowing the software services to execute tasks in the distributed computing environment. The system can generate a list of task permissions by consolidating the task permissions based on predefined rules. The system can then transmit an output indicating the list of task permissions for causing the user account to be configured based on the list of task permissions, to permit the software services to execute the tasks in the distributed computing environment.
    Type: Grant
    Filed: February 4, 2021
    Date of Patent: February 13, 2024
    Assignee: Red Hat, Inc.
    Inventors: Michael Gerard Ryan, Brian Gallagher
  • Patent number: 11899776
    Abstract: A method for authenticating a software based on a blockchain implemented in an electronic device. The method includes obtaining a first identification code and a first hash value of a first software; generating a first authentication code; writing the first identification code, the first hash value, and the first authentication code into a blockchain; obtaining a second identification code of a second software to be identified and calculating a second hash value of the second software; determining whether the second hash value of the second software is the same as the first hash value; if the second hash value is the same as the first hash value, generating a second authentication code; determine whether the second authentication code is the same as the first authentication code; and if so determining that the second software is copyrighted.
    Type: Grant
    Filed: August 4, 2021
    Date of Patent: February 13, 2024
    Assignee: HON HAI PRECISION INDUSTRY CO., LTD.
    Inventor: Liang-Te Chiu
  • Patent number: 11887604
    Abstract: A speech interface device is configured to receive response data from a remote speech processing system for responding to user speech. This response data may be enhanced with information such as a remote ASR result(s) and a remote NLU result(s). The response data from the remote speech processing system may include one or more cacheable status indicators associated with the NLU result(s) and/or remote directive data, which indicate whether the remote NLU result(s) and/or the remote directive data are individually cacheable. A caching component of the speech interface device allows for caching at least some of this cacheable remote speech processing information, and using the cached information locally on the speech interface device when responding to user speech in the future. This allows for responding to user speech, even when the speech interface device is unable to communicate with a remote speech processing system over a wide area network.
    Type: Grant
    Filed: September 2, 2022
    Date of Patent: January 30, 2024
    Assignee: Amazon Technologies, Inc.
    Inventor: Stanislaw Ignacy Pasko
  • Patent number: 11888972
    Abstract: A system includes a memory, an application TEE instance, an escrow TEE instance, and a server. The server is configured to receive a request to start the application TEE instance and launch the escrow TEE instance provisioned with a secret. The secret is initially accessible from a first location until the escrow TEE instance is provisioned and accessibility to the secret in the first location is restricted after provisioning the escrow TEE instance with the secret. The escrow TEE instance is configured to obtain a cryptographic measurement associated with the application TEE instance, validate the application TEE instance, and provide the secret from a second location to the application TEE instance.
    Type: Grant
    Filed: February 26, 2020
    Date of Patent: January 30, 2024
    Assignee: RED HAT, INC.
    Inventor: Michael Tsirkin
  • Patent number: 11887124
    Abstract: The invention provides systems, methods and computer program products for securing electronic transactions and users of electronic transaction services from phishing attacks by malicious attackers and fraudsters. A terminal device receives a first data communication comprising an OTP associated with a requested electronic transaction, and identifies a validity period associated with the OTP. The terminal device responds to detection of a second data communication between the terminal device and a remote entity during the identified validity period, by extracting content from the second data communication. The extracted content is analyzed and a risk decision is generated based on output of the analysis of the extracted content. The risk decision determines whether the remote entity comprises, or is controlled by, a malicious attacker.
    Type: Grant
    Filed: November 25, 2020
    Date of Patent: January 30, 2024
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Amit Somani, Padma Jadav, Raviraj Bhatt, Hemant Arora, Jaipal Singh Kumawat, Ajay Panwar, Sourabh Rajput, Paras Rashmikant Vanjara
  • Patent number: 11880229
    Abstract: A processing device initializes a memory device in an unauthenticated state in which the memory device is unable to execute one or more restricted commands. The processing device accesses a security capsule that is digitally signed using a private key. The processing device transitions the memory device to an authenticated state based on verifying that the security capsule is validly signed. The processing device uses a public key corresponding to the private key to verify the security capsule is validly signed. While in the authenticated state, the memory device is able to execute the one or more restricted commands.
    Type: Grant
    Filed: December 21, 2020
    Date of Patent: January 23, 2024
    Assignee: Micron Technology, Inc.
    Inventor: Robert W. Strong
  • Patent number: 11880489
    Abstract: Provided is a technique for performing statistical processing such as processing for obtaining parameters of logistic regression analysis faster than before. A secure statistical processing system includes a cross tabulation table computing device 2 that performs secure computation on a cross tabulation table in which frequencies are in plain texts while keeping each record concealed; and a statistical processing device 3 that performs predetermined statistical processing using the cross tabulation table in which frequencies are in plain texts. The cross tabulation table computing device 2 may include a plurality of secure computation devices 221, . . . , 22N that perform secure computation on a cross tabulation table in which frequencies are fragments subjected to secret sharing while keeping each record concealed, and a management device 21 that restores the fragments to compute the cross tabulation table in which frequencies are in plain texts.
    Type: Grant
    Filed: August 28, 2019
    Date of Patent: January 23, 2024
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Satoshi Tanaka, Asami Miyajima, Gen Takahashi, Dai Ikarashi, Koki Hamada, Ryo Kikuchi, Hitoshi Fuji
  • Patent number: 11874919
    Abstract: Provided is a hybrid trusted execution environment based android security framework, an android device equipped with the same and a method of executing a trusted service in the android device. The hybrid trusted execution environment based android security framework includes a hardware resource that comprises a rich execution environment (REE) where an android operating system (OS) runs, and a secure container which implements a virtualized trusted execution environment (VTEE) that processes a security task in the rich execution environment (REE) when an application running on the rich execution environment requests the security task.
    Type: Grant
    Filed: August 31, 2021
    Date of Patent: January 16, 2024
    Assignee: CROWDSTRIKE, INC.
    Inventors: Souhwan Jung, Jaehyeon Yoon, Ngoc-Tu Chau
  • Patent number: 11870755
    Abstract: Systems and methods provide for provisioning a dynamic intent-based firewall. A network controller can generate a master route table for network segments reachable from edge network devices managed by the controller. The controller can receive zone definition information mapping the network segments into zones and Zone-based Firewall (ZFW) policies to apply to traffic between a source and destination zone specified by each ZFW policy. The controller can evaluate a ZFW policy to determine first edge network devices that can reach first network segments mapped to the source zone specified by the ZFW policy, second edge network devices that can reach second network segments mapped to the destination zone specified by the ZFW policy, and routing information (from the route table) between the first network segments, the first and second edge network devices, and the second network segments. The controller can transmit the routing information to the edge network devices.
    Type: Grant
    Filed: October 26, 2021
    Date of Patent: January 9, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Vamsidhar Valluri, Saravanan Radhakrishnan, Anand Oswal, Vinay Prabhu, Sarah Adelaide Evans, Suraj Rangaswamy
  • Patent number: 11860985
    Abstract: A user of a device is authenticated after providing a pass code or other data confirming the user can access data on the device. While the user uses the device, behaviometric data is recorded which includes measures of how the user uses the device. Additional data, however, can only be accessed with a biometric and/or second authentication after collecting at least some behaviometric data, in embodiments of the disclosed technology. Depending on how close of a match the behaviometric data received is to previously recorded behaviometric data for the particular user, a threshold minimum is set for the biometric match in order to grant stepped up authentication and authorization to view the additional data. In this manner, a legitimate user often requires less time to authenticate compared to the prior art and a fraudulent user is rejected from access to sensitive data more accurately.
    Type: Grant
    Filed: April 8, 2019
    Date of Patent: January 2, 2024
    Assignee: BEHAVIOSEC INC
    Inventors: Ingo Deutschmann, Per Burstrom
  • Patent number: 11863978
    Abstract: This disclosure provides methods, devices and systems that facilitate mobility of wireless communication devices configured for multi-link operation (MLO). Particular aspects more specifically relate to facilitating fast basic service set (BSS) transitions by wireless communication devices that support MLO. For example, some aspects provide support for station (STA) multi-link device (MLD) roaming between access point (AP) MLDs, from an AP MLD to a non-MLO AP, or from a non-MLO AP to an AP MLD. In some aspects, a STA MLD may be configured to use a medium access control (MAC) service access point address (MAC-SAP address) of the AP MLD when re-associating or communicating with a legacy AP or with an AP MLD. In such aspects, the MAC-SAP address may be used by all STAs of the non-AP MLD for fast BSS transitions.
    Type: Grant
    Filed: June 28, 2021
    Date of Patent: January 2, 2024
    Assignee: QUALCOMM Incorporated
    Inventors: Sai Yiu Duncan Ho, George Cherian, Abhishek Pramod Patil, Alfred Asterjadhi, Yanjun Sun, Jouni Kalevi Malinen
  • Patent number: 11847225
    Abstract: A system on chip includes a memory, a main processor that runs an operating system, and first Intellectual Properties (IPs) that perform respective processing operations. The main processor operates to copy target firmware to the memory using a firmware loader, using a hypervisor, block access of the main processor and the first IPs to the target firmware before verification of the target firmware, and using the hypervisor, grant access to the target firmware by a target IP among the first IPs that corresponds to the target firmware after the verification of the target firmware.
    Type: Grant
    Filed: October 22, 2020
    Date of Patent: December 19, 2023
    Inventors: Siheung Kim, Keunyoung Park, Dongjin Park
  • Patent number: 11843594
    Abstract: Techniques are described for controlling data and resource access. For example, methods and systems can facilitate controlled token distribution across systems and token processing in a manner so as to limit access to and to protect data that includes access codes.
    Type: Grant
    Filed: November 28, 2022
    Date of Patent: December 12, 2023
    Assignee: Live Nation Entertainment, Inc.
    Inventors: Phillip Volini, John Raymond Werneke, Carl Schumaier, Michael Smith, Frank Giannantonio, Vito Iaia, Sean Moriarty
  • Patent number: 11838759
    Abstract: A method for performing service authorization for private networks based on an enhanced PLMN identifier. The method includes receiving an attach request from a user equipment device (UE) via a private network, where the attach request includes an international mobile subscriber identity value (IMSI). The method further includes determining, based on the IMSI, an organization identifier and a token associated with the private network, where the token is included in an enhanced PLMN for granting the UE access to resources in the private network. The method further includes sending the token to the UE and a network proxy within the private network.
    Type: Grant
    Filed: November 15, 2022
    Date of Patent: December 5, 2023
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Sagiv Draznin, Patricia R. Chang, Lalit R. Kotecha, Jin Yang
  • Patent number: 11838088
    Abstract: Apparatus and methods for repeater/extender operation of a wireless-enabled device, including for extending the range or coverage in a wireless network subject to poor signal propagation or obstructions. In one embodiment, the apparatus and methods leverage use of a CPE (consumer premises equipment) configured as a 5G mmWave extender to extend RF signals from one or more base stations (e.g., a NodeB) to one or more other premises. In one variant, the CPE includes (i) a internal unit configured to provide 5G and Wi-Fi services to local UE, as well as other standard CPE functions; (ii) a donor apparatus configured to receive/transmit 5G signals to/from the one or more base stations; and (iii) a service apparatus configured to radiate 5G signals to UE/CPE with weak or no NodeB connectivity. The CPE is configured to create and dynamically update a weighted beam matrix used to select beams.
    Type: Grant
    Filed: September 11, 2020
    Date of Patent: December 5, 2023
    Assignee: CHARTER COMMUNICATIONS OPERATING, LLC
    Inventor: Ramneek Bali
  • Patent number: 11825131
    Abstract: Techniques are described for using ATSC 3.0 to augment in-stadium (including in-arena) video feeds. In addition to a central stadium large screen view, spectators can use their mobile devices or view wall-mounted TVs around the stadium to receive in-stadium special feeds broadcast using ATSC 3.0, but not necessarily broadcast beyond the stadium and its environs.
    Type: Grant
    Filed: May 12, 2020
    Date of Patent: November 21, 2023
    Assignee: Sony Group Corporation
    Inventors: Brant Candelore, Fred Ansfield
  • Patent number: 11824857
    Abstract: Techniques to handle calls to web services via a service proxy are disclosed herein. In one embodiment, a technique includes an intermediate server receiving a request from a client device to the web service at a target server. In response to receiving the request, the intermediate server can authenticate the received request from the client device and upon successful authentication of the received request, forward the request to the targeted server and invoking the web service to process the forwarded request because the intermediate server is authenticated with the target server. The technique can also include receiving, at the intermediate server, data from the target server that represents execution results of the request by the web service at the target server. Upon receiving the data, the intermediate server can then forward to the client device, the data representing execution results of the request by the web service at the target server.
    Type: Grant
    Filed: June 27, 2022
    Date of Patent: November 21, 2023
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Jin Ma, Linda Chen Gray, Betsy McIntyre, Jun Chen, Elena Catrinescu
  • Patent number: 11823492
    Abstract: A method for reducing violence within crowded venues is provided. The method includes reading license plates of vehicles passing into entry ports of a parking area, and capturing facial images of persons seeking admission to the venue. A computer compares such license plates to a database of vehicle license plates associated with persons with past histories of violence. A computer also compares captured facial images to a database of facial data for persons with past violent histories. Upon detecting a match, the computer creates an alert presented to law enforcement officers to facilitate detention of such persons for investigation. Information recorded on entry tickets is scanned and saved together with the facial image of the ticket holder. If a violent act occurs, cameras within the venue capture facial images of participants. The computer matches such participants to stored identifying data to assist in the identification and apprehension of such persons.
    Type: Grant
    Filed: October 6, 2020
    Date of Patent: November 21, 2023
    Inventor: Stanley Loel Kephart
  • Patent number: 11823206
    Abstract: Tamper-proofing and secure identity validation techniques in a transaction processing system and secure electronic payment techniques are disclosed. A tamper-proof transaction processing device is provided and comprises at least two different strength adhesives to secure parts of the device together and a housing comprising at least a first and second protective layer. An electronic component comprising a secure element chip storing unique information relating to the chip is located between the first and second protective layer in the housing. In another aspect, a transaction processing system includes a payment instrument that is configured to approve only negative value and/or zero value transaction requests. Another aspect provides an identity card checking system and method where the identity card is brought into proximity of a data processing device and identity information is displayed on the screen of the data processing device for the period of time while the card is in proximity.
    Type: Grant
    Filed: September 28, 2022
    Date of Patent: November 21, 2023
    Assignee: Worldpay Limited
    Inventors: Daren Lee Pickering, Jonathan Stewart Vokes, Nicholas Telford-Reed
  • Patent number: 11816008
    Abstract: Device and method for reporting power-on self-test (POST) codes of a computing device via a standard external memory card interface. A BIOS of the personal computing device is programmed to configure, during a power-on sequence, multiple signal connections of the standard external memory card interface for conveyance of general purpose input and output signals. When a complementary memory signal conversion device is detected in the memory card interface during the power-on sequence, the BIOS may initiate transmission of a serial data signal containing POST codes related to any detected startup errors.
    Type: Grant
    Filed: December 24, 2018
    Date of Patent: November 14, 2023
    Assignee: Intel Corporation
    Inventors: Yanbai Wang, Lingjing Zeng
  • Patent number: 11818131
    Abstract: Authentication systems and methods can selectively authenticate a request to access a resource data store storing access rights associated with a user device. The systems and methods can scalably execute challenges workflows as part of the authentication process. For example, a request to access one or more access rights stored in the data store can be received from the user device. The user device can be authenticated using challenge workflows selected based on a device identifier of the user device. The selected challenge workflows can be executed to determine whether or not to grant access to the access rights stored in the resource data store.
    Type: Grant
    Filed: June 6, 2022
    Date of Patent: November 14, 2023
    Assignee: Live Nation Entertainment, Inc.
    Inventors: Dan Cernoch, Ajay Pondicherry, David Refsland, Kenneth Ives-Halperin
  • Patent number: 11818158
    Abstract: There are provided systems and methods for managing network vulnerability scanning to avoid interference and disruption of network operations. In one form, the system includes: a network of computing devices; a network vulnerability scanner for evaluating insecurity and vulnerability of the network; a network traffic monitor for measuring the volume of network traffic at a certain time; and a scanning scheduler that includes scanning blackout events limiting operation of the scanner. Each blackout event includes an event name, a country or region for the blackout, a blackout start time and end time, and a blackout type that may include a level of the blackout and an authorization required for the network scan to proceed. In the system, a control circuit controls operation of the scanner; interrupts, delays, or cancels a network scan when the network traffic exceeds a certain threshold; and enforces blackout events according to the scanning scheduler.
    Type: Grant
    Filed: October 26, 2020
    Date of Patent: November 14, 2023
    Assignee: WALMART APOLLO, LLC
    Inventors: Oscar J. Blass, Micah J. Byers, Derrick G. Wright, Clay N. Keller
  • Patent number: 11810099
    Abstract: Disclosed embodiments include methods, systems, and computer-readable media configured to, for example, provide payment tokens for conducting transactions, as well as reprovisioning tokens, on wearable devices without Bluetooth® or other network connectivity beyond NFC radio.
    Type: Grant
    Filed: December 7, 2020
    Date of Patent: November 7, 2023
    Assignee: Capital One Services, LLC
    Inventors: Lawrence Douglas, Paul Moreton
  • Patent number: 11805119
    Abstract: A system for one-click two-factor includes a processor and a non-transitory, tangible, computer-readable storage medium having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations including: (i) receiving an access request from a user, the access request including a first authentication factor; (ii) generating a second authentication factor and a hyperlink that includes the second authentication factor; (iii) providing the hyperlink that includes the second authentication factor to a client device associated with the user; (iv) automatically receiving the second authentication factor in response to selection of the hyperlink by the user; and (v) verifying the first authentication factor and the second authentication factor to authenticate the identity of the user.
    Type: Grant
    Filed: October 14, 2020
    Date of Patent: October 31, 2023
    Assignee: BlueOwl, LLC
    Inventors: Charles B. Smith, Charles O. Schwabacher, Theobolt N. Leung, Daniel O'Shea
  • Patent number: 11805102
    Abstract: Systems and methods for remote management of software on private networks are generally described. In various examples, a cluster of compute instances are deployed by a cloud compute service provider. A first compute pod may be deployed among the cluster of compute instances. The first compute pod may be configured to execute a secure shell daemon (SSHD) network proxy. The first compute pod may be configured to open ports to allow access to the cluster of compute instances by an authorized administrative user. In some examples, a connection may be established between a first computing device executing a secure shell (SSH) process and the SSHD network proxy of the first compute pod. Data may be sent from the first computing device to at least one compute instance of the cluster of compute instances using the connection.
    Type: Grant
    Filed: February 5, 2021
    Date of Patent: October 31, 2023
    Assignee: RED HAT, INC.
    Inventor: Matt Albert Woodson
  • Patent number: 11799640
    Abstract: Systems and methods for digitally encrypting sensitive, self-executing, digital content are provided. A method may include storing the digital content in an encrypted digital vault and generating a first password and a second password which together may unlock the digital vault. The method may include storing the first password on a first encrypted distributed ledger and the second password on a second encrypted distributed ledger. The method may include automatically updating the passwords periodically and storing the updated passwords as new entries on the distributed ledgers. When a document from a predetermined list of documents is digitally scanned and authenticated, the method may include unlocking access to the first password on the first distributed ledger for the designated entity. When the digital vault is unlocked with the first and the second passwords, the digital content may self-execute.
    Type: Grant
    Filed: August 27, 2021
    Date of Patent: October 24, 2023
    Assignee: Bank of America Corporation
    Inventors: Anna Kristen Pingel Berry, Benjamin Daniel Hardman
  • Patent number: 11790753
    Abstract: A method for monitoring the loneliness state of a subject includes receiving proximity information for a plurality of user devices and then generating a loneliness decision for subjects who use the devices based on the proximity information. In one case, the proximity information may be projected onto a lower dimensional space, distance values corresponding to the proximity information may be compared, and the user devices may be ranked based on the comparison. A user may then be determined to be lonely based on the ranking of the user devices. In other cases, clustering techniques may be applied relative to one or more centroids. Distances may then be calculated and compared for purposes of generating a loneliness decision. In other cases, resource information may be taken into consideration with distance information for generating a loneliness decision.
    Type: Grant
    Filed: April 1, 2021
    Date of Patent: October 17, 2023
    Assignee: Koninklijke Philips N.V.
    Inventors: Giulio Valenti, Salvatore Saporito, Sabine Mollus
  • Patent number: 11785049
    Abstract: Exemplary embodiments provide for rate limiting access to data endpoints which includes a processor configured to monitor network traffic between one or more devices on a first network and a second network. The processor may receive a first data endpoint request from one of the one or more devices and compare the first data endpoint request to a ledger of one or more data endpoints. The ledger may have a rate limit associated with the one or more data endpoints which defines a threshold number of requests allowed for the one or more data endpoints. In response to the first data endpoint request matching one or more of the data endpoints on the ledger, the processor may block the first data endpoint request when the data endpoint request exceeds the threshold number of requests allowed for the matching data endpoint on the ledger.
    Type: Grant
    Filed: September 1, 2021
    Date of Patent: October 10, 2023
    Assignee: ACTION STREAMER, LLC
    Inventor: Richard Stokes
  • Patent number: 11777993
    Abstract: Disclosed is a unified security system of cloud-based components configured for (a) packet-level and (b) protocol-level access control and traffic inspection, (c) threat detection and (d) activity contextualization. Packet-level inspects and classifies headers in requests or responses, sets a first restrictive state or passes the request or response. Protocol-level performs deep packet inspection for malicious signatures then sets a second state or passes. Threat detection, when the request or response is an HTTP/S stream, classifies as directed to a threat destination or not, then sets a third state or passes the request or response and activity contextualization, when the request is an HTTP/S stream seeking access to a cloud-based application, recognizes, processes and classifies content-containing activity as compromising or not, then sets a fourth state or passes.
    Type: Grant
    Filed: January 30, 2021
    Date of Patent: October 3, 2023
    Assignee: Netskope, Inc.
    Inventors: Kand Ly, Amit Ganesh Datar, Kartik Subbanna
  • Patent number: 11777747
    Abstract: A method and system for authenticating a device is provided. A noisy response is received from a physically unclonable function for a challenge. An error code is generated for correcting the noisy first response. An expected response is generated from the noisy first response and the error code. The expected response and corresponding first helper data is store. The helper data includes the first challenge and the error code. The helper data is provided to a device in response to an authentication request from the device, the first device including the physically unclonable function.
    Type: Grant
    Filed: June 28, 2021
    Date of Patent: October 3, 2023
    Assignee: Taiwan Semiconductor Manufacturing Company, Ltd.
    Inventors: Robert Abbott, Saman M. I. Adham, Peter Noel
  • Patent number: 11777964
    Abstract: A computer-implemented method of detecting clipboard listener applications that includes placing, by a clipboard listener-detector application, a content reference, such as a Uniform Resource Identifier (URI), on a device clipboard; receiving, by the clipboard listener-detector application, at least one request from one or more clipboard listener applications for data based on the content URI; identifying the one or more clipboard listener applications from which said at least one request was received; and outputting an identity of each of the one or more identified clipboard listener applications.
    Type: Grant
    Filed: March 1, 2019
    Date of Patent: October 3, 2023
    Assignee: Malikie Innovations Limited
    Inventor: Neil Patrick Adams
  • Patent number: 11778463
    Abstract: Presented herein are techniques to provide for the ability to utilize 3GPP-generated Session Keys that can be generated via a primary authentication or a secondary authentication process for a user equipment (UE) via a private wireless wide area (WWA) access network in which the keys can be leveraged to facilitate connection of the UE to a wireless local area (WLA) access network. In one example, a method may include obtaining a request to authenticate a UE for connection to a WWA access network; determining that the UE is capable of a Fast Transition (FT) capability; authenticating the UE for connection to the WWA access in which, based on the FT capability, the authenticating includes generating a root security key for the UE; and upon determining that the UE is attempting to access the WLA access network, providing the root security key for the UE to the WLA access network.
    Type: Grant
    Filed: October 13, 2020
    Date of Patent: October 3, 2023
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Srinath Gundavelli, Indermeet Singh Gandhi
  • Patent number: 11775272
    Abstract: A solution is proposed for deploying software programs. A corresponding method comprises calculating a program security indicator of each software program according to corresponding component security indicators of software components being used by the software program. A computing system (or more) is selected for deploying the software program according to a comparison between the program security indicator and corresponding system security indicators of a plurality of available computing systems. A computer program and a computer program product for performing the method are also proposed. Moreover, a corresponding system is proposed.
    Type: Grant
    Filed: March 24, 2022
    Date of Patent: October 3, 2023
    Assignee: International Business Machines Corporation
    Inventors: Gianluca Volpe, Donatello Carriero, Gianluca Gigliarelli, Roberto Ragusa, Wanda Righi
  • Patent number: 11777956
    Abstract: Methods and systems for detecting an electronic intrusion are described. The system receives a notification, over a network, from a first application server that is hosting a first electronic service that is hosting a first user account. The notification reports the detection of a user activity associated with the first user account. The first user account is monitored for user activity. Next, the system may identify the notification reporting the detection of the user activity associated with the first user account as a possible electronic intrusion into the first account.
    Type: Grant
    Filed: October 18, 2019
    Date of Patent: October 3, 2023
    Assignee: eBay Inc.
    Inventor: Srinivasan Raman
  • Patent number: 11765296
    Abstract: An information processing system configured to perform setting for an image processing apparatus based on setting edited by an application configured to operate on an information processing apparatus, wherein the system includes a startup unit that acquires a status of the image processing apparatus, downloads setting information for the image processing apparatus, determines whether or not to start up the application, and controls the startup of the application based on results of the determination, wherein the determination is performed based on the status before the setting information download has begun.
    Type: Grant
    Filed: June 3, 2022
    Date of Patent: September 19, 2023
    Assignee: CANON KABUSHIKI KAISHA
    Inventor: Keiko Kamoi
  • Patent number: 11757906
    Abstract: A method of detecting anomalous user behavior in a cloud environment includes receiving a vector that comprises counts of actions taken by the user during a current time interval; determining whether an action count in the vector is greater than a global mean; building a scale table by combining new action skills that are above a threshold and original action skills if below the threshold; and identifying outliers when the action count is greater than the global mean multiplied by a corresponding action scale from the scale table.
    Type: Grant
    Filed: January 23, 2020
    Date of Patent: September 12, 2023
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventors: Brian H. Xu, Chao Feng
  • Patent number: 11747314
    Abstract: Disclosed are a gas detection intelligence training system and an operating method thereof. The gas detection intelligence training system includes a mixing gas measuring device that collects an environmental gas from a surrounding environment, generates a mixing gas based on the collected environmental gas and a target gas, senses the mixing gas by using a first sensor array and a second sensor array under a first sensing condition and a second sensing condition, respectively, and generates measurement data based on the sensed results of the first sensor array and the second sensor array, and a detection intelligence training device including a processor that generates an ensemble prediction model based on the measurement data.
    Type: Grant
    Filed: August 13, 2021
    Date of Patent: September 5, 2023
    Assignee: Electronics and Telecommunications Research Institute
    Inventors: Jae Hun Choi, Hwin Dol Park, Chang-Geun Ahn, Do Hyeun Kim, Seunghwan Kim, Hyung Wook Noh, YongWon Jang, Kwang Hyo Chung
  • Patent number: 11750660
    Abstract: Examples for detecting a compromised device are described. A set of threat detection rules can instruct an application on the client device how to detect whether the client device is compromised. The rules can be updated dynamically and without updating the application that is performing the compromise detection. The rules can be encoded in an interpreted scripting language and executed by a runtime environment that is embedded within the application.
    Type: Grant
    Filed: September 9, 2021
    Date of Patent: September 5, 2023
    Assignee: VMware, INC.
    Inventors: Simon Brooks, Daniel E. Zeck, Xinpi Du, Ali Mohsin, Kishore Sajja, Nikhil Mehta
  • Patent number: 11743058
    Abstract: Authenticating a host computer and NVDIMM pair using lookup tables for a challenge/response exchange between the pair of devices. The NVDIMM is challenged by the host computer for which a response associated with the physically unclonable function of a NVDIMM component is provided. The NVDIMM challenges the host computer for which a response associated with the physically unclonable function of a host computer component is provided. Additional security stores a modified response associated with run-time physically unclonable functions associated with the host computer and NVDIMM pair for use in future challenge/response exchanges.
    Type: Grant
    Filed: March 5, 2020
    Date of Patent: August 29, 2023
    Assignee: International Business Machines Corporation
    Inventors: Janani Swaminathan, Trinadhachari Kosuru, Anand Haridass, Santosh Balasubramanian
  • Patent number: 11729222
    Abstract: Embodiments provide a system and method for extracting configuration-related information for reasoning about the security and functionality of a composed system. During operation, the system determines, by a computing device, information sources associated with hardware and software components of a system, wherein the information sources include at least specification sheets, standard operating procedures, user manuals, and vulnerability databases. The system selects a set of categories of vulnerabilities in a vulnerability database, and ingests the information sources to obtain data in a normalized format. The system extracts, from the ingested information sources, configuration information, vulnerability information, dependency information, and functionality requirements to create a model for the system.
    Type: Grant
    Filed: July 1, 2020
    Date of Patent: August 15, 2023
    Assignee: Palo Alto Research Center Incorporated
    Inventors: Hamed Soroush, Milad Asgari Mehrabadi, Shantanu Rane, Marc E. Mosko
  • Patent number: 11729610
    Abstract: A method includes receiving registration information regarding a telematics unit and a respective control system for a plurality of equipment pieces; receiving a seed from a control system of a first equipment piece via a telematics unit of the first equipment piece based on receiving a telematics session request by the control system of the first equipment piece; authenticating the telematics unit and the control system of the first equipment piece based on information included with the seed and the registration information; generating a first encrypted key and a second encrypted key based on the authentication; providing the first key to the telematics unit for the first equipment piece; and providing the second encrypted key to the control system of the first equipment piece via the telematics unit of the first equipment piece to establish a data communication channel.
    Type: Grant
    Filed: November 9, 2020
    Date of Patent: August 15, 2023
    Assignee: Cummins Inc.
    Inventors: Gorance V. Eftimovski, Troy D. Hamilton, Tomas Lopez Lauterio, Michael F. Mattern, Thomas J. Milvert, Srikanth Namuduri, Prasanna Srinivasan, Ankit R. Tarkas, Sagar R. Uplenchwar, Jaydeep J. Das, Sharika K. Kumar, Scott David Richter