Prevention Of Unauthorized Use Of Data Including Prevention Of Piracy, Privacy Violations, Or Unauthorized Data Modification Patents (Class 726/26)
  • Patent number: 10148388
    Abstract: With the proliferation of digital tool and content, it is becoming easier for adversaries to copy and modify digital content without detection or control by a content owner. Computing systems are provided to detects client-side data mutations. Responsive to a request to access the content data from a client device, a server compiles data that includes the content data, a mark and executable instructions for detecting data mutations, and sends this data to the client device. The client device then, based on the received instructions, stores the local environment properties relating to playing or viewing the content data, incorporates the mark with the content data, and allows the content data to be played or viewed or accessed. The client device also conducts checks in relation to the content data, the marker, and the local environment properties. If a data mutation is detected, the client device initiates an alert protocol.
    Type: Grant
    Filed: October 31, 2017
    Date of Patent: December 4, 2018
    Assignee: BitCine Technologies Incorporated
    Inventor: Tyson G. E. Louth
  • Patent number: 10142106
    Abstract: An approach is provided for securing data in a technical environment. In one embodiment, a processor obtains a first file, which when executed installs a first portion of a second file and an assembly key to assemble the second file. The processor executes this first file and then obtains the second portion of the second file. The processor assembles the second file using the first portion, the second portion, and the assembly key.
    Type: Grant
    Filed: October 20, 2017
    Date of Patent: November 27, 2018
    Assignee: Hand Held Products, Inc.
    Inventors: Erik Todeschini, Stephen Patrick Deloge, Donald Anderson
  • Patent number: 10142684
    Abstract: In one embodiment, a method, comprising obtaining a first uniform resource identifier for a segment of a content item, obtaining encryption metadata indicative of encryption information to be used for encrypting the segment when the segment is requested by a client device or a content delivery network, generating a data combination based on the first uniform resource identifier and the encryption metadata, generating an authentication code or a signature by applying a secret to the data combination, the secret being unknown to the client device or the content delivery network, generating a second uniform resource identifier for the segment based on the authentication code or the signature, the encryption metadata and the first uniform resource identifier, inserting the second uniform resource identifier in an adaptive bitrate media playlist for the content item, and sending the adaptive bitrate media playlist to the client device or the content delivery network.
    Type: Grant
    Filed: March 21, 2017
    Date of Patent: November 27, 2018
    Assignee: Cisco Technology, Inc.
    Inventors: Paul Rutland, John Allen
  • Patent number: 10135805
    Abstract: Systems and methods for device-based authentication are disclosed. In some implementations, a device receives a Single Sign On PIN from a backend server. The device transmits, to a token server, the Single Sign On PIN and credentials of a subscriber identity module (SIM) to request a token for accessing a network resource via a computer different from the device. The token is associated with a user account. The device receives the token from the token server. The device stores the token at a local memory of the device.
    Type: Grant
    Filed: October 31, 2013
    Date of Patent: November 20, 2018
    Assignee: Cellco Partnership
    Inventors: Mohammad Raheel Khalid, Ji Hoon Kim, Cory Michael Bruno, Paul Berman, Mauricio Pati Caldeira De Andrada, Samir Vaidya
  • Patent number: 10133880
    Abstract: Disclosed are systems and methods for blocking access to interface elements of a page of an application in an applications store. The computing device executes executing a restrictive application that restricts use of the computing device. The restrictive application can determine that a page of the application in the application store is being presented on a display of the computing device and block access to interface elements of the application page, thereby preventing punitive evaluations of the restrictive application. To restore access to the application store page, the restrictive application may obtain authentication data associated with an authorized user, and responsive to determining that the obtained authentication data satisfies one or more conditions for unblocking, provide access to the interface elements of the page of the application in the applications store.
    Type: Grant
    Filed: June 20, 2017
    Date of Patent: November 20, 2018
    Assignee: AO KASPERSKY LAB
    Inventor: Victor V. Yablokov
  • Patent number: 10127621
    Abstract: A server system for distributing information securely includes a network interface for receiving, over a network, an information object accompanied by metadata. A repository stores the information object. Metadata is mapped to electronic addresses of trusted recipients. A processor is configured to generate a link for accessing the information object in the repository, acquire an electronic address of a trusted recipient based on the metadata accompanying the information object, insert the link into an electronic message addressed to the electronic address of the trusted recipient, and send the electronic message with the link to the trusted recipient. The processor is further configured to receive, over a second network, a request for the information object sent from a user device in response to an activation of the link, retrieve the information object from the repository, and transmit the information object to a browser of the user device over the second network.
    Type: Grant
    Filed: January 11, 2017
    Date of Patent: November 13, 2018
    Assignee: AWARE, INC.
    Inventors: James Giulio Cialdea, Alexis Tzannes, Adrian Gropper
  • Patent number: 10129207
    Abstract: A network device having multiple service units receives an outbound packet of a communication session, where the service units can perform network address translation (NAT) on the outbound packet. The outbound packet includes a private source network address and source port. The network device applies a service unit selection function to a header of the outbound packet to produce a first result, and selects, based on the first result, a service unit to perform NAT for packets of the communication session. The network device determines a port for network address translation that produces a second result equal to the first result when the service unit selection function is applied to the portion of the header when the portion includes a selected public network address and determined port. The service unit can thereby perform session-aware services on packets of the communication session without redirecting the packets between the service units.
    Type: Grant
    Filed: July 20, 2015
    Date of Patent: November 13, 2018
    Assignee: Juniper Networks, Inc.
    Inventors: Wei Wan, Zengqiang Yuan, Qiong Wang
  • Patent number: 10116609
    Abstract: Technologies are described related to third party email signature generation and authentication. A DKIM signature may be stamped in a way such that the “From” address is encoded in the selector. The domain may be extracted from the DKIM signature based upon being from a known sender in the d=field, which signs on behalf of another domain. The reconstructed domain may be aligned from the selector against the actual domain in the “From” address to pass DMARC.
    Type: Grant
    Filed: November 8, 2015
    Date of Patent: October 30, 2018
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Terry Zink, Mauktik Gandhi, Robert Herbst, Shashank Kavishwar
  • Patent number: 10115100
    Abstract: Systems, apparatus, and methods for managing an application installed on a mobile device, such as a mobile phone are provided, so as to prevent or limit unauthorized use of the application, for example, when the mobile device is lost, stolen, or otherwise subject to unauthorized use. An input indicative of a password to access the application can be received. It may be determined that a predetermined number of password entry attempts has been reached based on the input. A request message to disable access to the application can be transmitted from the mobile device to a remote computer. One or more lock instructions for disabling access to the application can be received by the mobile device from the remote computer. The one or more lock instructions can be executed by the mobile device by modifying control data within a secure memory of the mobile device.
    Type: Grant
    Filed: January 29, 2016
    Date of Patent: October 30, 2018
    Assignee: Visa International Service Association
    Inventors: Christian Aabye, Olivier Brand, Michael Lindelsee, Joseph J. Mirizzi, Hao Ngo, Lauren White, David William Wilson
  • Patent number: 10114975
    Abstract: An apparatus has a processor and a memory connected to the processor. The memory stores instructions executed by the processor to store a semi-structured document database including a collection of documents having semi-structured data formats. Data redaction rules are defined. Each data redaction rule includes a redaction type and a path expression to a redaction location within a semi-structured data format of a document within the collection of documents. The data redaction rules are applied to form redacted documents. The redacted documents are supplied.
    Type: Grant
    Filed: January 13, 2017
    Date of Patent: October 30, 2018
    Assignee: MarkLogic Corporation
    Inventors: Junfeng Sun, Caio Vinicius B. Milani
  • Patent number: 10116635
    Abstract: A mobile-based equipment service system includes a remote server, a mobile device, and at least one equipment controller. The mobile device includes a user interface, and is configured to send a user authentication message, initiated by a user via the user interface, to the remote server. The remote server is configured to verify the user via the user authentication message and once verified, send an encrypted blob to the mobile device in response to the user authentication message. At least one equipment controller is configured to receive and decrypt the encrypted blob from the mobile device.
    Type: Grant
    Filed: April 27, 2017
    Date of Patent: October 30, 2018
    Assignee: OTIS ELEVATOR COMPANY
    Inventors: Devu Manikantan Shila, Arthur T. Grondine, Michael Garfinkel, Teems E. Lovett
  • Patent number: 10115099
    Abstract: Systems, apparatus, and methods for managing an application installed on a mobile device, such as a mobile phone are provided, so as to prevent or limit unauthorized use of the application, for example, when the mobile device is lost, stolen, or otherwise subject to unauthorized use. A request to enable or disable user access to a function of the application can be received by a server computer. A command message responsive to the request can be generated by the server computer, the command message comprising control data for enabling or disabling user access to the function of the application. The generated command message can be transmitted to the mobile device over a wireless network.
    Type: Grant
    Filed: January 29, 2016
    Date of Patent: October 30, 2018
    Assignee: Visa International Service Association
    Inventors: Christian Aabye, Olivier Brand, Michael Lindelsee, Joseph J. Mirizzi, Hao Ngo, Lauren White, David William Wilson
  • Patent number: 10108742
    Abstract: An apparatus has a processor and a memory connected to the processor. The memory stores instructions executed by the processor to store a semi-structured document database including a collection of documents having semi-structured data formats. Data redaction rules are defined. Each data redaction rule includes a redaction type and a path expression to a redaction location within a semi-structured data format of a document within the collection of documents. At least one data redaction rule includes a configurable range of redaction values and a configurable format for the redaction values. The data redaction rules are applied to form redacted documents. The redacted documents are supplied.
    Type: Grant
    Filed: January 23, 2018
    Date of Patent: October 23, 2018
    Assignee: MarkLogic Corporation
    Inventors: Junfeng Sun, Caio Vinicius B. Milani
  • Patent number: 10110771
    Abstract: A printed document manager manages printed documents associated with respective electronic documents. When a document is printed, a graphical symbol referred to as a “postmark” is generated and inserted into the print stream so the postmark is printed on the hard copy of the document. The printed document is logged in a printed document store along with metadata associated with the printed document. The postmark on the printed document can be used for one or more purposes, such as to determine whether the printed document is current, to locate the corresponding print image in the printed document store, to locate the corresponding electronic document in the document management system, to automatically file a hand-notated version of the printed document, and to determine whether the printed document can be shredded after use. The printed document manager thus provides a way to effectively manage printed documents.
    Type: Grant
    Filed: June 8, 2015
    Date of Patent: October 23, 2018
    Assignee: DocSolid LLC
    Inventors: Steven W. Irons, David R. Guilbault, Eric R. Lynn, Simon Okunev, Ian M. Miller
  • Patent number: 10108703
    Abstract: A computer may detect, during a first time period, a message written to a composer. The computer may analyze a first set of usage patterns of a composer's personal device that correspond to the first time period. The computer may also analyze a second set of usage patterns of the composer's personal device that correspond to a second time period. The computer may identify usage habits of the composer based on analyzing the second set of usage patterns. The computer may also identify a difference between the first set of usage patterns and the usage habits of the composer. The computer may determine that the composer was in an impaired state during the first time period based on the difference. The computer may then notify the composer of the difference.
    Type: Grant
    Filed: August 11, 2017
    Date of Patent: October 23, 2018
    Assignee: International Business Machines Corporation
    Inventors: Eric L. Barsness, Jay S. Bryant, James E. Carey, Joseph W. Cropper, John M. Santosuosso
  • Patent number: 10102387
    Abstract: Systems, methods, and non-transitory computer-readable media can acquire a plurality of accounts associated with a set of features. Each account in the plurality of accounts can be associated with a respective set of feature values for the set of features. A selection for a subset of features out of the set of features can be received. A group of clusters can be generated based on the selection for the subset of features. Each cluster in the group of clusters can include a respective collection of nodes representing at least some of the plurality of accounts. It can be determined whether a particular collection of nodes, included in at least one cluster out of the group of clusters, represents illegitimate accounts or legitimate accounts.
    Type: Grant
    Filed: June 1, 2015
    Date of Patent: October 16, 2018
    Assignee: Facebook, Inc.
    Inventor: Daniel Adam Jenson
  • Patent number: 10102351
    Abstract: Systems and methods for enabling a user to obtain rights in a legitimate copy of a digital content unit without downloading the copy from a digital content store are provided. The systems and methods provide an encrypted copy of a digital content unit to a first user and transcript the encrypted copy to generate the legitimate copy to a second user. The encrypted copy is encrypted with a first encrypt key that may be associated with the first user and the legitimate copy is encrypted with a second encrypt key that may be associated with the second user.
    Type: Grant
    Filed: October 18, 2006
    Date of Patent: October 16, 2018
    Assignee: APPLE INC.
    Inventors: Jonathan M. Zweig, James H. Woodyatt
  • Patent number: 10089611
    Abstract: Technology for sharing digital media is provided. In one example, a method may include identifying a first consumer. A request may be received from a second consumer requesting to consume the digital media. A first segment of the digital media being consumed by the first consumer may be identified. The digital media may be provided to the second consumer for consumption at a second segment of the digital media different from the first segment being consumed by the first consumer.
    Type: Grant
    Filed: June 5, 2014
    Date of Patent: October 2, 2018
    Assignee: Amazon Technologies, Inc.
    Inventor: Eric Scott Eisher
  • Patent number: 10073957
    Abstract: The present disclosure relates to a method for protecting an application program in a terminal device, and a terminal device thereof. The method includes: intercepting a request for starting an application program; determining whether the application program needs protection; and starting a protection interface before starting the application program, if the application needs protection. According to the present disclosure, the protection interface is launched before starting the application program when the terminal device detects that the application program needs protection, thereby protecting the application program comprehensively and thoroughly.
    Type: Grant
    Filed: July 24, 2014
    Date of Patent: September 11, 2018
    Assignee: XIAOMI INC.
    Inventors: Liang Yang, Wenlin Wang, Yuzhen Wan
  • Patent number: 10075770
    Abstract: Method for securing control words within a decoder in charge of descrambling digital content protected by these control words, comprising the following steps: for each descrambling unit of this decoder, loading in a directory a pairing key referenced by an identifier associating said key to a descrambling unit; receiving at least one encrypted control word referenced by an indication allowing to identify the descrambling unit for which it is intended; decrypting the control word by using a first key shared with a security module; identifying in the directory the pairing key whose identifier corresponds to the indication of destination associated to the control word; encrypting this control word by using this pairing key; and storing in a register the control word in a chronological and referenced way.
    Type: Grant
    Filed: July 4, 2014
    Date of Patent: September 11, 2018
    Assignee: Nagravision S.A.
    Inventors: Marco Macchetti, Jerome Perrine, Patrick Servet, Didier Hunacek
  • Patent number: 10063531
    Abstract: A method for key rotation includes initiating key rotation for a user account of a multi-factor authentication platform enabling one-time password authentication using a first symmetric cryptographic key; generating, at an authenticating device, a second symmetric cryptographic key; transmitting, at the authenticating device, the second symmetric cryptographic key to the multi-factor authentication platform; configuring the multi-factor authentication platform and the authenticating device to disable authentication that uses the first symmetric cryptographic key; and configuring the multi-factor authentication platform and the authenticating device to enable authentication that uses the second symmetric cryptographic key.
    Type: Grant
    Filed: August 24, 2017
    Date of Patent: August 28, 2018
    Assignee: Duo Security, Inc.
    Inventors: Jon Oberheide, Adam Goodman
  • Patent number: 10061943
    Abstract: In an example embodiment described herein, keyboard monitoring logic is operable to obtain data typed into a keyboard. The data typed into the keyboard is compared with predefined protected data stored in a local credential file. If data typed into the keyboard matches predefined protected data stored in the credential file, the keyboard monitoring logic determines whether the destination of the typed data (e.g., the application, website, or both the application and website are stored in a whitelist. If the destination is not stored in the whitelist, the keyboard monitoring logic determines that an attempt of unauthorized access to protected data is occurring.
    Type: Grant
    Filed: December 2, 2015
    Date of Patent: August 28, 2018
    Assignee: GAS Informatica LTDA
    Inventors: Juliano Galhiego Vieira, Silvio Reis, Jr., Rodrigo Antonio de Araujo, Rafael Ribeiro Homem D'el-Rey
  • Patent number: 10063943
    Abstract: Techniques for communicating schedule data regarding a schedule are described herein. For example, a device may communicate a schedule information element that includes a tag indicating a first operating context to which to apply schedule data regarding a schedule. The schedule information element may also include a reference tag to indicate whether the schedule data is contained in the schedule information element or has been previously received and/or to identify a second operating context associated with previously received schedule data. If the reference tag indicates that the schedule data is contained in the schedule information element, the schedule data may be extracted from the schedule information element and applied to the first operating context. If the reference tag indicates that the schedule data has been previously received, the previously received schedule data may be accessed and applied to the first operating context.
    Type: Grant
    Filed: December 30, 2016
    Date of Patent: August 28, 2018
    Assignee: Itron, Inc.
    Inventors: James Laurence Taylor, Jerome Bartier, Keith Barnes, Thomas Uhling
  • Patent number: 10063553
    Abstract: A programmable display for connection to a control device includes: a user management unit configured to identify a user accessing the programmable display; a generation unit configured to generate an interface screen containing information from the control device in accordance with privileges assigned the user identified by the user management unit; a display unit configured to output the interface screen; a connection management unit configured to, in response to a request for access from a user on an external device, establish a connection with the external device on the basis of identification of the user by the user management unit, and to send the interface screen to an external device with which a connection is established; and the user management unit prohibits simultaneous access to the programmable display by a plurality of users each having different privileges assigned.
    Type: Grant
    Filed: November 25, 2015
    Date of Patent: August 28, 2018
    Assignee: OMRON Corporation
    Inventor: Yuta Nagata
  • Patent number: 10063580
    Abstract: A system comprising a computer-readable storage medium storing at least one program, and a method for reducing cyber-security related false positive alerts is presented. In example embodiments the method may include identifying an indication of a cyber-security threat based on an operational anomaly in a network system. The method may further include determining that the operational anomaly is a false positive indicator with respect to the cyber-security threat based on the operational anomaly being correlated with a malfunction or reconfiguration event.
    Type: Grant
    Filed: July 27, 2017
    Date of Patent: August 28, 2018
    Assignee: General Electric Company
    Inventors: Shai Dekel, Lior Ateret, Evgeny Bogokovsky
  • Patent number: 10055553
    Abstract: A system and method are disclosed for creating a secure video content path, or a protected media content bus, within an unsecure personal computer. A portable security module, or electronic key safe, may be inserted into a personal computer that has different internal components for processing secure and unsecured content. The security module may establish a secure encrypted link with a secure video processor of the personal computer, and may use the personal computer's network interface to request authority to receive secured content. The security module may provide content keys to the secure video processor to access secured content received over an external network.
    Type: Grant
    Filed: March 29, 2016
    Date of Patent: August 21, 2018
    Assignee: Comcast Cable Communications, LLC
    Inventor: James W. Fahrny
  • Patent number: 10049233
    Abstract: When security software is activated, it is determined whether the mode is a safe mode or a normal mode. And the security software switches a monitor in accordance with the mode.
    Type: Grant
    Filed: September 18, 2015
    Date of Patent: August 14, 2018
    Assignee: Canon Denshi Kabushiki Kaisha
    Inventor: Azusa Sekiguchi
  • Patent number: 10049269
    Abstract: An information processing apparatus includes an acquiring unit, an extraction unit, and a selection unit. The acquiring unit acquires, for multiple documents, candidates for elements representing characteristics of each of the multiple documents. The extraction unit extracts, from the candidates acquired by the acquiring unit, common elements common to two or more of the multiple documents. The selection unit extracts, from the multiple documents, a document including two or more common elements among the common elements, and determines the two or more common elements included in the extracted document to be elements representing characteristics of the document.
    Type: Grant
    Filed: April 13, 2016
    Date of Patent: August 14, 2018
    Assignee: FUJI XEROX CO., LTD.
    Inventors: Nobuyuki Shigeeda, Yozo Kashima
  • Patent number: 10042696
    Abstract: The invention relates to a system for handling an at least supposedly partially defective electronic user terminal, wherein the electronic user terminal, after being successfully identified by a server, is automatically and irreversibly put into an irreparable state if a performed diagnosis of functionally relevant circuits of the user terminal indicates that said functionally relevant circuits are impaired in the functional capability thereof or have failed.
    Type: Grant
    Filed: August 6, 2014
    Date of Patent: August 7, 2018
    Assignee: GBR OLIVER OECHSLE, DR. HANS-PETER DIETZ
    Inventors: Oliver Oechsle, Hans-Peter Dietz
  • Patent number: 10037199
    Abstract: In an example, a method of creating a secured workspace in a mobile device includes installing an application management agent on the mobile device, wherein the application management agent is configured to communicate with a remote server to obtain a security policy. The method further includes installing a wrapped enterprise application to the mobile device. The wrapped enterprise application includes code injected therein that, when executed by the mobile device, causes the mobile device to intercept at least a portion of instructions being executed by the wrapped enterprise application and to interpose alternative instructions that comply with the security policy. The method further includes communicating among the wrapped enterprise application, the application management agent, and other wrapped enterprise applications through pasteboard and uniform resource locator (URL) handlers provided by an operating system of the mobile device.
    Type: Grant
    Filed: April 17, 2015
    Date of Patent: July 31, 2018
    Assignee: VMware, Inc.
    Inventors: Perry Hung, Harvey Tuch, Craig F. Newell, Haim Tebeka
  • Patent number: 10037257
    Abstract: Provided are methods and peripheral devices for examining local hardware and configuring a location-aware peripheral device accordingly. In some implementations, a peripheral device may be configured to examine, using a bus interface, another device connected to the bus. Examining may include determining characteristics of the other device. In some implementations, the peripheral device may further compare the determined characteristics against information derived from data stored in a memory of the peripheral device. The information may describe acceptable operating parameters for the computing system. In some implementations, the peripheral device may further determine, based on a result of the comparison, a status for the computing system. The status may indicate whether the computing system is operating within acceptable operating parameters. The status may direct an action by the peripheral device.
    Type: Grant
    Filed: March 29, 2016
    Date of Patent: July 31, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Adi Habusha, Eric Jason Brandwine, Stephen Edward Schmidt
  • Patent number: 10038808
    Abstract: The present disclosure discloses methods and systems for remotely configuring a multi-function device without requiring an expert visit at a user's place. The method includes transmitting a configuration request through the multi-function device for configuring the multi-function device along with a unique parameter of the multi-function device. Based on the request, one or more configuration files having one or more keys are retrieved, as generated by a remote server. The one or more keys are generated based on the unique parameter of the multi-function device and one or more features to be configured related to the multi-function device. As a next step, the multi-function device is automatically configured by installing the one or more configuration files using the one or more keys.
    Type: Grant
    Filed: January 27, 2017
    Date of Patent: July 31, 2018
    Assignee: XEROX CORPORATION
    Inventors: Gayathri Bhaskaran, Aditya Sarvan Tatapudi, VijayaKumar Alagarsamy, Poomaran Pandian
  • Patent number: 10034154
    Abstract: Aspects of the subject disclosure may include, for example, receiving status change information from a first communication device of a first user over a network; adjusting a user profile of a second user responsive to the status change information; and providing the status change information to a group of second communication devices of the second user to cause the group of second communication devices to adjust operational parameters according to the status change information. Other embodiments are disclosed.
    Type: Grant
    Filed: August 31, 2016
    Date of Patent: July 24, 2018
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Sangar Dowlatkhah, Venson Shaw, Afsaneh Khajavi
  • Patent number: 10027767
    Abstract: An embodiment of the present invention provides a method for providing an SNS-based file aging service executed in a SNS-based file aging service providing server, and the method includes receiving a SNS registration event for at least one user of at least one user, checking whether a content upload event is being occurred on a SNS of the at least one user at which the SNS registration event is received, mapping the content at which the content upload event is occurred with the SNS registration event of the at least one user for the storage thereof, and expiring the content uploaded on the SNS, the content being stored by mapping it with the SNS registration event, when an SNS deregistration event is being occurred for the at least one user from the at least one user.
    Type: Grant
    Filed: August 25, 2015
    Date of Patent: July 17, 2018
    Inventor: Myung Bean Song
  • Patent number: 10019605
    Abstract: An interface device includes a communication interface and a secure element. The communication interface receives input data and a selection of one of a plurality of secure modes to secure the input data for transmission to a secure external computing device, such as a banking web server. The secure element secures the input data based on the secure mode that was selected. The secured input data is then transmitted to the secure external computing device.
    Type: Grant
    Filed: June 26, 2015
    Date of Patent: July 10, 2018
    Assignee: Square, Inc.
    Inventors: Andre Boysen, Dmitry Barinov, Eli Erlikhman
  • Patent number: 10020944
    Abstract: A cryptographic hash value is computed in a hardware processing unit of an apparatus. The cryptographic hash value is computed iteratively processing blocks of data in a predetermined order by, for each block: obtaining at least one intermediate value for the block by applying a function to the block, computing a value of a weight function, and updating at least one hash variable with a corresponding intermediate value only if the value of a weight function is equal to at least one predetermined value. The processing unit then generates the cryptographic hash value from the at least one hash variable.
    Type: Grant
    Filed: October 3, 2016
    Date of Patent: July 10, 2018
    Assignee: THOMSON Licensing
    Inventors: Charles Salmon-Legagneur, Mohamed Karroumi
  • Patent number: 10009666
    Abstract: A first computing device may receive an indication of user input that is at least a part of a conversation between a user and a first assistant executing at the first computing device. The first assistant and/or an assistant executing at a digital assistant system may determine whether to handoff the conversation from the first assistant executing at the first computing device to a second assistant executing at a second computing device. In response to determining to handoff the conversation to the second assistant executing at the second computing device, the first assistant and/or the assistant executing at the digital assistant system may send to the second computing device a request to handoff the conversation which includes at least an indication of the conversation.
    Type: Grant
    Filed: November 3, 2017
    Date of Patent: June 26, 2018
    Assignee: GOOGLE LLC
    Inventors: Andrea Terwisscha van Scheltinga, Zaheed Sabur, Michael Reutov, Pratik Gilda
  • Patent number: 10009384
    Abstract: Systems and methods for governing derived electronic resources are provided. In one embodiment, a digital resource is associated with one or more rules and a set of one or more computations, wherein the rules correspond to one or more conditions for accessing the digital resource and the computations operate upon the digital resource in order to provide a specific view of the digital resource that differs from the digital resource.
    Type: Grant
    Filed: February 14, 2017
    Date of Patent: June 26, 2018
    Assignee: Intertrust Technologies Corporation
    Inventors: W. Knox Carey, Jarl Nilsson
  • Patent number: 10002255
    Abstract: A device and a method for controlling a security screen in an electronic device are provided. The electronic device includes a display module, a first memory having at least one display data stored therein, a composing module that composes a plurality of display layers each including at least one display data and displays the same on the display module, and a control module that controls at least one of the display module, the first memory, or the composing module, wherein the control module identifies a type of the at least one display data included in each of the plurality of display layers and controls the attributes of the plurality of display layers to display a display layer including security data, among the plurality of display layers, at the uppermost position when the identified display data is the security data.
    Type: Grant
    Filed: April 10, 2015
    Date of Patent: June 19, 2018
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Moonsu Chang, Yangsoo Lee, Eunjung Hyun
  • Patent number: 10002372
    Abstract: In an example embodiment, a method of handling duplicate records in a computer database is provided. A record is received via an API. An item type associated with the record is identified. A duplicate check schema corresponding to the item type is obtained. A string is generated for the record by extracting values for each of a plurality of fields, defined in the duplicate check schema, located in the record and concatenating the values. Then a hash algorithm is applied to the string to create a hash for the record. The hash for the record is compared to hashes from previous records stored in the computer database to identify whether the hash is a duplicate. In response to a determination that the hash is a duplicate, one or more processing rules from the duplicate check schema are executed.
    Type: Grant
    Filed: September 15, 2015
    Date of Patent: June 19, 2018
    Assignee: SAP SE
    Inventors: Adrian Golec, Georg Lang, Fabian Hammann, Artur Kaufman, Dennis Kurfiss
  • Patent number: 9992177
    Abstract: A method and system for modifying an authenticated and/or encrypted message by a modifying party exchanged between a sending party and a receiving party based on a secure communication protocol, the method includes the steps of a) dividing a clear message into non-modifiable parts and modifiable parts by the sending party; b) including modifiable part information into the message by the sending party; c) authenticating and/or encrypting the message by the sending party; d) providing en- and decryptability and/or authenticability of the message to the modifying party in such a way that the modifying party can only modify the modifiable parts of the message; e) modifying one or more modifiable parts by the modifying party; and f) providing an authenticated and/or encrypted modified message according to the secure communication protocol to the receiving party.
    Type: Grant
    Filed: April 5, 2013
    Date of Patent: June 5, 2018
    Assignee: NEC Corporation
    Inventors: Sebastian Gajek, Jan Seedorf, Oezguer Dagdelen
  • Patent number: 9977924
    Abstract: A method and a device are disclosed for providing a notification indicating a loss of a terminal, the method including obtaining a matching relation between first feature information of a current user of a target terminal and second feature information of a predetermined user. The method also includes controlling a related terminal associated with the target terminal to output a loss notification in response to determining that the matching relation indicates that the first feature information and the second feature information do not match. The loss notification indicates a loss of the target terminal.
    Type: Grant
    Filed: December 12, 2016
    Date of Patent: May 22, 2018
    Assignee: Beijing Xiaomi Mobile Software Co., Ltd.
    Inventors: Daokuan Liu, Chunhe Yang, Yao Tang, Shuai Liu, Xinyan Xing
  • Patent number: 9973517
    Abstract: Disclosed is an apparatus and method for a computing device to determine if an application is malware. The computing device may include: a query logger to log the behavior of the application on the computing device to generate a log; a behavior analysis engine to analyze the log from the query logger to generate a behavior vector that characterizes the behavior of the application; and a classifier to classify the behavior vector for the application as benign or malware.
    Type: Grant
    Filed: January 7, 2014
    Date of Patent: May 15, 2018
    Assignee: QUALCOMM Incorporated
    Inventors: Hsu-Chun Hsiao, Shuo Deng, Babak Salamat, Rajarshi Gupta, Saumitra Mohan Das
  • Patent number: 9967234
    Abstract: The present invention is a device, system and method for providing a more secure full motion video with metadata streaming product. More specifically, the invention is capable of ensuring a more secure video transfer from a less secure input data network to a more secure data receiving network through the use of a firewall on the less secure input network interface, which is used for separating video and discarding other unwanted data, and an Air Gap that physically separates the input and output networks. This physical separation ensures a secure transfer of the “cleaned” input data from the less secure input source to the more secure data receiving network.
    Type: Grant
    Filed: April 27, 2016
    Date of Patent: May 8, 2018
    Assignee: THE UNITED STATES OF AMERICA, AS REPRESENTED BY THE SECRETARY OF THE NAVY
    Inventors: Bradford James Crane, Kevin Dee Shepherd
  • Patent number: 9965653
    Abstract: A trusted computing device (TCD) includes an isolated environment, host interface, secure interface, and program instructions. The environment includes an isolated environment processor (IEP), memory (secure and non-secure partition), and an auxiliary processor (AP). Memory and AP are connected for data communication with the IEP, and communicate with a host only through the IEP. The host interface and each secure interface are connected for data communication with the IEP.
    Type: Grant
    Filed: December 22, 2016
    Date of Patent: May 8, 2018
    Assignee: GOOGLE LLC
    Inventors: Dominic Rizzo, Peiter Zatko
  • Patent number: 9967246
    Abstract: Techniques relate to a cloud queue facilitating access to a cloud queue via an authorization token. In an example implementation, a computing system receives, over a network interface from a media playback system, an authorization token corresponding to a cloud queue of media items at the computing system and a request by the media playback system for access to the cloud queue of media items. The computing system determines that the authorization token is valid and in response to the determination, provides, to the media playback system, the requested access to the cloud queue of media items, the providing comprising transmitting information associated with at least one of the media items of the cloud queue. Thereafter, the computing system determines that the media playback system is eligible for a renewed authorization token and, in response, transmits, to the media playback system, the renewed authorization token.
    Type: Grant
    Filed: October 7, 2016
    Date of Patent: May 8, 2018
    Assignee: Sonos, Inc.
    Inventors: Steven Beckhardt, Andrew J. Schulert, Gregory Ramsperger
  • Patent number: 9959427
    Abstract: An information determination apparatus includes a first storage unit configured to store stream data pieces obtained in time sequence; a first determining unit configured to determine whether the number of stream data pieces stored in the first storage unit is at least equal to a predetermined value; and a second determining unit configured to determine, when the number of the stream data pieces stored in the first storage unit is equal to or greater than the predetermined value, whether an individual can be identified based on a dataset composed of a plurality of the stream data pieces stored in the first storage unit, and output the dataset used for the determination and the determination result.
    Type: Grant
    Filed: April 14, 2015
    Date of Patent: May 1, 2018
    Assignee: NEC CORPORATION
    Inventors: Sawako Mikami, Kenichiro Fujiyama, Kentaro Yamasaki, Yuji Kobayashi
  • Patent number: 9948727
    Abstract: For securely transferring session information, code creates a session transfer packet in response to receiving a selected option associated with running a server application using a second browser. The session transfer packet has a claim number and a session transfer key. Code activates an authentication application on an electronic device in response to receiving the selected option. In addition, code communicates a claim packet to the electronic device in response to the selected option. The claim packet has the claim number and a server address. The code also receives the claim number from the authentication application. The code further communicates the session transfer packet to the authentication application in response to receiving the claim number. In addition the code communicates a cookie header to the second browser in response to receiving the session transfer key from the second browser.
    Type: Grant
    Filed: February 5, 2015
    Date of Patent: April 17, 2018
    Assignee: Lenovo (Singapore) PTE. LTD.
    Inventors: Matthew William Fardig, Travis Lee Ennis, Roger Alan Thomas
  • Patent number: 9942049
    Abstract: A disabled debug capability may be securely re-enabled in an integrated circuit such as a system-on-a-chip (SoC) device. In a method, the integrated circuit receives a debug re-enable message. The debug re-enable message includes a debug re-enable token signed by a private key. The debug re-enable token is based on a serial number of the integrated circuit and a first copy of a symmetric key. The debug re-enable token is validated using a public key corresponding to the private key. A comparison token is generated using the serial number of the integrated circuit and using a second copy of the symmetric key stored in a one-time-programmable (OTP) memory of the integrated circuit. The integrated circuit compares the debug re-enable token and the comparison token. The disabled debug capability is re-enabled in the integrated circuit if the debug re-enable token matches the comparison token.
    Type: Grant
    Filed: April 4, 2014
    Date of Patent: April 10, 2018
    Assignee: QUALCOMM Incorporated
    Inventor: Ivan Hugh McLean
  • Patent number: 9942241
    Abstract: A server includes a processor and a storage unit. The storage unit stores a program code, and when the program code is executed by the processor, the processor executes the following steps: when receiving an operation request from outside the server, if an effective identity (ID) code of a worker executing the operation request is set to be a default ID code and the default ID code does not have an authority for executing the operation request, setting the effective ID code as a specific ID code, and executing the operation request through the worker having the specific ID code, wherein the specific ID code has the authority for executing the operation request; and after the operation request is executed, setting the effective ID code as the default ID code.
    Type: Grant
    Filed: January 25, 2016
    Date of Patent: April 10, 2018
    Assignee: Synology Incorporated
    Inventor: Yi-Chien Lee