Access Control Patents (Class 726/27)
  • Patent number: 10104129
    Abstract: Various embodiments provide confidentiality-based file hosting by automatically directing assets in a shared workspace to appropriate storage locations. The storage location can be determined by comparing a security level that is associated with an asset to security levels of multiple possible storage locations. If a security level of the asset is changed in the shared workspace, the asset is automatically directed to an appropriate storage location based on the changed security level. This can include directing the asset to either a more secure or a less secure storage location.
    Type: Grant
    Filed: June 15, 2016
    Date of Patent: October 16, 2018
    Assignee: Prysm, INC.
    Inventors: Brandon Fischer, Adam P. Cuzzort
  • Patent number: 10097523
    Abstract: In order to provide secure user access to a device or service on a remote network, upon receipt of a request to access the device or service on a portal on a central server, a request is sent to a probe application installed on the remote network to establish a secure link to the central server. A message is then sent to the user directing the user to initiate a specific session request to the central server. The session request is cross connected to the probe application installed on the remote network over the secure link to establish a secure tunnel to the probe application. A secure user session is set up through the secure tunnel to the device or service via the probe application.
    Type: Grant
    Filed: January 30, 2012
    Date of Patent: October 9, 2018
    Assignee: Martello Technologies Corporation
    Inventors: Bill Kuker, Ryan Tenney, Clement Tse
  • Patent number: 10097402
    Abstract: In accordance with examples disclosed herein, a filter table for Media Access Control (MAC) chaining contains mappings between signature addresses, service functions, and management functions, to identify corresponding service function chains. The filter table is to store statistic information about the packet. A controller is to uniquely identify a management function corresponding to the signature address, and modify tables of packet signature addresses usable to modify the packet to cause the packet to be forwarded to the management function. The controller is to update the statistic information about the packet.
    Type: Grant
    Filed: May 11, 2016
    Date of Patent: October 9, 2018
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Donald Fedyk, Paul Allen Bottorff
  • Patent number: 10084784
    Abstract: Functionality is disclosed herein for providing a resource monitoring environment that restricts access to computing resource data in a service provider network. The resource monitoring environment processes requests to access computing resource data, and denies requests not signed or authorized by a customer of a service provider network or other entity. Access to the computing resource data includes access to non-obfuscated data and/or access to encrypted computing resource data encrypted by way of a public encryption key held by a customer of the service provider network or other entity instead of a requestor of the computing resource data.
    Type: Grant
    Filed: December 2, 2014
    Date of Patent: September 25, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Eric J. Brandwine, Matthew Shawn Wilson
  • Patent number: 10078762
    Abstract: The disclosed computer-implemented method for digitally enforcing computer parental controls may include (i) identifying a parental-control policy that controls a user's computer usage in some way, (ii) determining that the user is using a primary device, which is configured to restrict its usage according to the terms of the parental-control policy, to access a secondary device, which is not configured to restrict its usage according to the terms of the parental-control policy, and (iii) restricting, in response to the determination, the user's access to the secondary device according to the terms of the parental-control policy. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: June 23, 2016
    Date of Patent: September 18, 2018
    Assignee: Symantec Corporation
    Inventors: Lei Gu, Keith Newstadt
  • Patent number: 10073978
    Abstract: For efficient authorization settings in a computing environment, user access permissions are created or modified by mapping, granting, and/or limiting access to resources by resource type, and using checkboxes for controlling user access for individual resources and for mapping one of a multiplicity of icons to control a type of user access and control over the individual resources.
    Type: Grant
    Filed: April 16, 2014
    Date of Patent: September 11, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Paul A. Jennas, II, Jason L. Peipelman, Cory Thorpe, Chris Zukowski
  • Patent number: 10061924
    Abstract: Trusted executable images are run in a controlled environment, such as a dynamic malware analysis platform. For each trusted executable image, a corresponding baseline import-load signature is generated. This can be done by applying a cryptographic hash function to the specific instructions which resolve imports and/or load libraries, and their operands. Sample programs are run in the controlled environment and tested for maliciousness. Any executable image run by a given sample program in the controlled environment is identified, and an import-load signature of the executable image when run by the sample program is generated. The import-load signature of the executable image when run by the sample program is compared to the corresponding stored baseline import-load signature for the same executable image. The sample program is adjudicated as being benign or malicious based on at least the results of the comparison.
    Type: Grant
    Filed: December 31, 2015
    Date of Patent: August 28, 2018
    Assignee: Symantec Corporation
    Inventor: Prashant Gupta
  • Patent number: 10055444
    Abstract: A system may receive a query configured to access a column in a data table. The data table may be in a flat file in a big data storage format. The system may detect the language type of the query and validate the query against the syntax of the language type. The system may also validate an access permission for data in the data table. The access permission may be stored in a permissions database. The system may generate a temporary table including the column with the temporary table configured to support the language type. The system may execute the query against the temporary table to generate a query result based on the temporary table as though it were the underlying data table. The system may enforce column-level or row-level access permissions by excluding columns or rows from the temporary table.
    Type: Grant
    Filed: December 16, 2015
    Date of Patent: August 21, 2018
    Assignee: AMERICAN EXPRESS TRAVEL RELATED SERVICES COMPANY, INC.
    Inventors: Shubham Arora, Balaji Balaraman, Sandeep Bose, Arindam Chatterjee, Sastry Durvasula, Manoj Kumar Rana, Nitish Sharma
  • Patent number: 10055418
    Abstract: The disclosed technology provides systems and methods for filtering information based on a set of properties. The information consists of a set of items that the user is interacting with, such as documents, presentations, audio and video files, and the like. The properties can be specified by the user (by, for example, putting a set of items in lists and folders), based on actions taken by users in the system (such as commenting on, or liking, or viewing an item), or can represent a variety of other characteristics. Related properties can also be grouped together. Furthermore, the disclosed techniques provide mechanisms for automatically identifying useful properties and providing an indication of those useful properties to a user to use in narrowing results.
    Type: Grant
    Filed: March 13, 2015
    Date of Patent: August 21, 2018
    Assignee: Highspot, Inc.
    Inventors: Oliver Sharp, David Wortendyke, Scot Gellock, Robert Wahbe
  • Patent number: 10055992
    Abstract: The invention relates to a method for managing on-street parking spaces. The method includes querying, by a unit of a vehicle, vehicle sensors about the occupancy status of a parking space around the vehicle, the setting up of a communication channel between the unit and a remote server, the authentication of the unit with the server, the sending of a message with a public encryption key by the server to the unit, the encryption of the geolocation data and the occupancy status, the sending of the encrypted data to server, the decryption by the server of the received encrypted data, the comparison of the geolocation data received with a database containing referenced parking spaces and the update in the database of the occupancy status of referenced parking spaces.
    Type: Grant
    Filed: October 30, 2015
    Date of Patent: August 21, 2018
    Assignee: GEMALTO SA
    Inventors: Mikael Riou, Francois-Xavier Marseille
  • Patent number: 10044718
    Abstract: In a method of controlling sharing of an object between entities in a distributed system, a processor will identify an object and generate an access control list (ACL) for the object so that the ACL includes a list of clauses. Each clause will include a blessing pattern that will match one or more blessings, and at least one of the clauses also may include a reference to one or more groups. Each group represents a set of strings that represent blessing patterns or fragments of blessing patterns. The processor may generate each clause of the ACL as either a permit clause or a deny clause to indicate whether an entity or entities that have a blessing matched by the blessing pattern are permitted to access the object. The processor will save the ACL to a data store for use in responding to a request to access the object.
    Type: Grant
    Filed: August 12, 2015
    Date of Patent: August 7, 2018
    Assignee: Google LLC
    Inventors: Michael Burrows, Martin Abadi, Himabindu Pucha, Adam Sadovsky, Asim Shankar, Ankur Taly
  • Patent number: 10033793
    Abstract: Methods and apparatus for monitoring a portable device are disclosed herein. An example method includes connecting to a portable device using a shell. Whether the shell has an elevated privilege on the portable device is verified. In response to detecting that the shell does not have the elevated privilege, the elevated privilege is gained. A packet capturer is installed on the portable device using the elevated privilege, the packet capturer to capture packets to produce media exposure data, the elevated privileges to enable the packet capturer to capture packets after disconnection of the shell from the portable device.
    Type: Grant
    Filed: September 30, 2016
    Date of Patent: July 24, 2018
    Assignee: The Nielsen Company (US), LLC
    Inventors: Tero Lindberg, Jason Browne, John Stavropoulos
  • Patent number: 10034061
    Abstract: A method and system are performed by a processor of an audio-visual device according to instructions stored in a memory of that device that determines identity of a content medium based upon attributes associated with it and a set of user-defined settings associated with the content medium. The processor identifies a set of source-defined settings for configuring the device and selects one set of user-defined settings or the set of source-defined settings for configuring the audio-visual device. In addition, the processor determines if preexisting attributes exist that if it has to override the set of user-defined settings. It then configures one of the set of user-defined or overrides the settings. All channels from a particular network provider utilize the same set of user-defined settings, including channels that have not been visited by a user and future channels that have not yet been created.
    Type: Grant
    Filed: November 8, 2013
    Date of Patent: July 24, 2018
    Assignee: THOMSON Licensing
    Inventor: Alan Jay Stein
  • Patent number: 10027497
    Abstract: A content distribution network includes first and second controllers, and multicast enabled routers. The first controller is configured to select a multicast channel for distributing content, to determine that the content has a geographic restriction associated with a restricted area in the content distribution network, to link an exclusion policy for the content to the multicast channel while the multicast channel provides the content, and to deny a request for the content from a client system within the restricted area based on the exclusion policy. The second controller is configured to distribute the exclusion policy to the multicast enabled routers including a first router configured to store the exclusion policy, and to ignore a multicast join message from the client system within the restricted area based on the exclusion policy.
    Type: Grant
    Filed: May 12, 2016
    Date of Patent: July 17, 2018
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventors: Han Q. Nguyen, Huajin Jeng, Douglas M. Nortz
  • Patent number: 10027486
    Abstract: This disclosure concerns homomorphic encryption for database querying. Numerical values are encrypted using keys and random numbers to produce a ciphertext. The ciphertext is homomorphic and is comprised of two or more sub-ciphertexts. Queries based on addition, average and multiplication operations can be performed without decrypting the numerical values relevant to the query. Each sub-ciphertext is stored in a single record and in separate attributes. There is disclosed methods of encrypting and decrypting, creating a suitable table, querying such a database and updating such a database.
    Type: Grant
    Filed: June 21, 2013
    Date of Patent: July 17, 2018
    Assignee: COMMONWEALTH SCIENTIFIC AND INDUSTRIAL RESEARCH ORGANISATION
    Inventor: Dongxi Liu
  • Patent number: 10021087
    Abstract: A system and method for communicating secure, privatized data stored on a first user device with a second user device requesting access thereto includes initiating a timed access gate for receiving verification of authenticating credentials from the second user device, after the first user credentials associated with the first user device are verified. If the second user device is verified within the predetermined period of time, an authentication handshake between the first user device and the second user device is completed. On completion of the handshake, a communication channel is opened for transmitting the first user's privatized data between the first user device and the second user device.
    Type: Grant
    Filed: August 27, 2015
    Date of Patent: July 10, 2018
    Inventors: Mansour Aaron Karimzadeh, F. Avraham Dilmanian, Farshad Namdar
  • Patent number: 10019572
    Abstract: Disclosed are various embodiments for detecting malicious activities by imported software packages. A monitoring service determines that untrusted code executing in at least one computing device has invoked a privileged operation. A context in which the privileged operation is invoked is identified. The monitoring service determines whether the context and the privileged operation corresponds to an expected behavior of the untrusted code based at least in part on a past behavior profile of the untrusted code. An action is performed in response to determining that the context and the privileged operation do not correspond to the expected behavior.
    Type: Grant
    Filed: August 27, 2015
    Date of Patent: July 10, 2018
    Assignee: Amazon Technologies, Inc.
    Inventor: Nima Sharifi Mehr
  • Patent number: 10002512
    Abstract: A system and method of loss prevention using a pair of ID tags is disclosed. The user or owner of the protected object can dynamically create a security perimeter by using key ID tag and object ID tag pair. An object ID tag is either embedded in or attached to a protected object. A key ID tag, which is in a handheld device, has protection to prevent unauthorized scan. The object ID tag information can only be obtained from key ID tag using preprogrammed algorithm. The area security system will be armed after reading and validating a key ID tag scanned by the user. If anyone takes protected object with object ID tag out of the area without proper key ID tag authentication, alarm will be triggered.
    Type: Grant
    Filed: January 30, 2014
    Date of Patent: June 19, 2018
    Inventor: Le-Jun Yin
  • Patent number: 9996680
    Abstract: The apparatus disclosed herein, in various aspects, includes a digital asset, and an amulet that comprises an encrypted self-validating string. The amulet may be external to the digital asset. The apparatus may include a manager that cooperates securely with the digital asset and cooperates securely with the amulet to control access to the digital asset as specified by the amulet. In some aspects, the manager cooperates with the digital asset and with the amulet, at least in part, through shared memory in process space. In other aspects, the manager cooperates with the digital asset and with the amulet, at least in part, through a RAM drive in memory, the RAM drive at least partially hidden from an operating system of the computer. In yet other aspects, the manager cooperates with the digital asset and with the amulet, at least in part, through a virtual machine accessible only by said apparatus.
    Type: Grant
    Filed: January 19, 2016
    Date of Patent: June 12, 2018
    Inventor: F. Scott Deaver
  • Patent number: 9996705
    Abstract: Techniques for determining potential sharing of private data are described herein. The techniques may include identifying content having computer readable access rules associated with a private domain of a social network, and identifying private data of the content. A potential share of the content outside of the private domain is detected and a search of the potential share to determine whether the potential share is associated with the private data is performed. The techniques may also include detecting a match between the potential share and the private data.
    Type: Grant
    Filed: July 14, 2015
    Date of Patent: June 12, 2018
    Assignee: International Business Machines Corporation
    Inventor: Vladimir Gamaley
  • Patent number: 9984253
    Abstract: Techniques for determining potential sharing of private data are described herein. The techniques may include identifying content having computer readable access rules associated with a private domain of a social network, and identifying private data of the content. A potential share of the content outside of the private domain is detected and a search of the potential share to determine whether the potential share is associated with the private data is performed. The techniques may also include detecting a match between the potential share and the private data.
    Type: Grant
    Filed: May 4, 2016
    Date of Patent: May 29, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventor: Vladimir Gamaley
  • Patent number: 9979544
    Abstract: An example method to monitor usage of a device includes collecting first and second identifiers based on use of an application that does not employ cookies, the first identifier identifying at least one of the device or a user of the device to a first database proprietor, and the second identifier identifying the at least one of the device or the user of the device to a second database proprietor; sending the first identifier to a first server associated with the first database proprietor, sending the second identifier to a second server associated with the second database proprietor; and sending to a data collection server at least one of a media identifier indicative of media accessed via the application at the device or a search term used via the application at the device.
    Type: Grant
    Filed: March 28, 2017
    Date of Patent: May 22, 2018
    Assignee: The Nielsen Company (US), LLC
    Inventors: Alan N. Bosworth, Madhusudhan Reddy Alla, Steven J. Splaine, Brahmanand Reddy Shivampet, Kevin K. Gaynor
  • Patent number: 9965779
    Abstract: A content delivery provider may stream an application to each of a plurality of computing devices. The content delivery provider may transmit an offer to download the application to each of the plurality of computing devices, after a first initial display interval. The provider may receive a number of positive user interactions with the offer after the first initial display interval, and a total number of positive user interactions with the offer. The provider may automatically adjust the initial display interval by a factor proportional to a desired first-display quantile divided by the number of positive user interactions after the first initial display interval. The application may be streamed to a second computing device, and the offer to download the application transmitted to the second computing device, after the adjusted initial display interval.
    Type: Grant
    Filed: February 24, 2015
    Date of Patent: May 8, 2018
    Assignee: Google LLC
    Inventors: Jaehyun Yeom, Dong Ha Lee
  • Patent number: 9961553
    Abstract: The present disclosure provides a method, apparatus and system for readily and conveniently getting network access for a smart device. The method for network access for a smart device includes receiving, by a server comprising a processor and a non-transitory storage medium, a first identification identifying a wireless access point and a first terminal identifier; receiving a second identification identifying a smart device and a second terminal identifier; associating the wireless access point with the smart device if the first terminal identifier corresponds to the second terminal identifier, and sending the second identification for the associated smart device to the wireless access point. The wireless access point provides network access authentication information to the smart device so that the smart device can get access to a network provided by the wireless access point with the network access authentication information.
    Type: Grant
    Filed: August 17, 2016
    Date of Patent: May 1, 2018
    Assignee: Tencent Technology (Shenzhen) Company Limited
    Inventors: Liangliang Fan, Xiangyao Lin, Kai Liu, Lejun Liu
  • Patent number: 9953172
    Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.
    Type: Grant
    Filed: September 14, 2017
    Date of Patent: April 24, 2018
    Assignee: International Business Machines Corporation
    Inventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson
  • Patent number: 9948820
    Abstract: A method for routing object data that defines a 3-dimensional (3D) object to a 3D printer includes receiving the object data at a server and determining, by the server, object attributes associated with the object defined by the object data. The server searches a database that stores 3D printer attributes for one or more 3D printers capable of printing objects that possess the determined object attributes. If one or more capable printers are identified, the server communicates a list that identifies the one or more capable printers to a user.
    Type: Grant
    Filed: February 8, 2017
    Date of Patent: April 17, 2018
    Assignee: ACCENTURE GLOBAL SERVICES LIMITED
    Inventors: Sunny Webb, Kelly L. Dempski, Matthew Short, Michael Balint
  • Patent number: 9948651
    Abstract: Network traffic is monitored, and activities concerning posting images to sharing sites are detected. Detected activities can be attempts to login to sharing sites, or attempts to post images. Privacy concerns associated with sharing images on target sites are identified. In the case of detecting a successful attempt to login to a known sharing site, the site is scanned for the privacy settings in effect for the user, and it is determined whether the settings are below a given threshold. Another example of a privacy concern is detecting an attempt to post an image to an unknown site. When a privacy concern is detected, the user is warned, and prompted to indicate whether images are to be posted to the target site anyway. Attempts to post images to sites that are subject to privacy concerns are processed according to received user directives (e.g., blocked or allowed).
    Type: Grant
    Filed: December 14, 2015
    Date of Patent: April 17, 2018
    Assignee: Symantec Corporation
    Inventors: Michael Shavell, Matthew Boucher
  • Patent number: 9940195
    Abstract: A method for use in a distributed storage network (DSN) including a plurality of distributed storage (DS) units includes receiving, at a DS unit, a rebuilding request indicating that the DS unit is to provide an encrypted partial slice to a requesting DS unit included in the DS network. Key pairing requirements associated with the rebuilding request are determined, and an even number of key pairing entities are selected based on the key pairing requirements. The even number of key pairing entities being fewer than a decode threshold number of key pairing entities. The DS unit generates shared secret keys corresponding to each of the even number of key pairing entities, uses those keys to generate an encrypted partial slice, and transmits the encrypted partial slice to the requesting DS unit in accordance with a rebuilding topology.
    Type: Grant
    Filed: September 28, 2017
    Date of Patent: April 10, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jason K. Resch, Greg R. Dhuse, Wesley B. Leggette
  • Patent number: 9940333
    Abstract: Various systems described herein facilitate storage of files in various formats. A client device can generate a request for a particular file or content. The client device can submit a request with various request parameters. A file service can identify an appropriate file in an appropriate format. The appropriate file in the appropriate format can be provided to the client device in response to the request.
    Type: Grant
    Filed: June 18, 2015
    Date of Patent: April 10, 2018
    Assignee: AirWatch LLC
    Inventor: Ramani Panchapakesan
  • Patent number: 9940483
    Abstract: This disclosure provides for implementing a firmware security interface within a field-programmable gate array (FPGA) for communicating between secure and non-secure environments executable within the FPGA. A security monitor is implemented within the programmable logic of the FPGA as a soft core processor and the firmware security interface modifies one or more functions of the security monitor. The modifications to the security monitor include establishing a timer “heartbeat” within the FPGA to ensure that the FPGA invokes a secure environment and raising an alarm should the FPGA fail to invoke such environment.
    Type: Grant
    Filed: January 25, 2016
    Date of Patent: April 10, 2018
    Assignee: Raytheon Company
    Inventors: Matthew C. Areno, John Hoffman, William T. Jennings
  • Patent number: 9935970
    Abstract: A system, method, and computer program product for implementing a phishing assessment that includes a phishing server that implements one or more phishing assessments; the phishing server: identifies legitimate target domain names to be used in the phishing assessment, generates one or more pseudo domain names and pseudo web pages, where the pseudo domain name are visually similar to an identified target domain name and the pseudo web page includes one or more characteristics and attributes of a legitimate web page.
    Type: Grant
    Filed: October 28, 2016
    Date of Patent: April 3, 2018
    Assignee: Duo Security, Inc.
    Inventor: Jon Oberheide
  • Patent number: 9929869
    Abstract: Methods, apparatuses, and computer-readable media for providing a collaboration license to an application for participant user device(s) participating in an on-line collaboration are disclosed. In one embodiment, a method is provided for licensing at least one application. The method includes transmitting a license request for at least one collaboration license. The collaboration license authorizes usage of at least one application on at least one participant user device participating in a collaboration. The collaboration may include at least one collaborative communication session among a plurality of participant user devices. The method further includes receiving the at least one collaboration license. Apparatuses and computer-readable media having instructions for providing the method are also disclosed.
    Type: Grant
    Filed: October 26, 2011
    Date of Patent: March 27, 2018
    Assignee: Avaya Inc.
    Inventor: Terry Don Jennings
  • Patent number: 9923919
    Abstract: A computer-implemented method for deflecting abnormal computer interactions includes receiving, at a computer server system and from a client computer device that is remote from the computer server system, a request for web content; identifying, by computer analysis of mark-up code content that is responsive to the request, executable code that is separate from, but programmatically related to, the mark-up code content; generating groups of elements in the mark-up code content and the related executable code by determining that the elements within particular groups are programmatically related to each other; modifying elements within particular ones of the groups consistently so as to prevent third-party code written to interoperate with the elements from modifying from interoperating with the modified elements, while maintain an ability of the modified elements within each group to interoperate with each other; and recoding the mark-up code content and the executable code to include the modified elements.
    Type: Grant
    Filed: August 10, 2015
    Date of Patent: March 20, 2018
    Assignee: Shape Security, Inc.
    Inventors: Justin D. Call, Xiaoming Zhou, Xiaohan Huang, Subramanian Varadarajan, Roger S. Hoover
  • Patent number: 9923877
    Abstract: An end-to-end secure cloud-hosted collaboration service is provided with a hybrid cloud/on-premise index and search capability. This approach includes on-premise indexing and search handling, while relying on the cloud for persistent storage and search of the index. The on-premise indexer receives a copy of an encrypted message from the cloud-hosted collaboration service. The encrypted message has been encrypted with a conversation key. The indexer receives the conversation key from an on-premise key management service, and decrypts the encrypted message with the conversation key. A set of tokens are extracted from the decrypted message, and subsequently encrypted with a secret key, different than the conversation key, to generate a first set of encrypted tokens. The first set of encrypted tokens is transmitted for storage in a search index on the cloud-hosted collaboration service.
    Type: Grant
    Filed: February 17, 2017
    Date of Patent: March 20, 2018
    Assignee: Cisco Technology, Inc.
    Inventor: Shaun Cooley
  • Patent number: 9922207
    Abstract: Subscriber (user) data is encrypted and stored in a service provider cloud in a manner such that the service provider is unable to decrypt and, as a consequence, to view, access or copy the data. Only the user knows a user-specific secret (e.g., a password) that is the basis of the encryption. The techniques herein enable the user to share his or her data, privately or publicly, without exposing the user-specific secret with anyone or any entity (such as the service provider).
    Type: Grant
    Filed: April 18, 2016
    Date of Patent: March 20, 2018
    Assignee: LogMeln, Inc.
    Inventors: Krisztian Kopasz, Marton B. Anka
  • Patent number: 9906557
    Abstract: A mechanism is provided for generating a packet inspection policy for a policy enforcement point in a centralized management environment. Data of a network topology for the policy enforcement point corresponding to a network infrastructure is updated according to metadata of the policy enforcement point, the metadata including a capability of the policy enforcement point. The packet inspection policy for the policy enforcement point is generated according to the data of the network topology and the capability of the policy enforcement point. The packet inspection policy is then deployed to the policy enforcement point.
    Type: Grant
    Filed: June 19, 2015
    Date of Patent: February 27, 2018
    Assignee: International Business Machines Corporation
    Inventors: Wei-Hsiang Hsiung, Sheng-Tung Hsu, Cheng-Ta Lee, Ming-Hsun Wu
  • Patent number: 9894107
    Abstract: A control module arranged to manage a hosted communications platform, the hosted communications platform being located between a telecommunications network and a subscriber communications network, the subscriber communications network being associated with a subscriber to the hosted communications platform, the subscriber being associated with a plurality of users. The module comprises a first communications interface arranged to interface with the telecommunications network, and processing means arranged to configure the hosted communications platform for use with two or more subscribers, each subscriber comprising a respective subscriber communications network. The module further comprises a second communications interface arranged to interface with the hosted communications platform. For each subscriber, the processing means is arranged to form a partition on the hosted communications platform.
    Type: Grant
    Filed: July 23, 2014
    Date of Patent: February 13, 2018
    Inventor: Barnaby Thomas Ritchley
  • Patent number: 9891271
    Abstract: A power grid provides power to one or more modules of an integrated circuit device via a virtual power supply signal. A test module is configured to respond to assertion of a test signal so that, when the power grid is working properly and is not power gated, an output of the test module matches the virtual power supply. When the power grid is not working properly, the output of the test module is a fixed logic signal that does not vary based on the power gated state of the one or more modules.
    Type: Grant
    Filed: July 19, 2013
    Date of Patent: February 13, 2018
    Assignee: Advanced Micro Devices, Inc.
    Inventors: Russell Schreiber, Joel Irby, Sudha Thiruvengadam, Carl Dietz
  • Patent number: 9894069
    Abstract: Secret application and maintenance policy data is generated for different classes of data. The class of data to be protected is determined and the secret application and maintenance policy data for the determined class of the data to be protected is identified and obtained. Required secrets data representing one or more secrets to be applied to the data to be protected is obtained and then automatically scheduled for application to the data to be protected in accordance with the secret application and maintenance policy data for the determined class of the data to be protected. Maintenance of the one or more secrets is also automatically scheduled in accordance with the secret application and maintenance policy data for the determined class of the data to be protected.
    Type: Grant
    Filed: November 1, 2013
    Date of Patent: February 13, 2018
    Assignee: Intuit Inc.
    Inventors: Brett Weaver, Sabu Kuruvila Philip, Troy Otillio, Jinglei Whitehouse, III, Oleg Gryb, Jeffrey M. Wolfe, Ankur Jain, M. Shannon Lietz, Luis Felipe Cabrera
  • Patent number: 9886699
    Abstract: A method for testing a new workflowed item associated with a workflow process in a content management system (CMS) is provided. The method may include adding a workflow stage to the workflow process in the content management system (CMS). The method may also include adding a test associated with the workflow stage. The method may further include determining if a criteria threshold is met based on the test associated with the workflow stage. Additionally, the method may include publishing the new workflowed item based on the criteria threshold being met.
    Type: Grant
    Filed: April 8, 2014
    Date of Patent: February 6, 2018
    Assignee: International Business Machines Corporation
    Inventors: Nicholas A. Baldwin, Laurence A. Hey, Eric Martinez de Morentin, Matthew J. Ponsford
  • Patent number: 9881316
    Abstract: A method for testing a new workflowed item associated with a workflow process in a content management system (CMS) is provided. The method may include adding a workflow stage to the workflow process in the content management system (CMS). The method may also include adding a test associated with the workflow stage. The method may further include determining if a criteria threshold is met based on the test associated with the workflow stage. Additionally, the method may include publishing the new workflowed item based on the criteria threshold being met.
    Type: Grant
    Filed: January 29, 2015
    Date of Patent: January 30, 2018
    Assignee: International Business Machines Corporation
    Inventors: Nicholas A. Baldwin, Laurence A. Hey, Eric Martinez de Morentin, Matthew J. Ponsford
  • Patent number: 9875371
    Abstract: A system for controlling access to copyrighted data comprises, at least: a plurality of users having computers, each computer being assigned a unique identity and each computer being configured for communicating with external units via a core network; a core network operated by a telecommunications organization; an access handler configured to communicate with the computers via the core network and a communication interface configured for routing incoming data traffic to a first database; wherein the first database includes at least one table, in which table the unique identities of the computers are associated with access rights for each one of the unique identities, and the first database is configured to communicate with a second database and a third database/server; the second database includes copyrighted data material, and the second database is further configured to communicate via the core network with the computers for transferring requested copyrighted data material.
    Type: Grant
    Filed: January 9, 2013
    Date of Patent: January 23, 2018
    Assignee: Wire I.P. Limited
    Inventor: Magnus Skraastad Gulbrandsen
  • Patent number: 9875363
    Abstract: Embodiments are directed towards decrypting encrypted content. A key for decrypting the encrypted content may be provided to a web application executing within a browser. The application may employ a generic cryptography application program interface (GCAPI) to perform actions on the key, including, storing the key, decrypting an encrypted key, generating another key, converting the key to a different encryption type, or the like. The GCAPI may or may not be enabled to explicitly share the key with the browser's media engine. In response to receiving encrypted content, the GCAPI may provide the key to the application, explicitly or inexplicitly to the browser's media engine, or the like. The key may be utilized by the application, the browser, the media element, browser's media engine, and/or the GCAPI to decrypt the encrypted content. The decrypted content may be displayed within the browser to a user of a client device.
    Type: Grant
    Filed: June 6, 2017
    Date of Patent: January 23, 2018
    Assignee: Google LLC
    Inventors: David Kimbal Dorwin, Ryan David Sleevi, Andrew Martin Scherkus
  • Patent number: 9864482
    Abstract: Electronic publications are increasingly replacing physical media, where standards have evolved to mimic these physical media. Accordingly it is beneficial to provide electronic publication software systems and/or software applications to enable new paradigms that provide consumers, authors, publishers, retailers, and others with a method of navigating electronic content comprising the ability to generate a user interface that supports individual page turns as well as small, moderate and large adjustments of position within the electronic content, wherein the user interface supports these adjustments in a manner that is consistent.
    Type: Grant
    Filed: March 13, 2013
    Date of Patent: January 9, 2018
    Assignee: Cognilore Inc.
    Inventors: Andre Dube, Darryl Beallie, Brian Anderson, Cody Thompson
  • Patent number: 9860061
    Abstract: A method of encrypting information using a computational tag may include, by a mobile electronic device, detecting a computational tag within a near field communication range of the mobile electronic device, identifying a document to be encrypted by the mobile electronic device, transmitting the document to the computational tag by the mobile electronic device, receiving, from the computational tag, an encrypted document, wherein the encrypted document comprises an encrypted version of the document that was to be encrypted, and storing the encrypted document in a memory of the mobile electronic device.
    Type: Grant
    Filed: December 21, 2016
    Date of Patent: January 2, 2018
    Assignee: Xerox Corporation
    Inventors: Gavan Leonard Tredoux, Kanishk Jain
  • Patent number: 9860387
    Abstract: Programmatically reversing numerical line identity presented at a communications services gateway into named IP Telephony users with “prior association”, delivers dynamic “reverse address resolution” switching connections from ground to cloud, permitting any conventional telephone to dial and connect to any associated IP Telephony endpoint in the world, without changes to the conventional telephone. Reversing line identity into associated named users bridges both the addressability and economic divide between mass conventional “paying” (mobile and fixed) and “free”. IP Telephony networks.
    Type: Grant
    Filed: February 15, 2016
    Date of Patent: January 2, 2018
    Assignee: Starlogik IP LLC
    Inventor: Ari Kahn
  • Patent number: 9848325
    Abstract: The present disclosure provides for methods and devices for enabling distribution of a first security application comprised in the first wireless device to the second wireless device. One method comprises the steps of receiving, in the first wireless device, using a short distance communication technology, a hardware identifier of the second wireless device, sending, from the first wireless device, the hardware identifier and information identifying the first security application to the network node, receiving, in the network node, from the first wireless device, the hardware identifier of the second wireless device and the information identifying the security application and authorizing, in the network node, the second wireless device to receive and/or activate a second security application associated with the first security application of the first wireless device.
    Type: Grant
    Filed: November 3, 2014
    Date of Patent: December 19, 2017
    Assignees: Sony Corporation, Sony Mobile Communications Inc.
    Inventors: Anders Mellqvist, David Berthet
  • Patent number: 9830295
    Abstract: A resource domain controller in a data processing system stores information that is used to group various resources, such as bus masters and peripherals, into common domains. Each group can be referred to as a resource domain and can include one or more data processor and peripheral devices. The resource domain information is then used to determine whether a particular access request from a data processor is authorized to access its intended target, e.g., one of the peripheral devices, by determining whether the access request and the intended target each belong to a common resource domain. If so, the access request is allowed, otherwise the access request is prevented from being successfully completed.
    Type: Grant
    Filed: January 15, 2015
    Date of Patent: November 28, 2017
    Assignee: NXP USA, Inc.
    Inventors: Lawrence L. Case, Charles E. Cannon, Simon J. Gallimore, Glen G. Wienecke
  • Patent number: 9811645
    Abstract: Technology is disclosed herein for licensing applications using a preferred authorization process dynamically identified based on conditions associated with an initiation of an application. Authorization is then attempted using the preferred authorization process. In some examples, the preferred authorization process is selected from at least a keyless authorization process and a key-based authorization process.
    Type: Grant
    Filed: October 9, 2015
    Date of Patent: November 7, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Gregory Akselrod, Tianyu Xie, Scott Kurtzebom, Gordon Hardy, Sanjay Garg, Chad Shurtz, Karvell Li, Robert Donner
  • Patent number: 9811799
    Abstract: In a method, system, and computer-readable medium having instructions for providing distributed customer support, a customer care provider for a first business entity receives a request for customer care and the request may be handled by the customer care provider with a remedy, transaction information involving any number of transactions from a repository is accessed using a customer care credential and the repository comprises transaction information for a second business entity, and a limitation on the customer care provider is determined for providing the remedy using the transaction information.
    Type: Grant
    Filed: June 10, 2011
    Date of Patent: November 7, 2017
    Assignees: SONY ELETRONICS, INC., SONY CORPORATION
    Inventor: Albhy Galuten