Access Control Patents (Class 726/27)
  • Patent number: 9864482
    Abstract: Electronic publications are increasingly replacing physical media, where standards have evolved to mimic these physical media. Accordingly it is beneficial to provide electronic publication software systems and/or software applications to enable new paradigms that provide consumers, authors, publishers, retailers, and others with a method of navigating electronic content comprising the ability to generate a user interface that supports individual page turns as well as small, moderate and large adjustments of position within the electronic content, wherein the user interface supports these adjustments in a manner that is consistent.
    Type: Grant
    Filed: March 13, 2013
    Date of Patent: January 9, 2018
    Assignee: Cognilore Inc.
    Inventors: Andre Dube, Darryl Beallie, Brian Anderson, Cody Thompson
  • Patent number: 9860387
    Abstract: Programmatically reversing numerical line identity presented at a communications services gateway into named IP Telephony users with “prior association”, delivers dynamic “reverse address resolution” switching connections from ground to cloud, permitting any conventional telephone to dial and connect to any associated IP Telephony endpoint in the world, without changes to the conventional telephone. Reversing line identity into associated named users bridges both the addressability and economic divide between mass conventional “paying” (mobile and fixed) and “free”. IP Telephony networks.
    Type: Grant
    Filed: February 15, 2016
    Date of Patent: January 2, 2018
    Assignee: Starlogik IP LLC
    Inventor: Ari Kahn
  • Patent number: 9860061
    Abstract: A method of encrypting information using a computational tag may include, by a mobile electronic device, detecting a computational tag within a near field communication range of the mobile electronic device, identifying a document to be encrypted by the mobile electronic device, transmitting the document to the computational tag by the mobile electronic device, receiving, from the computational tag, an encrypted document, wherein the encrypted document comprises an encrypted version of the document that was to be encrypted, and storing the encrypted document in a memory of the mobile electronic device.
    Type: Grant
    Filed: December 21, 2016
    Date of Patent: January 2, 2018
    Assignee: Xerox Corporation
    Inventors: Gavan Leonard Tredoux, Kanishk Jain
  • Patent number: 9848325
    Abstract: The present disclosure provides for methods and devices for enabling distribution of a first security application comprised in the first wireless device to the second wireless device. One method comprises the steps of receiving, in the first wireless device, using a short distance communication technology, a hardware identifier of the second wireless device, sending, from the first wireless device, the hardware identifier and information identifying the first security application to the network node, receiving, in the network node, from the first wireless device, the hardware identifier of the second wireless device and the information identifying the security application and authorizing, in the network node, the second wireless device to receive and/or activate a second security application associated with the first security application of the first wireless device.
    Type: Grant
    Filed: November 3, 2014
    Date of Patent: December 19, 2017
    Assignees: Sony Corporation, Sony Mobile Communications Inc.
    Inventors: Anders Mellqvist, David Berthet
  • Patent number: 9830295
    Abstract: A resource domain controller in a data processing system stores information that is used to group various resources, such as bus masters and peripherals, into common domains. Each group can be referred to as a resource domain and can include one or more data processor and peripheral devices. The resource domain information is then used to determine whether a particular access request from a data processor is authorized to access its intended target, e.g., one of the peripheral devices, by determining whether the access request and the intended target each belong to a common resource domain. If so, the access request is allowed, otherwise the access request is prevented from being successfully completed.
    Type: Grant
    Filed: January 15, 2015
    Date of Patent: November 28, 2017
    Assignee: NXP USA, Inc.
    Inventors: Lawrence L. Case, Charles E. Cannon, Simon J. Gallimore, Glen G. Wienecke
  • Patent number: 9811645
    Abstract: Technology is disclosed herein for licensing applications using a preferred authorization process dynamically identified based on conditions associated with an initiation of an application. Authorization is then attempted using the preferred authorization process. In some examples, the preferred authorization process is selected from at least a keyless authorization process and a key-based authorization process.
    Type: Grant
    Filed: October 9, 2015
    Date of Patent: November 7, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Gregory Akselrod, Tianyu Xie, Scott Kurtzebom, Gordon Hardy, Sanjay Garg, Chad Shurtz, Karvell Li, Robert Donner
  • Patent number: 9811799
    Abstract: In a method, system, and computer-readable medium having instructions for providing distributed customer support, a customer care provider for a first business entity receives a request for customer care and the request may be handled by the customer care provider with a remedy, transaction information involving any number of transactions from a repository is accessed using a customer care credential and the repository comprises transaction information for a second business entity, and a limitation on the customer care provider is determined for providing the remedy using the transaction information.
    Type: Grant
    Filed: June 10, 2011
    Date of Patent: November 7, 2017
    Assignees: SONY ELETRONICS, INC., SONY CORPORATION
    Inventor: Albhy Galuten
  • Patent number: 9805219
    Abstract: One or more elements on a computing device can be selected and locked from use. For example, a first user (e.g., adult) of a computing device can allow a second user (e.g., child) to use the former's device; however, the first user might not want the second user to have access to all of the elements on the device, and so the first user can select which elements he/she wants to share with the second user and which elements he/she does not want to share. For example, the first user can select elements and choose to lock the selected elements, lock all other elements, lock the selected elements for a certain period of time, or lock the selected elements but allow for earned usage, etc. The lock can be removed in response to an unlock event, which can comprise a user-initiated unlock, a timed unlock, or a user-earned locked.
    Type: Grant
    Filed: January 28, 2016
    Date of Patent: October 31, 2017
    Assignee: A9.COM, INC.
    Inventors: Matthew Warren Amacker, Dawn R Dodd
  • Patent number: 9792450
    Abstract: A method for preserving data redundancy in a data deduplication system in a computing environment is provided. A selected data segment, to be written through the data deduplication system, is encrypted such that the selected data segment is not subject to a deduplication operation. The method determines and identifies copies of the data segment that are to be precluded from data deduplication. A unique encryption key is used to encrypt the selected data segment to be written through the data deduplication system such that the selected data segment is not subject to a deduplication operation. The data deduplication system is tricked to recognize the encrypted, selected data segment as new, undeduplicated data by the encrypting thereby skipping steps of the deduplication operation that includes fingerprint generation and matching. The encrypted, selected data segment is directly written to a new physical storage location.
    Type: Grant
    Filed: February 9, 2015
    Date of Patent: October 17, 2017
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Rahul M. Fiske, Carl E. Jones, Subhojit Roy
  • Patent number: 9794907
    Abstract: A wireless location device comprises a BLUETOOTH beacon configured to emit wireless signals and an electromagnetic shielding cover. The BLUETOOTH beacon is positioned within the electromagnetic shielding cover. The electromagnetic shielding cover comprises an inner surface comprising a plurality of micro-structures, and an opening below the inner surface. The inner surface is configured to reflect towards the opening the wireless signals emitted by the BLUETOOTH beacon which are not directly emitted out of the opening.
    Type: Grant
    Filed: August 18, 2016
    Date of Patent: October 17, 2017
    Assignee: HON HAI PRECISION INDUSTRY CO., LTD.
    Inventors: Hsin-Pei Hsieh, Fu-Hsin Chiu, Jen-Tsorng Chang
  • Patent number: 9794239
    Abstract: A method and system for authenticating a user device includes an identity provider reading service and an external service provider receiving a request to access content from a user device and communicating the request to access content from a service provider to the reading service. The request to access content includes cookie data. The external service requests an identity provider token from the cookie data from the reading service based on the request to access. The identity provider reading service communicates the identity provider token to the external service provider. An identity provider communicates with the service provider. The external service generates and communicates an authentication request to the identity provider having the identity provider token and a service provider identifier. The identity provider communicates an assertion signal to the service provider when the cookie data is resolved at the identity provider.
    Type: Grant
    Filed: February 18, 2011
    Date of Patent: October 17, 2017
    Assignee: The DIRECTV Group, Inc.
    Inventors: Kapil Chaudhry, David N. Schlacht
  • Patent number: 9794151
    Abstract: One embodiment of the present invention sets forth a technique for identifying active streaming connections associated with a particular user account. Each active streaming connection transmits heartbeat packets periodically to a server that tracks the receipt of the heartbeat packets. If, for a particular streaming connection, the server stops receiving heartbeat packets, then the server is able to infer that the streaming connection has been terminated.
    Type: Grant
    Filed: February 7, 2016
    Date of Patent: October 17, 2017
    Assignee: NETFLIX, INC.
    Inventors: James Mitch Zollinger, Julie Amundson Pitt
  • Patent number: 9785776
    Abstract: An execution of a data object is identified by a computing device. In response to identifying the execution of the data object, it is determined that the data object has requested a sensitive action of the computing device before interacting with a user of the computing device. In response to determining that the data object has requested the sensitive action, the data object is classified as a high-risk data object.
    Type: Grant
    Filed: April 27, 2015
    Date of Patent: October 10, 2017
    Assignee: iboss, Inc.
    Inventors: Paul Michael Martini, Peter Anthony Martini
  • Patent number: 9781098
    Abstract: Methods, devices, and systems are described for enrolling a user's bring-your-own-device for secure connection to a company's enterprise computer network. From her mobile device, user clicks on a uniform resource locator (URL) to connect with the login web page on the enterprise network. After authentication, checks are performed to verify that the user has authorization to enroll the type of electronic device, and the profile is installed on the device. A notification is sent to the device by a server on the enterprise network, and a secure workspace application is pushed to the device along with configuration data that automatically links the workspace with the parent device enrollment. Once the user launches the secure workspace application the workspace access configuration data and initializes enrollment with the enterprise network, resulting in a linking of the secure workspace application with its parent device enrollment.
    Type: Grant
    Filed: April 17, 2015
    Date of Patent: October 3, 2017
    Assignee: Oracle International Corporation
    Inventors: Mohamad Raja Gani Mohamad Abdul, Bhagavati Kumar Jayanti Venkata, Krithiga Gopalan, Harsh Maheshwari, Nagaraj Pattar, Ravi Verma
  • Patent number: 9769141
    Abstract: Methods and an apparatus are provided for securely authorizing access to remote resources. For example, a method is provided that includes receiving a request to determine whether a user device communicatively coupled to a resource server is authorized to access at least one resource hosted by the resource server and determining whether the user device communicatively coupled to the resource server is authorized to access the at least one resource hosted by the resource server based at least in part on whether the user device communicatively coupled to the resource server has been issued a management identifier. The method further includes providing a response indicating that the user device communicatively coupled to the resource server is authorized to access the at least one resource hosted by the resource server in response to a determination that the user device communicatively coupled to the resource server is authorized to access the at least one resource hosted by the resource server.
    Type: Grant
    Filed: October 30, 2015
    Date of Patent: September 19, 2017
    Assignee: AirWatch LLC
    Inventor: Jonathan Blake Brannon
  • Patent number: 9769137
    Abstract: An extensible mechanism for providing access control for logical objects in a network environment. A security broker is able to dynamically register one or more claims providers, each of which can assert one or more claims about logical objects. The claims providers may be purpose built or may be third party applications which expose data or business rules for use. Claims may be augmented by additional claims providers after the original claim is asserted. The applicability of claims may be scope limited either at the time the claims provider is registered or when the user requests that a security token be issued.
    Type: Grant
    Filed: February 17, 2015
    Date of Patent: September 19, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Venkatesh Veeraraghavan, Javier Dalzell, Benoit Schmitlin, Ambrose T. Treacy, Bryant Fong, Christian Roy
  • Patent number: 9760712
    Abstract: Methods and systems for protecting a virtual machine network are disclosed. In an embodiment, a method involves storing an application whitelist including application-to-user associations in memory such that the application whitelist is immutable by a guest virtual machine, receiving a request to execute an application including an application identifier and a user identifier, comparing the application identifier and the user identifier of the request with the application whitelist, and generating an execution decision indicating whether the requested application can execute on the guest virtual machine.
    Type: Grant
    Filed: May 23, 2014
    Date of Patent: September 12, 2017
    Assignee: VMware, Inc.
    Inventors: Azeem Feroz, Binyuan Chen, Prasad Sharad Dabak
  • Patent number: 9762642
    Abstract: A method implemented by a first client device, the method comprising receiving a media presentation description (MPD) for a media content from a streaming server, receiving a plurality of segments for the media content from one or more streaming servers, and packaging the MPD and at least part of the received segments such that the packaged segments are accessible by a second client device through the packaged MPD.
    Type: Grant
    Filed: January 16, 2014
    Date of Patent: September 12, 2017
    Assignee: Futurewei Technologies, Inc.
    Inventors: Xin Wang, Yongliang Liu
  • Patent number: 9754089
    Abstract: Embodiments of the disclosure provide application management capabilities to enterprises. A computing device of a user, associated with the enterprise, receives an enrollment token signed with a certificate. The enrollment token includes an enterprise identifier associated with the enterprise. The computing device receives a package containing one or more applications. The package also includes an enterprise identifier. Installation and execution of one or more applications from the received package is accepted or rejected based on a comparison of the enterprise identifier from the enrollment token with the enterprise identifier from the received package or application. A web service provides validation services by monitoring the installation and execution of applications on the computing devices associated with the enterprise.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: September 5, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Clifford Paul Strom, Daniel Kevin McBride, Arvind Ramakrishnan, Yashraj Motilal Borse, Chittaranjan Pattekar
  • Patent number: 9749334
    Abstract: In one embodiment, a method includes receiving, from a client device of an author of a message, a request for a restricted ideogram to be inserted into a message; accessing social-networking information for the author; determining, based on the social-networking information for the author, whether the author is authorized to access the restricted ideogram; accessing social-networking information for a recipient user; determining, based on the social-networking information for the recipient user, whether the recipient user is authorized to access the restricted ideogram; and if the author and the recipient user are authorized to access the restricted ideogram, then sending, to the client device of the author, information to insert the restricted ideogram into the message.
    Type: Grant
    Filed: November 14, 2016
    Date of Patent: August 29, 2017
    Assignee: Facebook, Inc.
    Inventors: David Ebersman, Samuel Lessin, Thomas Stocky, Michael Vernal
  • Patent number: 9740887
    Abstract: In at least some embodiments, a system comprises a processor and a direct memory access (DMA) subsystem coupled to the processor. The system further comprises a component coupled to the DMA subsystem via an interconnect employing security rules, wherein, if the component requests a DMA channel, the DMA subsystem restricts usage of the DMA channel based on the security rules.
    Type: Grant
    Filed: November 7, 2006
    Date of Patent: August 22, 2017
    Assignee: TEXAS INSTRUMENTS INCORPORATED
    Inventor: Gregory R. Conti
  • Patent number: 9742657
    Abstract: A method, in a network controller of a control plane in a software defined network (SDN) coupled to a network element (NE) of a data plane in the SDN, of resynchronizing forwarding table entries of the NE according to forwarding table entries of the network controller is disclosed. The method includes causing the NE to update a first subset of forwarding table entries from a set of one or more of forwarding table entries to include a post-synchronization indicator. The method continues with causing the NE to delete, following the update of the first subset of forwarding table entries, a second subset of zero or more forwarding table entries from the set of forwarding table entries, where each forwarding table entry from the second subset includes a pre-synchronization indicator.
    Type: Grant
    Filed: May 29, 2015
    Date of Patent: August 22, 2017
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Bhalaji Narayanan, Shuva Jyoti Kar, V L N Mehar Simhadri
  • Patent number: 9727747
    Abstract: Location, time, and other contextual mobile application policies are disclosed. Access state information associated with a managed set of applications may be determined based at least in part on environmental context data associated with a mobile device and one or more contextual policies associated with the managed set of applications. The access state information may be provided to at least one application included in the managed set of applications, wherein at least one application in the managed set of applications is configured to use the access state information to regulate use of the application in a manner required by the one or more contextual policies.
    Type: Grant
    Filed: December 20, 2013
    Date of Patent: August 8, 2017
    Assignee: MOBILE IRON, INC.
    Inventors: Mansu Kim, Joshua Sirota, Suresh Kumar Batchu
  • Patent number: 9723124
    Abstract: A mobile terminal and controlling method thereof are disclosed, by which image data of a counterpart having triggered an event can be displayed. The present invention may include a display unit configured to display information, a wireless communication unit configured to communicate with an external server that stores first image data and to communicate with a counterpart terminal, a memory to store a second image data, and a controller, in response to an event triggered by the counterpart terminal, to extract an image data related to a counterpart from one of the first image data and the second image data, and the controller to output the extracted image data on a portion of the display unit to notify an occurrence of the event.
    Type: Grant
    Filed: August 21, 2014
    Date of Patent: August 1, 2017
    Assignee: LG ELECTRONICS INC.
    Inventors: Yunmi Kwon, Hyemi Jung, Arim Kwon
  • Patent number: 9721114
    Abstract: A method for automatic folder ownership assignment, including ascertaining which first folders, among a first multiplicity of folders, have at least one of modify and write permissions to non-IT administration entities, adding the first folders to a list of candidates for ownership assignment, defining a second multiplicity of folders which is a subset of the first multiplicity of folders and not including the first folders and descendents and ancestors thereof, ascertaining which second folders among the second multiplicity of folders, have permissions to non-IT administration entities, adding the second folders to the candidates, defining a third multiplicity of folders, which is a subset of the second multiplicity of folders and not including the second folders and descendents and ancestors thereof, ascertaining which third folders among the third multiplicity of folders are topmost folders, adding the third folders to the candidates, and recommending possible assignment of ownership of the candidates.
    Type: Grant
    Filed: August 25, 2015
    Date of Patent: August 1, 2017
    Assignee: VARONIS SYSTEMS, INC.
    Inventors: Yakov Faitelson, Ohad Korkus, Ophir Kretzer-Katzir
  • Patent number: 9722807
    Abstract: A computer network system for posting content at a web site includes computer servers configured to host a web site for a group of users, and a data storage configured to store an email address in association with a destination at the website. The computer servers can receive an electronic message at the email address by the computer servers from a user. A computer processor can automatically extract content from the electronic message. The computer servers can automatically post the content extracted from the electronic message at the destination at the website.
    Type: Grant
    Filed: June 13, 2014
    Date of Patent: August 1, 2017
    Assignee: Shutterfly, Inc.
    Inventors: Craig Jorasch, Thomas E. McGannon, Syed Saleem Javid Brahmanapalli, Benjamin C. Guthrie, Irene Chan, Kristina Maria Raquel Aguirre
  • Patent number: 9721115
    Abstract: A method for automatic folder ownership assignment, including ascertaining which first folders, among a first multiplicity of folders, have at least one of modify and write permissions to non-IT administration entities, adding the first folders to a list of candidates for ownership assignment, defining a second multiplicity of folders which is a subset of the first multiplicity of folders and not including the first folders and descendents and ancestors thereof, ascertaining which second folders among the second multiplicity of folders, have permissions to non-IT administration entities, adding the second folders to the candidates, defining a third multiplicity of folders, which is a subset of the second multiplicity of folders and not including the second folders and descendents and ancestors thereof, ascertaining which third folders among the third multiplicity of folders are topmost folders, adding the third folders to the candidates, and recommending possible assignment of ownership of the candidates.
    Type: Grant
    Filed: January 26, 2016
    Date of Patent: August 1, 2017
    Assignee: VARONIS SYSTEMS, INC.
    Inventors: Yakov Faitelson, Ohad Korkus, Ophir Kretzer-Katzir
  • Patent number: 9697279
    Abstract: A method includes creating an electronic record of an asset, and automatically associating a predefined data structure with an electronic record of the asset that controls organization and display of user provided metadata describing the asset. The method may also include receiving the metadata describing the asset from a remote computer, populating the predefined data structure with the metadata describing the asset, and generating a graphical user interface corresponding to the electronic record of the asset with active tabs that provide a visual representation of the predefined data structure associated to the electronic record of the asset. The active tabs are respectively associated with predefined displays including the data fields provided by the predefined data structure, enabling a user to navigate through different displays corresponding to the data fields provided in the predefined data structure associated with the asset to view the metadata describing the asset.
    Type: Grant
    Filed: October 10, 2014
    Date of Patent: July 4, 2017
    Assignee: EZShield, Inc.
    Inventors: John Browning, Michael Robinson, Pradip Sitaram
  • Patent number: 9692776
    Abstract: The disclosed computer-implemented method for evaluating content provided to users via user interfaces may include (1) monitoring, as part of a security application via an accessibility application program interface provided by an operating system of a computing device, accessibility events that indicate state transitions in user interfaces of applications running on the computing device, (2) receiving, at the security application, an accessibility event that indicates that a user of the computing device is viewing a user interface of an application running on the computing device, (3) identifying, as part of the security application via the accessibility application program interface, content that the user is attempting to access via the application, (4) determining, as part of the security application, that the content is harmful, and (5) performing, as part of the security application, at least one security action in response to determining that the content is harmful.
    Type: Grant
    Filed: April 29, 2015
    Date of Patent: June 27, 2017
    Assignee: Symantec Corporation
    Inventor: Anubhav Savant
  • Patent number: 9684635
    Abstract: One exemplary embodiment involves receiving, at a computer device, packaged content, wherein the packaged content comprises a manifest and assets. The exemplary method further comprises presenting, via a processor of the computer device, the packaged content in a content consumption environment based at least in part upon the manifest, wherein the manifest identifies stacks, each stack comprising one or more of the assets that are logically related to one another, wherein navigation amongst and within the stacks is specified by the manifest.
    Type: Grant
    Filed: August 9, 2011
    Date of Patent: June 20, 2017
    Assignee: Adobe Systems Incorporated
    Inventors: Gregory S. St. Pierre, Robert Walton
  • Patent number: 9680819
    Abstract: A method of renewing a plurality of digital certificates includes receiving, at a first time, a request from a user to renew a first digital certificate and determining an expiration date for the first digital certificate. The method also includes receiving, at a second time, a request from the user to renew a second digital certificate and determining an expiration date for the second digital certificate. The expiration date for the second certificate is later than the expiration date for the first certificate. The method further includes determining a new expiration date occurring after the first time and the second time and renewing the first digital certificate. An expiration date for the renewed first digital certificate is equal to the new expiration date. Moreover, the method includes renewing the second digital certificate. An expiration date for the renewed second digital certificate is equal to the new expiration date.
    Type: Grant
    Filed: December 23, 2009
    Date of Patent: June 13, 2017
    Assignee: Symantec Corporation
    Inventors: Quentin Liu, Kathleen Barnes, Richard F. Andrews
  • Patent number: 9678687
    Abstract: In an example, there is disclosed a computing apparatus, including a processor, including a trusted execution instruction set; a memory having an enclave portion, wherein the enclave is accessible only via the trusted execution instruction set; a swap file; and a memory management engine operable to: allocate a buffer within the enclave; receive a scope directive to indicate that the buffer is in scope; and protect the buffer from swapping to the swap file while the buffer is in scope. There is further disclosed an method of providing a memory management engine, and one or more computer-readable storage mediums having stored thereon executable instructions for providing the memory management engine.
    Type: Grant
    Filed: September 25, 2015
    Date of Patent: June 13, 2017
    Assignee: McAfee, Inc.
    Inventors: Carl D. Woodward, Venkata Ramanan Sambandam, Dmitri Rubakha
  • Patent number: 9672083
    Abstract: A method is provided for operating a program code object in conjunction with an application context in an application server environment. The method includes identifying a program code object in the application server environment and identifying an application context enabling the provision of a service. The application context is not directly accessible by the program code object. An entry point of the program code object is identified and a tag identifier referencing the application context is associated with the entry point. When executing the program code object in the application server environment, the tag identifier is used to access the application context.
    Type: Grant
    Filed: July 1, 2013
    Date of Patent: June 6, 2017
    Assignee: International Business Machines Corporation
    Inventors: Fraser P. Bohm, Ian J. Mitchell, Philip I. Wakelin, Matthew A. Webster
  • Patent number: 9672374
    Abstract: A request is received from a security tool, the request relating to an event involving data records in a storage device. An application programming interface (API) is used to interface with secure storage functionality of the storage device, the secure storage functionality enabling a set of secure storage operations. A security operation is caused to be performed at the storage device involving the data records based at least in part on the request. In one aspect, the set of secure storage operations can include a direct read operation, a direct write operation, a copy-on-write operation, and a save-attempted-write operation.
    Type: Grant
    Filed: June 28, 2013
    Date of Patent: June 6, 2017
    Assignee: McAfee, Inc.
    Inventors: Atul Kabra, Michael Hughes, John Teddy
  • Patent number: 9659155
    Abstract: System and method for software activation and further tracking of its states on an end-user computing device (computer) was developed to provide software developers a flexible and secure tool for software distribution and gathering statistics of usage of software activation. The method consists of the following logical steps: (a) obtaining an acquisition confirmation; (b) requesting for a license; (c) issuing and delivering the license to End User; (d) verification of license on the User's computer; (e) storing the license on the User's computer; (f) periodic tracking of activation state, (g) another action with the User's license.
    Type: Grant
    Filed: February 5, 2016
    Date of Patent: May 23, 2017
    Assignee: MACPAW INC
    Inventor: Oleksandr Kosovan
  • Patent number: 9645708
    Abstract: A user interface display method implemented on a computer-controlled device to allow an operator to define a list of selected items among a plurality of items available for selection. The operator starts by selecting a pre-existing list containing a number of selected items. A modified list is generated which initially contains the same items as the pre-existing list. The device displays all of the items available for selection, as well as first and second indications associated with each item initially in the modified list. Then, in response to operator inputs to add items to (or remove items from) the modified list, second indications are displayed (or removed from display) in association with the items to be added (or removed), without changing the display of any of the first indications and any of the plurality of items. The modified list is saved without changing the pre-existing list.
    Type: Grant
    Filed: April 21, 2014
    Date of Patent: May 9, 2017
    Assignee: KONICA MINOLTA LABORATORY U.S.A., INC.
    Inventors: Rabindra Pathak, Katsuyuki Taima, Akinori Yamamoto, William Chang
  • Patent number: 9647896
    Abstract: A distributed execution environment provides resources such as computing resources, hardware resources, and software resources. Resource action rules (“rules”) may be defined and associated with resources in the distributed execution environment. The rules may be evaluated based upon resource state data defining the state of one or more resources. The results of the evaluation of the rules may be utilized to take various actions. For example, the results of the evaluation of rules may be utilized to generate a user interface (UI) object for providing information regarding the evaluation of the rule, to initiate a workflow, and/or perform another type of action. The results might also be utilized to prohibit certain types of operations from being performed with regard to a resource. The results might be propagated to other resources. A UI might also be provided for use in defining the rules.
    Type: Grant
    Filed: December 19, 2013
    Date of Patent: May 9, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Brian Frederick Mulder, Ross Bevan Engers, Joshua Mentz, Ronen Dov Agranat, Willem Jacob Buys, Timothy Ralph Sjoberg, James Alfred Gordon Greenfield
  • Patent number: 9641336
    Abstract: An example method includes facilitating installation of a data collector on a media device; collecting, via the data collector, a media identifier indicative of media presented at the media device; encrypting a user identifier that identifies the user of the media device, the encrypting of the user identifier based on a first encryption key corresponding to a first database proprietor having first user information associated with the user identifier; encrypting a device identifier that identifies the media device, the encrypting of the device identifier based on a second encryption key corresponding to a second database proprietor having second user information associated with the device identifier; sending the media identifier to a data collection server; sending the encrypted user identifier to a second server associated with the first database proprietor; and sending the encrypted device identifier to a third server associated with the second database proprietor.
    Type: Grant
    Filed: December 30, 2015
    Date of Patent: May 2, 2017
    Assignee: The Nielsen Company (US), LLC
    Inventors: Alan N. Bosworth, Madhusudhan Reddy Alla, Steven J. Splaine, Brahmanand Reddy Shivampet, Kevin K. Gaynor
  • Patent number: 9641489
    Abstract: Disclosed herein are techniques for use in fraud detection. In one embodiment, the techniques comprise a method. The method comprises receiving an encrypted current location associated with a user. The method also comprises obtaining an encrypted historical location associated with the user and an encrypted location sensitivity metric that relates to a distance within which locations are considered to be the same. The method further comprises performing an authentication operation based on the encrypted current location, the encrypted historical location and the encrypted location sensitivity metric.
    Type: Grant
    Filed: September 30, 2015
    Date of Patent: May 2, 2017
    Assignee: EMC IP Holding Company
    Inventors: Alon Kaufman, Philip Derbeko, Yan Belinky
  • Patent number: 9633215
    Abstract: In a method (300) for applying differential policies on at least one digital document (120a-120n) having a plurality of atomic units (122a-122n) among a plurality of workflow participants (110a-110n), in which the atomic units are assigned with at least one of a plurality of the differential policies, the at least one digital document is tessellated (304) to identify the atomic units and the at least one of the differential policies assigned to the atomic units. In addition, the atomic units are aggregated (306) according to the at least one of the differential policies assigned to the atomic units and respective sets of keys are associated (308) to the aggregated atomic units, in which common sets of keys are associated with the aggregated atomic units assigned with the same policies.
    Type: Grant
    Filed: September 21, 2010
    Date of Patent: April 25, 2017
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Steven J. Simske, Helen Balinsky
  • Patent number: 9621680
    Abstract: According to one embodiment of the present invention, a system masks data objects across a plurality of different data resources. The system comprises a processor configured to include a plurality of service providers to mask the data objects, wherein each service provider corresponds to a different type of data masking for the data objects. An interface provides access to the plurality of service providers from different data-consumers to mask the data objects according to the corresponding types of data masking, wherein resulting masked data maintains relational integrity across the different data resources. Embodiments of the present invention further include a method and computer program product for masking data objects across a plurality of different data resources in substantially the same manners described above.
    Type: Grant
    Filed: October 21, 2013
    Date of Patent: April 11, 2017
    Assignee: GLOBALFOUNDRIES INC.
    Inventors: Noel H. E. D'Costa, Peter Hagelund, David J. Henderson, Robert J. Oakley, Ritesh Tandon
  • Patent number: 9621522
    Abstract: Systems and methods for performing adaptive bitrate streaming using alternative streams of protected content in accordance with embodiments of the invention are described. One embodiment of the invention includes a processor, and memory containing a client application. In addition, the client application configures the processor to: request a top level index file identifying a plurality of alternative streams of protected content, where each of the alternative streams of protected content are encrypted using common cryptographic information; obtain the common cryptographic information; request portions of content from at least the plurality of alternative streams of protected content; access the protected content using the common cryptographic information; and playback the content.
    Type: Grant
    Filed: December 15, 2015
    Date of Patent: April 11, 2017
    Assignee: Sonic IP, Inc.
    Inventors: Michael George Kiefer, Eric William Grab, Jason Braness
  • Patent number: 9594898
    Abstract: To control privileges and access to resources on a per-process basis, an administrator creates a rule that may be applied to modify a token of a process. The rule may include an application-criterion set and changes to be made to the groups and/or privileges of the token. The rule may be set as a policy within a group policy object (GPO), where a GPO is associated with one or more groups of computers or users. When a GPO containing a rule is applied to a computer, a driver installed on the computer may access the rule(s) anytime a logged-on user executes a process. If the executed process satisfies the criterion set of a rule, the changes contained within the rule are made to the process token, and the user has expanded and/or contracted access and/or privileges for only that process.
    Type: Grant
    Filed: October 23, 2014
    Date of Patent: March 14, 2017
    Assignee: BeyondTrust Software, Inc.
    Inventors: Peter David Beauregard, Andrey Kolishchak, Shannon E. Jennings, Robert F. Hogan
  • Patent number: 9588776
    Abstract: Disclosed herein is a processing device comprising a secured execution environment comprising means for bringing the processing device into a predetermined operational state; and a timer; a communication interface for data communication between the processing device and a remote device management system external to the processing device; wherein the secured execution environment is configured, responsive to an expiry of the timer, to bring the processing device into said predetermined operational state; and responsive to a receipt, from the remote device management system via said communications interface, of a predetermined signal, to restart the timer.
    Type: Grant
    Filed: May 23, 2011
    Date of Patent: March 7, 2017
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Bernard Smeets, Patrik Ekdahl
  • Patent number: 9590959
    Abstract: A distributed computing environment utilizes a cryptography service. The cryptography service manages keys securely on behalf of one or more entities. The cryptography service is configured to receive and respond to requests to perform cryptographic operations, such as encryption and decryption. The requests may originate from entities using the distributed computing environment and/or subsystems of the distributed computing environment.
    Type: Grant
    Filed: February 12, 2013
    Date of Patent: March 7, 2017
    Assignee: AMAZON TECHNOLOGIES, INC.
    Inventors: Gregory Branchek Roth, Matthew James Wren, Eric Jason Brandwine, Brian Irl Pratt
  • Patent number: 9588828
    Abstract: A system and method for enabling the interchange of enterprise data through an open platform is disclosed. This open platform can be based on a standardized interface that enables parties to easily connect to and use the network. Services operating as senders, recipients, and in-transit parties can therefore leverage a framework that overlays a public network.
    Type: Grant
    Filed: January 27, 2014
    Date of Patent: March 7, 2017
    Assignee: salesforce.com, inc.
    Inventors: Lev Brouk, Kenneth Norton, Jason Douglas, Peter Panec
  • Patent number: 9588726
    Abstract: A method for routing object data that defines a 3-dimensional (3D) object to a 3D printer includes receiving the object data at a server and determining, by the server, object attributes associated with the object defined by the object data. The server searches a database that stores 3D printer attributes for one or more 3D printers capable of printing objects that possess the determined object attributes. If one or more capable printers are identified, the server communicates a list that identifies the one or more capable printers to a user.
    Type: Grant
    Filed: January 23, 2014
    Date of Patent: March 7, 2017
    Assignee: ACCENTURE GLOBAL SERVICES LIMITED
    Inventors: Sunny Webb, Kelly L. Dempski, Matthew Short, Michael Balint
  • Patent number: 9582641
    Abstract: A system and method distributing healthcare database access is disclosed. The system and method interpose a data mapping server (DMS) between a data request user server (DRS) and data service user server (DSS) to manage data transfers between the DSS and the DRS such that disparate database characteristics of the DRS/DSS are accommodated in real-time and permit asynchronous healthcare activity to be triggered. The DMS operates with a data access matrix (DAM) having each referenced DRS/DSS intersection pair associated with read/write control processes (RWP) that include read data (RDD) and write data (WRD) processes to permit data access across the disparate DRS/DSS database boundaries. The DAM may have multiple dimensions to accommodate asynchronously activated process threads within an overall patient healthcare plan (PHP) that operate to trigger healthcare provider alarms and other activity associated with the transfer/update of data between the DSS and the DRS.
    Type: Grant
    Filed: March 25, 2014
    Date of Patent: February 28, 2017
    Inventor: Eric Rock
  • Patent number: 9576144
    Abstract: Systems and methods for accessing data secured and encrypted using a file system manager are disclosed. One method includes determining whether a community of interest (COI) key obtained from a security appliance matches a COI key associated with a file structure managed by the file system manager that is the subject of a file system request issued by a caller. The method further includes identifying an entry included in a key bank associated with the COI key and the file structure that is the subject of the file system request, the key bank storing encrypted versions of a metadata key. The method also includes decrypting the metadata key using the COI key, decrypting at least one block encryption key using the metadata key, and decrypting a block of data associated with the at least one block encryption key.
    Type: Grant
    Filed: September 15, 2014
    Date of Patent: February 21, 2017
    Assignee: Unisys Corporation
    Inventors: Kelsey L Bruso, Uday Datta Shet
  • Patent number: 9563445
    Abstract: According to some aspects disclosed herein, a system for remote assistance and control of user devices subject to one or more remote assistance policies may be provided. In some embodiments, an administrator may request remote control of a managed user device. A managed application launcher may be provided by the user device and may be modified by the user device to remove managed applications or otherwise prevent access to applications that have a policy indicating that remote assistance is not allowed. The administrator may open a managed application included in the launcher and remotely control that application. In other embodiments, a user of the managed user device may initiate a request for remote assistance from within a managed application and/or the managed application launcher. The administrator's control of the user device and access to other applications on the user device may be limited based on the remote assistance policies.
    Type: Grant
    Filed: May 4, 2015
    Date of Patent: February 7, 2017
    Assignee: Citrix Systems, Inc.
    Inventors: Nitin Desai, Jaspreet Singh