Access Control Patents (Class 726/27)
  • Patent number: 9948651
    Abstract: Network traffic is monitored, and activities concerning posting images to sharing sites are detected. Detected activities can be attempts to login to sharing sites, or attempts to post images. Privacy concerns associated with sharing images on target sites are identified. In the case of detecting a successful attempt to login to a known sharing site, the site is scanned for the privacy settings in effect for the user, and it is determined whether the settings are below a given threshold. Another example of a privacy concern is detecting an attempt to post an image to an unknown site. When a privacy concern is detected, the user is warned, and prompted to indicate whether images are to be posted to the target site anyway. Attempts to post images to sites that are subject to privacy concerns are processed according to received user directives (e.g., blocked or allowed).
    Type: Grant
    Filed: December 14, 2015
    Date of Patent: April 17, 2018
    Assignee: Symantec Corporation
    Inventors: Michael Shavell, Matthew Boucher
  • Patent number: 9948820
    Abstract: A method for routing object data that defines a 3-dimensional (3D) object to a 3D printer includes receiving the object data at a server and determining, by the server, object attributes associated with the object defined by the object data. The server searches a database that stores 3D printer attributes for one or more 3D printers capable of printing objects that possess the determined object attributes. If one or more capable printers are identified, the server communicates a list that identifies the one or more capable printers to a user.
    Type: Grant
    Filed: February 8, 2017
    Date of Patent: April 17, 2018
    Assignee: ACCENTURE GLOBAL SERVICES LIMITED
    Inventors: Sunny Webb, Kelly L. Dempski, Matthew Short, Michael Balint
  • Patent number: 9940195
    Abstract: A method for use in a distributed storage network (DSN) including a plurality of distributed storage (DS) units includes receiving, at a DS unit, a rebuilding request indicating that the DS unit is to provide an encrypted partial slice to a requesting DS unit included in the DS network. Key pairing requirements associated with the rebuilding request are determined, and an even number of key pairing entities are selected based on the key pairing requirements. The even number of key pairing entities being fewer than a decode threshold number of key pairing entities. The DS unit generates shared secret keys corresponding to each of the even number of key pairing entities, uses those keys to generate an encrypted partial slice, and transmits the encrypted partial slice to the requesting DS unit in accordance with a rebuilding topology.
    Type: Grant
    Filed: September 28, 2017
    Date of Patent: April 10, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jason K. Resch, Greg R. Dhuse, Wesley B. Leggette
  • Patent number: 9940483
    Abstract: This disclosure provides for implementing a firmware security interface within a field-programmable gate array (FPGA) for communicating between secure and non-secure environments executable within the FPGA. A security monitor is implemented within the programmable logic of the FPGA as a soft core processor and the firmware security interface modifies one or more functions of the security monitor. The modifications to the security monitor include establishing a timer “heartbeat” within the FPGA to ensure that the FPGA invokes a secure environment and raising an alarm should the FPGA fail to invoke such environment.
    Type: Grant
    Filed: January 25, 2016
    Date of Patent: April 10, 2018
    Assignee: Raytheon Company
    Inventors: Matthew C. Areno, John Hoffman, William T. Jennings
  • Patent number: 9940333
    Abstract: Various systems described herein facilitate storage of files in various formats. A client device can generate a request for a particular file or content. The client device can submit a request with various request parameters. A file service can identify an appropriate file in an appropriate format. The appropriate file in the appropriate format can be provided to the client device in response to the request.
    Type: Grant
    Filed: June 18, 2015
    Date of Patent: April 10, 2018
    Assignee: AirWatch LLC
    Inventor: Ramani Panchapakesan
  • Patent number: 9935970
    Abstract: A system, method, and computer program product for implementing a phishing assessment that includes a phishing server that implements one or more phishing assessments; the phishing server: identifies legitimate target domain names to be used in the phishing assessment, generates one or more pseudo domain names and pseudo web pages, where the pseudo domain name are visually similar to an identified target domain name and the pseudo web page includes one or more characteristics and attributes of a legitimate web page.
    Type: Grant
    Filed: October 28, 2016
    Date of Patent: April 3, 2018
    Assignee: Duo Security, Inc.
    Inventor: Jon Oberheide
  • Patent number: 9929869
    Abstract: Methods, apparatuses, and computer-readable media for providing a collaboration license to an application for participant user device(s) participating in an on-line collaboration are disclosed. In one embodiment, a method is provided for licensing at least one application. The method includes transmitting a license request for at least one collaboration license. The collaboration license authorizes usage of at least one application on at least one participant user device participating in a collaboration. The collaboration may include at least one collaborative communication session among a plurality of participant user devices. The method further includes receiving the at least one collaboration license. Apparatuses and computer-readable media having instructions for providing the method are also disclosed.
    Type: Grant
    Filed: October 26, 2011
    Date of Patent: March 27, 2018
    Assignee: Avaya Inc.
    Inventor: Terry Don Jennings
  • Patent number: 9923877
    Abstract: An end-to-end secure cloud-hosted collaboration service is provided with a hybrid cloud/on-premise index and search capability. This approach includes on-premise indexing and search handling, while relying on the cloud for persistent storage and search of the index. The on-premise indexer receives a copy of an encrypted message from the cloud-hosted collaboration service. The encrypted message has been encrypted with a conversation key. The indexer receives the conversation key from an on-premise key management service, and decrypts the encrypted message with the conversation key. A set of tokens are extracted from the decrypted message, and subsequently encrypted with a secret key, different than the conversation key, to generate a first set of encrypted tokens. The first set of encrypted tokens is transmitted for storage in a search index on the cloud-hosted collaboration service.
    Type: Grant
    Filed: February 17, 2017
    Date of Patent: March 20, 2018
    Assignee: Cisco Technology, Inc.
    Inventor: Shaun Cooley
  • Patent number: 9923919
    Abstract: A computer-implemented method for deflecting abnormal computer interactions includes receiving, at a computer server system and from a client computer device that is remote from the computer server system, a request for web content; identifying, by computer analysis of mark-up code content that is responsive to the request, executable code that is separate from, but programmatically related to, the mark-up code content; generating groups of elements in the mark-up code content and the related executable code by determining that the elements within particular groups are programmatically related to each other; modifying elements within particular ones of the groups consistently so as to prevent third-party code written to interoperate with the elements from modifying from interoperating with the modified elements, while maintain an ability of the modified elements within each group to interoperate with each other; and recoding the mark-up code content and the executable code to include the modified elements.
    Type: Grant
    Filed: August 10, 2015
    Date of Patent: March 20, 2018
    Assignee: Shape Security, Inc.
    Inventors: Justin D. Call, Xiaoming Zhou, Xiaohan Huang, Subramanian Varadarajan, Roger S. Hoover
  • Patent number: 9922207
    Abstract: Subscriber (user) data is encrypted and stored in a service provider cloud in a manner such that the service provider is unable to decrypt and, as a consequence, to view, access or copy the data. Only the user knows a user-specific secret (e.g., a password) that is the basis of the encryption. The techniques herein enable the user to share his or her data, privately or publicly, without exposing the user-specific secret with anyone or any entity (such as the service provider).
    Type: Grant
    Filed: April 18, 2016
    Date of Patent: March 20, 2018
    Assignee: LogMeln, Inc.
    Inventors: Krisztian Kopasz, Marton B. Anka
  • Patent number: 9906557
    Abstract: A mechanism is provided for generating a packet inspection policy for a policy enforcement point in a centralized management environment. Data of a network topology for the policy enforcement point corresponding to a network infrastructure is updated according to metadata of the policy enforcement point, the metadata including a capability of the policy enforcement point. The packet inspection policy for the policy enforcement point is generated according to the data of the network topology and the capability of the policy enforcement point. The packet inspection policy is then deployed to the policy enforcement point.
    Type: Grant
    Filed: June 19, 2015
    Date of Patent: February 27, 2018
    Assignee: International Business Machines Corporation
    Inventors: Wei-Hsiang Hsiung, Sheng-Tung Hsu, Cheng-Ta Lee, Ming-Hsun Wu
  • Patent number: 9894069
    Abstract: Secret application and maintenance policy data is generated for different classes of data. The class of data to be protected is determined and the secret application and maintenance policy data for the determined class of the data to be protected is identified and obtained. Required secrets data representing one or more secrets to be applied to the data to be protected is obtained and then automatically scheduled for application to the data to be protected in accordance with the secret application and maintenance policy data for the determined class of the data to be protected. Maintenance of the one or more secrets is also automatically scheduled in accordance with the secret application and maintenance policy data for the determined class of the data to be protected.
    Type: Grant
    Filed: November 1, 2013
    Date of Patent: February 13, 2018
    Assignee: Intuit Inc.
    Inventors: Brett Weaver, Sabu Kuruvila Philip, Troy Otillio, Jinglei Whitehouse, III, Oleg Gryb, Jeffrey M. Wolfe, Ankur Jain, M. Shannon Lietz, Luis Felipe Cabrera
  • Patent number: 9891271
    Abstract: A power grid provides power to one or more modules of an integrated circuit device via a virtual power supply signal. A test module is configured to respond to assertion of a test signal so that, when the power grid is working properly and is not power gated, an output of the test module matches the virtual power supply. When the power grid is not working properly, the output of the test module is a fixed logic signal that does not vary based on the power gated state of the one or more modules.
    Type: Grant
    Filed: July 19, 2013
    Date of Patent: February 13, 2018
    Assignee: Advanced Micro Devices, Inc.
    Inventors: Russell Schreiber, Joel Irby, Sudha Thiruvengadam, Carl Dietz
  • Patent number: 9894107
    Abstract: A control module arranged to manage a hosted communications platform, the hosted communications platform being located between a telecommunications network and a subscriber communications network, the subscriber communications network being associated with a subscriber to the hosted communications platform, the subscriber being associated with a plurality of users. The module comprises a first communications interface arranged to interface with the telecommunications network, and processing means arranged to configure the hosted communications platform for use with two or more subscribers, each subscriber comprising a respective subscriber communications network. The module further comprises a second communications interface arranged to interface with the hosted communications platform. For each subscriber, the processing means is arranged to form a partition on the hosted communications platform.
    Type: Grant
    Filed: July 23, 2014
    Date of Patent: February 13, 2018
    Inventor: Barnaby Thomas Ritchley
  • Patent number: 9886699
    Abstract: A method for testing a new workflowed item associated with a workflow process in a content management system (CMS) is provided. The method may include adding a workflow stage to the workflow process in the content management system (CMS). The method may also include adding a test associated with the workflow stage. The method may further include determining if a criteria threshold is met based on the test associated with the workflow stage. Additionally, the method may include publishing the new workflowed item based on the criteria threshold being met.
    Type: Grant
    Filed: April 8, 2014
    Date of Patent: February 6, 2018
    Assignee: International Business Machines Corporation
    Inventors: Nicholas A. Baldwin, Laurence A. Hey, Eric Martinez de Morentin, Matthew J. Ponsford
  • Patent number: 9881316
    Abstract: A method for testing a new workflowed item associated with a workflow process in a content management system (CMS) is provided. The method may include adding a workflow stage to the workflow process in the content management system (CMS). The method may also include adding a test associated with the workflow stage. The method may further include determining if a criteria threshold is met based on the test associated with the workflow stage. Additionally, the method may include publishing the new workflowed item based on the criteria threshold being met.
    Type: Grant
    Filed: January 29, 2015
    Date of Patent: January 30, 2018
    Assignee: International Business Machines Corporation
    Inventors: Nicholas A. Baldwin, Laurence A. Hey, Eric Martinez de Morentin, Matthew J. Ponsford
  • Patent number: 9875371
    Abstract: A system for controlling access to copyrighted data comprises, at least: a plurality of users having computers, each computer being assigned a unique identity and each computer being configured for communicating with external units via a core network; a core network operated by a telecommunications organization; an access handler configured to communicate with the computers via the core network and a communication interface configured for routing incoming data traffic to a first database; wherein the first database includes at least one table, in which table the unique identities of the computers are associated with access rights for each one of the unique identities, and the first database is configured to communicate with a second database and a third database/server; the second database includes copyrighted data material, and the second database is further configured to communicate via the core network with the computers for transferring requested copyrighted data material.
    Type: Grant
    Filed: January 9, 2013
    Date of Patent: January 23, 2018
    Assignee: Wire I.P. Limited
    Inventor: Magnus Skraastad Gulbrandsen
  • Patent number: 9875363
    Abstract: Embodiments are directed towards decrypting encrypted content. A key for decrypting the encrypted content may be provided to a web application executing within a browser. The application may employ a generic cryptography application program interface (GCAPI) to perform actions on the key, including, storing the key, decrypting an encrypted key, generating another key, converting the key to a different encryption type, or the like. The GCAPI may or may not be enabled to explicitly share the key with the browser's media engine. In response to receiving encrypted content, the GCAPI may provide the key to the application, explicitly or inexplicitly to the browser's media engine, or the like. The key may be utilized by the application, the browser, the media element, browser's media engine, and/or the GCAPI to decrypt the encrypted content. The decrypted content may be displayed within the browser to a user of a client device.
    Type: Grant
    Filed: June 6, 2017
    Date of Patent: January 23, 2018
    Assignee: Google LLC
    Inventors: David Kimbal Dorwin, Ryan David Sleevi, Andrew Martin Scherkus
  • Patent number: 9864482
    Abstract: Electronic publications are increasingly replacing physical media, where standards have evolved to mimic these physical media. Accordingly it is beneficial to provide electronic publication software systems and/or software applications to enable new paradigms that provide consumers, authors, publishers, retailers, and others with a method of navigating electronic content comprising the ability to generate a user interface that supports individual page turns as well as small, moderate and large adjustments of position within the electronic content, wherein the user interface supports these adjustments in a manner that is consistent.
    Type: Grant
    Filed: March 13, 2013
    Date of Patent: January 9, 2018
    Assignee: Cognilore Inc.
    Inventors: Andre Dube, Darryl Beallie, Brian Anderson, Cody Thompson
  • Patent number: 9860387
    Abstract: Programmatically reversing numerical line identity presented at a communications services gateway into named IP Telephony users with “prior association”, delivers dynamic “reverse address resolution” switching connections from ground to cloud, permitting any conventional telephone to dial and connect to any associated IP Telephony endpoint in the world, without changes to the conventional telephone. Reversing line identity into associated named users bridges both the addressability and economic divide between mass conventional “paying” (mobile and fixed) and “free”. IP Telephony networks.
    Type: Grant
    Filed: February 15, 2016
    Date of Patent: January 2, 2018
    Assignee: Starlogik IP LLC
    Inventor: Ari Kahn
  • Patent number: 9860061
    Abstract: A method of encrypting information using a computational tag may include, by a mobile electronic device, detecting a computational tag within a near field communication range of the mobile electronic device, identifying a document to be encrypted by the mobile electronic device, transmitting the document to the computational tag by the mobile electronic device, receiving, from the computational tag, an encrypted document, wherein the encrypted document comprises an encrypted version of the document that was to be encrypted, and storing the encrypted document in a memory of the mobile electronic device.
    Type: Grant
    Filed: December 21, 2016
    Date of Patent: January 2, 2018
    Assignee: Xerox Corporation
    Inventors: Gavan Leonard Tredoux, Kanishk Jain
  • Patent number: 9848325
    Abstract: The present disclosure provides for methods and devices for enabling distribution of a first security application comprised in the first wireless device to the second wireless device. One method comprises the steps of receiving, in the first wireless device, using a short distance communication technology, a hardware identifier of the second wireless device, sending, from the first wireless device, the hardware identifier and information identifying the first security application to the network node, receiving, in the network node, from the first wireless device, the hardware identifier of the second wireless device and the information identifying the security application and authorizing, in the network node, the second wireless device to receive and/or activate a second security application associated with the first security application of the first wireless device.
    Type: Grant
    Filed: November 3, 2014
    Date of Patent: December 19, 2017
    Assignees: Sony Corporation, Sony Mobile Communications Inc.
    Inventors: Anders Mellqvist, David Berthet
  • Patent number: 9830295
    Abstract: A resource domain controller in a data processing system stores information that is used to group various resources, such as bus masters and peripherals, into common domains. Each group can be referred to as a resource domain and can include one or more data processor and peripheral devices. The resource domain information is then used to determine whether a particular access request from a data processor is authorized to access its intended target, e.g., one of the peripheral devices, by determining whether the access request and the intended target each belong to a common resource domain. If so, the access request is allowed, otherwise the access request is prevented from being successfully completed.
    Type: Grant
    Filed: January 15, 2015
    Date of Patent: November 28, 2017
    Assignee: NXP USA, Inc.
    Inventors: Lawrence L. Case, Charles E. Cannon, Simon J. Gallimore, Glen G. Wienecke
  • Patent number: 9811799
    Abstract: In a method, system, and computer-readable medium having instructions for providing distributed customer support, a customer care provider for a first business entity receives a request for customer care and the request may be handled by the customer care provider with a remedy, transaction information involving any number of transactions from a repository is accessed using a customer care credential and the repository comprises transaction information for a second business entity, and a limitation on the customer care provider is determined for providing the remedy using the transaction information.
    Type: Grant
    Filed: June 10, 2011
    Date of Patent: November 7, 2017
    Assignees: SONY ELETRONICS, INC., SONY CORPORATION
    Inventor: Albhy Galuten
  • Patent number: 9811645
    Abstract: Technology is disclosed herein for licensing applications using a preferred authorization process dynamically identified based on conditions associated with an initiation of an application. Authorization is then attempted using the preferred authorization process. In some examples, the preferred authorization process is selected from at least a keyless authorization process and a key-based authorization process.
    Type: Grant
    Filed: October 9, 2015
    Date of Patent: November 7, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Gregory Akselrod, Tianyu Xie, Scott Kurtzebom, Gordon Hardy, Sanjay Garg, Chad Shurtz, Karvell Li, Robert Donner
  • Patent number: 9805219
    Abstract: One or more elements on a computing device can be selected and locked from use. For example, a first user (e.g., adult) of a computing device can allow a second user (e.g., child) to use the former's device; however, the first user might not want the second user to have access to all of the elements on the device, and so the first user can select which elements he/she wants to share with the second user and which elements he/she does not want to share. For example, the first user can select elements and choose to lock the selected elements, lock all other elements, lock the selected elements for a certain period of time, or lock the selected elements but allow for earned usage, etc. The lock can be removed in response to an unlock event, which can comprise a user-initiated unlock, a timed unlock, or a user-earned locked.
    Type: Grant
    Filed: January 28, 2016
    Date of Patent: October 31, 2017
    Assignee: A9.COM, INC.
    Inventors: Matthew Warren Amacker, Dawn R Dodd
  • Patent number: 9792450
    Abstract: A method for preserving data redundancy in a data deduplication system in a computing environment is provided. A selected data segment, to be written through the data deduplication system, is encrypted such that the selected data segment is not subject to a deduplication operation. The method determines and identifies copies of the data segment that are to be precluded from data deduplication. A unique encryption key is used to encrypt the selected data segment to be written through the data deduplication system such that the selected data segment is not subject to a deduplication operation. The data deduplication system is tricked to recognize the encrypted, selected data segment as new, undeduplicated data by the encrypting thereby skipping steps of the deduplication operation that includes fingerprint generation and matching. The encrypted, selected data segment is directly written to a new physical storage location.
    Type: Grant
    Filed: February 9, 2015
    Date of Patent: October 17, 2017
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Rahul M. Fiske, Carl E. Jones, Subhojit Roy
  • Patent number: 9794907
    Abstract: A wireless location device comprises a BLUETOOTH beacon configured to emit wireless signals and an electromagnetic shielding cover. The BLUETOOTH beacon is positioned within the electromagnetic shielding cover. The electromagnetic shielding cover comprises an inner surface comprising a plurality of micro-structures, and an opening below the inner surface. The inner surface is configured to reflect towards the opening the wireless signals emitted by the BLUETOOTH beacon which are not directly emitted out of the opening.
    Type: Grant
    Filed: August 18, 2016
    Date of Patent: October 17, 2017
    Assignee: HON HAI PRECISION INDUSTRY CO., LTD.
    Inventors: Hsin-Pei Hsieh, Fu-Hsin Chiu, Jen-Tsorng Chang
  • Patent number: 9794151
    Abstract: One embodiment of the present invention sets forth a technique for identifying active streaming connections associated with a particular user account. Each active streaming connection transmits heartbeat packets periodically to a server that tracks the receipt of the heartbeat packets. If, for a particular streaming connection, the server stops receiving heartbeat packets, then the server is able to infer that the streaming connection has been terminated.
    Type: Grant
    Filed: February 7, 2016
    Date of Patent: October 17, 2017
    Assignee: NETFLIX, INC.
    Inventors: James Mitch Zollinger, Julie Amundson Pitt
  • Patent number: 9794239
    Abstract: A method and system for authenticating a user device includes an identity provider reading service and an external service provider receiving a request to access content from a user device and communicating the request to access content from a service provider to the reading service. The request to access content includes cookie data. The external service requests an identity provider token from the cookie data from the reading service based on the request to access. The identity provider reading service communicates the identity provider token to the external service provider. An identity provider communicates with the service provider. The external service generates and communicates an authentication request to the identity provider having the identity provider token and a service provider identifier. The identity provider communicates an assertion signal to the service provider when the cookie data is resolved at the identity provider.
    Type: Grant
    Filed: February 18, 2011
    Date of Patent: October 17, 2017
    Assignee: The DIRECTV Group, Inc.
    Inventors: Kapil Chaudhry, David N. Schlacht
  • Patent number: 9785776
    Abstract: An execution of a data object is identified by a computing device. In response to identifying the execution of the data object, it is determined that the data object has requested a sensitive action of the computing device before interacting with a user of the computing device. In response to determining that the data object has requested the sensitive action, the data object is classified as a high-risk data object.
    Type: Grant
    Filed: April 27, 2015
    Date of Patent: October 10, 2017
    Assignee: iboss, Inc.
    Inventors: Paul Michael Martini, Peter Anthony Martini
  • Patent number: 9781098
    Abstract: Methods, devices, and systems are described for enrolling a user's bring-your-own-device for secure connection to a company's enterprise computer network. From her mobile device, user clicks on a uniform resource locator (URL) to connect with the login web page on the enterprise network. After authentication, checks are performed to verify that the user has authorization to enroll the type of electronic device, and the profile is installed on the device. A notification is sent to the device by a server on the enterprise network, and a secure workspace application is pushed to the device along with configuration data that automatically links the workspace with the parent device enrollment. Once the user launches the secure workspace application the workspace access configuration data and initializes enrollment with the enterprise network, resulting in a linking of the secure workspace application with its parent device enrollment.
    Type: Grant
    Filed: April 17, 2015
    Date of Patent: October 3, 2017
    Assignee: Oracle International Corporation
    Inventors: Mohamad Raja Gani Mohamad Abdul, Bhagavati Kumar Jayanti Venkata, Krithiga Gopalan, Harsh Maheshwari, Nagaraj Pattar, Ravi Verma
  • Patent number: 9769141
    Abstract: Methods and an apparatus are provided for securely authorizing access to remote resources. For example, a method is provided that includes receiving a request to determine whether a user device communicatively coupled to a resource server is authorized to access at least one resource hosted by the resource server and determining whether the user device communicatively coupled to the resource server is authorized to access the at least one resource hosted by the resource server based at least in part on whether the user device communicatively coupled to the resource server has been issued a management identifier. The method further includes providing a response indicating that the user device communicatively coupled to the resource server is authorized to access the at least one resource hosted by the resource server in response to a determination that the user device communicatively coupled to the resource server is authorized to access the at least one resource hosted by the resource server.
    Type: Grant
    Filed: October 30, 2015
    Date of Patent: September 19, 2017
    Assignee: AirWatch LLC
    Inventor: Jonathan Blake Brannon
  • Patent number: 9769137
    Abstract: An extensible mechanism for providing access control for logical objects in a network environment. A security broker is able to dynamically register one or more claims providers, each of which can assert one or more claims about logical objects. The claims providers may be purpose built or may be third party applications which expose data or business rules for use. Claims may be augmented by additional claims providers after the original claim is asserted. The applicability of claims may be scope limited either at the time the claims provider is registered or when the user requests that a security token be issued.
    Type: Grant
    Filed: February 17, 2015
    Date of Patent: September 19, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Venkatesh Veeraraghavan, Javier Dalzell, Benoit Schmitlin, Ambrose T. Treacy, Bryant Fong, Christian Roy
  • Patent number: 9762642
    Abstract: A method implemented by a first client device, the method comprising receiving a media presentation description (MPD) for a media content from a streaming server, receiving a plurality of segments for the media content from one or more streaming servers, and packaging the MPD and at least part of the received segments such that the packaged segments are accessible by a second client device through the packaged MPD.
    Type: Grant
    Filed: January 16, 2014
    Date of Patent: September 12, 2017
    Assignee: Futurewei Technologies, Inc.
    Inventors: Xin Wang, Yongliang Liu
  • Patent number: 9760712
    Abstract: Methods and systems for protecting a virtual machine network are disclosed. In an embodiment, a method involves storing an application whitelist including application-to-user associations in memory such that the application whitelist is immutable by a guest virtual machine, receiving a request to execute an application including an application identifier and a user identifier, comparing the application identifier and the user identifier of the request with the application whitelist, and generating an execution decision indicating whether the requested application can execute on the guest virtual machine.
    Type: Grant
    Filed: May 23, 2014
    Date of Patent: September 12, 2017
    Assignee: VMware, Inc.
    Inventors: Azeem Feroz, Binyuan Chen, Prasad Sharad Dabak
  • Patent number: 9754089
    Abstract: Embodiments of the disclosure provide application management capabilities to enterprises. A computing device of a user, associated with the enterprise, receives an enrollment token signed with a certificate. The enrollment token includes an enterprise identifier associated with the enterprise. The computing device receives a package containing one or more applications. The package also includes an enterprise identifier. Installation and execution of one or more applications from the received package is accepted or rejected based on a comparison of the enterprise identifier from the enrollment token with the enterprise identifier from the received package or application. A web service provides validation services by monitoring the installation and execution of applications on the computing devices associated with the enterprise.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: September 5, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Clifford Paul Strom, Daniel Kevin McBride, Arvind Ramakrishnan, Yashraj Motilal Borse, Chittaranjan Pattekar
  • Patent number: 9749334
    Abstract: In one embodiment, a method includes receiving, from a client device of an author of a message, a request for a restricted ideogram to be inserted into a message; accessing social-networking information for the author; determining, based on the social-networking information for the author, whether the author is authorized to access the restricted ideogram; accessing social-networking information for a recipient user; determining, based on the social-networking information for the recipient user, whether the recipient user is authorized to access the restricted ideogram; and if the author and the recipient user are authorized to access the restricted ideogram, then sending, to the client device of the author, information to insert the restricted ideogram into the message.
    Type: Grant
    Filed: November 14, 2016
    Date of Patent: August 29, 2017
    Assignee: Facebook, Inc.
    Inventors: David Ebersman, Samuel Lessin, Thomas Stocky, Michael Vernal
  • Patent number: 9740887
    Abstract: In at least some embodiments, a system comprises a processor and a direct memory access (DMA) subsystem coupled to the processor. The system further comprises a component coupled to the DMA subsystem via an interconnect employing security rules, wherein, if the component requests a DMA channel, the DMA subsystem restricts usage of the DMA channel based on the security rules.
    Type: Grant
    Filed: November 7, 2006
    Date of Patent: August 22, 2017
    Assignee: TEXAS INSTRUMENTS INCORPORATED
    Inventor: Gregory R. Conti
  • Patent number: 9742657
    Abstract: A method, in a network controller of a control plane in a software defined network (SDN) coupled to a network element (NE) of a data plane in the SDN, of resynchronizing forwarding table entries of the NE according to forwarding table entries of the network controller is disclosed. The method includes causing the NE to update a first subset of forwarding table entries from a set of one or more of forwarding table entries to include a post-synchronization indicator. The method continues with causing the NE to delete, following the update of the first subset of forwarding table entries, a second subset of zero or more forwarding table entries from the set of forwarding table entries, where each forwarding table entry from the second subset includes a pre-synchronization indicator.
    Type: Grant
    Filed: May 29, 2015
    Date of Patent: August 22, 2017
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Bhalaji Narayanan, Shuva Jyoti Kar, V L N Mehar Simhadri
  • Patent number: 9727747
    Abstract: Location, time, and other contextual mobile application policies are disclosed. Access state information associated with a managed set of applications may be determined based at least in part on environmental context data associated with a mobile device and one or more contextual policies associated with the managed set of applications. The access state information may be provided to at least one application included in the managed set of applications, wherein at least one application in the managed set of applications is configured to use the access state information to regulate use of the application in a manner required by the one or more contextual policies.
    Type: Grant
    Filed: December 20, 2013
    Date of Patent: August 8, 2017
    Assignee: MOBILE IRON, INC.
    Inventors: Mansu Kim, Joshua Sirota, Suresh Kumar Batchu
  • Patent number: 9722807
    Abstract: A computer network system for posting content at a web site includes computer servers configured to host a web site for a group of users, and a data storage configured to store an email address in association with a destination at the website. The computer servers can receive an electronic message at the email address by the computer servers from a user. A computer processor can automatically extract content from the electronic message. The computer servers can automatically post the content extracted from the electronic message at the destination at the website.
    Type: Grant
    Filed: June 13, 2014
    Date of Patent: August 1, 2017
    Assignee: Shutterfly, Inc.
    Inventors: Craig Jorasch, Thomas E. McGannon, Syed Saleem Javid Brahmanapalli, Benjamin C. Guthrie, Irene Chan, Kristina Maria Raquel Aguirre
  • Patent number: 9723124
    Abstract: A mobile terminal and controlling method thereof are disclosed, by which image data of a counterpart having triggered an event can be displayed. The present invention may include a display unit configured to display information, a wireless communication unit configured to communicate with an external server that stores first image data and to communicate with a counterpart terminal, a memory to store a second image data, and a controller, in response to an event triggered by the counterpart terminal, to extract an image data related to a counterpart from one of the first image data and the second image data, and the controller to output the extracted image data on a portion of the display unit to notify an occurrence of the event.
    Type: Grant
    Filed: August 21, 2014
    Date of Patent: August 1, 2017
    Assignee: LG ELECTRONICS INC.
    Inventors: Yunmi Kwon, Hyemi Jung, Arim Kwon
  • Patent number: 9721114
    Abstract: A method for automatic folder ownership assignment, including ascertaining which first folders, among a first multiplicity of folders, have at least one of modify and write permissions to non-IT administration entities, adding the first folders to a list of candidates for ownership assignment, defining a second multiplicity of folders which is a subset of the first multiplicity of folders and not including the first folders and descendents and ancestors thereof, ascertaining which second folders among the second multiplicity of folders, have permissions to non-IT administration entities, adding the second folders to the candidates, defining a third multiplicity of folders, which is a subset of the second multiplicity of folders and not including the second folders and descendents and ancestors thereof, ascertaining which third folders among the third multiplicity of folders are topmost folders, adding the third folders to the candidates, and recommending possible assignment of ownership of the candidates.
    Type: Grant
    Filed: August 25, 2015
    Date of Patent: August 1, 2017
    Assignee: VARONIS SYSTEMS, INC.
    Inventors: Yakov Faitelson, Ohad Korkus, Ophir Kretzer-Katzir
  • Patent number: 9721115
    Abstract: A method for automatic folder ownership assignment, including ascertaining which first folders, among a first multiplicity of folders, have at least one of modify and write permissions to non-IT administration entities, adding the first folders to a list of candidates for ownership assignment, defining a second multiplicity of folders which is a subset of the first multiplicity of folders and not including the first folders and descendents and ancestors thereof, ascertaining which second folders among the second multiplicity of folders, have permissions to non-IT administration entities, adding the second folders to the candidates, defining a third multiplicity of folders, which is a subset of the second multiplicity of folders and not including the second folders and descendents and ancestors thereof, ascertaining which third folders among the third multiplicity of folders are topmost folders, adding the third folders to the candidates, and recommending possible assignment of ownership of the candidates.
    Type: Grant
    Filed: January 26, 2016
    Date of Patent: August 1, 2017
    Assignee: VARONIS SYSTEMS, INC.
    Inventors: Yakov Faitelson, Ohad Korkus, Ophir Kretzer-Katzir
  • Patent number: 9697279
    Abstract: A method includes creating an electronic record of an asset, and automatically associating a predefined data structure with an electronic record of the asset that controls organization and display of user provided metadata describing the asset. The method may also include receiving the metadata describing the asset from a remote computer, populating the predefined data structure with the metadata describing the asset, and generating a graphical user interface corresponding to the electronic record of the asset with active tabs that provide a visual representation of the predefined data structure associated to the electronic record of the asset. The active tabs are respectively associated with predefined displays including the data fields provided by the predefined data structure, enabling a user to navigate through different displays corresponding to the data fields provided in the predefined data structure associated with the asset to view the metadata describing the asset.
    Type: Grant
    Filed: October 10, 2014
    Date of Patent: July 4, 2017
    Assignee: EZShield, Inc.
    Inventors: John Browning, Michael Robinson, Pradip Sitaram
  • Patent number: 9692776
    Abstract: The disclosed computer-implemented method for evaluating content provided to users via user interfaces may include (1) monitoring, as part of a security application via an accessibility application program interface provided by an operating system of a computing device, accessibility events that indicate state transitions in user interfaces of applications running on the computing device, (2) receiving, at the security application, an accessibility event that indicates that a user of the computing device is viewing a user interface of an application running on the computing device, (3) identifying, as part of the security application via the accessibility application program interface, content that the user is attempting to access via the application, (4) determining, as part of the security application, that the content is harmful, and (5) performing, as part of the security application, at least one security action in response to determining that the content is harmful.
    Type: Grant
    Filed: April 29, 2015
    Date of Patent: June 27, 2017
    Assignee: Symantec Corporation
    Inventor: Anubhav Savant
  • Patent number: 9684635
    Abstract: One exemplary embodiment involves receiving, at a computer device, packaged content, wherein the packaged content comprises a manifest and assets. The exemplary method further comprises presenting, via a processor of the computer device, the packaged content in a content consumption environment based at least in part upon the manifest, wherein the manifest identifies stacks, each stack comprising one or more of the assets that are logically related to one another, wherein navigation amongst and within the stacks is specified by the manifest.
    Type: Grant
    Filed: August 9, 2011
    Date of Patent: June 20, 2017
    Assignee: Adobe Systems Incorporated
    Inventors: Gregory S. St. Pierre, Robert Walton
  • Patent number: 9680819
    Abstract: A method of renewing a plurality of digital certificates includes receiving, at a first time, a request from a user to renew a first digital certificate and determining an expiration date for the first digital certificate. The method also includes receiving, at a second time, a request from the user to renew a second digital certificate and determining an expiration date for the second digital certificate. The expiration date for the second certificate is later than the expiration date for the first certificate. The method further includes determining a new expiration date occurring after the first time and the second time and renewing the first digital certificate. An expiration date for the renewed first digital certificate is equal to the new expiration date. Moreover, the method includes renewing the second digital certificate. An expiration date for the renewed second digital certificate is equal to the new expiration date.
    Type: Grant
    Filed: December 23, 2009
    Date of Patent: June 13, 2017
    Assignee: Symantec Corporation
    Inventors: Quentin Liu, Kathleen Barnes, Richard F. Andrews
  • Patent number: 9678687
    Abstract: In an example, there is disclosed a computing apparatus, including a processor, including a trusted execution instruction set; a memory having an enclave portion, wherein the enclave is accessible only via the trusted execution instruction set; a swap file; and a memory management engine operable to: allocate a buffer within the enclave; receive a scope directive to indicate that the buffer is in scope; and protect the buffer from swapping to the swap file while the buffer is in scope. There is further disclosed an method of providing a memory management engine, and one or more computer-readable storage mediums having stored thereon executable instructions for providing the memory management engine.
    Type: Grant
    Filed: September 25, 2015
    Date of Patent: June 13, 2017
    Assignee: McAfee, Inc.
    Inventors: Carl D. Woodward, Venkata Ramanan Sambandam, Dmitri Rubakha