Access Control Patents (Class 726/27)
  • Patent number: 11507697
    Abstract: Provided herein are systems and methods for defining and securely sharing objects for use in preventing data breach or exfiltration. Memory may be configured to store a plurality of objects for use in preventing data breach or exfiltration. A validation engine can validate the objects, incorporate into each object an object identifier and a signature, and generate a subset of the objects for use by a first user. The validation engine can store, in the memory, the plurality of objects as a superset of objects corresponding to the generated subset. An evaluation engine may, responsive to identifying that one or more object identifiers and signatures in a received set of objects belong to the subset corresponding to the stored superset, verify whether any object in the received set has been tampered with.
    Type: Grant
    Filed: October 12, 2020
    Date of Patent: November 22, 2022
    Assignee: Digital Guardian LLC
    Inventors: Shreemathi Atreya, Niranjan Koduri, Wai Tung Yim, Emanoel Daryoush
  • Patent number: 11503019
    Abstract: A multiuser measurement system is provided. The multiuser measurement system may authenticate a specific user. When the user has been authenticated, user related data may be obtained from a memory. The user related data are stored in the memory in an encrypted manner, and the encrypted data are only decrypted after authenticating the user.
    Type: Grant
    Filed: December 3, 2019
    Date of Patent: November 15, 2022
    Assignee: Rohde & Schwarz GmbH & Co. KG
    Inventors: Florian Ramian, Johannes Steffens, Luke Cirillo
  • Patent number: 11496455
    Abstract: Systems and methods are disclosed for managing online advertising data secure sharing. One method includes receiving, at a server, a request for proprietary data from a data consumer, the request including a data consumer identifier; retrieving, from a database of proprietary data, proprietary data based on the request; determining, by the server, whether the retrieved proprietary data is at least one of: designated to be processed and designated to have privileges set; processing, by the server, the proprietary data when the server determines the proprietary data is designated to be processed; setting one or more privileges to the proprietary data using the certificate associated with the data consumer identifier when the server determines the proprietary data is designated to have privileges set; encrypting the proprietary data using the certificate associated with the data consumer identifier; and transmitting the encrypted proprietary data to the data consumer.
    Type: Grant
    Filed: March 31, 2020
    Date of Patent: November 8, 2022
    Assignee: Yahoo Ad Tech LLC
    Inventors: Matthew M. Patton, Seth Mitchell Demsey
  • Patent number: 11494139
    Abstract: Techniques are described for auditing print content during printer redirection in a virtual desktop. The ability to audit redirected print content allows an organization to pre-define certain sensitive data and to track whether print redirection requests in the virtual desktop environment contain any such sensitive data. If such sensitive data is contained in a printer redirection request, a file is generated containing information about the sensitive data, as well as a watermark that encodes information about the printer redirection request, such the user identifier of the user who initiated the print request and a timestamp of when the print request occurred. The generated file is transmitted to one or more registered recipients.
    Type: Grant
    Filed: July 16, 2021
    Date of Patent: November 8, 2022
    Assignee: VMware, Inc.
    Inventors: Hui Yuan, Weigang Huang, Hui Zhang, Mangui She, Kun Shi
  • Patent number: 11494766
    Abstract: Disclosed herein are computer-implemented methods, computer-implemented systems, and non-transitory, computer-readable media for managing transactions on blockchain networks. One of computer-implemented method includes obtaining, by a scheduling device on a blockchain network, transaction data including a plurality of original pending transactions to be executed on the blockchain network among a plurality of accounts, the transaction data being stored on the blockchain network. The scheduling device performs a consolidation analysis of the plurality of original pending transactions to determine a plurality of modified pending transactions among the plurality of accounts, and a number of the plurality of modified pending transactions is less than a number of the plurality of original pending transactions.
    Type: Grant
    Filed: February 14, 2020
    Date of Patent: November 8, 2022
    Assignee: Advanced New Technologies Co., Ltd.
    Inventors: Hui Fang, Yuan Yuan, Shengjiao Cao
  • Patent number: 11489839
    Abstract: Clustering-based machine learning is utilized to generate and update permissions data in a computing system. The computing system logs permissions-related user activity for users of the system over time. Feature vectors are generated for the users based on the logs, where each feature corresponds to a specific permission or permission-related operation of the system. A clustering-based learning algorithm analyzes the feature vectors and generates clusters of similar users based on their feature vectors. The permissions of the users may be updated to reflect attributes of the clusters to which they were assigned. For example, the clusters may be utilized to seed and/or update access control groups or other permissions-related user groups in the system. Or, some or all permissions not used by any users within a cluster over a recent period of time may be automatically removed from any user in the cluster.
    Type: Grant
    Filed: January 31, 2019
    Date of Patent: November 1, 2022
    Assignee: Salesforce, Inc.
    Inventors: Sneha Krishna Sankavaram, Hui Fung Herman Kwong
  • Patent number: 11481710
    Abstract: Data processing systems and methods, according to various embodiments, are adapted for mapping various questions regarding a data breach from a master questionnaire to a plurality of territory-specific data breach disclosure questionnaires. The answers to the questions in the master questionnaire are used to populate the territory-specific data breach disclosure questionnaires and determine whether disclosure is required in territory. The system can automatically notify the appropriate regulatory bodies for each territory where it is determined that data breach disclosure is required.
    Type: Grant
    Filed: December 6, 2021
    Date of Patent: October 25, 2022
    Assignee: OneTrust, LLC
    Inventors: Jonathan Blake Brannon, Andrew Clearwater, Brian Philbrook, Trey Hecht, Wesley Johnson, Nicholas Ian Pavlichek, Rajanandini Chennur
  • Patent number: 11475108
    Abstract: This Application describes devices, and techniques for using them, capable of providing a secure hardware backdoor for digital devices, thus allowing valid access to secure target device data without the owner's consent, while still assuring the owner's knowledge whenever any access has occurred, whether validly or not. Each target device's data is protected by maintaining protected data encrypted on the target device, maintaining encryption keys for protected data in a “secure enclave”, causing the secure enclave to generate secure data in response to a hardware trigger, the secure data being usable to provide access to the device, and providing relatively difficult yet achievable retrieval of the secure data with physical access to the target device, and using the secure data to access protected data on the target device, while also assuring that the target device's owner can determine when the secure data was retrieved.
    Type: Grant
    Filed: April 23, 2020
    Date of Patent: October 18, 2022
    Inventor: Stanton Kee Nethery
  • Patent number: 11470478
    Abstract: Secure communication in mobile digital pages is provided. The system receives an electronic document and validates the electronic document for storage in a cache server. The system receives a request for the electronic document and provides it to a viewer component on a client computing device. The viewer component loads the electronic document in an iframe. The viewer component executes a runtime component to receive, via a secure communication channel, a tag from the electronic document. The system receives the tag and selects a data value for transmission to the viewer component. The viewer components provides the data value to cause the runtime component to execute an action with the data value.
    Type: Grant
    Filed: August 27, 2019
    Date of Patent: October 11, 2022
    Assignee: GOOGLE LLC
    Inventors: Jay Akkad, Nikhil Rao, Anshul Gupta, David Wang, Ian Baker, Neil Dhillon
  • Patent number: 11457280
    Abstract: In one embodiment, a method receives a first bundle and a second bundle for a video based on metadata for the video. The method stores the second bundle with a dependency on the first bundle when the second bundle is associated with a first set of control data parameters found in the first bundle that control a first aspect of access to the video. The second bundle is stored with a second set of control data parameters to control a second aspect of access to the video. When the first bundle is selected, the method accesses the first set of control data parameters for the first bundle. When the second bundle is selected, the method accesses the first set of control data parameters in the first bundle via the dependency to the first bundle and the second set of control data parameters for the second bundle.
    Type: Grant
    Filed: September 4, 2019
    Date of Patent: September 27, 2022
    Assignee: HULU, LLC
    Inventors: Ling Lau, Brandon Lonac, Dallas Mahrt, Karthik Prasanna, Yingan Wang, Andres Rangel
  • Patent number: 11449875
    Abstract: Systems, methods, and apparatuses are described for an intelligent dashboard that allows interested parties to verify and validate relevant information on enterprises and their representatives. A servicing entity may provide an enterprise with a dashboard that includes select fields corresponding to information predicted to be useful to clients of the enterprise based on commercial characteristics of the enterprise and its client base. Fields may be populated with information previously available to the servicing entity, and with supplemental information acquired (manually or automatically) from the enterprise or from third party data sources. The enterprise may impose restrictions on which information is to be available to which clients, and the servicing entity may generate a code for use by clients to access the dashboard or certain information. The dashboard can allow clients to track the location of a representative and help validate the identify of a representative arriving at a client's location.
    Type: Grant
    Filed: January 12, 2018
    Date of Patent: September 20, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Ryan S. Alexander, Kristine Ing Kushner, Katherine Guse Jagoe, Steven E. Puffer, Eric E. Thompson, Paul Vittimberga
  • Patent number: 11449628
    Abstract: Systems and methods are provided for data security grading. An exemplary method for data security grading, implementable by a computer, may comprise receiving a request to access a query data field, searching for the query data field from a security level table, in response to finding the query data field from the security level table, obtaining from the security level table a security level corresponding to the query data field, and in response to not finding the query data field from the security level table, determining a security level corresponding to the query data field based at least on a lineage tree and the security level table. The lineage tree may trace the query data field to one or more source data fields, and the security data level table may comprise one or more security levels corresponding to the one or more source data fields.
    Type: Grant
    Filed: January 6, 2021
    Date of Patent: September 20, 2022
    Assignee: Beijing DiDi Infinity Technology and Development Co., Ltd.
    Inventors: Dong Li, Huaiyu Zhu, Jing Chen
  • Patent number: 11451525
    Abstract: An Internet-connected device, such as a car, refrigerator, or even a laptop can use a second device, such as a cell phone, to support cryptographic operations and communication with token service providers or other processing services requiring pre-provisioned capabilities that may include cryptographic secrets. By removing the need to store personally sensitive data in “Internet of Things” (IoT) devices, a user's personal information and other sensitive financial information may be contained to a relatively small number of devices. This may help prevent theft of goods or services by IoT devices that are not always under the close control of the user.
    Type: Grant
    Filed: March 30, 2020
    Date of Patent: September 20, 2022
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Hari Krishna Annam, Mohit Gupta, Soumendra Bhattacharya
  • Patent number: 11451531
    Abstract: A certificate obtaining method, an authentication method, and a network device, where a certificate is used for permission authentication when an application APP accesses an application programming interface (API) of a controller. The certificate includes one or more of: (a) information about operation permission of the APP on N application programming interfaces APIs of the controller, (b) identifiers of L APIs that are of the N APIs and that the APP has permission to operate, or (c) identifiers of R APIs that are of the N APIs and that the APP does not have permission to operate.
    Type: Grant
    Filed: June 28, 2019
    Date of Patent: September 20, 2022
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Dacheng Zhang, Tianfu Fu, Chong Zhou
  • Patent number: 11451542
    Abstract: A management apparatus managing access authority of a communication apparatus to access a resource, the management apparatus receives an authorization request for the access authority; transmits an authorization response generated based on information included in the authorization request; receives a verification request from a communication terminal obtained an operation transfer from the communication apparatus; transmits verification data to the communication terminal as a response to the verification request; accepts access by the communication terminal based on the verification data; and determines whether to permit or reject allocation of the access authority to the communication apparatus. In a case where a plurality of the verification requests are received, the verification data enabling collective instruction to allocate the access authority is transmit.
    Type: Grant
    Filed: January 16, 2020
    Date of Patent: September 20, 2022
    Assignee: CANON KABUSHIKI KAISHA
    Inventor: Hajime Iwase
  • Patent number: 11443022
    Abstract: A method for controlling access to a security module [of a mobile terminal by an application of the mobile terminal is described. The method includes sending by a current application of the mobile terminal a request to access the security module, said access request comprising the current identifier of an applet comprised in the security module. The operating system of the mobile terminal reads a look-up table comprising a set of access control rules, an access control rule comprising the identifier of an applet of the security module associated with a control value for an application of the mobile terminal, said access control rule indicating that said application of the mobile terminal is authorized to communicate with the applet of the security module.
    Type: Grant
    Filed: June 22, 2018
    Date of Patent: September 13, 2022
    Assignee: ORANGE
    Inventors: Alicia Filipiak, Saïd Gharout
  • Patent number: 11436365
    Abstract: Certain aspects of the present disclosure provide techniques for providing a compliance report of data processing to a governing authority. In order to adhere to a regulation of a governing authority, upon receiving the request for a compliance report, a data category and each processing capability category is extracted from a live data catalog service. Based on the extracted categories, a record of data processing is generated for each processing capability category associated with a data category. Further, based on the data category extracted, a compliance report template is retrieved. With the compliance report template and records of data processing, a compliance report is generated and provided to the governing authority.
    Type: Grant
    Filed: July 2, 2019
    Date of Patent: September 6, 2022
    Assignee: INTUIT, INC.
    Inventors: Calum Murray, Jacqueline Wilkosz, Victor Feinstein, Denise McInerney
  • Patent number: 11436300
    Abstract: A process for rendering a user interface for launching content for publication using a content management system (CMS), includes: providing, over a network, an editor application associated with the CMS, enabling editing of entities stored in the CMS, the editing includes authoring fields for each entity; providing, over the network, a launch application, wherein execution of the launch application renders the user interface for launching content for publication; receiving selection of a group of entities, via the user interface, the selection is for publishing the group of entities; and generating, responsive to the selection, an API call to the CMS, that triggers initiation of a validation process to validate each entity in the group of entities, wherein the validation process is executed in a draft entity store of the CMS that is created for said validation without requiring separate API calls for validating each entity in the group of entities.
    Type: Grant
    Filed: September 9, 2021
    Date of Patent: September 6, 2022
    Assignee: Contentful GmbH
    Inventors: Bruce Felt, Benjamin Keyser, Paolo Negri, Stephan Schneider, Thomas Spiesser
  • Patent number: 11429674
    Abstract: Provided are a computer program product, method, and system for determining data to redact in an object. Event messages for objects are received. Each event message includes at least one facet, each facet for an instance of data in an object resulting from deep data inspection of the object that is used to determine whether the instance of data should be redacted. The event messages are added to a message queue. Information is added to a database for each of the event messages include the at least one facet for an object in the event message. The database is queried to determine an object having a facet for an instance of data that indicates the instance of data is to be redacted. The instance of data is redacted in the determined object having the facet that indicates the instance of data is to be redacted data.
    Type: Grant
    Filed: November 15, 2018
    Date of Patent: August 30, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Joseph W. Dain, Nilesh P. Bhosale, Gregory T. Kishi
  • Patent number: 11431682
    Abstract: Systems, computer-implemented methods, and computer program products that can facilitate anonymizing a network based on factors including network attributes, node attributes, and edge attributes describing connections between nodes are described. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise an anonymizing component that can anonymize network information of the network based on a network attribute for a network and a node attribute of a first node of the network, resulting in an anonymized network.
    Type: Grant
    Filed: September 24, 2019
    Date of Patent: August 30, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Olivia Choudhury, Panagiotis Karampourniotis, Yoonyoung Park, Issa Sylla, Amarendra Das
  • Patent number: 11425571
    Abstract: A system including user device of a preset administrative user, a server, and a smart device. The user device sends a binding request for the smart device to the server, the binding request being used for instructing the server to bind the smart device. The server records an administrative permission for the administrative user to the smart device in the process of binding. When a near-field communication signal from any user is received, the smart device identifies the identity of the user; and when the user is determined as the administrative user, the smart device establishes a near-field communication connection with an electronic device of the user to allow the user to configure the smart device. With the technical solution of the present disclosure, a device may be configured based on software, and accordingly, security dangers of a physical key are eliminated while configuration operations are simplified.
    Type: Grant
    Filed: July 18, 2019
    Date of Patent: August 23, 2022
    Assignee: Alibaba Group Holding Limited
    Inventors: Bijun Zhu, Haijun Jia, Jiankang Sun
  • Patent number: 11424923
    Abstract: Aspects of the subject disclosure may include, for example, authenticating a user device based on communication over a data plane of a network, generating a decryption key, transmitting the decryption key to the user device, and transmitting encrypted content to the user device. The encrypted content may be accessible at the user device via the encryption key, potentially as a function of location and/or time. Other embodiments are disclosed.
    Type: Grant
    Filed: February 26, 2019
    Date of Patent: August 23, 2022
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Julius Mueller, Paul T. Crews
  • Patent number: 11418483
    Abstract: A user is provided with a GUI that may allow the user to change functionality associated with a non-battery-powered card, a battery-powered card, a payment sticker, or another device (e.g., a mobile telephonic device). Such functionality may cause a network entity to deliver transaction details to a processing facility. The processing facility may be implemented with processing zones for scrubbing personal information from the transaction details and providing sanitized information to third party applications that may utilize the sanitized information for value. Third-party applications may interact with the processing facility via zone-based APIs to promote third-party software development within the processing facility and to promote third-party communications with the processing facility. Each of the processing zones may enforce security contexts such that processing zones of equal security contexts may communicate with other, while processing zones of unequal security contexts may not.
    Type: Grant
    Filed: April 18, 2013
    Date of Patent: August 16, 2022
    Assignee: DYNAMICS INC.
    Inventors: Benjamin C. Cupp, Jonathan L. Beaver
  • Patent number: 11409902
    Abstract: Systems, methods, and apparatuses for providing a customer a central location to manage permissions provided to third-parties and devices to access and use customer information maintained by a financial institution are described. The central location serves as a central portal where a customer of the financial institution can manage all access to account information and personal information stored at the financial institution. Accordingly, the customer does not need to log into each individual third-party system or customer device to manage previously provided access to the customer information or to provision new access to the customer information. A user additionally is able to have user data and third-party accounts of the user deleted from devices, applications, and third-party systems via a central portal. Restrictions on how user data is used by devices, applications, and third-party systems can be imposed via a central portal.
    Type: Grant
    Filed: December 10, 2018
    Date of Patent: August 9, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Lila Fakhraie, Brian M. Pearce, Steven Pulido, Benjamin Soccorsy, James Stahley, Mojdeh Tomsich
  • Patent number: 11409900
    Abstract: Provided are a computer program product, method, and system for determining data to redact in an object. Event messages for objects are received. Each event message includes at least one facet, each facet for an instance of data in an object resulting from deep data inspection of the object that is used to determine whether the instance of data should be redacted. The event messages are added to a message queue. A determination is made of an event message in the message queue for an object having a facet for an instance of data that indicates the instance of data is to be redacted. Redaction is performed on the instance of data in the object in the determined event message having the facet indicating the instance of data is to be redacted data.
    Type: Grant
    Filed: November 15, 2018
    Date of Patent: August 9, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Joseph W. Dain, Nilesh P. Bhosale, Gregory T. Kishi
  • Patent number: 11411938
    Abstract: The technology disclosed herein provides a proof-of-work key wrapping system that uses integrated key fragments to cryptographically control access to data. An example method may include encrypting a first cryptographic key to produce a wrapped key, wherein the first cryptographic key enables a computing device to access content; determining a plurality of key fragments of a second cryptographic key, wherein the second cryptographic key is for decrypting the wrapped key and at least one of the plurality of key fragments is derived using one of the key fragments as input; selecting a set of cryptographic attributes for deriving the plurality of key fragments, wherein the set of cryptographic attributes are selected in view of a characteristic of the computing device; and providing the wrapped key and the set of cryptographic attributes to the computing device, the set of cryptographic attributes facilitating determination of the second cryptographic key.
    Type: Grant
    Filed: August 19, 2019
    Date of Patent: August 9, 2022
    Assignee: Red Hat, Inc.
    Inventors: Michael Hingston Mclaughlin Bursell, Nathaniel Philip McCallum, Peter M. Jones, John David Strunk
  • Patent number: 11403410
    Abstract: Methods for securing image, video and/or audio media data captured by a media recording device are disclosed. Various embodiments may include determining whether media data captured by the media recording device should be secured in response to the media recording device activating a media recording application, obtaining an encryption key in response to determining that media data captured by the media recording device should be secured, encrypting media data (e.g., image, video and/or audio data) captured by the media recording device using the obtained encryption key, and storing the encrypted media data. In some embodiments, determining that media data should be secured and obtaining the encryption key may be based on user inputs in response to prompts. In some embodiments, determining that media data should be secured may be based on whether the media recording device satisfies a geo-location criterion and the encryption key may be provided by a server.
    Type: Grant
    Filed: February 3, 2020
    Date of Patent: August 2, 2022
    Assignee: QUALCOMM Incorporated
    Inventors: Uday Kumar Arava, Mohammed Javid, Karthik Kannan
  • Patent number: 11403424
    Abstract: To enable a user himself/herself who is the owner of management data of a P2P database to disclose data while maintaining authenticity of the data. An information processing apparatus is provided including a creation unit that creates public data by using management data of a P2P database, and a registration control unit that controls registration of the public data to the P2P database, on the basis of first identification information that uniquely identifies the management data.
    Type: Grant
    Filed: July 18, 2018
    Date of Patent: August 2, 2022
    Assignee: SONY CORPORATION
    Inventors: Koki Takahashi, Masaaki Isozu, Kazuhiro Watanabe
  • Patent number: 11403403
    Abstract: A secure processing engine and method configured to protect a computing system are provided. The system includes a first processor configured to provide real-time protection to at least processes executed over the main processor of the protected computing system; and a direct memory access (DMA) configured to provide an access to a main memory of the main processor, wherein the first processor is coupled to the DMA and further configured to monitor the at least processes by accessing the main memory via the DMA; wherein the first processor operates in an execution environment in complete isolation from an execution environment of the main processor.
    Type: Grant
    Filed: April 13, 2020
    Date of Patent: August 2, 2022
    Assignee: KAMELEONSEC LTD.
    Inventors: Yigal Edery, Jorge Myszne, Efi Sasson, Ido Naishtein
  • Patent number: 11399243
    Abstract: A method performed by a fitting device, the fitting device being a part of a hearing system configured for remotely configuring a hearing device, the method includes: obtaining hearing device data comprising a hearing device identifier of the hearing device; obtaining a session key; generating a configuration initiation request based on the session key and the hearing device identifier; transmitting the configuration initiation request to a server device; receiving a configuration initiation response from the server device, the configuration initiation response comprising configuration keying material; generating a configuration package based on configuration data for the hearing device and based on the configuration keying material, the configuration package comprising configuration package data; and transmitting the configuration package to the server device.
    Type: Grant
    Filed: January 18, 2021
    Date of Patent: July 26, 2022
    Assignee: GN HEARING A/S
    Inventor: Allan Munk Vendelbo
  • Patent number: 11394555
    Abstract: A mobile terminal privacy protection method includes obtaining an application start instruction, actively obtaining a biometric feature of a user according to the application start instruction, and displaying an encrypted content list and an unencrypted content list of a corresponding application if the obtained biometric feature of the user matches a preset biometric feature. The encrypted content list of the application is generated according to encrypted content in the application, the unencrypted content list of the application is generated according to unencrypted content in the application, and the encrypted content in the application is content that is not presented when the obtained biometric feature of the user does not match the preset biometric feature.
    Type: Grant
    Filed: July 12, 2019
    Date of Patent: July 19, 2022
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Tengyue Li, Zijun Li, Haoying Zhu
  • Patent number: 11392720
    Abstract: A system and method for determining consent user interface validity for a provided consent user interface of a web form presenting consent information, comprising: accessing a consent user interface presented on a web form; determining one or more configuration attributes of the consent user interface; accessing one or more privacy regulations associated with presenting consent information; comparing the one or more configuration attributes of the consent user interface to each of the one or more privacy regulations; determining whether the consent user interface is compliant with each of the one or more privacy regulations; and in response to determining that the consent user interface is not compliant with one or more privacy regulations, flagging the consent user interface.
    Type: Grant
    Filed: May 11, 2020
    Date of Patent: July 19, 2022
    Assignee: OneTrust, LLC
    Inventors: Jonathan Blake Brannon, Casey Hill
  • Patent number: 11386223
    Abstract: Systems, methods, and apparatuses for providing a customer a central location to manage permissions provided to third-parties and devices to access and use customer information maintained by a financial institution are described. The central location serves as a central portal where a customer of the financial institution can manage all access to account information and personal information stored at the financial institution. Accordingly, the customer does not need to log into each individual third-party system or customer device to manage previously provided access to the customer information or to provision new access to the customer information. A user additionally is able to have user data and/or third-party accounts of the user deleted from devices, applications, and third-party systems via a central portal.
    Type: Grant
    Filed: November 29, 2018
    Date of Patent: July 12, 2022
    Assignee: WELLS FARGO BANK, N.A.
    Inventors: Lila Fakhraie, Brian M. Pearce, Steven Pulido, Benjamin Soccorsy, James Stahley, Mojdeh Tomsich
  • Patent number: 11379622
    Abstract: A server device for managing privilege delegation to control execution of commands thereon is described. Execution of a command, according to first privileges, by a remote management (RM) server on the server device is requested from a RM client on a client device. An agent plug-in, chained to a command execution plug-in of the RM server, intercepts the request and forwards related information to an agent service cooperating with an operating system of the server device. The agent service determines whether to execute the command according to second privileges, different from the first privileges and if permitted, delegates the second privileges to the command, and causes, via the agent plug-in chained to the command execution plug-in, the command to be executed according to the second privileges.
    Type: Grant
    Filed: January 28, 2019
    Date of Patent: July 5, 2022
    Assignee: AVECTO LIMITED
    Inventors: John Goodridge, Thomas Couser
  • Patent number: 11379828
    Abstract: An example operation may include one or more of constructing a transaction proposal, by a computing system, wherein inputs to the transaction proposal are named using a blockchain naming system (BNS) that comprises ledger state addressing, oracles for addressing external data values, and user state addressing, the BNS providing a standard mechanism to name all blockchain resources using a universal resource indicator (URI).
    Type: Grant
    Filed: August 30, 2018
    Date of Patent: July 5, 2022
    Assignee: International Business Machines Corporation
    Inventors: Andrew J. Coleman, Anthony J. O'Dowd
  • Patent number: 11368517
    Abstract: The current document is directed a resource-exchange system that facilitates resource exchange and sharing among computing facilities. The currently disclosed methods and systems employ efficient, distributed-search-based auction methods and subsystems within distributed computer systems that include large numbers of geographically distributed data centers to locate resource-provider computing facilities that match the resource needs of resource-consumer computing facilities. Multiple security methods and subsystems are employed to prevent unauthorized access to resource-exchange-system services, to secure resource-exchange-system-participant data from unauthorized access, and to prevent hosted virtual machines and other hosted computational entities from interfering with operation of native virtual machines and other native computational entities within hosting resource-provider computing facilities.
    Type: Grant
    Filed: December 5, 2017
    Date of Patent: June 21, 2022
    Assignee: VMware, Inc.
    Inventors: Daniel James Beveridge, Ricky Trigalo, Jivan Madtha, Anil Sharma, Joerg Lew
  • Patent number: 11362927
    Abstract: A switch and a Frame Capture Managing Module (FCMM) for managing Ethernet frames. The FCMM receives a request for capturing Ethernet frames at a network interface of the switch. The request comprises an identity of the network interface and information relating to a second filter indicating Ethernet frames for monitoring by the network node. The FCMM sends to the switch, a configuration comprising the identity of the network interface of the switch, an indication about a first multicast channel, and information relating to a first filter. The FCMM sends a response comprising a second multicast channel relating to the first multicast channel. Furthermore, the switch receives a request for receiving Ethernet frame sent to the first multicast channel. The switch filters, by use of the first filter, received Ethernet frames into a collection of Ethernet frames. The switch sends the collection of Ethernet frames on the first multicast channel.
    Type: Grant
    Filed: June 30, 2020
    Date of Patent: June 14, 2022
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventor: Niclas Nors
  • Patent number: 11354445
    Abstract: A database server (e.g., a replica) generates a local checksum from a sequence of database operations and contributes the sequence of operations and the local checksum to a shared log of a distributed database. Additional database servers, similarly, generate local checksums. A checksum replica agent determines a first ordering of database operations of a first database server of a database, determines a second ordering of database operations of a second database server of the database; determines whether a third ordering of database operations that is based at least in part on the first ordering and the second ordering is valid. In an embodiment, a checksum replica agent generates a global checksum over the third ordering. Checksums, in an embodiment, are digitally signed and/or encrypted.
    Type: Grant
    Filed: October 28, 2019
    Date of Patent: June 7, 2022
    Assignee: Amazon Technologies, Inc.
    Inventor: Jasmeet Chhabra
  • Patent number: 11356456
    Abstract: Embodiments are directed to techniques for constructing, configuring, triggering, and executing various types of multi-party pipelines that access and/or use a shielded asset required to exist or execute within a data trustee environment. Generally, authorized participants can build upon template data privacy pipelines and other shielded assets to create other pipelines. Building blocks such as entitlements, cross-environment pipelines, and/or shielded assets governed by various collaborative intelligence contracts can be used to construct more complicated pipelines that may include any number of data privacy pipelines, cross-environment pipelines, input datasets, computational steps, output datasets, permissible queries, participants, and/or governing collaborative intelligence contracts.
    Type: Grant
    Filed: January 7, 2020
    Date of Patent: June 7, 2022
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Tomer Turgeman, Yisroel Gershon Taber, Lev Rozenbaum, Ittay Levy Ophir, Nerya Cohen
  • Patent number: 11348681
    Abstract: Systems and methods are disclosed for providing interactive handoff protocol user interfaces. In one embodiment, a computerized system may comprise a memory storing instructions, and a processor of a first electronic device. The processor may be configured to receive a pick-up request from a second electronic device, receive an acceptance indication for the pick-up request via an input device, provide a GUI prompting a scan of an identification tag on an individual, the GUI including at least one button in a non-selectable state, capture an image of the identification tag using the first electronic device, determine an identity of the individual based on the captured identification tag image, compare the determined identity to an identity in the received pick-up request, and modify the at least one button to a selectable state, wherein selection of the at least one button advances a handoff protocol for the individual.
    Type: Grant
    Filed: October 15, 2019
    Date of Patent: May 31, 2022
    Assignee: TeleTracking Technologies, Inc.
    Inventors: Raghen Morrow, Deepak Bhurani, Jamie Slater, Patrick Sharbaugh, Vipul Sinha
  • Patent number: 11347873
    Abstract: Various examples are directed to a cloud platform system that comprises a plurality of cloud platform deployments including a first cloud platform deployment implemented at a first geographic region and a second cloud platform deployment implemented at a second geographic region. An access manager system receives from a user computing device, a user logon request identifying a user. The access manager system also receives, from an identity provider system, group data associated with the user logon request, the group data indicating a first group to which the user belongs. The access manager system determines that a subaccount access map correlates the first group to a first subaccount that is implemented at the first cloud platform deployment. The access manager system also provides the user computing device an indication that the user is authorized to access the first subaccount.
    Type: Grant
    Filed: September 20, 2019
    Date of Patent: May 31, 2022
    Assignee: SAP SE
    Inventor: Peter Eberlein
  • Patent number: 11341092
    Abstract: Systems and methods for a multitenant computing platform. Original data is generated through operation of a computing platform system on behalf of an account of the computing platform system, and the original data is moderated according to a data retention policy set for the account. The moderated data is stored at the computing platform system. The computing platform system moderates the generated data by securing sensitive information of the generated data from access by the computing platform system, and providing operational information from the generated data. The operational information is accessible by the computing platform system during performance of system operations.
    Type: Grant
    Filed: June 5, 2020
    Date of Patent: May 24, 2022
    Assignee: Twilio Inc.
    Inventors: Adam Ballai, Timothy S. Milliron
  • Patent number: 11341255
    Abstract: A document management system having context-based access control and related methods are provided. The document management system determines whether to perform user authentication based on derived context-information comprising one or a combination of derived user-context parameters and document-context parameters that provide additional context to document access requests.
    Type: Grant
    Filed: July 11, 2019
    Date of Patent: May 24, 2022
    Assignee: BlackBerry Limited
    Inventors: Andrew James Malton, Andrew Eric Walenstein, Kyle Jeffrey Owen Quintal, Melike Erol Kantarci, Burak Kantarci
  • Patent number: 11336678
    Abstract: Application security analysis including systems and methods for analyzing applications for risk is provided. In an example method, the applications reside on a mobile device configurable to access an enterprise system. The example method includes evaluating each of a plurality of applications variously for privacy, data leakage, and malicious behavior. The example method also includes calculating a risk score for each of the plurality of applications based on the evaluating; and automatically remediating (e.g., quarantining) the applications, of the plurality of applications, for which the risk score meets or exceeds a risk score threshold. The method may evaluate all of the applications residing on a mobile device. The method may include grouping application behaviors, for each of the applications, that indicate an increased risk into groups comprising two or more of privacy risk, a data leakage risk, an account takeover risk, a device takeover risk, and a malware risk.
    Type: Grant
    Filed: December 30, 2019
    Date of Patent: May 17, 2022
    Assignee: Proofpoint, Inc.
    Inventors: David Alexander Jevans, Suresh Kumar Basandra
  • Patent number: 11323561
    Abstract: A communication system mitigating the risk of an incoming spoofed caller. The method involves issuing a token or a digital certificate to each network connection of a user, such as to each member of a social media platform to which the user is connected. The method includes determining a validity of the token or certificate of the network connection with a receiving party, which may be performed in response to searching and identifying the receiving party by a calling party. The method includes transmitting a message to the receiving party by the calling party in response to the validity confirmation of the token or the digital certificate. A message is transmitted that includes a calling identifier to be displayed to provide calling ID to the receiving party and a time of the intended call. The message may provide connection details, mutual connections, and historical events with the calling party.
    Type: Grant
    Filed: September 25, 2020
    Date of Patent: May 3, 2022
    Assignee: Mitel Networks (International) Limited
    Inventors: Radovan Prodanovic, Logendra Naidoo
  • Patent number: 11323275
    Abstract: A method includes receiving, by a computing device, a message from a host device. In response to receiving the message, the computing device generates an identifier, a certificate, and a key. The identifier is associated with an identity of the computing device, and the certificate is generated using the message. The computing device sends the identifier, the certificate, and the key to the host device. The host device verifies the identity of the computing device using the identifier, the certificate, and the key.
    Type: Grant
    Filed: March 25, 2019
    Date of Patent: May 3, 2022
    Assignee: Micron Technology, Inc.
    Inventors: Antonino Mondello, Alberto Troia
  • Patent number: 11316863
    Abstract: Embodiments are directed to techniques for constructing, configuring, triggering, and executing various types of multi-party pipelines that access and/or use a shielded asset required to exist or execute within a data trustee environment. Generally, authorized participants can build upon template data privacy pipelines and other shielded assets to create other pipelines. Building blocks such as entitlements, cross-environment pipelines, and/or shielded assets governed by various collaborative intelligence contracts can be used to construct more complicated pipelines that may include any number of data privacy pipelines, cross-environment pipelines, input datasets, computational steps, output datasets, permissible queries, participants, and/or governing collaborative intelligence contracts.
    Type: Grant
    Filed: January 7, 2020
    Date of Patent: April 26, 2022
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Tomer Turgeman, Yisroel Gershon Taber, Lev Rozenbaum, Ittay Levy Ophir, Nerya Cohen
  • Patent number: 11316805
    Abstract: A method and an apparatus for transmitting a message in an electronic device are provided. The method for transmitting a hidden message includes displaying one or more hiding frames in an input message display area of a display, and transmitting a message including information on the hiding frame.
    Type: Grant
    Filed: August 24, 2020
    Date of Patent: April 26, 2022
    Assignee: Samsung Electronics Co., Ltd.
    Inventor: Choel-Hwi Kwon
  • Patent number: 11307930
    Abstract: A distributed storage network method begins by determining an encoded data slice to rebuild, determining a storage set of distributed storage units associated with the encoded data slice to rebuild, determining an historical performance level of each distributed storage unit of the storage set of distributed storage units, determining an estimated performance level of each distributed storage unit of the storage set of distributed storage units, selecting at least a decode threshold number of distributed storage units of the storage set of distributed storage units to produce selected distributed storage units, determining an encoded data slice partial aggregation scheme for the selected distributed storage units, sending encoded data slice partial request messages to the selected distributed storage units, and receiving encoded data slice partial response messages and extracting encoded data slice partials from the encoded data slice partial response messages to rebuild or verify the encoded data slice.
    Type: Grant
    Filed: October 9, 2020
    Date of Patent: April 19, 2022
    Assignee: PURE STORAGE, INC.
    Inventors: Thomas F. Shirley, Jr., Greg R. Dhuse, Jason K. Resch
  • Patent number: 11308195
    Abstract: Embodiments of the present disclosure relate to electronic lockout of a client device, specifically to managing electronic lockout of a client device associated with a claim process via a device protection program management system and third-party provider. In this regard, embodiments herein may process various data associated with determining whether to authorize a claim under a device protection program, and cause initiation of and/or termination of an electronic lockout of a client device depending on received data and/or lack of received data. In this regard, example embodiments include receiving a device claim request indication associated with a client device, where the client device is associated with a functionality lockout state; initiating a claim associated with the client device; causing initiation of an electronic lockout of the client device; processing the claim to determine whether to authorize the claim; and causing updating of the electronic lockout based on the determination.
    Type: Grant
    Filed: January 16, 2020
    Date of Patent: April 19, 2022
    Assignee: ASSURANT, INC.
    Inventors: Maria Manduley, Charles Daniel Cartwright, Gilberto Jose Almonte, Jr.