By Authorizing User Patents (Class 726/28)
  • Patent number: 11516000
    Abstract: An example operation may include one or more of receiving a location of an output stored on a data structure of a blockchain, where the location comprises a path of hashes generated by a reduced-step hash instead of a full-step hash of the blockchain, performing an approximate hash verification on the path of hashes based on the reduced-step hash values to verify whether the output is unused, and in response to a determination that the output is unused as a result of the approximate hash verification, approving a use of the output by a client associated with the output.
    Type: Grant
    Filed: May 29, 2019
    Date of Patent: November 29, 2022
    Assignee: International Business Machines Corporation
    Inventor: Praveen Jayachandran
  • Patent number: 11516200
    Abstract: Techniques are described for controlling data and resource access. For example, methods and systems can facilitate controlled token distribution across systems and token processing in a manner so as to limit access to and to protect data that includes access codes.
    Type: Grant
    Filed: July 13, 2020
    Date of Patent: November 29, 2022
    Assignee: Live Nation Entertainment, Inc.
    Inventors: Phillip Volini, John Raymond Werneke, Carl Schumaler, Michael Smith, Frank Giannantonio, Vito Iaia, Sean Moriarty
  • Patent number: 11516196
    Abstract: Systems, methods, and non-transitory computer-readable media can obtain respective instances of verification information can be obtained from computing systems associated with a plurality of third-party vendors, wherein a computing system associated with a third-party vendor determines verification information based at least in part on an analysis of an identification document provided by a user to be authenticated. The respective instances of verification information can be interpreted, wherein interpreting an instance of verification information comprises assigning respective states to attribute fields included in the verification information. A set of interpreted instances of verification information can be evaluated in combination to determine whether to authenticate the user, wherein the set includes an interpreted instance of verification information from each of the plurality of third-party vendors.
    Type: Grant
    Filed: September 30, 2019
    Date of Patent: November 29, 2022
    Assignee: Meta Platforms, Inc.
    Inventors: Maximilian Francis Barrows, Phillip Gordon Hodgson, Jason George McHugh
  • Patent number: 11502853
    Abstract: A trust relationship may be established between a host system and a storage system. An asymmetric key pair including a private key unique to a host system and a public key may be generated. During provisioning of the host system to the storage system, the host system may send the public key to the storage system. The storage system may be configured to record the public key for the host system, for example, in a masking table that defines I/O connectivity for logical storage units between a host system and the storage system. The public key may be used later to validate the host system to the storage system. The private key may be stored on the host system and be unreadable, or may be encrypted with an unreadable encryption key stored on the host system.
    Type: Grant
    Filed: August 2, 2019
    Date of Patent: November 15, 2022
    Assignee: EMC IP Holding Company LLC
    Inventors: Arieh Don, Elie Antoun Jreij
  • Patent number: 11496424
    Abstract: Systems and methods for sharing authentication information are provided. The systems and methods include generating, with a messaging application, a media item using a camera of a client device; identifying a target application that has been authorized by the messaging application to share authentication information with the messaging application; generating a share option associated with the media item for display in a graphical user interface of the messaging application; and in response to receiving a user selection of the share option, enabling the target application to access the media item.
    Type: Grant
    Filed: June 3, 2021
    Date of Patent: November 8, 2022
    Assignee: Snap Inc.
    Inventors: Charles Burson DePue, Patrick Mandia
  • Patent number: 11496321
    Abstract: Embodiments disclosed herein provide a method that includes receiving, at a client-side web browser, a minimal bootstrap payload from an application server; storing, by a client-side processor, the minimal bootstrap payload in a client-side local cache, where the locally cached minimal bootstrap payload is executed by the client-side processor before executing an application from the application server; the minimal bootstrap payload includes at least one public key and at least one Uniform Resource Location (URL) address of an application code payload.
    Type: Grant
    Filed: August 20, 2020
    Date of Patent: November 8, 2022
    Assignee: Cyph, Inc.
    Inventors: Ryan Lester, Jann Horn, Bryant Zadegan
  • Patent number: 11494476
    Abstract: Example systems and methods for biometric authentication that can bridge fuzzy extractors with deep learning and achieve the goals of preserving privacy and providing recoverability from zero are disclosed. Embeddings comprising a face or speaker embedding in a non-Hamming distance space can be processed to create a personal reliable bit map and a reliable locality-sensitive hash (LSH) for mapping the non-Hamming distance space to a Hamming distance space. A fuzzy extractor can be applied to create metadata that can be stored on a computing device. A secret can be recovered from the metadata and can be used for identification.
    Type: Grant
    Filed: April 12, 2019
    Date of Patent: November 8, 2022
    Assignee: GEORGIA TECH RESEARCH CORPORATION
    Inventors: Pak Ho Chung, Wenke Lee, Erkam Uzun, Carter Yagemann
  • Patent number: 11489846
    Abstract: A system, method, and computer-readable medium are disclosed for performing a event risk severity score generation operation.
    Type: Grant
    Filed: September 4, 2020
    Date of Patent: November 1, 2022
    Assignee: Forcepoint LLC
    Inventors: Assaf Almaz, Ofir Arkin
  • Patent number: 11483166
    Abstract: The proposed authentication method is based on a secret convention between the service and the user. This convention is defined on the basis of a random choice of elementary algorithmic blocks from a collection of elementary algorithmic blocks during the enrolment phase of the user. During authentication, the user uses the convention by applying it to a challenge presented by the service in order to determine a response. The algorithmic blocks are chosen such that they can be memorised by the user. As a result of the diversity of these bricks and the combinatorics behind the conventions, the number of possible conventions is very high, making it virtually impossible for an attacker to guess the convention.
    Type: Grant
    Filed: November 19, 2018
    Date of Patent: October 25, 2022
    Assignee: HIASECURE
    Inventor: Arnaud Olivier
  • Patent number: 11483141
    Abstract: A key broker monitors network traffic metadata and determines which decryption keys are required at one or more packet brokers in order to decrypt relevant traffic required by various network monitoring devices. The key broker retrieves the required keys from a secure keystore distributes them, as needed, to the network packet brokers, and dynamically updates the decryption keys stored in the network packet brokers in response to changes in network traffic.
    Type: Grant
    Filed: June 3, 2020
    Date of Patent: October 25, 2022
    Assignee: Capital One Services, LLC
    Inventors: John Watson, Christopher Roosenraad, Peter P. Kofira, Travis Scheponik, Aaron Eppert
  • Patent number: 11481506
    Abstract: An information processing system includes a first management unit that manages assignment of authority to use a second service to a first user registered for a first service in the individual unit on a user side receiving provision of the first service, and a second management unit that manages a second user having authority to use the second service on a provider side providing the second service, in which the second management unit acquires information regarding the first user not assigned with the authority to use the second service, from the first management unit.
    Type: Grant
    Filed: December 4, 2018
    Date of Patent: October 25, 2022
    Assignee: FUJIFILM Business Innovation Corp.
    Inventor: Yasuyuki Higuchi
  • Patent number: 11483302
    Abstract: Systems, methods and computer program products for controlling access to data owned by an application subscriber using two-factor access control and user partitioning are disclosed. In one embodiment, applications are executed on a multi-tenant application platform in which user partitions designate associated users and authentication services for those users. Tenants may subscribe to the applications and may allow access to the subscriptions through designated entry points. Users that are authenticated according to the corresponding user partition and access the application through the designated entry point are allowed to access the application through the tenant's subscription.
    Type: Grant
    Filed: September 21, 2021
    Date of Patent: October 25, 2022
    Assignee: OPEN TEXT SA ULC
    Inventors: Jody Hupton Palmer, Nicholas Edward Scott
  • Patent number: 11483289
    Abstract: A gateway device (10) stores therein a first filtering rule and a second filtering rule for filtering packets which are transmitted from a terminal (20) in a network (2) as a transmission source to a terminal (20) in a network (3) as a destination. The gateway device (10) acquires, on the basis of a packet transmitted from the terminal (20) in the network (3), identification information for identifying the terminal (20). The gateway device (10) notifies a management device (30) of the acquired identification information. The management device (30) generates a management screen on the basis of the notified information, and transmits the management screen to a display device (40). The management device (30) transmits an instruction based on input to the display device (40) to the gateway device (10). The gateway device (10) sets the first filtering rule on the basis of the instruction from the management device (30).
    Type: Grant
    Filed: February 26, 2019
    Date of Patent: October 25, 2022
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Shingo Kashima, Masami Ueno, Tetsuhiko Murata, Tsuyoshi Kondo
  • Patent number: 11475514
    Abstract: The described financial institution computing system provides services to customers through an application programming interface (“API”). The services include user identification services to customers. The user identification services allow the customers to verify the identity of users as non-fraudulent users. Further the user identification services allow the financial institution to provide known user information to the customers for purposes of prepopulating registration forms, completing transactions, and the like. Further services, such as user account validation services, payment services, and the like are also possible through the financial institution APIs. In some situations, users are registered with the financial institution. For example, a user may also be an account holder with the financial institution. In other situations, the users are not registered with the financial institution.
    Type: Grant
    Filed: May 3, 2021
    Date of Patent: October 18, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Bipin M. Sahni, Nikolai Stroke
  • Patent number: 11468169
    Abstract: An information handling system includes a host processing system, first and second data storage devices having respective first and second data storage capacities, and a license manager. The license manager implements a first license, receives a second license, and implements the second license without rebooting the information handling system. The first license defines a first configuration where the first data storage device is visible and the first data storage capacity is available to the host processing system, and the second data storage device is not visible and the second data storage capacity is not available to the host processing system. The second license defines a second configuration where both data storage devices are and both data storage capacities are available to the host processing system.
    Type: Grant
    Filed: April 28, 2021
    Date of Patent: October 11, 2022
    Assignee: Dell Products L.P.
    Inventors: Wei G Liu, Austin Bolen
  • Patent number: 11470477
    Abstract: The present disclosure generally relates to apparatus, software and methods for thwarting radio spoofing techniques by requiring and sending data from multiple radios positioned such that the receiving client can determine that it came from multiple spatially separated radios due to the Angle of Arrival of each radio's signal.
    Type: Grant
    Filed: August 16, 2019
    Date of Patent: October 11, 2022
    Assignee: Cable Television Laboratories, Inc.
    Inventors: John C. Bahr, David Daniel Smith
  • Patent number: 11468190
    Abstract: Application programming interfaces (API) are provided for notebook settings, for example, classroom notebook settings. The APIs allow for a teacher or other user of a class notebook to manage permissions to the class notebooks, and particularly allow for fine control over parts of the class notebook through a class notebook application. An API for generating a guest access link is provided. APIs for creating permission groups for a collaboration space are provided. A post permission API is provided that creates or updates the permission for a section group. A get permission API is provided that retrieves permission information of a section group. A delete permission API is provided that removes permission for a user of a section group.
    Type: Grant
    Filed: November 19, 2020
    Date of Patent: October 11, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Suleiman Jabbouri, Michael E. Tholfsen, Jason Silvis, Jorge A. Lara Garduno, Nicolas Saul
  • Patent number: 11463427
    Abstract: Technologies for token-based access authorization to an application program interface (API) include an access management server to receive a service request message from an application executed by a remote computing device. The service request message includes a digitally signed license token previously generated by the access management server and distributed to the remote computing device. The service request message also includes a request from the executed application to access data or a service of the resource server via an exposed API. The access management server verifies the digital signature of the digitally signed license token and generates a digitally signed Security Assertion Markup Language (SAML) token. The digitally signed SAML token is transmitted to the resource server for verification and local caching. The resource server receives the service request message and determines whether access to the requested data or service is authorized based on the locally-cached SAML token.
    Type: Grant
    Filed: January 21, 2021
    Date of Patent: October 4, 2022
    Assignee: Worldpay, LLC
    Inventor: Scott Edward Blasi
  • Patent number: 11461481
    Abstract: Security enhancement herein primarily relate to digital code undergoing a first fortification protocol by which a digital package is prepared, a secure execution environment being configured for use with the package at or via a source facility, and at least some of the package being executed in in the secure execution environment at a destination facility. Such enhanced configurations may arrive to or from a remote facility, for example, without a concomitant loss of performance.
    Type: Grant
    Filed: June 3, 2022
    Date of Patent: October 4, 2022
    Assignee: Polyverse Corporation
    Inventor: Alexander Gounares
  • Patent number: 11463416
    Abstract: Devices, systems, and methods are provided detecting personal information in cloud-based infrastructure configuration. A method may include sending, by a computer-based system, a first request to a first service associated with the computer-based system, the first request associated with first application programming interface (API) call data. The method may include receiving the first API call data from the first service. The method may include determining, based on the first API call data, first data associated with the first service, and determining that the first data includes personal information. The method may include sending a message to a device, the message indicative of the personal information. The method may include receiving a second request to modify the first data, and modifying the first data based on the second request.
    Type: Grant
    Filed: December 13, 2019
    Date of Patent: October 4, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Kevin Ashman, Charles Andrew Schuetz
  • Patent number: 11457006
    Abstract: Aspects of the present disclosure provide for systems and methods to automatically load security access files and/or keys on a local digital controller serving subscriber communication equipment, but are not so limited. A disclosed system operates to use a deployment manager as part of auto-loading security access files and/or keys on a local digital controller serving subscriber communication equipment. A disclosed method operates in part to auto-load security access files and/or keys on a local digital controller serving subscriber communication equipment.
    Type: Grant
    Filed: November 23, 2020
    Date of Patent: September 27, 2022
    Assignee: Cox Communications, Inc.
    Inventors: Steven Blake James, Anthony Paul Davis, Jose Ignacio Gonzalez, Nick Anthony Sargent, Jeffrey Alan Bergstedt
  • Patent number: 11455417
    Abstract: Embodiments of the present specification disclose data processing methods, apparatuses, and devices. One method comprises: obtaining an acquisition request for target data of a data owner; determining a trusted application (TAPP) for generating the target data based on decentralized identifier document (DID Doc) information of the data owner in response to the acquisition request; sending, to the TAPP, a target data generation request to use the TAPP to process data of the data owner obtained from a trusted institution; and receiving a processing result from the TAPP in response to the target data generation request.
    Type: Grant
    Filed: June 16, 2021
    Date of Patent: September 27, 2022
    Assignee: Alipay (Hangzhou) Information Technology Co., Ltd.
    Inventors: Renhui Yang, Shubo Li, Yuan Chen, Wenyu Yang, Qin Liu
  • Patent number: 11449187
    Abstract: A lockscreen display control method can be applied to an electronic device and include: when the electronic device has a bright screen in a lockscreen state, a transparent lockscreen window is drawn by using a lockscreen service, and a lockscreen wallpaper process is launched; an activity instance of the lockscreen wallpaper process is created, and an attribute of the activity instance is set to be always on top; a device orientation of the electronic device is monitored by using the activity instance to acquire an orientation parameter; and according to the orientation parameter, a wallpaper displayed under the lockscreen window is adjusted, and the wallpaper is controlled to dynamically display under the lockscreen window.
    Type: Grant
    Filed: December 20, 2020
    Date of Patent: September 20, 2022
    Assignee: BEIJING XIAOMI MOBILE SOFTWARE CO., LTD.
    Inventors: Haoran Wang, Jianjiang Qu
  • Patent number: 11444893
    Abstract: Disclosed are example machine-learning approaches for determining maturity metrics of chatbot users. One or more datasets with words used during past conversations between a chatbot and a set of users with known maturity metrics are generated. A machine learning model is trained by applying machine learning to the one or more datasets such that the machine learning model is trained to output maturity metrics based on words received as inputs. A set of words or phrases spoken or written by the user during a conversation is fed to the machine learning model to determine a maturity metric of the user. A response is identified based on the determined maturity metric, and the response is presented during the conversation with the user. Words and phrases of a user conversing with a chatbot are used to determine the user's age or another maturity metric to generate responses that enhance the user experience.
    Type: Grant
    Filed: December 13, 2019
    Date of Patent: September 13, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventor: Ravikant V. Kalluri
  • Patent number: 11438329
    Abstract: An authenticated data transfer system may include generating, after entry of one or more processors of a transmitting device into a communication field, a link, the link comprising a near field communication data exchange format uniform resource locator including identifier data and user data; transmitting, to a first application comprising instructions for execution on a first device, the link to initiate data transfer; authenticating a user associated with the first device by activating one or more actions based on the link; transmitting one or more requests for confirmation of quantity and recipient data associated with the data transfer; receiving one or more notifications that are based on the one or more requests for confirmation of quantity and recipient data associated with the data transfer; and performing one or more login credentials that are responsive to the one or more notifications so as to complete the data transfer.
    Type: Grant
    Filed: January 29, 2021
    Date of Patent: September 6, 2022
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Colin Hart, George Bergeron, Kaitlin Newman, Jeffrey Rule
  • Patent number: 11431754
    Abstract: A technique for performing authentication includes a first device receiving security data from a second device that shares its network connection with the first device. The first device applies the security data received from the second device when requesting authentication to a secured resource on the network. For example, the security data may include a token code or other data that may be used as a token, such as identification information about the second device.
    Type: Grant
    Filed: December 30, 2019
    Date of Patent: August 30, 2022
    Assignee: Citrix Systems, Inc.
    Inventors: Nivedita Ojha, Stephen Wilson, Derek Thorslund
  • Patent number: 11429960
    Abstract: A system and method for managing a plurality of network-enabled client devices such as networking equipment and Internet of Things (IoT) devices which employs a distributed ledger, or blockchain, to store network configuration information for each client device. Access to the distributed ledger may be provided through a proxy computing system that is configured to exchange control messages with the client devices. Network configuration information is defined in smart contracts stored in the distributed ledger which are executed on registration of the network-enabled client device in the distributed ledger.
    Type: Grant
    Filed: June 25, 2019
    Date of Patent: August 30, 2022
    Assignee: NXM Labs, Inc.
    Inventors: Jay Fallah, Kristopher Byrne, Kevin John Oerton, Josef Zankowicz, Scott Rankine
  • Patent number: 11429738
    Abstract: An example operation may include one or more of transmitting, from a client application, a proposed storage request to a plurality of endorser nodes of a blockchain, receiving a first endorsement of the storage request from a first endorser node, the first endorsement comprising a full-step hash verification of the proposed storage request, receiving a second endorsement of the storage request from a second endorser node, the second endorsement comprising a reduced-step hash verification of the storage request, and transmitting a storage proposal including the full-step hash endorsement and the reduced-step hash endorsement to an ordering node of the blockchain.
    Type: Grant
    Filed: May 29, 2019
    Date of Patent: August 30, 2022
    Assignee: International Business Machines Corporation
    Inventor: Praveen Jayachandran
  • Patent number: 11422982
    Abstract: A stateful cluster may implement scaling of the stateful cluster while maintaining access to the state of the stateful cluster. A scaling event for a stateful cluster may be detected, and in response the stateful cluster may be adjusted to include a different number of nodes. The state of the cluster may then be logically distributed among the different number of nodes according to a monotone distribution scheme. The adjusted node may then service access requests according to the monotone distribution scheme. Prior to making the adjusted storage cluster available for servicing access requests, the nodes from the original cluster may still service access requests for state.
    Type: Grant
    Filed: February 22, 2019
    Date of Patent: August 23, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Jakub Kulesza, Srividhya Srinivasan, Deepak Agarwal, Anurag Windlass Gupta
  • Patent number: 11422718
    Abstract: An apparatus comprises a processing device configured to receive, from a given multi-path input-output driver of a given one of a plurality of host devices that utilizes a given piece of software for controlling delivery of input-output operations to a storage system over selected ones of a plurality of paths through a network, an access authorization check request for the given piece of software in response to expiration of a designated access authorization refresh interval, wherein authorization to access software code of the given piece of software is provided by an access authorization server external to the plurality of host devices. The processing device is also configured to determine an access authorization status of the given multi-path input-output driver. The processing device is further configured to provide, to the given multi-path input-output driver, an access authorization check response comprising the access authorization status of the given multi-path input-output driver.
    Type: Grant
    Filed: May 3, 2021
    Date of Patent: August 23, 2022
    Assignee: EMC IP Holding Company LLC
    Inventors: Surendra Singh Chauhan, Udit Tyagi
  • Patent number: 11423111
    Abstract: One embodiment is a client API module for accessing an endpoint that includes a REST API corresponding to a server. Embodiments initialize an endpoint request and in response receive a URI of the server and a client context. Embodiments provide a get service request to the server based on the URI and the client context and in response receive a service instance and initialize a service context. Embodiments generate, based on the service context, a request including one of a create, a search, an update, a replace, or a delete requests, and a corresponding REST call including one of an HTTP post, an HTTP get, an HTTP patch and HTTP put or an HTTP delete.
    Type: Grant
    Filed: October 30, 2019
    Date of Patent: August 23, 2022
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventor: Nikhil Yograj Vaishnavi
  • Patent number: 11423162
    Abstract: A vehicle control system, including an in-vehicle bus and a plurality of electronic control units (ECUs) coupled to the in-vehicle bus, wherein at least one ECU of the plurality of ECUs is configured to: receive, at a respective at least one ECU of the plurality of ECUs, a message in a message stream on the in-vehicle bus; evaluate the message to determine at least one of a confidence value of the security classification, a significance value of the message, or a bounds check value of the message; and determine in real-time to allow or deny the message to the vehicle control system based on at least one of the significance value of the message, the bounds check value of the message, or the confidence value of the security classification of the message, to provide a sanitized message stream to the vehicle control system.
    Type: Grant
    Filed: March 27, 2020
    Date of Patent: August 23, 2022
    Assignee: INTEL CORPORATION
    Inventors: Marcio Juliato, Shabbir Ahmed, Maria Soledad Elli, Christopher Noe Gutierrez, Vuk Lesi, Manoj R. Sastry, John Charles Weast, Liuyang Lily Yang
  • Patent number: 11416628
    Abstract: Systems and methods are described for modifying input and output (I/O) to an object storage service by implementing one or more owner-specified functions to I/O requests. Different data manipulation functions can be placed in different I/O paths depending on the request method or user access level. For example, a user having full access may be returned the unaltered version of the object, whereas a user having modified or reduced access may be returned a modified or redacted version of the object. In this manner, owners of the object collection are provided with greater control over how the object collection is accessed.
    Type: Grant
    Filed: September 27, 2019
    Date of Patent: August 16, 2022
    Assignee: AMAZON TECHNOLOGIES, INC.
    Inventors: Kevin C. Miller, Timothy Lawrence Harris, Ramyanshu Datta
  • Patent number: 11418559
    Abstract: A wireless communication system is provided including a group of media devices that includes a first media device, a second media device, a third media device, and a fourth media device. The first media device, during a first time period, is designated as an access point media device that is configured to transmit media content to each of the other media devices in the group. The second media device is configured to become the access point media device during a second time period and transmit media content to each of the other media devices in the group based on a determination that the second media device is better suited than the first media device to be the access point media device for the group during the second time period. Each media device is configured to output the media content transmitted by the access point media device in a synchronized manner.
    Type: Grant
    Filed: September 21, 2020
    Date of Patent: August 16, 2022
    Assignee: LOGITECH EUROPE S.A.
    Inventors: Eric Andre Tissot-Dupont, Vasanth Prabhakar Murari, Edison Liwanag David
  • Patent number: 11416635
    Abstract: Various examples are directed to computer-implemented systems and methods for providing a pseudonymous browsing mode. A method includes receiving, by a processor of a computer, input from a user requesting a level of anonymity for a session on an application or website, where the level of anonymity is between open browsing and completely incognito browsing. The processor programs an avatar configured to provide the level of anonymity to an identity of the user and data generated by the user based on the received input. The processor uses the avatar to control an amount of data shared by the user with the application or website to provide the level of anonymity to an identity of the user and data generated by the user.
    Type: Grant
    Filed: July 10, 2020
    Date of Patent: August 16, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Darius A. Miranda, Rajiv Ranjan, Uma Meyyappan, Dennis E. Montenegro, Pankaj Parekh, Chris Theodore Kalaboukis, Joon Maeng, Ramanathan Ramanathan, Abhijit Rao, Abhijit Shetti, Rameshchandra Bhaskar Ketharaju, Chandramouli Subramanian
  • Patent number: 11409887
    Abstract: Systems, methods, and computer media for mitigating cybersecurity vulnerabilities of systems are provided herein. A current cybersecurity maturity of a system can be determined based on maturity criteria. The maturity criteria can be ranked based on importance. Solution candidates for increasing the cybersecurity maturity of the system can be determined based on the ranking. The solution candidates specify cybersecurity levels for the maturity criteria. A present state value reflecting the current cybersecurity maturity of the system can be calculated. For the solution candidates, an implementation state value and a transition state value can be determined. The implementation state value represents implementation of the maturity levels of the solution candidate, and the transition state value represents a transition from the present state value to the implementation state value.
    Type: Grant
    Filed: May 7, 2020
    Date of Patent: August 9, 2022
    Assignees: Battelle Memorial Institute, Board of Trustees of the University of Arkansas
    Inventors: Sri Nikhil Gupta Gourisetti, Michael E. Mylrea, Hirak Patangia
  • Patent number: 11411975
    Abstract: Methods and systems for malicious non-human user detection on computing devices are described. The method includes collecting, by a processing device, raw data corresponding to a user action, converting, by the processing device, the raw data to features, wherein the features represent characteristics of a human user or a malicious code acting as if it were the human user, and comparing, by the processing device, at least one of the features against a corresponding portion of a characteristic model to differentiate the human user from the malicious code acting as if it were the human user.
    Type: Grant
    Filed: June 16, 2020
    Date of Patent: August 9, 2022
    Assignee: Akamai Technologies, Inc.
    Inventor: Sreenath Kurupati
  • Patent number: 11411943
    Abstract: Methods and systems for facilitating authentication of a user with a plurality of applications are described. One method includes authenticating a user with a first secure application based on information received from a smart credential stored on a mobile device via a local wireless connection. The method includes obtaining a remote challenge from a remote authentication service and a mobile challenge, signing the mobile challenge with a private key, and transmitting a signed version of the mobile challenge, the remote challenge, and a public key to the mobile device. The method further includes receiving a signed version of the remote challenge and a certificate indicating validation of the mobile challenge, and transmitting the signed version of the remote challenge to the remote authentication service. Based on receiving an authentication result from the remote authentication service, access is granted to a remote secure application via the browser.
    Type: Grant
    Filed: December 6, 2019
    Date of Patent: August 9, 2022
    Assignee: Entrust Corporation
    Inventors: Michael Mallinson, Ian Reilly, Rathnavalli Jayaprakash, Martin Dale Lyness, Tim Gerlach
  • Patent number: 11411756
    Abstract: Content is shared by rendering the content in a shared session and providing the rendered content to the participating devices. The originating device has access to an original version of the content in a virtual session, which is accessed by logging into cloud content services and downloading the desired content into the virtual session. A rendering engine in a rendered session then renders the content and distributes the rendered content to the participants. Only rendered content is provided to the participants, so that the participants cannot see the credentials of the originating user, cannot see the document source and do not have access to the document itself. The participants can mark up the rendered content, which markups are shared to the other participants.
    Type: Grant
    Filed: June 4, 2018
    Date of Patent: August 9, 2022
    Assignee: POLYCOM, INC.
    Inventors: Mike Tucker, Eric Hyman, Dragan Ignjatic
  • Patent number: 11409282
    Abstract: A control system for a movable body is mountable on the movable body. The control system includes controllers and a detector. The controllers are configured to control functional systems of the movable body. The detector is configured to detect a movement situation of the movable body. Priorities corresponding to movement situations of the movable body are in advance assigned to each of the plurality of functional systems. When at least one of the plurality of controllers malfunctions, control resources of normal controllers, among the plurality of controllers, which do not malfunction are preferentially distributed to one or more of the functional systems having a high priority according to the movement situation of the movable body at that time.
    Type: Grant
    Filed: January 7, 2019
    Date of Patent: August 9, 2022
    Assignee: SUBARU CORPORATION
    Inventors: Kei Suzuki, Masahito Hayakawa, Masato Ogura, Yuichi Nagai
  • Patent number: 11405367
    Abstract: A method for improving security of peripheral devices is described. The method includes displaying, by a processor of a computing device, a code, receiving, by the processor, a user input after displaying the code, comparing, by the processor, the user input to the displayed code, and establishing, by the processor, secure communication between a peripheral device and a software application at the computing device based at least in part on a result of the comparing the user input to the displayed code.
    Type: Grant
    Filed: March 19, 2019
    Date of Patent: August 2, 2022
    Assignee: NortonLifeLock Inc.
    Inventors: Chengi Jimmy Kuo, Haik Mesropian, Petrus Johannes Viljoen, David Kane
  • Patent number: 11404059
    Abstract: Systems and methods for screenless computerized social-media access may include (1) receiving, from a user device, data describing an audible user response to a segment of an audiobook that was transmitted to the user device from an audiobook service, (2) creating a digital response-indicator indicative of the audible user response, and (3) providing the digital response-indicator to an additional user device. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: October 18, 2019
    Date of Patent: August 2, 2022
    Assignee: Meta Platforms, Inc.
    Inventor: Debashish Paul
  • Patent number: 11398900
    Abstract: Embodiments are directed to managing cryptographic keys in a multi-tenant cloud based system. Embodiments receive from a client a request for a wrapped data encryption key (“DEK”). Embodiments generate a random key and fetch encryption context that corresponds to the client. Embodiments generate the wrapped DEK including the random key and the encryption context encoded in the wrapped DEK. Embodiments then return the wrapped DEK to the client.
    Type: Grant
    Filed: February 7, 2019
    Date of Patent: July 26, 2022
    Assignee: Oracle International Corporation
    Inventors: Sirish V. Vepa, Prateek Mishra, Sreedhar Katti, Varanasi Kumar Ravi, Harold William Lockhart, Rakesh Keshava
  • Patent number: 11399022
    Abstract: Method and systems described herein may provide multifactor mutual authentication. A first server may provide a first party and a second party with at least two authentication components in order for the first party to authenticate the identity of the second party, and vice versa. The first authentication component may include a color-based authentication component, while the second authentication component may include a code-based authentication component. Both factors need to be validated in order for the authentication to be successful. The color-based authentication component, in combination with the code-based authentication component, may improve the speed with which the mutual authentication is performed.
    Type: Grant
    Filed: June 24, 2020
    Date of Patent: July 26, 2022
    Assignee: Capital One Services, LLC
    Inventors: Jeremy Phillips, Andrew Grossman, Rachel Collins
  • Patent number: 11392587
    Abstract: Methods, systems, and apparatuses for providing access to records of a database stored on a database server in a cloud database platform are described herein. A data sharing platform may determine a shared view definition for access to the database. The data sharing platform may determine rules that specify criteria that limit access to the records stored by the database. The one or more first rules may be received via a user interface. The data sharing platform may perform, based on the rules, a data access certification process on the records stored by the database to generate a table of certification results. The data sharing platform may generate, based on the table of certification results, and without modifying the records stored by the database, a limited consumer view definition. Based on updates to the records, a new limited consumer view definition may be generated.
    Type: Grant
    Filed: December 14, 2021
    Date of Patent: July 19, 2022
    Assignee: Capital One Services, LLC
    Inventors: Nagender Gurram, Yudhish Batra, Syed Shamaz Salim, Praveen Kandukuri
  • Patent number: 11394719
    Abstract: An illustrative computing system for a dynamic user access control management system classifies users and data resources according to their risk and importance by a user management engine with artificial intelligence, machine learning characteristics. The dynamic user access control management system analyzes the log files of data resources to measure system performance characteristics and user access behavior. This system monitors the device and network by which a data access request to a data resource is made. The dynamic user access control management system validates the leave status of a user initiating a data access request. The dynamic user access control management system automatically determines a user access level for a data resource through intelligent analysis of collected information and defers to a user's manager for an access level determination when the determination to grant an access level is outside of the knowledge base of the user management engine.
    Type: Grant
    Filed: February 13, 2020
    Date of Patent: July 19, 2022
    Assignee: Bank of America Corporation
    Inventors: Vijaya Kumar Vegulla, Netla Hanumantha Reddy, Sandeep D'Souza, Kumar Mahadeva Setty, Anil Kumar Venkata Kalyanam, Venugopala Rao Randhi
  • Patent number: 11386220
    Abstract: A method for sharing data in a multi-tenant database includes receiving, by a target account of a multiple tenant database, access rights of a share object in a first account of the multiple tenant database, wherein the share object having access rights to a database object of the first account and wherein access to the database object of the first account by the target account is based on the access rights of the share object. The method also includes receiving, by one or more processors of the target account, access rights to an alias object, wherein the alias object references the database object of the first account.
    Type: Grant
    Filed: November 30, 2021
    Date of Patent: July 12, 2022
    Assignee: Snowflake Inc.
    Inventors: Benoit Dageville, Thierry Cruanes, Martin Hentschel, Peter Povinec
  • Patent number: 11386191
    Abstract: Embodiments of the present specification disclose trusted hardware-based identity management methods, apparatuses, and devices. One method comprising: determining personal identity information of a user of a trusted hardware; determining hardware identifier information of the trusted hardware; generating a decentralized identifier (DID) binding request based on the personal identity information and the hardware identifier information, wherein the DID binding request is configured to request to establish a corresponding relationship between a DID of the user and the trusted hardware; and sending the DID binding request to a decentralized identity service (DIS).
    Type: Grant
    Filed: June 25, 2021
    Date of Patent: July 12, 2022
    Assignee: Alipay (Hangzhou) Information Technology Co., Ltd.
    Inventors: Renhui Yang, Shubo Li, Yuan Chen, Wenyu Yang, Qin Liu, Qin Xiong, Sheng Zhang
  • Patent number: 11386056
    Abstract: Embodiments relate to a computer platform and corresponding process and program code to assess multimedia files with respect to similarity and duplicate media content. Data streams are converted into sequences of events, and object representation within the streams is identified and subject to processing with respect to the event sequences. A similarity assessment is conducted between two or more of the data streams, and a corresponding distance measurement to quantify similarity is produced. Duplicate data is selectively identified in response to the similarity assessment and the produced distance measurement.
    Type: Grant
    Filed: May 17, 2019
    Date of Patent: July 12, 2022
    Assignee: International Business Machines Corporation
    Inventors: Keith G. Frost, Stephen A. Boxwell, Kyle M. Brake, Stanley J. Vernier
  • Patent number: 11388245
    Abstract: A system includes at least one hardware processor and a memory storing instructions that, when executed by the at least one hardware processor, cause the at least one hardware processor to perform operations including receiving consumption data associated with a user consuming content on one or more user computing devices, determining a preference associated with content consumption of the user based on the received consumption data, the preference including one or more of a delivery time, a computing device of the one or more user computing devices, and a venue, receiving a new content item, determining one or more of a target delivery time, a target computing device of the one or more user computing devices, and a target venue based on the determined preference, and transmitting the new content item to the target computing device for presentation to the user.
    Type: Grant
    Filed: November 20, 2020
    Date of Patent: July 12, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Daniel Gracey, Scott Welz, Tyua Larsen Fraser, Matthew J. Kaufman, Gwendoria M. Salley, Mark Lee Tabor, Jefferson Crew, John C. Brenner