By Authorizing User Patents (Class 726/28)
-
Patent number: 12047492Abstract: Device-implemented methodology for enabling and/or performing crypto-erase via internal action and external action. In one illustrative aspect, a request to read data is received at a device configured to perform data operations on a storage medium, the data being stored on the storage medium in encrypted form. In one approach, a first key stored within the device is accessed. In another approach, a first key stored on and/or with the storage medium is retrieved. A second key is received from an external source. A media encryption key is generated using the first and second keys. The encrypted form of the data is read from the storage medium. The encrypted form of the data is decrypted using the media encryption key. The decrypted data is output. Methodology for writing encrypted data is also presented.Type: GrantFiled: March 3, 2020Date of Patent: July 23, 2024Assignee: International Business Machines CorporationInventor: Glen Jaquette
-
Patent number: 12047371Abstract: Some embodiments provide a method for mobile device based user authentication. The method includes registering a session between a browser and a web application. The method also includes receiving a data object associated with the session and receiving a QR code from a mobile device that is captured from the browser. The method also provides for identifying the data object and sending the data object to the mobile device to retrieve user credentials. The method then receives an encrypted message comprising the user credentials from the mobile device. The encrypted message is then forwarded to the web application for authentication.Type: GrantFiled: September 1, 2021Date of Patent: July 23, 2024Inventor: Michael Donghui Xie
-
Patent number: 12045367Abstract: The present disclosure is related to a system that may include a first computing device and a second computing device. The first computing device may send a request for identification data corresponding to one or more health properties associated with a user. The second computing device may receive the request for the identification data. In response to receiving the request, the second computing device may retrieve health data acquired by one or more sensors for monitoring the one or more health properties that correspond to the user and stored in a memory. The first computing device may receive the health data sent from the second computing device and authenticate an identity of the user based on the health data.Type: GrantFiled: July 30, 2021Date of Patent: July 23, 2024Assignee: United Services Automobile Association (USAA)Inventors: Wesley Allen Arnold, Michael A. Belko, Steven K. Dunlap, Sharon Kay Haverlah
-
Patent number: 12047344Abstract: A messaging server system receives a message creation input from a first client device that is associated with a first user registered with the messaging server system. The messaging server system determines, based on an entity graph representing connections between a plurality of users registered with the messaging server system, that the first user is within a threshold degree of connection with a second that initiated a group story in relation to a specified event. The messaging server system determines, based on location data received from the first client device, that the first client device was located within a geo-fence surrounding a geographic location of the specified event during a predetermined event window, the geo-fence and event window having been designated by the second user, and causes the first client device to present a user interface element, that enables the first user to submit content to the group story.Type: GrantFiled: January 7, 2022Date of Patent: July 23, 2024Assignee: SNAP INC.Inventors: Nicholas Richard Allen, Jacob Andreou, Evan Spiegel
-
Patent number: 12039496Abstract: A multitenant collaboration tool is instantiated over physical infrastructure operated by a hosting platform. The multitenant collaboration tool leverages interfaces of the hosting platform to provision and/or instantiate buckets and/or data lakes in particular physical locations, serving from those data lakes tenant data required to be stored within those specified locations. The multitenant collaboration tool includes a multitenant query gateway configured to route data queries from client devices to appropriate multitenant data lakes associated with multitenant collaboration tool.Type: GrantFiled: April 14, 2021Date of Patent: July 16, 2024Assignees: ATLASSIAN PTY LTD., ATLASSIAN US, INC.Inventors: Yash Sharma, Hideyoshi Cheong, Ievgen Aleinikov, Rohan Dhupelia, Steve Lee, Mike Dias
-
Patent number: 12038624Abstract: In an example, the eyewear includes an optical element, electronic components, and a support structure configured to support the optical element and the electronic components. The support structure defines a region for receiving at least a portion of a head of a user. The eyewear also includes a biometric sensor coupled to the electronic components and supported by the support structure. The biometric sensor is attached to the support structure and positioned to detect, in the region, a biometric signal representative of a biometric of the user for processing by the electronic components.Type: GrantFiled: August 23, 2021Date of Patent: July 16, 2024Assignee: Snap Inc.Inventors: Julio Cesar Castañeda, Rajeev Ramanath
-
Patent number: 12034855Abstract: It is desired to try to increase the security of a computing system running computer applications that may access data in a data storage system. In some embodiments, a token associates a user with a task that is being executed by a computing node. It may therefore be possible to determine which user executed which tasks. In some embodiments, the validity of a token is tied to the lifespan of a task associated with the token, rather than to a fixed amount of time. Therefore, if the task associated with the token is complete, the token may become invalid, rather than remaining valid for a duration of time that possibly exceeds the lifespan of the associated task. In some embodiments, a token is used to enforce data access control, e.g. to deny certain users access to certain data in the data storage system.Type: GrantFiled: November 9, 2021Date of Patent: July 9, 2024Assignee: SHOPIFY INC.Inventor: Alysha Gardner
-
Patent number: 12035221Abstract: A control apparatus is provided that includes: a communication unit configured to receive an access request transmitted from a first user; an analysis unit configured to analyze whether a second user whose use frequency of a network is equal to or higher than a threshold approves the access request by the first user or not; and a control unit configured to permit access by the first user to the network in a case where the access request by the first user is approved by a specific number or more of the second users, the specific number being two or more.Type: GrantFiled: July 5, 2023Date of Patent: July 9, 2024Assignee: JVCKENWOOD CORPORATIONInventor: Tomohiro Azami
-
Patent number: 12034823Abstract: An operating method of an interactive service platform including the steps of: communicating with a plurality of user end devices via an application software; receiving physiological measurement information of user from the user end devices via the application software; analyzing the physiological measurement information to identify a physical and mental state/lifestyle of an associated subscriber; and automatically responding content information associated with at least one associated subscriber according to requests from the user end devices.Type: GrantFiled: October 21, 2020Date of Patent: July 9, 2024Assignee: PIXART IMAGING INC.Inventors: Chih-Yuan Chuang, Yen-Min Chang
-
Patent number: 12032830Abstract: An apparatus includes at least one processing device configured to identify a logical storage volume stored across multiple storage nodes of a distributed storage system, to obtain address range distribution information for the logical storage volume from at least a subset of the storage nodes, the address range distribution information indicating, for each of a plurality of distinct address ranges of the logical storage volume, which of the storage nodes locally stores data for that address range, and to generate, from the obtained address range distribution information, a mapping of the distinct address ranges to particular ones of the storage nodes, wherein the mapping is utilized to select paths for delivery of input-output operations to the storage nodes. Obtaining address range distribution information for the logical storage volume may comprise, for example, sending log page commands to each of the storage nodes to obtain asymmetric range access and/or template information.Type: GrantFiled: April 27, 2022Date of Patent: July 9, 2024Assignee: Dell Products L.P.Inventors: Ziv Dor, Itay Keller, Rivka Mayraz Matosevich, Tal Abir
-
Patent number: 12034729Abstract: Systems and methods for computer system security authorization interfaces are described, including a non-transitory computer readable medium having computer executable instructions that when executed cause a processor to direct a directory server to create a position group, the directory server storing position-access permissions assigned to a plurality of permission groups, and to assign the position group as a member within the permission groups; and to assign a username to the position group, thereby associating the position group with the person and assigning the position-access permissions to the person. The position groups contain no usernames and are each associated with no more than one person at any one time. An interface application may allow a user to communicate with a directory server to manage position-access permissions within a directory service domain based on positions within an organizational structure of an organization, rather than on usernames.Type: GrantFiled: October 11, 2022Date of Patent: July 9, 2024Assignee: ODNA, LLCInventors: Christina Simmons, Ron Nicholson
-
Patent number: 12026267Abstract: Systems and methods are provided for obtaining a request for a data object or a data structure from a client; determining an access level of the client and one or more access permissions of the requested data object or data structure; determining whether to transmit the requested data object or data structure to the client based on the access level of the client and the one or more access permissions; and transmitting the requested data object or data structure to the client.Type: GrantFiled: July 13, 2021Date of Patent: July 2, 2024Assignee: Palantir Technologies Inc.Inventors: Peter Wilczynski, Stephen Freiberg
-
Patent number: 12028340Abstract: A computer-implemented method for data segmentation to improve security is described. The method includes receiving a request, from a client device of a user, for authentication information; parsing the request; based on the parsing, determining an authentication score that represents a likelihood that the request is from an authenticated device; determining, from the authentication score, a number of segments into which the requested authentication information is divided; and for each of the segments, assigning one or more portions of the authentication information to that segment, in which each segment is associated with one or more times at which to transmit information assigned to that segment, and at one or more times specified by that segment, transmitting one or more portions of the authentication information assigned to that segment to the client device.Type: GrantFiled: August 1, 2023Date of Patent: July 2, 2024Assignee: United Services Automobile Association (USAA)Inventors: Dustin Bowen Bitter, Marta Leigh Argumedo, David Joaquin Harris, Thomas Wayne Schwarz, Jr., Gabriel C. Fernandez
-
Patent number: 12026273Abstract: The present disclosure describes a computer-implemented method that includes: detecting an incident that an outbound email violates a data leakage prevention (DLP) rule of an enterprise, wherein the DLP rule specifies contents that are reserved for within the enterprise; automatically alerting one or more members of the enterprise of the incident based on a report detailing the incident; and receiving a response from each of the one or more members of the enterprise.Type: GrantFiled: August 20, 2020Date of Patent: July 2, 2024Assignee: Saudi Arabian Oil CompanyInventors: Rafiq Ajmal Khurshid, Saad Farhan Al-Anazi, Mohammed S. Logmani, Abdullah Tariq Al-Essa, Taher A. Alwusaibie, Faissal A. Sulaiman
-
Patent number: 12021855Abstract: Methods and systems for facilitating authentication of a user with a plurality of applications are described. One method includes authenticating a user with a first secure application based on information received from a smart credential stored on a mobile device via a local wireless connection. The method includes obtaining a remote challenge from a remote authentication service and a mobile challenge, signing the mobile challenge with a private key, and transmitting a signed version of the mobile challenge, the remote challenge, and a public key to the mobile device. The method further includes receiving a signed version of the remote challenge and a certificate indicating validation of the mobile challenge, and transmitting the signed version of the remote challenge to the remote authentication service. Based on receiving an authentication result from the remote authentication service, access is granted to a remote secure application via the browser.Type: GrantFiled: August 8, 2022Date of Patent: June 25, 2024Assignee: Entrust CorporationInventors: Michael Mallinson, Ian Reilly, Rathnavalli Jayaprakash, Martin Dale Lyness, Tim Gerlach
-
Patent number: 12021940Abstract: Architecture that enables a user to designate acceptance to receiving social cards from other user in a social network using a personal digital assistant. A mapping component maintains the mappings of all users who have accepted to participate in card sharing and the acceptance level. A whitelist of users can be created that lists the users to whom a social card can be sent from an endpoint. The user can create local groups dynamically at runtime on the local endpoint, where the local groups enable the sharing of the personalized content with multiple users concurrently. The shared card is selected by the sending user and becomes available to the PDA on the proactive canvas of the recipient's PDA along with other cards. Based on the user engagement history, these cards can be ranked among other cards social or non-social PDA cards. Conflation, push notifications, and filtering are also provided.Type: GrantFiled: April 15, 2021Date of Patent: June 25, 2024Assignee: Microsoft Technology Licensing, LLCInventors: Rahul Gupta, Amar Kumar Dubedy, Gurpreet Singh
-
Patent number: 12020241Abstract: A computer-implemented method comprising receiving a first event request corresponding to a pending event between a first computing device and a second computing device, the first event request comprising a first set of event attributes corresponding to the pending event; transmitting, each of a plurality of first subsets of event attributes to a different set of nodes; receiving a second event request corresponding to the pending event between the first computing device and the second computing device; and transmitting each of the plurality of second subsets of event attributes to a different set of the plurality of sets of nodes, wherein each of the plurality of sets of nodes compares the first subset of event attributes that the set of nodes receives with the second subset of event attributes that the set of nodes receives; and a block instance corresponding to the pending event to a blockchain.Type: GrantFiled: April 18, 2023Date of Patent: June 25, 2024Assignee: CITIBANK, N.A.Inventor: Shishir Singh
-
Patent number: 12021867Abstract: Provided are an authentication processing method and device, a storage medium, and an electronic device. The method includes that: a terminal receives an authentication request message from an authentication function; and in cases where authentication on the authentication request message fails, the terminal feeds back an authentication failure message to the authentication function. In cases where the cause of the authentication failure is a Message Authentication Code (MAC) failure and in cases where a cause of authentication failure is a Synchronization (Sync) failure, the terminal feeds back authentication failure messages of the same type to the authentication function.Type: GrantFiled: January 19, 2020Date of Patent: June 25, 2024Assignee: ZTE CORPORATIONInventors: Jin Peng, Shilin You, Zhenhua Xie, Wantao Yu, Zhaoji Lin, Yongqing Qiu
-
Patent number: 12021862Abstract: An information processing device includes a display control means that displays a log-in screen for a service which is provided by a collaboration service after accessing the collaboration service, a first transmission means that transmits a request for verification data to the collaboration service, a communication control means that communicates with an authenticator before authenticating a user, a second transmission means that transmits a request including verification data to the authenticator when an instruction for log-in is received, and a third transmission means that transmits signature data received from the authenticator to the collaboration service. At least one of transmission of the request to the collaboration service from the first transmission means and communication of the communication control means with the authenticator is performed without waiting until the instruction for log-in is received from the user after accessing the collaboration service.Type: GrantFiled: October 19, 2021Date of Patent: June 25, 2024Assignee: CANON KABUSHIKI KAISHAInventor: Hirotaka Funayama
-
Patent number: 12021989Abstract: A method includes a computing device of a computing infrastructure interpreting a request from a learning object owner computing device to make available for licensing a set of learning objects to produce an object basics record of a smart contract for the set of learning objects. The method further includes verifying, with an accreditation authority computing device of the computing infrastructure, validity of the object basics record. When the object basics record is valid, the method further includes establishing available license terms of the smart contract for the set of learning objects, establishing available payment terms of the smart contract for the set of learning objects, and causing generation of a non-fungible token associated with the smart contract in an object distributed ledger.Type: GrantFiled: January 14, 2022Date of Patent: June 25, 2024Assignee: Enduvo, Inc.Inventors: Matthew Bramlet, Justin Douglas Drawz, Steven J. Garrou, Christine Mancini Varani, Gary W. Grube
-
Patent number: 12020303Abstract: A method of providing a preview version of a book over a computer network, the method comprising: apportioning the book into a plurality of content segments; modifying the book by rearranging at least a subset of the plurality of content segments to create a shuffled configuration of the book; initiating a preview session and displaying at least a first content segment from said shuffled configuration of the book in a preview window; displaying a next group of content segments from said shuffled configuration of the book during said preview session upon receiving a prompt from user to continue browsing; and controlling the availability of said shuffled configuration of the book during said preview session. A user may further customize preview version by providing a search input or by selecting a page range. Shuffled preview version may include one or more advertisements.Type: GrantFiled: October 13, 2023Date of Patent: June 25, 2024Inventors: Ashish K. Mithal, Amad Tayebi
-
Patent number: 12013965Abstract: In some implementations, a device may monitor a screenshot function of a user device. The device may receive, via an application, sensitive information associated with an operation of the application. The device may detect a screenshot instruction associated with the screenshot function capturing a screenshot of a graphical user interface of the application that is displaying the sensitive information. The device may control the screenshot function to suspend a capture of the screenshot of the graphical user interface. The device may identify a portion of the graphical user interface that includes the sensitive information. The device may mask portion of the graphical user interface to obfuscate the sensitive information. The device may enable the screenshot function to capture, according to the screenshot instruction, the screenshot with obfuscated sensitive information. The device may unmask the portion to enable the sensitive information to be displayed via the graphical user interface.Type: GrantFiled: September 22, 2021Date of Patent: June 18, 2024Assignee: Capital One Services, LLCInventor: Jude Pierre Anasta
-
Systems and methods to determine content to present based on interaction information of a given user
Patent number: 12015611Abstract: Systems and methods to determine content to present based on interaction information of a given user are disclosed. Exemplary implementations may: store, in electronic storage, psychological profiles; obtain, in an ongoing manner, interaction information of users from the online platforms; determine psychological profiles of the users based on the interaction information for the individual users; update, in an ongoing manner, the determined psychological profiles as the interaction information is ongoingly obtained such that the first psychological profile is ongoingly updated as the first interaction information is ongoingly obtained; and provide, based on the psychological profiles, the individual users with content.Type: GrantFiled: November 17, 2021Date of Patent: June 18, 2024Assignee: Solsten, Inc.Inventors: Joseph Jack Schaeppi, Lynn Danielle Francoise Bergmann, Lloyd William West, Jonna Maarit Koivisto -
Patent number: 12014037Abstract: Disclosed herein are system, method, and computer program product embodiments for generating a graphical user interface (GUI) with a consolidated user incident report. In some embodiments, a server receives a set of data comprising a first set of data elements. The server incorporates the set of data on a graphical user interface (GUI). The set of data is rendered in a first portion of the GUI and the different set of data is rendered in a second portion of the GUI. The server further receives a request to delete one or more data elements of the set of data or the different set of data from the GUI. As such, the server consolidates the first and second portion into a combined portion on the GUI. The combined portion comprises the set of data and the different set of data excluding the one or more data elements.Type: GrantFiled: December 13, 2021Date of Patent: June 18, 2024Assignee: SAP SEInventors: Bizhong Ye, Peihua Li, Yuchi Zhang, Wen Wang
-
Patent number: 12015594Abstract: A system for processing data that includes a first processor configured to operate one or more algorithms to provide a proxy for each of a plurality of external network communications segments and internal network communications segments associated with a specific use, the first processor configured to operate one or more algorithms to provide a firewall agent that performs firewall processing for each of the plurality of external network communications segments and the internal network communications segments and wherein the explicit proxy is installed using a proxy auto configuration file that is associated with the firewall agent.Type: GrantFiled: March 3, 2021Date of Patent: June 18, 2024Assignee: FORCEPOINT LLCInventors: Olli-Pekka Niemi, Ville K. Mattila
-
Patent number: 12014423Abstract: A computer-implemented method of determining an indication of whether a vehicle in a crash is a total loss. The method may include (1) receiving (i) image data, (ii) sensor data, and/or (iii) telematics or other data indicative of a direction of a crash force; (2) determining a type of geographic area in which the crash occurred; (3) determining a make, a model, and/or a year of the vehicle; and (4) determining the indication of whether the vehicle is a total loss based upon (i) (a) the image data, (b) the sensor data, and/or (c) the data indicative of the direction of the crash force, (ii) the type of geographic area, and (iii) the make, the model, and/or the year of the vehicle. By determining the indication of whether the vehicle is a total loss based upon such data and/or factors, time may be saved and resources may be conserved.Type: GrantFiled: June 20, 2017Date of Patent: June 18, 2024Assignee: STATE FARM MUTUAL AUTOMOBILE INSURANCE COMPANYInventors: Christina P. Mullen, Jeffrey S. Myers, Andrew Karl Pulkstenis, Stephen Russell Prevatt, Robert T. Trefzger
-
Integrating identity tokens and privacy-preserving identity attribute attestations into interactions
Patent number: 12015720Abstract: A method is disclosed. The method comprises receiving, by an identity network computer, a query set including a plurality of test identity attributes. After receiving the query set, the identity network computer may retrieve derivatives of identity attributes associated with a user, and an encrypted trapdoor, then compute an obscured query set using the query set, and optionally the derivatives of identity attributes. The identity network computer may transmit the obscured query set (i) and the encrypted trapdoor to a user device associated with the user, which generates and transmits a first modified trapdoor and the obscured query set to a relying party computer, or (ii) and a second modified trapdoor to the relying party computer. The relying party computer may thereafter use the obscured query set, and the first modified trapdoor or the second modified trapdoor, to determine if the identity attributes is a member of the query set.Type: GrantFiled: November 17, 2021Date of Patent: June 18, 2024Assignee: Visa International Service AssociationInventors: Kim Wagner, Brian Sullivan, Dinah Sloan, Hao Ngo, Gaven James Watson, Sunpreet Singh Arora, Saikrishna Badrinarayanan, Srinivasan Raghuraman -
Patent number: 12013964Abstract: The present disclosure provides an electronic device including a touch screen display, at least one processor, and a memory, in which the memory stores a first application program including a user interface, and stores instructions that, with regard to execution of the first application, cause the at least one processor to execute the first application program, and display content on the touch screen display in response to the execution of the first application program, receive a first user input for selecting at least a portion of the content using the user interface, receive a second user input for adding at least a portion of the selected content to a clipboard using the user interface, check whether or not the application program associated with the second user input is the first application program, and allow or block the addition of the selected content to the clipboard based at least in part on the check. In addition to the above, various embodiments identified through the specification are possible.Type: GrantFiled: June 19, 2019Date of Patent: June 18, 2024Assignee: SAMSUNG ELECTRONICS CO., LTD.Inventors: Jungyoon Kim, Seongjin An
-
Patent number: 12013963Abstract: Aspects of the disclosure relate to information masking. A user device may receive a request to access information that includes personal identifiable information (PII) and retrieve source data comprising the PII. The user device may mask, within the source data and based on a data management policy, the PII, resulting in masked information. The user device may display the masked information. The user device may receive a request to unmask the masked information and unmask the PII, resulting in unmasked PII. The user device may display the unmasked PII and send unmasking event information to a PII footprint modeling platform, which may cause the PII footprint modeling platform to: log the request to unmask the masked information in an unmasking event log, 2) apply a machine learning model to the unmasking event log to identify malicious events, and 3) trigger remediation actions based on identification of the malicious events.Type: GrantFiled: April 16, 2021Date of Patent: June 18, 2024Assignee: Bank of America CorporationInventors: Allison Zimmer, Brian H. Corr, Charlene L. Ramsue, Scott Nielsen, Thomas G. Frost, Youshika C. Scott
-
Patent number: 12008126Abstract: A computer system that includes one or more processors configured to execute a secure sovereign manager that controls remote execution of commands on a sovereign cloud computing platform. The secure sovereign manager is configured to create an escorted session for an unqualified user for invoking commands on the sovereign cloud computing platform. The unqualified user does not have sovereign-trusted credentials that define qualifications required for accessing the sovereign cloud computing platform. The escorted session is asynchronously supervised by a qualified user that has sovereign-trusted credentials. The secure sovereign manager is configured to receive an indication of approval or denial of invocation of a received command. Based on at least receiving an indication of approval, the secure sovereign manager invokes the received command on the sovereign cloud computing platform.Type: GrantFiled: September 24, 2021Date of Patent: June 11, 2024Assignee: Microsoft Technology Licensing, LLCInventors: Brian Scott Waters, Martin Peter Check, Matthew Paul Erickson, Tyler S Wiegers, Christopher Glenn Maynard, Siddhartha Rana, Dominic Mario Rael
-
Patent number: 12003597Abstract: A method for detecting an unauthorized copy of a content according to an embodiment of the present invention includes providing content including a plurality of images to a terminal device; collecting scroll inputs applied by a user to the terminal device when viewing the content, and generating scroll log information from the scroll inputs; and constructing a database by collecting the scroll log information according to each user account registered in the service server or identification information of the terminal device.Type: GrantFiled: October 22, 2021Date of Patent: June 4, 2024Assignee: NAVER WEBTOON LTD.Inventors: Inwoo Ro, Choong Hyun Seo
-
Patent number: 12001523Abstract: A first copy of a heterogeneous program payload is provided to a first computing device. The heterogeneous program payload contains an unencrypted component and a set of one or more encrypted components. The set of encrypted components corresponding to a set of one or more programs. The unencrypted component of the heterogeneous program payload includes loader program code configured to receive a first license key. The loader program code is configured to, in response to receiving the first license key, perform a decryption action against the set of encrypted components of the heterogeneous program payload.Type: GrantFiled: September 29, 2020Date of Patent: June 4, 2024Assignee: International Business Machines CorporationInventors: Marco Simioni, Stefano Braghin
-
Patent number: 11997071Abstract: A controlled content system for providing a controlled and contained environment that is remotely accessible is disclosed. An application on the end user device is modified to allow certain sites and services to be mediated in a mid-link server. The app uses policies to know when to access the mid-link server for the controlled and contained environment. Policies can specify the type of processing performed on the mid-link server. Some embodiments support the app selectively using the mid-link server for mediated sites and services. A client spoofer at the mid-link server spoofs direct interaction with the certain sites and the services as if the end user device was directly interacting with the plurality of remote services.Type: GrantFiled: May 12, 2021Date of Patent: May 28, 2024Assignee: Netskope, Inc.Inventor: Bradley B. Harvell
-
Patent number: 11991524Abstract: Described herein are techniques for enabling remote implementation and enforcement of usage settings on one or more user devices. In some embodiments, a wireless carrier network maintains information on relationships between various user devices. Each relationship may be active under specified conditions (e.g., time and/or location) and is associated with usage settings that dictate one or more rules to be enforced while the relationship is active. In some embodiments, a set of usage settings may be generated for a particular user device based on all active relationships associated with that user device. The set of usage settings may be enforced by a mobile application installed upon a user device or by a wireless carrier network that blocks certain network traffic to and/or from the user device.Type: GrantFiled: November 2, 2020Date of Patent: May 21, 2024Assignee: T-Mobile USA, Inc.Inventors: Parag Garg, Christopher Painter, Nicholas LaVassar, George MacDonald
-
Patent number: 11983283Abstract: Disclosed herein are system, method, and computer program product embodiments for preemptively evaluating whether roles are over-privileged within an (IAM) identity and access management system. Roles may be over-privileged when they are granted permissions to perform certain actions outside the scope granted to those roles. The evaluation occurs without submitting the certain actions to the IAM system and allows roles to be evaluated on a preemptive basis so that corrective actions may be taken to prevent unauthorized access to resources. Roles may be associated with policies which may each define different permissions for accessing resources. The evaluation may involve generating an effective policy from the policies associated with a role to provide a comprehensive view of all permissions associated with the role.Type: GrantFiled: January 24, 2023Date of Patent: May 14, 2024Assignee: Capital One Services, LLCInventors: Matthew A. Ghiold, Gavin McGrew, Devon Powley, Dale Greene, Jr.
-
Patent number: 11979807Abstract: Systems and methods are provided for automatic notifications of expired subscriptions. In various embodiments, a network function can request a subscription from a Unified Data Repository (UDR). The request for the subscription can include a request for a notification when the subscription expires or at a time prior to the expiration of the subscription. When the subscription expires or at the time prior to the expiration of the subscription, the UDR can provide a notification that the subscription has expired or is about to expire. Based on the notification, the network function can request to re-subscribe or request a new subscription from the UDR.Type: GrantFiled: September 27, 2021Date of Patent: May 7, 2024Assignee: Hewlett Packard Enterprise Development LPInventors: Anders H. Askerup, David C. Williamson, Lu Tian
-
Patent number: 11977644Abstract: One example method includes receiving, by a client computing device, a request to open a superfile stored in a memory device at the client computing device, the superfile comprising encrypted content, the request comprising user credential information; in response to receiving the request to open the superfile, communicating, by the client computing device, a request to a remote server to access the superfile, the request including a credential associated with the user account; receiving, from the remote server, cryptographic information; decrypting, using the cryptographic information, the encrypted content; accessing and presenting the decrypted content; and maintaining communications with the remote server while the decrypted content is accessed.Type: GrantFiled: July 23, 2021Date of Patent: May 7, 2024Assignee: Superfile, Inc.Inventor: Shane Ryan Valdez
-
Patent number: 11966923Abstract: System and method for facilitating account access delegation are provided. Login credentials are authenticated for a first account of a first funding source of a first user. A request from the first user to delegate, to a second account of a second user, access to the first funding source is received. A redirected login request from a merchant web application is further received. The redirected login request corresponds to the second account. A determination is made, based on the received request, that the second account is permissioned to use the first funding source. In response to the determination, a login of the first user account is caused on the merchant web application. The logging in of the first user account on the merchant web application causes the first funding source to be applied to an electronic transaction performed on the merchant web application under control of the second user.Type: GrantFiled: August 24, 2021Date of Patent: April 23, 2024Assignee: PAYPAL, INC.Inventors: Yona Ju, Fun-Chen Jou
-
Patent number: 11968203Abstract: A cloud infrastructure is configured and deployed for managing services executed on a cloud platform. The cloud infrastructure includes a control datacenter configured to communicate with one or more service datacenters. The service datacenter deploys one or more application programming interfaces (API's) associated with a service. The service datacenter also deploys an administration agent. The control datacenter hosts an engine that receives requests from users to perform administration operations by invoking the administration API's. In this manner, the control datacenter functions as a centralized control mechanism that effectively distributes administration operation requests as they are received from users to service datacenters that can service the requests. The cloud infrastructure provides an auditable, compliant and secure management system for administering services for distributed systems running in the cloud.Type: GrantFiled: November 29, 2021Date of Patent: April 23, 2024Assignee: Salesforce, Inc.Inventors: Prasad Peddada, Sriram Shankarlal
-
Patent number: 11954735Abstract: Systems and methods for digital property protection are disclosed. For example, indication may be received that an entity has applied for an insurance policy to insure against theft of digital property. The digital property may be registered and a valuation of the digital property may be generated. Due diligence processes may be performed, including assessment of physical and/or network security mechanisms to prevent theft of the digital property. A recommendation to issue the insurance policy may be generated and sent in examples where the due diligence processes return favorable results. Terms generation and/or identification may be performed, and claims processing based at least in part on loss matrixes may also be performed.Type: GrantFiled: May 31, 2019Date of Patent: April 9, 2024Assignee: AON RISK SERVICES, INC. OF MARYLANDInventors: Nicholas Joseph Chmielewski, Jeffrey Scott Dwoskin, Paul Kim, Daniel Crouse
-
Patent number: 11954229Abstract: A method for identity resolution and data enrichment is performed by at least one hardware processor and includes detecting at an account of a data provider, a shared data object that is shared by an account of a data consumer with the account of the data provider. An application executing at the account of the data consumer is enabled for an identity resolution process based on the detecting of the shared data object. A request for source data received from the application is detected at the account of the data provider. The source data is managed by the account of the data provider. The source data is communicated to the application executing at the account of the data consumer, based on a verification that the application is enabled for the identity resolution process. The identity resolution process is performed at the account of the data consumer using the source data.Type: GrantFiled: January 27, 2023Date of Patent: April 9, 2024Assignee: Snowflake Inc.Inventors: Marcus A. Henderson, Justin Langseth
-
Patent number: 11956263Abstract: Evaluating computers, devices, or endpoints on a network, such as a large network of computers in an enterprise environment. Detecting computers, devices, or endpoints that may present a security risk to the network or may be compromised in some way. Generating network traffic that, in some cases, should be ignored or should prompt specific, known responses. Detecting endpoint(s) that respond to such network traffic in an anomalous way, or otherwise attempt to perform certain operations based on such network traffic.Type: GrantFiled: June 4, 2021Date of Patent: April 9, 2024Assignee: Wells Fargo Bank, N.A.Inventors: Matthew John Block, Adam Sheesley, Jon Matthew Welborn, James Robert Borecky, Jennifer A. Holton, Douglas S. Rodgers
-
Patent number: 11949688Abstract: Methods, systems, and apparatus, including an apparatus for verifying the integrity of requests. In some aspects, a method includes receiving, from an application, a request including an attestation token of the application. The attestation token includes a set of data that includes at least a public key of the application and a token creation time that indicates a time at which the attestation token was created. The attestation also includes a signature of the set of data. The signature is generated using a private key that corresponds to the public key. The integrity of the request is verified using the attestation token. The verification includes determining that the integrity of the request is valid based on a determination that the token creation time is within a threshold duration of the time at which the request was received and a determination that the set of data has not been.Type: GrantFiled: August 13, 2020Date of Patent: April 2, 2024Assignee: Google LLCInventors: Gang Wang, Marcel M. Moti Yung
-
Patent number: 11947427Abstract: A method, an electronic device, and a computer program product for storage management are provided. The method includes: acquiring a lock attribute record in a lock attribute record chain from a data protection network for backing up data, data protection servers of the data protection network reaching a consensus on the lock attribute record chain, the lock attribute record including a first attribute value of an attribute of a lock operation, the lock operation being used for preventing a backup of the data stored in a storage server from being tampered with; acquiring, based on the lock attribute record, a second attribute value of the attribute of the lock operation from the storage server; and generating, based on determining that the first attribute value does not match the second attribute value, an alarm indicating that the backup is tampered with. This solution can better prevent data from being tampered with.Type: GrantFiled: May 11, 2020Date of Patent: April 2, 2024Assignee: EMC IP HOLDING COMPANY LLCInventors: Simon Yuting Zhang, Yizhou Zhou, Aaron Chao Lin
-
Patent number: 11949561Abstract: A system includes a processor and memory storing instructions that cause the processor to receive, from a client device, inputs defining associations between one or more control objectives and one more policies, wherein the one or more control objectives define one or more functions to be performed to comply with the one or more policies. The processor may map the one or more policies associated with the one or more control objectives to an application environment and receive, from the client device or a different client device, a change set to an application in the application environment, wherein the change set comprises one or more modifications to the application. The processor may then determine whether the change set adheres to the one or more policies and restrict implementation of the change set in response to determining that the change set does not adhere to the one more policies.Type: GrantFiled: July 19, 2022Date of Patent: April 2, 2024Assignee: ServiceNow, Inc.Inventors: Anushree Shrivallabh Randad, Ravindra Bansal, Tamir Segal, Abhi Sekhar Thyadi, Hari Krishna Vutukuru, Samujjwal Bhandari, Utkarsh Jain, Vasant Balasubramanian, Lal Narayanasamy, Giora Tamir, Rama Raghava Reddy Bandi, Prabhat Kuchibhotla
-
Patent number: 11949653Abstract: Described herein are systems, methods, and non-transitory computer readable media for automating the transfer/syncing of datasets or other artifacts from one security domain (e.g., a low security side environment) to another security domain (e.g., a high security side environment) in a seamless manner that complies with requirements of a data transfer mechanism used to transfer data between the two security domains while ensuring data integrity and consistency between the two security domains.Type: GrantFiled: November 29, 2022Date of Patent: April 2, 2024Assignee: Palantir Technologies Inc.Inventors: Jess Ochs-Willard, Matthew Brady, Armando Belardo, Mitchell Skiles
-
Patent number: 11949840Abstract: Systems and methods relate generally to associating confidential information with redactions are disclosed. In one such method, a login session is established with a programmed server. A document having the confidential information is uploaded to the programmed server. The confidential information in the document is detected by an artificial intelligence service. The confidential information is analyzed according to at least one rule by the artificial intelligence service. Suggestions for at least one redaction are generated by the artificial intelligence service. At least a portion of the confidential information is redacted responsive to the at least one redaction suggested by a redaction service. The document is stored in association with the at least one redaction though separate from the confidential information to provide at least one reversible redaction.Type: GrantFiled: November 11, 2022Date of Patent: April 2, 2024Assignee: KYOCERA Document Solutions Inc.Inventor: Zheila Ola Lau
-
Patent number: 11943252Abstract: A method comparing, by a user device, an observed characteristic with a determined characteristic, the observed characteristic indicating a current feature included in a current communication associated with a current entity with which the user device is communicating and the determined characteristic indicating an authentic feature included in an authentic communication associated with an authentic entity with which the user device intends to communicate; selectively matching, by the user device based on a result of comparing the observed characteristic with the determined characteristic, current communication information associated with the current communication with authentic communication information associated with the authentic communication; and determining, by the user device based on a result of selectively matching the current communication information with the authentic communication information, that the current entity is the authentic entity or that the current entity is not the authentic entity.Type: GrantFiled: March 6, 2022Date of Patent: March 26, 2024Assignee: UAB 360 ITInventor: Adrianus Warmenhoven
-
Patent number: 11940881Abstract: Systems and methods are provided for efficient post-processing of object-based snapshots of block-storage volumes, which post-processing may include garbage collection, validation, or resource usage auditing for the snapshots. An object-based snapshot can be logically represented by a set of objects stored on an object storage service, which objects collectively represent a copy of the data of a corresponding block-storage volume at a given point in time. Each snapshot can further be represented by a full manifest that includes a full listing the set of objects representing the block-storage volume, and a differential manifest that includes a listing of objects unique to the snapshot relative to a prior snapshot of the same volume. Full manifests enable each snapshot to remain independently represented, while differential manifests enable efficient post-processing by reducing the amount of data retrieved and processed to identify an aggregate of all objects referenced across a group of snapshots.Type: GrantFiled: September 21, 2020Date of Patent: March 26, 2024Assignee: Amazon Technologies, Inc.Inventors: Swapnil Srivastava, Ravi Sekhar Cherukuri
-
Patent number: 11934540Abstract: Systems, methods, and corresponding non-transitory computer readable media describe a proposed system adapted as a platform governing the loading of data in a multiparty secure computing environment. In the multiparty secure computing environment described herein, multiple parties are able to load their secure information into a data warehouse having specific secure processing adaptations that limit both access and interactions with data stored thereon.Type: GrantFiled: September 13, 2021Date of Patent: March 19, 2024Assignee: ROYAL BANK OF CANADAInventors: Edison U. Ortiz, Arya Pourtabatabaie, Ambica Pawan Khandavilli, Margaret Inez Salter, Jordan Alexander Richards, Iustina-Miruna Vintila, David Ian McKay, Christoph Knoess, Justin Simonelis