Network Patents (Class 726/3)
  • Patent number: 10296912
    Abstract: Systems and methods include: implementing a first machine learning model to generate an output of a global digital threat score for an online activity based on an input of the collected digital event data; implementing a second machine learning model that generates a category inference of a category of digital fraud or a category of digital abuse from a plurality of digital fraud or digital abuse categories; selecting a third machine learning model from an ensemble of digital fraud or digital abuse machine learning models based on the category inference generated by the second machine learning model, wherein the ensemble of digital fraud or digital abuse machine learning models comprise a plurality of disparate digital fraud or digital abuse category-specific machine learning models; and implementing the selected third machine learning model to generate a digital fraud or digital abuse category-specific threat score based on the digital event data.
    Type: Grant
    Filed: September 21, 2018
    Date of Patent: May 21, 2019
    Assignee: Sift Science, Inc.
    Inventors: Fred Sadaghiani, Alex Paino, Jacob Burnim, Keren Gu, Gary Lee, Noah Grant, Eugenia Ho, Doug Beeferman
  • Patent number: 10292049
    Abstract: The invention enables a software application to be executed on a mobile station in dependence of a SIM. Challenge data originating from the software application is input to the SIM to generate first response data using a security function of the SIM. The software application is enabled to be executed in dependence of the first response data. In addition, the challenge data may be transmitted to a verification server for the generation of second response data in dependence of the challenge data and possibly using an authentication center. The software application is then enabled to be executed in further dependence of the second response data.
    Type: Grant
    Filed: April 4, 2018
    Date of Patent: May 14, 2019
    Assignee: IRDETO B.V.
    Inventor: Jeroen Mathias Doumen
  • Patent number: 10284563
    Abstract: A method for providing a transparent asynchronous network flow exchange is provided. The method may include receiving a query request from a requester, whereby the received query request is associated with a network packet. The method may also include determining if the network packet contains a plurality of defined signatures. The method may further include in response to determining that the network packet contains a plurality of defined signatures, authenticating a plurality of information associated with the network packet. The method may additionally include determining a plurality of flow related security information associated with the network packet based on the authentication of the plurality of information. The method may include sending the determined plurality of flow related security information to the requester.
    Type: Grant
    Filed: December 20, 2017
    Date of Patent: May 7, 2019
    Assignee: International Business Machines Corporation
    Inventors: KuoChun Chen, Jia-Sian Jhang, Cheng-Ta Lee, Chun-Shuo Lin
  • Patent number: 10284562
    Abstract: It is disclosed a method and a capillary gateway, CGW, (50, 60, 204, 304) capable to determine whether to allow a first machine-to-machine, M2M, device network access. The CGW is adapted to intercept (310) an authentication request message sent from a M2M device, and intercept (318) an authentication response message sent from a M2M management service. If the CGW determines that the authentication is successful based on the authentication response message and that there is a valid subscription for the M2M device and the authentication response message is received from a trusted management service, the CGW may allow (414) the first M2M device network access. Embodiments of the present disclosure have the advantage that disclosure can provide low-powered devices Internet reachability based on user subscriptions in non-traditional scenarios such as where devices are deployed straight out-of-the-box, i.e., without any customization.
    Type: Grant
    Filed: May 16, 2014
    Date of Patent: May 7, 2019
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Kristian Slavov, Patrik Salmela
  • Patent number: 10285090
    Abstract: A data offloading path establishing method and device, for addressing a problem in which an eNB cannot offload a part of the traffic thereof to a WLAN network. The method comprises: determining, by a base station, that a user equipment (UE) is connected to a specified wireless local area network (WLAN) network, and transmitting a request message to the WLAN network; receiving, by the base station, a returned response message to the request message from the WLAN network; and transmitting, by the base station, an acknowledgement message of path switching to the UE to inform the UE that a path for offloading from the base station to the WLAN network is successfully established. Thereby, a part of the traffic originally to be transmitted via the base station can be offloaded to a WLAN access network, thus improving radio utilization rate of a 3GPP access network.
    Type: Grant
    Filed: March 29, 2016
    Date of Patent: May 7, 2019
    Assignee: CHINA ACADEMY OF TELECOMMUNICATIONS TECHNOLOGY
    Inventor: Yunjing Hou
  • Patent number: 10277405
    Abstract: A method for updating seed data in a dynamic token comprises: an interaction interface sends user information to an application server for verification, receives a verification result returned by the application server, continuously receives dynamic token information when the verification result is valid, and sends same to the application server; the application server generates a request data packet containing the dynamic token information and application information and sends same to an authentication center; the authentication center acquires seed data corresponding to the dynamic token information and the application information and sends same to the application server; the application server converts the seed data into photosensitive data and displays same by means of the interaction interface; and the dynamic token obtains the seed data by acquiring the photosensitive data.
    Type: Grant
    Filed: February 17, 2015
    Date of Patent: April 30, 2019
    Assignees: Feitian Technologies Co., Ltd., Hypersecu Information Systems, Inc.
    Inventors: Zhou Lu, Huazhang Yu, Mingji Li
  • Patent number: 10275273
    Abstract: Certain embodiments described herein are generally directed to normalizing service rules across multiple virtual interfaces (VIFs). For example, certain embodiments described herein relate to a method for managing service rules. The method may include receiving a plurality of service rules for a set of VIFs, wherein each service rule corresponds to at least one network address and grouping the network addresses into non-overlapping groups of network addresses, wherein the grouping is performed over the service rules corresponding to the set of VIFs. In certain embodiments, flow entries may be generated based on the grouping of the network addresses.
    Type: Grant
    Filed: October 28, 2016
    Date of Patent: April 30, 2019
    Assignee: Nicira, Inc.
    Inventor: Soner Sevinc
  • Patent number: 10264104
    Abstract: There is provided a method for authenticating an attempt at establishment of a network connection by allowed code, comprising: providing a dataset having previously observed stack trace templates each representing a stack trace pattern prevailing in stack traces recorded by monitoring stacks of clients executing an allowed code during a connection establishment process for establishing network connections related to the allowed code; receiving a new stack trace recorded during a new connection establishment process for a new network connection by a new client; measuring a similarity between the new stack trace and the plurality of stack trace templates to identify a match to a stack trace template; evaluating the matched stack trace template for a predefined rule requirement; and updating a rule-set database with the matched stack trace template to authenticate new network connection establishments associated with stack templates matching the matched stack trace template.
    Type: Grant
    Filed: April 23, 2018
    Date of Patent: April 16, 2019
    Assignee: enSilo Ltd.
    Inventors: Roy Katmor, Tomer Bitton, Udi Yavo, Ido Kelson
  • Patent number: 10261489
    Abstract: A method includes requesting a controller, which controls one or more field devices in an industrial control network, to report code currently used by the controller for controlling the field devices. The code reported by the controller is compared with a stored baseline version of the code, and a notification is issued upon detecting a discrepancy between the code reported by the controller and the baseline version.
    Type: Grant
    Filed: April 15, 2015
    Date of Patent: April 16, 2019
    Assignee: INDEGY LTD.
    Inventor: Mille Gandelsman
  • Patent number: 10264000
    Abstract: A malicious website access method and apparatus are provided. The method includes: determining whether a website is a malicious website; and acquiring a non-executable preview interface of a web page of the malicious website for a terminal to display, if the website is a malicious website. A user may view, through a non-executable preview interface, information about a website to be accessed by the user. Moreover, because a terminal does not access a malicious website directly, the terminal is not exposed to malicious websites, thereby enhancing security of the terminal.
    Type: Grant
    Filed: August 18, 2015
    Date of Patent: April 16, 2019
    Assignee: Tencent Technology (Shenzhen) Company Limited
    Inventors: Hui Zhang, Yang Li, Fudong Shao
  • Patent number: 10257866
    Abstract: Disclosed is a method and terminal for wireless network access point connection. The method for wireless network access point connection includes: establishing at least one wireless network access point group in a terminal, and setting a common password of the wireless network access point group; and detecting whether a password of each wireless network access point in the wireless network access point group is the common password, and connecting to one wireless network access point with a password which is the common password in the wireless network access point group according to the common password.
    Type: Grant
    Filed: November 20, 2014
    Date of Patent: April 9, 2019
    Assignee: ZTE Corporation
    Inventor: Yong Zhou
  • Patent number: 10257686
    Abstract: Methods and systems for joining a wireless connection advertisement include connecting to a commissioning device via a wireless point-to-point communication in response to receiving an advertisement broadcast to establish an advertisement-based connection. The commissioning device is configured to manage access to a fabric. The methods and systems also include receiving network credentials from the commissioning device via the wireless point-to-point communication, the network credentials being configured to facilitate connection to a wireless network. Furthermore, the method and systems include connecting to the wireless network using the received network credentials.
    Type: Grant
    Filed: June 14, 2016
    Date of Patent: April 9, 2019
    Assignee: Google LLC
    Inventors: Jay D. Logue, Liang-Yun Wang, Andrew William Stebbins
  • Patent number: 10256982
    Abstract: Methods, systems, and devices may be used for assigning names and bootstrapping of security credentials for Smart Objects inside a Digital Home environment. Methods, systems, and devices for identification and security bootstrapping of a smart object within a digital home environment may include automated assignment of a device level ID and security credential for each smart object in the home using a resource directory.
    Type: Grant
    Filed: August 29, 2014
    Date of Patent: April 9, 2019
    Assignee: Convida Wireless, LLC
    Inventors: Shamim Akbar Rahman, Dale N. Seed, Lijun Dong, Chonggang Wang, Quang Ly
  • Patent number: 10242318
    Abstract: According to one embodiment, a method for predicting the trustworthiness of a particular website comprising receiving information about a plurality of websites and constructing a hierarchy of groups from the received information, the hierarchy of groups comprising one or more tiers and each tier comprising one or more groups. The method further comprising receiving information about a particular website and predicting the trustworthiness of the particular website based on the hierarchy.
    Type: Grant
    Filed: September 1, 2016
    Date of Patent: March 26, 2019
    Assignee: SYMANTEC CORPORATION
    Inventors: Jonathan J. Dinerstein, Daniel Hardman, Christian E. Larsen
  • Patent number: 10244458
    Abstract: A method, computer system, and/or computer program product controls access to a wireless local area network (WLAN) access point in a retail establishment. A predetermined retail activity threshold is established for a retail establishment, where the retail establishment has a patron service area with a WLAN access point, and where a determination has been made that exceeding the predetermined retail activity threshold without increasing patron traffic out of the retail establishment will cause an excessive wait time for occupying the patron service area. In response to determining that the predetermined retail activity threshold is being exceeded, a secondary criterion is examined in order to determine if the mobile device should be disconnected from the WLAN access point, in order to motivate a user of the mobile device to leave the patron service area. If so, then the mobile device is disconnected from the WLAN access point.
    Type: Grant
    Filed: August 23, 2013
    Date of Patent: March 26, 2019
    Assignee: Lenovo Enterprise Solutions (Singapore) Pte. Ltd.
    Inventors: Keith M. Campbell, William M. Megarity, Luke D. Remis, Gregory D. Sellman
  • Patent number: 10237683
    Abstract: The present disclosure relates to a method performed in a network server system of a service provider providing a service comprising media streaming. The method comprises receiving a detection message from a mobile radio device running the service for a user registered with the service provider, said message comprising an indication that said radio device has detected that it is within a predefined geographical area. The method also comprises determining that the predefined geographical area is registered with the service provider and associated with one or more actions. The method also comprises electing an action of the one or more actions. The method also comprises sending an instructions message to the radio device, said message comprising instructions to modify the service such that the radio device performs the elected action.
    Type: Grant
    Filed: July 10, 2017
    Date of Patent: March 19, 2019
    Assignee: SPOTIFY AB
    Inventors: Nikolaos Toumpelis, Lingyu Wang, Michael Becker, Shannon Cusick, Nicholas Konstantinidis
  • Patent number: 10237281
    Abstract: A method for execution in a dispersed storage network operates to determine one or more slice names of one or more slices and determine whether to establish a new access policy corresponding to the one or more slices. When the new access policy is to be established, the method determines a timestamp; determines a new access policy; and sends the new access policy and the timestamp to one or more storage units that store the one or more slices.
    Type: Grant
    Filed: July 28, 2016
    Date of Patent: March 19, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Gary W. Grube, Jason K. Resch
  • Patent number: 10225255
    Abstract: Computer systems and methods in various embodiments are configured for improving the security and efficiency of server computers interacting through an intermediary computer with client computers that may be executing malicious and/or autonomous headless browsers or “bots”.
    Type: Grant
    Filed: August 26, 2016
    Date of Patent: March 5, 2019
    Assignee: SHAPE SECURITY, INC.
    Inventors: Ganesh Jampani, Susanto Irwan
  • Patent number: 10225286
    Abstract: Threat detection instrumentation is simplified by providing and updating labels for computing objects in a context-sensitive manner. This may include simple labeling schemes to distinguish between objects, e.g., trusted/untrusted processes or corporate/private data. This may also include more granular labeling schemes such as a three-tiered scheme that identifies a category (e.g., financial, e-mail, game), static threat detection attributes (e.g., signatures, hashes, API calls), and explicit identification (e.g., what a file or process calls itself). By tracking such data for various computing objects and correlating these labels to malware occurrences, rules can be written for distribution to endpoints to facilitate threat detection based on, e.g., interactions of labeled objects, changes to object labels, and so forth.
    Type: Grant
    Filed: May 2, 2018
    Date of Patent: March 5, 2019
    Assignee: Sophos Limited
    Inventors: Kenneth D. Ray, Simon Neil Reed, Mark D. Harris, Neil Robert Tyndale Watkiss, Andrew J. Thomas, Robert W. Cook, Dmitri Samosseiko
  • Patent number: 10225789
    Abstract: In one embodiment, a supervisory device in a network receives from a plurality of access points (APs) in the network data regarding a network availability request broadcast by a node seeking to access the network and received by the APs in the plurality. The supervisory device uniquely associates the node with a virtual access point (VAP) for the node and forms a VAP mapping between the VAP for the node and a set of the APs in the plurality selected based on the received data regarding the network availability request. One of the APs in the mapping is designated as a primary access point for the node. The supervisory device instructs the primary AP to send a network availability response to the node that includes information for the VAP. The node uses the information for the VAP to access the network via the set of APs in the VAP mapping.
    Type: Grant
    Filed: April 19, 2017
    Date of Patent: March 5, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Pascal Thubert, Jean-Philippe Vasseur, Patrick Wetterwald, Eric Levy-Abegnoli
  • Patent number: 10216463
    Abstract: A point card management system includes a multifunction peripheral that processes an image and a server that is connectable to the multifunction peripheral via a network. The multifunction peripheral includes a read request receiving unit, an image read control unit, and a description information acquisition unit. The description information acquisition unit acquires description information of the point card from the image of the point card read by the image reading unit. The server includes a server hard disk and an extraction unit. The extraction unit extracts the accumulation information of the point card from pieces of information of the point card, which have been stored in the server hard disk, based on the description information of the point card, which has been received.
    Type: Grant
    Filed: May 31, 2017
    Date of Patent: February 26, 2019
    Assignee: KYOCERA DOCUMENT SOLUTIONS INC.
    Inventor: Tadaaki Akimoto
  • Patent number: 10216925
    Abstract: The present invention discloses a virus protection method and device. The virus protection method comprises: when an Android operating system needs to install an application, transmitting identification information of the application that needs to be installed from a framework layer to an application layer; at the application layer, activating a virus scanner application on the basis of the identification information of the application to allow the virus scanner application to run a virus scan on the application; acquiring a scan result of the virus scan, issuing a notification to the framework layer of whether or not to execute an installation operation for the application on the basis of the scan result; and at the framework layer, either executing the installation operation for the application or rejecting to execute the installation operation for the application on the basis of the notification.
    Type: Grant
    Filed: August 26, 2014
    Date of Patent: February 26, 2019
    Assignee: BEIJING QIHOO TECHNOLOGY COMPANY LIMITED
    Inventors: Zhong Hu, Xin Wang
  • Patent number: 10218756
    Abstract: A content delivery server may provide content to a requesting client device using a streamlined HTTP enhancement proxy delivery technique. For example, an HTTP proxy server may receive a request for video content or a fragment of video content from a client device. The request may be associated with a timeout scheduled to occur if no content has been received after a specified amount of time. The server may then transmit a request for the content to a remote server, such as an upstream cache server in the proxy server's CDN. When the proxy server receives a portion of the requested content from the remote server, the proxy server begins transmitting the portion to the client device before the requested content has been completely received and buffered. The client device may then begin receiving data from the proxy server before timeout has occurred.
    Type: Grant
    Filed: January 6, 2012
    Date of Patent: February 26, 2019
    Assignee: Comcast Cable Communications, LLC
    Inventor: Joseph Yongxiang Chen
  • Patent number: 10212310
    Abstract: An information processing apparatus includes an input portion for a user to enter information, the input portion including a first input portion, and a second input portion with which information being entered is hard to be seen by a person around the user as compared with the first input portion. The information processing apparatus also includes a determination portion configured to determine whether or not entry target information to be entered by the user is sensitive. The information processing apparatus further includes a call portion configured to, prior to entry of the entry target information, call the first input portion when the determination portion determines that the entry target information is not sensitive, and call the second input portion when the determination portion determines that the entry target information is sensitive.
    Type: Grant
    Filed: January 7, 2016
    Date of Patent: February 19, 2019
    Assignee: Konica Minolta, Inc.
    Inventors: Kazuaki Kanai, Masayuki Ito, Kazuhiro Tomiyasu, Hiroki Ueda, Yukina Hisada
  • Patent number: 10212174
    Abstract: A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.
    Type: Grant
    Filed: October 30, 2015
    Date of Patent: February 19, 2019
    Assignee: Splunk Inc.
    Inventors: Sudhakar Muddu, Christos Tryfonas
  • Patent number: 10211977
    Abstract: A security module securely manages keys. The security module is usable to implement a cryptography service that includes a request processing component. The request processing component responds to requests by causing the security module to perform cryptographic operations that the request processing component cannot perform due to a lack of access to appropriate keys. The security module may be a member of a group of security modules that securely manage keys. Techniques for passing secret information from one security module to the other prevent unauthorized access to secret information.
    Type: Grant
    Filed: February 12, 2013
    Date of Patent: February 19, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Gregory Branchek Roth, Matthew James Wren, Eric Jason Brandwine, Brian Irl Pratt
  • Patent number: 10206155
    Abstract: The present description discloses a method for performing network selection and traffic routing by a mobility management entity (MME).
    Type: Grant
    Filed: March 4, 2016
    Date of Patent: February 12, 2019
    Assignee: LG ELECTRONICS INC.
    Inventors: Hyunsook Kim, Laeyoung Kim, Jinsook Ryu, Jaehyun Kim, Taehun Kim, Myungjune Youn
  • Patent number: 10172069
    Abstract: A request to pair a first device with a second device is received. An indication is sent from the second device to the first device. The indication confirms that the second device is paired with the first device. One or more actions are received from the first device. The one or more actions may be taken on the second device.
    Type: Grant
    Filed: May 7, 2018
    Date of Patent: January 1, 2019
    Assignee: International Business Machines Corporation
    Inventors: Tara Astigarraga, Itzhack Goldberg, Jose R. Mosqueda Mejia, Neil Sondhi
  • Patent number: 10169066
    Abstract: A system on chip (SoC) having an integrated circuit (IC) integrating into a single chip advance driver assistance systems (ADAS) processing unit(s), application processing unit(s), at least one memory storing ADAS code comprising ADAS computer instructions adapted to be executed on the ADAS processing unit(s) for processing vehicle sensor data and VM code for executing VM(s) on the application processing unit(s) and a hypervisor which manages an execution of at least one operation system of the VM(s) and an access to a processor shared memory of the ADAS processing unit(s) for acquiring an outcome of executing the ADAS computer instructions for the completion of an ADAS enhancing function by the execution of the VM(s) on the application processing unit(s).
    Type: Grant
    Filed: August 4, 2016
    Date of Patent: January 1, 2019
    Assignee: iOnRoad Technologies Ltd.
    Inventors: Dan Atsmon, Ohad Akiva, Yair Hougui
  • Patent number: 10162968
    Abstract: A method of updating a registered device using a development system and a release management system. The method includes: building an update package; signing the update package using a provider signing key, wherein a first digital signature is included in the update package; encrypting the signed update package using a publisher public key; requesting, by an update client on the device, an update package; preparing, by the update service, a set of signed update packages for the device; reencrypting and resigning, by the update service, the signed update package by decrypting the initial encryption using a publisher private key of the update publisher, signing the update package using a signing key of the update publisher, and finally encrypting the update package using a device public key from the device certificate, for final encryption of the update package; and decrypting the encrypted update package using a device private key.
    Type: Grant
    Filed: February 19, 2018
    Date of Patent: December 25, 2018
    Assignee: MOCANA CORPORATION
    Inventors: Srinivas Kumar, Atul Gupta, Ruslan Ulanov, Shreya Uchil
  • Patent number: 10164979
    Abstract: As may be implemented in accordance with one or more embodiments, specific electronic magazines are generated based on user interests as follows. Respective sets of media content data, associated with disparate electronic magazines provided by disparate publishers, are accessed and formatted into a common computer data format type. The formatted sets of media content data are broken into subsets and stored. Remote access to the respective subsets of media content data is provided to a user at a remote interface circuit based on authorization data specifying disparate electronic magazines that the user is authorized to access. This user access is tracked and a specific electronic magazine is generated for the user by combining disparate ones of the subsets of media content data based on both the tracked access and the user's authorization data.
    Type: Grant
    Filed: February 18, 2016
    Date of Patent: December 25, 2018
    Assignee: Apple Inc.
    Inventors: Keith Barraclough, David Irvine, John Logan
  • Patent number: 10162577
    Abstract: An image processing apparatus includes plural communication interfaces, a request receiving unit, and a restricting unit. The request receiving unit receives, by using a communication interface, a request for system information including management information concerning the image processing apparatus from a communication device. The restricting unit restricts at least part of the system information to be sent to the communication device if an IP address assigned to the communication interface used for receiving the request is a global IP address.
    Type: Grant
    Filed: July 17, 2017
    Date of Patent: December 25, 2018
    Assignee: FUJI XEROX CO., LTD.
    Inventor: Kazutaka Saito
  • Patent number: 10158785
    Abstract: An information processing apparatus includes an input portion for a user to enter information, the input portion including a first input portion, and a second input portion with which information being entered is hard to be seen by a person around the user as compared with the first input portion. The information processing apparatus also includes a determination portion configured to determine whether or not entry target information to be entered by the user is sensitive. The information processing apparatus further includes a call portion configured to, prior to entry of the entry target information, call the first input portion when the determination portion determines that the entry target information is not sensitive, and call the second input portion when the determination portion determines that the entry target information is sensitive.
    Type: Grant
    Filed: January 7, 2016
    Date of Patent: December 18, 2018
    Assignee: Konica Minolta, Inc.
    Inventors: Kazuaki Kanai, Masayuki Ito, Kazuhiro Tomiyasu, Hiroki Ueda, Yukina Hisada
  • Patent number: 10157281
    Abstract: A method of checking the authenticity of the content of a non-volatile memory of an electronic device including a microcontroller and an embedded secure element includes starting the microcontroller with instructions stored in a first non-reprogrammable memory area associated with the microcontroller, starting the secure element, executing, with the secure element, a signature verification on the content of a second reprogrammable non-volatile memory area associated with the microcontroller, and if the signature is verified, using the secure element to send the first key to the microcontroller.
    Type: Grant
    Filed: April 26, 2016
    Date of Patent: December 18, 2018
    Assignee: Proton World International N.V.
    Inventors: Olivier Van Nieuwenhuyze, Christophe Henri Ricard
  • Patent number: 10154007
    Abstract: A cloud access control server and method provides a cloud service access control database to implement cloud services access control policy. The cloud service access control database stores thereon cloud service identifiers associated with cloud service providers having high risk scores. In some embodiments, the cloud service identifiers form a block list of cloud services which is provided to network device of the enterprise data network to implement cloud service access control. In other embodiments, a cloud access control server and method implements cloud services access control policy for an enterprise. The cloud access control server and method receives network traffic data from the installed firewall or proxy at the enterprise and process the network traffic data with respect to cloud service access. The cloud access control server provides instructions to the firewall or proxy to allow or deny the network access at the enterprise.
    Type: Grant
    Filed: May 6, 2015
    Date of Patent: December 11, 2018
    Assignee: Skyhigh Networks, LLC
    Inventors: Surendrakumar Viswanathan, Kaushik Narayan, Rama Taraniganty
  • Patent number: 10146956
    Abstract: An approach is provided for providing real-time controlled location privacy as the location evolves, and providing a user with alternate routes and applications depending on the level of desired location privacy. A location privacy platform determines at least one location associated with at least one device. The location privacy platform also processes and/or facilitates a processing of contextual information associated with the at least one location, the at least one device, one or more applications associated with the at least one device, or a combination thereof to determine one or more privacy metrics for the one or more applications with respect to the at least one location; wherein the one or more privacy metrics relate, at least in part, to an exposure of user data by the one or more applications at the at least one location.
    Type: Grant
    Filed: May 7, 2012
    Date of Patent: December 4, 2018
    Assignee: Nokia Technologies Oy
    Inventors: Sergey Boldyrev, Ian Justin Oliver, Jari-Jukka Harald Kaaja, Mikko Aleksi Uusitalo, Debmalya Biswas, Juha Kalevi Laurila
  • Patent number: 10146947
    Abstract: Embodiments disclosed herein provide systems and methods for digital meeting management within a blockchain. Before a meeting, a computer may generate a digital meeting record containing a plurality of data fields and linked to various smart contracts to capture meeting activities. During the meeting, a first smart contract may authenticate and record attendees in the digital meeting record based on biometric information received from the attendees' devices. Furthermore, a second smart contract may capture in the digital meeting record, meeting actions of each attendee, including date, time, and location associated with the meeting actions. After the meeting, a third smart contract may autopopulate post meeting documentation. After review by the attendees, the third smart contract may store a hash of the documentation to the digital meeting record and store the documentation in a repository. Once appended to the blockchain, the digital meeting record becomes an immutable record of the meeting.
    Type: Grant
    Filed: May 17, 2018
    Date of Patent: December 4, 2018
    Assignee: Northern Trust Corporation
    Inventors: Justin Chapman, Andrew Czupek, Andrew Monks, Anthony Stevens, Arijit Das, Wayne Hannaway, Zabrina Smith
  • Patent number: 10148759
    Abstract: Systems and methods are provided to authenticating an electronic device with a wireless network using a presence-based authentication process. As part of the presence-based authentication process, an authentication entity may receive a registration message from an electronic device. The authentication entity may respond to the registration message by transmitting an authentication challenge associated with providing access to the wireless network and/or network feature thereof. If the electronic device provides a successful response to the authentication challenge, then the authentication entity may authenticate the electronic device to utilize the wireless network and/or network feature thereof.
    Type: Grant
    Filed: April 4, 2016
    Date of Patent: December 4, 2018
    Assignee: GOGO LLC
    Inventor: Bryan Adrian Lauer
  • Patent number: 10148667
    Abstract: Automated classification of applications (“apps”) for mobile devices is provided. In some embodiments, automated classification of apps for mobile devices includes receiving an application (“app”); performing an analysis of the app using a classification engine; and determining an app category for the app based on the analysis performed using the classification engine.
    Type: Grant
    Filed: March 27, 2017
    Date of Patent: December 4, 2018
    Assignee: Appthority, Inc.
    Inventors: Sasan Padidar, Steve Hanna, Kevin Watkins
  • Patent number: 10142397
    Abstract: A method and associated system. A server computer selects a re-ordering scheme from one or more re-ordering schemes, for re-ordering chunks of an original file. The server computer divides the file into the chunks. After the file is divided into the chunks, the server computer re-orders the chunks according to the selected re-ordering scheme to form an obfuscated file that includes the re-ordered chunks. The server computer sends, to a client computer, the obfuscated file along with a scheme access reference that enables the client computer to access the selected re-ordering scheme.
    Type: Grant
    Filed: April 5, 2016
    Date of Patent: November 27, 2018
    Assignee: International Business Machines Corporation
    Inventors: Andrew S. Feltham, Graham White
  • Patent number: 10142421
    Abstract: A device management system facilitates an automatic pairing of an electronic device with a management account. The device management system receives a public network address associated with a computer device on a private network accessing the management account. The system retrieves the metadata including a public network address associated with a registration of the electronic device with the device management system. The public network address registered with the metadata is provided by a router on the private network and therefore should match the public network address used by computer devices on the private network. The management account is paired with the electronic device if the electronic device has the same public network address as the computer device accessing the management account. Pairing the management account to the electronic device allows the management account to communicate with the electronic device over the public network through the device management system.
    Type: Grant
    Filed: December 30, 2015
    Date of Patent: November 27, 2018
    Assignee: Google LLC
    Inventors: Lee Mighdoll, Anthony Michael Fadell, Oliver W. Steele
  • Patent number: 10127782
    Abstract: Methods and systems, including computer programs encoded on computer storage media, for providing an indication of a direction a person passes through a door in a property, the method including receiving, at a sensing device and from a control panel of an alarm system in a property, instructions to provide an indication of a direction a person passes through a door in the property; obtaining motion data using a motion sensor that is included in the sensing device; detecting the opening of the door using a magnetometer included in the sensing device; based on the obtained motion data and detected opening of the door, determining a direction a person passed through the door; and providing, to the control panel, an indication of the direction the person passed through the door.
    Type: Grant
    Filed: September 11, 2017
    Date of Patent: November 13, 2018
    Assignee: Alarm.com Incorporated
    Inventors: Adam T. Barth, Mark Andrew Hanson
  • Patent number: 10129744
    Abstract: Disclosed is a mobile terminal for transmitting WIFI hotspot key or certificate by using NFC, the mobile terminal including a transmission control module, a NFC module, a WIFI module and a SIM card module. The transmission control module, which connects to the NFC module, the WIFI module and the SIM card module, controls the work of the NFC module and the WIFI module. The NFC module, which connects to the transmission control module and the WIFI module respectively, obtains the WIFI hotspot key or certificate. The WIFI Module, which connects to the transmission control module and the NFC module respectively, completes WIFI network connection. The SIM card module, which connects to the transmission control module, saves user information of the mobile terminal. The mobile terminal in present invention that transmits the key or certificate by using NFC ensures certainty and security of client, thus greatly simplifies the actions of user.
    Type: Grant
    Filed: November 2, 2012
    Date of Patent: November 13, 2018
    Assignee: BORQS WIRELESS LTD.
    Inventors: Mingsong Hong, Kaibing Chen
  • Patent number: 10127740
    Abstract: There are provided an inspection apparatus, an inspection system, and an inspection method capable of inspecting operation of a control device, accurately, during use. An inspection apparatus configured to inspect operation of an ECU coupled to automotive networks, includes an inspection performance control unit configured to transmit two pieces of data including operation-inspection data and security-check data used for inspecting the operation of the ECU, to the ECU, and configured to receive data output from the ECU. The operation-inspection data is data previously generated based on design information of the ECU. The security-check data is data including part or entirety of the operation-inspection data replaced with random data.
    Type: Grant
    Filed: March 26, 2015
    Date of Patent: November 13, 2018
    Assignee: Hitachi Automotive Systems, Ltd.
    Inventors: Nobuyoshi Morita, Makoto Kayashima, Keisuke Hakuta, Toru Owada
  • Patent number: 10129818
    Abstract: Methods and systems of provisioning an access point (AP). Certain example embodiments include using a gateway in communication with a network and a data storage and receiving user login information from a mobile device, retrieving user permission information from the data storage based on the user login information, sending authorization to the mobile device based on the permission information, sending a prioritized list of at least one AP to receive service to the mobile device, receiving at least one of a selection of a target AP on the list, and label information of a target AP, and sending information regarding the target AP for display on the mobile device.
    Type: Grant
    Filed: May 12, 2016
    Date of Patent: November 13, 2018
    Assignee: ARRIS Enterprises LLC
    Inventors: Alf Orion Watt, William S. Kish, Amit Jawahar Rele
  • Patent number: 10121114
    Abstract: A system is provided that reports audit data. The system defines audit metadata that defines a business object of an application module and an attribute of the business object as being auditable. The system further defines business object metadata that defines a hierarchical relationship between the business object and a child business object. The system further generates audit data for the attribute of the business object based on the audit metadata, where the audit data includes a history of modifications to the attribute of the business object. The system further displays the audit data within a user interface. The system further displays the business object and the hierarchical relationship between the business object and the child business object within the user interface based on the business object metadata.
    Type: Grant
    Filed: March 7, 2014
    Date of Patent: November 6, 2018
    Assignee: Oracle International Corporation
    Inventors: Deena Philip, George Kellner, Mohan Arthur, Paul Johl
  • Patent number: 10122704
    Abstract: When a portable terminal of a user receives an authentication prompt message pushed by an application server, an authentication prompt option corresponding to the authentication prompt message is output at the portable terminal. A portal authentication is initiated after the authentication prompt option is selected by the user. MAC address information of the portable terminal returned by a portal server is acquired after the portal authentication is initiated. A user name and password for the application client terminal to log into the application server terminal is used as a user name and password for portal authentication. The MAC address information of the portable terminal returned by the portal server is sent to the application server. The present disclosure facilitates the operation of using the portal authentication, prevents the user from forgetting to perform the portal authentication, and brings convenience to those who are not familiar with the portal authentication mechanism.
    Type: Grant
    Filed: April 14, 2015
    Date of Patent: November 6, 2018
    Assignee: Alibaba Group Holding Limited
    Inventor: Chao Xiu
  • Patent number: 10121023
    Abstract: Embodiments of the invention provide systems and methods for controlling presentation of sensitive information in a user interface of an application. More specifically, embodiments of the present invention provide for masking the sensitive information when being entered by the user. However, if the user wants to verify the entry or display the sensitive information in readable text, the information can be displayed or unmasked upon request. For example, in response to the user clicking a button or other control of the user interface associated with the sensitive information or by another mouse or keyboard event, the requested sensitive information can be unmasked and displayed in the clear, for example as a tool tip or in the originally presented element of the user interface. The user can then close the tooltip or mask the information, e.g., after verification of what he/she typed.
    Type: Grant
    Filed: December 18, 2012
    Date of Patent: November 6, 2018
    Assignee: Oracle International Corporation
    Inventor: Nagasravani Akula
  • Patent number: RE47119
    Abstract: A switcher device comprises a multiplexer coupled in-between at least one input and output cards. The multiplexer detects the presence of an event signal from an activated sink. In response to the detection of the event signal, the switch dynamically switches to a closed position in order to enable the at least one source to authenticate with the input card and the output card to authenticate with the at least one sink for security protocol encryption. In response to the non-detection of the event signal, the switch switches dynamically to an open position in order to disable the at least one source from authenticating with the input card, therefore the output card also does not attempt to authenticate with the at least one sink for security protocol encryption.
    Type: Grant
    Filed: November 8, 2016
    Date of Patent: November 6, 2018
    Assignee: CRESTRON ELECTRONICS INC.
    Inventors: Adolfo Velasco, Daniel Jackson, Yun Mao, Dario Pagano
  • Patent number: RE47253
    Abstract: Illegitimate use of IP addresses is counteracted. A network (1) includes a switch (5) with ports (P1,P2,P3) to subscribers (6,6A) and a port (PN) to a core network (2) with DHCP servers (4, 4a,4b). The switch includes a database (MAC1, MAC2), port numbers (P1, P2) and VLAN identities (VLAN1, VLAN2) for the subscribers (6, 6A) and the filter has a list over trusted DHCP servers. Initially only DHCP messages from the subscribers are allowed. When the subscriber (6) requests (M1, M3) for an IP address it is checked that it is a DHCP message with valid subscriber values (MAC1, P1, VLAN1). A respond (M2, M4) with an allocated IP address (IP1) and lease time interval (T1) is checked to come from a trusted DHCP server. If so, a list in the filter (9) with correct information is dynamically generated (MAC1, P1, VLAN1, IP1, T1). A message (M5) from the subscriber (6) with false IP address is discarded by the filter. Attempts by the subscriber to use false IP address are counted and a warning signal is generated.
    Type: Grant
    Filed: January 30, 2015
    Date of Patent: February 19, 2019
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Peter Anders Nesz, Thomas Johansson, Michael Valentin Juhl