By Authorizing Data Patents (Class 726/30)
  • Patent number: 10657019
    Abstract: According to some embodiment, a microservice architecture is instantiated in accordance with a predefined framework to perform monitoring services of a first system and a second system. The microservice architecture includes one or more microservices. The microservice architecture is segmented into groups of microservices. Each group of microservices is represented by a subset of the predefined framework. A first group of microservices is deployed to the first system. A second group of microservices is deployed to the second system.
    Type: Grant
    Filed: May 30, 2017
    Date of Patent: May 19, 2020
    Assignee: EMC IP HOLDING COMPANY LLC
    Inventors: Shelesh Chopra, Gururaj Kulkarni, Harish Jayaram, Ramkumar Seetharaman
  • Patent number: 10652603
    Abstract: In one embodiment, a method includes identifying a plurality of segments of media content, each of the plurality of segments including a plurality of media frames, generating segment metadata for each of the plurality of segments, the segment metadata including a segment identifier, transmitting a broadcast stream including the plurality of segments and the segment metadata for each of the plurality of segments, and making the plurality of segments available for retrieval via a unicast stream using the segment identifiers.
    Type: Grant
    Filed: July 9, 2015
    Date of Patent: May 12, 2020
    Assignee: TRITON US VP ACQUISION CO.
    Inventors: Keith Millar, Robert Edward May
  • Patent number: 10614241
    Abstract: Managing data in a file system with a verification engine that may obtain a user identifier associated with a user, an object identifier, and a target object. The verification engine may determine target identities associated with two or more file system protocols based on the user identifier. The verification engine may determine permission entries associated with the two or more file system protocols associated and the target object. The verification engine may employ the target identities and the permission entries to directly verify access rights to the target object for the user. Accordingly, the verification engine may provide a report that includes the target identities, the permission entries, or the access rights.
    Type: Grant
    Filed: December 27, 2018
    Date of Patent: April 7, 2020
    Assignee: Qumulo, Inc.
    Inventors: Michael Patrick Kirby, Iain Michael Christopher Peet, Anthony Moon-Git Low, Aleksei Martynov, Jason Allan Sturgeon
  • Patent number: 10608882
    Abstract: A method of managing an active-passive topology in a distributed computing environment comprising a plurality of systems each having a token manager connected to a common resource accessible by all of the systems comprising a token pool of tokens. The token manager locks the token pool and checks the token pool for an available token. When a token is available, the token manager leases the available token and unlocks the token pool. The token manager designates the system as an active system and alters an owner of the token to the active system. The token manager of the active system updates a leasing time of the token leased during use of the token by the active system and in response to an active system deactivation or stoppage, the token manager locks the token pool to return the token to the token pool and unlocking the token pool.
    Type: Grant
    Filed: February 16, 2017
    Date of Patent: March 31, 2020
    Assignee: International Business Machines Corporation
    Inventors: Paul Chen, Philip Kurowski, Alex Luo
  • Patent number: 10599840
    Abstract: A processor is configured to identify a first impersonating message, transmitted over a Controller Area Network (CAN) bus by an attacking node connected to the bus, that appears to originate from a source other than the attacking node, to transmit via a transceiver, in response to identifying the first impersonating message, a stream of messages over the bus, until a defense message belonging to the stream collides with, and trumps, a second impersonating message from the attacking node, and to drive the attacking node, subsequently, into an error-passive state in which an ability of the attacking node to communicate over the bus is limited relative to before entering the error-passive state, by repeatedly retransmitting the defense message over the bus in sync with retransmissions of the second impersonating message by the attacking node, such that the defense message collides with, and trumps, multiple subsequent instances of the second impersonating message.
    Type: Grant
    Filed: July 20, 2017
    Date of Patent: March 24, 2020
    Assignee: RAMOT AT TEL AVIV UNIVERSITY LTD.
    Inventors: Tsvika Dagan, Avishai Wool
  • Patent number: 10587610
    Abstract: A method for authorization management in an arrangement having multiple computer systems is disclosed.
    Type: Grant
    Filed: January 29, 2016
    Date of Patent: March 10, 2020
    Assignee: CISC SEMICONDUCTOR GMBH
    Inventors: Markus Pistauer, Manfred Jantscher, Stephan Gether
  • Patent number: 10587581
    Abstract: A method, and associated system, for security processing of a request for a resource in a network security system. The request for the resource and a duplicate of request for the resource are forwarded to a first proxy server and a second proxy server, respectively. A first output including the received request, and a second output including the duplicate of the received request, are received from first proxy server and the second proxy server, respectively. A determination is made of whether the first output and the second output differ; if not the received request or the duplicate of the received request is transmitted to a web server for satisfying the request; if so a first alarm is generated and transmission to the web server of the received request and the duplicate of the received request is blocked.
    Type: Grant
    Filed: July 30, 2018
    Date of Patent: March 10, 2020
    Assignee: International Business Machines Corporation
    Inventor: Ian Robertson
  • Patent number: 10567529
    Abstract: Methods and apparatuses are disclosed herein for unified tracking data management. An example method is performed at a device with a display and one or more input devices, the method including: displaying a user interface with two or more sets of tracking-data configuration options associated with a plurality of websites, the sets including: a first tracking-data configuration option that, when selected, causes the device to block all of the plurality of websites from storing tracking data; and a second tracking-data configuration option that, when selected, causes the computing device to limit receipt by all of the plurality of websites of information associated with device. While displaying the user interface, the method includes: receiving a selection of the first tracking-data configuration option; and, in response, causing the computing device to block all of the plurality of websites from storing tracking data of at least the first type on the computing device.
    Type: Grant
    Filed: November 19, 2018
    Date of Patent: February 18, 2020
    Assignee: APPLE INC.
    Inventors: Steven Jon Falkenburg, Darin Benjamin Adler, Jessie Leah Berlin, Jing Jin, Kevin W. Decker, Maciej Stachowiak
  • Patent number: 10558824
    Abstract: Methods, systems, and techniques for application isolation by remote-enabling applications are provided. Example embodiments provide an Adaptive Rendering Application Isolation System (“ARAIS”), which transparently and dynamically enables applications to run in an isolated execution environment yet be rendered locally in a manner that minimizes the amount of data to be transferred and the latency caused by expensive computation and/or by overburdening available bandwidth by remoting rendering using draw commands over rendering using pixel pushing or other techniques. In one embodiment, the ARAIS includes an orchestrator server which comprises remoting level determination logic and rules engine, pre-computed graphics libraries, connection support logic, data repositories for objects such as a render cache, whitelists, blacklists, client privileges, and application information, and one or more secure containers running remote application instances.
    Type: Grant
    Filed: July 3, 2019
    Date of Patent: February 11, 2020
    Assignee: S2 Systems Corporation
    Inventors: Darren Remington, Trevor Sundberg, Killian Koenig, Benjamin Buzbee, Michael Conrad, David Harnett
  • Patent number: 10552639
    Abstract: Methods, systems, and techniques for application isolation by remote-enabling applications are provided. Example embodiments provide an Adaptive Rendering Application Isolation System (“ARAIS”), which transparently and dynamically enables applications to run in an isolated execution environment yet be rendered locally via a local isolator application having one or more cohesive application-isolation interfaces in a manner that facilitates providing the ARAIS indications of user actions that are otherwise lost and executing functions that are otherwise unavailable during fully secure isolation sessions absent one or more cohesive application-isolation interfaces.
    Type: Grant
    Filed: July 11, 2019
    Date of Patent: February 4, 2020
    Assignee: S2 Systems Corporation
    Inventors: Benjamin Buzbee, Killian Koenig, Trevor Sundberg, Michael Conrad, Darren Remington, David Harnett
  • Patent number: 10552244
    Abstract: Methods, systems and computer program products automatically back-up data. Communication is established among a first device, a second device, and a network-based storage device. Key words associated with uniform resource locators are identified and stored in the network-based storage device. When corruption is detected of the data stored in the first device, the key words are automatically retrieved from the network-based storage device and listed in a user interface displayed at the second device.
    Type: Grant
    Filed: March 9, 2016
    Date of Patent: February 4, 2020
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventors: Michael Denny, Hong Nguyen
  • Patent number: 10554690
    Abstract: An approach is provided in which an information handling system creates a container that includes security information. The information handling system deploys the container to a container group and, in turn, performs a security-related action based on the security information.
    Type: Grant
    Filed: November 10, 2016
    Date of Patent: February 4, 2020
    Assignee: International Business Machines Corporation
    Inventors: Lisa Seacat DeLuca, Nitin Gaur, Dana L. Price, Aaron J. Quirk
  • Patent number: 10545755
    Abstract: A system, method, and non-transitory computer-readable storage medium for identifying customization changes have been disclosed. The system comprises a processor and a memory that includes instructions executable by the processor to cause the system to identify a baseline script of a plurality of baseline scripts from a baseline instance that corresponds to a custom script of a plurality of custom scripts from a customized instance. The customized instance is a customized version of the baseline instance. The instructions are executable to cause the system to compare the baseline script to the custom script to identify one or more changes between the baseline script and the custom script, to determine an amount of change using the one or more identified changes, and to generate a graphical user interface that includes an identifier of the baseline script, an identifier of the custom script, and a graphical indication of the amount of change.
    Type: Grant
    Filed: September 7, 2017
    Date of Patent: January 28, 2020
    Assignee: ServiceNow, Inc.
    Inventors: Ivan Garay, Royce Davis, Clint Sowada
  • Patent number: 10540500
    Abstract: A method of securely booting a computer system includes executing program code of at least one boot loader to load a kernel; verifying, during loading of the kernel, the program code of the boot loader after at least a part of the program code of the boot loader has been executed; and interrupting the booting if a result of the verifying of the program code of the boot loader indicates a manipulation of the program code of the boot loader.
    Type: Grant
    Filed: March 18, 2016
    Date of Patent: January 21, 2020
    Assignee: Fujitsu Client Computing Limited
    Inventors: Diana Filimon, Jürgen Atzkern, Thilo Cestonaro, Timo Bruderek
  • Patent number: 10528282
    Abstract: A method for execution by a storage unit of a dispersed storage network includes receiving a slice access request that includes a slice name. A first function is performed on the slice name to produce a bucket file identifier. A second function is performed on the slice name to produce a bucket identifier. A bucket file of a plurality of bucket files is accessed, where the bucket file is identified by utilizing the bucket file identifier. A bucket of a plurality of buckets within the bucket file is accessed, where the bucket is identified by utilizing the bucket identifier. It is determined to modify a number of buckets in the bucket file based on bucket utilization. An attribute of the second function is modified in response, where the attribute is associated with the number of buckets in the bucket file.
    Type: Grant
    Filed: December 14, 2017
    Date of Patent: January 7, 2020
    Assignee: PURE STORAGE, INC.
    Inventors: Joseph M. Kaczmarek, Ethan S. Wozniak, Ilya Volvovski
  • Patent number: 10521604
    Abstract: Systems, techniques, and apparatuses facilitate selecting, defining, controlling, verifying, and auditing privacy-impacting behaviors of devices in alignment with the privacy behavior expectations of individuals and other entities. Techniques and systems, including apparatuses, are presented to facilitate controlling and verifying the privacy behaviors of privacy-impacting devices. Privacy enunciator apparatuses announce the presence of entities in a devices range of action or influence. Techniques and systems for defining and sharing individualized privacy behavior preferences are shown. Techniques and systems are disclosed for privacy preference resolution protocols that allow for the automated or interactive resolution of conflicts that arise between individuals in multi-actor environments or ambiguous contexts. Accountability and audit mechanisms verify the control state of devices with respect to their privacy behavior preference inputs.
    Type: Grant
    Filed: March 19, 2018
    Date of Patent: December 31, 2019
    Assignee: Labyrinth Research LLC
    Inventor: Kevin L. Miller
  • Patent number: 10511578
    Abstract: Technologies for secure content display include a computing device having a display controller and a display. The display includes a self-refresh frame buffer. The computing device establishes a secure, attested communication session between the display controller and the display device. Attestation may be performed using an enhanced privacy identifier key provisioned to the display controller and/or the display by the corresponding manufacturer. The display controller may transmit protected content from a protected audio/video path to the display over the secure communication session. The display controller may transmit a command to the display to disable read back of the self-refresh frame buffer. The display controller may transmit a command to the display to clear the frame buffer. The display controller may transmit a predefined image frame from secure storage to the display. The predefined image frame may be an advertisement or user-defined content. Other embodiments are described and claimed.
    Type: Grant
    Filed: March 4, 2016
    Date of Patent: December 17, 2019
    Assignee: Intel Corporation
    Inventors: Rajesh Poornachandran, Ned M. Smith
  • Patent number: 10489562
    Abstract: A method for modular software protection includes steps for receiving, at a server, a license key registered for a software executable installed on a client device and machine fingerprint data generated at the client device, accessing, using the server, stored usage rights data indicated by the license key, the usage rights data specifying a number of client devices on which the software executable is licensed to operate and which features of the software executable are enabled, determining, using the machine fingerprint data received by the server, whether operation of the software executable on the client device would cause the number of client devices on which the software executable is licensed to operate to be exceeded, and creating, in response to the determining step, an encrypted license file for transmission to the client device that defines separate features of the software executable to be enabled on the client device.
    Type: Grant
    Filed: April 10, 2017
    Date of Patent: November 26, 2019
    Assignee: Uniloc 2017 LLC
    Inventor: Craig S. Etchegoyen
  • Patent number: 10489420
    Abstract: The invention relates to a method, an apparatus and a computer program product. The method comprises managing data in one or more data repositories by a centralized content management system comprising at least one server, wherein said one or more data repositories are connected to said centralized content management system, and at least one of said one or more data repositories resides on a device that is other than a server of the centralized content management system, wherein the method further comprises receiving by a server of the centralized content management system a request from a mobile client device to access data in a data repository connected to the centralized content management system; and providing the mobile client device with an access to the data repository by the centralized content management system.
    Type: Grant
    Filed: January 29, 2016
    Date of Patent: November 26, 2019
    Assignee: M-FILES OY
    Inventors: Antti Nivala, Gregory C. Milliken, Mikko Rantanen, Jyri Mantysalo
  • Patent number: 10482288
    Abstract: A device may receive content data from a content provider, the content data including: data identifying content, and data for verifying that the content has not changed. The device may access a blockchain associated with the content data, the blockchain including validation information specifying instructions for validating the content. In addition, the device may perform, based on the validation information, validation of the content to determine a measure of confidence that the content is accurate and store results of the validation in the blockchain as a transaction. Based on the validation results, the device may perform an action.
    Type: Grant
    Filed: October 11, 2018
    Date of Patent: November 19, 2019
    Assignee: Capital One Services, LLC
    Inventor: Pamela Rice
  • Patent number: 10432549
    Abstract: A method for scope-sensitive loading of software resources in web applications. The method includes obtaining, from a web browser, a request for a web application and obtaining a scope of the requested web application. The scope determines required web application functionalities. The method further includes, based on the scope, generating a list of required software resources that implement the required web application functionalities, collecting the required software resources, based on the list of required software resources, and providing the collected required software resources to the web browser.
    Type: Grant
    Filed: June 29, 2016
    Date of Patent: October 1, 2019
    Assignee: EMC IP Holding Company LLC
    Inventors: Sachin Gopaldas Totale, Himawan Soedarsono
  • Patent number: 10425402
    Abstract: Embodiments are directed to securing data using attribute-based encryption. In an embodiment, a computer system encrypts a portion of data with an attribute-based encryption, including associating the encrypted portion of data with one or more encryption attributes. The computer system sends the encrypted portion of data and the one or more encryption attributes to a data store, which stores the first portion of data along with the one or more encryption attributes. The computer system also defines one or more access controls for the portion of data that include an identity of at least one user permitted to access the portion of data. The attribute-based encryption allows the encrypted portion of data to be provided by the data store upon request by the identified user when the request includes one or more search attributes that are relevant to the one or more encryption attributes.
    Type: Grant
    Filed: December 2, 2016
    Date of Patent: September 24, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Roy Peter D'Souza, Omkant Pandey
  • Patent number: 10395017
    Abstract: A computer-implemented method improves a computer system's security through use of a simulated digital footprint. One or more processors retrieve a historical digital footprint of a user. The historical digital footprint is a record of past digital data about the user, and describes a pattern of activities of the user. The processor(s) generate a simulated digital footprint for the user. The simulated digital footprint conforms to the pattern of activities of the user, and describes simulated current activities of the user. The processor(s) transmit the simulated digital footprint to the public while a current real digital footprint is being created for the user, such that use of the pattern of activities of the user provides an imperceptible transition from the historical digital footprint to the simulated digital footprint, and where the simulated digital footprint prevents the public from accessing the current real digital footprint of the user.
    Type: Grant
    Filed: February 1, 2017
    Date of Patent: August 27, 2019
    Assignee: International Business Machines Corporation
    Inventors: Michael Bender, Rhonda L. Childress, Timothy J. Hahn, David B. Kumhyr
  • Patent number: 10387407
    Abstract: The subject matter of this specification can be implemented in, among other things, a method that includes receiving, by a processing device, one or more first content items for one or more first user accounts of a content sharing system. The method further includes storing the first content items at the content sharing system. The method further includes receiving, by the processing device, a second content item for a second user account of the content sharing system. The method further includes comparing, by the processing device, the received second content item to the stored first content items to determine that the second content item is not exclusive to the second user account. The method further includes restricting a privilege of the second user account for the second content item in response to the determination that the second content item is not exclusive to the second user account.
    Type: Grant
    Filed: December 15, 2017
    Date of Patent: August 20, 2019
    Assignee: Google LLC
    Inventors: Johan Georg Granström, Alexandru Tudor, Thomas Weich
  • Patent number: 10296799
    Abstract: Extracting card information comprises a server at an optical character recognition (“OCR”) system that interprets data from a card. The OCR system performs an optical character recognition algorithm an image of a card and performs a data recognition algorithm on a machine-readable code on the image of the card. The OCR system compares a series of extracted alphanumeric characters obtained via the optical character recognition process to data extracted from the machine-readable code via the data recognition process and matches the alphanumeric series of characters to a particular series of characters extracted from the machine-readable code. The OCR system determines if the alphanumeric series and the matching series of characters extracted from the machine-readable code comprise any discrepancies and corrects the alphanumeric series of characters based on the particular series of characters extracted from the machine-readable code upon a determination that a discrepancy exists.
    Type: Grant
    Filed: January 22, 2018
    Date of Patent: May 21, 2019
    Assignee: GOOGLE LLC
    Inventors: Xiaohang Wang, Justin Scheiner, Glenn Berntson
  • Patent number: 10282558
    Abstract: An apparatus maintains a segregated database in a multiple distributed ledger system. The apparatus includes a storage device that stores software instructions for controlling a processor that when executed by the processor configure the processor to: create distributed ledgers, each created distributed ledger being associated with a respective individual profile; maintain a segregated database apart from the distributed ledgers including, for each individual profile, profile balance data; and process a data exchange between exchanging profiles.
    Type: Grant
    Filed: September 2, 2016
    Date of Patent: May 7, 2019
    Assignee: The Toronto-Dominion Bank
    Inventors: Paul Mon-Wah Chan, Perry Aaron Jones Haldenby, John Jong Suk Lee
  • Patent number: 10250381
    Abstract: A device may receive first content data from a content provider, the first content data including data identifying content. The device may generate second content data based on the first content data, the second content data including information that causes content validation to be performed on the content. The device may also provide the second content data to a content validation node, the content validation node being included in a content validation network implementing a blockchain network that includes executable instructions for performing content validation. In addition, the device may obtain, from the content validation network, validation results associated with the content, and provide, to a user device, data that causes display of a validation indicator with the content, the validation indicator being based on the validation results.
    Type: Grant
    Filed: February 22, 2018
    Date of Patent: April 2, 2019
    Assignee: Capital One Services, LLC
    Inventor: Pamela Rice
  • Patent number: 10223080
    Abstract: A system and method for automatic instrumentation of mobile applications is disclosed. Mobile applications are typically executed in mobile runtime environments or operating system that is restricted compared to their conventional counterparts. Those restrictions include features that allow one to examine and modify code of application during the runtime of the application. Those features that are used by instrumentation based monitoring systems dedicated for conventional applications are thus not available for the instrumentation of mobile application. The system and method allows for automatic instrumentation in a static way, either by persistently placing instrumentation code into mobile applications or by persistently adapting mobile applications in a way to perform a static instrumentation on application startup.
    Type: Grant
    Filed: January 14, 2016
    Date of Patent: March 5, 2019
    Assignee: Dynatrace LLC
    Inventors: Brian Duc Minh Le, Edward H. Klos, Clemens Fuchs, Dan Barr, Neal Thomas Leverenz
  • Patent number: 10194010
    Abstract: Exemplary embodiments relate to techniques for managing contact information received in the context of a messaging system. Messages may be received from known contacts which contain user contact records for third parties. Based on the trust relationship with the known contacts, the user contact record is placed in a contact record repository for later retrieval. When another message is received which either references the user contact record or is from the third party referenced in the user contact record, a dialog box is presented offering the user the opportunity to add the user contact record as an address entry in the address book of the device.
    Type: Grant
    Filed: September 29, 2017
    Date of Patent: January 29, 2019
    Assignee: WHATSAPP INC.
    Inventors: Michael B. Donohue, Clark Chen, Alan Liu
  • Patent number: 10187209
    Abstract: A system and methods are provided for verifying proof of transit of network traffic through a plurality of network nodes in a network. In one embodiment, each network node reads a first value and a second value from in-band metadata of packet, and generates, using a cryptographic key that is unique to each respective network node, an encryption result based on the first value. An updated second value is generated based on the second value read from the packet and the encryption result. Each network node writes the updated second value to the in-band metadata of the packet, and forwards the packet in the network. In another embodiment, a secret sharing scheme is employed by each network node computes a portion of verification information using a unique share of a secret and based on the packet specific information.
    Type: Grant
    Filed: January 11, 2016
    Date of Patent: January 22, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Venkata Krishna Sashank Dara, Shwetha Subray Bhandari, Andrew Yourtchenko, Eric Vyncke, Frank Brockners
  • Patent number: 10187855
    Abstract: Embodiments relate to a message processing method and apparatus. A first message is received that is sent by a first device to a second device. A determination is made as to whether the first message is a privacy message. When the first message is a privacy message, a second message is generated according to the first message, where the second message carries a first privacy label. The second message is sent to the second device, so that the second device displays a notification of the second message on a notification screen according to the first privacy label after receiving the second message. After receiving the second message, the second device displays the second message according to whether the second message carries the first privacy label.
    Type: Grant
    Filed: November 28, 2014
    Date of Patent: January 22, 2019
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Zhe Xu, Huangwei Wu
  • Patent number: 10121025
    Abstract: A device may receive content data from a content provider, the content data including: data identifying content, and data for verifying that the content has not changed. The device may access a blockchain associated with the content data, the blockchain including validation information specifying instructions for validating the content. In addition, the device may perform, based on the validation information, validation of the content to determine a measure of confidence that the content is accurate and store results of the validation in the blockchain as a transaction. Based on the validation results, the device may perform an action.
    Type: Grant
    Filed: February 22, 2018
    Date of Patent: November 6, 2018
    Assignee: Capital One Services, LLC
    Inventor: Pamela Rice
  • Patent number: 10114798
    Abstract: The automated generation of a unique letter or unique letters using one or more context variables for the letter. The contextual variables may represent author characteristics, audience characteristics, tone, word diversification, letter type, and so forth. Different entropy may be used for each letter to thereby generate a unique letter even if the context for the letters is the same. Nevertheless, each unique letter is suitable for the given context. If desired, the automatically generated letter may be further edited, for example, for grammatical, word choice, or legal content. Thus, the letter may appear to be custom drafted by a human for the context, whereas the letter was entirely or substantially computer-generated.
    Type: Grant
    Filed: February 20, 2013
    Date of Patent: October 30, 2018
    Assignee: Progrexion IP, Inc.
    Inventor: Justin Randall Padawer
  • Patent number: 10110565
    Abstract: A method, and associated system, for security processing of a request for a resource in a network security system. The request for the resource and a duplicate of request for the resource are forwarded to a first proxy server and a second proxy server, respectively. A first output including the received request, and a second output including the duplicate of the received request, are received from first proxy server and the second proxy server, respectively. A determination is made of whether the first output and the second output differ; if not the received request or the duplicate of the received request is transmitted to a web server for satisfying the request; if so a first alarm is generated and transmission to the web server of the received request and the duplicate of the received request is blocked.
    Type: Grant
    Filed: December 5, 2017
    Date of Patent: October 23, 2018
    Assignee: International Business Machines Corporation
    Inventor: Ian Robertson
  • Patent number: 10102703
    Abstract: A handheld security system includes a set of handheld devices positioned at a group of access points to a secure area. The handheld device includes a set of input/output devices including a text and graphics display, a camera, a local security database and a set of security devices including an RFID reader, a bar code reader, a magnetic stripe card reader and a biometric scanner. The set of handheld devices are communicatively connected through wireless signaling and protocol to one another and to a server operating a global a global security database. The local security database is synchronized to the global security database. A location stack table is continuously updated with security events and monitored for violation of a set of anti-passback rules. An association table associates a set of assets and a set of personnel, allowing for visitor tracking and asset tracking on a schedule.
    Type: Grant
    Filed: April 10, 2017
    Date of Patent: October 16, 2018
    Assignee: MDI Security, LLC
    Inventors: Sanjay Prasad, Troy Paddock
  • Patent number: 10101936
    Abstract: Techniques disclosed herein relate to a method performed on a computing device in response to a request to identify a segment of memory. The method includes determining a desired sensitivity value for the request and determining a desired trust value for the request. The method also includes producing a memory segment identification result based on the desired sensitivity value and based on the desired trust value.
    Type: Grant
    Filed: July 28, 2014
    Date of Patent: October 16, 2018
    Assignee: Hewlett Packard Enterprise Development LP
    Inventor: Evan R. Kirshenbaum
  • Patent number: 10102371
    Abstract: A computer device and respective method provides a primary clipboard accessible from a primary user account, while a sandbox is used to isolate and contain a secondary user account. A secondary clipboard is provisioned and associated with the secondary user account. The computer device, via an agent, intercepts requests from the secondary user account such as for cut, copy or paste type clipboard operations which are ordinarily directed toward the primary clipboard, and satisfies those clipboard operation requests instead by using the secondary clipboard.
    Type: Grant
    Filed: April 13, 2016
    Date of Patent: October 16, 2018
    Assignee: AVECTO LIMITED
    Inventors: Mark James Austin, Belaid Bezzaa
  • Patent number: 10104065
    Abstract: A method implemented by a network element (NE) configured as a streaming client, the method comprising obtaining, via a processor of the NE, a first authorization token for accessing a first media segment located on a content server, embedding, via the processor, the first authorization token in a first content request message for accessing the first media segment located on the content server, sending, via a transmitter of the NE to the content server, the first content request message comprising the first authorization token to request the first media segment, and receiving, via a receiver of the NE from the content server, the first media segment when the first authorization token is valid for accessing the first media segment located on the content server.
    Type: Grant
    Filed: May 20, 2016
    Date of Patent: October 16, 2018
    Assignee: Futurewei Technologies, Inc.
    Inventor: Xin Wang
  • Patent number: 10091235
    Abstract: The disclosed computer-implemented method may include (1) detecting a request from a computing device of a member of an organization in connection with a communication session between the computing device and at least one additional computing device, (2) identifying, within the request, a URL that the computing device is attempting to access, (3) computing a unique identifier that represents the URL, (4) comparing the unique identifier against a database that includes unique identifiers that represent URLs embedded in emails received by members of the organization, (5) determining, based at least in part on the comparison, that the URL was included in an email received by the member of the organization, and then in response, (6) elevating a threat level of the communication session between the computing device and the additional computing device. Various other methods, systems, and apparatuses are also disclosed.
    Type: Grant
    Filed: June 7, 2016
    Date of Patent: October 2, 2018
    Assignee: Juniper Networks, Inc.
    Inventors: Deepak Kushwaha, Mohit Joshi, Puneet Tutliani
  • Patent number: 10073984
    Abstract: A rights-based system is described in which vouchers are employed for creating, managing, distributing, and redeeming rights in digital contexts. A voucher is a digital, possession-based rights representation. An authorization component of the system validates the vouchers and issues corresponding tokens. Access to digital resources is provided in response to presentation of the tokens which are validated by matching voucher refresh values to corresponding values maintained by the system. New refresh values are generated and inserted in the vouchers each time they are redeemed.
    Type: Grant
    Filed: October 19, 2016
    Date of Patent: September 11, 2018
    Assignee: API Market, Inc.
    Inventors: Stefan Roever, David Watson
  • Patent number: 10050991
    Abstract: A method for managing network vulnerabilities may include obtaining image data regarding a software container located on a network element. The image data may describe a software image used to generate the software container. The method may further include determining, using the image data, a software vulnerability of the software image. The method may further include assigning the software vulnerability to a filesystem key. The method may further include generating, using the software vulnerability and the filesystem key, a vulnerability map of a network. The vulnerability map may describe various software vulnerabilities arranged according to various filesystem keys used on the network. The filesystem key may identify data of the software container within a filesystem on the network element.
    Type: Grant
    Filed: October 19, 2017
    Date of Patent: August 14, 2018
    Assignee: Ciena Corporation
    Inventor: Aung Htay
  • Patent number: 10027678
    Abstract: Provided are systems and methods for location-aware security configuration of peripheral devices. In various implementations, a location-aware peripheral device comprises an interface and a configuration engine. The interface may communicatively couple the peripheral device to a computing system. The configuration engine may be configured to, upon powering on in the computing system, detect a characteristic of the computing system. In some implementations, the configuration engine may further select a trust level for the computing system. In some implementations, selecting a trust level may include using the detected characteristic to identify a profile stored on the peripheral device. The profile may describe a pre-determined computing system. The configuration engine may further be configured to program the peripheral device with a configuration that is associated with the selected trust level. The configuration may program a feature of the peripheral device.
    Type: Grant
    Filed: March 29, 2016
    Date of Patent: July 17, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Eric Jason Brandwine, Adi Habusha
  • Patent number: 10013461
    Abstract: In a method for analyzing a data set, one or more processors identifying a data set that includes sequences of data points, identifying a sequence of data points in the identified data set, identifying a window of sequences of data points in the identified data set, wherein the window of sequences of data points is defined based on information including one or more of: a defined number of sequences of data points before and after the identified sequence of data points and a defined reference to a feature of the identified data set, retrieving a set of inflection points in the identified data set that are within the identified window of sequences of data points, and determining: a maximum value, a minimum value, or both a maximum and minimum value, based on the retrieved inflection points that are within the identified window of sequences of data points.
    Type: Grant
    Filed: March 11, 2015
    Date of Patent: July 3, 2018
    Assignee: International Business Machines Corporation
    Inventor: Mark P. Dennehy
  • Patent number: 10009343
    Abstract: Embodiments of the present disclosure provide a method, an apparatus, and a system for authenticating a fully homomorphic message, where the method includes: acquiring a message authentication key, where: the message authentication key includes a public key, a first character string, and a second character string; the first character string is a character string that consists of 0 and 1 and has a length of n; the second character string is a character string that consists of 0 and 1 and has a length of n; generating an authentication fingerprint corresponding to each bit of to-be-computed data; sending a computation request to a server; receiving an authentication fingerprint corresponding to the computation result; and performing correctness authentication on the computation result according to the received authentication fingerprint, which effectively reduces an amount of computation in a verification process.
    Type: Grant
    Filed: December 31, 2015
    Date of Patent: June 26, 2018
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Wenbin Chen, Hao Lei, Qinqin Yang
  • Patent number: 9953152
    Abstract: This invention is directed to an electronic device with an embedded authentication system for restricting access to device resources. The authentication system may include one or more sensors operative to detect biometric information of a user. The sensors may be positioned in the device such that the sensors may detect appropriate biometric information as the user operates the device, without requiring the user to perform a step for providing the biometric information (e.g., embedding a fingerprint sensor in an input mechanism instead of providing a fingerprint sensor in a separate part of the device housing). In some embodiments, the authentication system may be operative to detect a visual or temporal pattern of inputs to authenticate a user. In response to authenticating, a user may access restricted files, applications (e.g., applications purchased by the user), or settings (e.g., application settings such as contacts or saved game profile).
    Type: Grant
    Filed: November 21, 2016
    Date of Patent: April 24, 2018
    Assignee: APPLE INC.
    Inventors: Anthony M. Fadell, Andrew Bert Hodge, Stephan V. Schell, Ruben Caballero, Jesse Lee Dorogusker, Stephen Paul Zadesky, Emery Sanford
  • Patent number: 9912781
    Abstract: An electronic product can be configured by a method that includes attaching a machine-readable identification (ID) tag containing an ID code to a hardware unit of the electronic product. The ID code is associated with a particular configuration of the electronic product, and can be read or scanned with a mobile device configured to send the ID code to a provider server device. In response to receiving the ID code, the provider server device can send product configuration instructions and a product configuration application to the mobile device. The product configuration instructions can guide a user through a customized series of electronic product configuration operations. The product configuration application can assist the user in performing configuration operations, can provide customized configuration help, and can establish a wireless link between the mobile device and the electronic product, allowing the user to interact with the electronic product.
    Type: Grant
    Filed: September 29, 2015
    Date of Patent: March 6, 2018
    Assignee: International Business Machines Corporation
    Inventors: Brad L. Brech, Michael E. Daley, Sunil J. Kamath, Leslie Png, Kevin J. Reilly, Steven L. Roberts, Alise Spence, Randal C. Swanberg
  • Patent number: 9910972
    Abstract: Methods and systems may provide for selecting a hypervisor protocol from a plurality of hypervisor protocols based on a communication associated with a remote agent. The selected hypervisor protocol may be used to conduct a trust analysis of one or more digitally signed values in the communication, wherein a cloud attestation request may be processed based on the trust analysis. Processing the cloud attestation request may involve generating a trustworthiness verification output, a geo-location verification output, etc., for a cloud computing node corresponding to the remote agent.
    Type: Grant
    Filed: January 30, 2012
    Date of Patent: March 6, 2018
    Assignee: Intel Corporation
    Inventor: Yeluri Raghuram
  • Patent number: 9889379
    Abstract: An example information processing system includes a display controller configured to display a screen that includes a plurality of subjects and at least one content generated by a user, the at least one content satisfying a predetermined timing condition for each subject in a display, at least one content for a subject being included in a plurality of contents posted with regard to the subject.
    Type: Grant
    Filed: May 1, 2014
    Date of Patent: February 13, 2018
    Assignee: NINTENDO CO., LTD.
    Inventors: Hisashi Nogami, Kiyoshi Mizuki, Kouichi Kawamoto, Ryota Oiwa, Ichiro Suzuki, Wataru Tanaka, Hideto Yuzawa, Shunsaku Kato
  • Patent number: 9887963
    Abstract: A method, and associated system, for security processing of a request for a resource in a network security system. The request for the resource is received from a client device. A duplicate of the received request is created. The received request and its duplicate are forwarded to a first proxy server and a second proxy server, respectively. A first output including the received request, and a second output including the duplicate of the received request, are received from first proxy server and the second proxy server, respectively. A determination is made of whether the first output and the second output differ; if not the received request or the duplicate of the received request is transmitted to a web server for satisfying the request; if so a first alarm is generated and transmission to the web server of the received request and the duplicate of the received request is blocked.
    Type: Grant
    Filed: April 4, 2014
    Date of Patent: February 6, 2018
    Assignee: International Business Machines Corporation
    Inventor: Ian Robertson
  • Patent number: 9887448
    Abstract: The present invention relates to a method of manufacturing an antenna for a radio frequency (RFID) tag. A web of material is provided to at least one cutting station in which a first pattern is generated in the web of material. A further cutting may occur to create additional modifications in order to provide a microchip attachment location and to selectively tune an antenna for a particular end use application. The cutting may be performed by a laser, die cutting, stamping or combinations thereof.
    Type: Grant
    Filed: October 14, 2013
    Date of Patent: February 6, 2018
    Assignee: AVERY DENNISON RETAIL INFORMATION SERVICES, LLC
    Inventors: Ian J Forster, Christian K Oelsner, Robert Revels, Benjamin Kingston, Peter Cockerell, Norman A Howard