Network Patents (Class 726/3)
  • Patent number: 11907931
    Abstract: A method for managing a virtual electronic card is applicable to a secure chip installed in a first terminal, and the method includes: receiving a management request from a trusted mobile application on the first terminal, the management request being used to manage a target virtual electronic card on the secure chip, and permissions of the virtual electronic card being configured by a chip operating system of the secure chip; determining, from the secure chip, a target card management program corresponding to the target virtual electronic card, the different virtual electronic cards corresponding to the different card management programs; sending the management request to the target card management program; and calling, through the target card management program, a card management command corresponding to the management request in a card management system on the secure chip, to manage the target virtual electronic card.
    Type: Grant
    Filed: September 13, 2021
    Date of Patent: February 20, 2024
    Assignee: SHENZHEN GOODIX TECHNOLOGY CO., LTD.
    Inventor: Yanling Zhang
  • Patent number: 11902226
    Abstract: Access to a first instant messaging service using an online identity that is associated with a second instant messaging service is enabled. A profile is accessed. The profile indicates that another instant messaging service is to be provided with presence information regarding the use of the online identity to access the first instant messaging service. The other instant messaging service is provided with the presence information regarding the use of the online identity to access the first instant messaging service.
    Type: Grant
    Filed: December 29, 2020
    Date of Patent: February 13, 2024
    Assignee: Verizon Patent and Licensing Inc.
    Inventor: Larry L. Lu
  • Patent number: 11902848
    Abstract: A method (30) and system (10) for controlling wireless local area network (WLAN) user quality in a multi-access point environment is provided. In order to ensure good quality of service/user experience in a multi-access point Wi-Fi™ setup in which a user roams with a station (14), the access points (11, 12) continuously or at intervals assess the wireless environment's quality and report to a control entity (13). The control entity (13) determines, from the assessment data, alternative target access points (11, 12) that could be used in case the link quality of a current connection between an access point (11) and the station (14) falls below a pre-defined value. The control entity (13) then instructs the access point (11) to actively disconnect the station (14) and selects a new target access point (12) to accept the stations (14) connection request.
    Type: Grant
    Filed: June 2, 2022
    Date of Patent: February 13, 2024
    Assignee: INTERDIGITAL CE PATENT HOLDINGS
    Inventors: Koen Van Oost, Bart Vercammen, Kevin Gardner
  • Patent number: 11902330
    Abstract: A device may receive data identifying malicious behavior by a compromised endpoint device associated with a network and may receive user identity data identifying a user of the compromised endpoint device associated with the network. The device may receive endpoint device data identifying the compromised endpoint device and other endpoint devices associated with the network and may receive network device data identifying network devices associated with the network. The device may utilize the data identifying malicious behavior, the user identity data, and the endpoint device data to generate, based on an identity of the user, a security policy to isolate the malicious behavior. The device may cause the security policy to be provided to the network devices and the other endpoint devices based on the network device data and the endpoint device data.
    Type: Grant
    Filed: June 16, 2021
    Date of Patent: February 13, 2024
    Assignee: Juniper Networks, Inc.
    Inventor: Craig Dods
  • Patent number: 11899859
    Abstract: A system and method for remotely generating an original signature provided by a signatory as a user of a first mobile device are disclosed. According to one embodiment, the system comprises a cloud server having a signature transmission API, and a video stream module configured to facilitate a live video stream. The system further includes a pen plotter having a plotter controller communicatively coupled to the cloud server by the signature transmission API. The pen plotter has a mechanical arm configured to receive an ink pen, and a video capture device communicatively coupled to the video stream module of the cloud server and configured to capture video of the pen plotter and transmit to the video stream module.
    Type: Grant
    Filed: December 30, 2020
    Date of Patent: February 13, 2024
    Assignee: Aven Holdings, Inc.
    Inventors: Usman Ghani, Andrew Gray, Sadi Khan, Wendy Beth Oliver, Murtada Shah, Collin Wikman
  • Patent number: 11902300
    Abstract: An approach for monitoring a data transmission system that uses a data transmission means such as a vehicle bus or a vehicle network of a motor vehicle. This system includes a monitoring device that transmits a request message to a transmitting device and to a receiving device. The transmitting device generates a particular transmitter response on the basis of the request message, where the transmitter response is transmitted to the monitoring device. The receiving device generates a particular receiver response on the basis of the request message, where the receiver response is transmitted to the monitoring device. The monitoring device receives the transmitter response and the receiver response and checks compliance with a trigger condition which depends on the transmitter response and the receiver response, the compliance of which indicates an event relevant to monitoring.
    Type: Grant
    Filed: November 25, 2019
    Date of Patent: February 13, 2024
    Assignee: AUDI AG
    Inventors: Markus Klein, Kamil Zawadzki, Changsup Ahn, Wolfgang Stadler, Karsten Schmidt
  • Patent number: 11882110
    Abstract: Examples of renewal of security certificates of supplicant devices are described. In an example, a request to authenticate a supplicant device based on a security certificate is received by an authenticator device and from a supplicant device. The request comprises information relating to the security certificate which is expired. A login history of the supplicant device and presence of a valid account associated with the supplicant device in a directory database is determined. An authentication successful message is sent to the supplicant device based on the login history and presence of the valid account in the directory database. The supplicant device is redirected to a captive web portal for authentication of the supplicant device based on the login credential. In response to a successful authentication of the supplicant device in the captive web portal, a renewed security certificate for the supplicant device is provided.
    Type: Grant
    Filed: April 2, 2021
    Date of Patent: January 23, 2024
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Vikram Limaye, Jason Atkins, Preeti Bhagavan
  • Patent number: 11863586
    Abstract: Inline package name based supply chain attack detection and prevention is disclosed. An indication that a client device has made a request to a remote server for a package is received. A data appliance then performs an action responsive to the received indication. In an example implementation, the data appliance makes a determination of whether the request for the package is associated with a nonexisting package.
    Type: Grant
    Filed: September 30, 2022
    Date of Patent: January 2, 2024
    Assignee: Palo Alto Networks, Inc.
    Inventors: Ruian Duan, Daiping Liu, Jun Wang, Zihang Xiao
  • Patent number: 11853439
    Abstract: The present specification describes computer-implemented methods and systems for secure storage and transmission of data in a distributed network environment. In embodiments, each piece of data is transformed in to multiple pieces of metadata. Each piece of metadata is transmitted and stored on a different server, which is selected from separate pools of servers.
    Type: Grant
    Filed: December 28, 2021
    Date of Patent: December 26, 2023
    Assignee: Activision Publishing, Inc.
    Inventor: Philippe Louis Yves Paquet
  • Patent number: 11849318
    Abstract: A method of authenticating a device subscribed to a first wireless communication network on a second wireless communication network, the method including: deriving at a node within the first wireless communication network a set of one or more network keys for the second wireless communication network from one or more network keys of the first wireless communication network that uniquely identify the device within the first wireless communication network; communicating the derived set of one or more network keys to the device; storing a first copy of the derived set of one or more network keys within an identification module at the device and a second copy of the derived set of one or more network keys within a secure area of the device; and authenticating the device on the second wireless communication network using the second copy of the derived set of one or more network keys stored in the secure area of the device.
    Type: Grant
    Filed: March 18, 2019
    Date of Patent: December 19, 2023
    Assignee: BRITISH TELECOMMUNICATIONS PLC
    Inventors: Ruth Brown, Jonathan Hart
  • Patent number: 11849321
    Abstract: Systems and method are provided for a temporary network slice usage barring service within a core network. A network device in the core network receives a slice barring information message for an application function (AF). The slice barring information message includes a unique subscriber identifier associated with a user equipment (UE) device to be barred from a network slice and indicates a barring expiration time. The network device stores barring parameters based on the slice barring information message. The barring parameters include a slice identifier associated with the AF, the unique subscriber identifier, and the barring expiration time. The network device sends a barring instruction message to another network device associated with the network slice. The barring instruction message includes the unique subscriber identifier and the barring expiration time. The other network device enforces temporary barring of the UE device from the network slice based on the barring instruction message.
    Type: Grant
    Filed: May 20, 2022
    Date of Patent: December 19, 2023
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Suzann Hua, Ye Huang, Chien-Yuan Huang, Parry Cornell Booker
  • Patent number: 11849157
    Abstract: The present disclosure relates to systems and methods for live streaming. The system may receive a play request associated with a live stream from a terminal device. The system may determine whether there are one or more cached fragments associated with the live stream, wherein the one or more cached fragments are cached from a stream source via a first protocol. In response to determining that there are one or more cached fragments associated with the live stream, the system may determine whether the play request is a request that the terminal device requests the live stream for the first time. In response to determining that the play request is the request that the terminal device requests the live stream for the first time, after a caching of a current fragment is completed, the system may transmit an index file corresponding to the current fragment and at least one of the one or more cached fragments to the terminal device via a second protocol.
    Type: Grant
    Filed: January 14, 2022
    Date of Patent: December 19, 2023
    Assignee: ZHEJIANG DAHUA TECHNOLOGY CO., LTD.
    Inventor: Shengfeng Zeng
  • Patent number: 11843644
    Abstract: A method in a conferencing system terminal device includes detecting, with one or more processors during a videoconference, a communication device electronically in communication with both a content presentation companion device having a display and one or more remote electronic devices engaged in the videoconference. User input requesting for content to be shared from the conferencing system terminal device with the one or more remote electronic devices engaged in the videoconference is received. Prior to causing the communication device to share the content with the one or more remote electronic devices during the videoconference the one or more processors present, on the display of the content presentation companion device, a content verification presentation and receive a content share confirmation in response to the content verification presentation.
    Type: Grant
    Filed: November 23, 2021
    Date of Patent: December 12, 2023
    Assignee: Motorola Mobility LLC
    Inventors: Amit Kumar Agrawal, Alexandre Neves Creto
  • Patent number: 11843631
    Abstract: An endpoint in an enterprise network is monitored, and when a potential trigger for a distributed denial of service (DDoS) attack is followed by an increase in network traffic from the endpoint to a high reputation network address, the endpoint is treated as a DDoS service bot and isolated from the network until remediation can be performed.
    Type: Grant
    Filed: July 8, 2021
    Date of Patent: December 12, 2023
    Assignee: Sophos Limited
    Inventors: Karl Ackerman, Mark David Harris, Simon Neil Reed, Andrew J. Thomas, Kenneth D. Ray
  • Patent number: 11843610
    Abstract: This disclosure describes techniques for providing multiple namespace support to application(s) in containers under Kubernetes without breaking containment boundaries or escalating privileges of the application(s). A namespace service executing on a physical server may communicate with contained processes executing on the physical server by utilizing a Unix Domain Socket (UDS) endpoint in the filesystem of each of the containers. the namespace service may execute on the physical server with escalated privileges, allowing the namespace service to create a socket in a namespace and provide access and rights to utilize the socket to process(es) in a separate namespace.
    Type: Grant
    Filed: August 5, 2020
    Date of Patent: December 12, 2023
    Assignee: Cisco Technology, Inc.
    Inventor: Ian James Wells
  • Patent number: 11843579
    Abstract: The technology disclosed relates to a steering logic for policy enforcement on IoT devices. In particular, the technology disclosed provides a system. The system comprises an in-network intermediary. The in-network intermediary is configured to receive outbound network traffic from a plurality of special-purpose devices on a network segment of a network. The outbound network traffic is directed at one or more out-of-network servers. The in-network intermediary is further configured to determine, from the outbound network traffic, metadata required for policy enforcement. The in-network intermediary is further configured to append the metadata to the outbound network traffic, and send the outbound network traffic appended with the metadata to a policy enforcement point for policy enforcement.
    Type: Grant
    Filed: August 12, 2022
    Date of Patent: December 12, 2023
    Assignee: Netskope, Inc.
    Inventors: David Tze-Si Wu, Siying Yang, Krishna Narayanaswamy
  • Patent number: 11832106
    Abstract: An intelligent trust enabler system for a 5G IoT (fifth-generation Internet of Things) environment includes: an IoT trust enabler mounted on an edge and gateway on a fifth-generation (5G) IoT infrastructure, for providing trust information based on data collected from IoT devices and performing operation and management of connected IoT resources; and an IoT trust agent for providing a legacy environment for the IoT trust enabler.
    Type: Grant
    Filed: November 8, 2021
    Date of Patent: November 28, 2023
    Assignee: Korea Advanced Institute of Science and Technology
    Inventors: Hyeontaek Oh, Minkyung Kim, JunKyun Choi, Nakyoung Kim
  • Patent number: 11831522
    Abstract: An intelligent wireless broadband network and content delivery management within a network includes at least one datacenter, at least one network tower and a plurality of smart nodes may be provided. Each of the plurality of smart nodes may be deployed as a micro point of presence (micro POP) at the at least one datacenter the at least one tower and at each of a plurality of hub-homes within the network. An artificial intelligence (AI) capable compute unit may be configured to provide customization of the plurality of smart nodes based on usage pattern of the plurality of homes at a neighborhood level, and thereby facilitating a dynamic edge network distribution solution for better Internet experience to the end-users.
    Type: Grant
    Filed: July 20, 2021
    Date of Patent: November 28, 2023
    Assignee: Element8 Technology Investment Group Inc.
    Inventor: Kevin Michael Grace
  • Patent number: 11829811
    Abstract: A computer program product configured to execute a method for exchanging electronic data. The method includes receiving, using an API, a request to transmit data from a source trading partner to a destination trading partner; querying a name server, using a domain name system protocol, the name server comprising a subdomain of the destination trading partner to send the data to, wherein the subdomain is mapped to a destination access point, wherein a name of the subdomain conforms to a common format, wherein an address of the subdomain conforms to another common format; determining the address of the subdomain based on the querying of the name server; addressing the data, using another API, to be sent to the address of the subdomain; and transmitting the data, using the another API, to the destination access point by virtue of the subdomain's mapping to the destination access point.
    Type: Grant
    Filed: September 17, 2021
    Date of Patent: November 28, 2023
    Assignees: INTERNATIONAL BUSINESS MACHINES CORPORATION, YOUREDI LTD.
    Inventors: Marshall Allen Lamb, Liviu Rodean, Sami Petteri Tähtinen, Mats Bernhard von Weissenberg
  • Patent number: 11818252
    Abstract: Networked devices in a communications network share a common firmware key. Using the common firmware key, one networked device can encrypt configuration data it uses to operate in the network for distribution to other networked devices of the same or similar type. The networked devices that receive the encrypted configuration data then use the common firmware key to decrypt the encrypted configuration data, and using the decrypted configuration data, self-configure to operate on the network. This allows for the secure distribution of configuration data, as well as the self-configuration of networked devices without exposing the sensitive data needed for such configuration to a human.
    Type: Grant
    Filed: March 11, 2020
    Date of Patent: November 14, 2023
    Assignee: TOSHIBA GLOBAL COMMERCE SOLUTIONS HOLDINGS CORPORATION
    Inventors: Charles R Kirk, Sharon Freedman, Suzanne M Bleakley
  • Patent number: 11818797
    Abstract: A method and an apparatus for controlling user equipment (UE) context between a plurality of nodes are provided. The method includes transmitting, to a second node, a first message to request a user equipment (UE) context update, receiving, from the second node, a second message indicative of a completion of the UE context update or a third message indicative of a failure of the UE context update in response to the transmission of the first message, and determining whether to retransmit the first message to the second node based on the reception of the second message or the third message. The procedure of the UE context update may be initiated by the transmission of a message to request an operation of the UE context update to be performed between a UE and a third node from the second node to the third node.
    Type: Grant
    Filed: October 18, 2021
    Date of Patent: November 14, 2023
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Jeongyeob Oak, Jisoo Song
  • Patent number: 11811593
    Abstract: A secure private network connectivity system (SNCS) within a cloud service provider infrastructure (CSPI) is described that provides secure private network connectivity between external resources residing in a customer's on-premise environment and the customer's resources residing in the cloud. The SNCS provides secure private bi-directional network connectivity between external resources residing in a customer's external site representation and resources and services residing in the customer's VCN in the cloud without a user (e.g., an administrator) of the enterprise having to explicitly configure the external resources, advertise routes or set up site-to-site network connectivity.
    Type: Grant
    Filed: December 9, 2022
    Date of Patent: November 7, 2023
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventors: Lucas Michael Kreger-Stickles, Abhiman Yashpala Karkera, Dhwanish Pramthesh Shah, Guanhong Pei, Clayton Matthew Magouyrk, Paul James Cainkar
  • Patent number: 11811744
    Abstract: A method including transmitting, by a user device to an infrastructure device, a first pre-authentication request associated with requesting communication services from a server, the first pre-authentication request indicating a communication parameter associated with the user device; determining, by the user device while obtaining the communication services from the server, a change in the communication parameter such that the user device is associated with a new communication parameter; and transmitting, by the user device to the infrastructure device, a second pre-authentication request associated with obtaining the communication services from the server, the second pre-authentication request indicating the new communication parameter. Various other aspects are contemplated.
    Type: Grant
    Filed: March 25, 2022
    Date of Patent: November 7, 2023
    Assignee: UAB 360 IT
    Inventor: Adrianus Warmenhoven
  • Patent number: 11809551
    Abstract: Technologies are shown for function level permissions control for smart contract execution to implement permissions policy on a blockchain. Permissions control rules control function calls at a system level utilizing function boundary detection instrumentation in a kernel that executes smart contracts. The detection instrumentation generates a call stack that represents a chain of function calls in the kernel for a smart contract. The permissions control rules are applied to the call stack to implement permissions control policy. Permissions control rules can use dynamic state data in the function call chain. If the dynamic state data observed in function call chains does not meet the requirements defined in the permissions control rules, then the function call can be blocked from executing or completing execution. The permissions control rules can be generated for a variety of different entities, such as a domain, user or resource.
    Type: Grant
    Filed: December 13, 2021
    Date of Patent: November 7, 2023
    Assignee: eBay Inc.
    Inventors: Venkata Siva Vijayendra Bhamidipati, Ashok Srinivasa Murthy, Derek Chamorro, Michael Chan, Arpit Jain
  • Patent number: 11803836
    Abstract: A method for managing a virtual electronic card is applicable to a secure chip installed in a first terminal, and the method includes: receiving a management request from a trusted mobile application on the first terminal, the management request being used to manage a target virtual electronic card on the secure chip, and permissions of the virtual electronic card being configured by a chip operating system of the secure chip; determining, from the secure chip, a target card management program corresponding to the target virtual electronic card, the different virtual electronic cards corresponding to the different card management programs; sending the management request to the target card management program; and calling, through the target card management program, a card management command corresponding to the management request in a card management system on the secure chip, to manage the target virtual electronic card.
    Type: Grant
    Filed: September 13, 2021
    Date of Patent: October 31, 2023
    Assignee: SHENZHEN GOODIX TECHNOLOGY CO., LTD.
    Inventor: Yanling Zhang
  • Patent number: 11790058
    Abstract: Computer systems and methods are disclosed to implement a role manager that automatically analyzes code accessing various resources to generate a role with the necessary resource permissions to execute the code. In embodiments, the role manager may be implemented as part of a workflow orchestration or resource provisioning system that employs code requiring access to different types of resources. In embodiments, the role manager may analyze a code segment to identify the different resources accessed by the code segment and the permissions needed for each access, and generate a role that has the needed permissions. In embodiments, the role manager may automatically manage these roles based on changes to associated code segments. Advantageously, the disclosed role manager removes the need to manually create roles need by code segments ahead of time, and creates roles with minimal privileges required for the code, thereby simplifying achievement of system security.
    Type: Grant
    Filed: July 22, 2022
    Date of Patent: October 17, 2023
    Assignee: Amazon Technologies, Inc.
    Inventors: Ali Baghani, Patrick MacLaine Compton, Andrew Katz, Gabriel Mastey, Adam Alexander Emerson Wong
  • Patent number: 11783067
    Abstract: A first server computing device, including a processor configured to receive, from a first application instance, a first access request for a file. The first access request may include a first modification privilege request and a modification privilege sharing request. The processor may determine that the file is not locked for editing and grant the first application instance access to the file with modification privileges indicated by the first modification privilege request and without modification privilege sharing permissions indicated by the modification privilege sharing request. The processor may set the file to be locked for editing. The processor may receive, from a second application instance, a second access request including a second modification privilege request. The processor may determine that the file is locked for editing and deny the second application instance access to the file.
    Type: Grant
    Filed: January 20, 2021
    Date of Patent: October 10, 2023
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Diaa Eldin Mohamed Hazem Fathalla, Surender Kumar, Jason Daniel Shay, Michael S. Murstein, Jose J Figueroa-Morales
  • Patent number: 11777916
    Abstract: A wireless local area network (WLAN) access method includes sending, by a terminal, a request for querying an available wireless access point to a server. The method further includes sending, by the server according to the query request, obtained information about the available wireless access point. The method further includes receiving, by the terminal, wireless access point information returned by the server, and determining a specific wireless access point from the received wireless access point information. The method further includes sending, by the terminal, an authentication information request of the specific wireless access point to the server. The method further includes when receiving the request, sending, by the server, authentication information corresponding to the specific wireless access point to the terminal, where the authentication information is used to connect the terminal to the specific wireless access point.
    Type: Grant
    Filed: August 23, 2019
    Date of Patent: October 3, 2023
    Assignee: HONOR DEVICE CO., LTD.
    Inventors: Guoqiang Rong, Jingtao Feng, Zijun Li, Wenhu Zhang
  • Patent number: 11770767
    Abstract: A user equipment device (UE) establishes a communication session with a wireless network, and receives, from the wireless network, a message that includes scheduling data that schedules a power-saving mode (PSM) at the UE. The UE interrupts, at a first time based on the scheduling data, a supply of power to a modem of the UE. The UE provides, based on the scheduling data at a second time that is subsequent to the first time, power to the modem.
    Type: Grant
    Filed: February 23, 2021
    Date of Patent: September 26, 2023
    Assignee: Neptune Technology Group Inc.
    Inventor: Charles Cottle
  • Patent number: 11770395
    Abstract: An information processing apparatus according to an embodiment includes a list storage unit and processor. The list storage unit stores therein allow lists for module processing types, and each allow list describes an execution-permitted system operation. The processor functions as an operation detecting unit, a process specifying unit, a log specifying unit, a type specifying unit, and an output unit. The operation detecting unit detects execution of any of system operations. The process specifying unit specifies a target process that has executed execution-detected system operation. The log specifying unit specifies a target operation log. The type specifying unit specifies a type of target module processing that executed execution-detected system operation by analyzing the target operation log. The output unit outputs anomaly information when the allow list for the target module processing type does not include the execution-detected system operation.
    Type: Grant
    Filed: August 30, 2021
    Date of Patent: September 26, 2023
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Naoki Ogura, Jun Kanai, Hiroyoshi Haruki
  • Patent number: 11762362
    Abstract: A system for managing communication between building management system (BMS) devices includes a memory and a controller. The memory includes instructions stored thereon. The controller is configured to execute the instructions to implement an agent manager, a zone manager, and a channel manager. The agent manager is configured to generate an agent for each of the BMS devices. The zone manager is configured to define at least one zone relating to a physical location zone or a building control zone. The channel manager is configured to generate a communication channel associated with the at least one zone. The channel manager is further configured to manage registration of an agent to the communication channel, wherein an agent is configured to communicate over a communication channel in response to being registered to the communication channel.
    Type: Grant
    Filed: September 7, 2022
    Date of Patent: September 19, 2023
    Assignee: JOHNSON CONTROLS TYCO IP HOLDINGS LLP
    Inventors: Youngchoon Park, Vaidhyanathan Venkiteswaran, Sudhi R. Sinha, Karl F. Reichenberger
  • Patent number: 11763028
    Abstract: Systems and methods for managing data security are described. In an embodiment, the method comprises receiving a data access request from a first application that runs in a first operating environment of a mobile device, wherein the authentication request contains credentials of the first application, communicating with a second application that runs in a second operating environment in parallel to the first environment of the mobile device, wherein the second application is a trusted application that runs in a secure environment, and wherein the communicating includes transferring the credentials of the first application to the second application, and receiving data from the trusted application responsive to the data access request, based on the credentials of the first application.
    Type: Grant
    Filed: May 20, 2022
    Date of Patent: September 19, 2023
    Assignee: BARCLAYS EXECUTION SERVICES LIMITED
    Inventors: Lawrence Cheng, Jeremy Goldstone
  • Patent number: 11757641
    Abstract: Disclosed are various embodiments for decentralizing the authentication or verification of data. An identity key can be generated for a data item. A request can then be sent to an authentication provider for authentication of the data item, the request comprising the identity key and the data item. A verified claim for the data item can then be received in response. Subsequently, an identity document is generated, the identity document comprising the identity key for the data item and the verified claim. Finally, the identity document can be stored in a distributed ledger.
    Type: Grant
    Filed: September 15, 2021
    Date of Patent: September 12, 2023
    Assignee: American Express Travel Related Services Company, Inc.
    Inventor: Andras L. Ferenczi
  • Patent number: 11757845
    Abstract: A private communication set-up service enables scalable private connectivity between producers and consumers residing within a public cloud environment. A producer exposes metadata information about a new or updated resource within the public cloud environment using a tag. The system monitors the public cloud environment for tagged metadata about new resources and configures a producer-side service to a private link. Subsequently, the system exposes metadata information about the private link. The system monitors for tagged metadata about private links and configures the consumer-side private link endpoint to the private link. The producer and the consumer communicate using the configured private link.
    Type: Grant
    Filed: October 30, 2020
    Date of Patent: September 12, 2023
    Assignee: Salesforce, Inc.
    Inventors: Ashley Ryan Flavel, William Lui, David Lucey
  • Patent number: 11751066
    Abstract: A domain proxy receives a request from a base station for allocation of a first portion of a frequency band to support cellular communication in a geographic area that is indicated in the request. The frequency band is available for exclusive allocation to an incumbent device. The base station is required to vacate the first portion of the frequency band in response to the incumbent device arriving in the geographic area and being allocated a second portion of the frequency band that overlaps with the first portion. The domain proxy accesses a policy for the base station from a database and, based on the policy, selectively provides the request to a spectrum access server (SAS) that is responsible for allocating portions of the frequency band.
    Type: Grant
    Filed: May 25, 2018
    Date of Patent: September 5, 2023
    Assignee: Nokia Solutions and Networks Oy
    Inventors: Milind M. Buddhikot, Mohammad Riaz Khawer, Kutlay Erman
  • Patent number: 11750399
    Abstract: This disclosure describes a cyber-security protocol for validating messages being exchanged between two devices of an autonomous vehicle. The protocol includes the independent generation of multiple encryption or session keys by both devices. The encryption keys are generated based on a random number provided by each device. In some embodiments, the random numbers can be accompanied by a shared secret key installed on both devices that can help prevent an unauthorized device from creating a shared set of encryption keys with one of the devices. Including a hash generated using one of the encryption keys and a message sequence counter value in each message can help prevent the injection of previously transmitted messages as a means of disturbing operation of the autonomous vehicle.
    Type: Grant
    Filed: November 25, 2020
    Date of Patent: September 5, 2023
    Assignee: Motional AD LLC
    Inventors: Michael Maass, Karl Robinson, Lucky Munro
  • Patent number: 11750611
    Abstract: Methods to securely remediate a captive portal are provided. In these methods, a processor of a user device detects a connection, via a network, to a captive portal. Based on the detected connection to the captive portal, the processor launches a dedicated secure web browser, and selectively restricts access of the user device to the network in order to only allow, via the dedicated secure web browser, communications related to remediation with the captive portal.
    Type: Grant
    Filed: September 16, 2021
    Date of Patent: September 5, 2023
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Vincent E. Parla, Valentiu Vlad Santau, Peter Scott Davis
  • Patent number: 11750671
    Abstract: An embodiment includes identifying which of a plurality of participants of a web conference is an identified participant associated with a selected cluster of a plurality of clusters of audio feed data of an audio feed of the web conference based on a self-introduction in the selected cluster. The embodiment also generates a first preliminary leadership score for the identified participant based on a speaking duration value associated with the identified participant and generates a second preliminary leadership score for the identified participant using a selected video segment as an input for a machine learning classifier model. The embodiment calculates a final leadership score for the identified participant based on the first and second preliminary leadership scores. The final leadership score is representative of a likelihood that the identified participant is a supervisor, and is indicative of the identified participant being a supervisor if it exceeds a designated threshold value.
    Type: Grant
    Filed: April 8, 2021
    Date of Patent: September 5, 2023
    Assignee: KYNDRYL, INC.
    Inventors: Muhammad Ammar Ahmed, Madiha Ijaz, Sreekrishnan Venkateswaran
  • Patent number: 11729213
    Abstract: Systems, methods, and computer media for securing software applications are provided herein. Using deceptive endpoints, attacks directed to API endpoints can be detected, and attackers can be monitored or blocked. Deceptive endpoints can be automatically generated by modifying valid endpoints for an application. Deceptive endpoints are not valid endpoints for the application, so if a deceptive endpoint is accessed, it is an indication of an attack. When a deceptive endpoint is deployed, accessing the deceptive endpoint can cause an alert to be generated, and an account, user, or device associated with accessing the deceptive endpoint can be blocked or monitored.
    Type: Grant
    Filed: October 5, 2020
    Date of Patent: August 15, 2023
    Assignee: SAP SE
    Inventors: Cedric Hebert, Merve Sahin, Anderson Santana de Oliveira, Rocio Cabrera Lozoya, Aicha Mhedhbi
  • Patent number: 11722472
    Abstract: One example method includes correlating trust scoring with authentication levels. Trust scores are protected in a computing system such that devices can be validated. Authentication levels are based on the verified trust scores.
    Type: Grant
    Filed: December 31, 2020
    Date of Patent: August 8, 2023
    Assignee: EMC IP HOLDING COMPANY LLC
    Inventors: Mohamed Sohail, Robert A. Lincourt, Said Tabet
  • Patent number: 11720549
    Abstract: A machine data validation system can track and validate the integrity of machine data generated by machines. The system can generate hashes for the items and batch hashes that can be validated using an immutable data store, such as a blockchain. The system can implement a tiered blockchain structure to efficiently store and reference the hashes to validate the machine data at different times or upon request from an end-user.
    Type: Grant
    Filed: April 30, 2021
    Date of Patent: August 8, 2023
    Assignee: SPLUNK INC.
    Inventors: Nathaniel G. McKervey, Paul Jean André Bernier, Siegfried Puchbauer, Min Zhang
  • Patent number: 11722485
    Abstract: Systems and methods for determining whether a voice biometrics credential provides a reliable mechanism for authenticating a user are provided. The method includes receiving at least one set of voice data from the user; determining, based on the received at least one set of voice data, a value of at least one parameter that corresponds to a user-specific voice biometrics credential; obtaining at least one user-specific item of information; accessing at least one business rule that relates to the user; and determining, based on the at least one set of voice data, the at least one user-specific item of information, and the at least one business rule, whether the user-specific voice biometrics credential is usable for authenticating the user.
    Type: Grant
    Filed: September 13, 2019
    Date of Patent: August 8, 2023
    Assignee: JPMORGAN CHASE BANK, N.A.
    Inventors: Donna M. Barrett, Julia Cay, Brian Flanagan, Corinne Bigelow, Kalpana Jayaraman, Laura Yost, Paul D. Magasiny, Steven Fishman, Rafid A. Zane, Stephanie J. Schrieber, Bryant R. Barrera, Slobodan Petkovich, Matthew D. Matheny, Nikhil Dhoble
  • Patent number: 11716340
    Abstract: Generally discussed herein are devices, systems, and methods for improving cloud resource security. A method can include obtaining a cloud resource management log that details actions performed by users of cloud resources in a cloud portal, the actions including entries comprising at least two of a user identification (ID) of a user of the users, an operation of operations performed on the cloud resource, a uniform resource identifier (URI) of a cloud resource of the cloud resources that is a target of the operation, or a time the operation was performed. The method can include determining a respective score for each action in the cloud resource management log, comparing the respective score to a specified criterion, and providing an indication of anomalous action in response to determining the respective score satisfies the specified criterion.
    Type: Grant
    Filed: May 28, 2021
    Date of Patent: August 1, 2023
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Roy Levin, Ram Haim Pliskin, Johnathan Samuel Simon
  • Patent number: 11716206
    Abstract: Establishing secure communications by sending a server certificate message, the certificate message including a first certificate associated with a first encryption algorithm and a second certificate associated with a second encryption algorithm, the first certificate and second certificate bound to each other, signing a first message associated with client-server communications using a first private key, the first private key associated with the first certificate, signing a second message associated with the client-server communications using a second private key, the second private key associated with the second certificate, the second message including the signed first message, and sending a server certificate verify message, the server certificate verify message comprising the signed first message and the signed second message.
    Type: Grant
    Filed: November 2, 2020
    Date of Patent: August 1, 2023
    Assignee: International Business Machines Corporation
    Inventors: Michael W. Gray, Narayana Aditya Madineni, Simon D. McMahon, Matthew Green, Peter T. Waltenberg
  • Patent number: 11711401
    Abstract: System and methods of brokering trust across multiple Authentication and Authorization methods in a multi-domain, multi-operator, private and public cloud networks are identified. A Digital Trust Broker (DTB) is disclosed that brokers trust between infrastructure authentication methods that use digital certificates (PKI) and operator/enterprise Authentication/Authorization methods through interaction with multiple operator/service provider control and management platforms. The Digital Trust Broker interacts with vendor management and security platforms for associating device manufacturing, assembly, supply-chain, and logistics attributes for assuring trust of compute, network, storage and other system components that a high security enterprise or service provider acquires and installs in their networks. Additionally, methods of generating enhanced certificates for secure network slices and other Cloud and SDN hosted virtual network functions as trust assured services are also disclosed.
    Type: Grant
    Filed: February 24, 2022
    Date of Patent: July 25, 2023
    Assignee: SecureG
    Inventors: Carlos Solari, Surya Kumar Kovvali, Kevin Riley
  • Patent number: 11709785
    Abstract: Aspects of a storage device including a memory and an encryption core are provided. The storage device may be configured for providing secure data storage, as well as one or more post-processing operations to be performed with the data. The encryption core, which may be configured to decrypt data, may control execution of one or more post-processing operations using the data. A read command received from a host device may include a tag associated with data identified by the read command. When encrypted data is retrieved from memory according to the read command, the encryption core may decrypt the encrypted data and provide the decrypted data for post-processing based on the tag. A corresponding post-processing operation may return a result when executed using the decrypted data. Rather than raw data identified by the read command, the result may be delivered to the host device in response to the read command.
    Type: Grant
    Filed: June 26, 2020
    Date of Patent: July 25, 2023
    Assignee: WESTERN DIGITAL TECHNOLOGIES, INC.
    Inventors: Robert Ellis, Brent Jacobs, Kevin O'Toole
  • Patent number: 11706227
    Abstract: A system including a processor and a non-transitory, tangible computer-readable medium in which computer program instructions are stored, which instructions, when read by a computer, cause the computer to process access permission type-specific access permission requests from enterprise users in an enterprise, the system including access permission type-specific access permission request receiving functionality operable for receiving at least one request for at least one access permission type-specific access permission of at least one user to at least one data element in the enterprise, and access permission type-specific access permission request output providing functionality operable for employing information pertaining to ones of the enterprise users having similarities to the at least one user with respect to at least the access permission type-specific access permission to the data elements in order to provide an output indication of perceived appropriateness of grant of the request.
    Type: Grant
    Filed: July 20, 2016
    Date of Patent: July 18, 2023
    Inventors: Yakov Faitelson, Ohad Korkus, Ophir Kretzer-Katzir, David Bass
  • Patent number: 11699093
    Abstract: Techniques for generating and executing an execution plan for a machine learning (ML) model using one of an edge device and a non-edge device are described. In some examples, a request for the generation of the execution plan includes at least one objective for the execution of the ML model and the execution plan is generated based at least in part on comparative execution information and network latency information.
    Type: Grant
    Filed: January 16, 2018
    Date of Patent: July 11, 2023
    Assignee: Amazon Technologies, Inc.
    Inventors: Nagajyothi Nookula, Poorna Chand Srinivas Perumalla, Aashish Jindia, Danjuan Ye, Eduardo Manuel Calleja, Song Ge, Vinay Hanumaiah, Wanqiang Chen, Safeer Mohiuddin, Romi Boimer, Madan Mohan Rao Jampani, Fei Chen
  • Patent number: 11695750
    Abstract: The present disclosure relates generally to authentication of voice communications. Methods performed by a user device for mutually authenticated communications can include creating a first communication channel with a backend, creating a secure session across a second communication channel with the backend, receiving a first identification message from the backend via the second communication channel, receiving a second identification message from the backend via the first communication channel, sending an attestation that the second identification message matches the first identification message to the backend via the second communication channel, receiving a second step authorization instruction from the backend via the second communication channel, assessing the identity of the user, and delivering an authorization response to the backend via the second communication based of the assessed identity of the user.
    Type: Grant
    Filed: September 14, 2020
    Date of Patent: July 4, 2023
    Assignee: Oracle International Corporation
    Inventors: Karthik Venkatesh, Matthew Wayne Williams
  • Patent number: 11696423
    Abstract: An immersion cooling system includes an electronic component, a thermally conductive dielectric liquid, and a tank defining a tank interior configured to receive the electronic component and the thermally conductive dielectric liquid for cooling the electronic component. The immersion cooling system also includes a wall positioned external to the tank to coordinate with the tank to define an overflow gap extending between the tank and the wall. The overflow gap is configured to receive an overflow of the thermally conductive dielectric liquid from the tank interior.
    Type: Grant
    Filed: September 30, 2021
    Date of Patent: July 4, 2023
    Assignee: TYCO FIRE & SECURITY GMBH
    Inventors: Michael J Sweeney, David Patrick Selmser, John Bernard Zwicker, Shahreen Beente Haider