Authorization Patents (Class 726/4)
  • Patent number: 10298665
    Abstract: A Cloud federator may be used to allow seamless and transparent access by a Cloud Client to Cloud services. Federation may be provided on various terms, including as a subscription based real-time online service to Cloud Clients. The Cloud federator may automatically and transparently effect communication between the Cloud Client and Clouds and desired services of the Clouds, and automatically perform identity federation. A Service Abstraction Layer (SAL) may be implemented to simplify Client communication, and Clouds/Cloud services may elect to support the SAL to facilitate federation of their services.
    Type: Grant
    Filed: July 19, 2017
    Date of Patent: May 21, 2019
    Assignee: Intel Corporation
    Inventor: Hong Li
  • Patent number: 10298720
    Abstract: Methods and apparatus that allow clients to specify custom network rules for their resource instances or network constructs in a provider network environment. Services and interfaces may be provided that allow a client to provide an executable module that implements custom rules for their resources, or alternatively to specify or select custom rules for their resources. The module may be installed on a host device, and may apply the custom rules to packets to and from the client's resources. Alternatively, the client-defined rules may be applied to packet flows according to the custom rules specified by the client and applied by a client rules service implemented on the provider network external to the host device or on a client resource instance on the host device. The custom network rules may, for example, extend or modify standard network rules for the client's resources on the host device.
    Type: Grant
    Filed: December 7, 2015
    Date of Patent: May 21, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Kevin Christopher Miller, Joseph E. Magerramov, Marcin Piotr Kowalski, Colm Gearóid MacCárthaigh
  • Patent number: 10298585
    Abstract: A system supports asset transfers among blockchains of differing distributed ledger technologies using interop circuitry. The interop circuitry may receive asset permissions from origin and target participant circuitry. The asset permissions may support transfer of an asset from an origin blockchain to a target blockchain. The interop circuitry, acting on behalf of the origin and target participant circuitry, locks an asset on the origin blockchain. Then the interop circuitry creates the asset on the target blockchain. The locking of the asset on the origin blockchain may prevent a double-expend opportunity, where the asset can be redeemed on the origin blockchain and on the target blockchain.
    Type: Grant
    Filed: January 23, 2019
    Date of Patent: May 21, 2019
    Assignee: Accenture Global Solutions Limited
    Inventors: David Treat, Giuseppe Giordano, Luca Schiatti, Aspyn Cole Palatnick, Zixuan Zhang
  • Patent number: 10298516
    Abstract: A system and method for sharing resources among application modules includes receiving, on an application including a plurality of modules, a resource from a server; determining a storage position identifier corresponding to an identifier of the resource and indicative of a storage position in a database for storing resources dedicated for the application; and storing the resource in the database based on the determined identifier for sharing among the plurality of modules.
    Type: Grant
    Filed: April 19, 2016
    Date of Patent: May 21, 2019
    Assignee: HYLAND SWITZERLAND SÀRL
    Inventors: Cynthia Diane Anschutz, Shane Evan Blazek, David Mark Elton, Kristopher John Andrew Haney
  • Patent number: 10296218
    Abstract: An update control method executed by a processor included in an update control apparatus configured to update control programs respectively set up in a plurality of computers, the update control method includes acquiring update information and new control programs, the update information indicating update priority of the control programs of the plurality of computers and a progress status of the update; providing the new control programs to the plurality of computers; updating the progress status included in the update information based on information about a computer with the update of the control program completed among the computers; determining, based on the updated progress status, timings to reboot the plurality of respective computers such that the control programs of the plurality of computers are updated according to the update priority indicated by the update information; and updating the control programs of the plurality of computers based on the determined timings.
    Type: Grant
    Filed: June 8, 2017
    Date of Patent: May 21, 2019
    Assignee: FUJITSU LIMITED
    Inventors: Hiroaki Nishijo, Kenji Uchiyama
  • Patent number: 10299082
    Abstract: Methods and systems for providing information associated with a location history of a mobile device to one or more applications are disclosed. A mobile device generates one or more location history records based on one or more locations of the mobile device, each location history record comprising one or more points of interest and a duration at the one or more points of interest, receives an information request from at least one application, determines a subset of the one or more location history records that meet criteria from the information request, determines a level of permission for the at least one application based on the information request and the subset of the one or more location history records, and provides information associated with the subset of the one or more location history records to the at least one application based on the level of permission.
    Type: Grant
    Filed: July 5, 2018
    Date of Patent: May 21, 2019
    Assignee: QUALCOMM Incorporated
    Inventors: Hui Chao, Saumitra Mohan Das, Yin Chen
  • Patent number: 10289571
    Abstract: An authentication apparatus includes a memory that stores information regarding a device and other device located in the vicinity of the device in association with each other; a receiving unit that, in a case where there is an authentication request from the device, receives information regarding other device located in the vicinity of the device at a time of the authentication request; and an authentication unit that authenticates the device based on the information regarding the other device stored in the memory and the information regarding the other device that is received by the receiving unit at the time of the authentication request.
    Type: Grant
    Filed: August 22, 2016
    Date of Patent: May 14, 2019
    Assignee: FUJI XEROX CO., LTD.
    Inventor: Wataru Yamaizumi
  • Patent number: 10291615
    Abstract: Systems and methods are described for a web event framework. A computerized method includes receiving at a framework plugin an event from a web browser, wherein the framework plugin is coupled to the web browser, generating, by the framework plugin, a framework event based on the event, forwarding the framework event to a framework server coupled to the framework plugin, receiving at the framework server the framework event from the framework plugin, determining, at the framework server, a framework action based on the framework event and a framework policy, forwarding the framework action to the framework plugin, and executing the framework action by the framework plugin.
    Type: Grant
    Filed: May 13, 2013
    Date of Patent: May 14, 2019
    Assignee: Ivanti US LLC
    Inventors: Paul Keith Branton, James Tupper, Richard James Somerfield, Jonathan Rolls
  • Patent number: 10291634
    Abstract: Computerized methods and systems determine summary events from an attack on an endpoint. The detection and determination of these summary events is performed by a machine, e.g., a computer, node of a network, system or the like.
    Type: Grant
    Filed: December 8, 2016
    Date of Patent: May 14, 2019
    Assignee: CHECKPOINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Lior Arzi, Anandabrata Pal, Tamara Leiderfarb
  • Patent number: 10289538
    Abstract: A system and method in accordance with examples may include systems and methods for detecting failure of microservice applications in communication with an orchestration layer of a microservice-architecture. The system may include memory and an orchestration layer including one or more processors coupled to the memory. The one or more processors may be configured to connect the orchestration layer to a plurality of microservice applications that are each associated with a respective dataset. The one or more processors may be configured to validate, responsive to the connection of each of the microservice applications, the microservice applications by performing a first test and a second test. The one or more processors may be configured to deploy, responsive to the validation of the microservice applications, the microservice applications to execute a plurality of workflow actions.
    Type: Grant
    Filed: July 2, 2018
    Date of Patent: May 14, 2019
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Vipin Dwivedi, Renjith Pascas, Shilpa Mittal
  • Patent number: 10290777
    Abstract: Light emitting diodes, components, and related methods, with improved performance over existing light emitting diodes. In some embodiments light emitter devices included herein include a submount, a light emitter, a light affecting material, and a wavelength conversion component. Wavelength conversion components provided herein include a transparent substrate having an upper surface and a lower surface, and a phosphor compound disposed on the upper surface or lower surface, wherein the wavelength conversion component is configured to alter a wavelength of a light emitted from a light source when positioned proximate to the light source.
    Type: Grant
    Filed: July 21, 2017
    Date of Patent: May 14, 2019
    Assignee: CREE, INC.
    Inventors: Peter Scott Andrews, Jesse Colin Reiherzer, Amber C. Abare
  • Patent number: 10284255
    Abstract: Present disclosure relates to a base station and a method for operating the same. The base station includes a communicating unit and a processing unit. The communicating unit is wirelessly connected to user equipments in the internet of things. The communicating unit is configured to receive a frequency hopping preamble sequence from a user equipment. The processing unit, electrically coupled to the communicating unit, is configured to obtain frequency hopping energies corresponding to a plurality of symbol groups from the frequency hopping preamble sequence. The processing unit is configured to accumulate the frequency hopping energies and calculate an average energy corresponding to one symbol group according to the accumulated frequency hopping energies. The processing unit is configured to calculate a threshold based on the average energy and a false alarm rate, wherein the threshold is applied to determine whether signals sending from the user equipment are noises.
    Type: Grant
    Filed: November 9, 2017
    Date of Patent: May 7, 2019
    Assignee: INSTITUTE FOR INFORMATION INDUSTRY
    Inventors: Jeng-Kuang Hwang, Cheng-Feng Li, Chin-Gwo Ma
  • Patent number: 10282463
    Abstract: Embodiments are directed towards real time display of event records and extracted values based on at least one extraction rule, such as a regular expression. A user interface may be employed to enable a user to have an extraction rule automatically generate and/or to manually enter an extraction rule. The user may be enabled to manually edit a previously provided extraction rule, which may result in real time display of updated extracted values. The extraction rule may be utilized to extract values from each of a plurality of records, including event records of unstructured machine data. Statistics may be determined for each unique extracted value, and may be displayed to the user in real time. The user interface may also enable the user to select at least one unique extracted value to display those event records that include an extracted value that matches the selected value.
    Type: Grant
    Filed: August 2, 2015
    Date of Patent: May 7, 2019
    Assignee: Splunk Inc.
    Inventors: R. David Carasso, Micah James Delfino, Johnvey Hwang
  • Patent number: 10275188
    Abstract: A communication device may send a first registration request including first device identification information to a server in a case where an input of a first registration instruction is received, wherein in the server, the first device identification information, first account information, and first communication authentication information may be registered in association with each other. The communication device may send a second registration request including second device identification information the server in a case where an input of a second registration instruction is received, wherein in the server, the second device identification information, second account information, and second communication authentication information may be registered in association with each other.
    Type: Grant
    Filed: March 29, 2018
    Date of Patent: April 30, 2019
    Assignee: Brother Kogyo Kabushiki Kaisha
    Inventors: Yongyong Ren, Makoto Matsuda
  • Patent number: 10277779
    Abstract: An information processing device includes an accepting unit, a first transmitting unit, a receiving unit, an acquiring unit, and a second transmitting unit. The accepting unit receives identification information used by a cloud service for identifying a user and authentication information used for authenticating the user. The first transmitting unit transmits the identification information and the authentication information to the cloud service via a first line. The receiving unit receives a message transmitted to the information processing device from the cloud service via a second line. The acquiring unit acquires unique information contained in the message. The second transmitting unit transmits the unique information to the cloud service via the first line in a case where the message is transmitted by the cloud service due to transmission by the first transmitting unit.
    Type: Grant
    Filed: August 28, 2017
    Date of Patent: April 30, 2019
    Assignee: FUJI XEROX CO., LTD.
    Inventor: Takayuki Suzuki
  • Patent number: 10275239
    Abstract: Performance of a legacy application may be characterized for subsequent adjustment of operating parameters when running the legacy application on a new system. Performance information for the legacy application is recorded or derived while running the legacy application on the legacy system. One or more performance characteristics for the legacy application running on the legacy system are determined by analyzing the performance information, the one or more performance characteristics including one or more key performance metrics and other performance information. The one or more key performance metrics must be met when the legacy application is run on the new system. The other performance information is useful for later adjustment of operating parameters of the new system when running the legacy application on the new system.
    Type: Grant
    Filed: March 22, 2017
    Date of Patent: April 30, 2019
    Assignee: Sony Interactive Entertainment Inc.
    Inventors: David Simpson, Mark Evan Cerny
  • Patent number: 10277688
    Abstract: Automatic installation and/or activation selection for hosted services is provided. A set-up user interface for users to sign up and activate their membership with a hosted service may prompt an activation module to analyze a computing environment of a requesting user to determine if a client application associated with the hosted service is pre-installed or not. If the client application is pre-installed, the user may be provided a control such as a button to activate the client application and begin using the hosted service. If the client application is not pre-installed, the activation module may determine which version of the client application is proper for the computing environment (e.g., operating system, operating system version, device, and similar parameters) and where it can be downloaded from. The activation module may then present the user with a link to the location for downloading and optionally installing the client application automatically.
    Type: Grant
    Filed: January 4, 2017
    Date of Patent: April 30, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Arwa Tyebkhan, Christopher Lomond, Carlos Perez, Max S. Lustig, Jason F. Moore, Randy B. Wong
  • Patent number: 10270740
    Abstract: The present disclosure provides solutions for an enterprise providing services to a variety of clients to enable the client to use the resources provided by the enterprise by modifying URLs received and the URLs from the responses from the servers to the client's requests before forwarding the requests and the responses to the intended destinations. An intermediary may identify an access profile for a clients' request to access a server via a clientless SSL VPN session. The intermediary may detect one or more URLs in content served by the server in response to the request using one or more regular expressions of the access profile. The intermediary may rewrite or modify, responsive to detecting, the one or more detected URLs in accordance with a URL transformation specified by one or more rewrite policies of the access profile. The response with modified URLs may be forwarded to the client.
    Type: Grant
    Filed: February 7, 2014
    Date of Patent: April 23, 2019
    Assignee: Citrix Systems, Inc.
    Inventors: Puneet Agarwal, Srinivasan Thirunarayanan, Vamsi Korrapatti, Prakash Khemani, Rajiv Mirani, Anoop Reddy
  • Patent number: 10268809
    Abstract: A multi-factor user authentication framework using asymmetric key includes a host device, a user agent, a gesture system, and an authentication system. The multiple factors include a user credential as well as a user gesture that indicates that the user is present. The user interacts with the user agent via the host device in order to obtain access to something for which user authentication is needed. The authentication system maintains the user credentials, which are provided to authenticate the user in response to the authentication system determining that the user is present (which can be determined in different manners, such as using a personal identification number (PIN), biometric information regarding the user, geographic location of the gesture system, etc.). The user agent, gesture system, and authentication system can be implemented on the same device (e.g., the host device), or alternatively implemented across one or more different devices.
    Type: Grant
    Filed: April 2, 2018
    Date of Patent: April 23, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Anooshiravan Saboori, Nelly Porter, Vijay G. Bharadwaj, Alexander Thomas Weinert, Octavian T. Ureche, Benjamin Richard Vincent, Tarek Bahaa El-Din Mahmoud Kamel
  • Patent number: 10270751
    Abstract: An information processing device that is connected to another information processing device includes a memory storing a program, a first authentication information for each user to access the information processing device and a second authentication information in association with the first authentication information for the each user to access the another information processing device; and a processor that performs the program so as to execute a method including the steps of receiving an acquisition request that is sent from a client device according to the first authentication information, transmitting a list including files that are accessible according to the second authentication information in association with the first authentication information of the received acquisition request, receiving an execution request to execute at least one of the files and the folders that are included in the list, and executing a process according to the execution request by using the second authentication information.
    Type: Grant
    Filed: January 22, 2018
    Date of Patent: April 23, 2019
    Assignee: Ricoh Company, Ltd.
    Inventors: Satoru Hirakata, Ryoh Shimomoto, Shinya Mukasa, Teruaki Takahashi
  • Patent number: 10264023
    Abstract: A method is provided for managing a plurality of subscriptions on a security element of a mobile end device for logging into a respective mobile radio network, and such a security element. The security element has a plurality of memory locations for storing the plurality of subscriptions, wherein the plurality of subscriptions comprises a primary subscription and at least one secondary subscription. In the primary subscription there is deposited a set of rules which determines whether the at least one secondary subscription on the security element can be used.
    Type: Grant
    Filed: December 17, 2014
    Date of Patent: April 16, 2019
    Assignee: GIESECKE+DEVRIENT MOBILE SECURITY GMBH
    Inventors: Claus Jarnik, Monika Eckardt
  • Patent number: 10262480
    Abstract: A method for managing access rights of a user (10) to one place, the method being applied by an automaton (20), inter alia by a time-stamp meter, the automaton (20) including a readout unit (22, 26) and the method including the steps: presenting to the readout member (22, 26) a physical identification medium (14), sending at least one message for requesting provision of the identification code by the readout unit (22, 26) to the physical medium (14), each message being a message intended to be addressed to the first layer (C1) according to a different communication protocol, when the readout unit (22, 26) receives a response from the physical medium (14), receiving the identification code.
    Type: Grant
    Filed: June 13, 2016
    Date of Patent: April 16, 2019
    Assignee: PARKEON
    Inventor: Michel Bohly
  • Patent number: 10255423
    Abstract: Systems, methods, and non-transitory computer-readable media can detect an operation that causes a challenge response process to be initiated. An image category associated with a recognized category label can be identified. At least one image associated with the image category can be displayed during the challenge response process. The operation can be executed when the challenge response process, based on the at least one image, is successfully completed.
    Type: Grant
    Filed: May 9, 2017
    Date of Patent: April 9, 2019
    Assignee: Facebook, Inc.
    Inventors: Nikhil Johri, Trevor M. Pottinger, Balamanohar Paluri
  • Patent number: 10243956
    Abstract: A technique for network authentication interoperability involves initiating an authentication procedure on a first network, authenticating on a second network, and allowing access at the first network. The technique can include filtering access to a network, thereby restricting access to users with acceptable credentials. Offering a service that incorporates these techniques can enable incorporation of the techniques into an existing system with minimal impact to network configuration.
    Type: Grant
    Filed: April 25, 2018
    Date of Patent: March 26, 2019
    Assignee: Aerohive Networks, Inc.
    Inventors: Kenshin Sakura, Matthew Stuart Gast, Long Fu
  • Patent number: 10242215
    Abstract: A user of a content management system can store one or more content items at the user's account with the system. In some instances, the system can generate and present a preview of a content item of interest (e.g., a content item selected by the user). In addition to the preview of the content item, the system can generate and present a web address or other machine-readable code referring to (or otherwise associated with) the preview of the content item. Various embodiments of the present disclosure can enableh the web address or other machine-readable code to be sharable and to provide access to the content item (or a copy thereof). For example, the user who is previewing the content item can share the web address of the preview with one or more other users. The one or more users can then access the content item via the web address.
    Type: Grant
    Filed: August 2, 2017
    Date of Patent: March 26, 2019
    Assignee: Dropbox, Inc.
    Inventors: Ziga Mahkovec, Christopher Beckmann, Rian Hunter
  • Patent number: 10237274
    Abstract: A Network Function Virtualization Infrastructure (NFVI) controls a Software Defined Network (SDN) Application Programming Interface (API) between a source SDN Virtual Network Function (VNF) and a target SDN VNF. NFV circuitry executes the source SDN VNF and transfers an identity code embedded in the source SDN VNF to Management and Orchestration (MANO) circuitry. The MANO circuitry translates the SDN VNF identity code into API privileges between the source SDN VNF and the target SDN VNF. The MANO circuitry transfers the SDN API privileges to the target SDN VNF. The NFV circuitry executes the source SDN VNF and transfers SDN API data from the source SDN VNF to the target SDN VNF. The NFV circuitry executes the target SDN VNF and processes the SDN API data based on the SDN API privileges.
    Type: Grant
    Filed: April 3, 2018
    Date of Patent: March 19, 2019
    Assignee: Sprint Communications Company L.P.
    Inventors: Marouane Balmakhtar, Arun Rajagopal
  • Patent number: 10237417
    Abstract: A device may determine a subscriber identifier associated with a subscriber device. The device may obtain a service indicator based on the subscriber identifier. The service indicator may identify a network service to which a subscriber, associated with the subscriber identifier, is subscribed. The device may obtain a charging data function (CDF) identifier based on the service indicator. The CDF identifier may identify a destination CDF for charging messages associated with the network service. The device may establish a communication session associated with the subscriber device and the network service. The device may transmit one or more charging messages, associated with the communication session, to the destination CDF identified by the CDF identifier.
    Type: Grant
    Filed: April 30, 2018
    Date of Patent: March 19, 2019
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Vijay Nanjundan, Arvind Aggarwal, Earlin George
  • Patent number: 10235383
    Abstract: Techniques are disclosed for enabling synchronization of items (e.g., folders or files) with read-only permissions in a cloud-based environment. In one embodiment, a method comprises, upon receiving a request from a collaborator to synchronize an item stored in the workspace, determining whether the item is marked as read-only and verifying if the collaborator has permission for downloading the item. The method further comprises, if the item is marked as read-only and if the collaborator has permission for downloading the item, sending the item to the collaborator. The method further comprises synchronizing the item by automatically pushing an updated version of the item unilaterally from the cloud-based environment to the collaborator regardless of whether the collaborator has performed any modification to the sent item.
    Type: Grant
    Filed: December 19, 2013
    Date of Patent: March 19, 2019
    Assignee: Box, Inc.
    Inventor: Griffin Dorman
  • Patent number: 10237137
    Abstract: A network (e.g., LAN/WLAN) contains individual private networks, each with an access point assistant (APA) containing an access point, web server, and other components, such as support voice interaction therewith. APAs are separated by device isolation over the LAN, but devices on each individual private network are accessible to each other directly, including cell phones, laptop computers, tablets, iPods, or other network aware devices literally owned or controlled by a guest assigned the APA at a hospitality property. The access management system assigns to an APA a bandwidth limit, which it then administers and accounts for, avoiding the classic problem of “bandwidth hogs” swamping the LAN with no accountability or control.
    Type: Grant
    Filed: September 12, 2017
    Date of Patent: March 19, 2019
    Inventors: Edward Linn Helvey, David Andrew Hulse, Todd James Palmer, John Joseph Brannelly
  • Patent number: 10235155
    Abstract: Systems and methods for selectively updating or extending built in functionality on a mobile device are disclosed. The updates may be provided to selective portions of software such that the entire software does not need to be replaced. The update may be provided through an application marketplace that provides third party software applications for mobile devices. The software that the mobile device is shipped with may include a number of “entry points,” which provide functionality that may be extended through the selective updates. When the entry point is triggered by user selection, a determination may be made whether code for the functionality is already available on the mobile device. If not, the mobile device may contact the application marketplace to determine if code is available to provide or extend the requested functionality.
    Type: Grant
    Filed: July 29, 2016
    Date of Patent: March 19, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Shiraz J. Cupala, Lan Ye, Neeraj Garg
  • Patent number: 10231108
    Abstract: In embodiments of virtual addressing for mesh networks, a node in a mesh network publishes packets and/or subscribes to packets using a virtual address that is derived from a unique identifier. The unique identifier has a larger address space than the destination address field of the packet. The unique identifier and an application key are hashed to elide the unique identifier from the destination address that is transmitted in the packet over the mesh network. A node receiving the packet can determine that the address is a virtual address, and disambiguate the destination address to determine that the virtual address corresponds to a unique identifier known to the receiving node.
    Type: Grant
    Filed: August 9, 2016
    Date of Patent: March 12, 2019
    Assignee: Google LLC
    Inventor: Martin A. Turon
  • Patent number: 10230716
    Abstract: An information processing apparatus for performing encryption communication with an external apparatus by an encryption communication protocol has an inhibition unit for inhibiting use of a set of algorithms which do not satisfy a predetermined condition among a plurality of sets of algorithms used in the encryption communication protocol. The set of algorithms whose use if inhibited is a set of algorithms which need to transmit a message with a signature of the information processing apparatus to the external apparatus at the time of handshake performed with the external apparatus prior to the encryption communication.
    Type: Grant
    Filed: September 27, 2017
    Date of Patent: March 12, 2019
    Assignee: Canon Kabushiki Kaisha
    Inventor: Yasuharu Sugano
  • Patent number: 10229373
    Abstract: Methods and computer systems are used to create context-based event entries. In one aspect, the method includes, at a computer system with one or more processors and memory: (1) receiving a content-less request to create an event entry; (2) selecting an applicable rule from a set of rules stored at the computer system in accordance with one or more context items, the one or more context items comprising one or more context items for the user, the set of rules comprising a plurality of distinct rules; (3) creating an event entry in accordance with the selected applicable rule and at least one of the one or more context items for the user, the event entry including one or more fields having content determined in accordance with the at least one of the one or more context items for the user; and (4) providing the event entry for display.
    Type: Grant
    Filed: June 1, 2018
    Date of Patent: March 12, 2019
    Assignee: GOOGLE LLC
    Inventor: Boris Khvostichenko
  • Patent number: 10230733
    Abstract: Disclosed can improve rights list management as well as performance of systems utilizing an access control list. A database server having a transitive closure management module may receive an identification of an entity defined in a database storing a cached transitive closure. The transitive closure management module may incrementally update the cached transitive closure stored in the database by generating a new transitive closure for the entity and determining a delete transitive closure record. The delete transitive closure record may be determined by analyzing the cached transitive closure and the new transitive closure, determining a first transitive closure path for the entity that is not specified in the new transitive closure and that is specified in the cached transitive closure, and selecting as the delete transitive closure record a record specifying the first transitive closure path. The delete transitive closure record can then be deleted from the cached transitive disclosure.
    Type: Grant
    Filed: March 6, 2017
    Date of Patent: March 12, 2019
    Assignee: Open Text SA ULC
    Inventor: Geoffrey Michael Obbard
  • Patent number: 10230745
    Abstract: Provided are methods, network devices, and computer-program products for targeted threat intelligence using a high-interaction network. In some implementations, a network device in a network may receive suspect network traffic. The suspect network traffic may include network traffic identified as potentially causing harm to the network. The network device may determine that the suspect traffic is associated with an unknown threat. The network device may further analyze the suspect network traffic using a high-interaction network. In various implementations, the high-interaction network may be configured to emulate at least a part of the network. In various implementations, analyzing the suspect network traffic may include determining a behavior of the suspect network traffic in the high-interaction network. The network device may further generate indicators, where the indicators may describe the suspect network traffic.
    Type: Grant
    Filed: January 12, 2017
    Date of Patent: March 12, 2019
    Assignee: ACALVIO TECHNOLOGIES, INC.
    Inventors: Abhishek Singh, Sreenivas Gukal
  • Patent number: 10223677
    Abstract: There is provided systems and method for automatic completion of online payment forms and recurring payments. The methods include determining if a user is engaged in a financial transaction, requesting permission to use an payment provider to complete the financial transaction, and completing the financial transaction using the payment provider if permission is granted, wherein the payment provider provides user information to complete the financial transaction. The financial transaction may include a payment form including at least one field, a recurring payment, or a payment to a merchant utilized by the user.
    Type: Grant
    Filed: September 11, 2017
    Date of Patent: March 5, 2019
    Assignee: PAYPAL, INC.
    Inventor: Kamal Zamer
  • Patent number: 10225839
    Abstract: A network hub may be unlockable into a development environment at various levels of access to implement tiered unlocking. A network hub may send a request to a server computer for a device-specific certificate that is usable to unlock the network hub, the request including (i) a requested level of access, and (ii) a device identifier (ID) associated with the network hub. The network hub may receive the certificate from the server computer, reboot, determine whether the certificate is associated with a trusted entity, and, if so, unlock the network hub at the requested level of access as an unlocked network hub. The unlocked network hub allows for particular development activities (e.g., flashing custom software), but depending on the requested level of access, may or may not allow a user to change settings of a configurable software defined radio (SDR) of the network hub and/or flash custom firmware.
    Type: Grant
    Filed: July 26, 2017
    Date of Patent: March 5, 2019
    Assignee: T-Mobile USA, Inc.
    Inventor: Andrew Lee Watts
  • Patent number: 10225084
    Abstract: Disclosed are techniques for securely sharing a content item. The techniques comprise receiving an authorization grant. The techniques also comprise utilizing the authorization grant to obtain an access token. The access token includes credentials for enabling access to a content item. The techniques further include requesting one of an encryption or decryption key from a key management system. The one of the encryption or decryption key facilitates encryption or decryption operations in connection with the content item. The techniques still further comprising performing an encryption or decryption operation in connection with the content item. The one of the encryption or decryption operation is performed using the corresponding one of the encryption or decryption key.
    Type: Grant
    Filed: December 29, 2015
    Date of Patent: March 5, 2019
    Assignee: EMC IP Holding Company LLC
    Inventor: Salah E. Machani
  • Patent number: 10214164
    Abstract: A system for providing security to an in-vehicle communication network, the system comprising: a data monitoring and processing hub external to the in-vehicle network, the in-vehicle network having a bus and at least one node connected to the bus; a module configured to monitor messages in communication traffic propagating in the in-vehicle network, the module comprising: at least one communication port via which the module receives and transmits messages; a memory having data characterizing messages that the at least one node transmits and receives during normal operation of the node, and software executable to: identify, responsive to the data characterizing messages, an anomaly in communications over the in-vehicle communication network; and instruct a communication interface, configured to support communication with the hub, to transmit monitoring data responsive to identifying the anomaly to the hub for processing; and a processor configured to execute the software in the memory.
    Type: Grant
    Filed: August 14, 2017
    Date of Patent: February 26, 2019
    Assignee: ARGUS CYBER SECURITY LTD.
    Inventors: Ofer Ben Noon, Yaron Galula, Oron Lavi
  • Patent number: 10218676
    Abstract: A flexible network security system and method permit a trusted process through a firewall. The system includes a port monitoring unit for extracting information about a server port being used through a network communication program, an internal permitted program storage configured to store a list of programs permitted by the firewall, and a firewall flexible device configured to add the network communication program to the list of programs by extracting information about the network communication program and to automatically store the extracted information about the server port in an internal port storage if the network communication program tries to listen to the server port. The firewall flexible device is further configured to determine whether a port of a packet of inbound traffic matches the server port and to allow the packet of inbound traffic if the port matches the server port.
    Type: Grant
    Filed: June 21, 2013
    Date of Patent: February 26, 2019
    Assignee: CAP CO., LTD.
    Inventor: Dong-Hyuk Lee
  • Patent number: 10218499
    Abstract: A system and method are described for secure communications between controllers in a vehicle network. The system includes multiple controllers associated in a group and configured to communicate with each other, each having an initial controller identification (ID) number and configured to communicate with a gateway controller. Each controller in the group is configured to calculate an updated controller ID number and transmit the updated controller ID to the gateway controller in a secure fashion, and the gateway controller is configured to authenticate and transmit the updated controller ID of each controller in the group to all the controllers in the group in a secure fashion. Each controller in the group is further configured to include its updated controller ID in network messages transmitted to other controllers in the group, and to authenticate other controllers in the group based on the updated controller IDs in network messages from other controllers.
    Type: Grant
    Filed: October 3, 2017
    Date of Patent: February 26, 2019
    Assignee: Lear Corporation
    Inventors: Younes El Hajjaji El Idrissi, Andre Weimerskirch
  • Patent number: 10216915
    Abstract: A method and an authentication apparatus are provided by the embodiments of the present disclosure. In the embodiments of the present disclosure, data to be processed is obtained, a character sequence is generated based on the data, physiological feature information sequentially inputted by a user is received to obtain a feature information sequence and it is determined whether every piece of physiological feature information in the feature information sequence matches with the corresponding character in the character sequence.
    Type: Grant
    Filed: July 20, 2016
    Date of Patent: February 26, 2019
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventors: Ziyi Cui, Weijie Shen, Yi Luo, Yuhan Huang, Dekang Zeng, Siqi Zhao, Jingyang Qin
  • Patent number: 10218638
    Abstract: In various embodiments of the present invention, a method, computer system, and computer program product is implemented to identify a target device that is obtained based on state information of a plurality of ports in the target device, a type of the target device is identified based on the obtained identifier, and the target device is accessed based on the type of the target device.
    Type: Grant
    Filed: July 26, 2016
    Date of Patent: February 26, 2019
    Assignee: International Business Machines Corporation
    Inventors: Lei Chen, Yang Liu, Da Lu, Scott R. Murray
  • Patent number: 10216764
    Abstract: An apparatus which searches for an image containing an object requested from a distribution destination apparatus, and manages an object of an image and a user of a distribution destination apparatus by categories; a unit which receives information about the user of the distribution destination apparatus and information about the requested object; a unit which determines a distribution destination user category to which the user of the distribution destination apparatus belongs; a unit which determines an object category to which the object requested from the distribution destination apparatus belongs; a unit which decides a search condition of an image based on the distribution destination user category and the object category; and a unit which searches for an image based on the decided search condition.
    Type: Grant
    Filed: May 21, 2014
    Date of Patent: February 26, 2019
    Assignee: Canon Kabushiki Kaisha
    Inventors: Araki Matsuda, Yoko Hirotani
  • Patent number: 10218703
    Abstract: A first representation is provided of privileges among a plurality of tenants of a system. The tenants have relationships according to a hierarchy that includes multiple hierarchical levels of the tenants, where at least one of the privileges specifies a permission of a first tenant to perform a task with respect to a second tenant. The first representation is independent of a representation of the relationships among the plurality of tenants. In response to a request from the first tenant to perform a task with respect to the second tenant, a system determines, based on the first representation, whether the first tenant is permitted to perform the task with respect to the second tenant.
    Type: Grant
    Filed: January 20, 2014
    Date of Patent: February 26, 2019
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventor: Michael B Beiter
  • Patent number: 10218725
    Abstract: A device for detecting a command and control channel includes: a session log collector for collecting log information of sessions generated between at least one communication device of the first network and at least one communication device of the second network; an analyzer for generating test data for respective sessions based on the log information, and calculating a test data distribution based on test data of the sessions; and a determiner for extracting a test data value corresponding to an abnormal distribution from the test data distribution based on an abnormal distribution determination standard, and estimating sessions relating to the extracted test data value as a command and control channel.
    Type: Grant
    Filed: February 26, 2014
    Date of Patent: February 26, 2019
    Assignee: Naru Security, Inc.
    Inventor: Hyukjoon Kim
  • Patent number: 10210339
    Abstract: Examples disclosed herein relate to request authorization and authentication. Examples include to intercept a request from a processing pipeline of a device. The device to determine whether the request is authorized and authentic. The device to generate a cancellation request if the request is not authorized or not authenticated. The device to provide the cancellation request to the processing pipeline of the device.
    Type: Grant
    Filed: September 30, 2014
    Date of Patent: February 19, 2019
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Helen Balinsky, Shivaun Albright, Nassir Mohammad, Hector Rodriguez Aviles
  • Patent number: 10212253
    Abstract: Among other things, embodiments of the present disclosure discussed herein may be used to analyze the online social network profiles of users of the social network and generate customized summaries of the profiles. Among other things, the embodiments of the present disclosure help quickly and efficiently generate an intuitive and personalized summary of a user's profile, even where a user's profile contains a relatively lengthy amount of content.
    Type: Grant
    Filed: January 26, 2017
    Date of Patent: February 19, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Qin Iris Wang, Mohammad H. Firooz, Angela Jiang, Avinash Parida
  • Patent number: 10203919
    Abstract: A login management portion performs user authentication on the basis of a user ID and allows login of a user. A transfer control portion transmits, to a predetermined call transfer control device, a transfer setting request for causing a voice communication device to change an incoming call destination of a telephone number that corresponds to the user ID of the user whose login has been allowed. The login management portion prohibits, when a first user logs in, login of a second user different from the first user, and allows, when the voice communication device starts voice communication of the telephone number that corresponds to the user ID of the first user, login of the second user while prohibiting use of the voice communication device by the second user different from the first user.
    Type: Grant
    Filed: October 27, 2017
    Date of Patent: February 12, 2019
    Assignee: KYOCERA Document Solutions Inc.
    Inventor: Ariyoshi Hikosaka
  • Patent number: 10205737
    Abstract: A computer-implemented method includes identifying a primary login platform and identifying one or more security developments associated with the primary login platform. The computer-implemented method further includes determining one or more security corrective actions based on the one or more security developments. A corresponding computer program product and computer system are also disclosed.
    Type: Grant
    Filed: January 11, 2016
    Date of Patent: February 12, 2019
    Assignee: International Business Machines Corporation
    Inventors: Yi-Chun Chen, Zen-Jerr Hong, Lin Chung Liang, Min-Tsung Wu