Authorization Patents (Class 726/4)
-
Patent number: 12381723Abstract: A data platform provides for encryption of secrets. During operation, an application of the data platform receives a secret and communicates the secret to an encryption client of the data platform. The encryption client generates an encrypted secret using a Data Encryption Key (DEK) and the secret. The encryption client communicates the DEK to an encryption server of the data platform while retaining the encrypted secret. The encryption server generates an encrypted DEK using a Transit Encryption Key TEK. The encryption server communicates the encrypted DEK to the encryption client and the encryption client generates a binary large object (blob) using the retained encrypted secret and the encrypted DEK. The application stores the blob on a data storage device.Type: GrantFiled: November 28, 2023Date of Patent: August 5, 2025Assignee: Snowflake Inc.Inventors: Dmitry Basavin, Aaron S. Joyner, Kyle Leonhard
-
Patent number: 12381856Abstract: A computer-implemented method for building and using a multi-party Attestation Model for controlling operation of a multi-tenant cloud infrastructure which includes providing a trusted execution environment (TEE) within the multi-tenant cloud infrastructure, receiving a set of requirements from each of a plurality of tenants of the multi-tenant cloud infrastructure, building an Attestation Model according to the sets of requirements, and deploying the Attestation Model within the TEE. In response to a determination that a change does not satisfy the Attestation Model for each of the plurality of tenants, a function is performed to separate components shared between tenants for which the change satisfies the Attestation Model from components shared between tenants for which the change does not satisfy the Attestation Model, and the change is deployed on the multi-tenant cloud infrastructure for the tenants for which the change satisfies the Attestation Model.Type: GrantFiled: January 5, 2023Date of Patent: August 5, 2025Assignee: International Business Machines CorporationInventors: Timo Kussmaul, Peng Hui Jiang, Stefan Schmitt, Xiang Dong Hu
-
Patent number: 12381859Abstract: Existing approaches to security within network, for instance oneM2M networks, are limited. For example, content might only be protected while the content is in transit between entities that trust each other. Here, the integrity and the confidentiality of content in an M2M network are protected. Such content may be “at rest,” such that the content is stored at a hosting node. Only authorized entities may store and retrieve the data that is stored at the hosting node, and the data may be protected from a confidentiality perspective and an integrity perspective.Type: GrantFiled: September 28, 2023Date of Patent: August 5, 2025Assignee: CONVIDA WIRELESS, LLCInventors: Vinod Kumar Choyi, Yogendra C. Shah, Dale N. Seed, Michael F. Starsinic, Shamim Akbar Rahman, Quang Ly, Zhuo Chen, William Robert Flynn, IV
-
Patent number: 12381932Abstract: A method for managing multiple representational state transfer (REST) requests using a transaction management process coupled to a cluster of computer-executed server processes. The method receives a first request to start a transaction associated with a data access process coupled to a database. The method acquires a database connection in an open state and a unique transaction identifier for the transaction. The method receives a plurality of REST queries, each of the plurality of REST queries associated with a corresponding transaction identifier. The method determines that, for at least one of the plurality of REST queries, the corresponding transaction identifier does not match the unique transaction identifier and proxy the corresponding REST queries to a selected server process. The method receives a second request to end the transaction. In response to the second request, the method completes the transaction and change the database connection to a closed state.Type: GrantFiled: November 21, 2023Date of Patent: August 5, 2025Assignee: Xactly CorporationInventors: Steven Bogrett, Oleksandr Podoprygora
-
Patent number: 12375415Abstract: Discussed herein is a framework that provisions for customized processing for different classes of traffic. A network device in a communication path between a source host machine and a destination host machine extracts a tag from a packet received by the network device. The packet originates at a source executing on the source host machine and whose destination is the destination host machine. The tag set by the source and indicative of a first traffic class to be associated with the packet, the first traffic class being selected by the source from a plurality of traffic classes. The network device determines, based on the tag, that the first traffic class corresponds to a latency sensitive traffic and processes the packet using one or more settings configured at the network device for processing packets associated with the first traffic class.Type: GrantFiled: September 26, 2022Date of Patent: July 29, 2025Assignee: Oracle International CorporationInventors: Jagwinder Singh Brar, David Dale Becker, Jacob Robert Uecker, Lukasz Sulek, Marcin Jakub Zablocki, Santosh Narayan Shilimkar
-
Patent number: 12366951Abstract: The present disclosure provides a method, apparatus, device, medium and program product for replying questions. The method presents a reply viewing interface for a question to a user, the reply viewing interface including a first reply control; receives a first reply operation of the user based on the first reply control; publishes a first reply video according to the first reply operation, the first reply video being used for replying to the question.Type: GrantFiled: February 9, 2024Date of Patent: July 22, 2025Assignee: Beijing Bytedance Network Technology Co., Ltd.Inventors: Xiusong Li, Na Sun
-
Patent number: 12360800Abstract: A distributed system provides access by a principal to a resource associated with sensitive data. Micro-services in communication with an authorization engine each include a resource provider that receives a resource action request from the principal to access the resource, determines a context for the request, and transmits the context to the authorization engine in an authorization request. The authorization engine receives the authorization request, resolves the authorization request context against a plurality of pre-defined resource conditions, and responds to the resource provider with an authorization response of allow, deny, or allow-with-conditions. The context for the request includes metadata regarding attributes of the principal, and each of the resource conditions includes a logical expression operating upon the attributes.Type: GrantFiled: September 22, 2020Date of Patent: July 15, 2025Assignee: Proofpoint, Inc.Inventors: Alexander Kremer, Tamir Pivnik
-
Patent number: 12363128Abstract: Methods, apparatuses, or computer program products according to the present disclosure provide for service permissions scaling. In example embodiments, an apparatus receives a service request from an edge server. The apparatus may generate an authorization token based at least in part on a permissions data vector, where the authorization token is configured for access by one or more computing devices to determine whether to grant access by a first computing device associated with the requesting entity identifier to one or more resources associated with the one or more computing devices. The apparatus may then transmit the authorization token to the edge server. According to some embodiments, the authorization token may be configured for storing in an authorization token cache. In some embodiments, the authorization token may be retrieved from the authorization token cache.Type: GrantFiled: October 20, 2023Date of Patent: July 15, 2025Assignees: ATLASSIAN PTY, LTD., ATLASSIAN US, INC.Inventors: Mikhael Harswanto Tanutama, Vishal Pandey
-
Patent number: 12362936Abstract: Method and system for authenticating a candidate user are disclosed. The method includes acquiring, by a second service from a first service, a request for a candidate User-Service Unique Identifier (USUID) associated with the candidate user. The candidate USUID is unique for a candidate user-first service pair. The method includes generating, by the second service, the candidate USUID, and sending a token indicative of the candidate USUID. In response to the candidate USUID matching a target USUID, the first service authenticates the candidate user as a target user without prompting the candidate user to provide additional information.Type: GrantFiled: March 13, 2023Date of Patent: July 15, 2025Assignee: Y.E. Hub Armenia LLCInventors: Sergey Vyacheslavovich Baibik, Oleg Vitalevich Isupov, Evgeny Mikhailovich Primako, Eldar Timurovich Zaitov, Pavel Nikolaevich Vorobkalov, Vitaly Borisovich Kholyavin
-
Patent number: 12363113Abstract: Aspects of the present invention disclose a method, computer program product, and system for management and usage of shared authentication credentials. The method includes one or more processors updating usage information associated with an authentication credential with a media access control address (MAC address) that corresponds to a computing device that corresponds to using the authentication credential. The method further includes one or more processors receiving a login request that includes the authentication credential from a computing device. The method further includes one or more processors fetching a MAC address of the computing device that sent the login request. The method further includes one or more processors validating the authentication credentials and the MAC address.Type: GrantFiled: June 14, 2023Date of Patent: July 15, 2025Assignee: Kyndryl, Inc.Inventors: Anuj Kumar Garg, Kuntal Dey, Jeffrey Robert Stangeland, Sanju Soman Chathoth Kurungara, Himanshu Gaur
-
Patent number: 12363193Abstract: A wireless device sends, to an access and mobility management function (AMF), a packet data unit (PDU) session establishment request comprising an indication for a multimedia priority service (MPS). The wireless device receives, from the AMF, an establishment indication of the PDU session.Type: GrantFiled: June 9, 2021Date of Patent: July 15, 2025Assignee: Ofinno, LLCInventors: Peyman Talebi Fard, Esmael Hejazi Dinan, Jinsook Ryu, Kyungmin Park, Taehun Kim, Weihua Qiao
-
Patent number: 12353355Abstract: Systems, computer program products, and methods are described herein for tracking cross border data transmissions and generating a data passport entry in an electronic network. The present disclosure is configured to receive a file, the file comprising file data; receive an origination location identifier and destination location identifier of the file; parse the file data and apply a natural language processor to the file data to generate a structured meaning of the file data; compare the structured meaning of the file data to a theme database to generate a file theme score; determine, based on the destination location identifier, a destination theme score; generate a hash value for the file; and generate a data passport entry for the file based on the file name, the origination location identifier, the destination location identifier, the file theme score, the destination theme score, the hash value, and a count score.Type: GrantFiled: October 31, 2022Date of Patent: July 8, 2025Assignee: BANK OF AMERICA CORPORATIONInventors: Rahul Yaksh, Pratap Dande, Erik Dahl, Steven Allan Reich, Vishwanath Prasad Karra, Tileshia Brenda Alford
-
Patent number: 12355753Abstract: A facility for securely accessing a backend resource from a mobile app is described. In a hidden webview of the mobile app, the facility (1) sends a first request with respect to a remote backend resource on behalf of a user for whom a distinguished user account was established with a backend service; the sending is performed in such a way that active SSO session state information stored in the hidden webview of the mobile app is attached to the first request; and (2) receives in response to the first request a first response acknowledging user signin at the backend resource.Type: GrantFiled: April 5, 2023Date of Patent: July 8, 2025Assignee: Praia Health Inc.Inventors: Suresh Pokkuluri, Sandeep Kumar Polu, Theodore Newell, Barry E. Tolnas, Shivudu Bhuvanagiri, Joshua Mari G Lansang
-
Patent number: 12355581Abstract: Example methods and systems for creating breakout chat channels are provided. A chat and video conference provider receives from a client device associated with a first member of a plurality of members of a chat channel a request to create a subchannel related to a topic. The chat and video conference provider enables the client device to transmit an invitation message for joining the subchannel to a subset of the plurality of members. The chat and video conference provider establishes the subchannel based on acceptance messages from one or more members of the subset of the plurality of members. The chat and video conference provider generates a chat summary of prior chat messages related to the topic of the subchannel from the chat channel using a generative artificial intelligence (AI) model. The chat and video conference provider provides the chat summary in the subchannel.Type: GrantFiled: December 20, 2023Date of Patent: July 8, 2025Assignee: Zoom Communications Inc.Inventor: Sachin Srivastava
-
Patent number: 12355766Abstract: A method is disclosed. For example, the method executed by a processor of a shared device includes receiving an identification of a user, connecting to a remote server that stores authentication modules and applications, requesting an authentication module and an application stored on the remote server that is associated with the identification of the user, storing the authentication module and the application temporarily on a non-resident memory of the shared device, and executing the application in response to authentication of the user based on log-in information that was received via the authentication module.Type: GrantFiled: February 5, 2024Date of Patent: July 8, 2025Assignee: Xerox CorporationInventors: James P. Gorski, Donald L. Wegeng, Emily Katherine Anzalone
-
Patent number: 12355744Abstract: A system includes at least one processor and at least one memory including instructions that, when executed by the at least one processor, cause the at least one processor to perform operations. The operations include providing a secure link to an auditable, machine-readable dataset to a client device of a user, the auditable, machine-readable dataset comprising data. At least one policy constraint is provided to at least a portion of the data in the dataset. In response to detecting activation of the secure link at the client device, one or both of the user and the client device is authenticated based on the policy constraint. Streaming access is provided to the auditable, machine-readable dataset in real-time.Type: GrantFiled: November 16, 2023Date of Patent: July 8, 2025Assignee: Confluent, Inc.Inventors: Alexander Cheng, Cory Lee Scott, Andrew Winthrop Taylor, Jesse Olin Miller, Srinivas Banala, Vijay Gopalakrishnan Bharadwaj, Mukesh Baphna, Priya Shivakumar, Jonathan Alexander Fancey
-
Patent number: 12355751Abstract: Establishing, by a mobile terminal, a near field communication link to a vehicle, where the vehicle corresponds to the in-vehicle system; negotiating a login binding code with the vehicle through the near field communication link; and providing the login binding code to a network side device, where the login binding code is used by the network side device to verify whether the in-vehicle system can be logged in to with the first user account.Type: GrantFiled: September 7, 2022Date of Patent: July 8, 2025Assignee: Shenzhen Yinwang Intelligent Technologies Co., Ltd.Inventors: Xinyao Jin, Jun Wang
-
Patent number: 12348503Abstract: Systems and techniques are provided for a resource transfer setup and verification. A request for transfer conditions for a transfer of resources may be received from a first computing device. A set of transfer conditions may be generated in response to the request for transfer conditions and sent to the first computing device. The set of transfer conditions and an indication of an acceptance of the set of transfer conditions by a second computing device may be received from the first computing device. A transfer identifier for the set of transfer conditions may be generated from data from the set of transfer conditions which may specify a first sub-transfer. Transfer instructions may be sent to a third computing device, including instructions for a sub-transfer specified in the set of transfer conditions. The set of transfer conditions may be stored with the transfer identifier as a transfer record in non-volatile storage.Type: GrantFiled: April 15, 2024Date of Patent: July 1, 2025Assignee: Interledger Foundation Inc.Inventor: Robert Way
-
Patent number: 12348522Abstract: A system and method for an extended security scheme for reducing the prevalence of broken object level authorization. In one embodiment, a method includes receiving code associated with an application programming interface (API), wherein the code includes one of an API definition and an API server stub, and parsing the code for one or more keywords associated with an extended security scheme. If the code includes the API definition, the method further includes generating an associated API server stub based on at least one of the one or more keywords and the API definition. If the code includes the API server stub, the method further includes generating an associated API definition based on at least one of the one or more keywords and the API server stub.Type: GrantFiled: November 18, 2022Date of Patent: July 1, 2025Assignee: CISCO TECHNOLOGY, INC.Inventors: Rami Haddad, Rim El Malki, Daniel-Serban Cozma, Hendrikus G. P. Bosch
-
Patent number: 12348366Abstract: Systems and methods for detecting when continuous session replacement is occurring on a port at a network device, such as ports configured in a single host mode. One or more continuous session replacement actions may be taken when such continuous session replacement is detected, including notifying a user or disabling the port.Type: GrantFiled: March 23, 2023Date of Patent: July 1, 2025Assignee: ARISTA NETWORKS, INC.Inventors: Shalini Kaleeswaran, Ronak Upadhyay, Aaranya Prasad
-
Patent number: 12348418Abstract: Disclosed are approaches for providing per-application tunnel access, such as virtual private network (VPN) access, in LINUX based systems. In response to an application requesting a network connection, a process identifier of the application and an inode identifier representing a socket for the network connection are obtained. Then, a kernel space map is updated to include the process identifier of the application and the inode identifier. In response to the application making a network connection request, the inode identifier of the application is obtained based at least in part on a source network address, a source port number, a destination network address, and a destination port number. Then, the kernel space map is queried to obtain the process identifier of the application, wherein the inode identifier is a query parameter. Then, a routing policy is identified based at least in part on the process identifier.Type: GrantFiled: July 25, 2023Date of Patent: July 1, 2025Assignee: VMware LLCInventors: Arjun Kochhar, Utkarsh Singh, Huan Wang, Amit Kumar Yadav
-
Patent number: 12346446Abstract: Aspects of the disclosure relate to detecting and preventing malicious browser extensions. A computing platform may send rule information to a master browser extension on a computing device including a set of rules defining reportable behavior associated with one or more other browser extensions. Subsequently, the computing platform may receive report information from the master browser extension on the computing device identifying an other browser extension of the one or more other browser extensions that exhibit the reportable behavior defined by at least one rule of the set of rules in the rule information. Based on receiving the report information, the computing platform may determine that the identified other browser extension is a malicious extension. Then, the computing platform may send one or more commands to the master browser extension on the computing device directing the master browser extension to disable or remove the identified other browser extension.Type: GrantFiled: April 12, 2024Date of Patent: July 1, 2025Assignee: Bank of America CorporationInventor: Ricardo Varanda
-
Patent number: 12342173Abstract: In an example, a provider system receives from a user device a request for user access through a checkpoint. The provider system sends to the user device a request for identification information of the user. The provider system receives user information associated with a mobile identification credential (MIC) which the user device received from an authorizing party system (APS), the user having consented to release the user information to the provider system, and the user information having been verified by the APS. The provider system uses the verified user information associated with the MIC to verify or not verify the identity of the user. The provider system verifies the identity of the user before granting the user the request for user access through the checkpoint.Type: GrantFiled: August 30, 2024Date of Patent: June 24, 2025Assignee: The Government of the United States of America, as represented by the Secretary of Homeland SecurityInventors: Jason Lim, Daniel Boyd, Chang Ellison, Michelle Wilson
-
Patent number: 12339990Abstract: Multi-tenancy system to perform tactical and permanent database and communication operations including secure handling of personally identifiable and/or health information (PII/PHI), data collection, data management, reporting, data analytics, secure communications, document sharing and microservices (e.g., registration, credentialing, RFID/barcoding, geo-location/geo-fencing, mobile application integration, social networking, biometrics). System includes security platform meeting stringent data protection mandates including firewall with extensive security protocols, encrypting communications between components of system (in transit) and information within each of the components (at rest). PII/PHI information is further encrypted and only visible with appropriate decryption key. System utilizes low code/no code database platform to address increasing demand for rapid, iterative and collaborative application development. System includes form builder that can easily add dynamic fields.Type: GrantFiled: January 10, 2022Date of Patent: June 24, 2025Inventors: Maria Shelton, Sam Murphy
-
Patent number: 12335263Abstract: A server transmits to a third-party application a request for a resource that is received from a client. The server receives an authentication request from the client device that has been generated by the third-party application. The server transmits an identity provider selection page to the client device that allows the client device to select an identity provider. The server causes the client device to transmit a second authentication request to a selected identity provider. The server receives an authentication response that was generated by the identity provider that includes the identity of the user. The server enforces access rule(s) including identity-based rule(s) and/or non-identity based rule(s). If the user is permitted to access the third-party application, the server causes an authentication response to be transmitted from the client device to the third-party application that indicates the user has successfully authenticated.Type: GrantFiled: January 29, 2024Date of Patent: June 17, 2025Assignee: CLOUDFLARE, INC.Inventors: James Howard Royal, Samuel Douglas Rhea
-
Patent number: 12335266Abstract: A method for granting access to objects by entities in a computerized system includes: providing an access control list (ACL) specifying for each object access rights to the objects of the computerized system; assigning a capability requirement information to at least one of the objects in the ACL; assigning a capability information to at least one entity of the entities in the computerized system; requesting access to an object by an entity; checking if the requesting entity has an access right in accordance with the ACL; and granting access to the requested object by the requesting entity only when the capability information assigned to the requesting entity matches with the capability requirement information assigned to the requested object. The combination of an ACL based access to files with capabilities improves the security of the system.Type: GrantFiled: February 18, 2020Date of Patent: June 17, 2025Assignee: Siemens AktiengesellschaftInventors: Fabrizio De Santis, Rainer Falk, Christian Peter Feist, Aliza Maftun, Johannes Zwanzger
-
Patent number: 12335243Abstract: A method for managing a data replication operation includes: obtaining, by a first security module (FSM), UTC-based system time of a first storage area network (SAN) infrastructure; generating, by the FSM, a secure string based on the UTC-based system time and a configuration parameter set by a user of the first SAN infrastructure; encrypting, by the FSM, the secure string to generate an encrypted secure string; appending, by the FSM, the encrypted secure string to a data replication request to generate an encrypted secure string-appended request, sending, by the FSM, the encrypted secure string-appended request to a second SAN infrastructure; making, after intercepting the encrypted secure string-appended request and by a second security module (SSM), a determination that the encrypted secure string-appended request is valid; and initiating, by the SSM, the operation from the first SAN infrastructure to the second SAN infrastructure by sending a notification to the FSM.Type: GrantFiled: February 24, 2023Date of Patent: June 17, 2025Assignee: Dell Products L.P.Inventors: Parminder Singh Sethi, Anay Kishore, Nithish Kn
-
Patent number: 12335347Abstract: A system for cross cloud workload identity virtualization including a program having instructions to route a first network call from a workload in a first cloud computing environment addressed to a first cloud computing environment instance metadata service (IMS) having destination data with an IP address of 169.254.169.254 to a universal IMS (UIMS) different from the first cloud computing environment IMS, route a second network call from the workload addressed to a destination other than the first cloud computing environment IMS to the destination indicated by the second network call, respond to the first network call with credentials valid for accessing a cloud service provided in a second cloud computing environment. The workload can access the cloud service from the first cloud computing environment, and access the cloud service from a third cloud computing environment different from the first cloud computing environment.Type: GrantFiled: December 18, 2023Date of Patent: June 17, 2025Assignee: CONTROL PLANE CORPORATIONInventors: Doron Grinstein, Julian Vassev, Dan Wilson
-
Patent number: 12333031Abstract: A flash drive locked by using wireless communication that is applicable to a mobile device is provided. The mobile device includes a mobile communication component and a mobile control component. The flash drive includes a connection port, an information storing component, a communication component, an identification certificate component and a control component. The information storing component stores information. The identification certificate component stores identification information of the flash drive. When the communication component communicates with the mobile communication component, the communication component transmits a locking command generated by the mobile control component from the mobile communication component to the control component.Type: GrantFiled: December 7, 2021Date of Patent: June 17, 2025Assignee: MAKTAR INC.Inventor: Liang-Hsin Chen
-
Patent number: 12326953Abstract: A method is provided that includes receiving a data request from a requesting device requesting data from a data source, looking up, in a blockchain ledger, a transaction corresponding to the data request to validate the data request, forwarding the validated data request to a data server, receiving a data response from the data server in response to the data request, wherein the data response comprises the requested data from the data source, and forwarding the data response to the requesting device.Type: GrantFiled: November 3, 2022Date of Patent: June 10, 2025Assignee: AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE. LIMITEDInventors: Gordon Yong Li, Xuemin Chen, Philippe Klein, Abbas Saadat, Shee-Yen Tan, Rui Pedro De Moura Alves Pimenta
-
Patent number: 12328310Abstract: Systems and methods for enhanced OTP messaging, comprising: receiving a request from an application executing on a computing device of a user; generating the supplemental information based on the request; segmenting the supplemental information into a first part of the supplemental information and a second part of the supplemental information; transmitting the first part of the supplemental information to the computing device of the user via a first communication channel to another app executing on the computing device of the user; instructing the another app to allow the user to utilize one or more graphical user interface (GUI) elements of a GUI of the another app to transfer the first part of the supplemental information to the app; and transmitting the second part of the supplemental information to the computing device of the user via a second communication channel so as to provide the supplemental information to the app.Type: GrantFiled: November 6, 2023Date of Patent: June 10, 2025Assignee: Capital One Services, LLCInventors: Daniel Alan Jarvis, Jon Whitmore, Patrick Zearfoss
-
Patent number: 12328311Abstract: Systems and methods for enhanced OTP messaging, comprising: receiving a request from an application executing on a computing device of a user; generating the supplemental information based on the request; segmenting the supplemental information into a first part of the supplemental information and a second part of the supplemental information; transmitting the first part of the supplemental information to the computing device of the user via a first communication channel to another app executing on the computing device of the user; instructing the another app to allow the user to utilize one or more graphical user interface (GUI) elements of a GUI of the another app to transfer the first part of the supplemental information to the app; and transmitting the second part of the supplemental information to the computing device of the user via a second communication channel so as to provide the supplemental information to the app.Type: GrantFiled: November 6, 2023Date of Patent: June 10, 2025Assignee: Capital One Services, LLCInventors: Daniel Alan Jarvis, Jon Whitmore, Patrick Zearfoss
-
Patent number: 12326934Abstract: A computer-based system and method for detecting suspicious activation of an application in a computer device, including: monitoring physical activation events by the computer device; identifying a software activation event in the computer device; determining whether a physical activation event corresponding to the software activation event has been detected; and determining that the software activation event is legitimate if the corresponding physical activation event has been detected at the computer device and determining that the software activation event is suspicious otherwise. The physical activation events may be touch events and the software activation event may be a click event.Type: GrantFiled: December 22, 2020Date of Patent: June 10, 2025Assignee: International Business Machines CorporationInventors: Einav Raizman-Kedar, Ofer Benyamin Sasson, Nethanella Messer, Matan Elbaz Ziv
-
Patent number: 12328343Abstract: A determination is made that an identity of a non-target communicating entity (102) with which a target communicating entity (101) is communicating, is to be obfuscated in any report of lawful interception of the target communicating entity (101) to a law enforcement agency (131). Lawful interception is performed of the target communicating entity (101) and information pertaining to the lawful interception of the target communicating entity (101) is reported to the law enforcement agency (131). The reported information comprises non-obfuscated identity information of the target communicating entity (101) and obfuscated identity information of the non-target communicating entity (102).Type: GrantFiled: December 16, 2019Date of Patent: June 10, 2025Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Francesco Attanasio, Amedeo Imbimbo
-
Patent number: 12323410Abstract: Embodiments present different password-less sign-in alternatives for selection by the user for a subsequent future login to the service provider account interface, and in response to determining that data inputs from a user satisfy associated data requests, enable the selected password-less sign-in alternative for a subsequent login of the user into the service provider account interface, wherein the subsequent login of the user into service provider account interface via the enabled selected password-less sign-in alternative does not require the user to enter the password.Type: GrantFiled: July 26, 2021Date of Patent: June 3, 2025Assignee: ADP, Inc.Inventors: James P Mason, Gregory Fincannon, Tushar Phondge, Sonal Doshi, Neha Pahwa, Sanjoli Ahuja, Gregory Murphy
-
Patent number: 12323454Abstract: A method of determining a fraud network comprising: receiving address information regarding a first address; determining, using an address risk machine learning model, a first address risk score associated with the first address; identifying a first entity associated with the first address based on the first address risk score; determining at least one of a second address and a second entity associated with the first entity; and generating a fraud network profile including the first address, and the at least one of the second address and second entity.Type: GrantFiled: January 24, 2023Date of Patent: June 3, 2025Assignee: Early Warning Services, LLCInventors: Jacob M. Bellman, Dan M. Hayden, Abhishek Chambe Venkatesh Murthy, John M. Kohoutek, Klementina Nikov
-
Patent number: 12321461Abstract: An attack graph processing device includes a node extraction unit which extracts a node relating to a rule classified into a predetermined group from an attack graph that is configured from one or more nodes indicating the state of a system to be diagnosed, or the state of the primary agent of an attack on the system to be diagnosed, and one or more edges indicating the relationship among a plurality of nodes, the attack graph being generated using rules indicating a condition in which the attack can be executed, and a graph configuration unit which simplifies the attack graph on the basis of the extracted node.Type: GrantFiled: June 17, 2019Date of Patent: June 3, 2025Assignee: NEC CORPORATIONInventors: Masaki Inokuchi, Yoshinobu Ohta
-
Patent number: 12323510Abstract: A method and apparatus for providing user key material from a server to a client is disclosed. The method comprises receiving a first message from the client in a server, the first message having a user key material request, an access token and an identifier of a transport key (TrK-ID), validating the user key material request according to the access token, generating a response having user key material responsive to the user key material request, encrypting the response according to the transport key (TrK), and transmitting a second message comprising the response from the server to the client. The client decrypts the second message according to the transport key (TrK) and validates the second message using the identifier of the transport key (TrK-ID).Type: GrantFiled: March 18, 2024Date of Patent: June 3, 2025Assignee: ARRIS Enterprises LLCInventor: Xin Qiu
-
Patent number: 12323528Abstract: Techniques described herein are directed to proxies configured to handle identity and access management for a web application. For instance, a first proxy receives requests to the application from a browser. The first proxy redirects the browser to an identity endpoint, which prompts the user to enter authentication credentials for the application. Upon successful authentication, the endpoint provides an access token for accessing web APIs to the first proxy. The first proxy provides the token to a second proxy, which stores the token. The second proxy receives anonymous API calls from the web application to the web APIs. When receiving an anonymous API call, the second proxy obtains the token and inserts it into an outgoing request to the API. Responsive to the API returning a message indicating that the token is invalid, the second proxy communicates with the first proxy to obtain a new token from the endpoint.Type: GrantFiled: November 15, 2023Date of Patent: June 3, 2025Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Saeed Javed Akhter, Steven Soneff
-
Patent number: 12321455Abstract: Examples of the present disclosure describe systems and methods for malicious software detection based on API trust. In an example, a set of software instructions executed by a computing device may call an API. A hook may be generated on the API, such that a threat processor may receive an indication when the API is called. Accordingly, the threat processor may generate a trust metric based on the execution of the set of software instructions, which may be used to determine whether the set of software instructions poses a potential threat. For example, one or more call stack frames may be evaluated to determine whether a return address is preceded by a call instruction, whether the return address is associated with a set of software instructions or memory associated with a set of software instructions, and/or whether the set of software instructions satisfies a variety of security criteria.Type: GrantFiled: February 14, 2024Date of Patent: June 3, 2025Assignee: Open Text Inc.Inventors: Andrew L. Sandoval, David Alan Myers, John R. Shaw, II, Eric Klonowski
-
Patent number: 12322485Abstract: A system may include a plurality of inhalers, where each inhaler comprising medicament, a processor, memory, and a transmitter, multiple processing modules that may reside at least partially on a user device, a digital health platform (DHP) that is configured to receive and aggregate inhaler data from inhalers that are associated with a plurality of different users and a plurality of different medicament types. The DHP may determine a subset of the usage events based on the determined medication type, the determined time of day, and/or the determined date range. The DHP may determine a filtered list of users out of the plurality of users based on a comparison of the selected inhalation count threshold with the number of usage events that are associated with the same user and medication type.Type: GrantFiled: July 2, 2021Date of Patent: June 3, 2025Assignee: Norton (Waterford) LimitedInventors: Eric Chan, John Macey, Jon Cody Goldberg, Jenna-Leigh Meola
-
Patent number: 12323391Abstract: Described are techniques for grouping user profiles onto Virtual Private Networks (VPNs) including a computer-implemented method comprising creating a user profile at a VPN manager and associating the user profile with a set of demographically similar user profiles based on characteristics of the user profile. The computer-implemented method further comprises assigning the user profile to least one VPN server that is associated with the set of demographically similar user profiles. The computer-implemented method further comprises providing encrypted internet access to a device associated with the user profile via the at least on VPN server. The computer-implemented method further comprises transmitting resources to the device associated with the user profile via the at least one VPN server, where the resources are customized for the set of demographically similar user profiles.Type: GrantFiled: March 8, 2022Date of Patent: June 3, 2025Assignee: International Business Machines CorporationInventors: Steven Leslie Shafer, Robert Simon, Mathew Accapadi
-
Patent number: 12323405Abstract: A method and a system for providing a catalogue of smart contracts deployed on a blockchain that is available to authenticated users is provided. The method includes: accessing each node of the blockchain; identifying all smart contracts that have been deployed within each respective node; indexing the identified smart contracts by assigning each respective smart contract to a corresponding category; generating a catalogue that includes an indexed listing each of the identified smart contracts; receiving a user request for access to the catalogue with an authorization credential; authenticating the user; and providing the requested catalogue access to the user. The method may also include receiving a search request; providing a list of smart contracts that corresponds to the criteria included in the search request; and monitoring the list for subsequent transactional activity.Type: GrantFiled: June 17, 2021Date of Patent: June 3, 2025Assignee: JPMORGAN CHASE BANK, N.A.Inventor: Ankur Sambhar
-
Patent number: 12314744Abstract: This disclosure enables a rule engine programmed for (i) expressing complex logic, (ii) handling time/event synchronization, (iii) providing insights into rule execution, and (iv) modeling uncertainties, while also enabling user actions to authenticate, approve, initiate, or decline certain workflows. Such configuration is technologically advantageous, because of its enablement in providing guidance to end users in completing transactions with user actions.Type: GrantFiled: November 27, 2024Date of Patent: May 27, 2025Assignee: Monarch Specialty Group, Inc.Inventors: Stephen Barrett Cichy, Markus Daniel Bockle
-
Patent number: 12316674Abstract: A secure web gateway is deployed on the cloud between a web client and a web server. The secure web gateway sends the web client a redirect response status code with a replacement server location in response to a Hypertext Transfer Protocol (HTTP) request sent by the web client to access a target resource on the web server. The secure web gateway thereafter receives from the web client a Hypertext Transfer Protocol Secure (HTTPS) request to access the target resource, the HTTPS request includes the replacement server location. The secure web gateway sends the HTTPS request as an HTTP request to the web server. The secure web gateway receives an HTTP response from the web server, and forwards the HTTP response as an HTTPS response to the web client.Type: GrantFiled: March 30, 2023Date of Patent: May 27, 2025Assignee: Trend Micro IncorporatedInventors: Juliang Jiang, Bin Shi, Shujun An
-
Patent number: 12317100Abstract: A first access network device allocates, to a second access network device based on an obtained quantity, supported by a terminal, of data radio bearers (DRBs) to which a data frame compression function is applied, a quantity of DRBs the second access network device can configure for the terminal and to which the function is applied can configure, and notifies the second access network device of an allocation result.Type: GrantFiled: March 29, 2022Date of Patent: May 27, 2025Assignee: Huawei Technologies Co., Ltd.Inventors: Qiang Fan, Chong Lou
-
Patent number: 12316772Abstract: Context-aware authentication may be provided. First, a request may be received for content service. The request may comprise information associated with a context of a household from which the request came. Next, the request may be authenticated based on the information associated with the context of the household from which the request came. Then the content service may be provided in response to authenticating the request.Type: GrantFiled: March 15, 2021Date of Patent: May 27, 2025Assignee: Synamedia LimitedInventors: Orly Amsalem, Steve Epstein
-
Patent number: 12316641Abstract: A network device may receive a subscription request to subscribe to a multimedia priority service (MPS) for a user device, and may generate an MPS profile for the user device based on the subscription request. The network device may store the MPS profile in a data structure, and may receive, from the user device, a request to generate an MPS token for the user device. The network device may retrieve the MPS profile from the data structure based on the request to generate the MPS token, and may generate the MPS token based on the MPS profile. The network device may provide the MPS token to the user device.Type: GrantFiled: October 21, 2022Date of Patent: May 27, 2025Assignee: Verizon Patent and Licensing Inc.Inventors: Jayshree A. Bharatia, Rakesh Chandwani, Toby Varughese John
-
Patent number: 12316643Abstract: Provided are systems, methods, and apparatuses initiating outbound communications and receiving inbound communications. The system may include at least one processor programmed or configured to detect a communication between a user device and a remote entity, the user device operated by a user, determine a security risk based on the communication, and in response to determining the security risk, automatically block at least one function within at least one application on at least one of the following: the user device, another user device associated with the user, or any combination thereof.Type: GrantFiled: July 11, 2024Date of Patent: May 27, 2025Assignee: Scam Off LimitedInventor: Joseph A. Charlson
-
Patent number: 12299169Abstract: Techniques for using contextual information to manage data that is subject to one or more data-handling requirements are described herein. In many instances, the techniques capture or depend upon the contextual information surrounding the creation and/or subsequent actions associated with the data. The contextual information may be updated as the data is handled in various manners. The contextual information may be used to identify data-handling requirements that are applicable to the data, such as regulations, standards, internal policies, business decisions, privacy obligations, security requirements, and so on. The techniques may analyze the contextual information at any time to provide responses regarding handling of the data to requests from requestors, such as administrators, applications, and others.Type: GrantFiled: July 27, 2023Date of Patent: May 13, 2025Assignee: Microsoft Technology Licensing LLCInventors: Colette Van Dyne, Jeffrey Friedberg