Authorization Patents (Class 726/4)
  • Patent number: 12381723
    Abstract: A data platform provides for encryption of secrets. During operation, an application of the data platform receives a secret and communicates the secret to an encryption client of the data platform. The encryption client generates an encrypted secret using a Data Encryption Key (DEK) and the secret. The encryption client communicates the DEK to an encryption server of the data platform while retaining the encrypted secret. The encryption server generates an encrypted DEK using a Transit Encryption Key TEK. The encryption server communicates the encrypted DEK to the encryption client and the encryption client generates a binary large object (blob) using the retained encrypted secret and the encrypted DEK. The application stores the blob on a data storage device.
    Type: Grant
    Filed: November 28, 2023
    Date of Patent: August 5, 2025
    Assignee: Snowflake Inc.
    Inventors: Dmitry Basavin, Aaron S. Joyner, Kyle Leonhard
  • Patent number: 12381856
    Abstract: A computer-implemented method for building and using a multi-party Attestation Model for controlling operation of a multi-tenant cloud infrastructure which includes providing a trusted execution environment (TEE) within the multi-tenant cloud infrastructure, receiving a set of requirements from each of a plurality of tenants of the multi-tenant cloud infrastructure, building an Attestation Model according to the sets of requirements, and deploying the Attestation Model within the TEE. In response to a determination that a change does not satisfy the Attestation Model for each of the plurality of tenants, a function is performed to separate components shared between tenants for which the change satisfies the Attestation Model from components shared between tenants for which the change does not satisfy the Attestation Model, and the change is deployed on the multi-tenant cloud infrastructure for the tenants for which the change satisfies the Attestation Model.
    Type: Grant
    Filed: January 5, 2023
    Date of Patent: August 5, 2025
    Assignee: International Business Machines Corporation
    Inventors: Timo Kussmaul, Peng Hui Jiang, Stefan Schmitt, Xiang Dong Hu
  • Patent number: 12381859
    Abstract: Existing approaches to security within network, for instance oneM2M networks, are limited. For example, content might only be protected while the content is in transit between entities that trust each other. Here, the integrity and the confidentiality of content in an M2M network are protected. Such content may be “at rest,” such that the content is stored at a hosting node. Only authorized entities may store and retrieve the data that is stored at the hosting node, and the data may be protected from a confidentiality perspective and an integrity perspective.
    Type: Grant
    Filed: September 28, 2023
    Date of Patent: August 5, 2025
    Assignee: CONVIDA WIRELESS, LLC
    Inventors: Vinod Kumar Choyi, Yogendra C. Shah, Dale N. Seed, Michael F. Starsinic, Shamim Akbar Rahman, Quang Ly, Zhuo Chen, William Robert Flynn, IV
  • Patent number: 12381932
    Abstract: A method for managing multiple representational state transfer (REST) requests using a transaction management process coupled to a cluster of computer-executed server processes. The method receives a first request to start a transaction associated with a data access process coupled to a database. The method acquires a database connection in an open state and a unique transaction identifier for the transaction. The method receives a plurality of REST queries, each of the plurality of REST queries associated with a corresponding transaction identifier. The method determines that, for at least one of the plurality of REST queries, the corresponding transaction identifier does not match the unique transaction identifier and proxy the corresponding REST queries to a selected server process. The method receives a second request to end the transaction. In response to the second request, the method completes the transaction and change the database connection to a closed state.
    Type: Grant
    Filed: November 21, 2023
    Date of Patent: August 5, 2025
    Assignee: Xactly Corporation
    Inventors: Steven Bogrett, Oleksandr Podoprygora
  • Patent number: 12375415
    Abstract: Discussed herein is a framework that provisions for customized processing for different classes of traffic. A network device in a communication path between a source host machine and a destination host machine extracts a tag from a packet received by the network device. The packet originates at a source executing on the source host machine and whose destination is the destination host machine. The tag set by the source and indicative of a first traffic class to be associated with the packet, the first traffic class being selected by the source from a plurality of traffic classes. The network device determines, based on the tag, that the first traffic class corresponds to a latency sensitive traffic and processes the packet using one or more settings configured at the network device for processing packets associated with the first traffic class.
    Type: Grant
    Filed: September 26, 2022
    Date of Patent: July 29, 2025
    Assignee: Oracle International Corporation
    Inventors: Jagwinder Singh Brar, David Dale Becker, Jacob Robert Uecker, Lukasz Sulek, Marcin Jakub Zablocki, Santosh Narayan Shilimkar
  • Patent number: 12366951
    Abstract: The present disclosure provides a method, apparatus, device, medium and program product for replying questions. The method presents a reply viewing interface for a question to a user, the reply viewing interface including a first reply control; receives a first reply operation of the user based on the first reply control; publishes a first reply video according to the first reply operation, the first reply video being used for replying to the question.
    Type: Grant
    Filed: February 9, 2024
    Date of Patent: July 22, 2025
    Assignee: Beijing Bytedance Network Technology Co., Ltd.
    Inventors: Xiusong Li, Na Sun
  • Patent number: 12360800
    Abstract: A distributed system provides access by a principal to a resource associated with sensitive data. Micro-services in communication with an authorization engine each include a resource provider that receives a resource action request from the principal to access the resource, determines a context for the request, and transmits the context to the authorization engine in an authorization request. The authorization engine receives the authorization request, resolves the authorization request context against a plurality of pre-defined resource conditions, and responds to the resource provider with an authorization response of allow, deny, or allow-with-conditions. The context for the request includes metadata regarding attributes of the principal, and each of the resource conditions includes a logical expression operating upon the attributes.
    Type: Grant
    Filed: September 22, 2020
    Date of Patent: July 15, 2025
    Assignee: Proofpoint, Inc.
    Inventors: Alexander Kremer, Tamir Pivnik
  • Patent number: 12363128
    Abstract: Methods, apparatuses, or computer program products according to the present disclosure provide for service permissions scaling. In example embodiments, an apparatus receives a service request from an edge server. The apparatus may generate an authorization token based at least in part on a permissions data vector, where the authorization token is configured for access by one or more computing devices to determine whether to grant access by a first computing device associated with the requesting entity identifier to one or more resources associated with the one or more computing devices. The apparatus may then transmit the authorization token to the edge server. According to some embodiments, the authorization token may be configured for storing in an authorization token cache. In some embodiments, the authorization token may be retrieved from the authorization token cache.
    Type: Grant
    Filed: October 20, 2023
    Date of Patent: July 15, 2025
    Assignees: ATLASSIAN PTY, LTD., ATLASSIAN US, INC.
    Inventors: Mikhael Harswanto Tanutama, Vishal Pandey
  • Patent number: 12362936
    Abstract: Method and system for authenticating a candidate user are disclosed. The method includes acquiring, by a second service from a first service, a request for a candidate User-Service Unique Identifier (USUID) associated with the candidate user. The candidate USUID is unique for a candidate user-first service pair. The method includes generating, by the second service, the candidate USUID, and sending a token indicative of the candidate USUID. In response to the candidate USUID matching a target USUID, the first service authenticates the candidate user as a target user without prompting the candidate user to provide additional information.
    Type: Grant
    Filed: March 13, 2023
    Date of Patent: July 15, 2025
    Assignee: Y.E. Hub Armenia LLC
    Inventors: Sergey Vyacheslavovich Baibik, Oleg Vitalevich Isupov, Evgeny Mikhailovich Primako, Eldar Timurovich Zaitov, Pavel Nikolaevich Vorobkalov, Vitaly Borisovich Kholyavin
  • Patent number: 12363113
    Abstract: Aspects of the present invention disclose a method, computer program product, and system for management and usage of shared authentication credentials. The method includes one or more processors updating usage information associated with an authentication credential with a media access control address (MAC address) that corresponds to a computing device that corresponds to using the authentication credential. The method further includes one or more processors receiving a login request that includes the authentication credential from a computing device. The method further includes one or more processors fetching a MAC address of the computing device that sent the login request. The method further includes one or more processors validating the authentication credentials and the MAC address.
    Type: Grant
    Filed: June 14, 2023
    Date of Patent: July 15, 2025
    Assignee: Kyndryl, Inc.
    Inventors: Anuj Kumar Garg, Kuntal Dey, Jeffrey Robert Stangeland, Sanju Soman Chathoth Kurungara, Himanshu Gaur
  • Patent number: 12363193
    Abstract: A wireless device sends, to an access and mobility management function (AMF), a packet data unit (PDU) session establishment request comprising an indication for a multimedia priority service (MPS). The wireless device receives, from the AMF, an establishment indication of the PDU session.
    Type: Grant
    Filed: June 9, 2021
    Date of Patent: July 15, 2025
    Assignee: Ofinno, LLC
    Inventors: Peyman Talebi Fard, Esmael Hejazi Dinan, Jinsook Ryu, Kyungmin Park, Taehun Kim, Weihua Qiao
  • Patent number: 12353355
    Abstract: Systems, computer program products, and methods are described herein for tracking cross border data transmissions and generating a data passport entry in an electronic network. The present disclosure is configured to receive a file, the file comprising file data; receive an origination location identifier and destination location identifier of the file; parse the file data and apply a natural language processor to the file data to generate a structured meaning of the file data; compare the structured meaning of the file data to a theme database to generate a file theme score; determine, based on the destination location identifier, a destination theme score; generate a hash value for the file; and generate a data passport entry for the file based on the file name, the origination location identifier, the destination location identifier, the file theme score, the destination theme score, the hash value, and a count score.
    Type: Grant
    Filed: October 31, 2022
    Date of Patent: July 8, 2025
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Rahul Yaksh, Pratap Dande, Erik Dahl, Steven Allan Reich, Vishwanath Prasad Karra, Tileshia Brenda Alford
  • Patent number: 12355753
    Abstract: A facility for securely accessing a backend resource from a mobile app is described. In a hidden webview of the mobile app, the facility (1) sends a first request with respect to a remote backend resource on behalf of a user for whom a distinguished user account was established with a backend service; the sending is performed in such a way that active SSO session state information stored in the hidden webview of the mobile app is attached to the first request; and (2) receives in response to the first request a first response acknowledging user signin at the backend resource.
    Type: Grant
    Filed: April 5, 2023
    Date of Patent: July 8, 2025
    Assignee: Praia Health Inc.
    Inventors: Suresh Pokkuluri, Sandeep Kumar Polu, Theodore Newell, Barry E. Tolnas, Shivudu Bhuvanagiri, Joshua Mari G Lansang
  • Patent number: 12355581
    Abstract: Example methods and systems for creating breakout chat channels are provided. A chat and video conference provider receives from a client device associated with a first member of a plurality of members of a chat channel a request to create a subchannel related to a topic. The chat and video conference provider enables the client device to transmit an invitation message for joining the subchannel to a subset of the plurality of members. The chat and video conference provider establishes the subchannel based on acceptance messages from one or more members of the subset of the plurality of members. The chat and video conference provider generates a chat summary of prior chat messages related to the topic of the subchannel from the chat channel using a generative artificial intelligence (AI) model. The chat and video conference provider provides the chat summary in the subchannel.
    Type: Grant
    Filed: December 20, 2023
    Date of Patent: July 8, 2025
    Assignee: Zoom Communications Inc.
    Inventor: Sachin Srivastava
  • Patent number: 12355766
    Abstract: A method is disclosed. For example, the method executed by a processor of a shared device includes receiving an identification of a user, connecting to a remote server that stores authentication modules and applications, requesting an authentication module and an application stored on the remote server that is associated with the identification of the user, storing the authentication module and the application temporarily on a non-resident memory of the shared device, and executing the application in response to authentication of the user based on log-in information that was received via the authentication module.
    Type: Grant
    Filed: February 5, 2024
    Date of Patent: July 8, 2025
    Assignee: Xerox Corporation
    Inventors: James P. Gorski, Donald L. Wegeng, Emily Katherine Anzalone
  • Patent number: 12355744
    Abstract: A system includes at least one processor and at least one memory including instructions that, when executed by the at least one processor, cause the at least one processor to perform operations. The operations include providing a secure link to an auditable, machine-readable dataset to a client device of a user, the auditable, machine-readable dataset comprising data. At least one policy constraint is provided to at least a portion of the data in the dataset. In response to detecting activation of the secure link at the client device, one or both of the user and the client device is authenticated based on the policy constraint. Streaming access is provided to the auditable, machine-readable dataset in real-time.
    Type: Grant
    Filed: November 16, 2023
    Date of Patent: July 8, 2025
    Assignee: Confluent, Inc.
    Inventors: Alexander Cheng, Cory Lee Scott, Andrew Winthrop Taylor, Jesse Olin Miller, Srinivas Banala, Vijay Gopalakrishnan Bharadwaj, Mukesh Baphna, Priya Shivakumar, Jonathan Alexander Fancey
  • Patent number: 12355751
    Abstract: Establishing, by a mobile terminal, a near field communication link to a vehicle, where the vehicle corresponds to the in-vehicle system; negotiating a login binding code with the vehicle through the near field communication link; and providing the login binding code to a network side device, where the login binding code is used by the network side device to verify whether the in-vehicle system can be logged in to with the first user account.
    Type: Grant
    Filed: September 7, 2022
    Date of Patent: July 8, 2025
    Assignee: Shenzhen Yinwang Intelligent Technologies Co., Ltd.
    Inventors: Xinyao Jin, Jun Wang
  • Patent number: 12348503
    Abstract: Systems and techniques are provided for a resource transfer setup and verification. A request for transfer conditions for a transfer of resources may be received from a first computing device. A set of transfer conditions may be generated in response to the request for transfer conditions and sent to the first computing device. The set of transfer conditions and an indication of an acceptance of the set of transfer conditions by a second computing device may be received from the first computing device. A transfer identifier for the set of transfer conditions may be generated from data from the set of transfer conditions which may specify a first sub-transfer. Transfer instructions may be sent to a third computing device, including instructions for a sub-transfer specified in the set of transfer conditions. The set of transfer conditions may be stored with the transfer identifier as a transfer record in non-volatile storage.
    Type: Grant
    Filed: April 15, 2024
    Date of Patent: July 1, 2025
    Assignee: Interledger Foundation Inc.
    Inventor: Robert Way
  • Patent number: 12348522
    Abstract: A system and method for an extended security scheme for reducing the prevalence of broken object level authorization. In one embodiment, a method includes receiving code associated with an application programming interface (API), wherein the code includes one of an API definition and an API server stub, and parsing the code for one or more keywords associated with an extended security scheme. If the code includes the API definition, the method further includes generating an associated API server stub based on at least one of the one or more keywords and the API definition. If the code includes the API server stub, the method further includes generating an associated API definition based on at least one of the one or more keywords and the API server stub.
    Type: Grant
    Filed: November 18, 2022
    Date of Patent: July 1, 2025
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Rami Haddad, Rim El Malki, Daniel-Serban Cozma, Hendrikus G. P. Bosch
  • Patent number: 12348366
    Abstract: Systems and methods for detecting when continuous session replacement is occurring on a port at a network device, such as ports configured in a single host mode. One or more continuous session replacement actions may be taken when such continuous session replacement is detected, including notifying a user or disabling the port.
    Type: Grant
    Filed: March 23, 2023
    Date of Patent: July 1, 2025
    Assignee: ARISTA NETWORKS, INC.
    Inventors: Shalini Kaleeswaran, Ronak Upadhyay, Aaranya Prasad
  • Patent number: 12348418
    Abstract: Disclosed are approaches for providing per-application tunnel access, such as virtual private network (VPN) access, in LINUX based systems. In response to an application requesting a network connection, a process identifier of the application and an inode identifier representing a socket for the network connection are obtained. Then, a kernel space map is updated to include the process identifier of the application and the inode identifier. In response to the application making a network connection request, the inode identifier of the application is obtained based at least in part on a source network address, a source port number, a destination network address, and a destination port number. Then, the kernel space map is queried to obtain the process identifier of the application, wherein the inode identifier is a query parameter. Then, a routing policy is identified based at least in part on the process identifier.
    Type: Grant
    Filed: July 25, 2023
    Date of Patent: July 1, 2025
    Assignee: VMware LLC
    Inventors: Arjun Kochhar, Utkarsh Singh, Huan Wang, Amit Kumar Yadav
  • Patent number: 12346446
    Abstract: Aspects of the disclosure relate to detecting and preventing malicious browser extensions. A computing platform may send rule information to a master browser extension on a computing device including a set of rules defining reportable behavior associated with one or more other browser extensions. Subsequently, the computing platform may receive report information from the master browser extension on the computing device identifying an other browser extension of the one or more other browser extensions that exhibit the reportable behavior defined by at least one rule of the set of rules in the rule information. Based on receiving the report information, the computing platform may determine that the identified other browser extension is a malicious extension. Then, the computing platform may send one or more commands to the master browser extension on the computing device directing the master browser extension to disable or remove the identified other browser extension.
    Type: Grant
    Filed: April 12, 2024
    Date of Patent: July 1, 2025
    Assignee: Bank of America Corporation
    Inventor: Ricardo Varanda
  • Patent number: 12342173
    Abstract: In an example, a provider system receives from a user device a request for user access through a checkpoint. The provider system sends to the user device a request for identification information of the user. The provider system receives user information associated with a mobile identification credential (MIC) which the user device received from an authorizing party system (APS), the user having consented to release the user information to the provider system, and the user information having been verified by the APS. The provider system uses the verified user information associated with the MIC to verify or not verify the identity of the user. The provider system verifies the identity of the user before granting the user the request for user access through the checkpoint.
    Type: Grant
    Filed: August 30, 2024
    Date of Patent: June 24, 2025
    Assignee: The Government of the United States of America, as represented by the Secretary of Homeland Security
    Inventors: Jason Lim, Daniel Boyd, Chang Ellison, Michelle Wilson
  • Patent number: 12339990
    Abstract: Multi-tenancy system to perform tactical and permanent database and communication operations including secure handling of personally identifiable and/or health information (PII/PHI), data collection, data management, reporting, data analytics, secure communications, document sharing and microservices (e.g., registration, credentialing, RFID/barcoding, geo-location/geo-fencing, mobile application integration, social networking, biometrics). System includes security platform meeting stringent data protection mandates including firewall with extensive security protocols, encrypting communications between components of system (in transit) and information within each of the components (at rest). PII/PHI information is further encrypted and only visible with appropriate decryption key. System utilizes low code/no code database platform to address increasing demand for rapid, iterative and collaborative application development. System includes form builder that can easily add dynamic fields.
    Type: Grant
    Filed: January 10, 2022
    Date of Patent: June 24, 2025
    Inventors: Maria Shelton, Sam Murphy
  • Patent number: 12335263
    Abstract: A server transmits to a third-party application a request for a resource that is received from a client. The server receives an authentication request from the client device that has been generated by the third-party application. The server transmits an identity provider selection page to the client device that allows the client device to select an identity provider. The server causes the client device to transmit a second authentication request to a selected identity provider. The server receives an authentication response that was generated by the identity provider that includes the identity of the user. The server enforces access rule(s) including identity-based rule(s) and/or non-identity based rule(s). If the user is permitted to access the third-party application, the server causes an authentication response to be transmitted from the client device to the third-party application that indicates the user has successfully authenticated.
    Type: Grant
    Filed: January 29, 2024
    Date of Patent: June 17, 2025
    Assignee: CLOUDFLARE, INC.
    Inventors: James Howard Royal, Samuel Douglas Rhea
  • Patent number: 12335266
    Abstract: A method for granting access to objects by entities in a computerized system includes: providing an access control list (ACL) specifying for each object access rights to the objects of the computerized system; assigning a capability requirement information to at least one of the objects in the ACL; assigning a capability information to at least one entity of the entities in the computerized system; requesting access to an object by an entity; checking if the requesting entity has an access right in accordance with the ACL; and granting access to the requested object by the requesting entity only when the capability information assigned to the requesting entity matches with the capability requirement information assigned to the requested object. The combination of an ACL based access to files with capabilities improves the security of the system.
    Type: Grant
    Filed: February 18, 2020
    Date of Patent: June 17, 2025
    Assignee: Siemens Aktiengesellschaft
    Inventors: Fabrizio De Santis, Rainer Falk, Christian Peter Feist, Aliza Maftun, Johannes Zwanzger
  • Patent number: 12335243
    Abstract: A method for managing a data replication operation includes: obtaining, by a first security module (FSM), UTC-based system time of a first storage area network (SAN) infrastructure; generating, by the FSM, a secure string based on the UTC-based system time and a configuration parameter set by a user of the first SAN infrastructure; encrypting, by the FSM, the secure string to generate an encrypted secure string; appending, by the FSM, the encrypted secure string to a data replication request to generate an encrypted secure string-appended request, sending, by the FSM, the encrypted secure string-appended request to a second SAN infrastructure; making, after intercepting the encrypted secure string-appended request and by a second security module (SSM), a determination that the encrypted secure string-appended request is valid; and initiating, by the SSM, the operation from the first SAN infrastructure to the second SAN infrastructure by sending a notification to the FSM.
    Type: Grant
    Filed: February 24, 2023
    Date of Patent: June 17, 2025
    Assignee: Dell Products L.P.
    Inventors: Parminder Singh Sethi, Anay Kishore, Nithish Kn
  • Patent number: 12335347
    Abstract: A system for cross cloud workload identity virtualization including a program having instructions to route a first network call from a workload in a first cloud computing environment addressed to a first cloud computing environment instance metadata service (IMS) having destination data with an IP address of 169.254.169.254 to a universal IMS (UIMS) different from the first cloud computing environment IMS, route a second network call from the workload addressed to a destination other than the first cloud computing environment IMS to the destination indicated by the second network call, respond to the first network call with credentials valid for accessing a cloud service provided in a second cloud computing environment. The workload can access the cloud service from the first cloud computing environment, and access the cloud service from a third cloud computing environment different from the first cloud computing environment.
    Type: Grant
    Filed: December 18, 2023
    Date of Patent: June 17, 2025
    Assignee: CONTROL PLANE CORPORATION
    Inventors: Doron Grinstein, Julian Vassev, Dan Wilson
  • Patent number: 12333031
    Abstract: A flash drive locked by using wireless communication that is applicable to a mobile device is provided. The mobile device includes a mobile communication component and a mobile control component. The flash drive includes a connection port, an information storing component, a communication component, an identification certificate component and a control component. The information storing component stores information. The identification certificate component stores identification information of the flash drive. When the communication component communicates with the mobile communication component, the communication component transmits a locking command generated by the mobile control component from the mobile communication component to the control component.
    Type: Grant
    Filed: December 7, 2021
    Date of Patent: June 17, 2025
    Assignee: MAKTAR INC.
    Inventor: Liang-Hsin Chen
  • Patent number: 12326953
    Abstract: A method is provided that includes receiving a data request from a requesting device requesting data from a data source, looking up, in a blockchain ledger, a transaction corresponding to the data request to validate the data request, forwarding the validated data request to a data server, receiving a data response from the data server in response to the data request, wherein the data response comprises the requested data from the data source, and forwarding the data response to the requesting device.
    Type: Grant
    Filed: November 3, 2022
    Date of Patent: June 10, 2025
    Assignee: AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE. LIMITED
    Inventors: Gordon Yong Li, Xuemin Chen, Philippe Klein, Abbas Saadat, Shee-Yen Tan, Rui Pedro De Moura Alves Pimenta
  • Patent number: 12328310
    Abstract: Systems and methods for enhanced OTP messaging, comprising: receiving a request from an application executing on a computing device of a user; generating the supplemental information based on the request; segmenting the supplemental information into a first part of the supplemental information and a second part of the supplemental information; transmitting the first part of the supplemental information to the computing device of the user via a first communication channel to another app executing on the computing device of the user; instructing the another app to allow the user to utilize one or more graphical user interface (GUI) elements of a GUI of the another app to transfer the first part of the supplemental information to the app; and transmitting the second part of the supplemental information to the computing device of the user via a second communication channel so as to provide the supplemental information to the app.
    Type: Grant
    Filed: November 6, 2023
    Date of Patent: June 10, 2025
    Assignee: Capital One Services, LLC
    Inventors: Daniel Alan Jarvis, Jon Whitmore, Patrick Zearfoss
  • Patent number: 12328311
    Abstract: Systems and methods for enhanced OTP messaging, comprising: receiving a request from an application executing on a computing device of a user; generating the supplemental information based on the request; segmenting the supplemental information into a first part of the supplemental information and a second part of the supplemental information; transmitting the first part of the supplemental information to the computing device of the user via a first communication channel to another app executing on the computing device of the user; instructing the another app to allow the user to utilize one or more graphical user interface (GUI) elements of a GUI of the another app to transfer the first part of the supplemental information to the app; and transmitting the second part of the supplemental information to the computing device of the user via a second communication channel so as to provide the supplemental information to the app.
    Type: Grant
    Filed: November 6, 2023
    Date of Patent: June 10, 2025
    Assignee: Capital One Services, LLC
    Inventors: Daniel Alan Jarvis, Jon Whitmore, Patrick Zearfoss
  • Patent number: 12326934
    Abstract: A computer-based system and method for detecting suspicious activation of an application in a computer device, including: monitoring physical activation events by the computer device; identifying a software activation event in the computer device; determining whether a physical activation event corresponding to the software activation event has been detected; and determining that the software activation event is legitimate if the corresponding physical activation event has been detected at the computer device and determining that the software activation event is suspicious otherwise. The physical activation events may be touch events and the software activation event may be a click event.
    Type: Grant
    Filed: December 22, 2020
    Date of Patent: June 10, 2025
    Assignee: International Business Machines Corporation
    Inventors: Einav Raizman-Kedar, Ofer Benyamin Sasson, Nethanella Messer, Matan Elbaz Ziv
  • Patent number: 12328343
    Abstract: A determination is made that an identity of a non-target communicating entity (102) with which a target communicating entity (101) is communicating, is to be obfuscated in any report of lawful interception of the target communicating entity (101) to a law enforcement agency (131). Lawful interception is performed of the target communicating entity (101) and information pertaining to the lawful interception of the target communicating entity (101) is reported to the law enforcement agency (131). The reported information comprises non-obfuscated identity information of the target communicating entity (101) and obfuscated identity information of the non-target communicating entity (102).
    Type: Grant
    Filed: December 16, 2019
    Date of Patent: June 10, 2025
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Francesco Attanasio, Amedeo Imbimbo
  • Patent number: 12323410
    Abstract: Embodiments present different password-less sign-in alternatives for selection by the user for a subsequent future login to the service provider account interface, and in response to determining that data inputs from a user satisfy associated data requests, enable the selected password-less sign-in alternative for a subsequent login of the user into the service provider account interface, wherein the subsequent login of the user into service provider account interface via the enabled selected password-less sign-in alternative does not require the user to enter the password.
    Type: Grant
    Filed: July 26, 2021
    Date of Patent: June 3, 2025
    Assignee: ADP, Inc.
    Inventors: James P Mason, Gregory Fincannon, Tushar Phondge, Sonal Doshi, Neha Pahwa, Sanjoli Ahuja, Gregory Murphy
  • Patent number: 12323454
    Abstract: A method of determining a fraud network comprising: receiving address information regarding a first address; determining, using an address risk machine learning model, a first address risk score associated with the first address; identifying a first entity associated with the first address based on the first address risk score; determining at least one of a second address and a second entity associated with the first entity; and generating a fraud network profile including the first address, and the at least one of the second address and second entity.
    Type: Grant
    Filed: January 24, 2023
    Date of Patent: June 3, 2025
    Assignee: Early Warning Services, LLC
    Inventors: Jacob M. Bellman, Dan M. Hayden, Abhishek Chambe Venkatesh Murthy, John M. Kohoutek, Klementina Nikov
  • Patent number: 12321461
    Abstract: An attack graph processing device includes a node extraction unit which extracts a node relating to a rule classified into a predetermined group from an attack graph that is configured from one or more nodes indicating the state of a system to be diagnosed, or the state of the primary agent of an attack on the system to be diagnosed, and one or more edges indicating the relationship among a plurality of nodes, the attack graph being generated using rules indicating a condition in which the attack can be executed, and a graph configuration unit which simplifies the attack graph on the basis of the extracted node.
    Type: Grant
    Filed: June 17, 2019
    Date of Patent: June 3, 2025
    Assignee: NEC CORPORATION
    Inventors: Masaki Inokuchi, Yoshinobu Ohta
  • Patent number: 12323510
    Abstract: A method and apparatus for providing user key material from a server to a client is disclosed. The method comprises receiving a first message from the client in a server, the first message having a user key material request, an access token and an identifier of a transport key (TrK-ID), validating the user key material request according to the access token, generating a response having user key material responsive to the user key material request, encrypting the response according to the transport key (TrK), and transmitting a second message comprising the response from the server to the client. The client decrypts the second message according to the transport key (TrK) and validates the second message using the identifier of the transport key (TrK-ID).
    Type: Grant
    Filed: March 18, 2024
    Date of Patent: June 3, 2025
    Assignee: ARRIS Enterprises LLC
    Inventor: Xin Qiu
  • Patent number: 12323528
    Abstract: Techniques described herein are directed to proxies configured to handle identity and access management for a web application. For instance, a first proxy receives requests to the application from a browser. The first proxy redirects the browser to an identity endpoint, which prompts the user to enter authentication credentials for the application. Upon successful authentication, the endpoint provides an access token for accessing web APIs to the first proxy. The first proxy provides the token to a second proxy, which stores the token. The second proxy receives anonymous API calls from the web application to the web APIs. When receiving an anonymous API call, the second proxy obtains the token and inserts it into an outgoing request to the API. Responsive to the API returning a message indicating that the token is invalid, the second proxy communicates with the first proxy to obtain a new token from the endpoint.
    Type: Grant
    Filed: November 15, 2023
    Date of Patent: June 3, 2025
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Saeed Javed Akhter, Steven Soneff
  • Patent number: 12321455
    Abstract: Examples of the present disclosure describe systems and methods for malicious software detection based on API trust. In an example, a set of software instructions executed by a computing device may call an API. A hook may be generated on the API, such that a threat processor may receive an indication when the API is called. Accordingly, the threat processor may generate a trust metric based on the execution of the set of software instructions, which may be used to determine whether the set of software instructions poses a potential threat. For example, one or more call stack frames may be evaluated to determine whether a return address is preceded by a call instruction, whether the return address is associated with a set of software instructions or memory associated with a set of software instructions, and/or whether the set of software instructions satisfies a variety of security criteria.
    Type: Grant
    Filed: February 14, 2024
    Date of Patent: June 3, 2025
    Assignee: Open Text Inc.
    Inventors: Andrew L. Sandoval, David Alan Myers, John R. Shaw, II, Eric Klonowski
  • Patent number: 12322485
    Abstract: A system may include a plurality of inhalers, where each inhaler comprising medicament, a processor, memory, and a transmitter, multiple processing modules that may reside at least partially on a user device, a digital health platform (DHP) that is configured to receive and aggregate inhaler data from inhalers that are associated with a plurality of different users and a plurality of different medicament types. The DHP may determine a subset of the usage events based on the determined medication type, the determined time of day, and/or the determined date range. The DHP may determine a filtered list of users out of the plurality of users based on a comparison of the selected inhalation count threshold with the number of usage events that are associated with the same user and medication type.
    Type: Grant
    Filed: July 2, 2021
    Date of Patent: June 3, 2025
    Assignee: Norton (Waterford) Limited
    Inventors: Eric Chan, John Macey, Jon Cody Goldberg, Jenna-Leigh Meola
  • Patent number: 12323391
    Abstract: Described are techniques for grouping user profiles onto Virtual Private Networks (VPNs) including a computer-implemented method comprising creating a user profile at a VPN manager and associating the user profile with a set of demographically similar user profiles based on characteristics of the user profile. The computer-implemented method further comprises assigning the user profile to least one VPN server that is associated with the set of demographically similar user profiles. The computer-implemented method further comprises providing encrypted internet access to a device associated with the user profile via the at least on VPN server. The computer-implemented method further comprises transmitting resources to the device associated with the user profile via the at least one VPN server, where the resources are customized for the set of demographically similar user profiles.
    Type: Grant
    Filed: March 8, 2022
    Date of Patent: June 3, 2025
    Assignee: International Business Machines Corporation
    Inventors: Steven Leslie Shafer, Robert Simon, Mathew Accapadi
  • Patent number: 12323405
    Abstract: A method and a system for providing a catalogue of smart contracts deployed on a blockchain that is available to authenticated users is provided. The method includes: accessing each node of the blockchain; identifying all smart contracts that have been deployed within each respective node; indexing the identified smart contracts by assigning each respective smart contract to a corresponding category; generating a catalogue that includes an indexed listing each of the identified smart contracts; receiving a user request for access to the catalogue with an authorization credential; authenticating the user; and providing the requested catalogue access to the user. The method may also include receiving a search request; providing a list of smart contracts that corresponds to the criteria included in the search request; and monitoring the list for subsequent transactional activity.
    Type: Grant
    Filed: June 17, 2021
    Date of Patent: June 3, 2025
    Assignee: JPMORGAN CHASE BANK, N.A.
    Inventor: Ankur Sambhar
  • Patent number: 12314744
    Abstract: This disclosure enables a rule engine programmed for (i) expressing complex logic, (ii) handling time/event synchronization, (iii) providing insights into rule execution, and (iv) modeling uncertainties, while also enabling user actions to authenticate, approve, initiate, or decline certain workflows. Such configuration is technologically advantageous, because of its enablement in providing guidance to end users in completing transactions with user actions.
    Type: Grant
    Filed: November 27, 2024
    Date of Patent: May 27, 2025
    Assignee: Monarch Specialty Group, Inc.
    Inventors: Stephen Barrett Cichy, Markus Daniel Bockle
  • Patent number: 12316674
    Abstract: A secure web gateway is deployed on the cloud between a web client and a web server. The secure web gateway sends the web client a redirect response status code with a replacement server location in response to a Hypertext Transfer Protocol (HTTP) request sent by the web client to access a target resource on the web server. The secure web gateway thereafter receives from the web client a Hypertext Transfer Protocol Secure (HTTPS) request to access the target resource, the HTTPS request includes the replacement server location. The secure web gateway sends the HTTPS request as an HTTP request to the web server. The secure web gateway receives an HTTP response from the web server, and forwards the HTTP response as an HTTPS response to the web client.
    Type: Grant
    Filed: March 30, 2023
    Date of Patent: May 27, 2025
    Assignee: Trend Micro Incorporated
    Inventors: Juliang Jiang, Bin Shi, Shujun An
  • Patent number: 12317100
    Abstract: A first access network device allocates, to a second access network device based on an obtained quantity, supported by a terminal, of data radio bearers (DRBs) to which a data frame compression function is applied, a quantity of DRBs the second access network device can configure for the terminal and to which the function is applied can configure, and notifies the second access network device of an allocation result.
    Type: Grant
    Filed: March 29, 2022
    Date of Patent: May 27, 2025
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Qiang Fan, Chong Lou
  • Patent number: 12316772
    Abstract: Context-aware authentication may be provided. First, a request may be received for content service. The request may comprise information associated with a context of a household from which the request came. Next, the request may be authenticated based on the information associated with the context of the household from which the request came. Then the content service may be provided in response to authenticating the request.
    Type: Grant
    Filed: March 15, 2021
    Date of Patent: May 27, 2025
    Assignee: Synamedia Limited
    Inventors: Orly Amsalem, Steve Epstein
  • Patent number: 12316641
    Abstract: A network device may receive a subscription request to subscribe to a multimedia priority service (MPS) for a user device, and may generate an MPS profile for the user device based on the subscription request. The network device may store the MPS profile in a data structure, and may receive, from the user device, a request to generate an MPS token for the user device. The network device may retrieve the MPS profile from the data structure based on the request to generate the MPS token, and may generate the MPS token based on the MPS profile. The network device may provide the MPS token to the user device.
    Type: Grant
    Filed: October 21, 2022
    Date of Patent: May 27, 2025
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Jayshree A. Bharatia, Rakesh Chandwani, Toby Varughese John
  • Patent number: 12316643
    Abstract: Provided are systems, methods, and apparatuses initiating outbound communications and receiving inbound communications. The system may include at least one processor programmed or configured to detect a communication between a user device and a remote entity, the user device operated by a user, determine a security risk based on the communication, and in response to determining the security risk, automatically block at least one function within at least one application on at least one of the following: the user device, another user device associated with the user, or any combination thereof.
    Type: Grant
    Filed: July 11, 2024
    Date of Patent: May 27, 2025
    Assignee: Scam Off Limited
    Inventor: Joseph A. Charlson
  • Patent number: 12299169
    Abstract: Techniques for using contextual information to manage data that is subject to one or more data-handling requirements are described herein. In many instances, the techniques capture or depend upon the contextual information surrounding the creation and/or subsequent actions associated with the data. The contextual information may be updated as the data is handled in various manners. The contextual information may be used to identify data-handling requirements that are applicable to the data, such as regulations, standards, internal policies, business decisions, privacy obligations, security requirements, and so on. The techniques may analyze the contextual information at any time to provide responses regarding handling of the data to requests from requestors, such as administrators, applications, and others.
    Type: Grant
    Filed: July 27, 2023
    Date of Patent: May 13, 2025
    Assignee: Microsoft Technology Licensing LLC
    Inventors: Colette Van Dyne, Jeffrey Friedberg