Authorization Patents (Class 726/4)
  • Patent number: 12255886
    Abstract: Techniques are described for managing secrets for accessing resources of a computing service provider by a client computing device. Two secrets are created that are valid for accessing the resource by the client computing device. When one of the two secrets are invalid for accessing the resource, the client computing device can use the second of the two secrets to gain access to the resource.
    Type: Grant
    Filed: June 24, 2022
    Date of Patent: March 18, 2025
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventor: Nicolas Harry Neate
  • Patent number: 12248580
    Abstract: The present disclosure relates to systems, methods, and non-transitory computer-readable media that detect synthetic user accounts of a digital system via machine learning. For instance, the disclosed systems can utilize a machine learning model to analyze account features that are related to a user account and generate an indication that the user account is synthetic based on the analysis. The disclosed systems can further disable (e.g., suspend or close) the user account based on determining that the user account is synthetic. In some cases, the machine learning model provides a precision score that indicates a likelihood that the user account is synthetic, and the disclosed systems disable the user account if the precision score satisfies a threshold. In some implementations, the disclosed systems generate the machine learning model using synthetic user accounts detected via one or more rules and other user accounts that are associated with those synthetic user accounts.
    Type: Grant
    Filed: February 16, 2022
    Date of Patent: March 11, 2025
    Assignee: Chime Financial, Inc.
    Inventors: Peter Zawadzki, Jiby Babu
  • Patent number: 12250224
    Abstract: An application for dynamic, granular access permissions can include a database interface, a user interface, a login process, an administrator, an event handler and an authorization process. The database interface can be an interface to an access control permissions database that stores roles, actions, or policies for users of the application. The login process can authenticate a user and determine a default set of access control permissions for that user when they are using the user interface. The administrator can provide access control permissions for a user by using the database interface. The event handler can dynamically modify access to functionality in the user interface based on an event. The authorization process can determine whether a request from the user interface is authorized before process the request. The authorization process can use access control permissions from the administrator and either a scope limited or a temporally limited access permission.
    Type: Grant
    Filed: December 6, 2023
    Date of Patent: March 11, 2025
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Brian Childress, Sean Stokely
  • Patent number: 12249334
    Abstract: A text mining engine running on an artificial platform is trained to perform conversation role identification, semantic analysis, summarization, language detection, etc. The text mining engine analyzes words in a transcript that represent unique characteristics of a conversation and, based on the unique characteristics and utilizing classification predictive modeling, determines a conversation role for each participant of the conversation and metadata describing the conversation such as tonality of words spoken by a participant in a particular conversation role. Outputs from the text mining engine are indexed and useful for various purposes. For instance, because the system can identify which speaker in a customer service call is likely an agent and which speaker is likely a customer, words spoken by the agent can be analyzed for compliance reasons, training agents, providing quality assurance for improving customer service, providing feedback to improve the performance of the text mining engine, etc.
    Type: Grant
    Filed: April 28, 2021
    Date of Patent: March 11, 2025
    Assignee: OPEN TEXT HOLDINGS, INC.
    Inventors: Steven John Graff, Sayeed Khawja Mohammed, Devanshu D. Sheth
  • Patent number: 12248540
    Abstract: An information processing device includes: a hardware processor that executes a license check of software, wherein the hardware processor detects a request for remote access to the software, extracts a description about remote access from a license agreement of the software to which a request for remote access is requesting access, and determines, based on the extracted description about the remote access, whether the remote access is a license violation.
    Type: Grant
    Filed: March 31, 2022
    Date of Patent: March 11, 2025
    Assignee: Konica Minolta, Inc.
    Inventor: Megumi Miura
  • Patent number: 12250306
    Abstract: A method at a first domain for obtaining at least one insight from a second domain, the method including registering an application with an anchor in the first domain; providing, from the anchor to the application, a first message signed by the anchor; sending, from the first domain to a network domain, the signed message; receiving, from the network domain, at least one signed token, each of the at least one signed token being for a synthetic sensor on the second domain, where the synthetic sensor provides an insight; sending a request message to the second domain, the request message requesting the insight and including the at least one token; and receiving the insight from a synthetic sensor associated with the at least one token.
    Type: Grant
    Filed: March 15, 2024
    Date of Patent: March 11, 2025
    Assignee: BlackBerry Limited
    Inventors: Biswaroop Mukherjee, Geordon Thomas Ferguson
  • Patent number: 12248542
    Abstract: An image forming apparatus includes an authentication application device that registers information acquired from an authentication system, and indicating a normal application accessible by a user when the user logs in in the image forming apparatus, in temporary user information, and a normal application device that decides, upon being requested to activate itself, whether the user who has logged in in the image forming apparatus is authorized to utilize the normal application device, on a basis of the temporary user information.
    Type: Grant
    Filed: April 27, 2022
    Date of Patent: March 11, 2025
    Assignee: KYOCERA Document Solutions Inc.
    Inventor: Yumi Nakagoshi
  • Patent number: 12250530
    Abstract: Examples described herein relate to portable playback devices, such as smart headphones and earbuds, and ultra-portable devices having built-in voice assistants. Some example techniques relate to user interaction with voice assistants. Further example techniques relate to voice guidance played back by the headphones to guide the user under certain conditions.
    Type: Grant
    Filed: September 12, 2022
    Date of Patent: March 11, 2025
    Assignee: Sonos, Inc.
    Inventors: Sangah Park, Ryan Myers, John Tolomei
  • Patent number: 12250211
    Abstract: Users can be logged in to modern workspaces using different cloud identity providers and single sign-on. A login manager can be provided on a user computing device to obtain a user's login credentials via a custom login screen. The login manager can then inject the login credentials into an authentication interface of a cloud identity provider to authenticate the user for purposes of logging in to the user computing device. The login manager can leverage this authentication to perform single sign-on for all resources of a modern workspace such that the user can be logged in to the modern workspace via any cloud identity provider.
    Type: Grant
    Filed: October 19, 2022
    Date of Patent: March 11, 2025
    Assignee: Dell Products L.P.
    Inventors: Ramanujam Kaniyar Venkatesh, Sudhakar Ramasamy, Jyothi Bandakka
  • Patent number: 12244594
    Abstract: Devices, systems and methods are provided for remotely managing configuration of a networking device. One method of managing configuration of a networking device involves obtaining resources associated with one or more graphical user interface (GUI) displays of a web application for configuring the networking device, receiving a request to access the web application, and in response to the request, determining a representative value for the resources as a function of a current state of the resources, obtaining a reference value for the resources that reflects a validated state of the resources, and instantiating the web application using the resources when the representative value matches the reference value.
    Type: Grant
    Filed: March 28, 2022
    Date of Patent: March 4, 2025
    Inventor: Jose Lejin P J
  • Patent number: 12242604
    Abstract: A method for preventing data leakage may include: identifying data that is generated by at least one framework application in response to a data request from a first machine learning (ML) engine of a plurality of ML engines; creating a plurality of data blocks based on the generated data, a category of the first ML engine, and a tag associated with the first ML engine and the at least one framework application; determining whether the plurality of data blocks are valid to share with the first ML engine using an activity block chain associated with each of the plurality of framework applications; based on the plurality of data blocks being valid, sharing the plurality of data blocks with the first ML engine, and otherwise discarding the plurality of data blocks not to share with the first ML engine.
    Type: Grant
    Filed: December 30, 2021
    Date of Patent: March 4, 2025
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Rahul Agrawal, Vipul Gupta, Saurabh Kumar, Ankur Agrawal, Nitesh Goyal
  • Patent number: 12242652
    Abstract: For increased device security, a security policy manager is used to configure permissions for applications installed on mobile computing devices. In one approach, an evaluation server receives data associated with a context for a computing device. Based on the received data, a policy that is applicable for the current context of the computing device is identified. The identified policy has rules regarding access permissions for software installed on computing devices. The server determines a current policy implemented on the computing device, which includes determining an access permission for software installed on the computing device. The server determines that the access permission for the installed software does not comply with the policy applicable to the current context. Based on this determination, the server revokes the access permission for the installed software.
    Type: Grant
    Filed: March 7, 2019
    Date of Patent: March 4, 2025
    Assignee: Lookout, Inc.
    Inventors: Brian James Buck, Aaron Cockerill
  • Patent number: 12242638
    Abstract: Techniques are disclosed pertaining to determining whether execution of a transaction will exceed a system resource threshold. A computer system stores a precomputed permissions data structure in association with particular data stored in a database. That precomputed data structure may be used to determine whether a user can access the particular data. The computer system may capture metric information that pertains to parameters involved in different types of transactions that can be performed to recompute the precomputed permissions data structure. Upon receiving a request to perform a transaction that involves recomputing the permissions data structure, the computer system, may determine, based on the metric information and the transaction's particular type, whether an execution of the transaction will exceed the system resource threshold.
    Type: Grant
    Filed: January 31, 2023
    Date of Patent: March 4, 2025
    Assignee: Salesforce, Inc.
    Inventors: Arjun Kumar Sirohi, Lakshman Martha, Sirisha Tummalapenta
  • Patent number: 12244687
    Abstract: Systems, methods, network devices, and machine-readable media disclosed herein include encoding data for storage or transmission by encoding the data according to a tamper-resistant data encoding scheme that renders the data secure against unbounded polynomial size attacks. The present disclosure further includes subsequently determining whether the data has been tampered with, and notifying a processor when the data has been modified or compromised.
    Type: Grant
    Filed: June 22, 2021
    Date of Patent: March 4, 2025
    Assignees: NTT Research Inc., University of Maryland, College Park, Cornell University
    Inventors: Dana Dachman-Soled, Ilan Komargodski, Rafael N Pass
  • Patent number: 12238104
    Abstract: A secure communication system enabling secure transport of information is disclosed. The system comprises a secure network with one or more packet processing units connected by links through an internal communication system. The secure network transports packets of information between credentialed and authenticated agents. Each packet is associated with a visa issued by a visa service. The visa specifies the procedures governing the processing of the packet by the packet processing units as it is transported along a compliant flow, between agents thorough the network, according to a set of policies specified in a network configuration. Packet processing units include docks and forwarders. Adaptors serving the agents communicate with the network through tie-ins to docks. The system also includes and admin service, accessible to one more admins, that facilitates configuration and management of the network.
    Type: Grant
    Filed: July 22, 2022
    Date of Patent: February 25, 2025
    Assignee: APPLIED INVENTION, LLC
    Inventors: W. Daniel Hillis, David C. Douglas, Mathias Kolehmainen, Steven Willis, Frank Kastenholz, Michael Dubno
  • Patent number: 12238014
    Abstract: Techniques and mechanisms for identifying unmanaged cloud resources with endpoint and network logs and attributing the identified cloud resources to an entity of an enterprise that owns the cloud resources. The process collects data from sources, e.g., endpoint and network logs, with respect to traffic in a computer network and based at least in part on the data, extracts relationships related to the traffic. The process applies rules to the relationships to extract destinations in the computer network that provide cloud resources in a cloud environment, wherein the cloud resources are owned by an enterprise. One or more users or business entities of the enterprise are identified as accessing the cloud resources.
    Type: Grant
    Filed: January 4, 2024
    Date of Patent: February 25, 2025
    Assignee: Cisco Technology, Inc.
    Inventors: Blake Harrell Anderson, Andrew Chi, David Arthur McGrew, Saran Singh Ahluwalia
  • Patent number: 12238166
    Abstract: The present disclosure relates to managing services by a managed service provider (MSP) in a cloud based infrastructure. A control plane of the MSP is established in a first tenancy, and a first access plane of the MSP is established in a second tenancy of a cloud environment. The control plane is configured to manage a plurality of services offered by the MSP to a first host machine included in the second tenancy. A first request is transmitted from the control plane to the first access plane, where the first request is forwarded by the first access plane to the first host machine, and corresponds to a service utilized by the first host machine and managed by the control plane of the MSP. In response to the first request being validated, a first state of the first host machine is modified in the second tenancy based on the first request.
    Type: Grant
    Filed: July 12, 2023
    Date of Patent: February 25, 2025
    Assignee: Oracle International Corporation
    Inventors: Yomesh Rajen Shah, Girish Ahuja, Jason Michael Rothstein, Mark Andrew Crawford, Neeraj Kumar, Umair Ahmed
  • Patent number: 12238085
    Abstract: A device management service may enforce compliance of remote devices with device specifications by disabling or enabling use of client certificates by applications installed on the devices. The device management service receives configuration data from an agent installed on the remote device. If the device management service determines that the device is no longer compliant with specifications for the device, then the device management service may prevent subsequent use of client certificate(s) by applications on the device to establish certificate-based connections. For example, the device management service may disable or revoke a client certificate or may instruct the device to disable or remove the client certificate. If the device becomes compliant at a subsequent time, then the device management service may enable the client certificate or cause a new client certificate to be sent to the device.
    Type: Grant
    Filed: September 30, 2019
    Date of Patent: February 25, 2025
    Assignee: Amazon Technologies, Inc.
    Inventors: Justin Paul Yancey, Jack A. Drooger, Sanjay Dey
  • Patent number: 12229308
    Abstract: A data sharing system may facilitate sharing of data with third party systems. The data sharing request can be identified as being a potential privacy risk. To reduce the potential privacy risk, in one example, requested user data can be modified prior to sharing. The modified user data can be shared with the third party system rather than sharing unmodified user data.
    Type: Grant
    Filed: March 31, 2022
    Date of Patent: February 18, 2025
    Assignee: United Services Automobile Association (USAA)
    Inventors: Oscar Guerra, Megan Sarah Jennings, Dustin Bowen Bitter, Pooja Krishnaswamy, Donald Nathaniel Holloway, III, Nikhil Dama
  • Patent number: 12229209
    Abstract: Various approaches for identifying possible unsecured devices on a network as set forth. In some cases, approaches discussed relate to systems and methods for identifying possible unsecured devices based upon a host name for each of the discovered devices.
    Type: Grant
    Filed: February 25, 2021
    Date of Patent: February 18, 2025
    Assignee: Fortinet, Inc.
    Inventor: Haitao Li
  • Patent number: 12229284
    Abstract: Disclosed are various embodiments of a multiuser unified endpoint management (UEM) system. A device check-in can be received from a client device. The device check-in can include a device identifier that uniquely identifies the client device with respect to other client devices and a user identifier that uniquely identifies the user of the client device with respect to other users of the client device. In response, a device channel identifier associated with the device identifier and a user channel identifier associated with both the user identifier and the device identifier can be obtained. Then a first set of entitlements associated with the device channel identifier and a second set of entitlements associated with the user channel identifier can be selected. Both sets of entitlements can be provided to the client device in response to the device check-in.
    Type: Grant
    Filed: November 17, 2022
    Date of Patent: February 18, 2025
    Assignee: Omnissa, LLC
    Inventors: Senthil Parthasarathy, Kevin B. Sheehan, Muhammad Anadil Furqan, Haroon Barlas, Amruta Moghe, Kishore Krishnakumar, Adarsh Subhash Chandra Jain
  • Patent number: 12232195
    Abstract: A specific communication device may send specific identification information for identifying the specific communication device to an external via a communication interface, wherein the external device may display a screen including the specific identification information in a case where the external device receives the specific identification information from the specific communication device; and in a case where a specific condition including that the specific identification information is sent to the external is fulfilled, a state of the display unit may be changed from a first state to a second state, the first state being a state in which the display unit does not display the specific identification information, and the second state being a state in which the display unit displays the specific identification information.
    Type: Grant
    Filed: May 26, 2022
    Date of Patent: February 18, 2025
    Assignee: BROTHER KOGYO KABUSHIKI KAISHA
    Inventor: Hirokazu Sato
  • Patent number: 12229242
    Abstract: A mode selector permits deactivating a run-time operational mode and activating a privileged operational mode on a remote terminal unit (RTU). One or more functionalities associated with the privileged operational mode are performed via a local and/or a remote computing device communicatively coupled to the RTU. The functionalities include at least one of developing and deploying content for the RTU, loading security certificates for the RTU, enabling Linux root account access to the RTU, and performing system maintenance on the RTU. The mode selector switch returns the RTU to the run-time operational mode after the functionalities are performed.
    Type: Grant
    Filed: December 21, 2021
    Date of Patent: February 18, 2025
    Assignee: SCHNEIDER ELECTRIC SYSTEMS USA, INC.
    Inventors: Philip Aubin, Salih Utku Karaaslan
  • Patent number: 12230267
    Abstract: A system and method is provided that enables voice recognition for legacy operating systems of a computing device. An exemplary method includes receiving speech-based instructions from a user of mobile device that indicate a request for executing a task. The speech-based instructions are then analyzed by an intelligent personal assistant running on the mobile device to determine an intent of the user. If the intent of the user identifies a specialized client software module installed on the mobile, the software module will generate a command object that includes parameters relating to the execution of the task. The command object is then transmitted by the first computing device to a personal computer with a legacy operating system where the command object causes a software agent installed on the personal computer to execute the task based on the parameters included in the command object.
    Type: Grant
    Filed: November 10, 2022
    Date of Patent: February 18, 2025
    Assignee: Parallels International GmbH
    Inventors: Ivan Korobov, Andrey Omelyanchuk, Nikolay Dobrovolskiy, Sergei M. Beloussov
  • Patent number: 12231557
    Abstract: An electronic device according to various embodiments may include: a communication circuit, a memory, and at least one processor functionally connected to the communication circuit and the memory, wherein the at least one processor is configured to: perform wireless communication with an external electronic device through the communication circuit, based on a shared secret key generated by the electronic device in a process of configuring an association with the external electronic device, transmit, to the external electronic device through the communication circuit, a renewal frame for renewing the shared secret key, at a time point at which a lifetime of the shared secret key expires or at a time point a specified time ahead of the time point at which the lifetime of the shared secret key expires, and renew the shared secret key to perform wireless communication with the external electronic device through the communication circuit, based on the renewed shared secret key.
    Type: Grant
    Filed: February 28, 2022
    Date of Patent: February 18, 2025
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Seongsu Choi, Junhak Lim, Chounjong Nam
  • Patent number: 12223504
    Abstract: Briefly, embodiments are directed to a system, method, and article for receiving an authorization request message for a remote commerce transaction with a particular merchant, where the authorization request message comprises a merchant universal payment identifier (MuPi). The MuPi may be extracted from the authorization request message. Validation information may be determined for the MuPi. A message may be transmitted to a payment network to enable authorization of the remote commerce transaction at least partially in response to the determination of the validation information.
    Type: Grant
    Filed: September 8, 2021
    Date of Patent: February 11, 2025
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventor: Sachin Ahuja
  • Patent number: 12223082
    Abstract: Embodiments of the present disclosure provide systems and methods for managing role hierarchies and assignment of permissions by providing secure roles which are roles where the only user that can grant any privilege to the secure role, is the role that owns the secure role. A set of secure roles that defines a role hierarchy may be generated, wherein only a role that owns the set of secure roles can grant any privilege to each of the secure roles. The role that owns the set of secure roles may grant one or more privileges to a first secure role of the set of secure roles. In response to a user other than the role that owns the set of secure roles attempting to grant a privilege to the first secure role or modify a privilege granted to the first secure role, the attempt may be denied.
    Type: Grant
    Filed: June 30, 2023
    Date of Patent: February 11, 2025
    Assignee: Snowflake Inc.
    Inventors: Vikas Jain, Eric Karlson, Sepideh Khoshnood, Ramana Rao S. Turlapati
  • Patent number: 12225063
    Abstract: A health administration method, a health administration apparatus, a health administration system, and a data collection apparatus are provided. The health administration method involves a plurality of objects and a plurality of devices, and includes: generating a device usage record of at least one object based at least on identity information of the at least one object among the plurality of objects and data generated by a device used by the at least one object (S10), and providing the device usage record of the at least one object to a memory associated with a health administration apparatus (S20). The health administration method, the health administration apparatus, the health administration system, and the data collection apparatus can improve work efficiency of medical workers.
    Type: Grant
    Filed: January 31, 2020
    Date of Patent: February 11, 2025
    Assignees: BEIJING BOE TECHNOLOGY DEVELOPMENT CO., LTD., BOE TECHNOLOGY GROUP CO., LTD.
    Inventors: Junjie Zhao, Qian Zhang, Jing Su, Yanqiu Zhao
  • Patent number: 12224994
    Abstract: Disclosed is an identity authentication system for distributed Internet of vehicles (IoV), including a core cloud, a plurality of edge clouds, a plurality of road side units (RSUs) and a plurality of terminal vehicles. The core cloud stores registration information about the terminal vehicles and the RSUs; the edge cloud performs identity verification on the RSUs according to the registration information, and after the verification is passed, the edge cloud generates a temporary shared session key and sends the same to the RSU and the terminal vehicle, and the RSU and the terminal vehicle establish encrypted communication according to the temporary shared session key, to provide a network communication service for the terminal vehicle. In the present disclosure, a vehicle identity authentication efficiency in a scene with a large traffic density can be effectively improved.
    Type: Grant
    Filed: September 5, 2024
    Date of Patent: February 11, 2025
    Assignee: Guangdong University of Technology
    Inventors: Chang Liu, Hongmin Wei, Jiacheng Xu, Guojun Han, Yi Fang
  • Patent number: 12224981
    Abstract: A system and method for providing external resources through a zero trust environment includes recording a web session of a first user to generate a policy allowing a second user to access the resource used in the web session. The method includes receiving a request to initiate a network session with the zero trust environment, the request including login credentials, wherein the login credentials correspond to an authorizing user account; receiving a request to access a resource in a network environment which is external to the zero trust environment; detecting in the request a domain associated with the resource; and configuring a policy engine of the zero trust environment to generate a policy allowing network traffic between the domain and a designated user account, based on the received request.
    Type: Grant
    Filed: May 31, 2022
    Date of Patent: February 11, 2025
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Yehoshua Haim Chen, Shay Farhuma Gutman, Omri Himelbrand, Gilad Kleinman, Shay Shwartz, Natan Elul
  • Patent number: 12222900
    Abstract: A system can maintain respective extended attributes for respective files in a file system, wherein the respective extended attributes comprise respective first-in-first-out (FIFO) queues of user identities that have been determined to have modified the respective files. The system can receive an indication to perform a delete operation on a first portion of the file system, wherein the indication is indicative of a first user identity for which files are to be preserved. The system can, in response to receiving the indication, evaluate the respective files, comprising in response to determining that the first user identity is omitted from a FIFO queue of the respective FIFO queues, delete a file of the respective files that corresponds to the FIFO queue; and in response to determining that the first user identity is identified in the FIFO queue, refrain from deleting the file.
    Type: Grant
    Filed: July 21, 2023
    Date of Patent: February 11, 2025
    Assignee: DELL PRODUCTS L.P.
    Inventor: Shiv S. Kumar
  • Patent number: 12225007
    Abstract: Various approaches for securing networks against access from off network devices. In some cases, embodiments discussed relate to systems and methods for identifying potential threats included in a remote network by a network access device prior to requesting access to a known secure network via the remote network.
    Type: Grant
    Filed: December 26, 2023
    Date of Patent: February 11, 2025
    Assignee: Fortinet, Inc.
    Inventor: Emilio Borbolla Galindo
  • Patent number: 12218931
    Abstract: Disclosed are methods, systems, and non-transitory computer-readable media for utilizes a collaboration application to provide data beneficial to the authentication of the user. The present application discloses receiving at least one item of personal identifying information for a user from a primary multi-factor authentication device. The present application further discloses receiving at least one item of personal identifying information for a user from a conferencing service in which the user is engaged in a conference. The present application also discloses determining whether to authenticate the user based on the items of personal identifying information from the primary multi-factor authentication device and from the conferencing service.
    Type: Grant
    Filed: February 5, 2021
    Date of Patent: February 4, 2025
    Assignee: Cisco Technology, Inc.
    Inventors: Thomas Szigeti, Stefano Giorcelli, Frank Michaud, David John Zacks
  • Patent number: 12216775
    Abstract: Systems and methods mediate permissions for applications on user devices using predictive models. Data communications are monitored on a user device for permission requests and responses. A predictive model is trained with these permission requests and responses until a threshold is met. Then, a default permission response is provided on behalf of the user device in response to a permission request.
    Type: Grant
    Filed: December 5, 2023
    Date of Patent: February 4, 2025
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Mark Watson, Jeremy Goodsitt, Austin Walters, Anh Truong, Vincent Pham
  • Patent number: 12218937
    Abstract: A packet processing method. A protection device receives a first access request packet. The first access request packet includes a packet sent based on a TCP/IP protocol. The protection device extracts a first fingerprint feature from a transport-layer packet header and/or a network-layer packet header of the first access request packet. The first fingerprint feature corresponds to an operating system type of a terminal device that transmits the first access request packet. The protection device recognizes the first fingerprint feature based on a fingerprint feature database to determine whether to allow the first access request packet to access a server. The protection device allows the first access request packet to pass through when the first access request packet is allowed to access the server. The protection device blocks the first access request packet when the first access request packet is not allowed to access the server.
    Type: Grant
    Filed: April 28, 2022
    Date of Patent: February 4, 2025
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventor: Shiguang Li
  • Patent number: 12219250
    Abstract: This disclosure provides a method for controlling a camera, the camera comprising a controllable component and associating with at least one associated client and a reference device, the method comprises: obtaining a first client list of the at least one associated client and a second client list of clients that are currently connected to the same local area network as the camera by connecting with the reference device; comparing the first client list with the second client list; and controlling a state of the controllable component so that the camera is in a first state when one or more of the at least one associated client are connected to the same local area network as the camera via the reference device and is in a second state when no associated client is connected to the same local area network as the camera.
    Type: Grant
    Filed: January 17, 2022
    Date of Patent: February 4, 2025
    Assignee: BOE TECHNOLOGY GROUP CO., LTD.
    Inventor: Junjie Zhao
  • Patent number: 12216763
    Abstract: The techniques disclosed herein detect Cross-Site Request Forgery (CSRF) vulnerabilities in a web application. In some configurations, CSRF vulnerabilities are detected by analyzing the source code of the web application. Specifically, CSRF vulnerabilities are detected by determining if CSRF mitigation features of one or more frameworks are being used incorrectly or inconsistently. Some CSRF mitigation features provided by web frameworks inject capabilities into the web application, e.g. to automatically store an anti-forgery token in a cookie, copy the anti-forgery token from the cookie into an HTML, form or a request header, or determine whether form submissions or request headers include the same anti-forgery token as the cookie. CSRF vulnerabilities may be detected by analyzing the source code to identify when one of these features is omitted or used incorrectly end-to-end. CSRF vulnerabilities are also detected by identifying when CSRF mitigation features of multiple web frameworks are incompatible.
    Type: Grant
    Filed: October 27, 2021
    Date of Patent: February 4, 2025
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventor: Safwan Mahmud Khan
  • Patent number: 12219065
    Abstract: Systems and methods are provided for persistent login. Such persistent login may be based on linking user identity across accounts of different entities to allow each entity to maintain control over their respective sets of user data, while providing a streamlined user experience that avoids much of the repetitive need to login to different services with different login credentials (e.g., during periods of heavy use). Such persistent login may utilize a set of tokens issued and exchanged between devices of the partnering entities. Such tokens may include an access token, refresh token, and identity token. When a user associated with a first entity requests access to information secured by a second entity, such request may be associated with the access token. If the access token is determined to be expired, the refresh token may be used to refresh the access token, which may also trigger issuance of a new refresh token.
    Type: Grant
    Filed: February 2, 2024
    Date of Patent: February 4, 2025
    Assignee: Synchrony Bank
    Inventors: Shaoyen Chang, William Mahoney, Chidhambaram Mathevan Pillai, Seulkee Park, Jeremy T. Mack, Shahul Shaik, Sathyanarayana Mahendran, Marina Loginova
  • Patent number: 12218849
    Abstract: A method includes providing a library of hardware-agnostic packet-processing functions. A functional hardware-agnostic specification of a packet-processing pipeline is received from a user. The specification is defined in terms of one or more of the packet-processing functions drawn from the library. A hardware-specific design of the packet-processing pipeline, which is suited to given hardware, is derived from the specification.
    Type: Grant
    Filed: February 28, 2024
    Date of Patent: February 4, 2025
    Assignee: Mellanox Technologies, Ltd
    Inventors: Roni Bar Yanai, Jiawei Wang, Yossef Efraim, Chen Rozenbaum
  • Patent number: 12212549
    Abstract: Disclosed are a method, a device and a computer-readable storage medium for registration and login. The method includes: receiving, on a registration device side, registration information used to register a first object; performing a registration operation corresponding to the first object according to the registration information; sending the registration information to a login device that subscribes to the registration information in advance after the registration operation is successful; receiving, on a login device side, the registration information used to successfully register the first object sent by a registration device; receiving login information used to login a second object; and performing a login operation corresponding to the second object if it is determined that the login information has not been used to register the second object and the login information matches the registration information sent by the registration device.
    Type: Grant
    Filed: April 11, 2022
    Date of Patent: January 28, 2025
    Assignees: GREE ELECTRIC APPLIANCES, INC. OF ZHUHAI, LEAYUN TECHNOLOGY CO., LTD. OF ZHUHAI
    Inventors: Jiajin Lai, Junwei Huang, Yuanzhao Wang, Jiaqi Zhang
  • Patent number: 12212576
    Abstract: A computer-implemented technique is described herein for defining and applying constraints that regulate a supervisee's interaction with applications. In one implementation, the technique provides a user interface presentation to a supervisor that lists a set of applications that run on plural application execution platforms. The user interface presentation also allows the supervisor to set platform-agnostic constraint information for any identified application. The platform-agnostic constraint information, once set for an application, constrains interaction by a supervisee with all versions of that same application. That is, the constraint information is said to be agnostic with respect to platform in the sense that it applies to a variety of application execution platforms that run the application. In one example, the platform-agnostic constraint information specifies a permitted amount of an activity that the supervisee is permitted to perform across all versions of an application.
    Type: Grant
    Filed: May 23, 2022
    Date of Patent: January 28, 2025
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Rui Suresh Zhu, Daniel Martin Strommen, Irina Petronela Salvan, Fernando Israel Osorio Cedeno, Alec Richard Lindberg, Thomas Anand Jeyaseelan, Mouna Sidi Hida, Emre Aydinceren
  • Patent number: 12212569
    Abstract: Reinstating access to a system of an admin whose certificate is invalid or expired is disclosed. When the admin's certificate is expired, the admin may send a request for reinstatement to tenant admins. The voting operation is based on shares of a secret that have been distributed to validators. When the shares are successfully reconstructed to obtain the secret, the voting operation is affirmed or allowed to proceed. If the vote is successful, access for the admin is restored or reinstated.
    Type: Grant
    Filed: April 24, 2023
    Date of Patent: January 28, 2025
    Assignee: Dell Products L.P.
    Inventors: Ofir Ezrielev, Lee Serfaty, Yehiel Zohar
  • Patent number: 12210530
    Abstract: In an embodiment, a method for dynamically generating and using peer groups in an e-procurement system includes creating an entity database with a plurality of attributes associated with entities and an ordered table of matching rules. Each matching rule having a priority value and two or more matching attributes. The method includes receiving a user input specifying a particular entity for generating a current peer group of other entities. The method includes accessing the entity database to retrieve particular attributes of the particular entity and querying the entity database to receive a result set of matching entities as the current peer group of other entities for the particular entity based on the particular attributes of the particular entity and the matching rules. The method further includes appending data for the matching entities in the result set to a peer group data structure associated with the particular entity.
    Type: Grant
    Filed: May 30, 2023
    Date of Patent: January 28, 2025
    Assignee: Coupa Software Incorporated
    Inventors: Brent Sisson, Austin Haygood, Alejandro Avalos Mar, Emily Kelly, Liaowang Zou, Parand Darugar
  • Patent number: 12208800
    Abstract: A system includes one or more processors configured to determine that a vehicle is attempting to enter an area designated for off-road travel. The processors are also configured to access use-restrictions stored in a database and associated with the area, the use-restrictions defining at least one vehicle constraint required for the vehicle to travel over one or more locations that are part of the area, the use restrictions defining at least one of vehicle control limiting or vehicle weight maximums. The processors are further configured to determine whether the vehicle meets the use-restrictions based on an assessment of vehicle characteristics compared to the use-restrictions and responsive to determining that the vehicle meets the restrictions, providing the vehicle with a digital access pass to the area.
    Type: Grant
    Filed: June 6, 2022
    Date of Patent: January 28, 2025
    Assignee: Ford Global Techologies, LLC
    Inventors: Brendan F. Diamond, Keith Weston, Michael Alan McNees, Andrew Denis Lewandowski, Jordan Barrett
  • Patent number: 12204793
    Abstract: A multi-platform data storage system that facilitates sharing of containers including one or more virtual storage resources. The multi-platform data storage system can, for example, include a storage interface configured to enable access to a plurality of storage platforms that use different storage access and/or management protocols, the plurality of storage platforms storing data objects in physical data storage; and a storage mobility and management layer providing virtual management of virtual storage resources corresponding to one or more data objects stored in the plurality of storage platforms, the storage mobility and management layer including at least a transfer module coupled to at least one network and configured to transfer at least one of the data objects. The transfer module can transfer the at least one of the data objects between the multi-platform data storage system and another data storage system.
    Type: Grant
    Filed: April 10, 2022
    Date of Patent: January 21, 2025
    Assignee: Arrikto Inc.
    Inventors: Konstantinos Venetsanopoulos, Evangelos Koukis, Christos Stavrakakis, Ilias Tsitsimpis, Dimitrios Aragiorgis, Alexios Pyrgiotis
  • Patent number: 12204497
    Abstract: A method of managing file permissions in a remote file storage system includes defining permissions for the remote file storage system and controlling access to objects on the remote file storage system according to the permissions of the remote file storage system. The permissions are transferred to a client file storage system remote from the remote file storage system, and access to objects on the client file storage system is controlled according to the permissions of the remote file storage system. A remote file storage system includes a permissions file generator operative to generate a permissions file, which is transmitted to a client file storage system for enforcement at the client file storage system.
    Type: Grant
    Filed: August 23, 2023
    Date of Patent: January 21, 2025
    Assignee: Egnyte, Inc.
    Inventors: Amrit Jassal, Ravi Kariyawasam Bodhitantri Wijayaratne, Ray White, Manish Marathe, Aahz, Rajesh Ram
  • Patent number: 12204659
    Abstract: A method, computer system, and computer program product are provided for applying a dynamic security policy to shared content in collaborative applications. A selection of one or more content items is received for sharing in a communication session. A security policy is queried using a key that is associated with each of the one or more content items to determine a security policy for each of the one or more content items. A plurality of users participating in the communication session are identified. Each content item of the one or more content items is selectively presented to a subset of the plurality of users based on an identity of a respective user and the security policy of each content item.
    Type: Grant
    Filed: February 16, 2022
    Date of Patent: January 21, 2025
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Thomas Szigeti, Robert E. Barton, Jerome Henry, Brian C. Powell
  • Patent number: 12206675
    Abstract: Systems and methods are described for pre-authentication access request screening. A server computer may receive a request for access to a resource comprising access data. The server computer may transmit, to an authentication computer, an authentication request message comprising at least a subset of the access data and receive an authentication response message comprising authentication data. The server computer may determine an access score based on the authentication data. Alternatively, the server computer may determine the access score based on the access data without using/receiving authorization data. The server computer may generate an access indicator based on the access score. The server computer may prepare and transmit an authorization request message comprising the access indicator to an authorization computer. The authorization computer may approve or decline the access to the resource based on the access indicator.
    Type: Grant
    Filed: January 11, 2024
    Date of Patent: January 21, 2025
    Assignee: Visa International Service Association
    Inventors: Andrew John Bruno Naumann Zu Koenigsbrueck, Ali Chamseddine, Cory Howard Siddens, Benjamin Scott Boding
  • Patent number: 12204630
    Abstract: Disclosed embodiments and aspects thereof pertain to user authentication. An original image can be selected from an electronic device of a user. Computer-generated images can be based on the original image such that the computer-generated images appear similar but are distinguishable such that the user can recognize them as computer-generated. The original image and one or more computer-generated images can be conveyed to a user device for display and selection. The user can be authenticated based on user input identifying the original image.
    Type: Grant
    Filed: December 29, 2022
    Date of Patent: January 21, 2025
    Assignee: Capital One Services, LLC
    Inventors: Joshua Edwards, Michael Mossoba, Tyler Maiman
  • Patent number: 12206667
    Abstract: Provided are computer-implemented methods that may include receiving, via a communication network, a request to perform an online action from a user device; retrieving data associated with a number of times the user device performed the online action within at least one time interval; determining whether a dataset associated with a number of times a plurality of user devices have performed the online action within the at least one time interval is normally distributed; and determining a standard deviation associated with the number of times the user device performed the online action within the at least one time interval in response to determining that the dataset is normally distributed, and performing a control operation associated with the request to conduct the online action based on a threshold of standard deviation. Systems and computer program products are also provided.
    Type: Grant
    Filed: March 25, 2022
    Date of Patent: January 21, 2025
    Assignee: Visa International Service Association
    Inventors: Robert Chifamba, Krishnaram Muthusamy