Credential Patents (Class 726/5)
-
Patent number: 11647017Abstract: Methods and systems for management of subscriber identities associated with user devices are described herein. The user device may enroll the user device to a server and lock a subscriber identity associated with the device by setting a password on the subscriber identity. If a credential entered by a user is verified, the subscriber identity associated with the device may be unlocked. Alternatively, the user device may retrieve one or more identities associated with the user, the user device and/or the subscriber identity. A server may register the one or more identities with a database. If the user device sends a request to connect to the network, the server may verify the one or more identities retrieved by the user device to determine whether to grant access from the user device to the network.Type: GrantFiled: March 16, 2021Date of Patent: May 9, 2023Inventors: Yuran Ou, Bo Zang, Sai Xu
-
Patent number: 11645297Abstract: Various methods, apparatuses/systems, and media for implementing a smart database driver are disclosed. A receiver receives a request for establishing a connection between an application and a target database. A processor, operatively coupled to the receiver via a communication network, authenticates the application by implementing a java authentication authorization service (jaas). Authentication of the application is performed at runtime with connection properties and configuration details provided via system properties or environment variables. The processor also generates a database connection uniform resource locator (URL), validates the URL; and establishes a connection between the application and the target database based on the validation of the URL and successful authentication of the application.Type: GrantFiled: March 3, 2021Date of Patent: May 9, 2023Assignee: JPMORGAN CHASE BANK, N.A.Inventors: Kumar Rao Krishnagi, Matthew J Porter, Nalini S Boda, Vijay Kumar Perla, Laxman Dongisharapu, Srikanth Malireddy
-
Patent number: 11640600Abstract: A device may receive, from a contactless card, a uniform resource locator (URL) and encrypted data. The device may download a first application from an application server based on the URL. The device may download and execute the first application. The first application may receive the encrypted data.Type: GrantFiled: March 3, 2022Date of Patent: May 2, 2023Assignee: Capital One Services, LLCInventors: Jeffrey Rule, Wayne Lutz, Paul Moreton
-
Patent number: 11637829Abstract: Systems, methods, and media for authentication are provided. In accordance with some implementations, the system comprises: a hardware processor that is programmed to: receive, from a device, a message relating to an authentication status of a user account associated with the device; transmit an authentication request to the device that is transmitted to an authentication server; receive, from the device, a response to the authentication request that includes authentication data relating to a session corresponding to the user account on the authentication server; cause an interface to be presented that requests authorization to authenticate the device with the authentication server using the user account; and transmit the authentication data to the device that causes the device to retrieve a corresponding authentication token from the authentication server, wherein the corresponding authentication token authenticates the user account on the device.Type: GrantFiled: October 25, 2021Date of Patent: April 25, 2023Assignee: Google LLCInventors: Jun Li, Alexander Taboriskiy
-
Patent number: 11637801Abstract: The present embodiments relate to identifying a user on an external platform as a client of an entity and managing interactions with the user. An input provided by the user on an external platform can be parsed to derive user-specific social media data for the user. The user-specific social media data can be compared with client information maintained in a client database and a harvested social media database to identify the user as a client. A verification message can be sent to the user via a messaging application of the external platform to receive semi-private client data and verify the identity of the user. A response can be generated for the user based on client information. The response to the user can include a link to a secure messaging application to enable secure data communication between the user and the client.Type: GrantFiled: June 30, 2020Date of Patent: April 25, 2023Assignee: United Services Automobile Association (USAA)Inventors: Shanna Ruth Limas, Natalya Lohinova Jeffords
-
Patent number: 11637888Abstract: This disclosure is directed to embodiments of systems and methods for containerizing files and managing policy data applied to the resulting containers. In some of the disclosed embodiments, a computing system determines that a file stored in storage medium is to be included in a container to be sent to at least one computing component associated with a device including a user interface. The computing system determines that the file is of a particular type and also determines code that can be used to access files of the particular type. The computing system combines the file and the code into the container such that container is configured to be executed by the at least one computing component so as to cause content of the file to be presented by the user interface. The computing system then sends the container to the at least one computing component.Type: GrantFiled: August 19, 2021Date of Patent: April 25, 2023Inventors: Nandikotkur Achyuth, Satish Vanahalli, Arnav Akhoury
-
Patent number: 11637825Abstract: A first user device can transmit an interaction request to a remote computer via a long range communication channel. The first user device can receive an authentication request message from the remote computer and can then transmit the authentication request message to a second user device via a short range communication channel. The first user device can then receive an authentication response message comprising a response value from the second user device via the short range communication channel. The first user device can then transmit the authentication response message to the remote computer causing the remote computer to verify the response value and perform further processing if the response value is verified.Type: GrantFiled: January 11, 2019Date of Patent: April 25, 2023Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventor: Wilson Thampi
-
Patent number: 11630682Abstract: A computing system includes a virtual server to provide a virtual computing session, and a client device to access the virtual computing session via a communications network. The virtual computing session includes a remote browser, and the client device includes a local browser to access user credential information. The remote browser is used to navigate to a website requiring user authentication, receive a user credential challenge from the website, and request the user credential information from the client device to satisfy the user credential challenge. The client device provides the user credential information to the remote browser for user authentication via the local browser, so as to satisfy the user credential challenge of the website.Type: GrantFiled: April 10, 2020Date of Patent: April 18, 2023Inventors: Balasubramanian Swaminathan, Kireeti Valicherla, Sam Arun Seeniraj
-
Patent number: 11632710Abstract: In some examples, a headless device that is without an available user interface and that is to be provisioned for access to a network receives information relating to provisioning of the headless device from a network node. The headless device sends, to a mediator device with a user interface, at least a portion of the received information. The headless device receives, from the mediator device, information to proceed with the provisioning of the headless device.Type: GrantFiled: March 2, 2016Date of Patent: April 18, 2023Assignee: BlackBerry LimitedInventors: Stephen McCann, Michael Peter Montemurro, James Randolph Winter Lepp
-
Patent number: 11630908Abstract: Secure access to data within a communications platform is provided on a need-to-know basis. Inputs provided at the communication platform are intercepted and cognitively analyzed to determine context of the interaction and related data requirements. In response, data access rules are generated and/or retrieved and applied at an access gateway. As data requests as received from the called party from within the communications platform, the data access rules are applied to the request to determine if a match exists and, if so, data access rules-based access is provided to the data. In response to determining the context of the interaction, a context access token is generated and communicated to a virtual database assembler, which assembles a virtual database that only contains data responsive to the context of the interaction.Type: GrantFiled: July 17, 2020Date of Patent: April 18, 2023Assignee: BANK OF AMERICA CORPORATIONInventor: Vijay Kumar Yarabolu
-
Patent number: 11625473Abstract: A method and apparatus with selective combined authentication performs a single authentication based on a first modality among plural modalities, and in response to the single authentication having failed, determines whether to perform a combined authentication by a combination of two or more of the plural modalities, and selectively, depending on a result of the determining of whether to perform the combined authentication, performs the combined authentication.Type: GrantFiled: February 7, 2019Date of Patent: April 11, 2023Assignee: Samsung Electronics Co., Ltd.Inventors: Jihye Kim, Seungju Han, Jaejoon Han, Minsu Ko, SungUn Park, Chang Kyu Choi
-
Patent number: 11620368Abstract: A system, method and one or more wireless earpieces for authenticating utilization of one or more wireless earpieces. A request is received through the one or more wireless earpieces. Biometric readings are performed for a user utilizing sensors of the one or more wireless earpieces. The biometric readings are analyzed to determine whether a biometric profile authorizes the one or more wireless earpieces to fulfill the request. The request is authenticated in response to determining the biometric profile authorizes fulfillment of the request.Type: GrantFiled: April 5, 2021Date of Patent: April 4, 2023Assignee: BRAGI GMBHInventor: Peter Vincent Boesen
-
Patent number: 11621838Abstract: An information processing device includes a key generation portion that generates a first key associated with an electronic device when a processing request for the electronic device is received, a key transmission portion that transmits the first key to a request source of the processing request, a connection controller that when a second key is received from the request source, connects to the electronic device associated with the first key corresponding to the received second key, and a response notification portion that notifies the request source of response data from the electronic device when the response data is received from the electronic device, the response data including screen data used for controlling the electronic device.Type: GrantFiled: March 8, 2022Date of Patent: April 4, 2023Assignee: Seiko Epson CorporationInventors: Hiroshi Kaiho, Kaoru Takemae, Hiroshi Tatebe, Fuminori Hanaoka
-
Patent number: 11615423Abstract: A system for automatic authentication of service requests includes authentication of a remote access device. This authentication may be accomplished automatically prior to text or audio communication between a customer and a service agent. In some embodiments, authentication is accomplished automatically by authentication of the remote access device or accomplished by asking the customer questions. A single authentication of the remote access device may be used to authenticate a service request transferred between service agents. The authentication of the remote device may include, for example, use of a personal identification number, a fingerprint, a photograph, and/or a hardware identifier. Some embodiments include an intelligent pipeline configured for managing queues of customer service requests.Type: GrantFiled: April 28, 2021Date of Patent: March 28, 2023Assignee: UJET Inc.Inventors: Hisun Kim, Anand Janefalkar
-
Patent number: 11609730Abstract: According to at least one embodiment, an image processing device includes a monitor, a communication interface, and a processor. The monitor is configured to display a login for logging in to a first information processing device. The communication interface is configured to communicate data with a second information processing device. The processor is configured to transmit a request for an authentication code from the first information processing device to the second information processing device via the communication interface and receive a response from the second information processing device via the communication interface. The response includes the authentication code.Type: GrantFiled: September 21, 2021Date of Patent: March 21, 2023Assignee: TOSHIBA TEC KABUSHIKI KAISHAInventor: Takahiro Sasaki
-
Patent number: 11610011Abstract: It is often necessary to securely transfer data, such as authenticators or authorization tokens, between programs running on the same end-user device. The teachings hereof enable the pairing of two programs executing on a given end-user device and then the transfer of data from one program to the other. In an embodiment, a first program connects to a server and sends encrypted data elements. A second program intercepts the connection and/or the encrypted data elements. The second program tunnels the encrypted data elements (which remain opaque to the second program at this point) to a server, using an encapsulating protocol. This enables the server to receive the data elements sent by the first program, decrypt them, and provide them to the second program via return message using control fields of the encapsulating protocol. Once set up, the tunneling arrangement enables bidirectional data transfer.Type: GrantFiled: January 29, 2021Date of Patent: March 21, 2023Assignee: Akamai Technologies, Inc.Inventors: David Tang, Charles E. Gero, Cameron Ross
-
Patent number: 11606681Abstract: A navigation method for evacuation in an emergency state includes creating a visualized map image based on an outdoor space and at least one indoor space in an area. A plurality of indoor locators and a plurality of outdoor locators are used to locate a personal mobile device held by a person. The personal mobile device is located when a controlled event, such as a gunshot event or a fire event, occurs. An augmented reality image is used to guide the person to an emergency refuge area. A visualized mag image is used to provide the person with information containing the location of the personal mobile device, the controlled event location, the emergency refuge area, and an evacuation route, thereby assisting the person in rapidly and easily moving away from the controlled event location.Type: GrantFiled: May 18, 2021Date of Patent: March 14, 2023Inventor: I-Ting Shen
-
Patent number: 11606374Abstract: A client device accesses content and performs actions at a remote application server via a user-agent application. The application server directs the user-agent application to a security verification system to retrieve and perform security tests. The security verification system receives information from the user-agent application describing characteristics of the user-agent application, and the security verification system selects a set of security tests to be performed by a security module executing in the user-agent application to verify that the user-agent application is accessing the application server consistent with the described user-agent application. The security verification system compares a set of test results with other user-agent applications and provides a token to the user-agent application to access the application server. The security module may also monitor and actions on the user-agent application to permit the security verification system to revise or revoke the token.Type: GrantFiled: May 28, 2020Date of Patent: March 14, 2023Assignee: PERIMETERX, INC.Inventors: Ido Safruti, Omri Iluz
-
Patent number: 11601414Abstract: Disclosed are various approaches for retrieving contacts from a plurality of federated services. In one example, an authentication notification is received from an identity manager. The authentication notification can include an identifier for a user account and a single sign-on token for the user account. A federated service to authenticate on behalf of the user account is identified. The single sign-on token is transmitted to the federated service for authentication. An authentication token and a refresh token are received from the federated service. The authentication token is determined to expire within a threshold time period. A determination is made that the refresh token has not expired. The refresh token is transmitted to the federated service for a replacement authentication token.Type: GrantFiled: September 8, 2021Date of Patent: March 7, 2023Assignee: VMware, Inc.Inventors: William Christian Pinner, David Shaw, Evan Hurst
-
Patent number: 11599424Abstract: Embodiments of the present disclosure are directed to dynamic shadow operations configured to dynamically shadow data-plane resources in a network device. In some embodiments, the dynamic resource shadow operations are used to locally maintain a shadow copy of data plane resources to avoid having to read them through a bus interconnect. In other embodiments, the dynamic shadow framework is used to provide memory protection for hardware resources against SEU failures. The dynamic shadow framework may operate in conjunction with adaptive memory scrubbing operations. In other embodiments, the dynamic shadow infrastructure is used to facilitate fast boot-up and fast upgrade operations.Type: GrantFiled: August 15, 2019Date of Patent: March 7, 2023Assignee: Cisco Technology, Inc.Inventors: Riaz Khan, Peter Geoffrey Jones
-
Patent number: 11599607Abstract: An authentication method for a telecommunications system comprising a computer network and a telephone network that includes receiving, at an Authentication System across the computer network, data indicative of an authentication request. The request is typically made by a provider in connection with a user (e.g. by a provider to obtain authentication from a user as the result of an authentication trigger detected by a provider system). A telephone call is establishing by the telephone network between the Authentication System and a telephone device with a telephone number associated with the user. A PIN is received from the user at the Authentication System during the telephone call. It is then determined if the received PIN is valid. The authentication request is authenticated if the PIN is determined to be valid.Type: GrantFiled: September 28, 2017Date of Patent: March 7, 2023Inventor: Arnold Albert Wilson
-
Patent number: 11595397Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for extending application access across devices. In some implementations, an electronic device receives a request to provide access to the electronic device to a particular user that is not registered as a user of the electronic device. The electronic device receives authentication credentials for the particular user. The electronic device provides the authentication credentials to a server system and receives data from the server system that (i) indicates that the providing access to the electronic device in a guest mode is authorized, and (ii) indicates a state of an instance of an application installed on a second device. The electronic device provides access to the electronic device in the guest mode that provides an interface that at least partially recreates the state of the instance of the application installed on the second device.Type: GrantFiled: February 22, 2018Date of Patent: February 28, 2023Assignee: Google LLCInventors: Victor Carbune, Sandro Feuz
-
Patent number: 11586602Abstract: An apparatus includes a processor and a non-transitory computer-readable medium storing instructions that, when executed by the processor, cause the processor to perform operations including receiving a request for object identifiers, the request associated with a unique session, sending an object identifier, the object identifier associated with an object from a list of objects each having a corresponding object identifier, receiving a request for data, the request referencing the object identifier and a data value associated with the object, performing an in-memory retrieval for the data value associated with the object identifier, and transmitting the data value.Type: GrantFiled: December 4, 2019Date of Patent: February 21, 2023Assignee: CBOE EXCHANGE, INC.Inventors: Andrei Burtsev, Vitaliy Gutarin, Oleksandr Bozhenko
-
Patent number: 11588803Abstract: Systems, methods, and apparatuses for implementing super community and community sidechains with consent management for distributed ledger technologies in a cloud based computing environment are described herein.Type: GrantFiled: January 25, 2021Date of Patent: February 21, 2023Assignee: salesforce.com, inc.Inventors: Prithvi Krishnan Padmanabhan, Sriram Gopalan, Venkata Sarath Maddali, Darpan Dhamija, Jyoti Raj
-
Patent number: 11587065Abstract: A method may include generating, by a computing device, a first dynamic QR code comprising a plurality of QR code frames, each QR code frame transmitted at a first frequency, the plurality of QR code frames comprising non-viable QR code frame(s) and at least one viable QR code frame. The method may include displaying, by the computing device, the first dynamic QR code, the at least one viable QR code frame displayed at a first time. The method may include transmitting, by the computing device, a first pulse to a user device. The method may include capturing, by the user device at the first time and in response to receiving the first pulse, the at least one viable QR code frame. The method may include generating and displaying, by the user device, a second dynamic QR code, causing the computing device to complete a requested transaction.Type: GrantFiled: April 27, 2022Date of Patent: February 21, 2023Assignee: CAPITAL ONE SERVICES, LLCInventor: David Kelly Wurmfeld
-
Patent number: 11588840Abstract: Communication security is an ongoing problem. Over time, various protocols have been used and then replaced due to insufficient protection. For example, some client/server web communication used to rely on Secure Socket Layers (SSL) to protect communication, but was replaced with a more secure Transport Layer Security (TLS) protocol. TLS itself has undergone several revisions, and TLS 1.0 is now considered not secure. TLS and other protocols provide backwards compatibility, so while a higher security level is desired, communication may fallback to an undesirable level, e.g., TLS 1.0, if required by either communication endpoint. An intermediary to communication with an organization may capture data to facilitate analyzing it to determine what caused a fallback, and to decide if and how to remediate it. Remediation may vary depending on, for example, whether the cause was from within the organization, or external, such as from a client.Type: GrantFiled: January 31, 2020Date of Patent: February 21, 2023Assignee: SALESFORCE, INC.Inventor: Ramesh Ramani
-
Patent number: 11588878Abstract: A portable remote support device comprises a processing unit, a network communication unit configured to communicate with a cloud service, a video capturing unit, at least one video input port and at least one output port. The processing unit is configured to communicate video signals received via the video input port to the cloud service via the network communication unit, and to emulate pointing device signals and/or keyboard signals received via the network communication unit on said at least one output port. The portable remote support device is configured to obtain unique secure tokens.Type: GrantFiled: March 26, 2019Date of Patent: February 21, 2023Assignee: BIFROSTCONNECT APSInventor: Benjamin Stanfeld
-
Patent number: 11582216Abstract: Disclosed herein are systems and methods for determining learned associations between authentication credentials and network contextual data, such as may be utilized in a network that supports network roving. A mobile device attempts to rove to a visited network using authentication credentials associated with another network, based at least in part on first contextual information associated with the other network and second contextual information associated with the visited network indicating that the visited network is part of a common association of networks that supports roving internetworking between the networks of the common association.Type: GrantFiled: May 24, 2018Date of Patent: February 14, 2023Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Guillaume Bailey, Kshitij Mahendru, Jun Wu, Vlado Zaric
-
Patent number: 11582239Abstract: A method and processing system for managing user access to one or more resources is disclosed. A central service may receive an access change request message regarding a user. The access change request message may include a user identifier, a user role, and an access action for the user. Example access actions may include adding or removing user access with respect to a resource. The central service may determine which resources are associated with the user role and transmit one or more event messages to the resources to implement the access actions. The resources may send acknowledgement messages to the central service to confirm that the access actions have been completed.Type: GrantFiled: October 31, 2019Date of Patent: February 14, 2023Assignee: Intuit Inc.Inventors: David Andrew Kemme, Thomas Fields Hash, Bernard Samuel Diwakar, Hrushikesh Gudala, Supreetha Kashyap
-
Patent number: 11579666Abstract: A control method for controlling terminal state switching includes a terminal obtaining first data of the terminal and second data from a wearable device that is bound to the terminal when receiving an unlocking instruction in a lock screen state. If the first data and the second data meet a preset condition, the terminal performs the operation of unlocking.Type: GrantFiled: May 10, 2021Date of Patent: February 14, 2023Assignee: HONOR DEVICE CO., LTD.Inventors: Baicai Wang, Quancheng Han, Guoqiao Chen, Qiuyang Wei
-
Patent number: 11574078Abstract: Methods, systems, and devices for data processing are described. According to the techniques described herein, an application server may be used for real-time provisioning for features for a user. The application server may validate requests from the user for feature activation or deactivation and after validation, may communicate with a provisioning server, which may be non-local to the user or the application server, to indicate validation and activation or deactivation of a feature for the user.Type: GrantFiled: February 24, 2021Date of Patent: February 7, 2023Assignee: Salesforce, Inc.Inventors: Jimmy Hua, Gang Shu, Chong Pang, Nidhi Baheti, Liuxizi Xu, Barkkarn Aravinda Arasakutti Vetrivelu, Jaisudha Gunasekaran, Sai Prashanth Lakshminaraayana, Ravi L Honakere, Bijoy Sarkar, Frédéric Voituret
-
Patent number: 11570159Abstract: A method is provided for remotely and securely accessing a modem is provided that uses an encrypted authentication token with a modem password. The method includes receiving an encrypted authentication token from the modem, the authentication token having a modem password stored in secure memory and being encrypted according to a public key, transmitting the encrypted authentication token to an authentication server. receiving a decrypted authentication token from the authentication server, the decrypted authentication token comprising the modem password, generating an authentication key and a privacy key from the modem password, configuring modem interfaces at least in part using the authentication token, the modem interfaces including a network management protocol interface and communicating with the modem using the network management protocol interface according to at least one of the generated authentication key and the privacy key.Type: GrantFiled: June 26, 2020Date of Patent: January 31, 2023Assignee: ARRIS Enterprises LLCInventor: Ali Negahdar
-
Patent number: 11568073Abstract: Examples of systems described herein include a file server virtual machine of a virtualized file server configured to manage storage of a plurality of storage items. The file server virtual machine including a file system configured to receive an access request directed to a storage item of the plurality of storage items and associated with a user. The file system is further configured to retrieve an access control list having permissions information associated with the storage item, and to cache a permissions profile for the user including all permissions pertaining to the user for the storage item. The file system is further configured to determine whether the access request is permissible based on the cached permissions profile.Type: GrantFiled: December 1, 2017Date of Patent: January 31, 2023Assignee: Nutanix, Inc.Inventors: Saji Kumar Vijaya Kumari Rajendran Nair, Hemanth Kumar Thummala, Veerraju Tammineedi, Shyamsunder Prayagchand Rathi, Manoj Naik, Manish Gupta, Durga Mahesh Arikatla, Gaurav Kumar
-
Patent number: 11567647Abstract: A method for creating a customized and redacted credit report may include transmitting a user request to generate a customized credit report, receiving a copy of a stored credit report, analyzing the copy of the stored credit report, displaying one or more information fields and one or more selectable user interface elements, transmitting a credit report redaction list, and receiving a customized credit report. A user device for configuring a customized credit report may include a processor, a display in communication with the processor, and a non-transitory memory storing instructions that, when executed by the processor, cause the processor to perform processing including transmitting a user request to generate a customized credit report, displaying one or more information fields and one or more selectable user interface elements, transmitting a credit report redaction list, and receiving a shareable credit report link associated with a customized credit report.Type: GrantFiled: November 18, 2019Date of Patent: January 31, 2023Assignee: Capital One Services, LLCInventors: Abdelkader M'Hamed Benkreira, Joshua Edwards, William F. Carroll, II, Michael Mossoba
-
Patent number: 11558420Abstract: Techniques and systems for detecting malicious activity within a network are provided herein. A method for detecting malicious activity within a network may include receiving, by a network-based authentication system, a network transaction. The network-based authentication system may identify a first attribute of the network transaction. The method may also include selecting, by the network-based authentication system, a first learning statistical model and a second learning statistical model from a plurality of models for handling the network transaction. Each of the first learning statistical model and the second learning statistical model may create a likelihood that the network transaction is authentic. The first learning statistical model may calculate a first score and the second learning statistical score may calculate a second score. Based on a comparison of the first score to a first threshold and the second score to a second threshold, the network transaction may be authenticated.Type: GrantFiled: July 14, 2020Date of Patent: January 17, 2023Assignee: The Western Union CompanyInventors: Noel Brandt, Robert Enzaldo, Charles Champion, Brent Lemieux
-
Patent number: 11558338Abstract: A system and method allows users of a social network system to view different types of information based on rights and privileges associated with the information and attributes and characteristics of each user.Type: GrantFiled: August 28, 2017Date of Patent: January 17, 2023Assignee: Charles Schwab & Co., Inc.Inventors: Kenneth M. Bravmann, Benjamin N. Mattias, Jeffrey M. Weaver, Sandeep Reddy Chelamacherla Anand, John Murphy, Charles E. Gotlieb
-
Patent number: 11553342Abstract: A method for mitigating a 5G roaming attack using a security edge protection proxy (SEPP), includes receiving, at an SEPP, user equipment (UE) registration messages for outbound roaming subscribers. The method further includes creating, in a SEPP security database, UE roaming registration records derived from UE registration messages. The method further includes receiving, at the SEPP, a packet data unit (PDU) session establishment request message. The method further includes performing, using at least one parameter value extracted from the PDU session establishment request message, a lookup in the SEPP security database for a UE roaming registration record. The method further includes determining, by the SEPP and based on results of the lookup, whether to allow or reject the PDU session establishment request message.Type: GrantFiled: July 14, 2020Date of Patent: January 10, 2023Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Shashikiran Bhalachandra Mahalank, Jay Rajput
-
Patent number: 11552948Abstract: An agent of a domain management intermediary service obtains a security key using a client credential indicated in a request for a read-write domain management operation. A registry credential is obtained using the security key, and the read-write domain administration operation is initiated using the registry credential. A separate read-only agent obtains the completion status of the read-write domain administration operation and provides the status to the client.Type: GrantFiled: March 26, 2020Date of Patent: January 10, 2023Assignee: Amazon Technologies, Inc.Inventors: Alec H Peterson, Dana B Northcott, Gregory M. DiBiase, Jon Heath Dixon, Jan Svab, Rasam Hafezi, Sean Meckley, Sairam Suresh
-
Patent number: 11544373Abstract: A method and system for application security. The methods and systems of the present disclosure improve application security and may be used to secure a host application and operating system from malicious fast applications. A request to access resources of the computing device is received from an application adapter of a fast application operating within a host application on the computing device. In response to a determination that the request is associated with resources included in a permission list of the fast application, the unique user identifier (UID) of the application adapter to the UID of the host application is translated by the operating system, which determines whether to allow the request based on the UID of the host application. Otherwise, the operating system determines whether to allow the request based on the UID of the application adapter.Type: GrantFiled: December 18, 2020Date of Patent: January 3, 2023Assignee: Huawei Technologies Co., Ltd.Inventors: Zhijun Mo, Yin Tan, Mikhail Kazaev
-
Patent number: 11539695Abstract: A client node (CN) requests content from an access node (AN). Rule set ACR_CN is provided to CN and AN and ACR_AN is used by AN. A request sent by CN in violation of ACR_CN may be blocked and cause AN to block subsequent requests from CN that would be allowed per ACR_CN. A request blocked according to ACR_AN but not ACR_CN is blocked but subsequent requests may still be allowed according to ACR_CN and ACR_AN. Authenticated distribution of the ACR_CN and ACR_AN may be performed in cooperation with a controller using authenticated tokens (AT).Type: GrantFiled: November 25, 2020Date of Patent: December 27, 2022Assignee: Twingate, Inc.Inventors: Lior Rozner, Alexander William Marshall, Eran Moshe Kampf, Dmitry Adamushka, Dzianis Vashchuk, Eugene Lapidous
-
Patent number: 11539756Abstract: A switch device is provided. The switch device includes a switch and a one-way link circuit, wherein the switch including a first port, a second port, and a third port. The third port coupled to the second port via a first path and coupled to the first port via a second path. An input terminal of the one-way link circuit is coupled to the first port.Type: GrantFiled: January 14, 2021Date of Patent: December 27, 2022Assignee: BlackBear (Taiwan) Industrial Networking Security Ltd.Inventors: Yuan Chen Chan, Po-Chih Hsu
-
Patent number: 11539690Abstract: An application server of an authentication system includes a requesting part that makes a request for possession authentication which is authentication using an authenticator, when the requesting part receives a request for authentication of a user from a terminal, a verifying part that receives an authentication result of the possession authentication and information for verification from the authentication server, and verifies the validity of the authentication server on the basis of the received information for verification, and a providing part that provides a function related to the application to the terminal if the verifying part verifies that the authentication server is valid. The authentication server of the authentication system includes a possession authentication part and a result transmission part that transmits the authentication result of the possession authentication and the information for verification to the application server.Type: GrantFiled: December 14, 2020Date of Patent: December 27, 2022Assignee: Capy Japan Inc.Inventors: Kazuhiro Nakagawa, Takanobu Watanabe, Mitsuo Okada
-
Patent number: 11533312Abstract: The present disclosure envisages enforcing micro-segmentation policies on a user computer that intermittently migrates between a secured enterprise network and an unsecured network, for instance, a public network. The present disclosure envisages switching between appropriate micro-segmentation policies, in-line with the change in the current location of the user device, the change triggered by the user device migrating from the enterprise network to an unsecured network or vice-versa.Type: GrantFiled: July 10, 2019Date of Patent: December 20, 2022Inventors: Jayaraghavendran Kuppannan, Deepak Kushwaha, Mahesh Raghuvir Bhat, Arun Koshal, Vishal Sharma, Sagar Singha
-
Patent number: 11531741Abstract: Systems, methods and apparatus are provided for altering a static password between entry and authentication using a dynamic logic. A client application may receive entry of a user password and record an amount of pressure associated with the entry. The client application may dynamically select a virtual contact surface material and generate audio files corresponding to writing or typing the password characters on the selected surface material with the recorded amount of pressure. The client application may compress the audio files by embedding them within the same digital space according to a time-based logic. The dynamic password files may be routed to a central server. Data packet fragmentation may further improve security during transmission. The central server may reconstruct the password for authentication using the time-based logic.Type: GrantFiled: January 1, 2021Date of Patent: December 20, 2022Assignee: Bank of America CorporationInventors: Gaurav Bansal, Shekhar Singh Mehra
-
Patent number: 11528274Abstract: Systems and methods for accountless device control are disclosed. For example, a smart device may be acquired and plugged in for use. The smart device may gain network connectivity and a system associated with the smart device may request enablement of an application for use with the smart device from another system, such as a system associated with a voice-enabled device. The other system may generate and send user identifier data, and the system associated with the smart device may generate a shadow account in association with the user identifier data. The application may be enabled in association with the shadow account, and access credentials may be exchanged to securely send and receive information associated with operation of the access device.Type: GrantFiled: September 20, 2019Date of Patent: December 13, 2022Assignee: Amazon Technologies, Inc.Inventors: Venkatesh Krishnamoorthy, Pavan Kumar Kothagorla, Antony Issakov
-
Patent number: 11528593Abstract: In a 4G LTE wireless carrier network, network slice instances are instantiated that are configured to provide a configured set of services that are accessible to a controlled set of user devices. A service profile for a user device is identified and analyzed. When the service profile matches a configured set of services for one of the instantiated network slice instances, the user device is enabled to access the matching instantiated network instance. The provisioning of the network slice instances is performed by a dedicated node.Type: GrantFiled: March 23, 2020Date of Patent: December 13, 2022Assignee: T-Mobile USA, Inc.Inventors: Ahmad Arash Obaidi, Christopher Joul, Jean-Luc Bouthemy
-
Patent number: 11516220Abstract: This disclosure is directed to devices, systems, and techniques for enforcing access to resources within a computer network. In some examples, a system includes a network managed by a service provider and configured to provide a plurality of microservices to a plurality of tenants each having one or more users and a controller having access to the network. The controller is configured to output, to a user interface, data indicative of a plurality of capabilities for presentation by the user interface and receive, from the user interface, data indicative of a user selection of a set of capabilities and a user selection of a new role identifier. The controller is further configured to create, based on the set of capabilities and the role identifier, a role which enables access to a set of actions within a computer network, the set of actions corresponding to the set of capabilities.Type: GrantFiled: December 28, 2018Date of Patent: November 29, 2022Assignee: JUNIPER NETWORKS, INC.Inventors: Gurminder Singh, Pei-Yu Yang, Rong Xie
-
Patent number: 11509693Abstract: A customer of a resource allocation service can register a function to be executed using virtual resources, where the function includes customer code to be executed. Customer events are defined as triggers for a registered function, and a resource instance is allocated to execute the registered function when triggering event is detected. An identity role associated with the triggering function is used to obtain access credentials for any data source which a triggering event might require for processing. An event-specific access credential is generated that provides a subset of these access privileges using a template policy for the registered function that is filled with values specific to the triggering event. The filled template policy and base credential are used to generate an event-specific credential valid only for access needed for the event. This event-specific credential can be passed with the event data for processing by an allocated instance.Type: GrantFiled: March 27, 2020Date of Patent: November 22, 2022Assignee: Amazon Technologies, Inc.Inventor: Nima Sharifi Mehr
-
Patent number: 11509976Abstract: A modification of a sensor data management system to enable discrete sensor applications. A sensor data control system enables discrete sensor applications to control the configuration, collection, processing, and distribution of sensor data produced by selected sensors at various monitored locations. The sensor service offered by the sensor data control system can be leveraged by any sensor application having an interest in any part of one or more monitored locations.Type: GrantFiled: March 1, 2021Date of Patent: November 22, 2022Assignee: Senseware, Inc.Inventors: Julien G. Stamatakis, Serene Al-Momen
-
Patent number: 11509660Abstract: A subscriber information authentication system that compares network-obtained and device-obtained information to verify that a device being used in connection with a user account is authenticated for that account. Certain subscriber information may be associated with the account during a registration process. In subsequent attempts to access the account, the registered subscriber information may be used in conjunction with information obtained from a telecommunication network and from a device to verify that the device is authorized. The information from the telecommunication network may be queried using Signaling System No. 7 (“SS7”) protocols. The device authorization may be performed, for example, to ensure that a device being used for device-based verification is the device a user purports it to be.Type: GrantFiled: July 22, 2019Date of Patent: November 22, 2022Assignee: Telesign CorporationInventor: Stacy Lyn Stubblefield