Management Patents (Class 726/6)
  • Patent number: 10200349
    Abstract: In one embodiment, a computer program product includes a computer readable storage medium having program instructions embodied therewith. The embodied program instructions, in response to being executed by a processing circuit, cause the processing circuit to receive an eye gaze of a source user generated by a source augmented reality or virtual reality device (source AR/VR device) on a receiver AR/VR device and determine gazed content from the eye gaze of the source user using a password key phrase determination feature. The embodied program instructions also cause the processing circuit to generate a symmetric password key utilizing the gazed content according to a set of password determination rules and receive encrypted data from the source AR/VR device on the receiver AR/VR device. Additionally, the embodied program instructions cause the processing circuit to decrypt the encrypted data using the symmetric password on the receiver AR/VR device.
    Type: Grant
    Filed: October 16, 2017
    Date of Patent: February 5, 2019
    Assignee: International Business Machines Corporation
    Inventors: Su Liu, John D. Wilson, Yin Xia
  • Patent number: 10200355
    Abstract: Systems and methods are provided for authenticating a user. The systems and methods include receiving a request to generate a user profile from a device of a user. The systems and methods may determine first information associated with a first entity from the request, and may also determine second information associated with a second entity distinct from the first entity from the request. The systems and methods may access, using system credentials not associated with the user, multiple distinct data sources in a specified order to retrieve additional information. Accessing these multiple distinct data sources may include retrieving a first item of the additional information using the first information, and retrieving a second item of the additional information using the second information. The systems and methods may authenticate the user based on the additional information, and may generate a user profile based in part on the additional information.
    Type: Grant
    Filed: January 27, 2017
    Date of Patent: February 5, 2019
    Assignee: Insurify, Inc.
    Inventors: Todor V. Kiryazov, Steven G. Moseley, Snezhina Zacharia
  • Patent number: 10193874
    Abstract: Provided is a communication system in which a terminal communicates with a server via a portable communication network used for communication between smartphones. The smart phone includes first pre-shared key and encryption keys, the terminal includes a second pre-shared key, the server includes the encryption keys same as the encryption keys included in the smartphone, authentication between the terminal and the smartphone is performed by using the first pre-shared key and the second pre-shared key, and the terminal and the server perform communication via the smartphone by performing key synchronization of the encryption keys while setting a hash value of the encryption keys as an ID.
    Type: Grant
    Filed: November 9, 2016
    Date of Patent: January 29, 2019
    Assignee: NATIONAL INSTITUTE OF INFORMATION AND COMMUNICATIONS TECHNOLOGY
    Inventors: Mikio Fujiwara, Masahide Sasaki
  • Patent number: 10193701
    Abstract: Provided is an information processing apparatus including a physical unclonable function (PUF) to generate a unique key using a process variation in a semiconductor manufacturing process, and an encryption unit to encrypt a password and/or bio-information received from a user using the unique key.
    Type: Grant
    Filed: June 27, 2017
    Date of Patent: January 29, 2019
    Assignee: ICTK Holdings Co., Ltd.
    Inventors: Dong Kyue Kim, Byong Deok Choi, Dong Hyun Kim, Kwang Hyun Jee
  • Patent number: 10181024
    Abstract: The present disclosure discloses a method, a device, and a system for updating authenticating information in the field of Internet technologies. The method comprises: receiving a service processing request containing user information and service object information; extracting according to the user information, first authentication information associated with the service object information from prestored authentication information; authenticating the first authentication information; displaying an information update interface when the first authentication information fails to be authenticated; obtaining second authentication information from the information update interface; replacing the first authentication information with the second authentication information; authenticating the second authentication information; and processing the service processing request if the second authentication information is authenticated.
    Type: Grant
    Filed: May 3, 2016
    Date of Patent: January 15, 2019
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventors: Wenpeng Zhang, Chen Gong, Wenjing Zhang, Yiyong Yang, Jiawei Jiang, Guoguo Liu, Yaqin Guo, Yinbo Song, Mingheng Zhong, Shaobo Liao, Yawei Du, Leilei Li, Lin Huang, Zhiyong Lan, Fumin Zhou, Huashan Li
  • Patent number: 10171508
    Abstract: Certain embodiments provide means for managing automated access to computers, e.g., using SSH user keys and other kinds of trust relationships. Certain embodiments also provide for managing certificates, Kerberos credentials, and cryptographic keys. Certain embodiments provide for remediating legacy SSH key problems and for automating configuration of SSH keys, as well as for continuous monitoring.
    Type: Grant
    Filed: September 27, 2016
    Date of Patent: January 1, 2019
    Assignee: SSH Communications Security OYJ
    Inventor: Tatu J. Ylonen
  • Patent number: 10171852
    Abstract: The present invention presents a method for transmitting a broadcast signal. According to the present invention, the method for transmitting a broadcast signal presents a system capable of supporting a next-generation broadcast service in an environment supporting a next-generation hybrid broadcast using a terrestrial broadcast network and an Internet network. In addition, presented is an efficient signaling method capable of covering both a terrestrial broadcast network and an Internet network in an environment supporting a next-generation hybrid broadcast.
    Type: Grant
    Filed: July 29, 2016
    Date of Patent: January 1, 2019
    Assignee: LG ELECTRONICS INC.
    Inventors: Seungryul Yang, Minsung Kwak, Woosuk Ko, Sungryong Hong, Woosuk Kwon, Kyoungsoo Moon, Jangwon Lee
  • Patent number: 10171479
    Abstract: To prevent legitimate message recipients from forging new messages and to encrypt messages for a specific set of recipients (channel), a root key is encrypted and combined with a base session management key to render a combined root key, which in turn is encrypted with a public key of at least one recipient device to render a session management key. The public key of each of “N” intended recipient device encrypts the combined root key to render “N” session management keys. The session management keys are then combined with the combined root key to render a multicast root key, which is signed with a private key of a sending device. The signed multicast root key is combined with the session management keys to render an encrypted, signed multicast root key that is used to encrypt digital information prior to transmitting the digital information.
    Type: Grant
    Filed: December 12, 2017
    Date of Patent: January 1, 2019
    Assignee: SONY INTERACTIVE ENTERTAINMENT AMERICA LLC
    Inventor: Bryan Cotta
  • Patent number: 10164954
    Abstract: The present invention relates to a method to manage a One Time Password key, referenced OTP key, used in an OTP algorithm in a user device having access to an unsafe storage including the steps of retrieving a Personal Identification Number, named PIN, of a user of the user device, deriving a symmetric key from the PIN, encrypting the OTP key using the derived symmetric key, storing the encrypted OTP key in the unsafe storage, decrypting the OTP key using the derived symmetric key, and generating a next OTP key using an incremental parameter, wherein the start value of the incremental parameter of the OTP key generation is random.
    Type: Grant
    Filed: March 25, 2015
    Date of Patent: December 25, 2018
    Assignee: GEMALTO SA
    Inventors: Martin Lansler, Sébastien Petit, Guillaume Pierquin
  • Patent number: 10165000
    Abstract: Systems and methods for malware attack prevention are provided. The malware attack prevention system features a heuristic module, an analysis environment and an interception module. The heuristic module is configured to (i) receive incoming data from a particular source over a first communication path and (ii) analyze the incoming data to determine whether the incoming data is suspicious, where the suspicious incoming data represents a prescribed likelihood that the incoming data is associated with a malware attack. The analysis environment is configured to analyze the suspicious incoming data to identify whether the suspicious incoming data is associated with a malware attack. Lastly, the interception module is configured to redirect a subsequent flow of data from the particular source to the malware attack prevention system in response to determining, by at least the heuristic module, that the incoming data is suspicious.
    Type: Grant
    Filed: November 24, 2014
    Date of Patent: December 25, 2018
    Assignee: FireEye, Inc.
    Inventors: Ashar Aziz, Wei-Lung Lai, Jayaraman Manni
  • Patent number: 10164976
    Abstract: Disclosed is a method of substituting for authentication of subscriber terminals of a mobile communication network for a third party site in a radio mobile communication system, the method including: obtaining traffic information for each subscriber terminal from the mobile communication network to which the subscriber terminals connect; receiving an authentication request for a first subscriber terminal from the third party site that has received a service request of the first subscriber terminal from the mobile communication network; and authenticating, if an IP address of the first subscriber terminal is one of IP addresses of the subscriber terminals contained in the traffic information, the first subscriber terminal using traffic information of the first subscriber terminal, and providing an authentication result to the third party site.
    Type: Grant
    Filed: December 28, 2012
    Date of Patent: December 25, 2018
    Assignee: Samsung Eelctronics Co., Ltd.
    Inventors: Su-Jin Bae, Young-Ki Jeon
  • Patent number: 10154026
    Abstract: Methods, systems, and computer program products are provided that enable secure remote modification of device credentials using device-generated credentials. A plurality of credentials policies is stored by the user device. The credentials policies are merged to generate a merged credentials policy. An instruction is received by the user device from a trusted service to initiate a device credentials change. A new device credentials is generated on the user device based at least on the merged credentials policy.
    Type: Grant
    Filed: January 22, 2014
    Date of Patent: December 11, 2018
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Justin Alexander Hou, Christopher William Thilgen, Vladimir Holostov, Roy Williams
  • Patent number: 10146931
    Abstract: A computer system includes a management computer for automatically changing a password used to authenticate a user to a service application. A user device includes a password vault managed by a password management application. The management computer monitors for an event signifying that the password is to be changed, e.g., a predetermined number of uses, etc. A new password is assigned, and a first message is generated and sent to the service application including the new password and an indication that it is to be used for subsequent user authentication. A second message is also generated and sent to the password management application, also including the new password and an indication that it replaces a current password in the vault for user authentication. The new password is automatically used by both the service application and the user device during subsequent authentications until expiration.
    Type: Grant
    Filed: March 13, 2015
    Date of Patent: December 4, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Boris Kronrod, Lawrence N. Friedman
  • Patent number: 10146957
    Abstract: Database management and security is implemented in a variety of embodiments. In one such embodiment, data sets containing sensitive data elements are analyzed using aliases representing sensitive data elements. In another embodiment, the sensitive data elements are stored in an encrypted form for use from a secure access, while the alias is available for standard access.
    Type: Grant
    Filed: December 11, 2017
    Date of Patent: December 4, 2018
    Assignee: Verisk Crime Analytics, Inc.
    Inventors: David A. Duhaime, Brad J. Duhaime
  • Patent number: 10142344
    Abstract: System, method and media for managing user credentials by securely caching credentials to access shared, secure resources for subsequent reuse. When a user accesses a shared, secure resource for the first time, the system determines credentials for the user, which are then stored in a file readable only by that user but in a location hidden from that user. On subsequent attempts to access the resource, a system process running on behalf of the user accesses the hidden file to prepopulate the user's credentials so that they need not be re-entered. In this way, stored processes can access the resource with the correct user's credentials without requiring that they be entered every time.
    Type: Grant
    Filed: December 15, 2015
    Date of Patent: November 27, 2018
    Assignee: HRB Innovations, Inc.
    Inventors: Cale Licklider, William F. Vander Lippe
  • Patent number: 10135613
    Abstract: Disclosed is a method for generating a privilege-based key using a computer. In the method, a privilege is received from an application, and verified as being associated with the application. The computer cryptographically generates a second key using a first key and the privilege. The second key is provided to the application.
    Type: Grant
    Filed: January 13, 2012
    Date of Patent: November 20, 2018
    Assignee: QUALCOMM Incorporated
    Inventors: Ivan Hugh McLean, Laurence G. Lundblade, Brian Harold Kelley, Robert G. Walker
  • Patent number: 10136281
    Abstract: A method is performed at an application platform running at a computer server for logging in to an application (App) by an end user, the method comprising: receiving a login request from a server associated with the application; obtaining an App identity (ID) and a key from the login request; verifying the obtained App ID and key with predefined information associated with the application and the terminal; and when the verification succeeds, sending, to the application server, a message including first user account number information of the end user at the application platform. The application server is configured to generate second user account number information of the end user at the application according to the first user account number information and return the second user account number information to the terminal so that the end user can log into the application using the second user account number information.
    Type: Grant
    Filed: August 31, 2017
    Date of Patent: November 20, 2018
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventors: Zhang Chen, Haiyu Liu, Jingfu Chen, Yuanfang Lv
  • Patent number: 10129219
    Abstract: Methods and systems for securing data are provided. For example, one method includes providing context information for an input/output (I/O) operation to a security module by an adapter communicating with a computing device and a storage device via a network; storing encryption parameters associated to a security association handle by the security module; using a workflow handle by the security module to obtain the security association handle for retrieving stored encryption parameters for encrypting payload transmitted by the adapter and for decrypting payload received by the adapter; predicting a first frame header for encrypting the payload transmitted by the adapter and a second frame header for decrypting payload received by the adapter; providing the encrypted payload for transmission to the adapter by the security module, after discarding the first predicted header; and providing the decrypted payload to the computing device by the security module, after discarding the second predicted header.
    Type: Grant
    Filed: May 31, 2016
    Date of Patent: November 13, 2018
    Assignee: Cavium, LLC
    Inventors: Somnath Paul, Bruce A. Klemin, Muralidhar Jammula
  • Patent number: 10111064
    Abstract: A system and method is disclosed for converting smart cell phone applications to applications that operate on basic cell phones. The invention has a classifying process that classifies one or more functions of a cell phone application into those functions capable being performing by a basic cell phone and those functions, missing functions, that can not be performed by a basic cell phone. Substitute functions for the missing functions are developed. An emulator monitors the execution of the cell phone application and provides the substitute cell phone functions at points in the execution where a missing function is to be executed. Therefore, the smart phone application is converted into a basic phone application that can be executed by the basic cell phones with reduced functionality. The invention can run on a smart phone or a server. The invention can also be provided as a server based service for basic cell phone users.
    Type: Grant
    Filed: June 15, 2017
    Date of Patent: October 23, 2018
    Assignee: International Business Machines Corporation
    Inventors: Eric Mibuari, Osamuyimen Stewart, Aisha Walcott-Bryant
  • Patent number: 10104121
    Abstract: Methods and systems are provided for implementing application layer security. According to one embodiment, an application layer packet is received by a network appliance and one or more information fields, selected based on an application type associated with the packet, are used to identify an associated end user. Then, security rules that match the traffic pattern, traffic content and identified end user can be applied to the packet. Identification of end users based on application layer information allows different security rules to be implemented for end users or groups thereof. Application of security rules based on identification of an end user based on application layer information can also facilitate implementation of an application-layer-based single sign-on (SSO) process.
    Type: Grant
    Filed: July 3, 2013
    Date of Patent: October 16, 2018
    Assignee: Fortinet, Inc.
    Inventors: Michael Xie, Wei David Wang, Ihab Khalil
  • Patent number: 10104702
    Abstract: A communication apparatus capable of communicating with an external device via a wireless network, comprises: a transmission unit configured to transmit relevant information regarding data to be transmitted to the external device, before connecting to the wireless network; a reception unit configured to receive a response to the relevant information transmitted; a connection unit configured to connect to the wireless network, in a case where the response is received; a data communication unit configured to establish communication and transmit the data, after the connection unit has connected to the wireless network; a conversion unit configured to convert data; and a specification unit configured to specify relevant information regarding data to be converted, wherein in a case of converting the data to be transmitted, the transmission unit transmits relevant information regarding the data to be converted.
    Type: Grant
    Filed: September 8, 2016
    Date of Patent: October 16, 2018
    Assignee: Canon Kabushiki Kaisha
    Inventor: Jun Matsuda
  • Patent number: 10084602
    Abstract: A working method of a dynamic token, including the steps of grouping, by the dynamic token, the second hash data to obtain a plurality of byte groups, transforming respective byte groups into corresponding binary data by shifting and combining the bytes contained in respective byte groups; performing modulo operation on a first preset value by using sum of all the binary data obtained by transforming to a modulo result, performing modulo operation on a second preset value by using the obtained modulo result so as to obtain the first bit interception result. According to this working method, on the basis of different purpose codes, an authentication server authenticates the dynamic passwords applicable to each application scenarios, reducing the risk of keys used for generating dynamic passwords being stolen, improving the security of a token authentication system.
    Type: Grant
    Filed: January 5, 2015
    Date of Patent: September 25, 2018
    Assignee: Feitian Technologies Co., Ltd.
    Inventors: Zhou Lu, Huazhang Yu
  • Patent number: 10079813
    Abstract: Methods and apparatus are disclosed to provide for security within a network enclave. In one embodiment authentication logic initiates authentication with a central network authority. Packet processing logic receives a key and an identifier from the central network authority. Security protocol logic then establishes a client-server security association through a communication that includes a client identifier and an encrypted portion and/or an authorization signature, wherein a client authorization key allocated by the central network authority can be reproduced by a server, other than said central network authority, from the client identifier and a derivation key provided to the server by the central network authority to decrypt the encrypted portion and/or to validate the communication using the authorization signature.
    Type: Grant
    Filed: March 30, 2016
    Date of Patent: September 18, 2018
    Assignee: Intel Corporation
    Inventors: Karanvir Grewal, Men Long, Prashant Dewan
  • Patent number: 10063644
    Abstract: Disclosed are various embodiments for an instance monitoring service. Instances are associated with alarm conditions indicating a deviation in the operational health of the instance. Upon an alarm condition being satisfied, a remedy operation may be applied to restore the operational health of the instance. A notification system may let customers know of satisfied alarms, and confirm or cancel remedy operations.
    Type: Grant
    Filed: June 13, 2013
    Date of Patent: August 28, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Derek Solomon Pai, Richard Nel-Boland, Brian Dennehy, Mai-Lan Tomsen Bukovec
  • Patent number: 10051404
    Abstract: The present invention relates to a method for the notification of a resource subscription in a machine-to-machine (M2M) system and devices for same, the method comprising the steps of: detecting a change in the resources to subscribe to comprising a subscription resource as a child resource; generating a notification message including a value indicating the event category of the change in accordance with the second attribute information configured in the subscription resource; and determining if a reception device is reachable on the basis of the scheduling information configured in a scheduling resource for an M2M device and the scheduling information configured in a scheduling resource for the reception device, wherein: if the reception device is determined to be reachable on the basis of the scheduling information, the notification message is immediately transmitted to the reception device; and if the reception device is determined to be unreachable on the basis of the scheduling information, the notificat
    Type: Grant
    Filed: September 26, 2014
    Date of Patent: August 14, 2018
    Assignee: LG ELECTRONICS INC.
    Inventors: Heedong Choi, Seungkyu Park, Seongyun Kim, Hongbeom Ahn, Seungmyeong Jeong
  • Patent number: 10033532
    Abstract: A method includes receiving a first biometric data set representative of a first biometric sample provided by a user and public parameters. The method includes generating a first set of exchange information based thereon and communicating it to a system server. The method includes receiving a second set of exchange information based on the public parameters and a second biometric data set representative of a second biometric sample and is symmetric with respect to the first set of exchange information. The method includes computing a session key for the communication session by applying a first hash function based on a hash key to a subset of the second set of exchange information and a second hash function based on a projected key to a subset of the first set of exchange information. The method includes using the session key in communications during the communication session.
    Type: Grant
    Filed: June 20, 2015
    Date of Patent: July 24, 2018
    Assignee: FUJITSU LIMITED
    Inventors: Avradip Mandal, Hart Montgomery, Arnab Roy
  • Patent number: 10021081
    Abstract: A method and apparatus for fine-grained, trust-based rate limiting of network requests distinguishes trusted network traffic from untrusted network traffic at the granularity of an individual user/machine combination, so that network traffic policing measures are readily implemented against untrusted and potentially hostile traffic without compromising service to trusted users. A server establishes a user/client pair as trusted by issuing a trust token to the client when successfully authenticating to the server for the first time. Subsequently, the client provides the trust token at login. At the server, rate policies apportion bandwidth according to type of traffic: network requests that include a valid trust token are granted highest priority. Rate policies further specify bandwidth restrictions imposed for untrusted network traffic.
    Type: Grant
    Filed: February 12, 2010
    Date of Patent: July 10, 2018
    Assignee: FACEBOOK, INC.
    Inventor: Christopher Newell Toomey
  • Patent number: 9985941
    Abstract: An embodiment of the invention may include a method, computer program product and computer system for password management. The embodiment may include a computing device that creates a password inventory. The password inventory may be a list of one or more passwords, where each of the one or more passwords corresponds to a password key. The embodiment may update the password inventory without input from a user. The embodiment may receive a first login request from a first device. The embodiment may transmit information detailing a first password key to the first device, where the first password key corresponds to a first password from the list of one or more passwords. The embodiment may receive information detailing a first entered password from the first device. The embodiment may determine whether the first entered password is identical to the first password from the list of one or more passwords.
    Type: Grant
    Filed: September 8, 2015
    Date of Patent: May 29, 2018
    Assignee: International Business Machines Corporation
    Inventors: Rhonda L. Childress, Itzhack Goldberg, Clifford A. Pickover, Neil Sondhi
  • Patent number: 9985949
    Abstract: Embodiments of the present invention disclose a method, computer program product, and system for authenticating a user. The application server receives a user log in request and determines if a unique identification accompanies the received user log in request. The application server uses the unique identification to authenticate the identity of the user. The application server determines if the unique identification has been previously received by searching a first database to see if the unique identification was already stored in the first database. If the unique identification is not in the first database then the application server stores the unique identification and grants the user access to the one or more applications hosted on the application server.
    Type: Grant
    Filed: January 25, 2016
    Date of Patent: May 29, 2018
    Assignee: International Business Machines Corporation
    Inventor: Stanley K. Jerrard-Dunne
  • Patent number: 9985991
    Abstract: A method and system for password mediation including identifying an HTTP request issued by a client application executing on a client device, the HTTP request indicating an operation to be performed for a user of the client application at a destination system, obtaining user credentials using the HTTP request, requesting security information for the user with respect to the destination system, determining whether the user is allowed to perform the operation based on the security information, and upon determining that the user is allowed to perform the operation, modifying the HTTP request based on the security information and sending the modified HTTP request to the destination system.
    Type: Grant
    Filed: February 26, 2013
    Date of Patent: May 29, 2018
    Assignee: Red Hat, Inc.
    Inventors: Filip Elias, Filip Nguyen
  • Patent number: 9979764
    Abstract: Methods, systems, computer-readable media, and apparatuses for providing secure resources to a native operating system resource are described herein. Using one or more aspects described herein, a mobile device may determine that a native operating system service requests to access content located within a wrapped application. The mobile device may transmit, to the native operating system service, a server path to a loopback web server within the wrapped application to elicit a request from the native operating system service to the loopback web server for the content. In response to receiving a request comprising the server path to the loopback web server to retrieve the content from the loopback web server, the mobile device may instruct the loopback web server to transmit an unencrypted version of the content to the native operating system service.
    Type: Grant
    Filed: April 25, 2017
    Date of Patent: May 22, 2018
    Assignee: Citrix Systems, Inc.
    Inventor: Krishna Kumar
  • Patent number: 9979545
    Abstract: Techniques for accelerated authentication include receiving first data that indicates a first portion of user credentials for a first user but not a second portion. It is verified whether the first portion of user credentials is valid. If the first portion of user credentials is valid, then second data that indicates a valid value for the second portion of user credentials for the first user is sent. Other techniques include receiving first data that indicates a first portion of user credentials for a first user but not a second portion of user credentials for the first user. A first message that indicates the first portion of user credentials is sent to a remote process that initiates authentication of the first user based on the first portion of user credentials before receiving second data that indicates the second portion of user credentials for the first user.
    Type: Grant
    Filed: May 24, 2017
    Date of Patent: May 22, 2018
    Assignee: Nokia Technologies Oy
    Inventors: Yan Fu, Nadarajah Asokan, Ville Aarni
  • Patent number: 9971894
    Abstract: The embodiments herein provide a secure computing resource set identification, evaluation, and management arrangement, employing in various embodiments some or all of the following highly reliable identity related means to establish, register, publish and securely employ user computing arrangement resources in satisfaction of user set target contextual purposes.
    Type: Grant
    Filed: June 20, 2017
    Date of Patent: May 15, 2018
    Assignee: Advanced Elemental Technologies, Inc.
    Inventors: Victor Henry Shear, Peter Robert Williams, Jaisook Rho, Timothy St. John Redmond
  • Patent number: 9961409
    Abstract: There is provided a reception device configured to receive content broadcast via a broadcasting network, the reception device including an application execution unit configured to execute a link application that is able to change a layout of a screen with reference to a video of the received content, and an application control unit configured to control the application execution unit based on application control information relating to the link application so that activation of the link application is restricted.
    Type: Grant
    Filed: April 9, 2013
    Date of Patent: May 1, 2018
    Assignee: SONY CORPORATION
    Inventors: Naohisa Kitazato, Yoshiharu Dewa
  • Patent number: 9948683
    Abstract: This disclosure relates to enforcing restrictions on data collected from a first set of systems and disseminated to a second set of systems. For example, a method for enforcing a set of restrictions includes receiving a first trait and a second trait that include data describing a user that has interacted with an online service. The first trait is labelled with a first usage restriction and the second trait is labelled with a second usage restriction different from the first usage restriction. The method further includes combining the first trait and the second trait into a segment. The segment preserves labelling of the first trait with the first usage restriction and the second trait with the second usage restriction. The method further includes controlling use of the segment based on the first usage restriction and the second usage restriction.
    Type: Grant
    Filed: September 15, 2015
    Date of Patent: April 17, 2018
    Assignee: Adobe Systems Incorporated
    Inventors: David Weinstein, Harleen Sahni, Matthew Donofrio, Edward Schuchardt, Vinay Goel, Rafaat Hossain
  • Patent number: 9935949
    Abstract: Embodiments are provided for mutually authenticating a pair of electronic devices. According to certain aspects, the electronic devices may connect to each other via an out-of-band communication channel. The electronic devices may each output audio signals and detect audio signals output by the other electronic devices. Based on timestamps associated with audio output and detection events, each of the electronic devices may calculate relevant time and distance parameters, and transmit the calculated parameters to the other electronic device via the out-of-band communication channel. The electronic devices may compare the calculated parameters to determine mutual authentication.
    Type: Grant
    Filed: June 20, 2017
    Date of Patent: April 3, 2018
    Assignee: GOOGLE LLC
    Inventors: Michael Daley, Peiter Zatko, Deepak Chandra
  • Patent number: 9935849
    Abstract: An approach for assessing a service offering selected by a user in a networked computing environment (e.g., a cloud computing environment) is provided. In one aspect, a network environment containing the service offering is monitored for a software configuration activity performed by the user. This software configuration activity is analyzed to identify the software application that is being configured. A set of provider-managed service offerings can be searched for any provider-managed service offering that contains an offered application corresponding to that of the software application. This managed service offering can be included in an alternative suggestion for the service offering.
    Type: Grant
    Filed: April 13, 2017
    Date of Patent: April 3, 2018
    Assignee: International Business Machines Corporation
    Inventors: Kelly Abuelsaad, Lisa Seacat DeLuca, Soobaek Jang, Daniel C. Krook
  • Patent number: 9930032
    Abstract: A mechanism is provided for selective password synchronization. An indication is received that a password is to be changed for an account in a plurality of accounts associated with an individual, where the indication includes a new password. Responsive to receiving the indication of the password change, the account is grouped with one or more other accounts in the plurality of accounts thereby forming a first subset of accounts, where grouping the account with the one or more other accounts in the plurality of accounts excludes at least one account in the plurality of accounts thereby forming a second subset of accounts. The new password is propagated to the first subset of accounts according to a first policy. The new password is propagated to a second subset of accounts of the plurality of accounts according to a second policy, where the second policy is different from the first policy.
    Type: Grant
    Filed: January 3, 2017
    Date of Patent: March 27, 2018
    Assignee: International Business Machines Corporation
    Inventors: Brian R. Matthiesen, Britton G. Thrasher
  • Patent number: 9922318
    Abstract: The disclosed embodiments include methods and systems for providing payment token transactions by a mobile device. The mobile device may be operable to obtain a payment token, where the payment token is associated with one or more payment token parameters and the mobile device may be configured to communicate with a financial service provider system over a first network when connectivity to the first network is available to the mobile device. The mobile device may provide the payment token to a contactless payment terminal (CPT) associated with a merchant, during a purchase transaction involving a product provided by the merchant, where the mobile device may communicate the payment token to the CPT over a local network that is different from the first network such that connectivity between the mobile device and the first network is not required.
    Type: Grant
    Filed: January 26, 2015
    Date of Patent: March 20, 2018
    Assignee: Capital One Services, LLC
    Inventors: Lawrence Douglas, Luke A. Hammock
  • Patent number: 9906419
    Abstract: In one embodiment, a method is performed by a computer system comprising physical computer hardware. The method includes discovering a controlling-user network for at least one user. The controlling-user network comprising a plurality of controlling users. The plurality of controlling users each control one or more sites of a content-management system. The method further includes profiling the plurality of controlling users based, at least in part, on information gleaned from sites on the content-management system controlled by the plurality of controlling users. In addition, the method includes exposing the controlling-user network to the at least one controlling user using a result of the profiling.
    Type: Grant
    Filed: February 28, 2014
    Date of Patent: February 27, 2018
    Assignee: Quest Software Inc.
    Inventors: Michel Albert Brisebois, Mikhail Anatolievich Plavskiy
  • Patent number: 9906945
    Abstract: A system that incorporates teachings of the subject disclosure may include, for example, a method for facilitating, at a system including at least one processor, establishment of a communication session with a device coupled to a Universal Integrated Circuit Card (UICC) by way of network equipment of a default Mobile Network Operator (MNO), receiving, at the system, information descriptive of an MNO selection, selecting, at the system, from a database of credentials of a plurality of MNOs first credential information according to the received information, wherein the first credential information is associated with a first MNO of the plurality of MNOs, and transmitting, from the system, the first credential information to the UICC over the communication session by way of the device to cause the UICC to facilitate establishment of communications with network equipment of the first MNO according to the first credential information. Other embodiments are disclosed.
    Type: Grant
    Filed: September 13, 2016
    Date of Patent: February 27, 2018
    Assignee: AT&T Intellectual Property I, L.P.
    Inventor: David Midkiff
  • Patent number: 9906955
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for receiving, from a computer system, a request comprising a phone number, identifying a primary channel and one or more secondary channels based on, at least in part, respective performance data of the primary and secondary channels, sending a first message comprising a first text string via the primary channel to a destination device associated with the phone number, after sending the first message, determining that a conversion event for the message and the primary channel did not occur within a specified time period, and based on the determining, sending a second message comprising the first text string via a particular secondary channel to the destination device.
    Type: Grant
    Filed: December 5, 2016
    Date of Patent: February 27, 2018
    Assignee: NEXMO INC.
    Inventors: Thomas Gilles Michel Soulez, Enrico Musuruana, Paul Harry Cook, Eric Nadalin
  • Patent number: 9893901
    Abstract: A method including: receiving, at a conference unit, a command to establish a conference call between the conference unit and another conference unit, the conference unit being connected to at least one access point and the access point being accessible by a terminal; utilizing, by the conference unit, an internet telephony protocol to setup at least one media line between the conference unit and the other conference unit; establishing at least one data channel that transmits LAN traffic between the conference unit and the other conference unit utilizing the internet telephony protocol; establishing, by the conference unit, a connection with the terminal, the terminal being part of a combined local area network; and receiving, at the conference unit, an input from the terminal via the connection to access the combined local area network.
    Type: Grant
    Filed: May 2, 2016
    Date of Patent: February 13, 2018
    Assignee: Cisco Technology, Inc.
    Inventor: Pal-Erik Martinsen
  • Patent number: 9893894
    Abstract: A user equipment (UE) is configured to send a direct communication request to a peer UE, wherein the direct communication request comprises a signature authenticating an identity of the UE. The UE is configured to process a direct communication response from the peer UE to authenticate an identity of the peer UE, wherein the direct communication response comprises a signature authenticating the identity of the peer UE. In response to processing the direct communication response from the peer UE to authenticate the identity of the peer UE, the UE is configured to engage in direct communication with the peer UE.
    Type: Grant
    Filed: September 23, 2015
    Date of Patent: February 13, 2018
    Assignee: INTEL IP CORPORATION
    Inventors: Alexandre S. Stojanovski, Farid Adrangi
  • Patent number: 9882892
    Abstract: The disclosed embodiments provide a system that enables access to a resource. During operation, the system obtains, from a first service, a request for access to the resource on a second service by a user using the first service. Next, the system provides, in a response to the request, an intent token for accessing the resource by the user to the first service. Upon receiving the intent token from an authorized user on the second service, the system enables access to the resource on the second service for the user on the first service.
    Type: Grant
    Filed: June 18, 2014
    Date of Patent: January 30, 2018
    Assignee: INTUIT INC.
    Inventors: Peter Vogel, Vinod K. Nair, Wing Ming Brigitte Chan, Kishore Jonnalagedda
  • Patent number: 9876991
    Abstract: An intermediate server (104) is operable in a distributed key management system (300). The intermediate server comprises one or more processors (205) and an intermediate key material repository (302) to store digital rights management key material. The intermediate server can be operable in the system between a master server (101) and a local server (106), with the local server to deliver content (108) to one or more subscriber devices (109,110). The intermediate server, or optionally a management system (117) can pre-populate the intermediate key material repository with one or key material (1005) corresponding to fragments (1001) of the content prior to the fragments of content being requested by the one or more subscriber devices.
    Type: Grant
    Filed: February 28, 2014
    Date of Patent: January 23, 2018
    Assignee: Concurrent Computer Corporation
    Inventors: David Leon Ray, James Wesley Bell
  • Patent number: 9876800
    Abstract: A method for associating a web event with a member of a group of users is implemented at a first computing device. The method includes: receiving a data access request from a second computing device; determining whether the user has previously provided personal information and authorization to the first computing device through the second computing device; if the user's personal information and authorization are found: generating a record for the data access request; if the user's personal information is found but the user's authorization is not found: generating a record for the data access request; and if neither of the user's personal information and authorization is found: identifying one or more user identifiers that are associated with the second computing device; and returning personal information associated with the one or more user identifiers to the second computing device.
    Type: Grant
    Filed: March 16, 2015
    Date of Patent: January 23, 2018
    Assignee: Google LLC
    Inventor: Simon Michael Rowe
  • Patent number: 9870071
    Abstract: An apparatus and a method for managing security of a terminal which increases reliability of an electronic signature. The apparatus includes a controller for detecting coordinate values of input positions of an electronic pen as interruption information when the interruption is received, and a memory for storing the detected input positions as additional electronic signature information.
    Type: Grant
    Filed: February 10, 2014
    Date of Patent: January 16, 2018
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Ji-Yoon Park, Jae-Yung Yeo, Seung-Eun Lee, Seong-Min Je
  • Patent number: 9871774
    Abstract: In one embodiment, a system includes a processing circuit and logic integrated with the processing circuit, executable by the processing circuit, or integrated with and executable by the processing circuit. The logic is configured to cause the processing circuit to initiate a password selection session on a source augmented reality or virtual reality device (hereafter the source AR/VR device). The logic is also configured to cause the processing circuit to generate a symmetric password key according to a set of password determination rules. Also, the logic is configured to cause the processing circuit to encrypt data using the symmetric password key prior to sending the encrypted data to a receiver AR/VR device. Moreover, the logic is configured to cause the processing circuit to send the encrypted data from the source AR/VR device to the receiver AR/VR device. The symmetric password key is not exchanged with any other device.
    Type: Grant
    Filed: September 29, 2016
    Date of Patent: January 16, 2018
    Assignee: International Business Machines Corporation
    Inventors: Su Liu, John D. Wilson, Yin Xia
  • Patent number: 9853977
    Abstract: Particular systems, methods, and program products for web-based security systems for user authentication and processing in a distributed computing environment are disclosed. A computing sub-system may receive an electronic processing request and a first signed data packet having a first payload that was hashed and encrypted using a first private key. The first payload may comprise first processing output and a first timestamp. The sub-system may verify the first signed data packet by decrypting it using a first public key. The sub-system may execute computing operations to satisfy the electronic processing request, producing second processing output. The sub-system may configure a data packet with a second payload comprising at least the second processing output and a second timestamp. The sub-system may encrypt the second payload using a second private key producing a second signed data packet. The sub-system may transmit to a second sub-system the second signed data packet.
    Type: Grant
    Filed: January 26, 2016
    Date of Patent: December 26, 2017
    Assignee: WINKLEVOSS IP, LLC
    Inventors: Andrew Laucius, Cem Paya, Eric Winer