Management Patents (Class 726/6)
  • Patent number: 9336372
    Abstract: A method, apparatus and system for securely managing account information are disclosed. In some embodiments, the method is performed at a computer system having one or more processors and memory for storing programs to be executed by the one or more processors. The method includes receiving a request associated with an account. The request includes location verification information. The method includes retrieving, in response to the request, information of a set of predefined locations associated with the account. The method also includes comparing information of the set of predefined locations with the received location verification information to determine whether the received location verification information satisfies a predefined condition. The method further includes sending a response to the request to a destination associated with the account when the received location verification information satisfies the predefined condition.
    Type: Grant
    Filed: August 14, 2014
    Date of Patent: May 10, 2016
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventor: Chang He
  • Patent number: 9332013
    Abstract: In certain embodiments, a system receives a first request from a user to perform a function with an enterprise. The system communicates a second request for the user to provide a thought to facilitate authenticating the user with the enterprise. The system receives a string of characters corresponding to the thought. The string may be generated based at least in part upon electromagnetic signals, which the user generates by developing the thought. The system compares the received string to a stored string that corresponds to a thought of the user to authenticate the user. Based at least in part upon the comparison, the system determines whether the user is authenticated to perform the function.
    Type: Grant
    Filed: August 28, 2014
    Date of Patent: May 3, 2016
    Assignee: Bank of America Corporation
    Inventor: Sylvan Tran
  • Patent number: 9325741
    Abstract: A network analysis tool is provided in support of a data communication network having dynamically provisioned devices at indeterminate endpoints wherein templates, namely, the collection of meta-data about dynamically provisioned devices on a network (beyond the conventional networking concept of an endpoint address), are modeled as fixed endpoints for purposes of tracking. In a specific embodiment, template groups are generated as network interfaces for a modeled template enforcement device, and template groups are represented as if they are network endpoints connected to a template enforcement device, and a device description for the template enforcement device is produced.
    Type: Grant
    Filed: February 27, 2015
    Date of Patent: April 26, 2016
    Assignee: RedSeal, Inc.
    Inventor: Michael A. Lloyd
  • Patent number: 9325719
    Abstract: A network analysis tool is provided in support of a data communication network having user devices at indeterminate endpoints wherein user identities, namely, the collection of meta-data about a user device of a network (beyond the conventional networking concept of an endpoint address), is modeled as fixed endpoints for purposes of tracking. More specifically, users at indeterminate endpoints are identified by modeling using user roles as models of the user devices.
    Type: Grant
    Filed: October 27, 2014
    Date of Patent: April 26, 2016
    Assignee: RedSeal, Inc.
    Inventor: Michael A. Lloyd
  • Patent number: 9312949
    Abstract: Methods, systems, and apparatus, for pairing a wireless card reader and a computing device, including: receiving first user input setting the wireless card reader in a pairing mode; sending an indication from the wireless card reader to the computing device that a pairing mode of the wireless card reader is enabled; receiving an indication from the computing device that a pairing mode of the computing device is enabled; receiving, in the wireless card reader, a second user input of a sequence of actuations of a sensor on the wireless card reader; determining, on the wireless card reader, whether the sequence of actuations matches a stored sequence; and in response to determining that the sequence of actuations matches a stored sequence, pairing the wireless card reader with the computing device.
    Type: Grant
    Filed: March 5, 2013
    Date of Patent: April 12, 2016
    Assignee: Square, Inc.
    Inventors: Thomas Templeton, Elliot Sather
  • Patent number: 9305161
    Abstract: A password hardening system is arranged between one or more clients and a domain controller or other authentication entity. The password hardening system comprises a plurality of servers configured to store in a distributed manner respective shares of at least one of a hardened surrogate password and a corresponding user password. The password hardening system is configured to intercept a first set of one or more communications based at least in part on the user password and directed to an authentication entity external to the password hardening system, and to provide to the authentication entity in place of at least a portion of the intercepted first set of one or more communications a second set of one or more communications based at least in part on the hardened surrogate password. The password hardening system may be configured to serve as a proxy between an authenticating client and the authentication entity.
    Type: Grant
    Filed: June 24, 2013
    Date of Patent: April 5, 2016
    Assignee: EMC Corporation
    Inventors: Ari Juels, Kenneth D. Ray, Gareth Richards
  • Patent number: 9298933
    Abstract: Embodiments described herein generally relate to creating an autonomous role-based security system for a database management system, wherein a super user may not always be required. A computer-implemented method is described. The method includes establishing one or more privileges in a database system, each privilege controlling access to an administrative function for the database system. Each privilege is assigned to one or more roles. Each role may always have a minimum set of users with only administrative rights over the role. A request is received from a first user to grant a role to a second user. A database management system determines whether the first user has administrative privileges over the role. If the first user has administrative privileges over the role, the role is granted to the second user. The database system may satisfy the principles of least privilege and separation of duties.
    Type: Grant
    Filed: July 18, 2013
    Date of Patent: March 29, 2016
    Assignee: Sybase, Inc.
    Inventors: Anil Goel, Asif Iqbal Desai, Ramesh Gupta, Somnath Ghosh, Harin Vadodaria
  • Patent number: 9294293
    Abstract: A service provider receives from a user who has an account with it contact card information and recipient information picture information, therefrom determines a virtual contact card and contact channels through which the virtual contact card is sent to the recipients designated by the user, and sends the virtual contact card to the designated recipients through the contact channels. The virtual contact card and contact channels may be selected from what have been previously registered, either by the user or a third person, with the service provider and stored in the user's account, or just newly created, updated, and sent from the user at the time of transmission request to the designated recipients. The virtual contact card, when updated by the user, may be automatically sent by the service provider to the same recipients that previously received a pre-updated version.
    Type: Grant
    Filed: November 28, 2012
    Date of Patent: March 22, 2016
    Assignee: PAYPAL, INC.
    Inventor: Lucy Ma Zhao
  • Patent number: 9282507
    Abstract: Methods, systems, and apparatuses are described for avoiding short-lived wireless connections. In one method, a first connection with a first access point may be used for data transmissions. A motion state of a mobile device may be determined based on sensor data from at least one sensor within the mobile device. A second access point may be identified. A determination may be made to use the second access point for data transmissions based at least in part on the motion state of the mobile device.
    Type: Grant
    Filed: August 7, 2013
    Date of Patent: March 8, 2016
    Assignee: QUALCOMM Incorporated
    Inventors: Tobias Schlatter, Sha Hua, Arnaud Meylan
  • Patent number: 9275195
    Abstract: One customer of the license clearinghouse may act as an intermediary and perform selected tasks on behalf of another customer. In particular, an intermediary customer can make rights inquiries that access the portion of the central repository that belongs to its client in order to determine rights available to the client. In one embodiment, the portion of the central repository that is accessed in response to a rights inquiry is determined by an IP address of the device being used to make the rights inquiry. This IP address is used to retrieve a record having a customer ID and a field that indicates whether the IP address corresponds to a rights intermediary. If this is the case, a keyword corresponding to the customer ID of the customer that is provided in the rights request by the rights intermediary is used to access the central repository.
    Type: Grant
    Filed: February 19, 2010
    Date of Patent: March 1, 2016
    Assignee: COPYRIGHT CLEARANCE CENTER, INC.
    Inventors: Dan Stine, Keith Meyer
  • Patent number: 9275197
    Abstract: An individual may wish to make a gift of digital media to a designated recipient. The digital media may be previously purchased by the individual or may be new, unused digital media purchased specifically as a gift for the recipient. The sender of the gift sends a gift notification. The sender is then verified to ensure that the sender is authorized to make the gift by matching an identifier of the digital media with an identifier associated with the sender. The digital media may be associated with a set of rights and privileges. Further rights and privileges associated with the digital media may be offered to the recipient.
    Type: Grant
    Filed: August 29, 2011
    Date of Patent: March 1, 2016
    Assignee: SONY COMPUTER ENTERTAINMENT AMERICA LLC
    Inventor: Adam Harris
  • Patent number: 9268933
    Abstract: A brokered authentication request is received corresponding to an interaction between a particular user and a particular online entity. An identity provider corresponding to the particular user is identified that stores user data identifying the particular user. Confirmation is received that the identity provider has authenticated the particular user to a user profile maintained by the identity provider and a unique persistent user identifier is generated for the particular user that is unique within a system to a pairing of the first user with the first entity. The user identifier is caused to be communicated to the first entity for authenticating the first user in interactions with the first entity.
    Type: Grant
    Filed: August 22, 2012
    Date of Patent: February 23, 2016
    Assignee: McAfee, Inc.
    Inventor: Martin Stecher
  • Patent number: 9271127
    Abstract: A communication method for automatically switching between cellular networks and IP networks includes following steps. A mobile phone number is used as an user account. A sending user inputs or selects the user account or the mobile phone number of a receiving user on a sending client to send a message to the receiving user. If there is an user account corresponding to the mobile phone number of the receiving user registered on a server and the user account is on line, the sending client sends a message to the server via the IP networks, and the server transfers the message to a receiving client via the IP networks. If there is no user account corresponding to the mobile phone number of the receiving user registered on the server, the sending client directly sends a short message to the mobile phone number of the receiving user via the cellular networks.
    Type: Grant
    Filed: May 18, 2011
    Date of Patent: February 23, 2016
    Inventor: Shanzhen Chen
  • Patent number: 9270621
    Abstract: Securely providing messages from a cloud server to an enterprise is disclosed. In one aspect, a message is received at a first server that provides a cloud service to a plurality of tenants. The message complies with a protocol other than HTTP. The message is put on a message queue for a first tenant of the plurality of tenants. An HTTP connection is established in response to a request from a second server to establish the HTTP connection between the second server and the first server. The first server receives an HTTP request from the second serve over the HTTP connection for a message for the first tenant. The message is provided to the second server over the HTTP connection in response to determining that the second server is authorized to receive messages for the first tenant.
    Type: Grant
    Filed: February 25, 2013
    Date of Patent: February 23, 2016
    Assignee: CA, Inc.
    Inventors: Heidi R. Muehlebach, Trent Fitzgibbon, Brad Gossit
  • Patent number: 9262654
    Abstract: A reading device for contactless communication with a transponder unit includes a first antenna for generating a reading device field in the form of an alternating magnetic field. The reading device further contains one or more second antennas configured, and arranged in relation to the first antenna, such that during a contactless communication of the reading device with a transponder unit which generates communication signals by means of load modulation, a predetermined change of a detection signal is captured on the second antenna or antennas if the transponder unit is located in a predetermined zone around the reading device.
    Type: Grant
    Filed: April 30, 2012
    Date of Patent: February 16, 2016
    Assignee: GIESECKE & DEVRIENT GMBH
    Inventor: Klaus Finkenzeller
  • Patent number: 9230095
    Abstract: The systems and methods described herein can be used for enhancing the security of computer passwords by electronically receiving a password, the password comprising a plurality of components, each of the components being of a type of component, storing the received password in an electronic data store, converting the stored password to a topological representation of the password by which each of the plurality of components is represented and stored as its type of component, and storing the topological representation of the password in an electronic data store.
    Type: Grant
    Filed: March 2, 2015
    Date of Patent: January 5, 2016
    Assignee: KoreLogic, Inc.
    Inventors: Henry Lewis Leininger, Klayton Lee Monroe, Michael Thomas Wollman
  • Patent number: 9230033
    Abstract: Concepts and technologies are described herein for processing queries from a user's computing device initiating a query. In one embodiment, responding to the query involves searching for results based on the user's location and a list of federated enterprises. A clearinghouse server receives the query and determine a location of the user by accessing a location information database. The clearinghouse server then uses the location information in formulating a query to a search engine, by including location information with the user's query. The results are then processed in light of the list of federated enterprises. The processing may include ordering the search results, filtering the search results, or allowing enhanced forms of communications between the user and a selected party associated with the federated enterprise. The results are provided to the user. The enhanced forms of communication include instant messaging and video conferencing.
    Type: Grant
    Filed: September 6, 2011
    Date of Patent: January 5, 2016
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Wajih Yahyaoui, Warren Vincent Barkley, Kapil Nath Sharma, Joseph Arthur Williams
  • Patent number: 9225512
    Abstract: Approaches for using a physically unclonable function (PUF) as a key-encrypting key are disclosed. Data is encrypted using a session key, and at least one PUF value is generated from a PUF. The session key and a correctness indicator are encrypted into a corresponding session key pair using the PUF value. Each session key pair is added to the encrypted data. Subsequent decryption, using a subsequently generated PUF value, of the correctness indicator to an expected value indicates a valid decryption. Decryption may be repeated using a different PUF value if the correctness indicator does not match the expected value. In another approach, the session key may be omitted and the payload data may be encrypted with the different PUF values and paired with correctness indicators.
    Type: Grant
    Filed: May 1, 2013
    Date of Patent: December 29, 2015
    Assignee: XILINX, INC.
    Inventor: Stephen M. Trimberger
  • Patent number: 9215592
    Abstract: A personal digital ID device provides a digital identifier to a service for a predetermined duration in response to user interaction. The user interaction may include a button press. The personal digital ID device may be in the form of a bracelet, a key fob, or other form factor. The service may be provided by a mobile device, in the cloud, or elsewhere.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: December 15, 2015
    Assignee: Tyfone, Inc.
    Inventors: Siva G. Narendra, Prabhakar Tadepalli, Saurav Chakraborty
  • Patent number: 9203822
    Abstract: A method for processing data with a terminal and a system connected to the terminal via a network, which includes the steps of executing a process according to a request transmitted from the terminal via the network, performing a first user authentication with respect to the terminal by using the terminal or an authentication apparatus connected to the terminal via the network, storing first authentication data used for the first user authentication in association with second authentication data used for a second user authentication in a storage unit, and performing the second user authentication with respect to the system. In a case where at least a portion of the first authentication data is authenticated by the first user authentication, the second user authentication is performed by using the first and second authentication data stored in the storage unit and the portion of the first authentication data.
    Type: Grant
    Filed: August 27, 2013
    Date of Patent: December 1, 2015
    Assignee: RICOH COMPANY, LTD.
    Inventors: Yohei Ono, Noriko Kota
  • Patent number: 9203838
    Abstract: A system and method for registering a client device to obtain network access from a provider device. A server receives an authorization request for a user account to provide network access from provider devices associated with the user account to client devices associated with the user account. The server receives a unique identifier for each of the client devices, and provides the unique identifier for each of the client devices to each of the provider devices. The server provides an indication to at least one provider device to monitor for a request for network access from at least one client device, the request from the client device comprising the unique identifier of the client device. The provider device is configured to provide network access information to the client device in response to the request.
    Type: Grant
    Filed: October 31, 2012
    Date of Patent: December 1, 2015
    Assignee: GOOGLE INC.
    Inventors: Alexander Friedrich Kuscher, Trond Thomas Wuellner, Kan Liu
  • Patent number: 9189636
    Abstract: An example system can comprise a memory to store machine readable instructions. The system can also comprise a processing unit to execute the machine readable instructions. The machine readable instructions can comprise a service layer to generate an office machine security policy for a heterogeneous fleet of office machines. The heterogeneous fleet of office machines can comprise two different office machines. The service layer can also generate a security configuration for each office machine of the office machine fleet. The security configuration for a given office machine of the heterogeneous fleet of office machines can comprise a security setting for the given office machine. The machine readable instructions can comprise can also comprise a device layer to translate the security configuration of the given office machine into security instructions that are executable by the given office machine.
    Type: Grant
    Filed: July 30, 2012
    Date of Patent: November 17, 2015
    Assignee: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.
    Inventors: Matthew Lee Deter, Douglas T Albright, Kimberly G Drongesen, John K Gonsalves, John P. Borz, John Bigley, Kathleen M Takayama, Jeffrey H Soesbe, Daryl Wong
  • Patent number: 9183023
    Abstract: An environment manager in a computer executes multiple environments concurrently. A user management framework (UMF) virtual machine an the computer runs an authentication domain that supports user profile management of the multiple environments.
    Type: Grant
    Filed: July 1, 2010
    Date of Patent: November 10, 2015
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Jose Paulo Pires, Valiuddin Y. Ali, Boris Balacheff, James M. Mann, Eduardo Moschetta
  • Patent number: 9185104
    Abstract: Method and apparatus for communication between client and service provider using external server, and a method and apparatus for controlling communication between a client and a service provider are provided. The method includes: receiving from the service provider a first authentication token indicating that the service provider has authenticated communication with the client by logging on the service provider; storing, in the external server, authentication information containing the first authentication token and additional information relating to communication with the service provider; receiving, when there is a request to access the service provider, authentication information corresponding to the request from the external server; and communicating with the service provider using the received authentication information.
    Type: Grant
    Filed: August 14, 2008
    Date of Patent: November 10, 2015
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Hyok-Sung Choi, Sang-Kwon Lee, Jeong-Rok Yu
  • Patent number: 9185091
    Abstract: Software for managing access control functions in a network. The software includes a host that receives access control commands or information and calls one or more methods. The methods perform access control functions and communicate access control results or messages to be transmitted. The host may be installed in a network peer seeking access to the network or in a server controlling access to the network. When installed in a peer, the host receives commands and exchanges information with a supplicant. When installed in an access control server, the host receives commands and exchanges information with an authenticator. The host has a flexible architecture that enables multiple features, such as allowing the same methods to be used for authentication by multiple supplicants, providing ready integration of third party access control software, simplifying network maintenance by facilitating upgrades of authenticator software and enabling access control functions other than peer authentication.
    Type: Grant
    Filed: September 28, 2012
    Date of Patent: November 10, 2015
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Anthony M. Leibovitz, Mark C. Schurman, Mudit Goel, Paul G. Mayfield, Sudhakar Pasupuleti, Taroon Mandhana, Vivek P. Kamath, Wei Zheng, Xuemei Bao
  • Patent number: 9178864
    Abstract: A user-portable computing device configured as a smart card enables a user to carry identification information and to generate security tokens for use in authenticating the user to a service provider. The device includes memory for storing user identities as information cards that are exported to a host computer, presented to a user in visual form, and then selected for use in the authentication process. A security token service installed on the device issues a security token in response to a token request sent from the host computer that references the selected user identity. The security token service uses user attribute information stored on the user device to compose the claim assertions needed to issue the security token. The token is returned to the host computer and used to facilitate the authentication process.
    Type: Grant
    Filed: June 26, 2014
    Date of Patent: November 3, 2015
    Assignee: Open Invention Network, LLC
    Inventor: Gail-Joon Ahn
  • Patent number: 9176889
    Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining image search results. One of the methods includes receiving a notification that contents of a first memory page for a first virtual machine on a first host machine are the same as contents of a second memory page for a second virtual machine on a second different host machine. Storage space occupied by the first memory page on the first host machine is deallocated based on the notification. A request from the first virtual machine for the first memory page is received. In response to the request, a copy of contents of the second memory page is obtained from the second host machine.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: November 3, 2015
    Assignee: Google Inc.
    Inventor: Robert H. Earhart, III
  • Patent number: 9172686
    Abstract: A method comprises an operation for facilitating authentication of a client device attempting to connect to a port of a network element. Facilitating authentication includes determining whether the client device is configured for being authenticated using a first authentication mechanism and, in response to determining that the client device is not configured for being authenticated using the first authentication mechanism, determining whether the client device is configured for being authenticated using at least one other authentication mechanism.
    Type: Grant
    Filed: September 28, 2007
    Date of Patent: October 27, 2015
    Assignee: Alcatel Lucent
    Inventors: Anthony Chow, Minka Nikolova, L. Michele Goodwin, Vincent Vermeulen
  • Patent number: 9166968
    Abstract: A user credential sharing mechanism which can suitably implement a single sign-on function while preventing illicit accesses by accidental matches of authentication data in a mixed environment of an environment suitable for use of a single sign-on function and an unsuitable environment is provided. To accomplish this, when an information processing apparatus of this invention receives, from a user, an access request instruction to an external apparatus connected to be able to communicate with the information processing apparatus, if an authentication protocol related to user credentials generated at the time of a login operation is that which can limit a security domain, the apparatus accesses the external apparatus using the user credentials, and if that authentication protocol is that which cannot limit a security domain, the apparatus prompts the user to input an account accessible to the external apparatus.
    Type: Grant
    Filed: May 8, 2013
    Date of Patent: October 20, 2015
    Assignee: Canon Kabushiki Kaisha
    Inventor: Yasuhiro Hosoda
  • Patent number: 9160726
    Abstract: Authentication systems are provided that select an authentication method to be applied to a given transaction from among a plurality of available authentication methods based on risk reasoning. An authentication request from an authentication requestor for a given transaction is processed by receiving the authentication request from the authentication requester and selecting an authentication method to be applied to the given transaction from among a plurality of available authentication methods based on an evaluation of one or more predefined risk reasons with respect to the available authentication methods. The predefined risk reasons associated with a given transaction comprise, for example, a set of risk reasons that contribute to a risk score that has been assigned to the given transaction. The evaluation may employ one or more of rule-based, heuristic and Bayesian techniques.
    Type: Grant
    Filed: June 28, 2013
    Date of Patent: October 13, 2015
    Assignee: EMC Corporation
    Inventors: Alon Kaufman, Marcelo Blatt, Alex Vaystikh, Triinu Magi Shaashua, Yael Villa
  • Patent number: 9152783
    Abstract: Techniques for managing accounts are provided. An access management system may check out credentials for accessing target systems. For example a user may receive a password for a period of time or until checked back in. Access to the target system may be logged during this time. Upon the password being checked in, a security account may modify the password so that the user may not log back in without checking out a new password. Additionally, in some examples, password policies for the security account may be managed. As such, when a password policy changes, the security account password may be dynamically updated. Additionally, in some examples, hierarchical viewing perspectives may be determined and/or selected for visualizing one or more managed accounts. Further, accounts may be organized into groups based on roles, and grants for the accounts may be dynamically updated as changes occur or new accounts are managed.
    Type: Grant
    Filed: May 31, 2012
    Date of Patent: October 6, 2015
    Assignee: Oracle International Corporation
    Inventors: Buddhika Kottahachchi, Kuang-Yu Shih, Arun Theebaprakasam
  • Patent number: 9154377
    Abstract: A computer-implemented method to manage a device is described. Communications with an endpoint device are established. A management profile for the endpoint device is received. Information about the endpoint device is acquired based at least in part on the management profile. At least a portion of the acquired information is provided to an upper layer server.
    Type: Grant
    Filed: February 26, 2013
    Date of Patent: October 6, 2015
    Assignee: Symantec Corporation
    Inventors: Maksim Sokolov, Cody Menard
  • Patent number: 9148787
    Abstract: A method and apparatus are for automatically accessing a social network account that provides member information about each of a plurality of social network members. The member information about at least one of the social network members, denoted as a particular member, includes a network detection portion and a security portion. The network detection portion is retrieved from the social network for at least the particular member. A detection is made that the wireless device is within range of a secure wireless network associated with the particular member. The detection uses the network detection portion of the particular member as an input. The security portion of the member information of the particular member is retrieved from the social network. The security portion is used to derive access credentials for the secure wireless network. The derived access credentials are used to securely access the secure wireless network.
    Type: Grant
    Filed: December 6, 2012
    Date of Patent: September 29, 2015
    Assignee: Google Technology Holdings LLC
    Inventor: Apostolis K. Salkintzis
  • Patent number: 9143514
    Abstract: A hierarchical security model for networked computer users is described. Files and resources are controlled or created by users within the network. Each user within the network has an account that is managed by a network administrator. The account specifies the user identifier and password. Users are grouped into organizations depending upon function or other organizational parameter. The groups within the network are organized hierarchically in terms of access and control privileges. Users within a higher level group may exercise access and control privileges over files or resources owned by users in a lower level group. The account for each user further specifies the group that the owner belongs to and an identifier for any higher level groups that have access privileges over the user's group. All users within a group inherit the rights and restrictions of the group.
    Type: Grant
    Filed: June 23, 2014
    Date of Patent: September 22, 2015
    Assignee: Ellie Mae, Inc.
    Inventors: Limin Hu, Ting-Hu Wu, Ching-Chih Jason Han
  • Patent number: 9143549
    Abstract: A communication system offering remote access and a communication method thereof are provided. The communication system includes a remote device, a relay node, and at least one server device. The relay node controls a connection from the remote device to a local area network (LAN). The at least one server device is located in the LAN. The remote device communicates with the relay node by using a web access protocol. The relay node converts a first command compliant with the web access protocol into a second command compliant with a LAN data access protocol, so that the remote device can remotely access the at least one server device through the relay node. Thereby, the remote device can remotely access the at least one server device without setting parameters of related network nodes.
    Type: Grant
    Filed: October 24, 2012
    Date of Patent: September 22, 2015
    Assignee: ASUSTeK COMPUTER INC.
    Inventor: Jeng-Hung Hung
  • Patent number: 9137662
    Abstract: A method and apparatus are provided for access credential provisioning. A method may include receiving, at a first mobile apparatus, information about a second mobile apparatus. The first mobile apparatus may be provisioned with network access credential information to be transferred from the first mobile apparatus to the second mobile apparatus. The method may further include causing the information about the second mobile apparatus to be provided to a provisioning apparatus for the network. The method may additionally include receiving authorization form the provisioning apparatus to transfer the network access credential information from the first mobile apparatus to the second mobile apparatus. The method may also include, in response to receipt of the authorization, causing the network access credential information to be provided to the second mobile apparatus. A corresponding apparatus is also provided.
    Type: Grant
    Filed: October 21, 2010
    Date of Patent: September 15, 2015
    Assignee: Nokia Technologies Oy
    Inventors: Silke Holtmanns, André Dolenc
  • Patent number: 9135412
    Abstract: Systems and methods of token-based protection for remote resources are disclosed. For example, a method may include receiving, at a second computing device, a configuration message from a first computing device. The configuration message includes information to configure a resource at the second computing device. For example, the resource may be a cloud transcoder. The method also includes generating, at the second computing device, a short token that enables the first computing device to access the resource. For example, the short token may be used to receive a long token that can be used to send application programming interface (API) requests to the cloud transcoder.
    Type: Grant
    Filed: February 24, 2015
    Date of Patent: September 15, 2015
    Assignee: WOWZA MEDIA SYSTEMS, LLC
    Inventors: Michael Dean Talvensaari, Ian Zenoni
  • Patent number: 9137740
    Abstract: Systems and methods of providing network access information from one or more servers to a wireless device. The wireless device acquires information from the servers about available networks at a current location of the wireless device. The network information is based on a plurality of device parameters, network parameters and regulatory requirements that govern the operation of the wireless device. In addition, the wireless device may assess the acquired information for suitability for communications to be carried out by the wireless device.
    Type: Grant
    Filed: September 10, 2012
    Date of Patent: September 15, 2015
    Assignee: Spectrum Bridge, Inc.
    Inventors: Peter Stanforth, Jeffrey C. Schmidt, Manish Shukla
  • Patent number: 9137251
    Abstract: The present invention teaches a methodology for provisioning and managing a network having many network devices. In certain embodiments, groups of member devices are created each having a group policy configuration inherited by member devices. A variety of rules regarding prioritization, versioning, system snapshot, redo and undo are also taught. This embodiment is useful when the network devices can be partitioned into groups of similar type devices for similar applications. Similar physical attributes can also be mapped into identical virtual attributes, enabling policy configurations to be applied to varying devices and physical attribute configurations can be resolved upon device installation.
    Type: Grant
    Filed: March 16, 2005
    Date of Patent: September 15, 2015
    Assignee: Fortinet, Inc.
    Inventors: Michael Xie, Langtian Du, Jun Li
  • Patent number: 9131185
    Abstract: A data communication apparatus that is capable of improving operability when inputting authentication information. An authentication unit accepts authentication information inputted when a user logs in to the data communication apparatus and authenticates the user based on the accepted authentication information. A designation unit designates a file transmission destination that is inputted by the authenticated user. A transmission unit transmits a file to the transmission destination inputted. A registration unit registers the transmission destination of the file. A control unit prohibits registration of the authentication information at the time of registration of the transmission destination of the file when the accepted authentication information is used for file transmission, and permits registration of the authentication information at the time of registration of the transmission destination of the file when the inputted authentication information is not used for file transmission.
    Type: Grant
    Filed: November 21, 2012
    Date of Patent: September 8, 2015
    Assignee: CANON KABUSHIKI KAISHA
    Inventor: Hiroyasu Morita
  • Patent number: 9130920
    Abstract: A network security layer with a role mapping component with a current role mapping between services and access permissions is provided between a user and the services. A multi-tenancy module with current membership mapping is also provided. The security layer has a network authentication protocol for user authentication at log-in. Snapshots of a baseline role mapping between services and permissions are taken at certain times. The role mapping component verifies snapshots at set intervals, and when the user performs certain actions, the current role mapping is compared with the baseline role mapping. Upon discrepancy, the role mapping component executes a set of rules, including forceful log-out to prevent system intrusion. Comparison of current membership mapping with a baseline membership mapping can also be applied. The security layer can thus monitor authorization-exceeding modifications to baseline policies attempted by logged-in and initially authorized users.
    Type: Grant
    Filed: January 7, 2013
    Date of Patent: September 8, 2015
    Assignee: ZETTASET, Inc.
    Inventor: Konstantin I. Pelykh
  • Patent number: 9122852
    Abstract: A password input system and a method inputting a password are provided. The password input system includes a signal receiving unit, a processing unit and a storage device. The signal receiving unit receives input signals comprising key-pressing signals and key-releasing signals respectively corresponding to the key-pressing signals and each key-pressing signal corresponds to an alphanumeric symbol. The processing unit, according to a predetermined key-releasing rule, sequentially groups the alphanumeric symbols corresponding to the key-pressing signals into groups. Each group is regarded as a password element and the password elements together form a multi-key input password set. The storage device stores the multi-key input password set.
    Type: Grant
    Filed: June 3, 2013
    Date of Patent: September 1, 2015
    Assignee: Wistron Corporation
    Inventor: Bin Jiang
  • Patent number: 9124649
    Abstract: Methods and systems provide indirect and temporary access to a company's IT infrastructure and business applications. The methods/systems involve establishing an access control center (ACC) to control the access that technical support personnel may have to the company's IT infrastructure and business applications. Thin client terminals with limited functionality may then be set up in the ACC for use by the technical support personnel. The thin client terminals connect the technical support personnel to workstations outside the ACC that operate as virtual desktops. The virtual desktops in turn connect the technical support personnel to the IT infrastructure and business applications. An ACC application may be used to automatically establish the connection between the thin client terminals and the virtual desktops and the virtual desktops and the IT infrastructure and business applications.
    Type: Grant
    Filed: April 21, 2014
    Date of Patent: September 1, 2015
    Assignee: United Services Automobile Associate (USAA)
    Inventors: Christopher Thomas Wilkinson, Edward Allen Francovich, Jeremy Ryan Scott, Steven Dale Sternitzke
  • Patent number: 9118710
    Abstract: A system, method, and computer program product are provided for identifying operating system information associated with at least one of a plurality of networked devices, and an occurrence in connection with the at least one of the networked device. It is also determined whether at least one vulnerability capable being exploited by the occurrence is relevant to the at least one networked device based on the operating system information. To this send, the occurrence is reported in a first manner, if it is determined that the at least one vulnerability capable being exploited by the occurrence is relevant to the at least one networked device based on the operating system information. Further, the occurrence is reported in a second manner different from the first manner, if it is determined that the at least one vulnerability capable being exploited by the occurrence is not relevant to the at least one networked device based on the operating system information.
    Type: Grant
    Filed: September 29, 2014
    Date of Patent: August 25, 2015
    Assignee: SecurityProfiling, LLC
    Inventors: Brett M. Oliphant, John P. Blignaut
  • Patent number: 9118708
    Abstract: A system, method, and computer program product are provided for a database associating a plurality of device vulnerabilities to which computing devices can be subject with a plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities. Each of the device vulnerabilities is associated with at least one remediation technique. Each remediation technique associated with a particular device vulnerability remediates that particular vulnerability. Further, each remediation technique has a remediation type are selected from the type group consisting of patch, policy setting, and configuration option. Still yet, a first one of the device vulnerabilities is associated with at least two alternative remediation techniques.
    Type: Grant
    Filed: September 28, 2014
    Date of Patent: August 25, 2015
    Assignee: SecurityProfiling, LLC
    Inventors: Brett M. Oliphant, John P. Blignaut
  • Patent number: 9118675
    Abstract: In embodiments, a method of securing access to a computer memory and other computer resources includes authoring a 3D projection of data by a registering user customizing elements in the 3D projection, resulting in a registered 3D projection. The method further includes presenting to a requesting user a representation of the elements of the 3D projection in a randomized fashion. The method additionally includes receiving, from the requesting user, manipulations of the presented elements of the 3D projection toward undoing or solving the randomization. The method includes determining whether the manipulated elements of the 3D projection match the customized elements of the registered 3D projection. Then, the method includes granting, to the registered user, access to the computer memory if the manipulated elements of the 3D projection match the customized elements of the registered 3D projection.
    Type: Grant
    Filed: December 27, 2012
    Date of Patent: August 25, 2015
    Assignee: Dassault Systemes
    Inventor: Jean-Jacques Grimaud
  • Patent number: 9118656
    Abstract: Requests to gain access to secure resources are adjudicated according to authentication policies that include rules based on user-states derived from multiple heterogeneous access-control systems. Comprehensive user authentication and access control based on rules and policies that encompass a user's status in multiple access-control systems, including both logical access (e.g., Active Directory, RADIUS, Virtual Private Network, etc.) as well as physical access (e.g., card-based) control systems, may be realized.
    Type: Grant
    Filed: January 25, 2007
    Date of Patent: August 25, 2015
    Assignee: Imprivata, Inc.
    Inventors: David M. T. Ting, Omar Hussain, Gregg LaRoche
  • Patent number: 9111117
    Abstract: Sensitive content is securely shared. A request is received from a first communication device to share sensitive content. The first communication device is associated with an account for a communication service provided by a network provider. A message including a link to the sensitive content is sent to a second communication device associated with a phone number. That message is addressed to the second communication device. An authentication message is received, indicating that the second communication device is associated with the phone number. Responsive to receipt of the authentication message, the sensitive content is made accessible via the second communication device without requiring that the second communication device be associated with an account for the communication service provided by the network provider.
    Type: Grant
    Filed: October 11, 2013
    Date of Patent: August 18, 2015
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventors: Emily Soelberg, Jeffrey Mikan
  • Patent number: 9112846
    Abstract: A system and method for using a GSSAPI security token to transport additional non-GSSAPI data that includes authorization data used by third-party software. The system includes a hook that intercepts a client process's interactions with the GSSAPI. When a client process requests a security context from the GSSAPI, the hook intercepts the security token the GSSAPI provides for the client process. The hook checks to see if there is additional authorization data to transport, adds the additional data to the security token, then gives the token to the client process. The client process sends the security token to the server process, which submits the token to the GSSAPI for evaluation.
    Type: Grant
    Filed: October 11, 2013
    Date of Patent: August 18, 2015
    Assignee: CENTRIFY CORPORATION
    Inventor: Hon Wai Kwok
  • Patent number: 9106642
    Abstract: Disclosed are various embodiments for synchronizing authentication sessions between applications. In one embodiment, a first authentication token is received from a first application in response to determining that the first application is authenticated with a service provider. A second authentication token is requested from a token exchange service associated with the service provider. The second authentication token is requested using the first authentication token. The second application is configured to use the second authentication token in order to access a resource of the service provider.
    Type: Grant
    Filed: September 11, 2013
    Date of Patent: August 11, 2015
    Assignee: Amazon Technologies, Inc.
    Inventor: Bharath Kumar Bhimanaik