Usage Patents (Class 726/7)
  • Patent number: 10291746
    Abstract: A solution is proposed for accessing a database by an application client. A corresponding method comprises receiving a connection command for opening a user connection between a user client of the application client and the database from the application client, the connection command comprising an indication of a context of the user client, assigning an application connection between the application client and the database to the user client in response to the connection command, and switching a context of the application connection to the context of the user client.
    Type: Grant
    Filed: September 14, 2017
    Date of Patent: May 14, 2019
    Assignee: International Business Machines Corporation
    Inventors: Mauro Arcese, Stefano Sidoti
  • Patent number: 10284526
    Abstract: Systems, devices, and methods are disclosed for selectively decrypting SSL/TLS communications. Contents of the decrypted communications that may result in some action; for example, to terminate the communications, or to log and store the plaintext packets of the communications for subsequent content inspection and analysis. A SSL/TLS proxy may examine the information contained in the TLS handshake protocol and/or examine other information associated with the connection. Based on the examination, a proxy may determine whether or not to decrypt the encrypted communications. The proxy may take additional actions based on content inspection.
    Type: Grant
    Filed: July 19, 2018
    Date of Patent: May 7, 2019
    Assignee: Centripetal Networks, Inc.
    Inventor: Sean Moore
  • Patent number: 10284533
    Abstract: A registry is utilized to identify personally identifiable information (PII) that has been breached. The registry is a distributed database shared by multiple organizations to track which PII has been breached in other organizations. A first service provider initially receives PII and corresponding signed descriptor from a user. The PII is used to verify an identity of the user and the signed descriptor describes the type of PII that is received. The first service provider queries the registry to determine if the signed descriptor of the user has been written to the registry by a second service provider, indicating that it has been breached at a service provided by the second service provider. If the first service provider uses the breached PII, the breached PII is invalidated by the first service provider.
    Type: Grant
    Filed: March 14, 2018
    Date of Patent: May 7, 2019
    Assignee: CA, INC.
    Inventors: Steven Cornelis Versteeg, Nathan Allin Hastings, Xien Yao, John Sinclair Bird
  • Patent number: 10263971
    Abstract: Aspects of the disclosure relate to providing information security and preventing unauthorized access to resources of an information system by injecting device data collectors into pages and/or other interfaces provided by and/or otherwise associated with an information system. A computing platform may intercept a request corresponding to a selection of an interface element included in a modified version of a first page associated with a uniform resource locator. Based on intercepting the request, the computing platform may validate a security state of a client device based on device data collected by a device data collector. In response to failing to validate the security state of the client device, the computing platform may generate and send a step-up authentication prompt to the client device. The step-up authentication prompt may prompt a user of the client device to provide authentication input to access a second page associated with the selection.
    Type: Grant
    Filed: August 31, 2016
    Date of Patent: April 16, 2019
    Assignee: Bank of America Corporation
    Inventor: Xianhong Zhang
  • Patent number: 10255778
    Abstract: Systems (100, 150) and methods (700, 800) for transitioning a handheld device (100) from a partially inoperative state to a fully operative state. The methods comprise performing operations to pair a first communication device (150) and a second communication device (100). In response to the pairing of the first and second communication devices, the second communication device is transitioned from the partially inoperative state in which deactivation operations for deactivating an active security tag (124) are disabled to the fully operative state in which said deactivation operations are enabled.
    Type: Grant
    Filed: May 11, 2016
    Date of Patent: April 9, 2019
    Assignee: Sensormatic Electronics, LLC
    Inventor: Adam S. Bergman
  • Patent number: 10250581
    Abstract: Disclosed are a client, a server, an RADIUS capability negotiation method and system, and the method includes: a client transmits to a server a first message carrying RADIUS capability parameters of the client; the server captures the RADIUS capability parameters in the first message, matches the RADIUS capability parameters in the first message with RADIUS capability parameters of the server to obtain a matching result, and transmits the matching result to the client through a second message; and the client determines whether to establish effective communication with the server according to the matching result in the second message. By means of the technical solutions of the disclosure, it is possible to extend the RADIUS protocol, and to solve the problem existing in the current RADIUS protocol that both sides in communication cannot perform RADIUS capability negotiation.
    Type: Grant
    Filed: September 18, 2013
    Date of Patent: April 2, 2019
    Inventors: Qiandeng Liang, Yuxi Gan, Liang Fan, Huaxing Zhu
  • Patent number: 10243944
    Abstract: A device may collect environmental information surrounding the device. Based on the collected environmental information, the device may automatically identify a potentially secured location that has lower security risk. When a potentially secured location is identified, the device may prompt the user to setup a security profile having reduced security requirement for the secured location. The device may store and associate the security profile with the secured location. The device may activate the security profile with reduced security requirement when the device is in the secured area. Further, the security profile may require that certain features of the device be disabled when the device is in the secured location.
    Type: Grant
    Filed: October 16, 2017
    Date of Patent: March 26, 2019
    Assignee: PAYPAL, INC.
    Inventors: Nate L. Lyman, Roy L. Camp, Eric J. Farraro, John R. Tapley
  • Patent number: 10235536
    Abstract: For relationship-based image modification, a processor determines a relationship level for a requester of an image of a plurality of images. The processor further modifies the image based on the relationship level.
    Type: Grant
    Filed: October 19, 2016
    Date of Patent: March 19, 2019
    Assignee: Lenovo (Singapore) PTE LTD
    Inventors: Russell Speight VanBlon, John Carl Mese, Nathan J. Peterson, Arnold S. Weksler
  • Patent number: 10237254
    Abstract: The present disclosure relates to a system and method for providing conditional login promotion. An example system includes at least one processor and at least one memory element, wherein the system is configured for receiving an indication of a local operating system login by a user from a client device associated with the user; receiving one or more authentication factors associated with the user from the client device; and determining whether the local operating system login is to be promoted to a relying party entity based upon the one or more authentication factors associated with the user.
    Type: Grant
    Filed: March 27, 2015
    Date of Patent: March 19, 2019
    Assignee: McAfee, LLC
    Inventors: John R. McDowell, Neeraj Kaul, Pavan Kumar V. Bharathapudi, Siddaraya B. Revashetti, Ranjit S. Narjala, Ramkumar Ram Chary Venkatachary, Sahar Mostafa, Vani Yalapalli, Charles Slate
  • Patent number: 10237294
    Abstract: Techniques are described for analyzing data regarding activity in an IT environment to determine information regarding the entities associated with the activity and using the information to detect anomalous activity that may be indicative of malicious activity. In an embodiment, a plurality of events reflecting activity by a plurality of entities in an IT environment are processed to resolve the identities of the entities, discover how the entities fit within a topology of the IT environment, and determine what the entities are. This information is then used to generate a entity relationship graph that includes nodes representing the entities in the IT environment and edges connecting the nodes representing interaction relationships between the entities. In some embodiments, baselines are established by monitoring the activity between entities. This baseline information can be represented in the entity relationship graph in the form of directionality applied to the edges.
    Type: Grant
    Filed: January 30, 2017
    Date of Patent: March 19, 2019
    Assignee: SPLUNK INC.
    Inventors: Joseph Auguste Zadeh, Rodolfo Soto, George Apostolopoulos, John Clifton Pierce
  • Patent number: 10231268
    Abstract: Techniques for associating devices and users with a local area network using network identifiers are provided. For example, a method, system, and computer-program product for associating network devices with a local area network using a network identifier are provided. For example, a method may include receiving, at a computing device, a communication including a unique identifier for a network device connected to a network. The method may further include using the unique identifier to determine properties of the network device and generating a network identifier for the network, wherein the network identifier includes an indication of a time at which the network identifier is generated, an indication of the computing device, and an indication of the network device properties. The method can also include transmitting the network identifier, wherein when the network identifier is received, the network identifier facilitates identifying the network and associating the network device with the network.
    Type: Grant
    Filed: December 4, 2015
    Date of Patent: March 12, 2019
    Assignee: Belkin International, Inc.
    Inventors: Venkata Subba Rao Pathuri, Ryan Yong Kim, Gursharan Sidhu, Naga Yerramsetti, Jimmy Chung, Brian Knopf
  • Patent number: 10230522
    Abstract: This disclosure describes methods, apparatus, and systems related to controlled access data allocation. A device may receive a first request from a first device to establish a first connection with a wireless network. The device may receive a second request from a second device to establish a second connection with the wireless network. The device may determine a first access data for the first device, wherein the first access data is associated with a first access configuration. The device may determine a second access data for the second device, wherein the second access data is associated with a second access configuration, wherein the second access configuration is different from the first access configuration. The device may send the first access data to the first device. The device may send the second access data to the second device. The device may establish the first connection with the first device, wherein the first connection is at the first access configuration.
    Type: Grant
    Filed: March 24, 2016
    Date of Patent: March 12, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Andrew Jay Roths, Marc Solsona-Palomar
  • Patent number: 10218691
    Abstract: Disclosed are various approaches for providing single sign-on capabilities for a user on a client device. A user's credentials can be authenticated by an identity provider application. The identity provider application can facilitate single sign-on capabilities for browser-based applications and native applications on the client device.
    Type: Grant
    Filed: November 30, 2016
    Date of Patent: February 26, 2019
    Assignee: AirWatch LLC
    Inventors: Yogesh Govind Hande, Shravan Shantharam, Kalyan Regula, Varun Murthy, Bhuvanesh Shanmuga Sundaram, Jonathon Deriso
  • Patent number: 10218701
    Abstract: Methods and systems are provided for automatically securing account access by verifying account information with an email provider. The methods and systems automatically determine whether provided login identification and account information, in the form of an email address, is valid by a server requesting validation information from the email server of the email address. The request is automatically provided, as a background process, in response to receiving login credential information entered by a user. The email server can provide verification of the email address, whether a password associated with the email address has changed, or if the request bounces. Push notifications may be utilized by the email server to notify registered entities of any changes to login credential information associated with an account. The methods provided secure account access and active sessions subsequent to an email account owner changing a password or terminating the email account.
    Type: Grant
    Filed: March 9, 2016
    Date of Patent: February 26, 2019
    Assignee: Avaya Inc.
    Inventors: Anand Bernard Alen, Aparna Govindaraju, Balasubramaniam Palanisamy, Bharanidharan Ramachandran, Gregory Alan Johns, Kathiresan Deivasagayam, Ramakanth Damodaram, Prem Sumetpong
  • Patent number: 10218861
    Abstract: An image forming apparatus includes: a display; a first display controller configured to display a background screen image(s); and a second display controller configured to display, within each background screen image, at least one object image each for receiving a command for executing a corresponding predefined processing. The first display controller executes a display switch processing to switch the background screen image being displayed on the display from a first background screen image to a second background screen image by moving the first and second background screen images in a first direction. The second display controller executes a shaking display processing in which the object image displayed within the second background screen image is repeatedly moved between two positions. The shaking display processing is started upon a start of the display switch processing and finished after an end of the display switch processing.
    Type: Grant
    Filed: June 21, 2018
    Date of Patent: February 26, 2019
    Inventor: Shinsuke Kaigawa
  • Patent number: 10218690
    Abstract: An enterprise server is provisioned with an authentication response language, where the authentication response language allows the enterprise server to issue instructions for authentication steps to an enterprise client, which enables the enterprise client to execute a set of instructions for navigating an authentication sequence. The set of instructions installed into and served by the enterprise server varies depending on a protocol inherently used by the authentication topology. The enterprise client, when accessing a protected resource, and not already authenticated, receives a set of authentication instructions from the enterprise server formulated in the authentication response language. The client starts to interpret the provided authentication instructions, but controls the presentation layer and interface of any user interactions. The client follows the sequence by sending requests and receiving responses from one or more servers in the topology until the sequence is complete.
    Type: Grant
    Filed: October 17, 2016
    Date of Patent: February 26, 2019
    Assignee: International Business Machines Corporation
    Inventors: Simon Helsen, Jose A. Rodriguez, Ritchard L. Schacher, Patrick R. Wardrop
  • Patent number: 10218766
    Abstract: A method of service capability notification including receiving a service capability of a representational state transfer (REST) client and a request for a service capability of a target client from an application server, sending the service capability of the target client to the application server in response to the request, and sending the service capability of the REST client to a notification server so that the notification server is able to provide the service capability of the REST client to the target client.
    Type: Grant
    Filed: November 4, 2014
    Date of Patent: February 26, 2019
    Assignee: Futurewei Technologies, Inc.
    Inventors: Xinmin Ding, Yilin Gan
  • Patent number: 10211984
    Abstract: A domain authority 13 for use in a hierarchy of domain authorities in a hierarchical cryptographic system. The domain authority 13 comprises a user secret key generator 21 for generating a user secret key based on a domain secret key and one or more attribute representations, to obtain a user secret key associated with a set of attributes corresponding to the attribute representations, and wherein the domain secret key is based on a domain secret key of a parent domain authority or a root secret key of a root authority of the hierarchy of domain authorities, and wherein the attribute representations are independent of the hierarchy. A decrypter makes use of the user secret key. An encrypter generates ciphertext decryptable by the decrypter.
    Type: Grant
    Filed: September 21, 2012
    Date of Patent: February 19, 2019
    Assignee: Koninklijke Philips N.V.
    Inventors: Muhammad Asim, Tanya Ignatenko, Milan Petkovic
  • Patent number: 10205853
    Abstract: An authentication apparatus includes an imaging unit that captures a face image of a user, an authenticating unit that authenticates the user using the face image of the user captured by the imaging unit, a display unit that displays failure information if authentication of the user by the authenticating unit is unsuccessful, a departure detecting unit that detects a departure of the user, and a stopping unit that causes the display unit to stop displaying the failure information if the departure detecting unit detects the departure of the user.
    Type: Grant
    Filed: October 23, 2015
    Date of Patent: February 12, 2019
    Assignee: FUJI XEROX CO., LTD.
    Inventors: Manabu Hayashi, Masafumi Ono, Naoya Nobutani, Kunitoshi Yamamoto
  • Patent number: 10205477
    Abstract: Disclosed is an osteoacusis finger ring, including a finger ring body and a first communication device. The finger ring body has a recess thereon, two end portions of the recess are respectively disposed with a clamping protrusion part, and the whole finger ring is in a C shape. Two lugs are formed at the bottom of the first communication device, and the lug is disposed with a fitting groove at the internal side thereof. The first communication device includes a shell, a display unit, a switch unit, a circuit board, and a conducing colloid. The circuit board is disposed with a Bluetooth communication unit, a pickup unit, and an osteoacusis vibrator. The upper end of the conducing colloid is attached to the osteoacusis vibrator, and the lower end of the conducting colloid passes through the accommodating hole and protrudes from the bottom of the shell.
    Type: Grant
    Filed: July 17, 2018
    Date of Patent: February 12, 2019
    Inventor: Gui Hong
  • Patent number: 10193937
    Abstract: The present invention provides apparatuses, methods, computer programs, computer program products and computer-readable media regarding IMS (Internet Protocol Multimedia Subsystem) restoration support for temporary GRUU (Globally Routable User Agent Uniform Resource Identifier). Certain aspects of the present invention include creating, at a registrar, a registration identified by a registration identifier, and storing, by the registrar, the registration identifier, a call identifier and an initial command sequence related to the registration identified by the registration identifier in a persistent database during the registration.
    Type: Grant
    Filed: June 2, 2014
    Date of Patent: January 29, 2019
    Inventors: Jiadong Shen, Ulrich Wiehe
  • Patent number: 10191707
    Abstract: A display apparatus includes a display section, a wireless communication section configured to perform wireless connection to an external apparatus using first connection information that can be acquired from an external radio tag, and a storing section configured to store second connection information different from the first connection information. The wireless communication section is capable of performing the wireless connection to the external apparatus or another external apparatus using the second connection information. The second connection information is changeable.
    Type: Grant
    Filed: February 29, 2016
    Date of Patent: January 29, 2019
    Assignee: Seiko Epson Corporation
    Inventor: Kenichiro Tomita
  • Patent number: 10187248
    Abstract: A mission-specific computer peripheral provides a portable linkable work platform, useful for establishing an office computing infrastructure quickly, at low cost, and without professional computing expertise. The office infrastructure device includes both data storage (for storage of operating and user data) and a unique device identification code (for identification when the device is plugged into a host personal computer). When connected, user executable code within the device is accessed through the host personal computer to launch thereon a user-definable work space. This work space provides, among other office infrastructure functions and applications, access to programming that enables the “synching” of data between the device and a private internet site, as well as programming that enables the user to manage and share data with other authorized office infrastructure device users.
    Type: Grant
    Filed: February 27, 2015
    Date of Patent: January 22, 2019
    Inventor: Renato M. de Luna
  • Patent number: 10182048
    Abstract: The disclosed computer-implemented method for automatically populating one-time-password input fields may include (1) detecting, at a first computing device of a user, an input field that requires a one-time password that is included in a message that is sent by a one-time-password provider to a second computing device of the user, (2) identifying, at the second computing device, the message that includes the one-time password, (3) transmitting the one-time password from the second computing device to the first computing device, (4) receiving, at the first computing device, the one-time password, and (5) automatically populating, at the first computing device, the input field with the one-time password. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: May 24, 2016
    Date of Patent: January 15, 2019
    Assignee: Symantec Corporation
    Inventor: Umamaheswarii Sabanayagam
  • Patent number: 10172535
    Abstract: Disclosed herein are a wearable device and method for providing feedback information through vein authentication or the measurement of a body composition. In an aspect, the wearable device may include a measurement module configured to measure the pattern of veins of a user, a communication module configured to send unique bio information about the user measured by the measurement module to a management server along with authentication information and to receive feedback information for the transmitted information from the management server, and a memory module configured to store the pattern of the veins of the user.
    Type: Grant
    Filed: October 20, 2016
    Date of Patent: January 8, 2019
    Assignee: SK PLANET CO., LTD.
    Inventors: Daewoo Lee, Seulmaro Jeon
  • Patent number: 10172005
    Abstract: Systems and methods for securing access to a mobile device are disclosed. A method includes: transmitting, by a computer device, a tone to a surface of an object; detecting, by the computer device, a frequency response from the object based on the transmitted tone; determining, by the computer device, that the detected frequency response from the surface of the object conforms to a stored frequency response; and unlocking, by the computer device, the computer device based on the determining.
    Type: Grant
    Filed: April 24, 2017
    Date of Patent: January 1, 2019
    Inventors: Lisa M. W. Bradley, Jonathan Dunne, Liam Harpur, Asima Silva
  • Patent number: 10172006
    Abstract: Methods and systems for preventing a user input device from controlling the user equipment are described herein. The method includes receiving, over a first communication path, by a user equipment, data indicative of a first request to restrict control by the user input device over the user equipment. The method includes disregarding a first command from the user input device response to receiving the first request. The method includes receiving, over the first communication path, data indicative of a second request to restore control by the user input device over the user equipment. The method includes receiving a second command from the user input device, the second command intended to alter a second setting of the user equipment, in response to receiving the second request. The method includes altering the second setting of the user equipment in response to receiving the second request and the second command.
    Type: Grant
    Filed: February 13, 2018
    Date of Patent: January 1, 2019
    Assignee: Rovi Guides, Inc.
    Inventors: Emily Weigand, Milan Indu Patel, Nancy Huynh, Kevin S. Bright
  • Patent number: 10169566
    Abstract: An application platform may receive an input from a user associated with a user account. The input may relate to a request for access to the user account, and include a selection of emojis or images. The application platform may identify text strings associated with the emojis or images, where each text string may correspond to a respective emoji or image. The application platform may perform an action to generate a combined text string based on the text strings, and process the combined text string to derive an output value after performing the action. The application platform may determine whether the output value corresponds to a particular value after processing the combined text string, and authenticate the user to permit the user to access the user account based on determining whether the output value corresponds to the particular value.
    Type: Grant
    Filed: July 25, 2018
    Date of Patent: January 1, 2019
    Assignee: Capital One Services, LLC
    Inventors: Michael Mossoba, Abdelkadar M'Hamed Benkreira, Joshua Edwards
  • Patent number: 10172007
    Abstract: Methods and systems described in this disclosure receive a call from a device associated with a caller and determine whether the caller is eligible for biometric authentication via the device by sending, via a communications network, an eligibility determination request to an issuer of the device. In response to the caller being eligible for biometric authentication, a request to initiate a biometric authentication process on the device is sent to an issuer of the device, where biometric credentials are received by the device and an indication of whether the biometric credentials were verified is received from the issuer of the device.
    Type: Grant
    Filed: June 25, 2018
    Date of Patent: January 1, 2019
    Inventors: David Tuomikoski, Rochelle A. Tijerina
  • Patent number: 10162957
    Abstract: An authentication method includes sending out a first authentication request; receiving first authentication information of a first authentication item; determining whether the first authentication information is correct; determining whether a first weighting value is equal to or is larger than a threshold value; sending out a second authentication request when the first authentication information is correct and the first weighting value is smaller than the threshold value; receiving second authentication information of a second authentication item; determining whether the second authentication information is correct; determining whether a first sum value of the first weighting value and a second weighting value is equal to or is larger than the threshold value; and permitting a web system to be logged in when the second authentication information is correct and the first sum value is equal to or is larger than the threshold value.
    Type: Grant
    Filed: December 6, 2016
    Date of Patent: December 25, 2018
    Inventors: Chuan-Yen Fan, Chien-Ting Kuo
  • Patent number: 10164957
    Abstract: In one implementation, a processing system receives a request from a user to output a representation for a credential at a client device, the credential being associated with the user. In response to receiving the request from the user to output the representation for the credential, the processing system accesses data identifying one or more conditions associated with the credential. The processing system then determines that at least one of the one or more conditions associated with the credential is not satisfied. And then, in response to determining that the at least one of the one or more conditions associated with the credential is not satisfied, the processing system denies the request from the user to output the representation for the credential at the client device.
    Type: Grant
    Filed: April 10, 2013
    Date of Patent: December 25, 2018
    Assignee: MicroStrategy Incorporated
    Inventors: Michael J. Saylor, Hector Vazquez, Gang Chen
  • Patent number: 10158683
    Abstract: An information sharing system includes a group management server and at least one terminal. The group management server includes a mark generating circuit that generates a group ID for uniquely identifying a group. The terminal includes a mark analysis circuit that analyzes the imaged mark; and a second communication control circuit that controls the second communication circuit to communicate with the group management server and the file server, and sends a request for the user ID stored in the second storage circuit based on the analysis results to join the group indicated by the group ID. The shared folder management circuit of the group management server set an access right for the received user ID on the shared folder when receiving the request from the terminal.
    Type: Grant
    Filed: November 1, 2015
    Date of Patent: December 18, 2018
    Assignee: Kyocera Document Solutions Inc.
    Inventors: Akira Yuki, Takahiro Minami, Daisuke Yoshida, Satoshi Kawakami
  • Patent number: 10157275
    Abstract: An access management system is disclosed that can employ multi-factor authentication (MFA) using multiple types of authentication. In at least one embodiment, techniques may include implementing multi-factor authentication (MFA) including knowledge-based authentication (KBA). MFA may be based on multiple factors, such as “what you know” (e.g., a password or an answer to a question known by a user) and “what you have” (e.g., a trusted device registered for a user). In at least one embodiment, multiple devices (e.g., a desktop computer and a mobile device) may be utilized to provide for stronger authentication using a combination of what a user has. The combination of MFA based on what you know (e.g., KBA) and what you have (e.g., a trusted device) may further ensure authentication is not compromised. The techniques disclosed herein may provide for a stronger form of authentication to reduce, if not eliminate, possible vulnerabilities for access management.
    Type: Grant
    Filed: October 12, 2017
    Date of Patent: December 18, 2018
    Assignee: Oracle International Corporation
    Inventors: Satishkumar Venkatasamy, Rima Rana, Durga Harini Panda, Lakshmi Ramadoss
  • Patent number: 10154233
    Abstract: Technologies for scene reconstruction include a compute system to determine a context of at least one image of a scene captured by a camera of the compute system and generate metadata for the at least one image based on the determined context such that the metadata identifies the determined context of the compute system. The compute system further anonymizes the metadata to generate anonymized data that maintains privacy of the compute system and transmits the anonymized data to a cloud server for multi-dimensional reconstruction of the scene.
    Type: Grant
    Filed: December 26, 2015
    Date of Patent: December 11, 2018
    Assignee: Intel Corporation
    Inventors: Igor Tatourian, Rita Wouhaybi, Peter Brink, Peter Iskiyan
  • Patent number: 10148633
    Abstract: An information processing apparatus individually sets a login distance as a condition to be satisfied when a login request is transmitted for a plurality of devices. Further, the information processing apparatus determines whether a login distance condition, having been set, is satisfied based on receipt of a packet. The information processing apparatus transmits the login request to the transmission source device if it is determined that the login distance condition is satisfied.
    Type: Grant
    Filed: March 9, 2016
    Date of Patent: December 4, 2018
    Assignee: Canon Kabushiki Kaisha
    Inventor: Daisuke Suga
  • Patent number: 10148739
    Abstract: The present invention provides M2M data querying and invoking methods, querying and invoking devices, and a system. The querying method includes: sending a data invoking request to an infrastructure node common services entity infrastructure node CSE, where the data invoking request includes an identifier AE/CSE ID of an application entity/a common services entity that provides to-be-invoked data and a data demand of the to-be-invoked data, where the data demand includes a data type demand, a time demand, or a combination thereof; and receiving data meeting the data demand and returned by the infrastructure node CSE.
    Type: Grant
    Filed: April 28, 2016
    Date of Patent: December 4, 2018
    Inventors: Qi Yu, Yuan Tao, Na Li
  • Patent number: 10142341
    Abstract: There is provided a solution as to how the authentication and thus the authorization of the webRTC IMS Client can be achieved in the IMS of the mobile network operator. The WIC (20) is using an ID to register with IMS, which may be an IMPU, an IMPI, gGRUU etc. The WIC (20) may be preconfigured by the WWSF (30) with the eP-CSCF (40) address and authentication information, but if not, then this information should be retrieved via the WWSF (30) or from the IMS directly or via other device management procedures e.g. OMA DM. It is further assumed that the subscriber has already a valid webRTC account/membership and this can be validated, authenticated and authorized by the WWSF (30).
    Type: Grant
    Filed: December 18, 2014
    Date of Patent: November 27, 2018
    Assignee: NEC Corporation
    Inventors: Andreas Kunz, Xiaowei Zhang, Anand Raghawa Prasad
  • Patent number: 10129251
    Abstract: A machine-assisted method for verifying a video presence that includes: receiving, at a computing device of an identity provider, an authentication request initially sent from a requester to access an account managed by a relying party, different from the identity provider; retrieving, from the authentication request, at least a portion of a video stream feed initially from the requester, to the computing device, the portion of video stream feed portraying a face of the requester; extracting the face of the requester from the portion of the video stream feed; providing a directive to the requester soliciting a corresponding gesture; and receiving a response gesture from the requester.
    Type: Grant
    Filed: February 11, 2015
    Date of Patent: November 13, 2018
    Assignee: MorphoTrust USA, LLC
    Inventor: Thiagarajan Saravanan
  • Patent number: 10127375
    Abstract: Access to a shared library API is restricted for a customer application by a security system. A profile for each of a plurality of trusted applications is generated and stored in a security database. When a customer application attempts to access the shared library API, the customer application is verified by extracting a customer application profile for the customer application, comparing the customer application profile with each stored trusted application profile, and verifying that the customer application can access the shared library API based on the comparison. Based on the verification, the customer application may be allowed to or access to the shared library API or may be prevented from accessing the shared library API.
    Type: Grant
    Filed: March 4, 2016
    Date of Patent: November 13, 2018
    Assignee: Protegrity Corporation
    Inventors: Yigal Rozenberg, Pierre Burlin, Jan Boberg
  • Patent number: 10116663
    Abstract: Techniques to provide secure access to a cloud-based service are disclosed. In various embodiments, a request is received from a client app on a device to connect to a security proxy associated with the cloud-based service. A secure tunnel connection between the device and a node with which the security proxy is associated is used to establish the requested connection to the security proxy. Information associated with the secure tunnel is used to determine that the requesting client app is authorized to access the cloud-based service from the device and to obtain from an identity provider associated with the cloud-based service a security token to be used by the client app to authenticate to the cloud-based service.
    Type: Grant
    Filed: April 25, 2018
    Date of Patent: October 30, 2018
    Assignee: MOBILE IRON, INC.
    Inventors: Kumara Das Karunakaran, Vijay Pawar, Jian Liu
  • Patent number: 10116662
    Abstract: On-demand activation of a security policy may be provided. Upon receiving a selection of a link, a profile identified by a security policy associated with the link may be activated and the link may be opened according to the security policy. In some embodiments, opening the link according to the security policy may comprise redirecting the opening of the link from a first application to a second application.
    Type: Grant
    Filed: September 25, 2017
    Date of Patent: October 30, 2018
    Assignee: AirWatch LLC
    Inventors: Erich Stuntebeck, Jonathan Blake Brannon
  • Patent number: 10110605
    Abstract: A system includes a network interface, at least one processing device, and at least one memory device. The at least one memory device stores instructions that when executed result in initiating creation of a single-use targeted link that provides access to a restricted access data entry system and serves the single-use targeted link through the network interface to a computer system of a targeted user with a time validity constraint. An access request received at the restricted access data entry system through the single-use targeted link is verified as being received within the time validity constraint. A network traffic throttling control reduces network traffic volume received through the single-use targeted link based on determining that the network traffic volume exceeds a traffic volume threshold. An identity control at the restricted access data entry system is applied to confirm entry of at least one identifying characteristic that matches the targeted user.
    Type: Grant
    Filed: August 31, 2017
    Date of Patent: October 23, 2018
    Assignee: The Travelers Indemnity Company
    Inventors: James J. Gauthier, Jr., Mathew S. Bryant, Richard J. Heffernan, Leonard A. Mariani, Jonathan B. Musoke, Jeffrey F. Carlson, David Klatte
  • Patent number: 10110383
    Abstract: The techniques presented herein provide managing embedded and external key management systems in a data storage system. An embedded encryption key management system is selected. A first unique signature is generated using a time parameter and a randomly generated value. A backup copy of the lockbox is created, wherein access to the backup copy of the lockbox requires providing a minimum number of unique data storage system values. The encryption key management system is switched to external. A second unique signature is generated for use with the local lockbox, wherein the signature generated using a time parameter and a randomly generated value. The encryption key management system is switched back to embedded and a third unique signature is generated for use with the local lockbox, wherein the signature is generated using a time parameter and a randomly generated value.
    Type: Grant
    Filed: June 30, 2016
    Date of Patent: October 23, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Ashok Tamilarasan, Naizhong Chiu (Qiu), Mahadevan Vasudevan
  • Patent number: 10104549
    Abstract: A system and method for provisioning multiple devices including a commissioning device, one or more endpoints, and a server. The system and method includes the following. The commissioning device accepts user-input network credentials of a wireless network from a user. The commissioning device searches for one or more endpoints unconnected to the wireless network. The commissioning device then verifies the ownership of the one or more endpoints. In response to a positive verification, the commissioning device securely the network credentials to the one or more endpoints. After receiving the network credentials, the one or more endpoints verify the integrity and authenticity of the communication from the commissioning device. After the one or more endpoints verifies the communication, the one or more endpoints access the wireless network based on the securely transferred wireless credentials.
    Type: Grant
    Filed: September 30, 2016
    Date of Patent: October 16, 2018
    Assignee: Mitsubishi Electric Corporation
    Inventors: Lebbeous Fogle-Weekley, Matthew Smithson
  • Patent number: 10101738
    Abstract: Disclosed are systems and methods for secure control of automotive systems using mobile devices. An exemplary method comprises: connecting a vehicle, as a peripheral device, to a mobile device, which acts as a master device, via a security device of the vehicle, wherein the security device provides secure transmission of data and commands between the vehicle and the mobile device; receiving, by the mobile device, via the security device, from one or more measurement devices of the vehicle, measurement data from one or more automotive systems of the vehicle; based on the received measurement data, forming by the mobile device control commands for actuating devices of the vehicle, wherein the control commands enable and/or regulate operation of the actuating devices of the vehicle; and transmitting, by the mobile device, via the security device, the control commands to the actuating devices of the vehicle.
    Type: Grant
    Filed: August 7, 2017
    Date of Patent: October 16, 2018
    Assignee: AO KASPERSKY LAB
    Inventors: Eugene V. Kaspersky, Andrey P. Doukhvalov, Pavel V. Dyakin, Dmitry A. Kulagin, Sergey V. Konoplev, Anton V. Tikhomirov
  • Patent number: 10097581
    Abstract: The disclosure relates to provisioning honeypot computing services using a simulation state database to simulate a set of computing resources. One example includes a system that receives a mutating request associated with honeypot credentials, updates a simulation state database associated with the honeypot credentials at least based on the mutating request and generates a simulated mutating response based at least on the simulation state database that simulates a response to the mutating request. The system can also receive a query request associated with the honeypot credentials, query the simulation state database at least based on the query request, and generate a simulated query response based at least on the simulation state database that simulates a response to the query request.
    Type: Grant
    Filed: December 28, 2015
    Date of Patent: October 9, 2018
    Assignee: Amazon Technologies, Inc.
    Inventor: Nicholas Alexander Allen
  • Patent number: 10096006
    Abstract: Systems and methods are disclosed for conducting transactions and financial transfers utilizing a mobile device communicatively coupled with a mobile communications network and executing a mobile point-of-sale application. According to some embodiments, the mobile point-of-sale application is adapted to conduct money transfer transactions by communicating transaction information through the mobile communications network to a money transfer provider system that processes the money transfer and communicates receipt information to the mobile point-of-sale application. Additionally, according to some embodiments, an account associated with an agent of the money transfer provider can be used in money transfer transactions conducted by the mobile point-of-sale application.
    Type: Grant
    Filed: November 3, 2014
    Date of Patent: October 9, 2018
    Assignee: The Western Union Company
    Inventors: Rebecca Loevenguth, Sanjay Challani
  • Patent number: 10091179
    Abstract: Described herein is a framework to authenticate users. In accordance with one aspect of the framework, an authentication library is provided to implement an authentication process. The authentication library comprises computer-readable program code to create a request for an access token, send the request to the authorization server, deconstruct a response from the authorization server to extract the access token, and return the access token for use in accessing one or more resources.
    Type: Grant
    Filed: May 8, 2016
    Date of Patent: October 2, 2018
    Assignee: SAP SE
    Inventor: Leigh Robert Mason
  • Patent number: 10091204
    Abstract: Techniques are provided for controlling user access to a protected resource based on an outcome of a one-time passcode authentication token and one or more predefined access policies. An exemplary method comprises the steps of: providing an authentication passcode generated by a token associated with a user to at least one authentication processing device, wherein the user is attempting to access a protected resource; receiving an authentication outcome from the at least one authentication processing device, the authentication outcome comprising an acceptance outcome of the received authentication passcode and at least one of an acceptance outcome with respect to one or more different signals, such as a silent alarm and an acceptance outcome with respect to a drifting key; and providing access of the user to the protected resource based on the authentication outcome and a predefined access policy. Predefined access policies that are specific to silent alarm alerts and drifting key alerts are also provided.
    Type: Grant
    Filed: April 30, 2014
    Date of Patent: October 2, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Nikolaos Triandopoulos, John Brainard
  • Patent number: 10084807
    Abstract: A method and proxy device for detecting bypass vulnerabilities in a cloud-computing platform are provided. The method includes identifying an access attempt by a client device to a cloud-based application hosted in the cloud-computing platform; identifying login information corresponding to the identified access attempt; requesting authenticated login information from a central authentication system; correlating the login information corresponding to the access attempt with the authenticated login information; determining, based on the correlation, whether a bypass vulnerability exists; and generating a bypass event when it is determined that the bypass vulnerability has been exploited wherein the bypass event indicates that the access attempt to the cloud-based application has not been properly authenticated.
    Type: Grant
    Filed: February 26, 2016
    Date of Patent: September 25, 2018
    Inventors: Yonatan Most, Yinon Costica