Global (e.g., Single Sign On (sso), Etc.) Patents (Class 726/8)
  • Patent number: 11930003
    Abstract: Disclosed are various approaches for workflow service back end integration. In some examples, a workflow service identifies a workflow action and a user account that is responsible for the workflow action. A command to present the workflow action for user authorization is transmitted to a client device associated with the user account. The workflow service transmits a command to perform the workflow action based on an identification of the user authorization.
    Type: Grant
    Filed: January 21, 2022
    Date of Patent: March 12, 2024
    Assignee: VMware, Inc.
    Inventors: Daniel E. Zeck, David Shaw, Robert Worsnop, John Ryan Bard
  • Patent number: 11929937
    Abstract: Disclosed are various embodiments for controlling a distribution of resources on a network. In one example, among others, a system is configured to receive the plurality of resources and a plurality of rules. The system is also configured to determine an authorized location and an authorized area based on the plurality of rules. The authorized location and the authorized area are determined to have different access rights to the plurality of resources. The system is further configured to determine a location of the computing device and grant access to a resource based on the location of the computing device with respect to the authorization location or the authorized area.
    Type: Grant
    Filed: September 15, 2022
    Date of Patent: March 12, 2024
    Assignee: AirWatch LLC
    Inventors: John Marshall, Erich Stuntebeck, Gopinath Jayaprakash, John Joseph Manton, Jonathon Blake Brannon
  • Patent number: 11924211
    Abstract: The invention relates to a device and a method for authenticating a user utilizing an internet access client (10) for accessing remote resources of a computer infrastructure, said access comprising a first authentication (130) of the internet access client (10) and a second authentication (140) of the user of the internet access client (10). The method includes sending (132), to a token security module (21), by the internet access client (10), a client certificate (220), said client certificate (220) being associated with items of identification information of the internet access client (10); and receiving (133), by the internet access client (10), an authentication token (210) generated by the token security module when the client certificate (220) sent has been verified by the token security module.
    Type: Grant
    Filed: June 2, 2021
    Date of Patent: March 5, 2024
    Assignee: BULL SAS
    Inventor: Christophe Guionneau
  • Patent number: 11908263
    Abstract: A method for authorizing a user to drive a vehicle is provided. A verification code is generated based on eID card information of the user, and is provided to the user and the vehicle. The vehicle includes a biometric device to ensure that the one who enters the vehicle and inputs the verification code is the user. After the code inputted by the user is successfully verified to be identical to the verification code, the vehicle permits driving operation.
    Type: Grant
    Filed: August 30, 2022
    Date of Patent: February 20, 2024
    Assignee: MK GROUP JSC
    Inventor: Khang Trong Nguyen
  • Patent number: 11893096
    Abstract: Systems and methods are described herein for computer user authentication using machine learning. Authentication for a user is initiated based on an identification confidence score of the user. The identification confidence score is based on one or more characteristics of the user. Using a machine learning model for the user, user activity of the user is monitored for anomalous activity to generate first data. Based on the monitoring, differences between the first data and historical utilization data for the user determine whether the user's utilization of the one or more resources is anomalous. When the user's utilization of the one or more resource is anomalous, the user's access to the one or more resource is removed.
    Type: Grant
    Filed: December 2, 2021
    Date of Patent: February 6, 2024
    Assignee: Cylance Inc.
    Inventors: Garret Florian Grajek, Jeffrey Lo, Michael Thomas Wojnowicz, Dinh Huu Nguyen, Michael Alan Slawinski
  • Patent number: 11895111
    Abstract: A method and apparatus of a device that authorizes a device for a service is described. In an exemplary embodiment, the device intercepts a request for a web page from a web browser executing on the device, wherein the request includes an indication associated with an authorization request for the service and the web page provides the service. In addition, the device presents an authorization user interface on the device. The device further performs a local authorization using a set of user credentials entered via the authorization user interface. The device additionally performs a server authorization with a server. Furthermore, the device redirects the web browser to the requested web page, wherein the web browser is authorized for the service provided by the web page.
    Type: Grant
    Filed: January 11, 2023
    Date of Patent: February 6, 2024
    Assignee: APPLE INC.
    Inventors: Dmitry V. Belov, Brent A. Fulgham, Sudhakar N. Mambakkam, Richard J. Mondello, Kalyan C. Gopavarapu, Edgar Tonatiuh Barragan Corte, Libor Sykora
  • Patent number: 11893102
    Abstract: Systems and methods for user authentication are disclosed. An example method includes receiving a request for access to a first secured service, the request corresponding to a first user, determining whether or not the request for access is valid, in response to determining that the request for access is valid, determining whether or not the first user has successfully performed a secondary authentication within a predetermined time period of the request for access, and in response to determining that the first user has successfully performed the secondary authentication within the predetermined time period of the valid request for access, providing the first user with access to the secured service.
    Type: Grant
    Filed: April 21, 2023
    Date of Patent: February 6, 2024
    Assignee: Intuit Inc.
    Inventors: Bernard Samuel Diwakar, Gaurav Varma, Mark Joseph Hughes
  • Patent number: 11888837
    Abstract: Techniques are described for client registration for authorizing an aggregator service to access data on behalf of an application, through self-registration of an application client identifier and issuance of authorization token(s) based on the application client identifier. Implementations provide a technique for dynamic client registration that avoids the need for manual vetting and manual generation of the client credential grant. Additionally, the implementations described herein enforce domain values around the scope and/or purpose of the client grant. This allows for support of application providers through a single point of registration that supports multi-layer and channel. This also allows for support of a scalable authorization solution for any suitable number of clients. The dynamic client registration process adds an additional layer of security through the OAuth client grant and mutual authentication.
    Type: Grant
    Filed: June 24, 2021
    Date of Patent: January 30, 2024
    Assignee: United Services Automobile Association (USAA)
    Inventors: Alejandro Vera, Miguel Solís, Jr., Hieu Nguyen, Jason Paul Hendry, Nathan Mahoney, Debra Randall Casillas
  • Patent number: 11889027
    Abstract: An embodiment of the system for publishing events of a telephony application to a client includes a call router that generates events from the telephony application and an event router that manages the publication of events generated by the call router and that manages the subscription to events by clients. The system can be used with a telephony application that interfaces with a telephony device and an application server.
    Type: Grant
    Filed: March 22, 2023
    Date of Patent: January 30, 2024
    Assignee: Twilio Inc.
    Inventors: Jeffrey Gordon Lawson, John Robert Wolthuis, Evan Mansfield Cooke
  • Patent number: 11882120
    Abstract: Examples include service authentication for a principal. A request to access a first service of a plurality of services of a network may be received from a principal by an identity intermediary. An identifier of the first service may be stored at the identity intermediary, and an unsigned credential of the principal and a principal identifier may be transferred from the identity intermediary to a credential provider. The principal identifier and the credential signed by the credential provider may be received, and the signed credential may be transmitted to the first service for authentication.
    Type: Grant
    Filed: July 30, 2019
    Date of Patent: January 23, 2024
    Assignee: Hewlett Packard Enterprise Development LP
    Inventor: Thomas Kelley
  • Patent number: 11876796
    Abstract: Systems, methods, and storage media for abstraction and enforcement of protected resources in an identity infrastructure are disclosed. Exemplary implementations may: identify one or more protected resources for one or more identity domains of an identity infrastructure; receive, at the identity infrastructure, a dataflow pertaining to first identity data for a first identity domain; request the first identity session based at least in part on the first identity data; receive a request to access a first protected resource of the one or more protected resources; accept the first identity session by the first protected resource; and provide the first user access to the first protected resource.
    Type: Grant
    Filed: May 24, 2021
    Date of Patent: January 16, 2024
    Assignee: Strata Identity, Inc.
    Inventors: Eric Olden, Christopher Marie, Carl Eric Leach
  • Patent number: 11876793
    Abstract: Simultaneous distributed application support of multiple identity management systems is provided through the use of virtual web server instances, which enable one identity management system, on physical servers already running a pre-existing web server instance, which enables a different identity management system. Further, an intelligent rules-based determination is implemented to determine whether to route an access request to either the virtual or pre-existing web server instance. Since the virtual web server instances are generated on the same physical server that executes the pre-existing web service instance, the the existing network flow (i.e., a single URL) and physical infrastructure is leveraged to create a simplified approach to managing the simultaneous use of multiple identity management systems across different distributed applications.
    Type: Grant
    Filed: August 12, 2021
    Date of Patent: January 16, 2024
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: David Smiddy, Himanshu Goyal, Raghu Nadimpalli, Sanath K. Pasumarthy, Zeal J. Shah
  • Patent number: 11861030
    Abstract: Various embodiments include a secure access system that provides secure group-based access to sets of digital assets. The system may allow a user to upload digital assets to the system for secure access by other users, and may allow a user to remove digital assets from the system as well. The assets may be associated with a family, and may be stored as a “family album”. The system may issue a secure credential to family members for accessing the family album. A family member may invite another family or individual to view the family album. On acceptance of the invitation, the system may automatically forward the secure credential to the invited family or individual. The invited family or individual may use the secure credential to access the family album with no further action required by the invited family or individual.
    Type: Grant
    Filed: August 17, 2023
    Date of Patent: January 2, 2024
    Assignee: DatChat, Inc.
    Inventor: Darin Myman
  • Patent number: 11863553
    Abstract: Provided are embodiments of systems, devices and methods for multi-factor identity verification, which may include utilization of automated picture ID to Selfie matching, cross-reference address information, biometrics and geo-location information and unique smartphone device identifiers, especially in the context of healthcare industry.
    Type: Grant
    Filed: September 28, 2020
    Date of Patent: January 2, 2024
    Assignee: MyHealthID, Inc.
    Inventors: Jay Nitturkar, Erika Eördögh
  • Patent number: 11861386
    Abstract: Systems and methods are described for providing an application-level gateway to an on-demand network code execution system. An on-demand network code execution system may allow users to submit code to be executed in a serverless environment, and may provide an interface for executing the user-submitted code on demand. The interface may require that users authenticate, provide input in a particular format, or meet other criteria when sending a request to execute the code. An application-level gateway may thus provide an interface that implements these functions, thereby allowing computing devices to interact with the code as though it were running on a server (e.g., by using HTTP). The application-level gateway may also use on-demand code execution to provide load balancing for servers that are running the user-submitted code, and seamlessly provide access to code that runs on both server-based and serverless environments.
    Type: Grant
    Filed: March 22, 2019
    Date of Patent: January 2, 2024
    Assignee: Amazon Technologies, Inc.
    Inventors: Lodaya Varun Mukesh, Sridhar Srinivasan, Hamza Arain
  • Patent number: 11855842
    Abstract: In embodiments, a computer system of a primary entity receives from a secondary entity a first communication about a relationship instance between the primary entity and the secondary entity, and transmits to an Online Service Provider (OSP) a second communication with a dataset. The dataset has dataset parameters about the relationship instance. The second communication causes the OSP to select a file template per the dataset, to produce a resource for the dataset, and to prepare a digital exhibit that is arranged to report the resource as answering the identified requirement. The OSP then transmits to the computer system a third communication that includes an access indicator adapted to facilitate viewing the digital exhibit. Upon receiving the third communication, the computer system transmits a fourth communication to the device of the secondary entity, the fourth communication including the access indicator.
    Type: Grant
    Filed: February 22, 2023
    Date of Patent: December 26, 2023
    Assignee: Avalara, Inc.
    Inventors: Jayme Fishman, Andrew Brandon Chan, Gregory T. Kavounas
  • Patent number: 11843611
    Abstract: The present disclosure relates generally to access control, and more particularly, to techniques (e.g., systems, methods, computer program products storing code or instructions executable by one or more processors) for providing for inline enrollment in multi-level and multi-factor authentication of a user allowing login on a restricted website, or on an enterprise network with single sign-on, or on various other service systems with security restrictions.
    Type: Grant
    Filed: January 26, 2021
    Date of Patent: December 12, 2023
    Assignee: Oracle International Corporation
    Inventors: Nagaraj Pattar, Pruthvithej Ramesh Kumar
  • Patent number: 11824945
    Abstract: Examples described herein may include a playback device receiving, from a control device, a validation-key that includes an application identifier corresponding to a controller application. The playback device may create a session identifier and transmit the session identifier to the control device. The playback device may receive, from the control device, a playback request comprising the session identifier and a playback command. The playback device may determine that the session identifier is valid and then execute the playback command. A computing system may receive identification information related to a controller application and generate the validation-key based on the controller application meeting at least one quality-control metric. The controller application may receive the validation-key from the computing system.
    Type: Grant
    Filed: October 20, 2022
    Date of Patent: November 21, 2023
    Assignee: Sonos, Inc.
    Inventor: Andrew Schulert
  • Patent number: 11818159
    Abstract: Techniques are provided for assessing and determining risks that are posed by various users to a website. The determined risk for each user can be used to modify the user experience of the website in a manner that is commensurate with the risk (or non-risk) posed by the user. Assessment of risks posed a website guest can be performed by collecting guest-related data from a plurality of different service engines, aggregating contextual information from the guest-related data, and calculating a risk score based on the contextual information. The risk score can represent the internal reputation of the guest using the guest device. The risk score can be transmitted to a remote computing device and used to modify content of the website according to the risk score. Further, a recommended action can be determined based on the risk score, which can be taken by a backend service for the website guest.
    Type: Grant
    Filed: December 10, 2020
    Date of Patent: November 14, 2023
    Assignee: Target Brands, Inc.
    Inventors: Troy T. Miller, Erik Thoreson, Matt Clark, Nidhi Agarwal, Rachit Singhal, Suhas Chakravarthi, Vinod Joseph, Abhayjeet Singh, Timothy James Hruska, Evan Gaustad
  • Patent number: 11818112
    Abstract: Disclosed are various examples for enrolling a client device and synchronizing user attributes for the client device across multiple directory services. A search request for user attributes can be sent to a first directory service with an identifier for a user account. The first directory service can query for the identifier and send back user attributes. If a global identifier is included in the attributes, another search request for user attributes can be sent to a second directory service with the global identifier. The second directory service can query for the global identifier and send back user attributes.
    Type: Grant
    Filed: April 4, 2022
    Date of Patent: November 14, 2023
    Assignee: AirWatch, LLC
    Inventors: Kalyan Regula, Shravan Shantharam, Nishita Manjunath, Varun Murthy, Jason Roszak
  • Patent number: 11818183
    Abstract: A system and method of communicating between computing devices including pairing a first computing device with a second computing device. The first computing device and the computing second device are configured to communicate with an application workspace system. The first computing device provides token and application information to a second computing device. The second computing device is authenticated with the application workspace system using the token and launches an application corresponding to the application information.
    Type: Grant
    Filed: July 5, 2021
    Date of Patent: November 14, 2023
    Assignee: VMware, Inc.
    Inventors: Ramani Panchapakesan, Pradeep B H Pai, Usha Kamath, Ben Joseph, Sharun Samuel
  • Patent number: 11812075
    Abstract: Methods and systems for enhancing service compatibility are described. A request for content can be received from a client (e.g., user device). A first resource locator for at least a portion of the content can be encoded with service information. A second resource locator indicating a redirect device can comprise the encoded first resource locator and the service information. The client can request at least the portion of the content from a redirect device using the second resource locator. The redirect device can process the request by decoding the first resource locator and service information and sending the service information to a service. The redirect device can send the first resource locator to the client. The client can request at least the portion of the content from a content device using the first resource locator.
    Type: Grant
    Filed: March 22, 2021
    Date of Patent: November 7, 2023
    Assignee: Comcast Cable Communications Management, LLC
    Inventors: Alan Ramaley, Brian Burkhart, George Lester
  • Patent number: 11811994
    Abstract: An information processing system that manages an application executed by an image processing apparatus with an application identifier includes one or more controllers configured to provide combined information of a reproduction application that reproduces a description file for defining operation procedures and a first description file as a first combined application, provide combined information of the reproduction application and a second description file as a second combined application, manage a first description identifier corresponding to the first description file and a second description identifier corresponding to the second description file, and manage the first combined application and the second combined application in a distinguishable manner based on the first description identifier and the second description identifier.
    Type: Grant
    Filed: June 29, 2022
    Date of Patent: November 7, 2023
    Assignee: CANON KABUSHIKI KAISHA
    Inventors: Sora Kumagai, Takeshi Kogure, Atsushi Ikeda, Hiroaki Koike
  • Patent number: 11803826
    Abstract: A financial institution and a payment initiator may exchange public keys to enable the secure exchange of data. A business wishing to collect payment can provide its account information to the payment initiator. A customer wishing to pay can instruct the payment initiator to encrypt the business's account information along with details for a particular invoice and transmit the information to the financial institution. The financial institution can decrypt the information and initiate a transfer of money from the customer to the business. The financial institution may present the information about the transaction to the customer for modification or confirmation before initiating the transfer. The information may be sent from the payment initiator to the financial institution via the customer. After the payment has been initiated by the financial institution, a confirmation may be sent to the customer, the payment initiator, the business, or any suitable combination thereof.
    Type: Grant
    Filed: May 24, 2022
    Date of Patent: October 31, 2023
    Assignee: Xero Limited
    Inventors: Rodney Kenneth Drury, Matthew John Vickers
  • Patent number: 11797972
    Abstract: In some examples, a system may receive a notification of a transaction using a first device, wherein the notification includes an identifier that identifies at least one of: a user, or a second device associated with the user. The system may send, to the second device, based on the identifier included in the notification, a communication to cause the second device to present a user interface that displays information about the transaction. Further, the system may receive, from the second device, prior to completion of processing the transaction, an indication of a user input received via the user interface indicating a confirmation of the information about the transaction. Based at least on receiving the confirmation from the second device, the system may submit, to a payment processor, information related to the transaction to enable the payment processor to determine whether to approve the transaction.
    Type: Grant
    Filed: December 22, 2020
    Date of Patent: October 24, 2023
    Assignee: BLOCK, INC.
    Inventors: Timothy Ben Morgan, Vanessa Erica Slavich, Brielle Alyse Rajkovich, Mathew Wilson
  • Patent number: 11797621
    Abstract: Additional user data in resource transfer event messaging is leveraged for generating customized and refined web browsing experiences. Resource transfer messages are configured to include, not only the user data required to affect the resource transfer, but other user data related to the resource transfer event, such as user preference data. The resource transfer event messages are communicated to a resource storage entity, which stores the other user data in resource transfer event repository. In response to a user authenticating with the resource storage entity and accessing a distributed communication network, such as the Internet or the like, the user records are accessed and the additional user data is used to customize the websites that the user navigates.
    Type: Grant
    Filed: March 29, 2021
    Date of Patent: October 24, 2023
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Robertson Walters Greenbacker, Tony England
  • Patent number: 11800356
    Abstract: The present disclosure relates a communication method and system for converging a 5th-Generation (5G) communication system for supporting higher data rates beyond a 4th-Generation (4G) system with a technology for Internet of Things (IoT). The present disclosure may be applied to intelligent services based on the 5G communication technology and the IoT-related technology, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services.
    Type: Grant
    Filed: February 25, 2021
    Date of Patent: October 24, 2023
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Kangjin Yoon, Jonghoe Koo, Duckey Lee, Hyewon Lee, Taehyung Lim
  • Patent number: 11799974
    Abstract: Examples of the present disclosure describe systems and methods for user profile aggregation and inference generation. In an example, user profiles for a plurality of services may be stored by a unified profile service. An inferred user profile may be generated for a user, which may be used to provide inferred user information for inclusion in a new user profile. Accordingly, the user may not need to reenter information that may already be stored by the unified profile service. The inferred user profile may be generated based on one or more confidence levels in order to determine which user information is most likely to be accurate. In some examples, a user may update aspects of an inferred user profile and may indicate that the update should be incorporated into other user profiles stored by the unified profile service.
    Type: Grant
    Filed: August 31, 2017
    Date of Patent: October 24, 2023
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Bernt Lervik, Christopher Mitchell, Harald Liavaag, Kevin Bellinger
  • Patent number: 11792021
    Abstract: Identity access and management (“IAM”) systems with resiliency features and methods related to the same are provided. Two or more identity provider (“IDP”) systems each have a matching copy of user authentication data for users authorized to access the system of an organization. An identity proxy is interposed between user systems and each of the two or more IDP system. The identity proxy routes authentication requests, challenges, and responses between the user systems and the IDP systems based on availability.
    Type: Grant
    Filed: June 11, 2021
    Date of Patent: October 17, 2023
    Assignee: Humana Inc.
    Inventors: Hari Tadepalli, Parthasarathi Chakraborty
  • Patent number: 11784804
    Abstract: A method for data security implemented as an application on a device includes generating a request for one or more secret shares needed to reconstruct a key. The device stores a first secret share in its memory. The method also includes signing the request with a certificate that identifies the request as valid without identifying the device, and sending the request, signed with the certificate, to at least one other device. The method further includes receiving, from the at least one other device, the one or more secret shares, determining whether the one or more secret shares received from the at least one other device is sufficient to reconstruct the key, and reconstructing the key using the first secret share and the one or more secret shares upon determining that the one or more secret shares are sufficient to reconstruct the key.
    Type: Grant
    Filed: September 17, 2021
    Date of Patent: October 10, 2023
    Assignee: Nagravision Sàrl
    Inventor: Tommaso Gagliardoni
  • Patent number: 11783022
    Abstract: A method and apparatus of a device that converts an account associated with an application to use a single sign-on service is described. In an exemplary embodiment, the device receives an indication of a weak password associated with the account. The device further sends a request to verify an account credential for a user associated with the device. In addition, the device receives the verification of the account credential. The device additionally requests a single sign-on credential for the account and receives the single sign-on credential. Furthermore, the device sends a message to a server associated with a service for the application that the application is registered for the single sign-on service.
    Type: Grant
    Filed: May 26, 2021
    Date of Patent: October 10, 2023
    Assignee: APPLE INC.
    Inventors: Richard J. Mondello, Jay S. Mulani, Jonathan Birdsall, Dmitry V. Belov, Reza Abbasian, David P. Quesada, Patrick L. Coffman
  • Patent number: 11775289
    Abstract: Source code routines are generated for storage management in a storage code development management tool. A script that includes the source code routines is generated. The storage code development management tool receives indications based on an execution of an object code generated via execution of the script. The storage code development management tool modifies the source code routines based on the received indications.
    Type: Grant
    Filed: July 12, 2021
    Date of Patent: October 3, 2023
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Trinh Nguyen, Tan Q. Nguyen
  • Patent number: 11777796
    Abstract: Techniques discussed herein relate to implementing a distributed computing cluster (the “cluster”) including a plurality of edge devices (e.g., devices individually configured to selectively execute within an isolated computing environment). One edge device may be configured to operate as a head node of the cluster at a given time. A request for virtual resources of the cluster may be received from a user device and directed to the first edge device of the cluster. The first edge device may determine it is not operating as a head node of the cluster. The first edge device may determine that a second edge device of the cluster is operating as the head node. In response, the first edge device may forward the request to the second edge device, wherein forwarding the request to the second edge device causes the second request to be processed by the cluster.
    Type: Grant
    Filed: December 29, 2021
    Date of Patent: October 3, 2023
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventor: Maxim Baturin
  • Patent number: 11775933
    Abstract: Improved systems and methods of facilitating placement of candidates between employers and recruiters are provided. In various implementations, such systems and methods provide an integrated interface within the ATS platform for employers and integrated interface within the talent platforms for recruiters. In another implementation, a talent platform exchange is provided that permits disparate talent platforms to communicate and thus more effectively manage the hiring process from within the platform. To this end, interfaces and other components may be provided which facilitate communication between talent platforms and a talent platform exchange. Such communication capability would enable a direct hire marketplace where employers engage recruiters to fill positions through their presently implemented ATSs.
    Type: Grant
    Filed: October 5, 2012
    Date of Patent: October 3, 2023
    Assignee: Scout Exchange LLC
    Inventors: John H. Chuang, David Daganhardt
  • Patent number: 11775993
    Abstract: Embodiments of the present disclosure relate to customizing an electronic survey using social networking information. One or more embodiments of a survey system receive social networking information associated with a respondent from a third-party social networking system in connection with a request to provide a survey to a client device of the respondent. One or more embodiments of the survey system use the social networking information to determine a plurality of survey questions for the electronic survey. Additionally, one or more embodiments of the survey generate a customized electronic survey to include the plurality of survey questions and then provide the customized survey to the respondent's client device.
    Type: Grant
    Filed: February 7, 2022
    Date of Patent: October 3, 2023
    Assignee: Qualtrics, LLC
    Inventor: Milind Kopikare
  • Patent number: 11778047
    Abstract: The systems and methods described herein can enable the indirect transmission of session data between different domains. The system can pass the session data through a hashing function so that the data from a given domain remains private and secure to the specific domain. The system can generate clusters of associated domains for a given client device that the system can use to maintain a session between the client device and the domain.
    Type: Grant
    Filed: November 2, 2022
    Date of Patent: October 3, 2023
    Assignee: Google LLC
    Inventors: Gang Wang, Sagnik Nandy
  • Patent number: 11762974
    Abstract: A single sign-on system using blockchain is disclosed. The single sign-on system may interconnect various organization systems over a peer-to-peer network, with each organization system having a blockchain node and an application programming interface (API). The blockchain node invokes and uses a smart contract to write registration credentials to the blockchain during a registration process. During a login process, the blockchain node invokes the smart contract to determine whether login credentials match stored login credentials in the blockchain. In response to matching login credentials, the API may generate a single sign-on token that can be used by a user device to access one or more organization systems connected over the network.
    Type: Grant
    Filed: August 4, 2022
    Date of Patent: September 19, 2023
    Assignee: AMERICAN EXPRESS TRAVEL RELATED SERVICES COMPANY, INC.
    Inventors: Balaji Balaraman, Andras L. Ferenczi, Dallas L. Gale, Nilesh Yashavant Jadhav, Harish R. Naik
  • Patent number: 11762596
    Abstract: A computer system having a host in communication with a data storage device is coupled to the host via a peripheral bus and a host interface. The data storage device has a controller, non-volatile storage media; and firmware containing instructions configures the operations of the controller. The host transmits a sequence of commands to the storage device to read data items from, or write data items to, the non-volatile storage media. The storage device examines a subset of the commands to determine whether or not data items identified in the subset are addressed sequentially and optimizes processing of at least a portion of the sequence of commands based on a result of a determination of whether or not data items identified in the subset are addressed sequentially.
    Type: Grant
    Filed: April 19, 2022
    Date of Patent: September 19, 2023
    Assignee: Micron Technology, Inc.
    Inventor: Alex Frolikov
  • Patent number: 11755708
    Abstract: Methods and systems are described herein for improvements to authenticate users, particularly authenticating a user based on data known to the user. For example, methods and systems allow for users to be securely authenticated based on data known to the users over remote communication networks without storing the data known to the users. Specifically, methods and systems authenticate users by requiring users to select images that are known to the users. For example, the methods and systems may generate synthetic images based on the user's own images and require the user to select the synthetic image, from a set of a set of images, that is known to the user to authenticate the user. Moreover, the methods and systems alleviate storage and privacy concerns by not storing the data known to the users.
    Type: Grant
    Filed: September 28, 2021
    Date of Patent: September 12, 2023
    Assignee: Capital One Services, LLC
    Inventors: Austin Walters, Jeremy Goodsitt, Galen Rafferty, Anh Truong, Grant Eden
  • Patent number: 11750595
    Abstract: Systems for credential evaluation and control are provided. In some examples, a request to access data via a website may be received. The request may include a username. A browser extension embedded in the web browser used to request the data via the website may be triggered and one or more credential evaluation functions may be executed. An event record associated with the request to access data may be generated. The event record may be analyzed to determine a designation associated with the website and a designation associated with user credentials provided with the request to access the data. The designation of the website and the designation of the credentials may be compared to determine whether the designations match. If so, access to the requested data may be provided. If not, one or more mitigating actions may be identified and executed.
    Type: Grant
    Filed: February 9, 2021
    Date of Patent: September 5, 2023
    Assignee: Bank of America Corporation
    Inventors: Stuart David Ford, Ricardo Varanda, Andrew Paul Montgomery, Sanjay Bhanu
  • Patent number: 11751052
    Abstract: Disclosed in the present invention are a credential information processing method and apparatus for network connection, and an application (APP). The method comprises: in response to an instruction for applying for a network credential for a second terminal, a first terminal sends a first credential downloading request to a server; the first terminal receives first credential information sent by the server; and the second terminal receives the first credential information sent directly by the first terminal from a system memory of the first terminal and a network identifier of a wireless network to be connected, the second terminal stores the first credential information directly into a secure storage region of the second terminal from a system memory of the second terminal, and the second terminal connects a wireless network corresponding to the network identifier by using the first credential information in the secure storage region.
    Type: Grant
    Filed: February 27, 2018
    Date of Patent: September 5, 2023
    Assignee: CHINA IWNCOMM CO., LTD.
    Inventors: Yucun Tian, Wei Zhang, Weigang Tong, Xiang Yan
  • Patent number: 11750587
    Abstract: A user may access an institution system via more than one communications channel, either by the same device (e.g., a mobile device accessing the institution system via a voice channel and a data channel) or by different devices (e.g., a personal computer via a web channel and a phone via a voice channel). If a user is not currently authenticated to a communications channel and attempts to access the institution system via a communications channel, the user may be authenticated using strong authentication. If the user is currently authenticated to the institution system via a communications channel and would like to engage a second communications channel to access the institution system, the user may authenticate to the second communications channel using both communications channels and weak authentication, such as single factor authentication or a challenge question.
    Type: Grant
    Filed: July 20, 2021
    Date of Patent: September 5, 2023
    Assignee: United Services Automobile Association (USAA)
    Inventor: Teddy Joseph Edmond Voutour
  • Patent number: 11734401
    Abstract: Authentication techniques are described to allow a person to be authenticated to interact with an organization, where a type of authentication can be determined based on an environment in which the person is located. For example, an authentication server can collect a status information related to a safety setting of a mobile device. The safety setting can be enabled, e.g., if a person is driving a vehicle. When enabled, the safety setting can prevent the person from performing one or more operations on the mobile device. Based on the collected status information, the authentication server can request the person to provide user information via the mobile device so that the authentication server can determine whether the person is authenticated to interact with an organization.
    Type: Grant
    Filed: March 20, 2020
    Date of Patent: August 22, 2023
    Assignee: United Services Automobile Association (USAA)
    Inventors: Emily Kathleen Krebs, Jose L. Romero, Jr., Reynaldo Medina, III, Andre Rene Buentello, Noe Alberto Martinez, Cayley Danielle Collum, Christopher Russell
  • Patent number: 11727107
    Abstract: Systems and methods are disclosed to implement a machine scanning system that stores machine access credentials in a distributed fashion in a pool of scanner nodes. In embodiments, a storage manager node is selected from the pool to manage the storage of each new credential. The storage manager partitions the credential into portions and distributes the portions among the nodes, which may store the portions under different encryptions. A credential storage metadata is updated to indicate portion assignments and also distributed. At scanning time, the node selected to perform the scan uses the credential storage metadata to gather the portions and reconstruct the credential. In embodiments, the portions may be assigned so that no single node holds all portions of the credential, and at least two nodes hold each portion. Advantageously, the disclosed storage scheme enhances the security and availability of access credentials used by the machine scanning system.
    Type: Grant
    Filed: December 1, 2021
    Date of Patent: August 15, 2023
    Assignee: Rapid7 Inc.
    Inventor: James Edward Cancilla
  • Patent number: 11729165
    Abstract: A method of distributed authorization of one or more client applications to one or more connected devices. The method comprises: receiving at a connected device, from a browser executing a client application, a client token and an access request.
    Type: Grant
    Filed: November 19, 2018
    Date of Patent: August 15, 2023
    Assignee: Plantronics, Inc.
    Inventors: Euan Christopher Smith, Julian Hall
  • Patent number: 11720703
    Abstract: Systems and methods electronically determine whether a dataset is permitted or excluded based on permission digital rules. Primary entities often are required, or choose to, exclude proposed relationship instances with secondary entities. The systems and methods described herein allow permission digital rules to be defined and applied to datasets obtained from secondary entities relating to a proposed relationship instance with the primary entity, and permit or exclude a resource from being produced for the dataset based on the permission digital rules.
    Type: Grant
    Filed: June 28, 2022
    Date of Patent: August 8, 2023
    Assignee: Avalara, Inc.
    Inventors: Mark Janzen, Gregory T. Kavounas, Charles M. Morrisette, Rohit Ghule
  • Patent number: 11716395
    Abstract: One example process may include identifying a paused active communication session between a client device and a server, releasing communication session resources dedicated to the communication session to a session resource pool, and re-establishing the active data session responsive to receiving a message from the client device including one or more session re-establishment parameters.
    Type: Grant
    Filed: January 31, 2022
    Date of Patent: August 1, 2023
    Assignee: CONNECTIFY, INC.
    Inventors: Kevin Cunningham, Alexander Gizis, Brian Prodoehl
  • Patent number: 11706218
    Abstract: The described technology provides a single sign-on capability so that a user who is already signed on to a web application from a client application may not be required to sign-on again when he/she later needs access to the web application from the same or another client application. The technology also provides a multiple login prevention capability to detect multiple sign-on events using the same credentials and disable one or more of the associated multiple sessions.
    Type: Grant
    Filed: December 29, 2020
    Date of Patent: July 18, 2023
    Assignee: NASDAQ, INC.
    Inventor: Vladimir Mitevski
  • Patent number: 11704411
    Abstract: A computing system and method has a pre-boot operating system stored in an encrypted form according to a first key on a first portion of a non-volatile data storage drive and a main operating system stored in an encrypted form according to a second key on a second portion of the non-volatile data storage drive. A system built in operating system (BIOS) chip is configured to initiate a first authentication process, obtain the first key after successful completion of the first authentication process, load and decrypt the pre-boot operating system into dynamic memory, and cause the pre-boot operating system to run. The pre-boot operating system is configured to initiate a second authentication process, obtain the second key after successful completion of the second authentication process, load and decrypt the main operating system into dynamic memory, and cause the main operating system to run.
    Type: Grant
    Filed: December 10, 2020
    Date of Patent: July 18, 2023
    Assignee: NCR Corporation
    Inventor: Graham Flett
  • Patent number: 11700238
    Abstract: A system having an off-premises proxy server residing in a cloud computing environment and backend servers residing in an enterprise computing environment are provided. Requests received by the off-premises proxy server for access to a first, non-publicly accessible backend server are routed to a tunnel server which stores the request and waits to be polled by a tunnel agent connected to the first backend server. When the tunnel server is polled, the request is forwarded through an HTTP tunnel to the tunnel agent, which forwards it to the backend server for processing. Responsive information is returned to the tunnel agent, which forwards it through the HTTP tunnel to the tunnel server and returned through the off-premises proxy server to the remote application. Requests for access to a first, publicly accessible backend server are routed by the off-premises proxy server directly to the backend server for processing and return of responsive information.
    Type: Grant
    Filed: June 22, 2021
    Date of Patent: July 11, 2023
    Assignee: Open Text Corporation
    Inventors: Harish Rawat, Sachin Gopaldas Totale, Ahson M Ahmad