Global (e.g., Single Sign On (sso), Etc.) Patents (Class 726/8)
  • Patent number: 12086231
    Abstract: A method and apparatus of a device that converts an account associated with an application to use a single sign-on service is described. In an exemplary embodiment, the device receives an indication of a weak password associated with the account. The device further sends a request to verify an account credential for a user associated with the device. In addition, the device receives the verification of the account credential. The device additionally requests a single sign-on credential for the account and receives the single sign-on credential. Furthermore, the device sends a message to a server associated with a service for the application that the application is registered for the single sign-on service.
    Type: Grant
    Filed: September 5, 2023
    Date of Patent: September 10, 2024
    Assignee: APPLE INC.
    Inventors: Richard J. Mondello, Jay S. Mulani, Jonathan Birdsall, Dmitry V. Belov, Reza Abbasian, David P. Quesada, Patrick L. Coffman
  • Patent number: 12074975
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for transmitting/processing requests to control information stored at multiple content platforms/servers. In one aspect, a client device can send a request to verify the device's trustworthiness to a device trustworthiness server. The client device can receive, from the device trustworthiness server, data indicating that the client device is trustworthy, in response to which, the client device can send, to a relay server, a request to control user data stored at a plurality of servers. The client device can receive, via the relay server, a response from each of the plurality of servers. Based on the responses, the client device can determine that at least a subset of the plurality of servers that included the user data has performed the action specified in the request to control the user data.
    Type: Grant
    Filed: September 22, 2020
    Date of Patent: August 27, 2024
    Assignee: Google LLC
    Inventors: Gang Wang, Rock Yuen-Wong, Arpana Hosabettu, Marcel M. Moti Yung
  • Patent number: 12067974
    Abstract: A wearable device collects a fingerprint pattern input by a user and speech input by the user. The wearable device sends the fingerprint pattern to an electronic device, to enable the electronic device to perform authentication on the fingerprint pattern input by a user. The wearable device sends the speech to the electronic device, and, upon a determination that the authentication succeeds, the electronic device is enabled to execute a function corresponding to the speech.
    Type: Grant
    Filed: October 12, 2018
    Date of Patent: August 20, 2024
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Shuqiang Gong, Jianyong Gong, Cunshou Qiu
  • Patent number: 12069038
    Abstract: Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.
    Type: Grant
    Filed: October 26, 2022
    Date of Patent: August 20, 2024
    Assignee: Jonetix Corporation
    Inventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
  • Patent number: 12069039
    Abstract: Methods, apparatus, and processor-readable storage media for dynamically unifying disparate UI applications in a cloud native environment are provided herein.
    Type: Grant
    Filed: October 23, 2020
    Date of Patent: August 20, 2024
    Assignee: EMC IP Holding Company LLC
    Inventors: Anurag Sharma, Jo Ann Varble
  • Patent number: 12061688
    Abstract: A disclosed method includes assigning a unique identifier to a computer product instance, such as a server, switch, router, or storage device, to be deployed at a data center or other location on behalf of a customer, generating security credentials for the computer product dependent on the identifier, obtaining the credentials by a customer-side automated deployment agent, and using them by the deployment agent during deployment of the computer product. The credentials may be generated by a supplier-side credential management system, then requested and received by the deployment agent over a secure communication channel. The credentials may be generated by a program shared between the supplier-side credential management system and the deployment agent. The identifier may identify a hardware or software component or be selected by the supplier or customer. The credentials may include a username, password, token, cryptographic key, or digital certificate for a first login.
    Type: Grant
    Filed: March 5, 2021
    Date of Patent: August 13, 2024
    Assignee: Dell Products L.P.
    Inventors: Arkady Kanevsky, Jonathan Peter Streete
  • Patent number: 12056232
    Abstract: Techniques for integrating a trusted execution platform with a function-based service framework are disclosed. For example, a method obtains an application program comprising a first set of one or more functions for execution within a secure execution area of a function-based service framework and a second set of one or more functions for execution within a non-secure execution area of the function-based service framework. A client attests an attestation delegator and the attestation delegator attests one or more secure containers prior to receipt of a function execution request to execute a function in the function-based service framework.
    Type: Grant
    Filed: August 27, 2021
    Date of Patent: August 6, 2024
    Assignee: EMC IP Holding Company LLC
    Inventors: Jinpeng Liu, Michael Estrin, Zhen Jia, Kenneth Durazzo
  • Patent number: 12056035
    Abstract: Methods and systems for managing the performance of workloads in a distributed system are disclosed. The distributed system may include any number of clients, deployments, and data sources operably to one another. To service the workloads, container instances may be deployed to various deployments. When deciding where to deploy the container instances, the hardware resources of the deployments and/or resource expectations associated with the container instances may be taken into account. By doing so, container instances may be more likely to be deployed to deployments that meet their resource expectations. The resource expectations may be embedded as metadata in resources specific build files.
    Type: Grant
    Filed: January 13, 2022
    Date of Patent: August 6, 2024
    Assignee: Dell Products L.P.
    Inventors: John A. Lockman, III, Onur Celebioglu, Lucas A. Wilson
  • Patent number: 12058123
    Abstract: An apparatus relating to authorization of network functions includes at least one processor and at least one memory including computer program code. The at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to: send, from a first network function service consumer instance to an authorization server, a request for an access token for use in accessing a service provided by a network function service producer; receive, at the first network function service consumer instance from the authorization server, an access token for use in accessing the service provided by the network function service producer; and send, from the first network function service consumer instance to the network function service producer, a request to access the service provided by the network function service producer, the request to access the service including the access token.
    Type: Grant
    Filed: June 22, 2020
    Date of Patent: August 6, 2024
    Assignee: NOKIA TECHNOLOGIES OY
    Inventors: Nagendra S Bykampadi, Laurent Thiebaut, Bruno Landais
  • Patent number: 12056230
    Abstract: There are provided systems and methods for split one-time password digits for secure transmissions to selected devices. Authentication credentials and one-time password operations by a service provider, such as an electronic transaction processor for digital transactions, may be compromised by malicious computing attacks or other actions that compromise the security of data and communications. To increase security of the data within a communication and authentication operations, a split one-time password system may be implemented. A user may preset a number of known digits for a one-time password with a profile and/or account. When multifactor authentication is required, randomized digits may be generated using a hash algorithm and may be transmitted to the user with instructions for completion of the one-time password. The user may be required to specifically enter the known digits with the randomized digits to properly pass the multifactor authentication.
    Type: Grant
    Filed: September 21, 2021
    Date of Patent: August 6, 2024
    Assignee: PAYPAL, INC.
    Inventors: George Chen Kaidi, Antony Amalraj Morais
  • Patent number: 12047367
    Abstract: An apparatus comprises a processing device configured to receive, from a given client at a single sign-on manager coupled to a database cluster comprising a plurality of databases, an access request comprising an identifier of a given one of the plurality of databases in the database cluster and single sign-on credentials for the given client to access the database cluster. The processing device is also configured to authenticate, at the single sign-on manager, the single sign-on credentials in the access request and, responsive to authenticating the single sign-on credentials in the access request, to establish a connection between the given client and the given one of the plurality of databases in the database cluster utilizing a session established between the single sign-on manager and the given one of the plurality of databases in the database cluster.
    Type: Grant
    Filed: September 29, 2021
    Date of Patent: July 23, 2024
    Assignee: Dell Products L.P.
    Inventors: Shibi Panikkar, Pratheek Veluswamy, Kwong Lung Yong
  • Patent number: 12041046
    Abstract: Systems and methods for embodiments of artificial intelligence systems for identity management are disclosed. Specifically, embodiments of an identity management system may provide identity management in association with cloud services used by an enterprise and, in particular, may provide identity management in association with cloud based services that may be accessed through federated access providers.
    Type: Grant
    Filed: September 14, 2022
    Date of Patent: July 16, 2024
    Assignee: SAILPOINT TECHNOLOGIES, INC.
    Inventors: Brian Eric Rose, Nicholas Ryan Wellinghoff
  • Patent number: 12039078
    Abstract: This disclosure relates to data security and cryptography. In one aspect, a method includes receiving a request for a subscription token for a given user by a data security system from a publisher computing system of a publisher. The request includes user identification information provided to the publisher by the given user when subscribing to electronic content of the publisher. The data security system generates the subscription token which includes a set of data that includes a first encrypted user identifier generated by encrypting a first user identifier for the given user using an encryption key of the data security system, and, for each of one or more content platforms, an attachment element that includes a second encrypted user identifier generated by encrypting a second user identifier for the given user using an encryption key of the content platform and transmitting the subscription token to the publisher computing system.
    Type: Grant
    Filed: October 27, 2020
    Date of Patent: July 16, 2024
    Assignee: Google LLC
    Inventors: Shreedhar Madhavapeddi, Sergei Akulich, Stephen W. Rupp, Gang Wang
  • Patent number: 12041105
    Abstract: Systems and methods are provided for a computer-implemented method of implementing an on-demand computing network environment. A network specification is received from a user. Resources from one or more resource providers are provisioned including an audio server resource. The on-demand computing network is configured, where configuring includes assigning a first provisioned resource as a hub device. One or more second provisioned resources are assigned as rim devices, where rim devices are configured to communicate with one another only via the hub device. One rim device is a proxy server to which the user connects using a device having an address, where the audio server transmits audio data to the user via the proxy server without knowledge of the address of the user device.
    Type: Grant
    Filed: March 14, 2022
    Date of Patent: July 16, 2024
    Assignee: Cyber IP Holdings, LLC
    Inventors: Christopher Edward Delaney, Chava Louis Jurado, Michael Ryan Ivey, Carl Bailey Jacobs, Jeremiah MacDonald
  • Patent number: 12034854
    Abstract: A method of enabling single sign-on (SSO) access to an application executing in an enterprise, wherein authorized, secure access to specific enterprise applications are facilitated via an enterprise-based connector. In response to successful authentication of an end user via a first authentication method, a credential associated with the successful authentication is encrypted to generate an encrypted user token. The encrypted user token is then forwarded for storage in a database accessible by the enterprise-based connector. Following a redirect (e.g., from a login server instance) that returns the end user to the enterprise-based connector, the encrypted user token is fetched and decrypted to recover the credential. The credential so recovered is then used to attempt to authenticate the user to an application via a second authentication method distinct from the first authentication method.
    Type: Grant
    Filed: February 21, 2021
    Date of Patent: July 9, 2024
    Assignee: Akamai Technologies, Inc.
    Inventors: Seetharama Ayyadevara, Seemant Choudhary, Stephan Benny, Punit Kandoi, Pravin Tatti
  • Patent number: 12032674
    Abstract: The invention method comprises: authenticating successfully, by a user authentication server, through a logon agent in a device, a device user; sending, by the user authentication server, to the logon agent, session data relating to the successful authentication session; sending, by the logon agent, to a logon application the session data; receiving, by at least one browser, from the device user, a first request for accessing the service with a first server identifier; sending, by the logon application, to the at least one browser, the session data; sending, by the browser, based on the first server identifier, to a first receiving server, the session data; verifying, by the first receiving server, whether the session data is or is not valid, and, if yes, authorizing access to the service.
    Type: Grant
    Filed: May 29, 2019
    Date of Patent: July 9, 2024
    Assignee: THALES DIS FRANCE SAS
    Inventor: Jonas Paert
  • Patent number: 12026294
    Abstract: Systems, device and techniques are disclosed for implementing a security configuration change based on one or more base events and a current security configuration. An inference module may identify a security configuration change based on receiving base events from a state storage/event listener and analyzing the base events to determine if a current security configuration is optimal given the base events.
    Type: Grant
    Filed: December 11, 2020
    Date of Patent: July 2, 2024
    Assignee: Google LLC
    Inventors: Tal Dayan, Maya Ben Ari, Brandon Keely, Subir Jhanb, Ido Ofir
  • Patent number: 12021937
    Abstract: A cloud service account management method identifies unauthorized or unmanaged accounts making administration console access or API access at a cloud computing service and triggers a work flow to place the accounts under management. In one embodiment, the user device is directed to a registration portal to provide access credentials of the unauthorized account. The loud service account management method uses the access credentials to retrieve a list of account users associated with the account. Once the accounts are made managed, the cloud service account management method can monitor the activities of the account, including all of the account users, and can apply compliance or security policies to the managed accounts.
    Type: Grant
    Filed: January 28, 2021
    Date of Patent: June 25, 2024
    Assignee: Skyhigh Security, LLC
    Inventors: Sekhar Sarukkai, Kaushik Narayan, Rajiv Gupta
  • Patent number: 12015627
    Abstract: A method to monitor integrity of webpages. The method may include obtaining a destination of outgoing network traffic resulting from rendered code of a webpage. The rendered code may be generated using source code of the webpage that is obtained in response to a request to a webserver that hosts the webpage. The method may also include obtaining a previous destination of previous outgoing network traffic resulting from previous rendered code of the webpage. The previous rendered code may be generated before the request is sent to the webserver for the source code used to generate the rendered code. The method may also include comparing the destination and the previous destination to determine a change in integrity of security of the webpage. In response to the change in the integrity of security of the webpage, an alert regarding the integrity of security of the webpage may be generated.
    Type: Grant
    Filed: July 20, 2023
    Date of Patent: June 18, 2024
    Assignee: SecurityMetrics, Inc.
    Inventor: Aaron Willis
  • Patent number: 12003620
    Abstract: Systems and methods for secure electronic data transfer utilizing an ephemeral key for encryption and decryption of data.
    Type: Grant
    Filed: November 2, 2021
    Date of Patent: June 4, 2024
    Assignee: KnectIQ Inc.
    Inventors: Shailendra Jain, Andrew Lunstad, Kenneth Morris
  • Patent number: 11997080
    Abstract: A method for validating a Uniform Resource Locator (URL) includes generating electronic media content including the URL, generating a Certificate Signing Request (CSR) including the URL, sending the CSR to a certificate signing server, receiving a signed certificate corresponding to the CSR from the certificate signing server, and encoding the signed certificate as metadata in the electronic media content and/or encoding a serial number associated with the signed certificate as metadata in the electronic media content. A user can send the URL to another user through a chat message, an email, a word processing document or other business application, or a document which has a URL through a pen drive, email, or chat message. The certificate-based mechanism is used to validate the origin (sender) of the URL so that the recipients know that the URL can be accessed without having to separately analyze the security risks.
    Type: Grant
    Filed: December 30, 2020
    Date of Patent: May 28, 2024
    Assignee: Citrix Systems, Inc.
    Inventors: Praveen Raja Dhanabalan, Krishna Kumar KB
  • Patent number: 11968303
    Abstract: Techniques of keyless authentication of computing services in distributed computing systems are disclosed herein. One example technique includes upon receiving a command to instantiate a computing service, transmitting a request to an authentication service for an identity assertion token corresponding to an application execution of which instantiates the computing service. The example technique can also include upon receiving the requested identity assertion token, storing the received identity assertion token in the container and modifying an entry of a configuration file in the container that allows the instantiated computing service to access the stored identity assertion token and authenticate to the authentication service using the identity assertion token.
    Type: Grant
    Filed: February 9, 2023
    Date of Patent: April 23, 2024
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Paranthaman Saravanan, Marc Andrew Power, Yang Zhang, Matthias Adam Leibmann, Grigory V. Kaplin, Yi Zeng
  • Patent number: 11968249
    Abstract: A coordinator module for improving communications within a cloud computing system is disclosed. The coordinator module initiates transaction requests by generating a coordination context, where the coordination context includes a transaction context, a coordination type, and an initiator supplemental address. The coordinator module includes a supplemental address handler for creating the initiator supplemental address that unique identifies the coordinator module and the associated pod. The coordinator module receives transaction responses, where the transaction response includes a coordination context. The coordinator module includes a transaction context checker to verify that the transaction response was not received in error, by comparing the received transaction context with a saved transaction context. The coordinator module includes a registration bridge that identifies an alternate coordinator module and alternate pod to process the transaction response if the transaction contexts do not match.
    Type: Grant
    Filed: June 28, 2023
    Date of Patent: April 23, 2024
    Assignee: International Business Machines Corporation
    Inventors: Shuo Zhang, Dian Guo Zou, Jing Jing Wei, Da Guang Sun, Yue Wang, Ping Mei
  • Patent number: 11968201
    Abstract: Operations include transmitting, on behalf of a first application, a first request to a first service provider, the first request requesting first services from the first service provider, intercepting, at a local agent, a first redirect message from the first service provider to an identity provider, receiving an identity provider cookie from the identity provider based on a validation of credentials during the authentication process, storing a copy of the identity provider cookie, transmitting, on behalf of a second application, a second request to a second service provider, the second request requesting second services from the second service provider, intercepting a second redirect message from the second service provider to the identity provider, adding the identity provider cookie to the second redirect message, and receiving validation to access the second service provider from the identity provider based on the identity provider cookie stored by the local agent.
    Type: Grant
    Filed: January 4, 2021
    Date of Patent: April 23, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Ahmed Bakry Helmy Ahmed, Sape Jurrien Mullender, Hendrikus G. P. Bosch, Alessandro Duminuco, Jeffrey Michael Napper
  • Patent number: 11956634
    Abstract: The application discloses methods and corresponding systems and network devices and/or nodes for enabling user equipment belonging to a home network to access data communication services in a visited network of a wireless communication system. By way of example, there is provided a method that comprises the step of obtaining at least one cryptographic token originating from a network node of the home network of the user equipment and cryptographically signed by a private key associated with the home network, wherein the at least one cryptographic token represents means for accessing data communication services via user data transport functions of the visited network.
    Type: Grant
    Filed: April 25, 2019
    Date of Patent: April 9, 2024
    Assignee: Telefonaktiebolaget LM Ericsson (Publ)
    Inventors: Tommy Arngren, Bernard Smeets, Tomas Thyni, Daniel Bergström
  • Patent number: 11949680
    Abstract: Disclosed is an improved approach to implement a mechanism to provide customer control over access to cloud infrastructure by the cloud provider's operator employees. This mechanism allow customer controlled access to any cloud infrastructure that belongs to or is otherwise allocated to the customer.
    Type: Grant
    Filed: April 30, 2021
    Date of Patent: April 2, 2024
    Assignee: Oracle International Corporation
    Inventors: Prasanna Ramamurthi, Joydip Kundu, Binoy Sukumaran, Krishna Chander, Jeffrey Wright
  • Patent number: 11947410
    Abstract: Methods, systems, and computer storage media for providing an error remediation recommendation—for flagged incorrect values in broadband service deployment data—using a broadband error remediation engine in a data analytics system. The error remediation recommendation can identify a corrective action to resolve errors (i.e., incorrect values) in broadband service deployment data. Operationally, the broadband error remediation engine is configured to access broadband service deployment data associated with a plurality of broadband service data features. The broadband error remediation engine uses an error remediation model to and a plurality of datasets to execute a sequence of error remediation operations (e.g., checks and comparisons). Based on executing the sequence of error remediation operations, a corrective action (e.g., change geographic coordinates or remove deployment units) for an incorrect value of a broadband service feature in the broadband service deployment data.
    Type: Grant
    Filed: October 12, 2022
    Date of Patent: April 2, 2024
    Assignee: THE BOSTON CONSULTING GROUP, INC.
    Inventors: Sumit Banerjee, Jaison Leo Justin, Alexey Timashkov, Sai Anirudh Mandagondi, Deepak Trehan, Manuel Felipe Avella Niño, Emma Erminia Quirk, Gowtham Sekkilar, Tejas Arjun Bala, Elena Topolskaia, Thomas James Steiner, Jr.
  • Patent number: 11943224
    Abstract: Arrangements for controlling access to a protected entity include receiving a redirected client request to access the protected entity that includes a public key of the client; granting, in response to the received redirected request, access tokens of a first type to a client using the public key of the client; identifying a conversion transaction identifying a request to convert the first type of access tokens with access tokens of a second type, the transaction designating the protected entity; determining a conversion value for converting the first-type access tokens into second-type access tokens based on at least one access parameter; converting, using the conversion value, a first sum of the first-type access tokens into a second sum of second-type access tokens; and granting the client access to the protected entity when the sum of second-type of access tokens is received as a payment from the protected entity.
    Type: Grant
    Filed: July 29, 2022
    Date of Patent: March 26, 2024
    Assignee: RADWARE, LTD.
    Inventors: Alon Lelcuk, David Aviv
  • Patent number: 11943357
    Abstract: Aspects of the present invention disclose a method for calculating a risk resulting from a network of networks that includes unknown relationships in a privacy preserving manner. The method includes one or more processors determining a set of conditions corresponding to a user of a network. The method further includes transmitting a compliance request corresponding to the set of conditions to one or more members of the network utilizing a privacy preserving algorithm. The method further includes determining a respective risk factor of one or more members of the network, wherein the respective risk factor corresponds to a response of each of the one or more members to the compliance request. The method further includes determining an overall risk of the network based at least in part on the risk factors of the one or more members.
    Type: Grant
    Filed: December 14, 2020
    Date of Patent: March 26, 2024
    Assignee: International Business Machines Corporation
    Inventors: Roy Abitbol, Jonathan Bnayahu, Eliezer Segev Wasserkrug, Pankaj Satyanarayan Dayama, Artem Barger
  • Patent number: 11943366
    Abstract: An authentication system facilitates a transfer of enrollment in authentication services between client devices. The authentication system enrolls a client device in authentication services to enable the client device to be used for authenticating requests to access one or more services. As part of enrolling the client device, the authentication system receives authentication enrollment information for the client device that is associated with one or more authentication credentials securely stored on the client device (e.g., a multi-factor authentication (MFA) certificate). The authentication system facilitates one or more processes for transferring the enrollment from an enrolled client device to a non-enrolled client device that limit the number and complexity of actions performed by the user.
    Type: Grant
    Filed: December 19, 2022
    Date of Patent: March 26, 2024
    Inventors: Chandra Shirashyad, Ildar Abdullin, Umang Shah, Naveen Kumar Keerthy, Cedric Beust
  • Patent number: 11930003
    Abstract: Disclosed are various approaches for workflow service back end integration. In some examples, a workflow service identifies a workflow action and a user account that is responsible for the workflow action. A command to present the workflow action for user authorization is transmitted to a client device associated with the user account. The workflow service transmits a command to perform the workflow action based on an identification of the user authorization.
    Type: Grant
    Filed: January 21, 2022
    Date of Patent: March 12, 2024
    Assignee: VMware, Inc.
    Inventors: Daniel E. Zeck, David Shaw, Robert Worsnop, John Ryan Bard
  • Patent number: 11929937
    Abstract: Disclosed are various embodiments for controlling a distribution of resources on a network. In one example, among others, a system is configured to receive the plurality of resources and a plurality of rules. The system is also configured to determine an authorized location and an authorized area based on the plurality of rules. The authorized location and the authorized area are determined to have different access rights to the plurality of resources. The system is further configured to determine a location of the computing device and grant access to a resource based on the location of the computing device with respect to the authorization location or the authorized area.
    Type: Grant
    Filed: September 15, 2022
    Date of Patent: March 12, 2024
    Assignee: AirWatch LLC
    Inventors: John Marshall, Erich Stuntebeck, Gopinath Jayaprakash, John Joseph Manton, Jonathon Blake Brannon
  • Patent number: 11924211
    Abstract: The invention relates to a device and a method for authenticating a user utilizing an internet access client (10) for accessing remote resources of a computer infrastructure, said access comprising a first authentication (130) of the internet access client (10) and a second authentication (140) of the user of the internet access client (10). The method includes sending (132), to a token security module (21), by the internet access client (10), a client certificate (220), said client certificate (220) being associated with items of identification information of the internet access client (10); and receiving (133), by the internet access client (10), an authentication token (210) generated by the token security module when the client certificate (220) sent has been verified by the token security module.
    Type: Grant
    Filed: June 2, 2021
    Date of Patent: March 5, 2024
    Assignee: BULL SAS
    Inventor: Christophe Guionneau
  • Patent number: 11908263
    Abstract: A method for authorizing a user to drive a vehicle is provided. A verification code is generated based on eID card information of the user, and is provided to the user and the vehicle. The vehicle includes a biometric device to ensure that the one who enters the vehicle and inputs the verification code is the user. After the code inputted by the user is successfully verified to be identical to the verification code, the vehicle permits driving operation.
    Type: Grant
    Filed: August 30, 2022
    Date of Patent: February 20, 2024
    Assignee: MK GROUP JSC
    Inventor: Khang Trong Nguyen
  • Patent number: 11895111
    Abstract: A method and apparatus of a device that authorizes a device for a service is described. In an exemplary embodiment, the device intercepts a request for a web page from a web browser executing on the device, wherein the request includes an indication associated with an authorization request for the service and the web page provides the service. In addition, the device presents an authorization user interface on the device. The device further performs a local authorization using a set of user credentials entered via the authorization user interface. The device additionally performs a server authorization with a server. Furthermore, the device redirects the web browser to the requested web page, wherein the web browser is authorized for the service provided by the web page.
    Type: Grant
    Filed: January 11, 2023
    Date of Patent: February 6, 2024
    Assignee: APPLE INC.
    Inventors: Dmitry V. Belov, Brent A. Fulgham, Sudhakar N. Mambakkam, Richard J. Mondello, Kalyan C. Gopavarapu, Edgar Tonatiuh Barragan Corte, Libor Sykora
  • Patent number: 11893102
    Abstract: Systems and methods for user authentication are disclosed. An example method includes receiving a request for access to a first secured service, the request corresponding to a first user, determining whether or not the request for access is valid, in response to determining that the request for access is valid, determining whether or not the first user has successfully performed a secondary authentication within a predetermined time period of the request for access, and in response to determining that the first user has successfully performed the secondary authentication within the predetermined time period of the valid request for access, providing the first user with access to the secured service.
    Type: Grant
    Filed: April 21, 2023
    Date of Patent: February 6, 2024
    Assignee: Intuit Inc.
    Inventors: Bernard Samuel Diwakar, Gaurav Varma, Mark Joseph Hughes
  • Patent number: 11893096
    Abstract: Systems and methods are described herein for computer user authentication using machine learning. Authentication for a user is initiated based on an identification confidence score of the user. The identification confidence score is based on one or more characteristics of the user. Using a machine learning model for the user, user activity of the user is monitored for anomalous activity to generate first data. Based on the monitoring, differences between the first data and historical utilization data for the user determine whether the user's utilization of the one or more resources is anomalous. When the user's utilization of the one or more resource is anomalous, the user's access to the one or more resource is removed.
    Type: Grant
    Filed: December 2, 2021
    Date of Patent: February 6, 2024
    Assignee: Cylance Inc.
    Inventors: Garret Florian Grajek, Jeffrey Lo, Michael Thomas Wojnowicz, Dinh Huu Nguyen, Michael Alan Slawinski
  • Patent number: 11889027
    Abstract: An embodiment of the system for publishing events of a telephony application to a client includes a call router that generates events from the telephony application and an event router that manages the publication of events generated by the call router and that manages the subscription to events by clients. The system can be used with a telephony application that interfaces with a telephony device and an application server.
    Type: Grant
    Filed: March 22, 2023
    Date of Patent: January 30, 2024
    Assignee: Twilio Inc.
    Inventors: Jeffrey Gordon Lawson, John Robert Wolthuis, Evan Mansfield Cooke
  • Patent number: 11888837
    Abstract: Techniques are described for client registration for authorizing an aggregator service to access data on behalf of an application, through self-registration of an application client identifier and issuance of authorization token(s) based on the application client identifier. Implementations provide a technique for dynamic client registration that avoids the need for manual vetting and manual generation of the client credential grant. Additionally, the implementations described herein enforce domain values around the scope and/or purpose of the client grant. This allows for support of application providers through a single point of registration that supports multi-layer and channel. This also allows for support of a scalable authorization solution for any suitable number of clients. The dynamic client registration process adds an additional layer of security through the OAuth client grant and mutual authentication.
    Type: Grant
    Filed: June 24, 2021
    Date of Patent: January 30, 2024
    Assignee: United Services Automobile Association (USAA)
    Inventors: Alejandro Vera, Miguel Solís, Jr., Hieu Nguyen, Jason Paul Hendry, Nathan Mahoney, Debra Randall Casillas
  • Patent number: 11882120
    Abstract: Examples include service authentication for a principal. A request to access a first service of a plurality of services of a network may be received from a principal by an identity intermediary. An identifier of the first service may be stored at the identity intermediary, and an unsigned credential of the principal and a principal identifier may be transferred from the identity intermediary to a credential provider. The principal identifier and the credential signed by the credential provider may be received, and the signed credential may be transmitted to the first service for authentication.
    Type: Grant
    Filed: July 30, 2019
    Date of Patent: January 23, 2024
    Assignee: Hewlett Packard Enterprise Development LP
    Inventor: Thomas Kelley
  • Patent number: 11876796
    Abstract: Systems, methods, and storage media for abstraction and enforcement of protected resources in an identity infrastructure are disclosed. Exemplary implementations may: identify one or more protected resources for one or more identity domains of an identity infrastructure; receive, at the identity infrastructure, a dataflow pertaining to first identity data for a first identity domain; request the first identity session based at least in part on the first identity data; receive a request to access a first protected resource of the one or more protected resources; accept the first identity session by the first protected resource; and provide the first user access to the first protected resource.
    Type: Grant
    Filed: May 24, 2021
    Date of Patent: January 16, 2024
    Assignee: Strata Identity, Inc.
    Inventors: Eric Olden, Christopher Marie, Carl Eric Leach
  • Patent number: 11876793
    Abstract: Simultaneous distributed application support of multiple identity management systems is provided through the use of virtual web server instances, which enable one identity management system, on physical servers already running a pre-existing web server instance, which enables a different identity management system. Further, an intelligent rules-based determination is implemented to determine whether to route an access request to either the virtual or pre-existing web server instance. Since the virtual web server instances are generated on the same physical server that executes the pre-existing web service instance, the the existing network flow (i.e., a single URL) and physical infrastructure is leveraged to create a simplified approach to managing the simultaneous use of multiple identity management systems across different distributed applications.
    Type: Grant
    Filed: August 12, 2021
    Date of Patent: January 16, 2024
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: David Smiddy, Himanshu Goyal, Raghu Nadimpalli, Sanath K. Pasumarthy, Zeal J. Shah
  • Patent number: 11863553
    Abstract: Provided are embodiments of systems, devices and methods for multi-factor identity verification, which may include utilization of automated picture ID to Selfie matching, cross-reference address information, biometrics and geo-location information and unique smartphone device identifiers, especially in the context of healthcare industry.
    Type: Grant
    Filed: September 28, 2020
    Date of Patent: January 2, 2024
    Assignee: MyHealthID, Inc.
    Inventors: Jay Nitturkar, Erika Eördögh
  • Patent number: 11861386
    Abstract: Systems and methods are described for providing an application-level gateway to an on-demand network code execution system. An on-demand network code execution system may allow users to submit code to be executed in a serverless environment, and may provide an interface for executing the user-submitted code on demand. The interface may require that users authenticate, provide input in a particular format, or meet other criteria when sending a request to execute the code. An application-level gateway may thus provide an interface that implements these functions, thereby allowing computing devices to interact with the code as though it were running on a server (e.g., by using HTTP). The application-level gateway may also use on-demand code execution to provide load balancing for servers that are running the user-submitted code, and seamlessly provide access to code that runs on both server-based and serverless environments.
    Type: Grant
    Filed: March 22, 2019
    Date of Patent: January 2, 2024
    Assignee: Amazon Technologies, Inc.
    Inventors: Lodaya Varun Mukesh, Sridhar Srinivasan, Hamza Arain
  • Patent number: 11861030
    Abstract: Various embodiments include a secure access system that provides secure group-based access to sets of digital assets. The system may allow a user to upload digital assets to the system for secure access by other users, and may allow a user to remove digital assets from the system as well. The assets may be associated with a family, and may be stored as a “family album”. The system may issue a secure credential to family members for accessing the family album. A family member may invite another family or individual to view the family album. On acceptance of the invitation, the system may automatically forward the secure credential to the invited family or individual. The invited family or individual may use the secure credential to access the family album with no further action required by the invited family or individual.
    Type: Grant
    Filed: August 17, 2023
    Date of Patent: January 2, 2024
    Assignee: DatChat, Inc.
    Inventor: Darin Myman
  • Patent number: 11855842
    Abstract: In embodiments, a computer system of a primary entity receives from a secondary entity a first communication about a relationship instance between the primary entity and the secondary entity, and transmits to an Online Service Provider (OSP) a second communication with a dataset. The dataset has dataset parameters about the relationship instance. The second communication causes the OSP to select a file template per the dataset, to produce a resource for the dataset, and to prepare a digital exhibit that is arranged to report the resource as answering the identified requirement. The OSP then transmits to the computer system a third communication that includes an access indicator adapted to facilitate viewing the digital exhibit. Upon receiving the third communication, the computer system transmits a fourth communication to the device of the secondary entity, the fourth communication including the access indicator.
    Type: Grant
    Filed: February 22, 2023
    Date of Patent: December 26, 2023
    Assignee: Avalara, Inc.
    Inventors: Jayme Fishman, Andrew Brandon Chan, Gregory T. Kavounas
  • Patent number: 11843611
    Abstract: The present disclosure relates generally to access control, and more particularly, to techniques (e.g., systems, methods, computer program products storing code or instructions executable by one or more processors) for providing for inline enrollment in multi-level and multi-factor authentication of a user allowing login on a restricted website, or on an enterprise network with single sign-on, or on various other service systems with security restrictions.
    Type: Grant
    Filed: January 26, 2021
    Date of Patent: December 12, 2023
    Assignee: Oracle International Corporation
    Inventors: Nagaraj Pattar, Pruthvithej Ramesh Kumar
  • Patent number: 11824945
    Abstract: Examples described herein may include a playback device receiving, from a control device, a validation-key that includes an application identifier corresponding to a controller application. The playback device may create a session identifier and transmit the session identifier to the control device. The playback device may receive, from the control device, a playback request comprising the session identifier and a playback command. The playback device may determine that the session identifier is valid and then execute the playback command. A computing system may receive identification information related to a controller application and generate the validation-key based on the controller application meeting at least one quality-control metric. The controller application may receive the validation-key from the computing system.
    Type: Grant
    Filed: October 20, 2022
    Date of Patent: November 21, 2023
    Assignee: Sonos, Inc.
    Inventor: Andrew Schulert
  • Patent number: 11818112
    Abstract: Disclosed are various examples for enrolling a client device and synchronizing user attributes for the client device across multiple directory services. A search request for user attributes can be sent to a first directory service with an identifier for a user account. The first directory service can query for the identifier and send back user attributes. If a global identifier is included in the attributes, another search request for user attributes can be sent to a second directory service with the global identifier. The second directory service can query for the global identifier and send back user attributes.
    Type: Grant
    Filed: April 4, 2022
    Date of Patent: November 14, 2023
    Assignee: AirWatch, LLC
    Inventors: Kalyan Regula, Shravan Shantharam, Nishita Manjunath, Varun Murthy, Jason Roszak
  • Patent number: 11818183
    Abstract: A system and method of communicating between computing devices including pairing a first computing device with a second computing device. The first computing device and the computing second device are configured to communicate with an application workspace system. The first computing device provides token and application information to a second computing device. The second computing device is authenticated with the application workspace system using the token and launches an application corresponding to the application information.
    Type: Grant
    Filed: July 5, 2021
    Date of Patent: November 14, 2023
    Assignee: VMware, Inc.
    Inventors: Ramani Panchapakesan, Pradeep B H Pai, Usha Kamath, Ben Joseph, Sharun Samuel