Global (e.g., Single Sign On (sso), Etc.) Patents (Class 726/8)
-
Patent number: 12086231Abstract: A method and apparatus of a device that converts an account associated with an application to use a single sign-on service is described. In an exemplary embodiment, the device receives an indication of a weak password associated with the account. The device further sends a request to verify an account credential for a user associated with the device. In addition, the device receives the verification of the account credential. The device additionally requests a single sign-on credential for the account and receives the single sign-on credential. Furthermore, the device sends a message to a server associated with a service for the application that the application is registered for the single sign-on service.Type: GrantFiled: September 5, 2023Date of Patent: September 10, 2024Assignee: APPLE INC.Inventors: Richard J. Mondello, Jay S. Mulani, Jonathan Birdsall, Dmitry V. Belov, Reza Abbasian, David P. Quesada, Patrick L. Coffman
-
Patent number: 12074975Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for transmitting/processing requests to control information stored at multiple content platforms/servers. In one aspect, a client device can send a request to verify the device's trustworthiness to a device trustworthiness server. The client device can receive, from the device trustworthiness server, data indicating that the client device is trustworthy, in response to which, the client device can send, to a relay server, a request to control user data stored at a plurality of servers. The client device can receive, via the relay server, a response from each of the plurality of servers. Based on the responses, the client device can determine that at least a subset of the plurality of servers that included the user data has performed the action specified in the request to control the user data.Type: GrantFiled: September 22, 2020Date of Patent: August 27, 2024Assignee: Google LLCInventors: Gang Wang, Rock Yuen-Wong, Arpana Hosabettu, Marcel M. Moti Yung
-
Patent number: 12067974Abstract: A wearable device collects a fingerprint pattern input by a user and speech input by the user. The wearable device sends the fingerprint pattern to an electronic device, to enable the electronic device to perform authentication on the fingerprint pattern input by a user. The wearable device sends the speech to the electronic device, and, upon a determination that the authentication succeeds, the electronic device is enabled to execute a function corresponding to the speech.Type: GrantFiled: October 12, 2018Date of Patent: August 20, 2024Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Shuqiang Gong, Jianyong Gong, Cunshou Qiu
-
Patent number: 12069038Abstract: Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.Type: GrantFiled: October 26, 2022Date of Patent: August 20, 2024Assignee: Jonetix CorporationInventors: Paul Ying-Fung Wu, Richard J. Nathan, Harry Leslie Tredennick
-
Patent number: 12069039Abstract: Methods, apparatus, and processor-readable storage media for dynamically unifying disparate UI applications in a cloud native environment are provided herein.Type: GrantFiled: October 23, 2020Date of Patent: August 20, 2024Assignee: EMC IP Holding Company LLCInventors: Anurag Sharma, Jo Ann Varble
-
Patent number: 12061688Abstract: A disclosed method includes assigning a unique identifier to a computer product instance, such as a server, switch, router, or storage device, to be deployed at a data center or other location on behalf of a customer, generating security credentials for the computer product dependent on the identifier, obtaining the credentials by a customer-side automated deployment agent, and using them by the deployment agent during deployment of the computer product. The credentials may be generated by a supplier-side credential management system, then requested and received by the deployment agent over a secure communication channel. The credentials may be generated by a program shared between the supplier-side credential management system and the deployment agent. The identifier may identify a hardware or software component or be selected by the supplier or customer. The credentials may include a username, password, token, cryptographic key, or digital certificate for a first login.Type: GrantFiled: March 5, 2021Date of Patent: August 13, 2024Assignee: Dell Products L.P.Inventors: Arkady Kanevsky, Jonathan Peter Streete
-
Patent number: 12056232Abstract: Techniques for integrating a trusted execution platform with a function-based service framework are disclosed. For example, a method obtains an application program comprising a first set of one or more functions for execution within a secure execution area of a function-based service framework and a second set of one or more functions for execution within a non-secure execution area of the function-based service framework. A client attests an attestation delegator and the attestation delegator attests one or more secure containers prior to receipt of a function execution request to execute a function in the function-based service framework.Type: GrantFiled: August 27, 2021Date of Patent: August 6, 2024Assignee: EMC IP Holding Company LLCInventors: Jinpeng Liu, Michael Estrin, Zhen Jia, Kenneth Durazzo
-
Patent number: 12056035Abstract: Methods and systems for managing the performance of workloads in a distributed system are disclosed. The distributed system may include any number of clients, deployments, and data sources operably to one another. To service the workloads, container instances may be deployed to various deployments. When deciding where to deploy the container instances, the hardware resources of the deployments and/or resource expectations associated with the container instances may be taken into account. By doing so, container instances may be more likely to be deployed to deployments that meet their resource expectations. The resource expectations may be embedded as metadata in resources specific build files.Type: GrantFiled: January 13, 2022Date of Patent: August 6, 2024Assignee: Dell Products L.P.Inventors: John A. Lockman, III, Onur Celebioglu, Lucas A. Wilson
-
Patent number: 12058123Abstract: An apparatus relating to authorization of network functions includes at least one processor and at least one memory including computer program code. The at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to: send, from a first network function service consumer instance to an authorization server, a request for an access token for use in accessing a service provided by a network function service producer; receive, at the first network function service consumer instance from the authorization server, an access token for use in accessing the service provided by the network function service producer; and send, from the first network function service consumer instance to the network function service producer, a request to access the service provided by the network function service producer, the request to access the service including the access token.Type: GrantFiled: June 22, 2020Date of Patent: August 6, 2024Assignee: NOKIA TECHNOLOGIES OYInventors: Nagendra S Bykampadi, Laurent Thiebaut, Bruno Landais
-
Patent number: 12056230Abstract: There are provided systems and methods for split one-time password digits for secure transmissions to selected devices. Authentication credentials and one-time password operations by a service provider, such as an electronic transaction processor for digital transactions, may be compromised by malicious computing attacks or other actions that compromise the security of data and communications. To increase security of the data within a communication and authentication operations, a split one-time password system may be implemented. A user may preset a number of known digits for a one-time password with a profile and/or account. When multifactor authentication is required, randomized digits may be generated using a hash algorithm and may be transmitted to the user with instructions for completion of the one-time password. The user may be required to specifically enter the known digits with the randomized digits to properly pass the multifactor authentication.Type: GrantFiled: September 21, 2021Date of Patent: August 6, 2024Assignee: PAYPAL, INC.Inventors: George Chen Kaidi, Antony Amalraj Morais
-
Patent number: 12047367Abstract: An apparatus comprises a processing device configured to receive, from a given client at a single sign-on manager coupled to a database cluster comprising a plurality of databases, an access request comprising an identifier of a given one of the plurality of databases in the database cluster and single sign-on credentials for the given client to access the database cluster. The processing device is also configured to authenticate, at the single sign-on manager, the single sign-on credentials in the access request and, responsive to authenticating the single sign-on credentials in the access request, to establish a connection between the given client and the given one of the plurality of databases in the database cluster utilizing a session established between the single sign-on manager and the given one of the plurality of databases in the database cluster.Type: GrantFiled: September 29, 2021Date of Patent: July 23, 2024Assignee: Dell Products L.P.Inventors: Shibi Panikkar, Pratheek Veluswamy, Kwong Lung Yong
-
Patent number: 12041046Abstract: Systems and methods for embodiments of artificial intelligence systems for identity management are disclosed. Specifically, embodiments of an identity management system may provide identity management in association with cloud services used by an enterprise and, in particular, may provide identity management in association with cloud based services that may be accessed through federated access providers.Type: GrantFiled: September 14, 2022Date of Patent: July 16, 2024Assignee: SAILPOINT TECHNOLOGIES, INC.Inventors: Brian Eric Rose, Nicholas Ryan Wellinghoff
-
Patent number: 12039078Abstract: This disclosure relates to data security and cryptography. In one aspect, a method includes receiving a request for a subscription token for a given user by a data security system from a publisher computing system of a publisher. The request includes user identification information provided to the publisher by the given user when subscribing to electronic content of the publisher. The data security system generates the subscription token which includes a set of data that includes a first encrypted user identifier generated by encrypting a first user identifier for the given user using an encryption key of the data security system, and, for each of one or more content platforms, an attachment element that includes a second encrypted user identifier generated by encrypting a second user identifier for the given user using an encryption key of the content platform and transmitting the subscription token to the publisher computing system.Type: GrantFiled: October 27, 2020Date of Patent: July 16, 2024Assignee: Google LLCInventors: Shreedhar Madhavapeddi, Sergei Akulich, Stephen W. Rupp, Gang Wang
-
Patent number: 12041105Abstract: Systems and methods are provided for a computer-implemented method of implementing an on-demand computing network environment. A network specification is received from a user. Resources from one or more resource providers are provisioned including an audio server resource. The on-demand computing network is configured, where configuring includes assigning a first provisioned resource as a hub device. One or more second provisioned resources are assigned as rim devices, where rim devices are configured to communicate with one another only via the hub device. One rim device is a proxy server to which the user connects using a device having an address, where the audio server transmits audio data to the user via the proxy server without knowledge of the address of the user device.Type: GrantFiled: March 14, 2022Date of Patent: July 16, 2024Assignee: Cyber IP Holdings, LLCInventors: Christopher Edward Delaney, Chava Louis Jurado, Michael Ryan Ivey, Carl Bailey Jacobs, Jeremiah MacDonald
-
Patent number: 12034854Abstract: A method of enabling single sign-on (SSO) access to an application executing in an enterprise, wherein authorized, secure access to specific enterprise applications are facilitated via an enterprise-based connector. In response to successful authentication of an end user via a first authentication method, a credential associated with the successful authentication is encrypted to generate an encrypted user token. The encrypted user token is then forwarded for storage in a database accessible by the enterprise-based connector. Following a redirect (e.g., from a login server instance) that returns the end user to the enterprise-based connector, the encrypted user token is fetched and decrypted to recover the credential. The credential so recovered is then used to attempt to authenticate the user to an application via a second authentication method distinct from the first authentication method.Type: GrantFiled: February 21, 2021Date of Patent: July 9, 2024Assignee: Akamai Technologies, Inc.Inventors: Seetharama Ayyadevara, Seemant Choudhary, Stephan Benny, Punit Kandoi, Pravin Tatti
-
Patent number: 12032674Abstract: The invention method comprises: authenticating successfully, by a user authentication server, through a logon agent in a device, a device user; sending, by the user authentication server, to the logon agent, session data relating to the successful authentication session; sending, by the logon agent, to a logon application the session data; receiving, by at least one browser, from the device user, a first request for accessing the service with a first server identifier; sending, by the logon application, to the at least one browser, the session data; sending, by the browser, based on the first server identifier, to a first receiving server, the session data; verifying, by the first receiving server, whether the session data is or is not valid, and, if yes, authorizing access to the service.Type: GrantFiled: May 29, 2019Date of Patent: July 9, 2024Assignee: THALES DIS FRANCE SASInventor: Jonas Paert
-
Patent number: 12026294Abstract: Systems, device and techniques are disclosed for implementing a security configuration change based on one or more base events and a current security configuration. An inference module may identify a security configuration change based on receiving base events from a state storage/event listener and analyzing the base events to determine if a current security configuration is optimal given the base events.Type: GrantFiled: December 11, 2020Date of Patent: July 2, 2024Assignee: Google LLCInventors: Tal Dayan, Maya Ben Ari, Brandon Keely, Subir Jhanb, Ido Ofir
-
Patent number: 12021937Abstract: A cloud service account management method identifies unauthorized or unmanaged accounts making administration console access or API access at a cloud computing service and triggers a work flow to place the accounts under management. In one embodiment, the user device is directed to a registration portal to provide access credentials of the unauthorized account. The loud service account management method uses the access credentials to retrieve a list of account users associated with the account. Once the accounts are made managed, the cloud service account management method can monitor the activities of the account, including all of the account users, and can apply compliance or security policies to the managed accounts.Type: GrantFiled: January 28, 2021Date of Patent: June 25, 2024Assignee: Skyhigh Security, LLCInventors: Sekhar Sarukkai, Kaushik Narayan, Rajiv Gupta
-
Patent number: 12015627Abstract: A method to monitor integrity of webpages. The method may include obtaining a destination of outgoing network traffic resulting from rendered code of a webpage. The rendered code may be generated using source code of the webpage that is obtained in response to a request to a webserver that hosts the webpage. The method may also include obtaining a previous destination of previous outgoing network traffic resulting from previous rendered code of the webpage. The previous rendered code may be generated before the request is sent to the webserver for the source code used to generate the rendered code. The method may also include comparing the destination and the previous destination to determine a change in integrity of security of the webpage. In response to the change in the integrity of security of the webpage, an alert regarding the integrity of security of the webpage may be generated.Type: GrantFiled: July 20, 2023Date of Patent: June 18, 2024Assignee: SecurityMetrics, Inc.Inventor: Aaron Willis
-
Patent number: 12003620Abstract: Systems and methods for secure electronic data transfer utilizing an ephemeral key for encryption and decryption of data.Type: GrantFiled: November 2, 2021Date of Patent: June 4, 2024Assignee: KnectIQ Inc.Inventors: Shailendra Jain, Andrew Lunstad, Kenneth Morris
-
Patent number: 11997080Abstract: A method for validating a Uniform Resource Locator (URL) includes generating electronic media content including the URL, generating a Certificate Signing Request (CSR) including the URL, sending the CSR to a certificate signing server, receiving a signed certificate corresponding to the CSR from the certificate signing server, and encoding the signed certificate as metadata in the electronic media content and/or encoding a serial number associated with the signed certificate as metadata in the electronic media content. A user can send the URL to another user through a chat message, an email, a word processing document or other business application, or a document which has a URL through a pen drive, email, or chat message. The certificate-based mechanism is used to validate the origin (sender) of the URL so that the recipients know that the URL can be accessed without having to separately analyze the security risks.Type: GrantFiled: December 30, 2020Date of Patent: May 28, 2024Assignee: Citrix Systems, Inc.Inventors: Praveen Raja Dhanabalan, Krishna Kumar KB
-
Patent number: 11968303Abstract: Techniques of keyless authentication of computing services in distributed computing systems are disclosed herein. One example technique includes upon receiving a command to instantiate a computing service, transmitting a request to an authentication service for an identity assertion token corresponding to an application execution of which instantiates the computing service. The example technique can also include upon receiving the requested identity assertion token, storing the received identity assertion token in the container and modifying an entry of a configuration file in the container that allows the instantiated computing service to access the stored identity assertion token and authenticate to the authentication service using the identity assertion token.Type: GrantFiled: February 9, 2023Date of Patent: April 23, 2024Assignee: Microsoft Technology Licensing, LLCInventors: Paranthaman Saravanan, Marc Andrew Power, Yang Zhang, Matthias Adam Leibmann, Grigory V. Kaplin, Yi Zeng
-
Patent number: 11968249Abstract: A coordinator module for improving communications within a cloud computing system is disclosed. The coordinator module initiates transaction requests by generating a coordination context, where the coordination context includes a transaction context, a coordination type, and an initiator supplemental address. The coordinator module includes a supplemental address handler for creating the initiator supplemental address that unique identifies the coordinator module and the associated pod. The coordinator module receives transaction responses, where the transaction response includes a coordination context. The coordinator module includes a transaction context checker to verify that the transaction response was not received in error, by comparing the received transaction context with a saved transaction context. The coordinator module includes a registration bridge that identifies an alternate coordinator module and alternate pod to process the transaction response if the transaction contexts do not match.Type: GrantFiled: June 28, 2023Date of Patent: April 23, 2024Assignee: International Business Machines CorporationInventors: Shuo Zhang, Dian Guo Zou, Jing Jing Wei, Da Guang Sun, Yue Wang, Ping Mei
-
Patent number: 11968201Abstract: Operations include transmitting, on behalf of a first application, a first request to a first service provider, the first request requesting first services from the first service provider, intercepting, at a local agent, a first redirect message from the first service provider to an identity provider, receiving an identity provider cookie from the identity provider based on a validation of credentials during the authentication process, storing a copy of the identity provider cookie, transmitting, on behalf of a second application, a second request to a second service provider, the second request requesting second services from the second service provider, intercepting a second redirect message from the second service provider to the identity provider, adding the identity provider cookie to the second redirect message, and receiving validation to access the second service provider from the identity provider based on the identity provider cookie stored by the local agent.Type: GrantFiled: January 4, 2021Date of Patent: April 23, 2024Assignee: Cisco Technology, Inc.Inventors: Ahmed Bakry Helmy Ahmed, Sape Jurrien Mullender, Hendrikus G. P. Bosch, Alessandro Duminuco, Jeffrey Michael Napper
-
Patent number: 11956634Abstract: The application discloses methods and corresponding systems and network devices and/or nodes for enabling user equipment belonging to a home network to access data communication services in a visited network of a wireless communication system. By way of example, there is provided a method that comprises the step of obtaining at least one cryptographic token originating from a network node of the home network of the user equipment and cryptographically signed by a private key associated with the home network, wherein the at least one cryptographic token represents means for accessing data communication services via user data transport functions of the visited network.Type: GrantFiled: April 25, 2019Date of Patent: April 9, 2024Assignee: Telefonaktiebolaget LM Ericsson (Publ)Inventors: Tommy Arngren, Bernard Smeets, Tomas Thyni, Daniel Bergström
-
Patent number: 11949680Abstract: Disclosed is an improved approach to implement a mechanism to provide customer control over access to cloud infrastructure by the cloud provider's operator employees. This mechanism allow customer controlled access to any cloud infrastructure that belongs to or is otherwise allocated to the customer.Type: GrantFiled: April 30, 2021Date of Patent: April 2, 2024Assignee: Oracle International CorporationInventors: Prasanna Ramamurthi, Joydip Kundu, Binoy Sukumaran, Krishna Chander, Jeffrey Wright
-
Patent number: 11947410Abstract: Methods, systems, and computer storage media for providing an error remediation recommendation—for flagged incorrect values in broadband service deployment data—using a broadband error remediation engine in a data analytics system. The error remediation recommendation can identify a corrective action to resolve errors (i.e., incorrect values) in broadband service deployment data. Operationally, the broadband error remediation engine is configured to access broadband service deployment data associated with a plurality of broadband service data features. The broadband error remediation engine uses an error remediation model to and a plurality of datasets to execute a sequence of error remediation operations (e.g., checks and comparisons). Based on executing the sequence of error remediation operations, a corrective action (e.g., change geographic coordinates or remove deployment units) for an incorrect value of a broadband service feature in the broadband service deployment data.Type: GrantFiled: October 12, 2022Date of Patent: April 2, 2024Assignee: THE BOSTON CONSULTING GROUP, INC.Inventors: Sumit Banerjee, Jaison Leo Justin, Alexey Timashkov, Sai Anirudh Mandagondi, Deepak Trehan, Manuel Felipe Avella Niño, Emma Erminia Quirk, Gowtham Sekkilar, Tejas Arjun Bala, Elena Topolskaia, Thomas James Steiner, Jr.
-
Patent number: 11943224Abstract: Arrangements for controlling access to a protected entity include receiving a redirected client request to access the protected entity that includes a public key of the client; granting, in response to the received redirected request, access tokens of a first type to a client using the public key of the client; identifying a conversion transaction identifying a request to convert the first type of access tokens with access tokens of a second type, the transaction designating the protected entity; determining a conversion value for converting the first-type access tokens into second-type access tokens based on at least one access parameter; converting, using the conversion value, a first sum of the first-type access tokens into a second sum of second-type access tokens; and granting the client access to the protected entity when the sum of second-type of access tokens is received as a payment from the protected entity.Type: GrantFiled: July 29, 2022Date of Patent: March 26, 2024Assignee: RADWARE, LTD.Inventors: Alon Lelcuk, David Aviv
-
Patent number: 11943357Abstract: Aspects of the present invention disclose a method for calculating a risk resulting from a network of networks that includes unknown relationships in a privacy preserving manner. The method includes one or more processors determining a set of conditions corresponding to a user of a network. The method further includes transmitting a compliance request corresponding to the set of conditions to one or more members of the network utilizing a privacy preserving algorithm. The method further includes determining a respective risk factor of one or more members of the network, wherein the respective risk factor corresponds to a response of each of the one or more members to the compliance request. The method further includes determining an overall risk of the network based at least in part on the risk factors of the one or more members.Type: GrantFiled: December 14, 2020Date of Patent: March 26, 2024Assignee: International Business Machines CorporationInventors: Roy Abitbol, Jonathan Bnayahu, Eliezer Segev Wasserkrug, Pankaj Satyanarayan Dayama, Artem Barger
-
Patent number: 11943366Abstract: An authentication system facilitates a transfer of enrollment in authentication services between client devices. The authentication system enrolls a client device in authentication services to enable the client device to be used for authenticating requests to access one or more services. As part of enrolling the client device, the authentication system receives authentication enrollment information for the client device that is associated with one or more authentication credentials securely stored on the client device (e.g., a multi-factor authentication (MFA) certificate). The authentication system facilitates one or more processes for transferring the enrollment from an enrolled client device to a non-enrolled client device that limit the number and complexity of actions performed by the user.Type: GrantFiled: December 19, 2022Date of Patent: March 26, 2024Inventors: Chandra Shirashyad, Ildar Abdullin, Umang Shah, Naveen Kumar Keerthy, Cedric Beust
-
Patent number: 11930003Abstract: Disclosed are various approaches for workflow service back end integration. In some examples, a workflow service identifies a workflow action and a user account that is responsible for the workflow action. A command to present the workflow action for user authorization is transmitted to a client device associated with the user account. The workflow service transmits a command to perform the workflow action based on an identification of the user authorization.Type: GrantFiled: January 21, 2022Date of Patent: March 12, 2024Assignee: VMware, Inc.Inventors: Daniel E. Zeck, David Shaw, Robert Worsnop, John Ryan Bard
-
Patent number: 11929937Abstract: Disclosed are various embodiments for controlling a distribution of resources on a network. In one example, among others, a system is configured to receive the plurality of resources and a plurality of rules. The system is also configured to determine an authorized location and an authorized area based on the plurality of rules. The authorized location and the authorized area are determined to have different access rights to the plurality of resources. The system is further configured to determine a location of the computing device and grant access to a resource based on the location of the computing device with respect to the authorization location or the authorized area.Type: GrantFiled: September 15, 2022Date of Patent: March 12, 2024Assignee: AirWatch LLCInventors: John Marshall, Erich Stuntebeck, Gopinath Jayaprakash, John Joseph Manton, Jonathon Blake Brannon
-
Patent number: 11924211Abstract: The invention relates to a device and a method for authenticating a user utilizing an internet access client (10) for accessing remote resources of a computer infrastructure, said access comprising a first authentication (130) of the internet access client (10) and a second authentication (140) of the user of the internet access client (10). The method includes sending (132), to a token security module (21), by the internet access client (10), a client certificate (220), said client certificate (220) being associated with items of identification information of the internet access client (10); and receiving (133), by the internet access client (10), an authentication token (210) generated by the token security module when the client certificate (220) sent has been verified by the token security module.Type: GrantFiled: June 2, 2021Date of Patent: March 5, 2024Assignee: BULL SASInventor: Christophe Guionneau
-
Patent number: 11908263Abstract: A method for authorizing a user to drive a vehicle is provided. A verification code is generated based on eID card information of the user, and is provided to the user and the vehicle. The vehicle includes a biometric device to ensure that the one who enters the vehicle and inputs the verification code is the user. After the code inputted by the user is successfully verified to be identical to the verification code, the vehicle permits driving operation.Type: GrantFiled: August 30, 2022Date of Patent: February 20, 2024Assignee: MK GROUP JSCInventor: Khang Trong Nguyen
-
Patent number: 11895111Abstract: A method and apparatus of a device that authorizes a device for a service is described. In an exemplary embodiment, the device intercepts a request for a web page from a web browser executing on the device, wherein the request includes an indication associated with an authorization request for the service and the web page provides the service. In addition, the device presents an authorization user interface on the device. The device further performs a local authorization using a set of user credentials entered via the authorization user interface. The device additionally performs a server authorization with a server. Furthermore, the device redirects the web browser to the requested web page, wherein the web browser is authorized for the service provided by the web page.Type: GrantFiled: January 11, 2023Date of Patent: February 6, 2024Assignee: APPLE INC.Inventors: Dmitry V. Belov, Brent A. Fulgham, Sudhakar N. Mambakkam, Richard J. Mondello, Kalyan C. Gopavarapu, Edgar Tonatiuh Barragan Corte, Libor Sykora
-
Patent number: 11893102Abstract: Systems and methods for user authentication are disclosed. An example method includes receiving a request for access to a first secured service, the request corresponding to a first user, determining whether or not the request for access is valid, in response to determining that the request for access is valid, determining whether or not the first user has successfully performed a secondary authentication within a predetermined time period of the request for access, and in response to determining that the first user has successfully performed the secondary authentication within the predetermined time period of the valid request for access, providing the first user with access to the secured service.Type: GrantFiled: April 21, 2023Date of Patent: February 6, 2024Assignee: Intuit Inc.Inventors: Bernard Samuel Diwakar, Gaurav Varma, Mark Joseph Hughes
-
Patent number: 11893096Abstract: Systems and methods are described herein for computer user authentication using machine learning. Authentication for a user is initiated based on an identification confidence score of the user. The identification confidence score is based on one or more characteristics of the user. Using a machine learning model for the user, user activity of the user is monitored for anomalous activity to generate first data. Based on the monitoring, differences between the first data and historical utilization data for the user determine whether the user's utilization of the one or more resources is anomalous. When the user's utilization of the one or more resource is anomalous, the user's access to the one or more resource is removed.Type: GrantFiled: December 2, 2021Date of Patent: February 6, 2024Assignee: Cylance Inc.Inventors: Garret Florian Grajek, Jeffrey Lo, Michael Thomas Wojnowicz, Dinh Huu Nguyen, Michael Alan Slawinski
-
Patent number: 11889027Abstract: An embodiment of the system for publishing events of a telephony application to a client includes a call router that generates events from the telephony application and an event router that manages the publication of events generated by the call router and that manages the subscription to events by clients. The system can be used with a telephony application that interfaces with a telephony device and an application server.Type: GrantFiled: March 22, 2023Date of Patent: January 30, 2024Assignee: Twilio Inc.Inventors: Jeffrey Gordon Lawson, John Robert Wolthuis, Evan Mansfield Cooke
-
Patent number: 11888837Abstract: Techniques are described for client registration for authorizing an aggregator service to access data on behalf of an application, through self-registration of an application client identifier and issuance of authorization token(s) based on the application client identifier. Implementations provide a technique for dynamic client registration that avoids the need for manual vetting and manual generation of the client credential grant. Additionally, the implementations described herein enforce domain values around the scope and/or purpose of the client grant. This allows for support of application providers through a single point of registration that supports multi-layer and channel. This also allows for support of a scalable authorization solution for any suitable number of clients. The dynamic client registration process adds an additional layer of security through the OAuth client grant and mutual authentication.Type: GrantFiled: June 24, 2021Date of Patent: January 30, 2024Assignee: United Services Automobile Association (USAA)Inventors: Alejandro Vera, Miguel Solís, Jr., Hieu Nguyen, Jason Paul Hendry, Nathan Mahoney, Debra Randall Casillas
-
Patent number: 11882120Abstract: Examples include service authentication for a principal. A request to access a first service of a plurality of services of a network may be received from a principal by an identity intermediary. An identifier of the first service may be stored at the identity intermediary, and an unsigned credential of the principal and a principal identifier may be transferred from the identity intermediary to a credential provider. The principal identifier and the credential signed by the credential provider may be received, and the signed credential may be transmitted to the first service for authentication.Type: GrantFiled: July 30, 2019Date of Patent: January 23, 2024Assignee: Hewlett Packard Enterprise Development LPInventor: Thomas Kelley
-
Patent number: 11876796Abstract: Systems, methods, and storage media for abstraction and enforcement of protected resources in an identity infrastructure are disclosed. Exemplary implementations may: identify one or more protected resources for one or more identity domains of an identity infrastructure; receive, at the identity infrastructure, a dataflow pertaining to first identity data for a first identity domain; request the first identity session based at least in part on the first identity data; receive a request to access a first protected resource of the one or more protected resources; accept the first identity session by the first protected resource; and provide the first user access to the first protected resource.Type: GrantFiled: May 24, 2021Date of Patent: January 16, 2024Assignee: Strata Identity, Inc.Inventors: Eric Olden, Christopher Marie, Carl Eric Leach
-
Patent number: 11876793Abstract: Simultaneous distributed application support of multiple identity management systems is provided through the use of virtual web server instances, which enable one identity management system, on physical servers already running a pre-existing web server instance, which enables a different identity management system. Further, an intelligent rules-based determination is implemented to determine whether to route an access request to either the virtual or pre-existing web server instance. Since the virtual web server instances are generated on the same physical server that executes the pre-existing web service instance, the the existing network flow (i.e., a single URL) and physical infrastructure is leveraged to create a simplified approach to managing the simultaneous use of multiple identity management systems across different distributed applications.Type: GrantFiled: August 12, 2021Date of Patent: January 16, 2024Assignee: BANK OF AMERICA CORPORATIONInventors: David Smiddy, Himanshu Goyal, Raghu Nadimpalli, Sanath K. Pasumarthy, Zeal J. Shah
-
Patent number: 11863553Abstract: Provided are embodiments of systems, devices and methods for multi-factor identity verification, which may include utilization of automated picture ID to Selfie matching, cross-reference address information, biometrics and geo-location information and unique smartphone device identifiers, especially in the context of healthcare industry.Type: GrantFiled: September 28, 2020Date of Patent: January 2, 2024Assignee: MyHealthID, Inc.Inventors: Jay Nitturkar, Erika Eördögh
-
Patent number: 11861386Abstract: Systems and methods are described for providing an application-level gateway to an on-demand network code execution system. An on-demand network code execution system may allow users to submit code to be executed in a serverless environment, and may provide an interface for executing the user-submitted code on demand. The interface may require that users authenticate, provide input in a particular format, or meet other criteria when sending a request to execute the code. An application-level gateway may thus provide an interface that implements these functions, thereby allowing computing devices to interact with the code as though it were running on a server (e.g., by using HTTP). The application-level gateway may also use on-demand code execution to provide load balancing for servers that are running the user-submitted code, and seamlessly provide access to code that runs on both server-based and serverless environments.Type: GrantFiled: March 22, 2019Date of Patent: January 2, 2024Assignee: Amazon Technologies, Inc.Inventors: Lodaya Varun Mukesh, Sridhar Srinivasan, Hamza Arain
-
Patent number: 11861030Abstract: Various embodiments include a secure access system that provides secure group-based access to sets of digital assets. The system may allow a user to upload digital assets to the system for secure access by other users, and may allow a user to remove digital assets from the system as well. The assets may be associated with a family, and may be stored as a “family album”. The system may issue a secure credential to family members for accessing the family album. A family member may invite another family or individual to view the family album. On acceptance of the invitation, the system may automatically forward the secure credential to the invited family or individual. The invited family or individual may use the secure credential to access the family album with no further action required by the invited family or individual.Type: GrantFiled: August 17, 2023Date of Patent: January 2, 2024Assignee: DatChat, Inc.Inventor: Darin Myman
-
Patent number: 11855842Abstract: In embodiments, a computer system of a primary entity receives from a secondary entity a first communication about a relationship instance between the primary entity and the secondary entity, and transmits to an Online Service Provider (OSP) a second communication with a dataset. The dataset has dataset parameters about the relationship instance. The second communication causes the OSP to select a file template per the dataset, to produce a resource for the dataset, and to prepare a digital exhibit that is arranged to report the resource as answering the identified requirement. The OSP then transmits to the computer system a third communication that includes an access indicator adapted to facilitate viewing the digital exhibit. Upon receiving the third communication, the computer system transmits a fourth communication to the device of the secondary entity, the fourth communication including the access indicator.Type: GrantFiled: February 22, 2023Date of Patent: December 26, 2023Assignee: Avalara, Inc.Inventors: Jayme Fishman, Andrew Brandon Chan, Gregory T. Kavounas
-
Patent number: 11843611Abstract: The present disclosure relates generally to access control, and more particularly, to techniques (e.g., systems, methods, computer program products storing code or instructions executable by one or more processors) for providing for inline enrollment in multi-level and multi-factor authentication of a user allowing login on a restricted website, or on an enterprise network with single sign-on, or on various other service systems with security restrictions.Type: GrantFiled: January 26, 2021Date of Patent: December 12, 2023Assignee: Oracle International CorporationInventors: Nagaraj Pattar, Pruthvithej Ramesh Kumar
-
Patent number: 11824945Abstract: Examples described herein may include a playback device receiving, from a control device, a validation-key that includes an application identifier corresponding to a controller application. The playback device may create a session identifier and transmit the session identifier to the control device. The playback device may receive, from the control device, a playback request comprising the session identifier and a playback command. The playback device may determine that the session identifier is valid and then execute the playback command. A computing system may receive identification information related to a controller application and generate the validation-key based on the controller application meeting at least one quality-control metric. The controller application may receive the validation-key from the computing system.Type: GrantFiled: October 20, 2022Date of Patent: November 21, 2023Assignee: Sonos, Inc.Inventor: Andrew Schulert
-
Patent number: 11818112Abstract: Disclosed are various examples for enrolling a client device and synchronizing user attributes for the client device across multiple directory services. A search request for user attributes can be sent to a first directory service with an identifier for a user account. The first directory service can query for the identifier and send back user attributes. If a global identifier is included in the attributes, another search request for user attributes can be sent to a second directory service with the global identifier. The second directory service can query for the global identifier and send back user attributes.Type: GrantFiled: April 4, 2022Date of Patent: November 14, 2023Assignee: AirWatch, LLCInventors: Kalyan Regula, Shravan Shantharam, Nishita Manjunath, Varun Murthy, Jason Roszak
-
Patent number: 11818183Abstract: A system and method of communicating between computing devices including pairing a first computing device with a second computing device. The first computing device and the computing second device are configured to communicate with an application workspace system. The first computing device provides token and application information to a second computing device. The second computing device is authenticated with the application workspace system using the token and launches an application corresponding to the application information.Type: GrantFiled: July 5, 2021Date of Patent: November 14, 2023Assignee: VMware, Inc.Inventors: Ramani Panchapakesan, Pradeep B H Pai, Usha Kamath, Ben Joseph, Sharun Samuel