Global (e.g., Single Sign On (sso), Etc.) Patents (Class 726/8)
  • Patent number: 11687643
    Abstract: Provided is an information linkage system, comprising: a processor; and a storage device coupled to the processor, the storage device holds identification information of a user and information on the user, which are added by a first organization, in association with each other, the processor: transmits to a second organization an information linkage application regarding information on any one item included in the information on the user; acquires, when the information linkage application is received, identification information of the user and information on the user of the item specified by the information linkage application, which are added by the second organization; and stores the acquired information in the storage device in association with the identification information of the user and the information on the user regarding the same user as a user identified by the acquired identification information, which are added by the first organization.
    Type: Grant
    Filed: September 18, 2019
    Date of Patent: June 27, 2023
    Assignee: HITACHI, LTD.
    Inventors: Hiroaki Konoura, Masafumi Kinoshita, Hirofumi Inomata, Masaki Hirayama, Ryouichi Tanaka
  • Patent number: 11675890
    Abstract: A method of provisioning organization users in a multi-tenant database system includes receiving a request via a single sign-on protocol from an organization user to create a new multi-tenant database user account for access to the multi-tenant database system. The method retrieves rules that specify how to derive user permissions for access to the multi-tenant database system from stored user attributes of the organization user. The method continues with applying the rules to the stored user attributes to determine permissions for the users to access particular objects in the multi-tenant database system, and creating the new user account with the determined user permissions for access to the multi-tenant database system.
    Type: Grant
    Filed: December 29, 2020
    Date of Patent: June 13, 2023
    Assignee: Salesforce, Inc.
    Inventor: Jong Lee
  • Patent number: 11677704
    Abstract: Techniques for scam detection and prevention are described. In one embodiment, an apparatus may comprise an interaction processing component operative to generate a scam message example repository; submit the scam message example repository to a natural-language machine learning component; and receive a scam message model from the natural-language machine learning component in response to submitting the scam message example repository; an interaction monitoring component operative to monitor a plurality of messaging interactions with a messaging system based on the scam message model; and determine a suspected scam messaging interaction of the plurality of messaging interactions; and a scam action component operative to perform a suspected scam messaging action with the messaging system in response to determining the suspected scam messaging interaction. Other embodiments are described and claimed.
    Type: Grant
    Filed: February 15, 2022
    Date of Patent: June 13, 2023
    Assignee: Meta Platforms, Inc.
    Inventors: Emanuel Alexandre Strauss, Muhammad Saif Farooqui, Rehman Mehdi Muhammad, Michelle Ruby Hwang, Nicolas Scheffer, Joseph Rhyu
  • Patent number: 11663030
    Abstract: A gateway performs silent authentication refreshes with an identity management platform in order to extend the expiration of a cookie provided to an endpoint that accesses network applications through the gateway.
    Type: Grant
    Filed: March 9, 2022
    Date of Patent: May 30, 2023
    Assignee: Sophos Limited
    Inventors: Biju Ramachandra Kaimal, Venkata Suresh Reddy Obulareddy
  • Patent number: 11657396
    Abstract: A system and method for authorizing a Client Device requested access, the method comprising: forming a proximity enforced Bluetooth® binded communication link between the Client Device and a Level of Assurance (LOA) Provider; providing a login screen to a user entity at the Client Device from a Relying Party (RP) Services Application; receiving login information from the user entity; obtaining identity of the user entity on the LOA Provider using a biometric information of the user entity; sending the biometric information, a private key and contextual identifiers to an LOA Server; and identifying the user entity at the LOA Server using the biometric information, the private key and the contextual identifiers and the Client Device in determining whether to grant access to the RP Services Application.
    Type: Grant
    Filed: May 2, 2022
    Date of Patent: May 23, 2023
    Inventors: Nahal Shahidzadeh, Haitham Akkary
  • Patent number: 11658865
    Abstract: Methods, systems, apparatuses, and computer-readable media for updating an operational parameter of a device of a local network of interconnected devices are provided. A user-operated device, in association with an attempt to access the device, may provide an update to the operational parameter of the device. The user-operated device may send the update to the operational parameter before sending the device an operational command. The device may apply the update received from the user-operated device before performing an operation corresponding to the operational command.
    Type: Grant
    Filed: March 20, 2018
    Date of Patent: May 23, 2023
    Assignee: Delphian Systems, LLC
    Inventors: Arkadiusz Zimny, Ashok Hirpara, Thomas D. Johnson
  • Patent number: 11652613
    Abstract: Methods, apparatuses, systems, and computer-readable mediums for sharing user credentials in federated authentication are described herein. An identity provider may receive a user credential from a user device. The identity provider may receive, from a relying party, a request for an access token. The identity provider may encrypt the user credential based on a nonce that is uniquely generated for the relying party. The identity provider may send a response to the relying party. The response may include the access token, the encrypted user credential, and the nonce.
    Type: Grant
    Filed: September 4, 2020
    Date of Patent: May 16, 2023
    Assignee: Citrix Systems, Inc.
    Inventors: Dileep Reddem, Ricardo Fernando Feijoo
  • Patent number: 11652808
    Abstract: Embodiments as disclosed provide systems and methods that use a local authenticator within a domain to provide a credential to access a resource of the domain to a non-local requestor. When a request is received from a non-local requestor at the domain the non-local requestor can be authenticated based on the request. The local authenticator can then be accessed to obtain a credential. This credential may be the same type of credential provided to members of the domain when they authenticate using the local authenticator. The credential is provided to the non-local requestor so the non-local requestor can access the resource of the domain using the credential and authentication of the non-local requestor with respect to these accesses can be accomplished using the local domain authenticator and the credential.
    Type: Grant
    Filed: December 22, 2020
    Date of Patent: May 16, 2023
    Assignee: Open Text SA ULC
    Inventors: Glen Matthews, Jonathan Carroll, Aladin Dajani
  • Patent number: 11653201
    Abstract: Management and configuration of internet of things network connected devices is facilitated herein. A proxy device comprises a memory that stores executable instructions that, when executed by a processor, facilitate performance of operations that comprise determining a first identity and a first operational parameter of a first device and a second identity and a second operational parameter of a second device. The first device and the second device can be associated with a defined communication network. The proxy device can be provisioned within the defined communication network and can operate as a security update proxy node for the first device and the second device. The operations can also comprise facilitating a first security update at the first device and a second security update at the second device based on a determination that the first device and the second device have delegated responsibility for security synchronization to the proxy device.
    Type: Grant
    Filed: June 25, 2021
    Date of Patent: May 16, 2023
    Inventors: Eric Zavesky, Bernard S. Renger, Behzad Shahraray, David Crawford Gibbon, Lee Begeja, Timothy Innes
  • Patent number: 11645392
    Abstract: A method by one or more electronic devices to notify an administrator when it is safe to mitigate a non-compliant database configuration of a database. The method includes responsive to identifying the non-compliant database configuration of the database, applying a security rule that detects occurrences of database operations that make use of the non-compliant database configuration and responsive to a determination that the security rule has not been invoked for at least a threshold length of time, causing a notification to be sent to the administrator that indicates that it is safe for the administrator to mitigate the non-compliant database configuration.
    Type: Grant
    Filed: March 31, 2021
    Date of Patent: May 9, 2023
    Assignee: Imperva, Inc.
    Inventors: Avidan Reich, Amichai Shulman, Michael Cherny
  • Patent number: 11647094
    Abstract: Disclosed are techniques and apparatuses that are configured to receive an indication that a web browsing session executing on an enterprise server needs additional information based on a request for additional information being sent to a client device. The request may include an identifier of the web browsing session and an identifier of an enterprise server that initiated the web browsing session. A globally unique identifier related to the web browsing session and an identifier of the enterprise server is stored in a common data store. The web browsing session may be paused when the web browsing session requests additional information from a client device. The client device may respond with the additional information. The system may provide the identifier of the enterprise server to a load balancing component so the identified web browsing session executing on the enterprise server may continue to be used.
    Type: Grant
    Filed: May 11, 2022
    Date of Patent: May 9, 2023
    Assignee: Capital One Services, LLC
    Inventors: Joshua Edwards, Shabnam Kousha, Daniel E. Miller
  • Patent number: 11636476
    Abstract: There is provided a method and system for carrying out two factor authentication, which renders an augmented reality environment or a virtual reality environment at the user device to depict an authentication object, and when a user interaction with the authentication object is detected, an authentication code received from an issuer server is displayed at the user device.
    Type: Grant
    Filed: April 18, 2018
    Date of Patent: April 25, 2023
    Inventors: Rajat Maheshwari, Sunitha Miryala, Philip Wei Ping Yen
  • Patent number: 11637861
    Abstract: A method for securing a networked computer system executing an application includes identifying a vulnerable computer resource in the networked computer system, determining all computer resources in the networked computer system that are accessible from, or are accessed by, the vulnerable computer resource, and prioritizing implementation of a remediation action to secure the vulnerable computer resource if a vulnerability path extends from the vulnerable computer resource to a critical computer resource that contains sensitive information. The remediation action to secure the vulnerable computer resource is a safe remediation action that does not impact availability of the application executing on the networked computer system.
    Type: Grant
    Filed: January 23, 2020
    Date of Patent: April 25, 2023
    Assignee: BMC Software, Inc.
    Inventors: Siddharth Sukumar Burle, Ajoy Kumar, Manish Jain
  • Patent number: 11632362
    Abstract: Systems and methods for using JavaScript Object Notation (JSON) Web Tokens for information security for a particular software-controlled application are disclosed. Exemplary implementations may: store information electronically, including different types of client-provided information, hardware information, key information, and permission information; provide individual JWTs that include individual expiration dates to individual users; receive a user request for continued access and/or use of the particular software-controlled application; perform different types of (automated) verification based on the client-provided information in the user request; and, responsive to particular results from the different types of verification, perform some combination of transferring a response to the user request and accepting or denying continued access and/or use of the particular software-controlled application.
    Type: Grant
    Filed: April 14, 2021
    Date of Patent: April 18, 2023
    Assignee: SHAYRE, INC.
    Inventors: Christopher John Woodward, Christopher Joseph Monte, Matthew Lyle Comeione
  • Patent number: 11627054
    Abstract: The present disclosure relates to managing activity taken with respect to cloud-based software services. A platform manages data objects processed by software services and/or those entities that initiate processing events. The platform uses identifiers such as, for example, a persistent identifier (PID) to track processing events, The platform implements rules and/or permissions related to the managed data objects and/or managed entities to determine whether processing events are in compliance. The platform may update database records, send alerts, send data graphs, or provide a real-time stream related to the managed data objects and/or managed entities.
    Type: Grant
    Filed: March 3, 2021
    Date of Patent: April 11, 2023
    Assignee: BETTERCLOUD, INC.
    Inventors: David Anthony Esposito, Peter Bilali, David Kenneth Hardwick, David Eli Politis
  • Patent number: 11621844
    Abstract: Disclosed are methods and systems for securely providing identity attributes. A server computer may receive, from a relying entity, a request for identity attributes associated with a target entity, wherein the request for identity attributes includes a session identifier associated with the target entity and an identifier of the relying entity. The server computer may validate the request based on the session identifier. The server computer may identify, based on the identifier of the relying entity, a package defining types of identity attributes for the relying entity and a data access token associated with the package. Based on validating the request, the server computer may transmit, to a digital identity provider, a request for a set of identity attributes corresponding to the package, the request comprising the data access token. The server computer may receive, from the digital identity provider, the set of identity attributes.
    Type: Grant
    Filed: May 3, 2019
    Date of Patent: April 4, 2023
    Assignee: Visa International Service Association
    Inventor: Michael Steven Bankston
  • Patent number: 11620372
    Abstract: Techniques are disclosed to provide application extension-based authentication on a device under third party management. In various embodiments, a unique identifier associated with an authentication app is stored on the device. An app extension framework that enables a native app to request, via an app extension associated with the authentication app, access to a service with which the native app is associated is provided. The authentication app is configured to use the unique identifier to determine a security posture of the device and to grant or deny access to the service based at least in part on the security posture of the device.
    Type: Grant
    Filed: June 19, 2020
    Date of Patent: April 4, 2023
    Assignee: Ivanti, Inc.
    Inventor: Suresh Kumar Batchu
  • Patent number: 11606590
    Abstract: A method includes receiving, by a content sharing platform, a request for content from a client device, the request for content comprising a session-based authentication token that pertains to a session between the client device and the content sharing platform. The content sharing platform can further validate the session-based authentication token and cause playback of the requested content to begin at the client device. Responsive to a valid content-based authentication token supplied by the client device, the content sharing platform can cause playback of the requested content to continue at the client device, wherein the valid content-based authentication token is based on an identifier of the requested content.
    Type: Grant
    Filed: March 3, 2021
    Date of Patent: March 14, 2023
    Assignee: Google LLC
    Inventors: Colin Whittaker, David Lee, Haidong Shao, Adrian Isles, John Draper, Maxim Kovalkov
  • Patent number: 11599652
    Abstract: A system includes one or more privacy vaults. At least one of the one or more privacy vaults is associated with at least one individual user, stores contents associated with the associated at least one individual user, and stores specific identification of a plurality of third-party entities, authorized to access at least a portion of the contents stored by the one or more privacy vaults, along with access permissions, one or more of the access permissions defined for each of the plurality of third-party entities. At least one of the access permissions defines accessibility of the contents for at least one of the plurality of third-party entities for which the at least one access permission is defined.
    Type: Grant
    Filed: January 28, 2022
    Date of Patent: March 7, 2023
    Inventors: Marvin Lu, Timothy Gibson, Thomas J. Wilson, Aleksandr Likhterman, Raja Thiruvathuru
  • Patent number: 11601413
    Abstract: A new control function is defined for the control plane of a 5G mobile network to enable the operator's mobile user, who is using a premium network slice, to access application services on the public Internet, by operator sign-on only when accessing the application on said slice. This unique single sign-on capability allows the user to bypass the service authentication after operator authenticates the mobile device by the user session establishment procedure. The new function registers a plurality of service applications, which sign-up for single sign-on capability. It also coordinates the mapping and storage of credentials of the user across the mobile operator's service and the service provider's application for each of said plurality of service applications, and transfers user credentials to the application so that the user's sign-in step is bypassed.
    Type: Grant
    Filed: October 14, 2020
    Date of Patent: March 7, 2023
    Assignee: NETSIA, INC.
    Inventors: Beytullah Yigit, Can Altay, Burak Gorkemli, Seyhan Civanlar
  • Patent number: 11601416
    Abstract: An information processing apparatus includes an authenticator that authenticates a user so that the user accesses plural resources on a network, an acquirer that acquires conditions that are related to a strength of authentication information and are provided differently for the respective resources, and a controller that controls, when the user accesses one resource out of the plural resources, access to the one resource based on a condition related to the strength for the one resource and strength information related to the strength of the authentication information of the user that is used by the authenticator.
    Type: Grant
    Filed: September 2, 2019
    Date of Patent: March 7, 2023
    Assignee: FUJIFILM Business Innovation Corp.
    Inventor: Yuki Inoue
  • Patent number: 11595210
    Abstract: A facility for performing accurate and real-time privacy-preserving biometrics verification in a client-server environment is described. The facility receives the user's biometrics data such as face, voice, fingerprint, iris, gait, heart rate, etc. The facility then processes and applies various privacy-preserving techniques to this data to complete enrollment and authenticate users, including but not limited to: encrypting data with a key using homomorphic encryption techniques and sending the encryption to the server; the server computes directly on the encryption and returns the result, which is also encrypted under the same key, to the client; the client optionally performs post-processing and decryption (in any order) and obtains the enrollment or authentication result. The facility may repeat this process to increase security level, resulting in more than 1 round trip between the client and the server.
    Type: Grant
    Filed: May 5, 2020
    Date of Patent: February 28, 2023
    Assignee: Inferati Inc.
    Inventor: Luong Hoang
  • Patent number: 11595322
    Abstract: Systems and methods for performing self-contained posture assessment from within a protected portable-code workspace are described. In some embodiments, an Information Handling System (IHS) may include a processor and a memory having program instructions that, upon execution, cause the IHS to: transmit, from an orchestration service to a local agent, a workspace definition that references an application, where the application comprises a first portion of code provided by a developer and a second portion of code provided by the orchestration service; and receive, from a local agent at the orchestration service, a message in response to the execution of the second portion of code within a workspace instantiated based upon the workspace definition. The second portion of code may inspect the contents of the runtime memory of the workspace upon execution, for example, by performing a stack canary check, a hash analysis, a boundary check, and/or a memory scan.
    Type: Grant
    Filed: December 16, 2020
    Date of Patent: February 28, 2023
    Assignee: Dell Products, L.P.
    Inventors: Nicholas D. Grobelny, Girish S. Dhoble, Joseph Kozlowski, David Konetski
  • Patent number: 11588806
    Abstract: Disclosed are various approaches for relaying and caching authentication credentials. A single sign-on (SSO) token is received, the SSO token representing a user account authenticated with an identity manager. An authentication request is then sent to a service that is federated with the identity manager in response to receipt of the SSO token, the authentication request including the SSO token. An access token is received in response to the authentication request, the access token providing access to the service for the user account authenticated with the identity manager for a predefined period of time. The access token and a link between the access token and the SSO token are then cached.
    Type: Grant
    Filed: November 30, 2020
    Date of Patent: February 21, 2023
    Assignee: VMware, Inc.
    Inventors: David Shaw, Daniel E. Zeck, Robert Worsnop
  • Patent number: 11569995
    Abstract: Apparatus and method for managing devices within a trust boundary of a computer network. In some embodiments, a trust manager circuit uses a first registration authority to authenticate a plurality of processing devices to form a trust group. A new processing device is subsequently added to the group. The trust manager circuit uses a different, second registration authority to provisionally authenticate the new processing device in response to an unavailability of the first registration authority, and grants provisional rights to the new processing device. Once the first registration authority is once again available, the trust manager performs a full authentication of the new processing device and grants full rights to the device.
    Type: Grant
    Filed: March 15, 2021
    Date of Patent: January 31, 2023
    Assignee: Seagate Technology LLC
    Inventors: Corey Hill, Dieter Schnabel
  • Patent number: 11570621
    Abstract: Disclosed is a method for secured communication by a V2X communication device. A method for secured communication by a V2X communication device comprises the steps of: receiving a message on the basis of V2X communication; extracting adaptive certificate pre-distribution (ACPD) target information when the message includes the ACPD target information; pre-authenticating a short-term certificate; and transferring the pre-authenticated short-term certificate so that the pre-authenticated short-term certificate can be broadcasted at a predicted position.
    Type: Grant
    Filed: December 4, 2017
    Date of Patent: January 31, 2023
    Assignee: LG Electronics Inc.
    Inventor: Soyoung Kim
  • Patent number: 11563568
    Abstract: Groups of devices may be prevented from accessing content by encrypting the content. A plurality of secrets associated with a decryption key may be generated using a secret sharing algorithm. The plurality of secrets may be sent to one or more groups of devices to derive the decryption key. A non-restricted subset of the groups of devices may receive one or more secrets. Devices within the non-restricted subset of the groups may be able to use one or more secrets to determine the decryption key for the content. Groups that do not receive one or more secrets may be unable to determine the decryption key for the content.
    Type: Grant
    Filed: February 26, 2021
    Date of Patent: January 24, 2023
    Assignee: Comcast Cable Communications, LLC
    Inventor: Kyong Park
  • Patent number: 11563725
    Abstract: A system uses a keyboard application to encrypt and decrypt e-mail, messages, and other digital data. By using quantum random number generators, the system has improved data security. Using a quantum random number, an agent (at a sender side) generates an encryption key which is used to automatically encrypt a message. The encryption key is stored at a key server. The encrypted message will be sent by an application using its standard transmission means such as SMTP, SMS, and others. The encrypted message can be automatically unencrypted by using an agent (at a recipient side) and retrieving the key from the key server. The system also provides an optional double encryption, where the message is encrypted with a user-generated password before being encrypted using the encryption key.
    Type: Grant
    Filed: May 10, 2021
    Date of Patent: January 24, 2023
    Inventors: Brian Wane, Ikechi Echebiri, Junaid Islam
  • Patent number: 11558383
    Abstract: A method for securing cloud applications is described. The method may include establishing a connection between a cloud application isolation portal, a cloud access security broker, and a cloud application based on an indication of the cloud application and a set of credentials associated with an end user of the cloud application, and managing, via the cloud application isolation portal and the cloud access security broker, a session between the cloud application and a computing device associated with the end user based on the connection between the cloud application isolation portal with the cloud access security broker and the cloud application.
    Type: Grant
    Filed: March 15, 2019
    Date of Patent: January 17, 2023
    Assignee: CA, Inc.
    Inventors: Alex Au Yeung, Amit Kanfer, Arunabha Saha, Manoj Kumar Sharma, Paul Kao, Prashanth Prabhu, Russell Daigle, Tobias Pischl, Yehoshua Chen
  • Patent number: 11546728
    Abstract: A system includes sensors disposed within a location for outputting presence signals to a smart device, for receiving an ephemeral ID signal from the smart device, for outputting sensor ID signals to the smart device, for receiving responsive data from the smart device and for determining presence of the smart device in response to the responsive data, an authentication server for receiving the sensor ID signals from the smart device, for determining the responsive data, and for providing the responsive data to the smart device, a hub device coupled to the sensors for receiving an indication of the determination of the presence of the smart device, for determining additional data associated with the smart device, for facilitating a physical change perceptible to a user of the smart device in response to the additional data, and for providing the presence data to a smart device associated with a first responder.
    Type: Grant
    Filed: November 13, 2020
    Date of Patent: January 3, 2023
    Assignee: Proxy, Inc.
    Inventors: Denis Mars, Simon Ratner
  • Patent number: 11539785
    Abstract: In non-limiting examples of the present disclosure, systems, methods and devices for providing a unified cross-platform experience are provided. A connection between a first device and a second device may be established, wherein the first device operates on a first platform and the second device operates on a second platform. A plurality of executable actions that are specific to the second device may be identified by the first device. Execution of at least one of the plurality of executable actions by the second device may be requested by the an application executed on the first device. Information obtained via execution of the at least one executable action may be received by the first device and the first device may present and/or display that information.
    Type: Grant
    Filed: February 22, 2019
    Date of Patent: December 27, 2022
    Inventors: Shrey Nitin Shah, Meir Ben Itay
  • Patent number: 11533280
    Abstract: Systems and methods are provided for performing operations including receiving, by a messaging application server from a third-party application server, a request to generate a content item code that is associated with a third-party content item; generating, by the messaging application server, the content item code in response to receiving the request from the third-party application server; causing a representation of the content item code to be displayed; retrieving the third-party content item in response to a messaging application implemented on a user device capturing the image of the representation that is displayed; and enabling an image modification feature of the messaging application using the retrieved third-party content item.
    Type: Grant
    Filed: February 28, 2020
    Date of Patent: December 20, 2022
    Assignee: Snap Inc.
    Inventors: Hongjai Cho, Rastan Boroujerdi, Robert David Idol, Patrick Mandia, Sriram Raman, Robin Wilborn, Xiaomu Wu
  • Patent number: 11526490
    Abstract: A computer-implemented method improves the performance of write ahead logging. The method includes generating a set of query data and a set of log data, where the set of log data is configured to create a write ahead log, and the set of query data is configured to make changes to data in a database. The method also includes writing the set of query data to a virtual file system. The method further includes separating the set of log data into a set of control intervals, where each control interval includes an entry. The method includes writing, each entry into a log buffer, where the writing the set of query data to the virtual file system and the writing each entry into the log buffer are performed in parallel. The method also includes combining each entry into a complete log.
    Type: Grant
    Filed: June 16, 2021
    Date of Patent: December 13, 2022
    Assignee: International Business Machines Corporation
    Inventors: Hong Mei Zhang, Shuo Li, Xiaobo Wang, Sheng Yan Sun
  • Patent number: 11526609
    Abstract: Systems and methods for recent file malware scanning are provided herein. In some embodiments, a security system may include a processor programmed to download one or more files; filter, by a first driver, the one or more downloaded files using a security zone identifier; scan, by the first driver, the filtered subset of one or more files for malware; store, by a second driver, a first set of information associated with each of the scanned files to indicate that each the filtered subset of one or more files have been scanned, wherein the first set of information is stored as metadata using alternative data stream (ADS) associated with each scanned file; monitor, by the second driver, changes to existing files based on the metadata stored; send instructions to rescan any existing file that has changed for malware; and update the information associated with any rescanned file's metadata using the ADS.
    Type: Grant
    Filed: November 18, 2021
    Date of Patent: December 13, 2022
    Assignee: UAB 360 IT
    Inventors: Mohamed Adly Amer Elgaafary, Mantas Briliauskas
  • Patent number: 11522839
    Abstract: A method, system, and computer program product for providing protected remote access from a remote access client to a remote access server over a computer network through a plurality of inspections. A remote access configuration file is created for the remote access client. A digital hash of the configuration file is then generated. The digital hash is compared with a configuration file stored at a predefined web location. If the comparison results in a match between the digital hash and the stored configuration file, a digital hash comparison is performed between an encrypted remote access configuration file and an encrypted configuration file stored at the predefined web location. If the plurality of inspections are passed, the remote access client is released from a quarantine state and a virtual private network (VPN) connection to the remote access server is established.
    Type: Grant
    Filed: February 2, 2021
    Date of Patent: December 6, 2022
    Assignee: International Business Machines Corporation
    Inventors: Colin Lee Feeser, Anthony W. Ondrus, Steven J. Sanders
  • Patent number: 11522812
    Abstract: Techniques are described for providing a cloud data collector (CDC) application for managing the generation of infrastructure templates. The CDC application provides graphical user interfaces that enable a user to provide inputs indicating configurations of data to be ingested by the data intake and query system, each configuration including one or more user accounts, in addition to data sources and regions associated with data sources. Using the configurations provided as input to the CDC application, the CDC application generates an infrastructure template that can be used to configure the service provider network to provide the requested security data to the data intake and query system.
    Type: Grant
    Filed: January 29, 2021
    Date of Patent: December 6, 2022
    Assignee: Splunk Inc.
    Inventors: Omprakaash Thoppai, Sakib Mehasanewala, Yogesh Sontakke
  • Patent number: 11516203
    Abstract: Systems and methods for embodiments of artificial intelligence systems for identity management are disclosed. Specifically, embodiments of an identity management system may provide identity management in association with cloud services used by an enterprise and, in particular, may provide identity management in association with cloud based services that may be accessed through federated access providers.
    Type: Grant
    Filed: July 29, 2020
    Date of Patent: November 29, 2022
    Assignee: SailPoint Technologies, Inc.
    Inventors: Brian Eric Rose, Nicholas Ryan Wellinghoff
  • Patent number: 11516204
    Abstract: A method for providing secure single sign on includes receiving a first data object from an application hosting server, the first data object indicating at least a service provider name and identifying a configuration file corresponding to the service provider name, wherein the configuration file includes at least trusted identity information. The method also includes determining, using the configuration file corresponding to the service provider name, whether the first data object is valid and, in response to a determination that the first data object is valid, generating a response message.
    Type: Grant
    Filed: December 14, 2020
    Date of Patent: November 29, 2022
    Assignee: Express Scripts Strategic Development, Inc.
    Inventors: Steven Sefton, Neil J. Powell, Travis Williams
  • Patent number: 11509644
    Abstract: Various systems and methods of establishing a trusted pairing relationship between IoT devices, through the exchange of authentication service proof of possession tokens, are described herein. In an example, a trusted pairing relationship is established between IoT devices, through access control and credential resources based on communication via intermediary devices and services. The IoT devices may request or receive access to or information from a resource based on the trusted relationship.
    Type: Grant
    Filed: January 10, 2018
    Date of Patent: November 22, 2022
    Assignee: Intel Corporation
    Inventor: Ned M. Smith
  • Patent number: 11509641
    Abstract: Techniques are disclosed relating to a computer system accessing a client credential set to authenticate with a destination computer system. A computer system may, subsequent to receiving an indication to make available an application for a particular user, retrieve configuration data specifying a reference to a key value. The computer system may maintain a data object that includes a client credential set for the particular user. In response to an occurrence of an event associated with the application, the computer system may access the client credential set of the particular user from the data object using the key value and an indication of the particular user. The computer system may then send a request including the client credential set to a destination computer system for authentication with the destination computer system and receive a response indicating whether the computer system has been authenticated.
    Type: Grant
    Filed: January 11, 2021
    Date of Patent: November 22, 2022
    Assignee:, inc.
    Inventors: Kyle Edward Heldman, Douglas Christopher Wilson, Jackson Gregory Reed, Kyle Warren Apple, Jacob Andrew Richwine
  • Patent number: 11502833
    Abstract: Apparatuses, methods, systems, and program products are disclosed for secure data handling and storage. An apparatus includes a lock module that receives a request to decrypt encrypted data that is stored in a data repository, the encrypted data encrypted using a first encryption key, and unlocks an encryption engine in response to the request. An encryption engine may be unlocked using a master key that is generated based on combination of a plurality of keys held by a plurality of key holders. An apparatus includes a decryption module that decrypts encrypted data using an encryption engine. Encrypted data may be decrypted using a first encryption key. An apparatus includes an encryption module that re-encrypts decrypted data using an encryption engine. Decrypted data may be re-encrypted with a second encryption key that is different than a first encryption key and stored in a data repository.
    Type: Grant
    Filed: December 23, 2019
    Date of Patent: November 15, 2022
    Inventors: Brandon Dewitt, Matt Hillary, Devin Christensen, John Atkinson, George Lambson
  • Patent number: 11496580
    Abstract: The systems and methods described herein can enable the indirect transmission of session data between different domains. The system can pass the session data through a hashing function so that the data from a given domain remains private and secure to the specific domain. The system can generate clusters of associated domains for a given client device that the system can use to maintain a session between the client device and the domain.
    Type: Grant
    Filed: July 12, 2021
    Date of Patent: November 8, 2022
    Assignee: Google LLC
    Inventors: Gang Wang, Sagnik Nandy
  • Patent number: 11496565
    Abstract: Techniques are described for providing a multi-service storage layer in a cloud provider network for applications and workloads that are highly sensitive to outages affecting “mission critical” data or other resources. A multi-service storage layer is designed to provide additional resiliency against various types of correlated failures among existing geographic regions by enabling the storage of data using a plurality of separate storage services and storage resource types and across a plurality of regions of the cloud-provider network. A multi-service storage layer provides an application programming interface (API) with actions for storing, retrieving, and querying data stored in a highly available storage resource across a selection of underlying storage services.
    Type: Grant
    Filed: March 13, 2020
    Date of Patent: November 8, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Jacob Adam Gabrielson, Joshua M Burgin
  • Patent number: 11496465
    Abstract: Methods and systems are described for verifying an identity of a user through contextual knowledge-based authentication. The system described uses contextual knowledge-based authentication. By verifying an identity of a user through contextual knowledge-based authentication, the verification is both more secure and more intuitive to the user. For example, by relying on confidential and/or proprietary information, the system may generate verification questions, the answers to which are known only by the user.
    Type: Grant
    Filed: September 2, 2020
    Date of Patent: November 8, 2022
    Assignee: Capital One Services, LLC
    Inventors: Matt Davis, Pranav Khanna, Paul Melby
  • Patent number: 11489831
    Abstract: A communication system is provided, the communication system including an authenticating unit that authenticates a plurality of communication terminals based on a single user ID, and keeps the plurality of communication terminals logged into an information providing service. A storing unit that stores therein provider registration information including a plurality of pieces of provider information that indicate providers of respective pieces of data being displayed on each communication terminal among the plurality of communication terminals. A receiving unit receives designation information that designates the provider registration information. A transmitting unit transmits each piece among the plurality of pieces of provider information to each communication terminal among the plurality of communication terminals so as to cause each communication terminal among the plurality of communication terminals to display data provided by a provider indicated by a plurality of pieces of provider information.
    Type: Grant
    Filed: August 3, 2020
    Date of Patent: November 1, 2022
    Assignee: e-Jan Networks Co.
    Inventors: Shiro Sakamoto, Kumar Karvepaku, Daisuke Yanagisawa, Shinji Kusuki
  • Patent number: 11489859
    Abstract: A system and method for retrieving and extracting security information is provided. The method includes (i) extracting seed Uniform Resource Locators (URLs) from social media based on keywords that are identified for each sub-domain, (ii) crawling a security related content in the extracted seed URLs to determine relevant URLs that are related to a security domain from the extracted seed URLs, (iii) classifying the security related content into sub-domains of security to obtain domain coverage, (iv) extracting text that include acronyms from the relevant URLs, (v) automatically evolving a security ontology based on extracted text using a Long Short-Term Memory (LSTM) deep Learning model, (vi) ranking search results by accessing credibility of the URLs that include the security related content based on domain relevance and (vii) providing the ranked search results that includes trends.
    Type: Grant
    Filed: May 23, 2019
    Date of Patent: November 1, 2022
    Inventors: Y Raghu Babu Reddy, Lalit Mohan Sanagavarapu, Vasudeva Varma
  • Patent number: 11487865
    Abstract: A method for facilitating credential management in a Structured Query Language (SQL) Server Integration Services (SSIS) environment is provided. The method includes identifying a credential update trigger event; accessing a user credential at an electronic password vault (EPV) in response to the credential update trigger event, the user credential including at least one string; parsing the user credential to identify a username and a password that are associated with the user credential; splitting the user credential into the username and the password; updating the password; and storing the updated password in a SSIS database.
    Type: Grant
    Filed: June 24, 2020
    Date of Patent: November 1, 2022
    Inventor: Jason Harmon
  • Patent number: 11490161
    Abstract: An electronic device for providing geolocation independent content rights management includes a non-transitory storage medium and a processing unit. The processing unit executes instructions stored in the non-transitory storage medium to receive a request for content from a content access device and, if the content access device is registered to an account associated with a geolocation, provides access to the content. In some implementations, the processing unit may determine if the content access device is registered using a token corresponding to the request. In various implementations, the processing unit may verify that one or more digital rights management and/or persistence policies allow the access, such as where access may be provided to one copy of the content at a time.
    Type: Grant
    Filed: September 27, 2021
    Date of Patent: November 1, 2022
    Assignee: T-MOBILE USA, INC.
    Inventor: Charles Hasek
  • Patent number: 11483396
    Abstract: Examples described herein may include a playback device receiving, from a control device, a validation-key that includes an application identifier corresponding to a controller application. The playback device may create a session identifier and transmit the session identifier to the control device. The playback device may receive, from the control device, a playback request comprising the session identifier and a playback command. The playback device may determine that the session identifier is valid and then execute the playback command. A computing system may receive identification information related to a controller application and generate the validation-key based on the controller application meeting at least one quality-control metric. The controller application may receive the validation-key from the computing system.
    Type: Grant
    Filed: November 8, 2021
    Date of Patent: October 25, 2022
    Assignee: Sonos, Inc.
    Inventor: Andrew Schulert
  • Patent number: 11483897
    Abstract: The present disclosure relates to a communication technique and system for combining 5G communication systems with IoT technologies to achieve a higher data rate beyond 4G systems. The present disclosure can be applied to intelligent services (e.g., smart homes, smart buildings, smart cities, smart or connected cars, healthcare, digital education, retail businesses, and security and safety related services) on the basis of 5G communication technologies and IoT related technologies. As an embodiment of the present specification, there is provided a method of signal transmission and reception for a user equipment (UE) in a mobile communication system. The method may include: receiving first information for providing a service from a service providing server; receiving second information for managing a session associated with the service from the service providing server; and sending a signal to the service providing server on the basis of the first information and the second information.
    Type: Grant
    Filed: November 23, 2015
    Date of Patent: October 25, 2022
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Songyean Cho, Sangsoo Jeong, Hyejeong Kim, Yunsang Park