Tokens (e.g., Smartcards Or Dongles, Etc.) Patents (Class 726/9)
  • Patent number: 11558751
    Abstract: Aspects of the subject disclosure may include, for example, initializing a secure timer in a wireless device, determining whether a subscriber identification module (SIM) card installed in the wireless device comprises a carrier identity that matches a carrier identity stored in the machine-readable medium, establishing a network connection with a trusted server, starting the secure timer if the SIM card and network connection are satisfactory, periodically checking the network connection and SIM card until expiry of the secure timer, penalizing the secure timer responsive to a failure of the network connection or SIM card check, and responsive to expiry of the secure timer, unlocking a SIM lock. Other embodiments are disclosed.
    Type: Grant
    Filed: March 24, 2021
    Date of Patent: January 17, 2023
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Ginger Chien, Richard Zaffino
  • Patent number: 11552939
    Abstract: The disclosure relates to a method for configuring a control device of an automation system, comprising: detecting a local access token via an interface of the control device; and modifying at least one parameter of the control device, which is designed to configure a data connection of the control device in response to the detection of the local access token.
    Type: Grant
    Filed: July 1, 2020
    Date of Patent: January 10, 2023
    Assignee: Robert Bosch GmbH
    Inventors: Alexander Breitenbach, Julien Rausch
  • Patent number: 11544409
    Abstract: In particular embodiments, a sensitive data management system is configured to remove sensitive data after a period of non-use. Credentials used to access remote systems and/or third-party systems are stored with metadata that is updated with each use of the credentials. After a period of non-use, determined based on credential metadata, the credentials are deleted. Personal data retrieved to process a consumer request is stored with metadata that is updated with each use of the personal data. After a period of non-use, determined based on personal data metadata, the personal data is deleted. The personal data is also deleted if the system determines that the process or system that caused the personal data to be retrieved is no longer in use. An encrypted version of personal data may be stored for later use in verifying proper consumer request fulfillment.
    Type: Grant
    Filed: October 12, 2021
    Date of Patent: January 3, 2023
    Assignee: OneTrust, LLC
    Inventors: Jonathan Blake Brannon, Kevin Jones, Saravanan Pitchaimani, Jeremy Turk
  • Patent number: 11544978
    Abstract: A method and system that allows authorized individuals access into controlled access locations and the ability to grant temporary and limited access to guests into these locations. The method and system allow for navigational services to be provided to members and guests, and real-time tracking and confirmation to members and administrators that guests have arrived at their destination and did not enter any unauthorized areas. The method preferably can work through a system of wireless radio, sound and/or light-based beacons communicating with member and guest's electronic devices. Members and administrators can send one or more temporary electronic access keys to a guest's smartphone or other electronic device. Wireless radio, sound and/or light-based beacons provide an access control and location tracking system with real-time data about the member and guest whereabouts, allowing for the confirmation and tracking.
    Type: Grant
    Filed: December 18, 2019
    Date of Patent: January 3, 2023
    Assignee: COLLATERAL OPPORTUNITIES OF NEVADA, LLC
    Inventors: Bruce Howard Kusens, Michael Kusens
  • Patent number: 11537737
    Abstract: Methods and systems of data de-tokenization are described herein to provide solutions to utilizing tokenized data files. A de-tokenization service controller may extract instances of tokenized data by determining a schema associated with a tokenized file, wherein the schema identifies which fields contain tokenized data. A decryption system may decrypt the tokens and send decrypted sensitive values to the de-tokenization service controller. The de-tokenization service controller may then generate a de-tokenized data file comprising a plurality of records corresponding to the plurality of original tokenized records, using the decrypted sensitive values in place of the instances of tokenized data. In some embodiments, the methods may further comprise generating a validated file by adding one or more fields indicating the results of validation based on a set of validation rules.
    Type: Grant
    Filed: February 18, 2020
    Date of Patent: December 27, 2022
    Assignee: Capital One Services, LLC
    Inventors: Naveen Teja Koduru, Kishore Doppalapudi, Siva Vegesana
  • Patent number: 11533356
    Abstract: A method for establishing a trust association includes receiving, by a server, a request to associate a web source with an account, the request having a link to the web source, and accessing, by the server, the web source in response to the request to associate. The method further includes locating, by the server and within the web source, a tag associated with the account, creating, by the server and in response to locating the tag within the web source, a trust association between the account and the web source, and providing, by the server, an indicating of the trust association for display in a user interface of a client device.
    Type: Grant
    Filed: March 31, 2021
    Date of Patent: December 20, 2022
    Assignee: Twitter, Inc.
    Inventor: Ben Ward
  • Patent number: 11522847
    Abstract: Aspects described herein relate to methods, devices and systems that allow for a client device, as part of a remote access or cloud-based network environment, to map external user identities to desktops and applications. Local user accounts can be dynamically generated on a virtual delivery agent. A mapping of the local user account to an external identity can be secured using signed tokens and maintained by a broker machine that allocates resources for the deployment of particular applications to the client device from the virtual delivery agent. This allows for the removal of any dependency on an Active Directory for maintaining user identities or federated sign-on services, greatly simplifying the management of user identities within the system and allowing for greater compatibility across client devices.
    Type: Grant
    Filed: March 12, 2021
    Date of Patent: December 6, 2022
    Assignee: Citrix Systems, Inc.
    Inventors: Leo C. Singleton, IV, Mukund Ingale, Yuri Kolesnikov
  • Patent number: 11520913
    Abstract: A method for securing Secure Objects that are protected from other software on a heterogeneous data processing system including a plurality of different types of processors wherein different portions of a Secure Object may run on different types of processors. A Secure Object may begin execution on a first processor then, depending on application requirements, the Secure Object may make a call to a second processor passing information to the second processor using a special inter-processor function call. The second processor performs the requested processing and then performs an inter-processor “function return” returning information as appropriate to the Secure Object on the first processor.
    Type: Grant
    Filed: May 11, 2018
    Date of Patent: December 6, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventor: Richard H. Boivie
  • Patent number: 11523276
    Abstract: Aspects of the disclosure relate to authorizing an event by utilizing a high generation cellular network to authenticate a device associated with the event. A computing platform may receive, from a first device, a request to authorize an event. Subsequently, the computing platform may identify, based on an analysis of location data, that a second device is proximate to the first device. The computing platform may then prompt the second device to authenticate the first device. Then, the computing platform may receive, from the second device, an authentication token indicating whether the first device is authenticated. Based on the authentication token, the computing platform may respond to the request to authorize the event.
    Type: Grant
    Filed: June 28, 2019
    Date of Patent: December 6, 2022
    Assignee: Bank of America Corporation
    Inventors: Rick A. Beye, Monika Kapur
  • Patent number: 11522854
    Abstract: The present disclosure provides an authentication method of an IoT device, an IoT device, a cloud server, an IoT authentication system and a computer readable medium. The authentication method includes: calculating account information corresponding to the IoT device according to an identifier and preset attribute information of the IoT device; and sending the account information to a cloud server, to cause the cloud server to perform identity authentication on the IoT device according to the account information.
    Type: Grant
    Filed: May 4, 2020
    Date of Patent: December 6, 2022
    Assignee: BEIJING BAIDU NETCOM SCIENCE AND TECHNOLOGY CO., LTD.
    Inventor: Xuya Wang
  • Patent number: 11520869
    Abstract: A method and system for temporarily gaining access to a system is disclosed, The method includes: receiving biometric data from a first biometric device of a first user on a computer processor; generating a temporary code on the computer processor in response to receipt of the biometric data from the first biometric device of the first user; sending the temporary code from the computer processor to the first biometric device of the first user; receiving biometric data from a second biometric device of a second user on the first biometric device of the first user; generating an access code on the first biometric device, the access code including one or more of the biometric data of the first user, the temporary code from the computer processor, and the biometric data of the second user; and sending the access code to the biometric device of the second user.
    Type: Grant
    Filed: March 24, 2020
    Date of Patent: December 6, 2022
    Assignee: KONICA MINOLTA BUSINESS SOLUTIONS U.S.A., INC.
    Inventors: Yu-Shing Chen, Kenneth Huang Young, Randy Cruz Soriano, Ann Qiongying Feng
  • Patent number: 11516207
    Abstract: A method for facilitating a provision of a certificate that securely verifies an identification of an application is provided. The method includes: validating a bootstrap identity that identifies the application at a time of invocation; generating a first token that is signed with a first private key and transmitting the signed first token to the application; receiving, from an external server, a request for a public key to be used for verifying the first private key; and transmitting the requested public key to the external server in order to prompt the external server to provide the certificate to the application. When prompted to provide the certificate to the application, the external server generates a second token that is signed with a second private key and transmits the certificate in conjunction with the signed second token to the application. The private keys are never shared with the application.
    Type: Grant
    Filed: June 2, 2020
    Date of Patent: November 29, 2022
    Assignee: JPMORGAN CHASE BANK, N.A.
    Inventors: Adrian Asher, Kabron Austin Kline, Tamila Fathi, Jared Dean Mitten, Carl Dashfield
  • Patent number: 11509714
    Abstract: Systems and methods are disclosed for online distribution of content by receiving, from a user's mobile device, a request for a web page hosted by a publisher's CMS; applying a rules engine to analyze a received URL according to a set of rules identifying one or more website types and/or referrers; if the received URL satisfies the rules engine, redirecting the received request to a syndication server system hosted within a global CDN; adding a URL of the web page to a missing content queue and redirecting the request to the publisher's CMS if the CDN syndication server does not contain a suitable mobile-formatted version of the web page; and delivering a package of binary compressed content of the web page to a stub page cached at the user's mobile device by the CDN syndication server, using recirculation and monetization components chosen by the publisher.
    Type: Grant
    Filed: October 22, 2021
    Date of Patent: November 22, 2022
    Assignee: Yahoo Ad Tech LLC
    Inventor: Seth Mitchell Demsey
  • Patent number: 11503012
    Abstract: A service or load balancer may use the techniques herein to perform client authentication using a certificate-based identity provider. A client may send a request for access to a service of the provider network. In response, the service or a load balancer may redirect the request to a certificate-based identity provider in accordance with a standard identity protocol (e.g., a federated identity protocol such as the protocol for OpenID Connect (OIDC)). The certificate-based identity provider may obtain a client certificate and validate the client certificate. The identity provider may also obtain and verify other credentials. In response to validating the client certificate (and in some cases authenticating the credentials), the certificate-based identity provider may generate and sign an identity token and redirect the client back to the service in accordance with the identity protocol.
    Type: Grant
    Filed: June 28, 2019
    Date of Patent: November 15, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Justin Paul Yancey, Jack A. Drooger, Beau Jared Hunter, Harvir Singh
  • Patent number: 11501285
    Abstract: A method is provided for managing an activation process of a secure element of a mobile station. The method includes detecting access by a computing device to an online service for managing an activation process of a secure element of a mobile station, receiving information confirming that a user of the computing device has permission to access the mobile station to confirm that the user of the computing device has permission to access the mobile station, triggering instantiation of a wallet application on the mobile station, the wallet application configured to access the secure element, triggering the wallet application to initiate activation and programming of the secure element, receiving a confirmation that activation and programming of the secure element are complete, and providing, to at least one of the computing device and the mobile station, a visual output representing that activation and programming of the secure element are complete.
    Type: Grant
    Filed: December 19, 2014
    Date of Patent: November 15, 2022
    Assignee: Verizon Patent and Licensing Inc
    Inventors: Paul Sharad Tuscano, Saloni Pokharna-Jain
  • Patent number: 11494493
    Abstract: An executable version of an application is deployed at a dynamically provisioned execution resource. An encryption key, based at least partly on an analysis of the execution resource, is transmitted to the execution resource after the application is instantiated. In response to a software verification request, which includes a security artifact, a verification response indicating that the software used for the application at the execution resource meets a trust criterion is provided. The security artifact is generated using the encryption key, and the verification response is based on analysis of the security artifact.
    Type: Grant
    Filed: September 23, 2019
    Date of Patent: November 8, 2022
    Assignee: Amazon Technologies, Inc.
    Inventor: Andrew Baird
  • Patent number: 11489874
    Abstract: Custom policies are definable for use in a system that enforces policies. A user, for example, may author a policy using a policy language and transmit the system through an application programming interface call. The custom policies may specify conditions for computing environment attestations that are provided with requests to the system. When a custom policy applies to a request, the system may determine whether information in the attestation is sufficient for the request to be fulfilled.
    Type: Grant
    Filed: December 12, 2019
    Date of Patent: November 1, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Gregory Branchek Roth, Eric Jason Brandwine
  • Patent number: 11489932
    Abstract: Embodiments of the present disclosure provide methods, systems, apparatuses, and computer program products for generating a third-party resource usage map in a group based communication system, where the third-party resource usage map comprises a plurality of third party resource usage records and each third-party resource usage record comprises a user identifier, a third-party resource provider identifier, and a third-party resource access token.
    Type: Grant
    Filed: July 13, 2020
    Date of Patent: November 1, 2022
    Assignee: Slack Technologies, LLC
    Inventors: Meagan Gamache, Buster Benson
  • Patent number: 11483316
    Abstract: A processor-implemented method includes (i) automatically defining a first Circle of Trust (CoT) by a first CoT administrator, in a CoT database, (ii) automatically receiving, at a digital identity management (DIM) server, a first digital identity wallet (DIW) application request from a first DIW application provider server, (iii) automatically adding the first DIW application to the CoT database if the first CoT administrator approves the first DIW application request, (iv) automatically receiving, at the DIM server, a relying party application request from the at least one relying party application associated with the relying party and (v) automatically adding, the at least one relying party application to the CoT database, if the first CoT administrator approves the relying party application request.
    Type: Grant
    Filed: July 1, 2020
    Date of Patent: October 25, 2022
    Assignee: Workday, Inc.
    Inventors: Krishnan Rajiyah, Marius Maaland, Kamalanathan Thandapani, Lionello G. Lunesu, Prakash Sundaresan, Aneesh Sandeep Verenkar, Amit Jasuja, Keith Kowal
  • Patent number: 11483383
    Abstract: A data reporting method includes generating a data uploading token by a main network node, determining, from a plurality of data-uploading network nodes waiting for data uploading, a plurality of qualified network nodes having a data uploading qualification, allowing the qualified network nodes to compete for the data uploading token, and coordinating a data uploading operation with a winning network node of the qualified network nodes that obtained the data uploading token.
    Type: Grant
    Filed: March 17, 2020
    Date of Patent: October 25, 2022
    Assignee: GUIZHOU BAISHANCLOUD TECHNOLOGY CO., LTD.
    Inventors: Zebin Zhou, Yachuan Chen, Hui Miao
  • Patent number: 11474828
    Abstract: In a mobile device, processes of an application can be monitored and scored for initial data distribution. Specifically, a method can include monitoring processes of an application, and scoring objects or components used by the processes to determine placement of the objects or components in memory during initiation of the application. The method can also include, during initiation of the application, loading, into a first portion of the memory, at least partially, the objects or components scored at a first level. The method can also include, during initiation of the application, loading, into a second portion of the memory, at least partially, the objects or components scored at a second level. The objects or components scored at the second level can be less critical to the application than the objects or components scored at the first level.
    Type: Grant
    Filed: October 3, 2019
    Date of Patent: October 18, 2022
    Assignee: Micron Technology, Inc.
    Inventors: Dmitri Yudanov, Samuel E. Bradshaw
  • Patent number: 11475150
    Abstract: A method includes calculating, at a first time, an identifier for a distributed database by using a first address book of the distributed database. The method includes receiving a transaction to at least one of (1) add a compute device to the first set of compute devices, (2) remove a compute device from the first set of compute devices, or (3) modify a compute device from the first set of compute devices, to define a second set of compute devices. The method includes defining, at a second time, a second address book. The method includes receiving, a state proof associated with data of the distributed database after the second time. The method includes verifying the data of the distributed database by confirming that a predetermined number of compute devices from the first set of compute devices have digitally signed the second address book.
    Type: Grant
    Filed: May 22, 2020
    Date of Patent: October 18, 2022
    Assignee: Hedera Hashgraph, LLC
    Inventor: Leemon C. Baird, III
  • Patent number: 11468445
    Abstract: A service processing method includes: receiving RF signals sent by at least one terminal device, the RF signals including at least one device identifier of the at least one terminal device; selecting an RF signal from the received RF signals, and determining a terminal device corresponding to a device identifier included in the RF signal as a target payment device; collecting first biometric feature information of a user using the terminal device; and after obtaining a verification result of a verification on the user's identity based on the first biometric feature information, sending a payment request to a server if the verification is passed, wherein the payment request is configured to request for completing payment based on a payment account corresponding to the target payment device.
    Type: Grant
    Filed: March 26, 2021
    Date of Patent: October 11, 2022
    Assignee: Advanced New Technologies Co., Ltd.
    Inventors: Le Zhou, Li Chen, Huanmi Yin, Hong Zhang, Sihai Yao, Xiaobo Zhang
  • Patent number: 11463481
    Abstract: This disclosure relates to method and system for certificate-less security management of interconnected hybrid resources. The method includes selecting at least one hybrid resource from a plurality of hybrid resources in network to install pre-calculated security configuration. The method further includes receiving a One Time Password (OTP) valid for pre-configured time period, in response to an identity generation request for a hybrid resource; installing security data payload including the OTP and the pre-calculated security configuration, in the hybrid resource; receiving an identity issuance request from the hybrid resource through a secure channel upon installation of security data payload in the hybrid resource; assigning unique identity to the hybrid resource upon successful validation of the OTP received in identity issuance request; and generating, upon assignment, metadata corresponding to the hybrid resource for a security association map (SAM) associated with the hybrid resource.
    Type: Grant
    Filed: February 12, 2021
    Date of Patent: October 4, 2022
    Assignee: Wipro Limited
    Inventors: Debashis Mahata, Mukesh Manjunath Prabhu, Ranjeet Khanna
  • Patent number: 11463463
    Abstract: The disclosed computer-implemented method for identifying security risks posed by application bundles may include (i) intercepting, using a VPN client of the computing device, network traffic of the computing device, wherein an operating system of the computing device restricts applications into a sandboxed environment, (ii) storing, on the computing device, a copy of at least a portion of the network traffic of the computing device within a sandbox associated with the VPN client, (iii) identifying, by analyzing the copy of the network traffic, an application bundle within the network traffic, (iv) determining, by analyzing the application bundle in the sandbox associated with the VPN client, that the application bundle poses a security risk, and (v) in response to determining that the application bundle poses a security risk, performing a security action to remedy the security risk. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: December 20, 2019
    Date of Patent: October 4, 2022
    Assignee: NortonLifeLock Inc.
    Inventors: Ben Phung, Movses Margaryan, Joshua Opos
  • Patent number: 11458389
    Abstract: Disclosed herein is a vibration control apparatus that receives a vibration instruction and vibrates a vibration device in accordance with content obtained by correcting the content of the received vibration instruction, wherein the vibration control apparatus determines the correction content for vibration in accordance with a user using the vibration device.
    Type: Grant
    Filed: April 26, 2017
    Date of Patent: October 4, 2022
    Assignee: Sony Interactive Entertainment Inc.
    Inventors: Yusuke Nakagawa, Ikuo Yamano
  • Patent number: 11463450
    Abstract: In some aspects, a computing system can obtain, via a first communication channel with a host server, a data network identifier that identifies a mobile device accessing an interactive computing environment provide by a host server. The computing system can generate, from communications with a telecommunication provider server via a second communication channel, a dynamic identity-verification element that includes the data network identifier and a location identifier that identifies a geographic location of the mobile device. The computing system can match the dynamic identity-verification element to a device-and-location combination indicating unauthorized use of the host server by the mobile device. The computing system can prevent the mobile device from accessing a function for advancing an electronic transaction within the interactive computing environment.
    Type: Grant
    Filed: April 13, 2018
    Date of Patent: October 4, 2022
    Assignee: EQUIFAX INC.
    Inventors: Hrishi Talwar, Prasad Shetty
  • Patent number: 11455422
    Abstract: Systems and methods for processing tokenization requests to facilitate safe storage of tokens. An epoch is identified as a current epoch based on a current system time of a node. A seed value is computed by the node based on a start time of the epoch and a secret. A plurality of ephemeral tokens is generated by a randomization service of the node for a set of sensitive data based on the seed value. Each ephemeral token of the plurality of ephemeral tokens has a usable life defined by the epoch. Each sensitive data instance in the set of sensitive data is associated with a particular ephemeral token of the plurality of ephemeral tokens to create a mapping structure in a main memory of the node. A tokenization service of the node is configured to process tokenization requests using the mapping structure.
    Type: Grant
    Filed: October 6, 2020
    Date of Patent: September 27, 2022
    Assignee: Amadeus S.A.S.
    Inventors: Roman Bayon, Michele Minelli, Sylvain Florent Frederic Palmier, Dinh Cuong Tran, Giuseppe Turelli
  • Patent number: 11451537
    Abstract: Methods, systems, and computer-readable storage media for receiving, from a first component and by a second component in a cloud platform, a call, a token, and a first client certificate, determining, by the second component, a first client identifier associated with the first component, and determining, by the second component, that the first client identifier is included in a manifest of the token, the manifest defining at least a portion of a communication path between components within the cloud platform, and in response: executing functionality responsive to the call.
    Type: Grant
    Filed: April 15, 2020
    Date of Patent: September 20, 2022
    Assignee: SAP SE
    Inventor: Peter Eberlein
  • Patent number: 11451613
    Abstract: A server for providing media files for download by a user with an operating system in which the user is created, a media table stored in a memory, in which at least a first media ID is assigned to a first media file and a second media ID is assigned to a second media file, an identification table stored in a memory, in which an identifier that can be assigned to an identification carrier is stored and assigned to the user, and an assignment table stored in a memory, wherein the first media ID and/or the second media ID can be assigned, in the allocation table, to the identifier and the first media ID is not assigned to the identifier, with a program routine provided on the server, with which the user changes the allocation table and assigns the first media ID to the identifier in the allocation table.
    Type: Grant
    Filed: August 6, 2020
    Date of Patent: September 20, 2022
    Assignee: tonies GmbH
    Inventors: Patric Fassbender, Marcus Stahl, Christian Wilmanns, Sven Vaders
  • Patent number: 11449372
    Abstract: To ensure that clients use the most current versions of schemas and provide requests to particular Application Programming Interfaces (APIs) in a desired order, identifiers associated with resources may be used to determine client requests that comply with desired schemas and API interactions. When a request to access a first resource is received, a link to a second resource and an identifier may be provided. When a request to access the second resource is received, if the identifier associated with the request is absent or does not match the expected identifier, the request may be denied without using computational resources to process the request. Identifiers may include strings included in Uniform Resource Identifiers (URIs) or query parameters. Identifiers may also include modified field names, arrangements, or other characteristics of schemas associated with the requests. Schemas of received requests may be converted to standard schemas to prepare a response.
    Type: Grant
    Filed: June 28, 2019
    Date of Patent: September 20, 2022
    Assignee: AMAZON TECHNOLOGIES, INC.
    Inventors: Evan Alexander Chavis, Daniel Morgan Harris, Michael Linington, Tim Downs
  • Patent number: 11451558
    Abstract: A method at a computing device is described. The method comprises executing an application for verifying a location of a user requesting to access a location-based service, receiving, at the application, information indicating a location of the computing device, and encoding, with the application, at least the location to thereby generate a location token for responding to a challenge for the location token. The method further comprises outputting the location token from the application, the location token configured for use in applying a location-based access policy that controls access by the user to the location-based service.
    Type: Grant
    Filed: March 16, 2020
    Date of Patent: September 20, 2022
    Assignee: THE BOEING COMPANY
    Inventors: Atul Uttam Dimble, Kiran Narayan
  • Patent number: 11431501
    Abstract: Embodiments presented herein provide a partner authentication (PA) system that coordinates a network-based authorization process for an application. The PA system exchanges a series of messages with the application seeking an access token for a protected resource, an authorization server associated with the resource, and an agent executing on a device accessed by a user who wants the application to access the resource. The PA system and the agent communicate with the authorization server on behalf of the application throughout the authorization process. At the completion of the authorization process, the PA system receives an access token and a refresh token from the server on behalf of the application and sends a partner authorization (PA) token to the application. When the application seeks access to the resource that is available to authorized parties via the resource server, the application sends the PA token to the PA system and receives the access token in return.
    Type: Grant
    Filed: July 6, 2020
    Date of Patent: August 30, 2022
    Assignee: INTUIT INC.
    Inventors: Parul Jain, Douglas L. Foiles, Nagaraj Janardhana
  • Patent number: 11431757
    Abstract: A first service submits a request to a second service on behalf of a customer of a service provider. The request may have been triggered by a request of the customer to the first service. To process the request, the second service evaluates one or more policies to determine whether fulfillment of the request is allowed by policy associated with the customer. The one or more policies may state one or more conditions on one or more services that played a role in submission of the request. If determined that the policy allows fulfillment of the request, the second service fulfills the request.
    Type: Grant
    Filed: May 21, 2020
    Date of Patent: August 30, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Gregory Branchek Roth, Matthew James Wren, Brian Irl Pratt
  • Patent number: 11423706
    Abstract: The real-time data acquisition and recording data sharing system works in conjunction with a real-time data acquisition and recording system and a viewer which provides real-time, or near real-time, access to a wide range of data, such as event and operational data, video data, and audio data to remotely located users such as asset owners, operators and investigators. The data sharing system allows the user to share data obtained from the data acquisition and recording system to remotely located users. The user can share data with remote recipient end users that have internet access and a modern web browser in a secure, controlled, tracked, and audited way. The user, instead of sharing files, shares a URL to the data. URL based data sharing enables the user to control, track, and audit sensitive data. The user will be able to share data to improve the safety of the world's transportation systems without fear of unauthorized data dissemination.
    Type: Grant
    Filed: June 4, 2019
    Date of Patent: August 23, 2022
    Assignee: Wi-Tronix, LLC
    Inventors: Lawrence B. Jordan, Divya Dinesh, Matthew D. Hamsmith, Dan Alwin
  • Patent number: 11416637
    Abstract: The invention is a method for managing a tamper-proof device comprising a processor and an operating system able to handle a set of communication protocols with external entities. The operating system accesses a ruling data specifying for each communication protocol of the set whether Card Lock, Card Terminate and Final Application privileges as defined by GlobalPlatform Card Specification (V2.3) are authorized or forbidden. Upon receipt of a command from one of said external entities, the operating system uses the ruling data to deny or to authorize execution of the command based on the communication protocol used to convey the command.
    Type: Grant
    Filed: November 6, 2018
    Date of Patent: August 16, 2022
    Assignee: THALES DIS FRANCE SAS
    Inventors: Fabien Courtiade, Florent Labourie, Denis Dubois, Syarif Ahmad, Jianrong Yang, Nopiga Pahala, Shier Loon Sharon Yong
  • Patent number: 11409893
    Abstract: A security mechanism, e.g., a computing system, security server, can effectively serve as a centralized security mechanism, e.g., a computing system, security server, for an ecosystem that can include diverse clients and servers. The security mechanism can obtain redirected requests for services, authenticate credentials of a client and generate a (client-side) token that can be provided by the client to the server for verification of the identity of the client. The security mechanism can also obtain a token from a server that can be similar to a (client-side) token provided to a client and then generate a (server-side) token that can be provided to a server. The server-side token can include authorization information that allows access to one or more services of one or more other servers.
    Type: Grant
    Filed: November 26, 2018
    Date of Patent: August 9, 2022
    Assignee: Teradata US, Inc.
    Inventors: Vikkal Gupta, Ram Prasad Reddy
  • Patent number: 11409914
    Abstract: The invention is a method for managing a tamper-proof device comprising a plurality of software containers and an operating system. The operating system is able to handle a set of communication protocols with external entities. The operating system accesses a pairing data in which each communication protocol of said set has been associated with a single software container and upon receipt of a message from one of the external entities, the operating system uses the pairing data to route the message to the software container associated with the communication protocol used to convey the message.
    Type: Grant
    Filed: November 6, 2018
    Date of Patent: August 9, 2022
    Assignee: THALES DIS FRANCE SAS
    Inventors: Fabien Courtiade, Florent Labourie, Denis Dubois, Syarif Ahmad, Jianrong Yang, Nopiga Pahala, Shier Loon Sharon Yong
  • Patent number: 11392716
    Abstract: A method includes receiving, at a mobile device management (MDM) server, a message indicating a location at a healthcare facility. The method also includes identifying, at the MDM server, a mobile device assigned to the location. The method further includes sending a remote reset command from the MDM server to the mobile device.
    Type: Grant
    Filed: May 12, 2017
    Date of Patent: July 19, 2022
    Assignee: JAMF SOFTWARE, LLC
    Inventor: James Emerson Felton
  • Patent number: 11388000
    Abstract: A portable storage device for connecting to a computer. The storage device includes a digital memory storage, a digital lock mechanism coupled to the digital memory storage, a wireless communication system coupled to the digital lock mechanism and a communication interface coupled to the digital lock mechanism. The communication interface is for connecting the portable storage device to the computer. The digital lock mechanism operates to prevent data in the digital memory storage from being transferred over the communication interface to the computer unless the digital lock mechanism is unlocked using the wireless communication system. A method for connecting and the portable storage device to a computer and then unlocking the portable storage device using the communication interface and the wireless communication system is also provided.
    Type: Grant
    Filed: June 16, 2020
    Date of Patent: July 12, 2022
    Assignee: INNOTEK, INC.
    Inventor: David Tak-Wai Lee
  • Patent number: 11381405
    Abstract: A system for authenticating a user at a relying party application using an authentication application and automatically redirecting to a target application includes a processor. The processor is configured to 1) make an API call that comprises (i) an authentication challenge that corresponds to an authentication request and (ii) a call back URL that is specified by a relying party application; 2) retrieve at least one of a target application link or a null value from a table; 3) authenticating the user based on an authentication challenge response to the at least one authentication challenge; and 4) invoking the target application link from the table to automatically redirect from the authentication application to the target application specified in the target application link.
    Type: Grant
    Filed: April 21, 2020
    Date of Patent: July 5, 2022
    Assignee: Workday, Inc.
    Inventors: Prakash Sundaresan, Aneesh Sandeep Verenkar, Lionello G. Lunesu, Krishnan Rajiyah, Kamalanathan Thandapani, Keith Kowal, Amit Jasuja
  • Patent number: 11381966
    Abstract: An identification adapter for an identification device has a reading unit and a control unit. The control unit is connected to the reading unit via a data communication connection. The identification adapter has a receiving unit for wirelessly receiving identification data (ID). Also, the identification adapter has a data transmission unit designed to transmit the received identification data (ID) to the control unit on the same data communication connection as the reading unit.
    Type: Grant
    Filed: September 16, 2019
    Date of Patent: July 5, 2022
    Assignee: ASTRA GESELLSCHAFT FUER ASSET MANAGEMENT MBH & CO. KG
    Inventors: Nicolas Stobbe, Anatoli Stobbe
  • Patent number: 11381575
    Abstract: Systems and methods for controlling an edge computing device. The method includes, receiving a user input requesting access to a resource of the edge computing device, determining whether the user has privileges to access the resource by: formulating a claims request which requests claims based on the determined identity of the user, sending the claims request to a local claims provider agent executed by a processor of the edge computing device, determining, based on claim request handling factors, whether the local claims provider agent can generate a token including the requested claims, and if so, generating the token with the requested claims; if not, a request may be sent to a cloud service-side claims provider to receive the token. The method includes authorizing access to the resource based on a predetermined policy that specifies the presence of a predefined resource parameter in the requested claims is sufficient.
    Type: Grant
    Filed: July 12, 2019
    Date of Patent: July 5, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Kevin Thomas Damour, David Michael Sauntry, Peter Gregg Miller, Sindhura Tokala, Tara Sanathanan Prakriya, Bhawandeep Singh Panesar, Lawrence Brozak Sullivan, Jr.
  • Patent number: 11374759
    Abstract: A method for a user to access resources within a secure network without inputting a username or password is presented and claimed where the method comprises inputting, by the user, login credentials into an authentication service and obtaining from the authentication service at least one secret code; inputting the at least one secret code into an OTCP to initialize the OTCP; generating within the OTCP a one-time code (OTC) utilizing the at least one secret code but not including the user's login credentials or username; supplying, by the user, the OTC to a secure web portal wherein the secure web portal confirms authenticity of the OTC with the authentication service; and the secure web portal supplying access to the user of the secure web portal resources upon receipt of authentication of the user.
    Type: Grant
    Filed: June 29, 2020
    Date of Patent: June 28, 2022
    Assignee: Xiid Corporation
    Inventors: Guido Pellizzer, Federico Simonetti
  • Patent number: 11361065
    Abstract: Techniques for authentication via a mobile device are provided. A mobile device is pre-registered for website authentication services. A user encounters a website displaying an embedded code as an image alongside a normal login process for that website. The image is identified by the mobile device, encrypted and signed by the mobile device and sent to a proxy. The proxy authenticates the code and associates it with the website. Credentials for the user are provided to the website to automatically authenticate the user for access to the website bypassing the normal login process associated with the website.
    Type: Grant
    Filed: April 30, 2020
    Date of Patent: June 14, 2022
    Assignee: Micro Focus Software Inc.
    Inventors: Jason Allen Sabin, Jeremy Ray Brown, Lloyd Leon Burch
  • Patent number: 11361056
    Abstract: An information processing apparatus includes: an acquisition unit that acquires first group information concerning a user from authentication result information including an authentication result transmitted from an external apparatus in a case where the user is authenticated by the external apparatus; and a permission unit that permits the user to use a service provided by the information processing apparatus within a range of authority set for second group information concerning the user in a case where the acquired first group information is associated with the second group information.
    Type: Grant
    Filed: October 4, 2018
    Date of Patent: June 14, 2022
    Assignee: FUJIFILM Business Innovation Corp.
    Inventor: Zhenrui Zhang
  • Patent number: 11363007
    Abstract: A client application requesting to access a resource may be issued an access token and a refresh token. Instead of revoking the client application access to a resource by revoking the refresh token, allowing the access token to expire, and forcing a user associated with the client application to re-login, authentication for the client application to access the resource may be obtained from the user. The authentication may be obtained from the user while the client application, without notification of the concurrent authentication, may continue attempts to access the resource, for example, via an invalid access token. Once authentication is obtained, the client application may be provided access to the resource, for example, via a valid access token.
    Type: Grant
    Filed: March 27, 2020
    Date of Patent: June 14, 2022
    Assignee: COMCAST CABLE COMMUNICATIONS, LLC
    Inventors: Jonathan Squire, James Hoelsworth
  • Patent number: 11356260
    Abstract: An example operation may include one or more of registering a first service node and a second service node for accessing a common data store, providing to the second client node, by the first client node, a data access request token key and a data access receipt key corresponding to a data access request, responsive to a receipt of the access request token key and the data access receipt key by the second service, retrieving a result from the common data store; and providing the result to the second client node.
    Type: Grant
    Filed: January 26, 2020
    Date of Patent: June 7, 2022
    Assignee: International Business Machines Corporation
    Inventors: Danny Soroker, Lisa Frankel
  • Patent number: 11347454
    Abstract: A controller for a fulfilment service operation is described in which the controller, before initiating fulfilment of the job, operates to determine if an authorised user is present at a fulfilment service device and to determine if the user intends to remain attendant at the fulfilment service device for the duration of fulfilment of the job. If the user moves away from the fulfilment service device, the controller operates to pause the job. If the user remains away from the fulfilment service device for a period of time, the controller operates to cancel the job.
    Type: Grant
    Filed: April 27, 2017
    Date of Patent: May 31, 2022
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Nassir Mohammad, Joshua Serratelli Schiffman, Adrian Baldwin
  • Patent number: 11347834
    Abstract: Implementations disclose methods and systems for facilitating an automated user login into a first application hosted by a first-screen device. A method includes detecting, by a second-screen device, a message transmitted by the first-screen device over a network; determining, based on the message, that the first application hosted by the first-screen device is requesting user authentication for the automated user login; presenting, via a second application hosted by the second-screen device, a prompt for user input indicating user acceptance of the automated user login; receiving the user input indicating the user acceptance of the automated user login; and responsive to the user input, transmitting an authentication code from the message to the server device to perform the user authentication for the automated user login into the first application.
    Type: Grant
    Filed: November 4, 2019
    Date of Patent: May 31, 2022
    Assignee: Google LLC
    Inventors: Julien Marchand, Sophia Bong, Daniel Kaemmerer, Allan Mills, Jaee Patwardhan, Steven Wright, Sana Mithani, Nicolas Klein, William Denniss