公开(公告)号：US20240354192A1

公开(公告)日：2024-10-24

申请号：US18760171

申请日：2024-07-01

Applicant: Pure Storage, Inc.

Inventor： Jason K. Resch ,  Wesley B. Leggette

IPC: G06F11/10 ,  G06F3/06 ,  G06F11/00 ,  G06F11/14 ,  G06F11/16 ,  G06F15/173 ,  G06F21/62 ,  G06F21/64 ,  H04L9/00 ,  H04L9/08 ,  H04L9/32 ,  H04L9/40 ,  H04L67/1097

CPC classification number: G06F11/1076 ,  G06F3/06 ,  G06F3/0604 ,  G06F3/0619 ,  G06F3/064 ,  G06F3/067 ,  G06F11/00 ,  G06F11/1612 ,  G06F15/17331 ,  G06F21/6272 ,  G06F21/64 ,  H04L9/085 ,  H04L9/0863 ,  H04L9/0869 ,  H04L9/0877 ,  H04L9/0894 ,  H04L9/32 ,  H04L9/321 ,  H04L9/3263 ,  H04L63/123 ,  G06F11/1446 ,  G06F2211/1028 ,  H04L9/00 ,  H04L67/1097 ,  H04L2209/16

Abstract: A storage network operates by: obtaining audit records, wherein each of the audit records indicates: a timestamp for a corresponding message, at least one event type code selected from a plurality of event type codes for a corresponding audit event of the corresponding message, and an identifier for a corresponding system entity associated with at least one event corresponding to the at least one event code; aggregating a number of audit records over a period of time; generating an audit file to include the number of audit records and integrity information; and facilitating storage of the audit file by utilizing a name of the audit file.

公开(公告)号：US12120097B2

公开(公告)日：2024-10-15

申请号：US17889782

申请日：2022-08-17

Applicant: International Business Machines Corporation

Inventor： Martin Schmatz ,  Navaneeth Rameshan ,  Patricia M. Sagmeister

IPC: H04L9/40 ,  H04L9/06 ,  H04L9/08 ,  H04L9/32

CPC classification number: H04L63/0435 ,  H04L9/0631 ,  H04L9/0822 ,  H04L9/321

Abstract: A computer-implemented method according to one embodiment includes using a first symmetric key to encrypt a second symmetric key. The first symmetric key is securely loaded inside a hardware security module (HSM) by a key management service before the encryption of the second symmetric key, and a cloud provider only has access to encrypted bits of the first symmetric key. Key data of a key-value-pair of the second symmetric key is used as additional authenticated data (AAD) for the encryption of the second symmetric key. The second symmetric key is used to encrypt value data of the key-value-pair. The method further includes storing the encrypted second symmetric key, the AAD used in the encryption of the second symmetric key, and tag bits created during the encryption of the second symmetric key, to thereafter use for verifying node related data.

公开(公告)号：US20240333693A1

公开(公告)日：2024-10-03

申请号：US18742193

申请日：2024-06-13

Applicant: Jonathan Cobb

Inventor： Jonathan Cobb

IPC: H04L9/40 ,  H04L9/30 ,  H04L9/32

CPC classification number: H04L63/0428 ,  H04L9/30 ,  H04L9/321

Abstract: Described herein are improved systems and methods for provisioning of private computer networks and application software as well as providing private SaaS.

公开(公告)号：US12107956B2

公开(公告)日：2024-10-01

申请号：US17688700

申请日：2022-03-07

Applicant: Yahoo Japan Corporation

Inventor： Hidehito Gomi ,  Shuji Yamaguchi

IPC: G06F15/16 ,  G06F9/54 ,  H04L9/08 ,  H04L9/30 ,  H04L9/32 ,  H04L29/06

CPC classification number: H04L9/321 ,  H04L9/0869 ,  H04L9/0894 ,  H04L9/3073

Abstract: An information processing device according to the present application includes a control unit. The control unit acquires, from an authentication server in a state in which a first authenticator used for FIDO authentication and a second authenticator used for recovery for the FIDO authentication cooperate with each other, a recovery execution request that is transmitted from a user terminal including the second authenticator to the authentication server, and if the recovery execution request meets a predetermined authentication condition that is set in advance, notifies the user terminal including the second authenticator of a recovery execution permission.

公开(公告)号：US20240323005A1

公开(公告)日：2024-09-26

申请号：US18438147

申请日：2024-02-09

Applicant: Network-1 Technologies, Inc.

Inventor： John A. Nix

IPC: H04L9/08 ,  G06F21/35 ,  G06F21/44 ,  H04J11/00 ,  H04L9/00 ,  H04L9/14 ,  H04L9/30 ,  H04L9/32 ,  H04L9/40 ,  H04L12/28 ,  H04L67/04 ,  H04W4/70 ,  H04W8/08 ,  H04W12/02 ,  H04W12/033 ,  H04W12/04 ,  H04W12/06 ,  H04W12/069 ,  H04W12/40 ,  H04W40/00 ,  H04W52/02 ,  H04W76/27 ,  H04W80/04 ,  H04W84/12 ,  H04W88/12

CPC classification number: H04L9/0861 ,  G06F21/35 ,  G06F21/445 ,  H04J11/00 ,  H04L9/006 ,  H04L9/0816 ,  H04L9/0841 ,  H04L9/085 ,  H04L9/088 ,  H04L9/0894 ,  H04L9/14 ,  H04L9/30 ,  H04L9/3066 ,  H04L9/32 ,  H04L9/321 ,  H04L9/3239 ,  H04L9/3247 ,  H04L9/3249 ,  H04L9/3263 ,  H04L12/2854 ,  H04L63/0272 ,  H04L63/0435 ,  H04L63/0442 ,  H04L63/045 ,  H04L63/061 ,  H04L63/0807 ,  H04L63/123 ,  H04L63/166 ,  H04L67/04 ,  H04W4/70 ,  H04W8/082 ,  H04W12/02 ,  H04W12/033 ,  H04W12/04 ,  H04W12/06 ,  H04W12/069 ,  H04W12/40 ,  H04W40/005 ,  H04W52/0216 ,  H04W52/0235 ,  H04W52/0277 ,  H04W76/27 ,  H04W80/04 ,  G06F2221/2105 ,  G06F2221/2107 ,  G06F2221/2115 ,  H04L63/0464 ,  H04L2209/24 ,  H04L2209/72 ,  H04L2209/805 ,  H04W84/12 ,  H04W88/12 ,  Y02D30/70

Abstract: Methods and systems are provided for supporting efficient and secure “Machine-to-Machine” (M2M) communications using a module, a server, and an application. A module can communicate with the server by accessing the Internet, and the module can include a sensor and/or an actuator. The module, server, and application can utilize public key infrastructure (PKI) such as public keys and private keys. The module can internally derive pairs of private/public keys using cryptographic algorithms and a first set of parameters. A server can authenticate the submission of derived public keys and an associated module identity. The server can use a first server private key and a second set of parameters to (i) send module data to the application and (ii) receive module instructions from the application. The server can use a second server private key and the first set of parameters to communicate with the module.

公开(公告)号：US20240313969A1

公开(公告)日：2024-09-19

申请号：US18576042

申请日：2021-08-24

Applicant: Lenovo (Singapore) Pte. Ltd.

Inventor： Andreas Kunz ,  Ishan Vaishnavi ,  Emmanouil Pateromichelakis ,  Sheeba Backia Mary Baskaran

IPC: H04L9/32 ,  H04L9/40

CPC classification number: H04L9/321 ,  H04L63/0807

Abstract: Apparatuses, methods, and systems are disclosed for establishing a trust relationship between an application entity and a wireless communication network. One apparatus (600) includes a processor (605) and a transceiver (625). The transceiver (625) sends, from an application entity, a request to a first network function to authenticate the application entity to a second network function that does not have a trust relationship with the application entity and receives a result of the authentication from at least one of the first and second network functions. The processor (605) establishes a trust relationship between the application entity and the second network function such that the application entity can communicate with the second network function in response to the application entity being authenticated.

公开(公告)号：US12095812B2

公开(公告)日：2024-09-17

申请号：US17695203

申请日：2022-03-15

Applicant: Neustar, Inc.

Inventor： Brian R. Knopf

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/14 ,  H04L9/32 ,  H04L9/40

CPC classification number: H04L63/1458 ,  H04L9/088 ,  H04L9/0891 ,  H04L9/14 ,  H04L9/321 ,  H04L9/3247 ,  H04L63/0209 ,  H04L63/0236 ,  H04L2463/141

Abstract: In one implementation, a gateway include one or more processors configured to obtain network data from one or more entities associated with the gateway, provide the network data to a server, and obtain a set of entity identifiers from the server. The set of entity identifiers may be generated based on at least the network data. The one or more processors may be further configured to filter communications based on the set of entity identifiers.

公开(公告)号：US12069174B2

公开(公告)日：2024-08-20

申请号：US16271442

申请日：2019-02-08

Applicant: MALIKIE INNOVATIONS LIMITED

Inventor： Michael Peter Montemurro ,  Daniel Richard L. Brown

IPC: H04L9/32 ,  G06Q10/0833 ,  H04L9/06 ,  H04L9/08 ,  H04W12/041 ,  H04W12/0431 ,  H04W12/069

CPC classification number: H04L9/321 ,  G06Q10/0833 ,  H04L9/0631 ,  H04L9/0822 ,  H04L9/0825 ,  H04L9/3263 ,  H04W12/041 ,  H04W12/0431 ,  H04W12/069

Abstract: Systems, methods, and software can be used to improve security of an authentication process in a cargo shipping system. In some aspect, an authentication request message is received at a sensor from a cargo tracking device. The authentication request message includes a key that the sensor will use to decrypt its encrypted public key/private key pair. In response to the authentication request message, the sensor sends an authentication response message to the cargo tracking device that is encrypted using a derived symmetric key. The cargo tracking device sends an authentication confirmation message to the sensor in response to the authentication response message.

公开(公告)号：US12069167B2

公开(公告)日：2024-08-20

申请号：US17946689

申请日：2022-09-16

Applicant: PURE STORAGE, INC.

Inventor： Andrew Bernat ,  Alexandre Duchâteau ,  Marco Sanvido ,  Constantine Sapuntzakis ,  Kiron Vijayasankar

IPC: H04L9/08 ,  H04L9/40 ,  H04L67/1097 ,  H04W12/0431 ,  G06F9/455 ,  G06F21/60 ,  H04L9/32 ,  H04L67/10

CPC classification number: H04L9/085 ,  H04L9/0816 ,  H04L63/068 ,  H04L67/1097 ,  H04W12/0431 ,  G06F9/455 ,  G06F21/602 ,  H04L9/321 ,  H04L63/0815 ,  H04L63/083 ,  H04L67/10

Abstract: Protecting an encryption key for data stored in a storage system that includes a plurality of storage devices, including: reading, from at least a majority of the storage devices, a portion of an apartment key; reconstructing the apartment key using the portions of the apartment key read by the majority of the storage devices; unlocking the main portion of each of the storage devices utilizing the apartment key; reading, from the main portion of one of the storage devices, a portion of a third-party resource access key; requesting, from the third-party resource utilizing the third-party resource access key, an encryption key; receiving, from the third-party resource, the encryption key; and decrypting the data stored on the storage devices utilizing the encryption key.

公开(公告)号：US12063211B2

公开(公告)日：2024-08-13

申请号：US18491202

申请日：2023-10-20

Applicant: 1080 Network, Inc.

Inventor： Christopher Michael Petersen ,  Tim Kuchlein

IPC: H04L9/40 ,  H04L9/08 ,  H04L9/32

CPC classification number: H04L63/083 ,  H04L9/0819 ,  H04L9/321

Abstract: Various embodiments of the present disclosure provide techniques for facilitating a credential-less exchange over a network using a plurality of identifier mapping and member interfaces. The techniques may include initiating the presentation of an enrollment user interface via a client device of a user and receiving selection data indicative of a selection of a service provider instrument from the enrollment user interface. The techniques include generating a matching code for authenticating the user, providing the matching code to a service provider platform, and receiving the matching code from a partner platform. In response to an authentication of the user based on the matching code, the techniques may include generating an UUEK for the user that may be used to replace persistent credentials.