公开(公告)号：US10708234B2

公开(公告)日：2020-07-07

申请号：US15079203

申请日：2016-03-24

Applicant: International Business Machines Corporation

Inventor： Samuel Scott Adams ,  Susann Marie Keohane ,  James R. Kraemer ,  Jeb R. Linton

IPC: G06F21/00 ,  H04L29/06 ,  H04L9/32 ,  G06F21/60 ,  G06F21/62 ,  H04L9/08 ,  G16H10/60

Abstract: A third party intermediary and a data protection method, system, and non-transitory computer readable medium, include a content request receiving circuit configured to receive a service request from a user, to communicate the service request to a provider, and to receive pre-approved versions of content from the provider, a content matching circuit configured to match a pre-approved version of content of the pre-approved versions of content to the user based on a condition of the user, a user data receiving circuit configured to receive user data to complete the pre-approved version of the content, and a zero-knowledge verifiable computing circuit configured to execute a program using zero-knowledge verifiable computing to remove private content from the pre-approved version of the content to ensure privacy of the condition of the user from the provider.

公开(公告)号：US20190278918A1

公开(公告)日：2019-09-12

申请号：US15917622

申请日：2018-03-10

Applicant: International Business Machines Corporation

Inventor： Richard H. Boivie ,  Jonathan D. Bradbury ,  William E. Hall ,  Guerney D. H. Hunt ,  Jentje Leenstra ,  Jeb R. Linton ,  James A. O'Connor, Jr. ,  Elaine R. Palmer ,  Dimitrios Pendarakis

IPC: G06F21/60 ,  G06F21/62 ,  G06F9/455 ,  H04L9/30 ,  H04L9/32

Abstract: A secure cloud computing environment protects the confidentiality of application code from a customer while simultaneously protecting the confidentiality of a customer's data from intentional or inadvertent leaks by the application code. This result is accomplished without the need to trust the application code and without requiring human surveillance or intervention. A client secure virtual machine (SVM) is accessible by a client who supplies commands, operand data and application data. An appliance SVM has the application code loaded therein and includes an application program interface that accesses a memory area shared by both SVMs. All access to the appliance SVM is initially revoked by an ultravisor, except for the shared memory and an encrypted persistent storage. The appliance SVM stores the application data in the persistent storage. The ultravisor manages an SVM by maintaining exclusive control over a device tree used by the operating system of the SVM.

公开(公告)号：US10333713B2

公开(公告)日：2019-06-25

申请号：US15290169

申请日：2016-10-11

Applicant: International Business Machines Corporation

Inventor： Jeb R. Linton ,  Christopher M. Poulin

IPC: H04L9/32 ,  H04L29/06

Abstract: A computer-implemented method validates Internet of Things (IoT) device firmware levels for peer-to-peer communication in a network using a peer-to-peer registry. Each device in an IoT is registered anonymously by utilizing a unique device identifier and a firmware level in a peer-to-peer registry. Communication rules are provided by the peer-to-peer registry based on the device type and firmware level of each of the devices, in order to validate IoT firmware device levels between the first device and the second device on a network. The first device utilizes a first zero knowledge communication authentication with the second device to get a first assessment and a first proof. The second device utilizes a second zero knowledge communication authentication with the first device to get a second assessment and a second proof. Communication between the first device and the second device via the network is disabled until all assessments are a pass.

公开(公告)号：US20190164022A1

公开(公告)日：2019-05-30

申请号：US15822995

申请日：2017-11-27

Applicant: International Business Machines Corporation

Inventor： Jeb R. Linton ,  David K. Wright

IPC: G06K9/68 ,  G06F17/30 ,  G06N3/02

Abstract: The present invention provides a method, computer program product, and system of generating predicted reactions of a user. In some embodiments, the method, computer program product, and system include receiving an intelligence data store, receiving a current data object with a current query and at least one knowledge graph, identifying one or more patterns in the at least one knowledge graph, comparing using a deep neural net, the previous queries and associated one or more patterns with the current query and identified one or more patterns of the current data object, classifying the plurality data objects from the intelligence data store based on a closeness of the current query and identified one or more patterns with each of the previous queries and associated one or more patterns in the intelligence data store, and identifying, by the classification engine, potential dispositions based on the classification of the plurality of data objects.

公开(公告)号：US10243964B2

公开(公告)日：2019-03-26

申请号：US15258297

申请日：2016-09-07

Applicant: International Business Machines Corporation

Inventor： James R. Kraemer ,  Jeb R. Linton

IPC: H04L29/06

Abstract: A reputation service running on a server, for example as a cloud server, includes receiving a request from a first user device and a second user device. The reputation management for both internet services and service providers, as well as the individuals who provide reputation feedback on those services and providers and each other. The service operates in zero-knowledge verifiable computing in order to enable strong assurance of anonymity among all participating parties. The method includes receiving, from a user using a zero-knowledge protocol to ensure privacy of the user, a rating with a unique token associated with the user, and identifier of a party to be rated. The party in one example is a person or a business entity. The unique token in one example is one or more of a tax identifier, an e-passport, or a private key of a DNS Domain registered with a certificate authority.

公开(公告)号：US20170277904A1

公开(公告)日：2017-09-28

申请号：US15079203

申请日：2016-03-24

Applicant: International Business Machines Corporation

Inventor： Samuel Scott Adams ,  Susann Marie Keohane ,  James R. Kraemer ,  Jeb R. Linton

IPC: G06F21/62 ,  H04L29/06

Abstract: A third party intermediary and a data protection method, system, and non-transitory computer readable medium, include a content request receiving circuit configured to receive a service request from a user, to communicate the service request to a provider, and to receive pre-approved versions of content from the provider, a content matching circuit configured to match a pre-approved version of content of the pre-approved versions of content to the user based on a condition of the user, a user data receiving circuit configured to receive user data to complete the pre-approved version of the content, and a zero-knowledge verifiable computing circuit configured to execute a program using zero-knowledge verifiable computing to remove private content from the pre-approved version of the content to ensure privacy of the condition of the user from the provider.

公开(公告)号：US20170124462A1

公开(公告)日：2017-05-04

申请号：US14924943

申请日：2015-10-28

Applicant: International Business Machines Corporation

Inventor： Pierre Elie Arbajian ,  Jeb R. Linton ,  James R. Kraemer

IPC: G06N5/04 ,  G06F17/27 ,  G06N99/00 ,  G06F3/0482

CPC classification number: G06N20/00 ,  G06F17/2785

Abstract: A method, system, and recording medium for cognitive intention detection, including displaying one or more options for automated workflow based on a learned association with a user input, selecting an option of the one or more options for automated workflow, and automating a workflow based on the option selected in the selecting.

公开(公告)号：US09553877B2

公开(公告)日：2017-01-24

申请号：US15204087

申请日：2016-07-07

Applicant: International Business Machines Corporation

Inventor： Timothy Durniak ,  Robert R. Friedlander ,  James R. Kraemer ,  Jeb R. Linton

IPC: H04L29/06 ,  G06F9/455 ,  G06F21/53 ,  G06F9/46 ,  H04L29/08 ,  G06F9/50

CPC classification number: H04L63/10 ,  G06F8/61 ,  G06F9/4451 ,  G06F9/45558 ,  G06F9/468 ,  G06F9/5027 ,  G06F21/53 ,  G06F21/6218 ,  G06F2009/45562 ,  G06F2009/45587 ,  G06F2009/45595 ,  G06F2209/503 ,  G06F2221/2149 ,  H04L63/14 ,  H04L67/1078 ,  H04L67/34

Abstract: One or more processors fractionate a computer application into disparate components, and assign two or more of the disparate components to different communication pathways, where the different communication pathways lead to requisite resources needed to execute the disparate components. The processor(s) create a virtual machine that controls access to a particular requisite resource by a particular disparate component, and install the virtual machine within at least one of the different communication pathways to control access to the particular requisite resource by the particular disparate component. The processor(s) transmit a resource retrieval instruction to retrieve the particular requisite resource via the virtual machine and at least one of the different communication pathways, and adjust a quantity of virtual machines between the computer application and the particular requisite resource according to a threat level for the particular disparate component.

Abstract translation: 一个或多个处理器将计算机应用程序分解成不同的组件，并将两个或多个不同的组件分配给不同的通信路径，其中不同的通信路径导致执行不同组件所需的必需资源。 处理器创建一个虚拟机，其控制特定不同组件对特定必需资源的访问，并且将虚拟机安装在不同通信路径中的至少一个中，以控制特定不同组件对特定必需资源的访问 。 处理器传送资源检索指令以经由虚拟机和不同通信路径中的至少一个来检索特定必需资源，并根据威胁调整计算机应用程序与特定必需资源之间的虚拟机数量 对于特定的不同组件的级别。

公开(公告)号：US08914413B2

公开(公告)日：2014-12-16

申请号：US13732517

申请日：2013-01-02

Applicant: International Business Machines Corporation

Inventor： Samuel S. Adams ,  Robert R. Friedlander ,  James R. Kraemer ,  Jeb R. Linton

IPC: G06F17/30 ,  G06F7/00

CPC classification number: G06F17/30607

Abstract: A processor-implemented method, system, and/or computer program product defines multiple context-based data gravity wells on a context-based data gravity wells membrane. Non-contextual data objects are associated with context objects to define synthetic context-based objects. The synthetic context-based objects are parsed into an n-tuple that includes a pointer to one of the non-contextual data objects, a probability that a non-contextual data object has been associated with a correct context object, and a weighting factor of importance of the synthetic context-based object. A virtual mass of each parsed synthetic context-based object is calculated, in order to define a shape of multiple context-based data gravity wells that are created when synthetic context-based objects are pulled into each of the context-based data gravity well frameworks on a context-based data gravity wells membrane.

Abstract translation: 处理器实现的方法，系统和/或计算机程序产品在基于上下文的数据重力井膜上定义多个基于上下文的数据重力井。 非上下文数据对象与上下文对象相关联，以定义合成的基于上下文的对象。 合成的基于上下文的对象被解析成n元组，其包括指向非上下文数据对象之一的指针，非上下文数据对象已经与正确的上下文对象相关联的概率，以及加密因子 合成基于上下文的对象的重要性。 计算每个解析的合成基于上下文的对象的虚拟质量，以便定义当将合成的基于上下文的对象拉入每个基于上下文的数据重力井框架时创建的多个基于上下文的数据重力井的形状 在基于上下文的数据重力井膜上。

公开(公告)号：US11917404B2

公开(公告)日：2024-02-27

申请号：US18118208

申请日：2023-03-07

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Jeb R. Linton ,  Michael Amisano ,  John Melchionne ,  Dennis Kramer ,  David K. Wright ,  John Behnken

IPC: H04W12/06 ,  H04W12/02 ,  H04W8/04

CPC classification number: H04W12/06 ,  H04W12/02 ,  H04W8/04

Abstract: Methods for cellular network authentication utilizing unlinkable anonymous credentials are disclosed. In embodiments, a method includes: contacting, by a computing device, a mobile device network with a request to connect to the mobile device network; conducting, by the computing device, an interactive credential issuance protocol with an Issuer of the mobile device network to generate an unlinkable anonymous credential; and connecting, by the computing device, to the mobile device network based on a Verifier of the mobile device network verifying the computing device based on the unlinkable anonymous credential.