公开(公告)号：US11837224B1

公开(公告)日：2023-12-05

申请号：US17136273

申请日：2020-12-29

Applicant: JPJ Ventures, LLC

Inventor： Daemon Whittenburg ,  Pat Williams ,  Justin Hipps

IPC: G10L15/00 ,  G10L15/22 ,  G16H10/60 ,  G06F9/54 ,  G10L15/30 ,  H04L9/40 ,  H04L9/32 ,  G10L15/18

CPC classification number: G10L15/22 ,  G06F9/547 ,  G10L15/1822 ,  G10L15/30 ,  G16H10/60 ,  H04L9/3213 ,  H04L63/0485 ,  H04L63/166

Abstract: Systems and methods for real-time patient record transcriptions and medical form population via mobile devices are described. A user (e.g., a medical professional) may speak into or near a mobile device operable to detect or record spoken language, and furthermore the mobile device may initiate real-time transcription of the spoken language to generate unstructured transcription text data corresponding to the spoken language. The unstructured transcription text data may be parsed for words or phrases indicative of medical information for generating structured data, where the structured data includes terms, phrases, and values identified via delineators and/or natural language processing techniques. Discrete data from the structured data may be directly inserted into corresponding locations (e.g., appropriate medical form text fields) in electronic medical records via APIs and service bus relays.

公开(公告)号：US11836243B2

公开(公告)日：2023-12-05

申请号：US17959181

申请日：2022-10-03

Applicant: Cyral Inc.

Inventor： Manav Ratan Mital ,  Srinivas Nageswarrao Vadlamani ,  Pramod Chandraiah

IPC: G06F21/44 ,  G06F21/45 ,  H04L9/40

CPC classification number: G06F21/45 ,  G06F21/44 ,  H04L63/0884 ,  H04L63/102 ,  H04L63/166 ,  H04L63/168

Abstract: A method for providing connection between applications and a data repository is described. The method includes receiving a communication from an application for the data repository. The application is authenticated. In response to the application being authenticated, the credentials for the data repository are obtained from a data vault. The credentials are used to access the data repository while the application is free of the credentials.

公开(公告)号：US11831634B2

公开(公告)日：2023-11-28

申请号：US17084922

申请日：2020-10-30

Applicant: EMC IP Holding Company LLC

Inventor： Dmitry Nikolayevich Tylik ,  Charles W. Kaufman ,  Gregory W. Lazar ,  Marco Abela ,  Jingyan Zhao

IPC: H04L29/06 ,  H04L9/40 ,  G06F9/455

CPC classification number: H04L63/0823 ,  G06F9/45558 ,  H04L63/0236 ,  H04L63/166 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: A technique for managing communications between a server and multiple clients includes configuring the server to support multiple sets of certificates for respective clients having respective root certificates. The technique further includes determining an indicator associated with a client root certificate during an initial handshake between a client and the server and providing the client with a server certificate associated with the indicator.

公开(公告)号：US11824976B1

公开(公告)日：2023-11-21

申请号：US17534920

申请日：2021-11-24

Applicant: Wells Fargo Bank, N.A.

Inventor： Bradford A. Shea ,  M. Erik Meinholz ,  Robert L. Carter, Jr. ,  Jeff J. Stapleton ,  Abhijit Rao ,  Pierre Arbajian ,  Peter Bordow ,  Ravi K. Maganti

IPC: H04L9/08 ,  H04L9/32 ,  H04L9/40 ,  H04L9/06

CPC classification number: H04L9/0852 ,  H04L9/0827 ,  H04L9/3215 ,  H04L63/166 ,  H04L63/18 ,  H04L9/0631

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for PQC. An example method includes transmitting a first portion of an electronic communication to a client device over a non-PQC communications channel, wherein the first portion of the electronic communication comprises a PQC request data structure. The example method further includes receiving a PQC acknowledgment data structure from the client device over the non-PQC communications channel. The example method further includes transmitting a quantum cryptographic key to the client device over a quantum communications channel and authenticating a session with the client device over the non-PQC communications channel based on the quantum cryptographic key. Subsequently, the example method includes transmitting a second portion of the electronic communication to the client device over a PQC communications channel.

公开(公告)号：US11824875B2

公开(公告)日：2023-11-21

申请号：US18084366

申请日：2022-12-19

Applicant: Centripetal Networks, LLC

Inventor： Sean Moore ,  Jonathan R. Rogers ,  Vincent Mutolo ,  Peter P. Geremia

IPC: H04L29/06 ,  H04L9/40

CPC classification number: H04L63/1416 ,  H04L63/0245 ,  H04L63/1425 ,  H04L63/1466 ,  H04L63/166

Abstract: A threat intelligence gateway (TIG) may protect TCP/IP networks from network (e.g., Internet) threats by enforcing certain policies on in-transit packets that are crossing network boundaries. The policies may be composed of packet filtering rules with packet-matching criteria derived from cyber threat intelligence (CTI) associated with Internet threats. These CTI-derived packet-filtering rules may be created offline by policy creation and management servers, which may distribute the policies to subscribing TIGs that subsequently enforce the policies on in-transit packets. Each packet filtering rule may specify a disposition that may be applied to a matching in-transit packet, such as deny/block/drop the in-transit packet or pass/allow/forward the in-transit packet, and also may specify directives that may be applied to a matching in-transit packet, such as log, capture, spoof-tcp-rst, etc. Often, however, the selection of a rule's disposition and directives that best protect the associated network may not be optimally determined before a matching in-transit packet is observed by the associated TIG. In such cases, threat context information that may only be available (e.g., computable) at in-transit packet observation and/or filtering time, such as current time-of-day, current TIG/network location, current TIG/network administrator, the in-transit packet being determined to be part of an active attack on the network, etc., may be helpful to determine the disposition and directives that may best protect the network from the threat associated with the in-transit packet. The present disclosure describes examples of methods, systems, and apparatuses that may be used for efficiently determining (e.g., accessing and/or computing), in response to the in-transit packet, threat context information associated with an in-transit packet. The threat context information may be used to efficiently determine the disposition and/or one or more directives to apply to the in-transit packet. This may result in dispositions and/or directives being applied to in-transit packets that better protect the network as compared with solely using dispositions and directives that were predetermined prior to receiving the in-transit packet.

公开(公告)号：US11822461B2

公开(公告)日：2023-11-21

申请号：US17453902

申请日：2021-11-08

Applicant: SAP SE

Inventor： Arley Triana Morin

IPC: G06F11/36 ,  H04L67/141 ,  H04L9/40

CPC classification number: G06F11/3664 ,  G06F11/362 ,  H04L63/166 ,  H04L67/141

Abstract: Provided are systems and methods for remotely debugging a software application hosted on a cloud platform. Rather than download and test code locally, a developer may login directly to the cloud platform, and debug the software application in its native cloud environment. In one example, the method may include establishing a communication channel between a remote computing terminal and an application instance hosted on a cloud platform, enabling port forwarding at the remote computing terminal to redirect requests from the remote computing terminal to the application instance hosted on the cloud platform via the communication channel, attaching a debugger to a port at the remote computing terminal that is associated with the communication channel, and forwarding, via the debugger, debugging commands input at the remote computing terminal to the application instance hosted on the cloud platform via the communication channel.

公开(公告)号：US20230370287A1

公开(公告)日：2023-11-16

申请号：US18226351

申请日：2023-07-26

Applicant: INTEGRITY SECURITY SERVICES LLC

Inventor： Daniel R. Fynaardt ,  William L. Lattin ,  Gregory Powell

IPC: H04L9/32 ,  H04L9/40 ,  H04W12/06 ,  H04L41/0806 ,  H04L41/5041 ,  H04W12/30 ,  H04L67/02 ,  H04L67/12 ,  G06F16/22 ,  H04L67/306 ,  H04W4/44

CPC classification number: H04L9/3268 ,  H04L63/20 ,  H04W12/06 ,  H04L41/0806 ,  H04L63/00 ,  H04L41/5041 ,  H04W12/35 ,  H04L63/0823 ,  H04L67/02 ,  H04L63/166 ,  H04L67/12 ,  G06F16/22 ,  H04L67/306 ,  H04L2209/80 ,  H04W4/44 ,  H04L2209/84

Abstract: A system for securely provisioning a plurality of computerized devices of a tenant, is provided. The system includes a processor, and a computer storage medium including instructions that when executed by the processor cause the processor to perform operations. The operations include receiving provisioning requests from the plurality of computerized devices needing certificates, each provisioning request indicating a tenant identifier identifying the tenant, and transmitting the provisioning requests to a set of security credential management system backend components based on the tenant identifier. The set of SCMS backend components includes enrollment certificate authorities operable to generate enrollment certificates, each provisioning request being transmitted to one of the one or more enrollment certificate authorities based on the tenant identifier of each provisioning request, and a pseudonym certificate authority operable to generate digital assets in response to receiving a provisioning request.

公开(公告)号：US11818279B2

公开(公告)日：2023-11-14

申请号：US17888251

申请日：2022-08-15

Applicant: Akamai Technologies, Inc.

Inventor： Brandon O. Williams ,  Andres Guedez

IPC: H04L9/32 ,  H04L9/08 ,  H04L9/40

CPC classification number: H04L9/3268 ,  H04L9/0894 ,  H04L63/0209 ,  H04L63/0823 ,  H04L63/166 ,  H04L63/06

Abstract: A method to generate a trusted certificate on an endpoint appliance located in an untrusted network, wherein client devices are configured to trust a first Certificate Authority (CA) that is administered by the untrusted network. In this approach, an overlay network is configured between the endpoint appliance and an origin server associated with the endpoint appliance. The overlay comprises an edge machine located proximate the endpoint appliance, and an associated key management service. A second CA is configured in association with the key management service to receive a second certificate signed by the first CA. A third CA is configured in association with the edge machine to receive a third certificate signed by the second CA. In response to a request from the appliance, a server certificate signed by the third CA is dynamically generated and provided to the appliance. A client device receiving the server certificate from the endpoint appliance trusts the server certificate as if the server certificate originated from the first CA, thereby enabling the endpoint appliance to terminate a secure information flow received at the endpoint appliance.

公开(公告)号：US11818168B2

公开(公告)日：2023-11-14

申请号：US17814908

申请日：2022-07-26

Applicant: Cymulate Ltd.

Inventor： Avihai Ben-Yosef ,  Eyal Aharoni ,  Shmuel Ur

IPC: G06F21/00 ,  H04L9/40 ,  G06F16/901 ,  G06F17/18

CPC classification number: H04L63/1466 ,  G06F16/9024 ,  G06F17/18 ,  H04L63/1425 ,  H04L63/166

Abstract: Method, product and apparatus for monitoring for security threats from lateral movements. A method comprises obtaining a graph of network lateral movements, that comprises nodes, representing network assets, and directed edges, representing a network lateral movement from a source asset to a target asset. An event that affects the graph of network lateral movements is detected. The event affects at least one of: the payload utility of the node and the probability of penetration to the node. The graph of network lateral movements is updated based on the event. The updated graph is analyzed to determine one or more mitigation actions to be applied. The one or more mitigation actions are applied automatically, manually or the like.

公开(公告)号：US20230362186A1

公开(公告)日：2023-11-09

申请号：US18222887

申请日：2023-07-17

Applicant: QUALYS, INC.

Inventor： Wissam Ali-Ahmad ,  Wolfgang Kandek ,  Holger Kruse ,  Vikas Dewan ,  Khair-ed-dine Mazboudi ,  Ganesh Jampani ,  Kenneth K. Okumura

IPC: H04L9/40 ,  G06F3/048 ,  H04L67/02

CPC classification number: H04L63/1433 ,  H04L63/1441 ,  H04L63/166 ,  H04L63/1408 ,  G06F3/048 ,  H04L67/02 ,  H04L63/0281 ,  G06F2221/2101 ,  G06F2221/2119

Abstract: Methods and systems for scanning an endpoint terminal across an open computer network are disclosed. An exemplary method includes providing a scanner engine in a computer server in communication with an open computer network, and establishing a secure connection across the open computer network between the scanner engine and a scanner agent installed on the endpoint terminal in communication with the open computer network. Commands for collecting data regarding the endpoint terminal are sent from the scanner engine across the secure connection to the scanner agent. The scanner engine then receives the collected data from the scanner agent across the secure connection, analyzes the data to assess a current posture of the endpoint terminal, and determines any updates for the endpoint terminal from the analysis. Updates are sent across the secure connection to the scanner agent for installation on the endpoint terminal, and the secure connection may then be terminated.