公开(公告)号：US11799825B2

公开(公告)日：2023-10-24

申请号：US17560569

申请日：2021-12-23

Applicant: UAB 360 IT

Inventor： Mantas Jonytis ,  Rytis Karpu{hacek over (s)}ka

IPC: H04L61/5076 ,  H04L9/40 ,  H04L67/12

CPC classification number: H04L61/5076 ,  H04L63/0435 ,  H04L63/0442 ,  H04L67/12

Abstract: A method including communicating, by a first device, data with a second device based at least in part on communication information indicating a communication parameter associated with the second device, the data being communicated over a meshnet connection associated with a mesh network; receiving, by the first device while communicating the data in the mesh network, updated communication information indicating an updated communication parameter associated with the second device; and communicating, by the first device, the data with the second device over the meshnet connection based at least in part on the updated communication information. Various other aspects are contemplated.

公开(公告)号：US20230334424A1

公开(公告)日：2023-10-19

申请号：US18140073

申请日：2023-04-27

Applicant: Capital One Services, LLC

Inventor： Trent JONES

IPC: G06Q10/10 ,  G06Q30/0201 ,  G06F16/955 ,  H04L9/40 ,  G06N20/00 ,  G06F9/54 ,  G06F21/60 ,  G06N3/02 ,  G06F9/445 ,  G06F16/25 ,  G06F21/62 ,  H04L9/08 ,  G06Q20/40 ,  G06Q30/018 ,  G06Q30/0601 ,  G06F40/103 ,  G06F40/174 ,  G06F40/18 ,  G06Q40/02 ,  G06F21/53 ,  G06N5/025 ,  G06Q20/38 ,  H04L67/01 ,  G06F18/24 ,  G06Q40/03

CPC classification number: G06Q10/10 ,  G06Q30/0206 ,  G06F16/9562 ,  H04L63/0435 ,  H04L63/123 ,  G06N20/00 ,  G06F9/547 ,  G06F21/602 ,  G06N3/02 ,  H04L63/0815 ,  H04L63/102 ,  G06F9/44505 ,  G06F9/54 ,  G06F16/258 ,  G06F21/6227 ,  G06F21/6245 ,  H04L63/08 ,  H04L63/166 ,  H04L63/168 ,  H04L9/0825 ,  G06F16/9558 ,  G06Q20/4014 ,  G06Q30/0185 ,  G06Q30/0637 ,  G06F40/103 ,  G06F40/174 ,  G06F40/18 ,  G06Q40/02 ,  G06Q30/0619 ,  G06Q30/0643 ,  G06F21/53 ,  G06N5/025 ,  G06Q20/382 ,  G06Q30/0601 ,  G06Q30/0613 ,  H04L67/01 ,  G06F21/604 ,  G06F18/24 ,  G06Q40/03 ,  G06F8/65

Abstract: Encryption is performed at the field level within a data object, in response to an encryption indicator. Encrypted fields are nulled or zeroed out and the encrypted values are stored in encryption metadata with a path identifying the locations of the encrypted fields. An encrypted data key is appended with a decryption identifier and stored in the encryption metadata. The encrypted data object may be reformatted while encrypted. The encrypted data key is extracted from the encryption metadata and the decryption identifier is used to identify a master key used to decrypt the encrypted data key. The data key is used to decrypt the encrypted values and the decrypted values are stored in the fields identified by the paths.

公开(公告)号：US11792782B1

公开(公告)日：2023-10-17

申请号：US17517443

申请日：2021-11-02

Applicant: Genghiscomm Holdings, LLC

Inventor： Steve Shattil

IPC: H04W72/12 ,  H04B7/0452 ,  H04B7/024 ,  H04W12/08 ,  H04L9/40 ,  H04W76/14 ,  H04W12/04 ,  H04L5/00 ,  H04W88/06 ,  H04W76/16 ,  H04W72/54

CPC classification number: H04W72/1215 ,  H04B7/024 ,  H04B7/0452 ,  H04L63/061 ,  H04W12/04 ,  H04W12/08 ,  H04W76/14 ,  H04L5/0037 ,  H04L63/0435 ,  H04W72/54 ,  H04W76/16 ,  H04W88/06

Abstract: A wireless user equipment (UE) device is configured to communicate with another UE via device-to-device (D2D) communications. The UE transmits a communication to the other UE, wherein the communication indicates scheduling of a shared spectrum resource. The shared spectrum resource is shared by a first network management operator (NMO) and a second NMO, wherein both the UE and the other UE are associated with the first NMO. The first NMO employs a first set of spatial channels in the shared spectrum resource, and a second set of spatial channels in the shared spectrum resource is made available for use by the second NMO, the second set being different from the first set. The UE communicates with the other UE over the first set of spatial channels.

公开(公告)号：US20230328054A1

公开(公告)日：2023-10-12

申请号：US17346299

申请日：2021-06-14

Applicant: Kelly Dao Xuan Nguyen ,  Duc Ngoc Pham ,  Tri Ngoc Truong ,  Vu Tuan Phan ,  Ha Thi Thu Bui ,  Anvay Arvind Rane ,  Bao Huynh Duong

Inventor： Kelly Dao Xuan Nguyen ,  Duc Ngoc Pham ,  Tri Ngoc Truong ,  Vu Tuan Phan ,  Ha Thi Thu Bui ,  Anvay Arvind Rane ,  Bao Huynh Duong

IPC: H04L9/40

CPC classification number: H04L63/083 ,  H04L63/0876 ,  H04L63/0435

Abstract: A networked computer system providing an automated control system that enables a sensor client to securely communicate with a heterogeneous set of unique sensors. The system enables autonomous secure identification of specific sensors capable of system inter-operation. Recognized sensors are autonomously paired and the connection secured using a password unique to the sensor and autonomously managed by the system. Measurement data is source encrypted using a well-defined public key, thereby providing data security that extends uninterrupted from the sensor itself to an appropriately authorized subsystem of the control system.

公开(公告)号：US20230328047A1

公开(公告)日：2023-10-12

申请号：US18334875

申请日：2023-06-14

Applicant: Hopr Corporation

Inventor： Thomas M. McNamara, JR. ,  Nicholas M. Hughes

IPC: H04L9/40

CPC classification number: H04L63/0435

Abstract: The present invention is a system and method for machine-to-machine communication in a Zero Trust environment. The instant invention describes a platform implementation that disables threat actors and their methods that target workload credentials. The platform is an Automated Moving Target Defense (AMTD) platform that creates sidecars that contain algorithms for creating secure keys from user specified dynamic elements, a machine alias ID (MAID), an encryption library, and an envoy proxy. The sidecars are utilized to control access to, and secure messaging traffic between, entities in a non-trusted environment.

公开(公告)号：US11784990B2

公开(公告)日：2023-10-10

申请号：US17549014

申请日：2021-12-13

Applicant: Intel Corporation

Inventor： Luis Kida ,  Reshma Lal

IPC: H04L29/06 ,  H04L9/40 ,  G06F13/28 ,  H04L9/08 ,  G06F9/50 ,  H04L9/32

CPC classification number: H04L63/0485 ,  G06F9/5044 ,  G06F9/5083 ,  G06F13/28 ,  H04L9/085 ,  H04L9/0825 ,  H04L9/3242 ,  H04L63/0435 ,  H04L63/061 ,  H04L63/123

Abstract: An apparatus to facilitate protecting data transfer between a secure application and networked devices is disclosed. The apparatus includes a source network interface controller (NIC); and a processor to provide a trusted execution environment (TEE) to run an application, wherein the source NIC operates outside of a trust boundary of the TEE, and wherein the processor is to utilize the application in the TEE to: generate encrypted data of the application; copy the encrypted data to a local shared buffer; interface with the source NIC to initiate a copy, over a network, of the encrypted data from the local shared buffer to a remote buffer of a remote platform; and communicate at least one message with the remote platform to indicate that the encrypted data is available and to enable the remote platform to verify integrity of the encrypted data, wherein the one least one message comprises an authentication tag.

公开(公告)号：US20230319111A1

公开(公告)日：2023-10-05

申请号：US17710686

申请日：2022-03-31

Applicant: Fortinet, Inc.

Inventor： Yita Lee ,  Sen Yang ,  Ting Liu

IPC: H04L9/40 ,  H04L45/42 ,  H04L45/02 ,  H04L47/125

CPC classification number: H04L63/20 ,  H04L63/0236 ,  H04L63/029 ,  H04L63/0435 ,  H04L45/42 ,  H04L45/02 ,  H04L47/125

Abstract: A processing blade is assigned from the plurality of processing blades to a session of data packets. The load balancing engine manages a session table and an IPsec routing table by updating the session table with a particular security engine card assigned to the session and by updating the IPsec routing table for storing a remote IP address for a particular session. Outbound raw data packets of a particular session are parsed for matching cleartext tuple information prior to IPsec encryption, and inbound encrypted data packets of the particular session are parsed for matching cipher tuple information prior to IPsec decryption. Inbound data packets assigned to the processing blade from the session table are parsed and forwarded to the station.

公开(公告)号：US20230319022A1

公开(公告)日：2023-10-05

申请号：US18041943

申请日：2021-06-17

Applicant: Bayerische Motoren Werke Aktiengesellschaft

Inventor： Daniel Knobloch ,  Sven Hofmann ,  Thorsten Knott

IPC: H04L9/40

CPC classification number: H04L63/0435

Abstract: Methods and apparatuses for secure communication between a first and a second communication partner are provided. The method for secure communication between a first and a second communication partner comprises establishing a communication link between the first and the second communication partner. Further, the method comprises determining one or more session identifiers by one of the first and the second communication partner. The method additionally comprises communicating the one or more session identifiers to the other of the first and the second communication partner. The method comprises determining, for each of the one or more session identifiers, a respective symmetric session key in each of the first and the second communication partner. In addition, the method comprises storing the one or more session identifiers and the corresponding symmetric session keys in each of the first and the second communication partner for one or more subsequent secure communication sessions.

公开(公告)号：US11770370B2

公开(公告)日：2023-09-26

申请号：US17739838

申请日：2022-05-09

Applicant: Eclypses, Inc.

Inventor： Timothy W. Reynolds

IPC: H04L9/40 ,  H04L9/08

CPC classification number: H04L63/0435 ,  H04L9/0861 ,  H04L63/0807 ,  H04L63/0869 ,  H04L63/123 ,  H04L63/126 ,  H04L63/168

Abstract: According to one example, a system includes a first computing device that includes one or more processors configured to generate a first encryption key, and encrypt data, using the first encryption key, for transmittal to a second computing device. The one or more processors are further configured to determine a first set of tokens; determine, from the first set of tokens, a plurality of tokens for the first encryption key; generate a packet comprising the encrypted data, and further comprising the plurality of tokens; and transmit the packet for receipt by the second computing device.

公开(公告)号：US11757841B2

公开(公告)日：2023-09-12

申请号：US17472677

申请日：2021-09-12

Applicant: Netflow, UAB

Inventor： Nikodemas {hacek over (Z)}aliauskas ,  Karolis Kaciulis

IPC: H04L9/40 ,  H04L69/24 ,  H04L69/00 ,  H04L41/0803 ,  H04L67/141 ,  H04L41/08 ,  H04L12/46 ,  H04L67/01 ,  H04L67/12

CPC classification number: H04L63/0272 ,  H04L12/4641 ,  H04L41/08 ,  H04L41/0803 ,  H04L63/029 ,  H04L63/0435 ,  H04L67/01 ,  H04L67/141 ,  H04L69/24 ,  H04L69/26 ,  H04L67/12

Abstract: A method for configuring a protocol in a virtual private network (VPN) service environment, the method including receiving, from a user device, device information associated with operation of the user device during an established VPN connection; configuring, based at least in part on the device information, a given VPN protocol from among a plurality of VPN protocols for utilization during the established VPN connection; and transmitting, to the user device, information associated with the given VPN protocol to enable the user device and a VPN server to utilize the given VPN protocol during the established VPN connection. Various other aspects are contemplated.