专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US11323272B2 Electronic identification verification methods and systems with storage of certification records to a side chain 有权
公开(公告)号：US11323272B2
公开(公告)日：2022-05-03
申请号：US16697131
申请日：2019-11-26
申请人： Ping Identity Corporation
发明人： Armin Ebrahimi , Gaurav Khot , Vladimir Reshetnikov , Robert Gadbois
IPC分类号： H04L9/32 , H04L9/06 , G06Q20/06 , G06K7/14 , G06Q20/38 , G06F7/58
摘要： Method of certification including receiving user data at a device of a certifying entity. The method includes generating a salt that is unique. The method includes hashing the data combined with the salt to create a generated hashed data. The method includes generating a certification record based on signing the generated hashed data using a private key of the certifying entity to create a signed certification of the data. The method includes hashing the certification record. The method includes transmitting the hashed certification record to a blockchain for storing. The method includes receiving a certification tx-ID of the hashed certification record. The method includes generating a certification data block including the certification record and the certification tx-ID. The method includes storing the certification data block to a side chain.

2. 发明申请

US20210334808A1 IDENTITY MANAGEMENT SERVICE USING A BLOCKCHAIN PROVIDING CERTIFYING TRANSACTIONS BETWEEN DEVICES 有权
公开(公告)号：US20210334808A1
公开(公告)日：2021-10-28
申请号：US17121971
申请日：2020-12-15
申请人： Ping Identity Corporation
发明人： Armin Ebrahimi
IPC分类号： G06Q20/40 , H04L9/30 , H04L9/32 , H04L9/14 , H04L9/06 , H04W12/06 , H04W12/04 , G06F21/31 , G06Q20/02 , G06Q20/32 , G06Q20/38 , G06F21/34 , G06F21/64 , G06K19/06
摘要： Logic on a first remote device receives a first transaction number and personal data transmitted from a second remote device. The first transaction number was received from a distributed public database in response to a transmission, from the second remote device, of a signed hash value and a first public key associated with a first private key on the second remote device. The signed hash value was created by signing a hash value with the first private key and the hash value was generated by hashing the personal data with a hashing algorithm on the second remote device. The logic uses the first transaction number to retrieve the signed hash value and the first public key from the distributed public database. The logic hashes the personal data using the hashing algorithm to create a generated hash value and verifies the signed hash value against the generated hash value.

3. 发明授权

US10834054B2 Systems and methods for API routing and security 有权
公开(公告)号：US10834054B2
公开(公告)日：2020-11-10
申请号：US15164555
申请日：2016-05-25
申请人： Ping Identity Corporation
发明人： Udayakumar Subbarayan , Bernard Harguindeguy , Anoop Krishnan Gopalakrishnan , Abdu Raheem Poonthiruthi
IPC分类号： H04L29/06 , H04L12/24 , H04L29/08 , H04L12/715 , H04L12/771 , H04L12/775 , H04L29/14 , H04L12/741 , H04L12/803 , H04L12/813 , G06F9/54
摘要： The invention provides methods, computer program products, proxies and proxy clusters configured for forwarding, routing and/or load balancing of client requests or messages between multiple different APIs and/or multiple instances of an API. The invention further provides for efficient session information based routing of client requests for a target API, wherein multiple instances of the target API are simultaneously implemented across one or more API servers. The invention additionally enables separation of a control plane (i.e. control logic) and run time execution logic within a data plane within proxies in a proxy cluster, and also enables implementation of a plurality of data planes within each proxy—thereby ensuring security, high availability and scalability. An invention embodiment additionally implements two-stage rate limiting protection for API servers combining rate limiting between client and each proxy, and rate limiting between a proxy cluster and a server backend.

4. 发明申请

US20200336467A1 METHODS AND SYSTEMS FOR API PROXY BASED ADAPTIVE SECURITY 审中-公开
公开(公告)号：US20200336467A1
公开(公告)日：2020-10-22
申请号：US16881376
申请日：2020-05-22
申请人： Ping Identity Corporation
发明人： Udayakumar SUBBARAYAN , Bernard HARGUINDEGUY , Anoop Krishnan GOPALAKRISHNAN , Abdu Raheem POONTHIRUTHI
IPC分类号： H04L29/06 , H04L12/24 , H04L29/08 , H04L12/715 , H04L12/771 , H04L12/775 , H04L29/14 , H04L12/741 , H04L12/803 , H04L12/813 , G06F9/54
摘要： The invention concerns API proxy based adaptive security. The invention implements adaptive security for API servers, while avoiding data bottlenecks and maintaining client experience. The invention provides methods and configurations for API security that may be employed at proxies for implementing routing decisions involving client messages received at said proxies. The invention also involves generating or collecting at proxies, log information that captures data corresponding to received client messages and responses from API servers—which log information correlates communications between clients, proxies and backend API servers, and includes data relevant for purposes generating API metrics and identifying anomalies and/or indicators of compromise. The invention yet further provides security server clusters configured for generating API metrics and/or identify anomalies or indicators of compromise—which may be used by proxies to terminate existing connections and block subsequent requests or messages from clients associated with the identified anomalies or indicators of compromise.

5. 发明授权

US08856887B2 Methods and apparatus for delegated authentication token retrieval 有权
标题翻译：委托认证令牌检索的方法和设备
公开(公告)号：US08856887B2
公开(公告)日：2014-10-07
申请号：US13544565
申请日：2012-07-09
申请人： Bryan Field-Eliot , Sateesh Narahari , Paul Madsen
发明人： Bryan Field-Eliot , Sateesh Narahari , Paul Madsen
IPC分类号： G06F15/16
CPC分类号： H04L63/08 , G06F21/335 , G06F21/41 , G06F21/44 , H04L9/3213 , H04L63/0807 , H04L63/0884 , H04L63/102
摘要： In some embodiments, a non-transitory processor-readable medium includes code to cause a processor to send, from an authorization client on a device to a client authorization module, an indication of multiple applications installed on the device, and receive, at the authorization client and in response to the indication, multiple application tokens from the client authorization module. Each individual application token from the multiple application tokens received by the authorization client is uniquely associated with an application from the multiple applications installed on the device. The authorization client provides each application its associated application token such that each application from the multiple applications can use that application token in order to be authenticated to an application server associated with the application.
摘要翻译：在一些实施例中，非暂时处理器可读介质包括使处理器从设备上的授权客户端向客户机授权模块发送安装在设备上的多个应用程序的指示并且在授权下接收的代码并且响应于该指示，来自客户端授权模块的多个应用令牌。来自授权客户端接收的多个应用程序令牌的每个单独的应用程序令牌都与安装在设备上的多个应用程序的应用程序唯一相关。授权客户机为每个应用程序提供其相关联的应用程序令牌，使得来自多个应用程序的每个应用程序可以使用该应用程序令牌，以便对与应用程序相关联的应用程序服务器进行身份验证。

6. 发明授权

US08615794B1 Methods and apparatus for increased security in issuing tokens 有权
标题翻译：提高令牌安全性的方法和手段
公开(公告)号：US08615794B1
公开(公告)日：2013-12-24
申请号：US13737525
申请日：2013-01-09
申请人： Ping Identity Corporation
发明人： Scott Tomilson , Brian Campbell
IPC分类号： G06F21/00
CPC分类号： G06F21/6218 , G06F21/44 , H04L63/10 , H04W12/08
摘要： In some embodiments, an apparatus includes an authorization module implemented in at least one of a memory or a processing device. The authorization module receives at a first time and from a first mobile application, a request for an access token associated with a second mobile application that includes an identifier associated with the second mobile application and a first random verification identifier. The authorization module provides to the first mobile application a signal representing an authorization code associated with the access token. The authorization module receives from the second mobile application at a second time a signal representing the authorization code, the identifier associated with the second mobile application, and a second random verification identifier. The authorization module provides a signal representing the access token to the second mobile application based in part on the first random verification identifier being equal to the second random verification identifier.
摘要翻译：在一些实施例中，装置包括在存储器或处理装置中的至少一个中实现的授权模块。授权模块在第一时间从第一移动应用接收与第二移动应用相关联的访问令牌的请求，该第二移动应用包括与第二移动应用相关联的标识符和第一随机验证标识符。授权模块向第一移动应用提供表示与访问令牌相关联的授权码的信号。授权模块在第二时间从第二移动应用接收到表示授权码的信号，与第二移动应用相关联的标识符和第二随机验证标识符。部分地基于与第二随机验证标识符相等的第一随机验证标识符，授权模块向第二移动应用提供表示访问令牌的信号。

7. 发明授权

US11641343B2 Methods and systems for API proxy based adaptive security 有权
公开(公告)号：US11641343B2
公开(公告)日：2023-05-02
申请号：US16881376
申请日：2020-05-22
申请人： Ping Identity Corporation
发明人： Udayakumar Subbarayan , Bernard Harguindeguy , Anoop Krishnan Gopalakrishnan , Abdu Raheem Poonthiruthi
IPC分类号： H04L29/06 , H04L9/40 , H04L41/50 , H04L67/02 , H04L41/12 , H04L67/10 , H04L45/00 , H04L45/58 , H04L67/1095 , H04L67/12 , H04L67/145 , H04L69/40 , H04L67/1061 , H04L41/0813 , H04L67/01 , H04L67/56 , H04L67/60 , H04L67/1014 , H04L41/0893 , H04L45/74 , H04L47/125 , H04L47/20 , H04L69/16 , H04L69/329 , G06F9/54 , H04L41/28
摘要： The invention concerns API proxy based adaptive security. The invention implements adaptive security for API servers, while avoiding data bottlenecks and maintaining client experience. The invention provides methods and configurations for API security that may be employed at proxies for implementing routing decisions involving client messages received at said proxies. The invention also involves generating or collecting at proxies, log information that captures data corresponding to received client messages and responses from API servers—which log information correlates communications between clients, proxies and backend API servers, and includes data relevant for purposes generating API metrics and identifying anomalies and/or indicators of compromise. The invention yet further provides security server clusters configured for generating API metrics and/or identify anomalies or indicators of compromise—which may be used by proxies to terminate existing connections and block subsequent requests or messages from clients associated with the identified anomalies or indicators of compromise.

8. 发明申请

US20230061142A1 METHODS AND SYSTEMS FOR DEEP LEARNING BASED API TRAFFIC SECURITY 有权
公开(公告)号：US20230061142A1
公开(公告)日：2023-03-02
申请号：US17817577
申请日：2022-08-04
申请人： Ping Identity Corporation
发明人： Udayakumar SUBBARAYAN , Bernard HARGUINDEGUY , Anoop Krishnan GOPALAKRISHNAN , Nagabhushana ANGADI , Ashwani KUMAR , Santosh SAHU , Abdu POONTHIRUTHI , Avinash Kumar SAHU , Yasar KUNDOTTIL
IPC分类号： H04L9/40 , G06N20/00 , G06F21/55 , G06F21/62
摘要： The present invention relates to the field of networking and API/application security. In particular, the invention is directed towards methods, systems and computer program products for deep learning based API traffic analysis and network security. The invention provides an automated approach to threat and/or attack detection by machine learning based accumulation and/or interpretation of various API/application traffic patterns, identifying and mapping characteristics of normal traffic for each API, and thereafter identifying any deviations from the normal traffic parameter baselines, which deviations may be classified as anomalies or attacks.

9. 发明授权

US11496475B2 Methods and systems for data traffic based adaptive security 有权
公开(公告)号：US11496475B2
公开(公告)日：2022-11-08
申请号：US16733570
申请日：2020-01-03
申请人： Ping Identity Corporation
发明人： Bernard Harguindeguy , Udayakumar Subbarayan , Isidore Rosenblum , Abduraheem Poonthiruthi , Anoop Krishnan Gopalakrishnan , Ashwani Kumar
IPC分类号： H04L29/06 , H04L9/40
摘要： The present disclosure relates to traffic monitoring through one or more access control servers configured configured for (i) routing server resource request messages to resource server(s), (ii) extracting information identifying a target server resource from data packets corresponding to one or more received server resource request messages, and (iii) selectively transmitting the received server resource request message to a resource server. The security server(s) is configured to receive a server resource request message data extracted from a server resource request message and initiate a first security response, wherein the initiated first security response is dependent on analysis of the server resource request message data. Responsive to identifying an indicator of compromise or that an originating terminal corresponding to the server resource request is identified within a blacklist, the first security response comprises non-transmission of at least one server resource request message by the access control server to a resource server.

10. 发明申请

US20220327304A1 TRANSFERRING DATA FILES USING A SERIES OF VISUAL CODES 有权
公开(公告)号：US20220327304A1
公开(公告)日：2022-10-13
申请号：US17680762
申请日：2022-02-25
申请人： Ping Identity Corporation
发明人： Armin EBRAHIMI , Gaurav KHOT
IPC分类号： G06K7/14 , G06K7/10 , G06K19/06 , H04L9/32 , H04L9/14 , H04L9/30 , G09C5/00
摘要： Software on an image-capturing device iteratively captures a visual code in a series of visual codes displayed in a repeating progression on a screen of a mobile device. The visual code was generated from a display block that resulted from a partition of an original data file into a series of display blocks of at least a specified size. The software converts the visual code back into a display block and reads a header for the display block, discarding the display block if it has already been captured, as determined by the ordered identifying block number in a header. The software stops the iterative capturing when all of the display blocks in the series have been captured, as determined by the count in the header and coalesces the captured display blocks into the original data file, using an order determined by the ordered identifying block numbers.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式