42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
Software as a service (SaaS) services, namely, hosting
non-downloadable computer software for use by others that
facilitates verifiable credentials and identity federation
in the field of digital security and identification;
software as a service (SaaS) services, namely, hosting
non-downloadable computer software for use by others that
provides identity verification services, namely, providing
authentication of personal identification information,
namely, a person's verified identity; software as a service
(SaaS) services, namely, hosting non-downloadable computer
software for use by others that provides identity
validation, namely, providing authentication of personal
identification information via the internet; software as a
service (SaaS) services, namely, hosting non-downloadable
computer software for use by others that provides fraud
detection services in the field of identity verification;
software as a service (SaaS) services, namely, hosting
non-downloadable computer software for use by others that
provides credentialing and identity verification, namely,
authentication, issuance and validation of verifiable
certificates and credentials for purposes of providing user
authentication between two or more entities in the field of
digital security; credentialing and identity verification
services, namely, authentication, issuance and validation of
verifiable certificates and credentials for purposes of
providing user authentication between two or more entities
in the field of digital security. Identity verification services, namely, providing
authentication of personal identification information,
namely, a person's verified identity; identity validation,
namely, providing authentication of personal identification
information via the internet; fraud detection services in
the field of identity verification.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software for facilitating identity
federation, multi-factor and strong authentication and
access control for web, mobile and application programmable
interfaces (API). Electronic signature verification services using technology
to authenticate user identity; user authentication services
using single sign-on technology for online software
applications; providing user authentication services using
single sign-on technology for online software applications;
providing user authentication services using single sign-on
technology for authentication between two or more entities
in the field of digital security; software as a service
(SaaS) services featuring software for use by others that
facilitates identity federation, multi-factor and strong
authentication, access control for web, mobile and
application programmable interfaces (API).
Business consulting services in the field of identity federation, multi-factor and strong authentication, access control for web, mobile, application programmable interfaces (API), and single sign-on technology for authentication between two or more entities in the field of digital security
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software for facilitating identity federation, multi-factor and strong authentication and access control for web, mobile and application programmable interfaces (API) Electronic signature verification services using technology to authenticate user identity; User authentication services using single sign-on technology for online software applications; Providing user authentication services using single sign-on technology for online software applications; Providing user authentication services using single sign-on technology for authentication between two or more entities in the field of digital security; Software as a service (SAAS) services featuring software for use by others that facilitates identity federation, multi-factor and strong authentication, access control for web, mobile and application programmable interfaces (API)
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software for facilitating identity federation, multi-factor and strong authentication and access control for web, mobile and application programmable interfaces (API) Electronic signature verification services using technology to authenticate user identity; User authentication services using single sign-on technology for online software applications; Providing user authentication services using single sign-on technology for online software applications; Providing user authentication services using single sign-on technology for authentication between two or more entities in the field of digital security; Software as a service (SAAS) services featuring software for use by others that facilitates identity federation, multi-factor and strong authentication, access control for web, mobile and application programmable interfaces (API)
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that facilitates verifiable credentials and identity federation in the field of digital security and identification; Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that provides identity verification services, namely, providing authentication of personal identification information, namely, a person's verified identity; Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that provides identity validation, namely, providing authentication of personal identification information via the internet; Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that provides fraud detection services in the field of identity verification; Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that provides credentialing and identity verification, namely, authentication, issuance and validation of verifiable certificates and credentials for purposes of providing user authentication between two or more entities in the field of digital security; credentialing and identity verification services, namely, authentication, issuance and validation of verifiable digital certificates and credentials for purposes of providing user authentication between two or more entities in the field of digital security; fraud detection services in the field of identity verification in the nature of monitoring of computer systems for detecting unauthorized access or data breach Identity verification services, namely, providing authentication of personal identification information, namely, a person's verified identity, as part of personal background investigations; identity validation, namely, providing authentication of personal identification information via the internet, as part of personal background investigation
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that facilitates verifiable credentials and identity federation in the field of digital security and identification; Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that provides identity verification services, namely, providing authentication of personal identification information, namely, a person's verified identity; Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that provides identity validation, namely, providing authentication of personal identification information via the internet; Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that provides fraud detection services in the field of identity verification; Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that provides credentialing and identity verification, namely, authentication, issuance and validation of verifiable certificates and credentials for purposes of providing user authentication between two or more entities in the field of digital security; credentialing and identity verification services, namely, authentication, issuance and validation of verifiable digital certificates and credentials for purposes of providing user authentication between two or more entities in the field of digital security; fraud detection services in the field of identity verification in the nature of monitoring of computer systems for detecting unauthorized access or data breach Identity verification services, namely, providing authentication of personal identification information, namely, a person's verified identity, as part of personal background investigations; identity validation, namely, providing authentication of personal identification information via the internet, as part of personal background investigations
8.
Electronic identification verification methods and systems with storage of certification records to a side chain
Method of certification including receiving user data at a device of a certifying entity. The method includes generating a salt that is unique. The method includes hashing the data combined with the salt to create a generated hashed data. The method includes generating a certification record based on signing the generated hashed data using a private key of the certifying entity to create a signed certification of the data. The method includes hashing the certification record. The method includes transmitting the hashed certification record to a blockchain for storing. The method includes receiving a certification tx-ID of the hashed certification record. The method includes generating a certification data block including the certification record and the certification tx-ID. The method includes storing the certification data block to a side chain.
G06K 7/14 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
G06F 7/58 - Random or pseudo-random number generators
G06Q 20/06 - Private payment circuits, e.g. involving electronic currency used only among participants of a common payment scheme
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software that facilitates verifiable
credentials and identity federation in the field of digital
security and identity verification. Software as a service (SAAS) services, namely, hosting
non-downloadable computer software for use by others that
facilitates verifiable credentials and identity federation
in the field of digital security and identification;
credentialing and identity verification services, namely,
issuing verifiable credentials and providing user
authentication between two or more entities in the field of
digital security.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
(1) Downloadable computer software that facilitates verifiable credentials and identity federation in the field of digital security and identity verification. (1) Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that facilitates verifiable credentials and identity federation in the field of digital security and identification; identity verification services, namely, providing validation of one's proof of verified identity between two or more entities in the field of digital security.
11.
Methods, systems, and apparatus for credential format and protocol management
In an embodiment, a method includes receiving, by a processor and from a user device associated with a user, a request to access a service associated with a first protocol. The method further includes receiving, by the processor, a virtual credential of the user authorized by an authorizing entity. The virtual credential is compliant with a second protocol different than the first protocol. The method further includes verifying, by the processor, that the virtual credential is authorized by the authorizing entity. The method further includes transforming, by the processor, the virtual credential to generate a transformed virtual credential compliant with the first protocol. The method further includes sending, by the processor, a representation of the transformed virtual credential to the service. The method further includes verifying, by the processor and after the sending, that the transformed virtual credential is valid.
In an embodiment, a method includes receiving, by a processor and from a user device associated with a user, a request to access a service associated with a first protocol. The method further includes receiving, by the processor, a virtual credential of the user authorized by an authorizing entity. The virtual credential is compliant with a second protocol different than the first protocol. The method further includes verifying, by the processor, that the virtual credential is authorized by the authorizing entity. The method further includes transforming, by the processor, the virtual credential to generate a transformed virtual credential compliant with the first protocol. The method further includes sending, by the processor, a representation of the transformed virtual credential to the service. The method further includes verifying, by the processor and after the sending, that the transformed virtual credential is valid.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
H04W 12/069 - Authentication using certificates or pre-shared keys
13.
METHOD AND APPARATUS FOR SECURE AUTHENTICATION BASED ON PROXIMITY
In an embodiment, a set of dynamic proximity attribute (DPA) Risk Signals (RS) indicating whether a user is within a predetermined proximity of a registered user mobile device (RUMD) and a registered user device (RUD) is received from the RUMD and at an identity provider (IDP) communicably coupled to the RUMD based on short-range communication between the RUMD and the RUD. The RUMD is configured to monitor devices in short-range communication in a dynamic proximity area network (DPxAN) via an IDP application (IDPAmd) associated with the RUMD. A Risk Parameter Value (RPV) is determined according to at least the set of DPA RS received from the RUMD. A passwordless request to authenticate the user at the RUD on which a user access request originated is received from a Service Provider (SPn) by the IDP. An authentication response is sent from the IDP to the SPn based on the RPV.
G06Q 20/40 - Authorisation, e.g. identification of payer or payee, verification of customer or shop credentialsReview and approval of payers, e.g. check of credit lines or negative lists
In an embodiment, a set of dynamic proximity attribute (DPA) Risk Signals (RS) indicating whether a user is within a predetermined proximity of a registered user mobile device (RUMD) and a registered user device (RUD) is received from the RUMD and at an identity provider (IDP) communicably coupled to the RUMD based on short-range communication between the RUMD and the RUD. The RUMD is configured to monitor devices in short-range communication in a dynamic proximity area network (DPxAN) via an IDP application (IDPAmd) associated with the RUMD. A Risk Parameter Value (RPV) is determined according to at least the set of DPA RS received from the RUMD. A passwordless request to authenticate the user at the RUD on which a user access request originated is received from a Service Provider (SPn) by the IDP. An authentication response is sent from the IDP to the SPn based on the RPV.
The present disclosure relates to traffic monitoring through one or more access control servers configured for (i) routing server resource request messages to resource server(s), (ii) extracting information identifying a target server resource from data packets corresponding to one or more received server resource request messages, and (iii) selectively transmitting the received server resource request message to a resource server. The security server(s) is configured to receive a server resource request message data extracted from a server resource request message and initiate a first security response, wherein the initiated first security response is dependent on analysis of the server resource request message data. Responsive to identifying an indicator of compromise or that an originating terminal corresponding to the server resource request is identified within a blacklist, the first security response comprises non-transmission of at least one server resource request message by the access control server to a resource server.
We propose a method of authenticating a client device with a provider. The method includes receiving an authentication request from the client device at an authentication server. The method includes sending a challenge to a hardware-based security module of the client device based on the authentication request. The method includes receiving a response to the challenge and identifying the provider corresponding to the authentication request. The method includes authenticating the client device with the provider based on the authentication request and the response to the challenge.
SYSTEMS, APPARATUS AND METHODS FOR SECURE ELECTRICAL COMMUNICATION OF BIOMETRIC PERSONAL IDENTIFICATION INFORMATION TO VALIDATE THE IDENTITY OF AN INDIVIDUAL
An apparatus for validating an identity of an individual based on biometrics includes a memory and a processor operatively coupled to a distributed database and the memory. The processor is configured to provide biometric data as an input to a predefined hash function to obtain a first biometric hash value. The processor is configured to obtain, using a first pointer to the distributed database, a signed second biometric hash value. The processor is configured to define a certification of the biometric data in response to verifying that a signature of the signed second biometric hash value is associated with the compute device and verifying that the first biometric hash value corresponds with the second biometric hash value. The processor is configured to digitally sign the certification using a private key associated with the processor to produce a signed biometric certification and store the signed biometric certification in the distributed database.
G06Q 20/40 - Authorisation, e.g. identification of payer or payee, verification of customer or shop credentialsReview and approval of payers, e.g. check of credit lines or negative lists
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/14 - Arrangements for secret or secure communicationsNetwork security protocols using a plurality of keys or algorithms
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
G06Q 20/02 - Payment architectures, schemes or protocols involving a neutral third party, e.g. certification authority, notary or trusted third party [TTP]
G06Q 20/32 - Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
G06K 19/06 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software that facilitates verifiable credentials and identity federation in the field of digital security and identity verification Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that facilitates verifiable credentials and identity federation in the field of digital security and identification; Credentialing and identity verification services, namely, authentication, issuance and validation of verifiable certificates and credentials for purposes of providing user authentication between two or more entities in the field of digital security
19.
Methods and systems for deep learning based API traffic security
The present invention relates to the field of networking and API/application security. In particular, the invention is directed towards methods, systems and computer program products for deep learning based API traffic analysis and network security. The invention provides an automated approach to threat and/or attack detection by machine learning based accumulation and/or interpretation of various API/application traffic patterns, identifying and mapping characteristics of normal traffic for each API, and thereafter identifying any deviations from the normal traffic parameter baselines, which deviations may be classified as anomalies or attacks.
Method of certification including receiving user data at a device of a certifying entity. The method includes generating a salt that is unique. The method includes hashing the data combined with the salt to create a generated hashed data. The method includes generating a certification record based on signing the generated hashed data using a private key of the certifying entity to create a signed certification of the data. The method includes hashing the certification record. The method includes transmitting the hashed certification record to a blockchain for storing. The method includes receiving a certification tx-ID of the hashed certification record. The method includes generating a certification data block including the certification record and the certification tx-ID. The method includes storing the certification data block to a side chain.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
G06Q 20/06 - Private payment circuits, e.g. involving electronic currency used only among participants of a common payment scheme
G06K 7/14 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
Downloadable computer software that facilitates identity
federation in the field of digital security and identity
verification, namely, downloadable computer software for
building mobile applications that captures facial image data
and maintains that information securely within the mobile
application; downloadable computer software that facilitates
identity federation in the field of digital security and
identity verification, namely, downloadable computer
software for building mobile applications that captures
government identification documents and maintains that
information securely within the mobile application. Software as a service (SAAS) services, namely, services for
hosting non-downloadable computer software for use by others
that facilitates identity verification and identity proofing
to establish a real person's identity based on their
biometric facial image; software as a service (SAAS)
services, namely, services for hosting non-downloadable
computer software for use by others that facilitates
identity verification and identity proofing to establish a
real person's identity based on a form of government
identification. Identity verification services, namely, providing
authentication of personal identification information,
namely, a person's verified identity; identity validation
services, namely, providing authentication of personal
identification information, namely, a person's verified
identity; identity validation, namely, providing
authentication of personal identification information via
the internet; fraud detection services in the field of
identity verification, identity verification services,
namely, providing validation of a person's verified
identity.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
Downloadable computer software that facilitates identity
federation in the field of digital security and identity
verification, namely, downloadable computer software for
building mobile applications that captures facial image data
and maintains that information securely within the mobile
application; downloadable computer software that facilitates
identity federation in the field of digital security and
identity verification, namely, downloadable computer
software for building mobile applications that captures
government identification documents and maintains that
information securely within the mobile application. Software as a service (SAAS) services, namely, services for
hosting non-downloadable computer software for use by others
that facilitates identity verification and identity proofing
to establish a real person's identity based on their
biometric facial image; software as a service (SAAS)
services, namely, services for hosting non-downloadable
computer software for use by others that facilitates
identity verification and identity proofing to establish a
real person's identity based on a form of government
identification. Identity verification services, namely, providing
authentication of personal identification information,
namely, a person's verified identity; identity validation
services, namely, providing authentication of personal
identification information, namely, a person's verified
identity; identity validation, namely, providing
authentication of personal identification information via
the internet; fraud detection services in the field of
identity verification, identity verification services,
namely, providing validation of a person's verified
identity.
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
Software as a service (SAAS) services, namely, services for
hosting non-downloadable computer software for use by others
that facilitates identity verification and identity proofing
to establish a real person's identity based on their
biometric facial image; software as a service (SAAS)
services, namely, services for hosting non-downloadable
computer software for use by others that facilitates
identity verification and identity proofing to establish a
real person's identity based on a form of government
identification. Identity verification services, namely, providing
authentication of personal identification information,
namely, a person's verified identity; identity validation
services, namely, providing authentication of personal
identification information, namely, a person's verified
identity; identity validation, namely, providing
authentication of personal identification information via
the internet; fraud detection services in the field of
identity verification, identity verification services,
namely, providing validation of a person's verified
identity.
24.
Systems, apparatus and methods for secure electrical communication of biometric personal identification information to validate the identity of an individual
An apparatus for validating an identity of an individual based on biometrics includes a memory and a processor operatively coupled to a distributed database and the memory. The processor is configured to provide biometric data as an input to a predefined hash function to obtain a first biometric hash value. The processor is configured to obtain, using a first pointer to the distributed database, a signed second biometric hash value. The processor is configured to define a certification of the biometric data in response to verifying that a signature of the signed second biometric hash value is associated with the compute device and verifying that the first biometric hash value corresponds with the second biometric hash value. The processor is configured to digitally sign the certification using a private key associated with the processor to produce a signed biometric certification and store the signed biometric certification in the distributed database.
09 - Scientific and electric apparatus and instruments
45 - Legal and security services; personal services for individuals.
Goods & Services
Downloadable computer software that facilitates identity
federation in the field of digital security and identity
verification, namely, downloadable computer software for
building mobile applications that captures facial image data
and maintains that information securely within the mobile
application; downloadable computer software that facilitates
identity federation in the field of digital security and
identity verification, namely, downloadable computer
software for building mobile applications that captures
government identification documents and maintains that
information securely within the mobile application. Identity verification services, namely, providing
authentication of personal identification information,
namely, a person's verified identity; identity validation
services, namely, providing authentication of personal
identification information, namely, a person's verified
identity; identity validation, namely, providing
authentication of personal identification information via
the internet; fraud detection services in the field of
identity verification; identity verification services,
namely, providing validation of a person's verified
identity.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
Downloadable computer software that facilitates identity
federation in the field of digital security and identity
verification, namely, downloadable computer software for
building mobile applications that captures facial image data
and maintains that information securely within the mobile
application; downloadable computer software that facilitates
identity federation in the field of digital security and
identity verification, namely, downloadable computer
software for building mobile applications that captures
government identification documents and maintains that
information securely within the mobile application. Software as a service (SaaS) services, namely, services for
hosting non-downloadable computer software for use by others
that facilitates identity verification and identity proofing
to establish a real person's identity based on their
biometric facial image; software as a service (SaaS)
services, namely, services for hosting non-downloadable
computer software for use by others that facilitates
identity verification and identity proofing to establish a
real person's identity based on a form of government
identification. Identity verification services, namely, providing
authentication of personal identification information,
namely, a person's verified identity; identity validation
services, namely, providing authentication of personal
identification information, namely, a person's verified
identity; identity validation, namely, providing
authentication of personal identification information via
the internet; fraud detection services in the field of
identity verification; identity verification services,
namely, providing validation of a person's verified
identity.
27.
Methods and apparatus for analyzing sequences of application programming interface traffic to identify potential malicious actions
In some embodiments, a method includes receiving, at a processor of a server, a first application programming interface (API) call from a client device and providing an indication associated with the first API call as an input to a machine learning model such that the machine learning model identifies a set of parameters associated with a set of likely subsequent API calls. The method can further include receiving a second API call from the client device, identifying the second API call as an anomalous API call based on the second API call not meeting the set of parameters associated with the set of likely subsequent API calls, and sending a signal to perform a remedial action based on the identifying.
H04L 41/16 - Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using machine learning or artificial intelligence
A method for recovering data. The method including collecting identity factors at a user device, wherein hashes of the identity factors are configured to be stored at a server. The method including generating at the user device a dynamic password based on the identity factors and a Salt configured to be generated by the server and configured to be delivered to the user device. The method including generating at the user device a data key and encrypting the data key using the dynamic password to generate an encrypted data key configured to be stored at the server. The method including encrypting at the user device data items using the data key to generate encrypted data items configured to be stored at the server. As such, the data items are recoverable by presenting the identity factors to the server.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
Downloadable computer software that facilitates identity
federation in the field of digital security and identity
verification that is used to build mobile applications that
capture facial image and government identification document
(s) and maintains that information securely within the
mobile application; downloadable computer software that
facilitates identity verification that captures personal
validation information related to health records, namely,
immunization and vaccination status, educational status and
degree credentials, personal and real property ownership
credentials, namely, deeds of ownership, insurance and
employment information and status, and third party verified
information about a user. Software as a service (SAAS) services, namely, hosting
non-downloadable computer software for use by others that
facilitates identity verification and proofing to establish
a real person's identity based on their biometric facial
image and a government identification; software as a service
(SAAS) services, namely, hosting non-downloadable computer
software for use by others that that facilitates identity
verification that captures personal validation information
related to health records, namely, immunization and
vaccination status, educational status and degree
credentials, personal and real property ownership
credentials, namely, deeds of ownership, insurance and
employment information and status, and third party verified
information about a user. Identity verification services, namely, providing validation
of one's proof of verified identity between two or more
entities in the field of digital security (terms too vague
in the opinion of the International Bureau – Rule 13 (2) (b)
of the Regulations); identity verification services, namely,
providing validation of one's proof of verified identity,
namely, personal validation information related to health
records and immunization and vaccination status, educational
status and degree credentials, personal and real property
ownership credentials, namely, deeds of ownership, insurance
and employment information and status, and third party
verified information about a user.
30.
Method and system for authenticated login using static or dynamic codes
Method of authentication including sending a login web page to a first device of a user including a scannable code having an envelope ID and a login challenge. The envelope ID generated by an identity manager is associated with a first envelope of data including a session ID. A confirmation login request is received from a second device associated with the user, and includes a second envelope of data comprising the session ID, a user ID, and a seal of the user ID registering the user ID with the identity manager. The confirmation login request to the login challenge is verified using the session ID, and the user is verified using the user ID and seal. User login is authorized upon successful verification of the login challenge and user, and a communication session having the session ID is established between the web server and the first device.
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
31.
Methods and systems for API deception environment and API traffic control and security
The present invention relates to the field of networking and API/application security. In particular, the invention is directed towards methods, systems and computer program products for Application Programming Interface (API) based flow control and API based security at the application layer of the networking protocol stack. The invention additionally provides an API deception environment to protect a server backend from threats, attacks and unauthorized access.
A method for login, including making a login request to an entity through a federation server that generates a session identifier. A QR code is sent to the federation server to receive the session identifier. A secure envelope including user personal information is sent to the federation server to verify user registration with the federation server. A login token generated by the federation server is received and is associated with a smart contract generated by the federation server and stored on a blockchain. The login token is signed using user private key and sent to the blockchain for inclusion in the smart contract. A transaction identifier is received from the blockchain, and is sent to the federation server that generates a session record based on the login token. The federation server sends user verification to the entity to authorize a communication session between the user device and the entity.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
33.
Methods and systems for creating and recovering accounts using dynamic passwords
A method for recovering data. Identity factors are collected at a device, wherein hashes of the identity factors are configured to be stored at a server. A dynamic password is generated at the device based on the identity factors and a Salt generated by the server and configured to be delivered to the device. A selfie is captured of a user. The device generates a symmetric key used to encrypt the selfie. The symmetric key is encrypted using the dynamic password. The encrypted symmetric key and the encrypted selfie are stored on the server. One or more data items are stored on the server. The dynamic password is recoverable by presenting the plurality of identity factors that are hashed to the server. The symmetric key is recoverable using the recovered dynamic password. The data items are recoverable by presenting the symmetric key and a second selfie of the user.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software that facilitates identity federation in the field of digital security and identity verification, namely, downloadable computer software for building mobile applications that captures facial image data and maintains that information securely within the mobile application; Downloadable computer software that facilitates identity federation in the field of digital security and identity verification, namely, downloadable computer software for building mobile applications that captures government identification documents and maintains that information securely within the mobile application Computer security services, namely, restricting unauthorized access to web, mobile and application programmable interfaces (API) by providing authentication of personal identification information; cybersecurity services in the nature of restricting unauthorized access to computer systems by verifying identity
42 - Scientific, technological and industrial services, research and design
Goods & Services
Software as a service (SAAS) services, namely, services for hosting non-downloadable computer software for use by others that facilitates identity verification and identity proofing to establish a real person's identity based on their biometric facial image; Software as a service (SAAS) services, namely, services for hosting non-downloadable computer software for use by others that facilitates identity verification and identity proofing to establish a real person's identity based on a form of government identification; Identity verification services, namely, providing authentication of personal identification information, namely, a person's verified identity in order to protect data stored on computers from unauthorized access; identity validation services, namely, providing authentication of personal identification information, namely, a person's verified identity for the purposes of protecting data stored on computers from unauthorized access; identity validation for the purposes of protecting data from unauthorized access, namely, providing authentication of personal identification information via the internet; computer fraud detection services in the field of identity verification to protect data stored on computers from unauthorized access; Identity verification services, namely, providing validation of a person's verified identity in order to protect data stored on computers from unauthorized access; computer security services, namely, restricting unauthorized access to web, mobile and application programmable interfaces (API) by providing authentication of personal identification information; cybersecurity services in the nature of restricting unauthorized access to computer systems by verifying identity
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software that facilitates identity federation in the field of digital security and identity verification, namely,
downloadable computer software for building mobile applications that captures facial image data and maintains that information
securely within the mobile application; Downloadable computer software that facilitates identity federation in the field of digital
security and identity verification, namely, downloadable computer software for building mobile applications that captures
government identification documents and maintains that information securely within the mobile application, none of the foregoing
relating to the provision of legal services, in particular, professional intellectual property legal services Software as a service (SAAS) services, namely, services for hosting non-downloadable computer software for use by others that
facilitates identity verification and identity proofing to establish a real person's identity based on their biometric facial image;
Software as a service (SAAS) services, namely, services for hosting non-downloadable computer software for use by others that
facilitates identity verification and identity proofing to establish a real person's identity based on a form of government
identification; Identity verification services, namely, providing authentication of personal identification information, namely, a
person's verified identity in order to protect data stored on computers, including cloud-based environments, from unauthorized
access; identity validation services, namely, providing authentication of personal identification information, namely, a person's
verified identity for the purposes of protecting data stored on computers, including cloud-based environments, from unauthorized
access; identity validation for the purposes of protecting data from unauthorized access, namely, providing authentication of
personal identification information via the internet; computer fraud detection services in the field of identity verification to protect
data stored on computers, including cloud-based environments, from unauthorized access; Identity verification services, namely,
providing validation of a person's verified identity in order to protect data stored on computers, including cloud-based
environments, from unauthorized access; computer security services, namely, restricting unauthorized access to web, mobile and
application programmable interfaces (API) by providing authentication of personal identification information; cybersecurity services
in the nature of restricting unauthorized access to computer systems by verifying identity, none of the foregoing relating to the
provision of legal services, in particular, professional intellectual property legal services
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software that facilitates identity federation in the field of digital security and identity verification, namely, downloadable computer software for building mobile applications that captures facial image data and maintains that information securely within the mobile application; Downloadable computer software that facilitates identity federation in the field of digital security and identity verification, namely, downloadable computer software for building mobile applications that captures government identification documents and maintains that information securely within the mobile application Software as a service (SAAS) services, namely, services for hosting non-downloadable computer software for use by others that facilitates identity verification and identity proofing to establish a real person's identity based on their biometric facial image; Software as a service (SAAS) services, namely, services for hosting non-downloadable computer software for use by others that facilitates identity verification and identity proofing to establish a real person's identity based on a form of government identification; Identity verification services, namely, providing authentication of personal identification information, namely, a person's verified identity in order to protect data stored on computers, including cloud-based environments, from unauthorized access; identity validation services, namely, providing authentication of personal identification information, namely, a person's verified identity for the purposes of protecting data stored on computers, including cloud-based environments, from unauthorized access; identity validation for the purposes of protecting data from unauthorized access, namely, providing authentication of personal identification information via the internet; computer fraud detection services in the field of identity verification to protect data stored on computers, including cloud-based environments, from unauthorized access; Identity verification services, namely, providing validation of a person's verified identity in order to protect data stored on computers, including cloud-based environments, from unauthorized access; computer security services, namely, restricting unauthorized access to web, mobile and application programmable interfaces (API) by providing authentication of personal identification information; cybersecurity services in the nature of restricting unauthorized access to computer systems by verifying identity.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software that facilitates identity federation in the field of digital security and identity verification, namely, downloadable computer software for building mobile applications that captures facial image data and maintains that information securely within the mobile application; Downloadable computer software that facilitates identity federation in the field of digital security and identity verification, namely, downloadable computer software for building mobile applications that captures government identification documents and maintains that information securely within the mobile application Software as a service (SAAS) services, namely, services for hosting non-downloadable computer software for use by others that facilitates identity verification and identity proofing to establish a real person's identity based on their biometric facial image; Software as a service (SAAS) services, namely, services for hosting non-downloadable computer software for use by others that facilitates identity verification and identity proofing to establish a real person's identity based on a form of government identification; Identity verification services, namely, providing authentication of personal identification information, namely, a person's verified identity in order to protect data stored on computers, including cloud-based environments, from unauthorized access; identity validation services, namely, providing authentication of personal identification information, namely, a person's verified identity for the purposes of protecting data stored on computers, including cloud-based environments, from unauthorized access; identity validation for the purposes of protecting data from unauthorized access, namely, providing authentication of personal identification information via the internet; computer fraud detection services in the field of identity verification to protect data stored on computers, including cloud-based environments, from unauthorized access; Identity verification services, namely, providing validation of a person's verified identity in order to protect data stored on computers, including cloud-based environments, from unauthorized access; computer security services, namely, restricting unauthorized access to web, mobile and application programmable interfaces (API) by providing authentication of personal identification information; cybersecurity services in the nature of restricting unauthorized access to computer systems by verifying identity.
The invention enables high-availability, high-scale, high security and disaster recovery for API computing, including in terms of capture of data traffic passing through proxies, routing communications between clients and servers, and load balancing and/or forwarding functions. The invention inter alia provides (i) a scalable cluster of proxies configured to route communications between clients and servers, without any single point of failure, (ii) proxy nodes configured for implementing the scalable cluster (iii) efficient methods of configuring the proxy cluster, (iv) natural resiliency of clusters and/or proxy nodes within a cluster, (v) methods for scaling of clusters, (vi) configurability of clusters to span multiple servers, multiple racks and multiple datacenters, thereby ensuring high availability and disaster recovery (vii) switching between proxies or between servers without loss of session.
H04L 67/1095 - Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
H04L 67/12 - Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
H04L 67/145 - Termination or inactivation of sessions, e.g. event-controlled end of session avoiding end of session, e.g. keep-alive, heartbeats, resumption message or wake-up for inactive or interrupted session
H04L 69/40 - Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass for recovering from a failure of a protocol instance or entity, e.g. service redundancy protocols, protocol state redundancy or protocol service redirection
H04L 67/60 - Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
H04L 67/1014 - Server selection for load balancing based on the content of a request
H04L 41/0893 - Assignment of logical groups to network elements
A method of confirming receipt, including iteratively capturing by a receiving device visual codes in a series of visual codes displayed on a sending device. A corresponding captured visual code being from a display block that resulted from a partition of an original data file into display blocks, and wherein each display block is converted to a corresponding string and header including an ordered identifying display block number and a total count of the display blocks. Each corresponding string is converted to a corresponding visual code. Each of the captured visual codes is converted into a corresponding string and a header is read for the corresponding string. Captured display blocks are determined. A confirmation message is generated including information indicating which display blocks have been received. The confirmation message is sent over a wireless communication link to the sending device to reduce the number of visual codes being displayed.
G06K 7/14 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
G06K 9/00 - Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
G09C 5/00 - Ciphering or deciphering apparatus or methods not provided for in other groups of this subclass, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
41 - Education, entertainment, sporting and cultural services
Goods & Services
Educational services, namely, conducting seminars,
conference and workshops in the fields of security and
identity management; training services in the field of
security and identity management; Arranging and conducting
educational conferences in the field of security and
identity management.
41 - Education, entertainment, sporting and cultural services
Goods & Services
Educational services, namely, conducting seminars,
conference and workshops in the fields of security and
identity management; training services in the field of
security and identity management; arranging and conducting
educational conferences in the field of security and
identity management.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
Downloadable computer software that facilitates identity
federation in the field of digital security and identity
verification that is used to build mobile applications that
capture facial image and government identification document
(s) and maintains that information securely within the
mobile application; downloadable computer software that
facilitates identity verification that captures personal
validation information related to health records, namely,
immunization and vaccination status, educational status and
degree credentials, personal and real property ownership
credentials, namely, deeds of ownership, insurance and
employment information and status, and third party verified
information about a user. Software as a service (SAAS) services, namely, hosting
non-downloadable computer software for use by others that
facilitates identity verification and proofing to establish
a real person's identity based on their biometric facial
image and a government identification; software as a service
(SAAS) services, namely, hosting non-downloadable computer
software for use by others that facilitates identity
verification that captures personal validation information
related to health records, namely, immunization and
vaccination status, educational status and degree
credentials, personal and real property ownership
credentials, namely, deeds of ownership, insurance and
employment information and status, and third party verified
information about a user. Identity verification services, namely, providing validation
of one's proof of verified identity between two or more
entities in the field of digital security; identity
verification services, namely, providing validation of one's
proof of verified identity, namely, personal validation
information related to health records and immunization and
vaccination status, educational status and degree
credentials, personal and real property ownership
credentials, namely, deeds of ownership, insurance and
employment information and status, and third party verified
information about a user.
41 - Education, entertainment, sporting and cultural services
Goods & Services
(1) Educational services, namely, conducting seminars, conference and workshops in the fields of security and identity management; training services in the field of security and identity management; arranging and conducting educational conferences in the field of security and identity management.
41 - Education, entertainment, sporting and cultural services
Goods & Services
(1) Educational services, namely, conducting seminars, conference and workshops in the fields of security and identity management; training services in the field of security and identity management; Arranging and conducting educational conferences in the field of security and identity management.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
(1) Downloadable computer software that facilitates identity federation in the field of digital security and identity verification that is used to build mobile applications that capture facial image and government identification document (s) and maintains that information securely within the mobile application; downloadable computer software that facilitates identity verification that captures personal validation information related to health records, namely, immunization and vaccination status, educational status and degree credentials, personal and real property ownership credentials, namely, deeds of ownership, insurance and employment information and status, and third party verified information about a user.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
(1) Downloadable computer software that facilitates identity federation in the field of digital security and identity verification that is used to build mobile applications that capture facial image and government identification document (s) and maintains that information securely within the mobile application; downloadable computer software that facilitates identity verification that captures personal validation information related to health records, namely, immunization and vaccination status, educational status and degree credentials, personal and real property ownership credentials, namely, deeds of ownership, insurance and employment information and status, and third party verified information about a user. (1) Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that facilitates identity verification and proofing to establish a real person's identity based on their biometric facial image and a government identification; software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that that facilitates identity verification that captures personal validation information related to health records, namely, immunization and vaccination status, educational status and degree credentials, personal and real property ownership credentials, namely, deeds of ownership, insurance and employment information and status, and third party verified information about a user.
(2) Identity verification services, namely, providing validation of one's proof of verified identity between two or more entities in the field of digital security; identity verification services, namely, providing validation of one's proof of verified identity, namely, personal validation information related to health records and immunization and vaccination status, educational status and degree credentials, personal and real property ownership credentials, namely, deeds of ownership, insurance and employment information and status, and third party verified information about a user.
48.
Transferring data files using a series of visual codes
Software on an image-capturing device iteratively captures a visual code in a series of visual codes displayed in a repeating progression on a screen of a mobile device. The visual code was generated from a display block that resulted from a partition of an original data file into a series of display blocks of at least a specified size. The software converts the visual code back into a display block and reads a header for the display block, discarding the display block if it has already been captured, as determined by the ordered identifying block number in a header. The software stops the iterative capturing when all of the display blocks in the series have been captured, as determined by the count in the header and coalesces the captured display blocks into the original data file, using an order determined by the ordered identifying block numbers.
G06F 17/00 - Digital computing or data processing equipment or methods, specially adapted for specific functions
G06K 7/10 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation
G06K 7/14 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
G06K 19/06 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/14 - Arrangements for secret or secure communicationsNetwork security protocols using a plurality of keys or algorithms
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
G09C 5/00 - Ciphering or deciphering apparatus or methods not provided for in other groups of this subclass, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages
41 - Education, entertainment, sporting and cultural services
Goods & Services
Educational services, namely, conducting seminars, conference and workshops in the fields of security and identity management; training services in the field of security and identity management; Arranging and conducting educational conferences in the field of security and identity management
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
Downloadable computer software that facilitates identity
federation in the field of digital security and identity
verification, namely, downloadable computer software for
building mobile applications that captures facial image data
and maintains that information securely within the mobile
application; downloadable computer software that facilitates
identity federation in the field of digital security and
identity verification, namely, downloadable computer
software for building mobile applications that captures
government identification documents and maintains that
information securely within the mobile application. Software as a service (SAAS) services, namely, services for
hosting non-downloadable computer software for use by others
that facilitates identity verification and identity proofing
to establish a real person's identity based on their
biometric facial image; software as a service (SAAS)
services, namely, services for hosting non-downloadable
computer software for use by others that facilitates
identity verification and identity proofing to establish a
real person's identity based on a form of government
identification. Identity verification services, namely, providing validation
of a person's verified identity.
41 - Education, entertainment, sporting and cultural services
Goods & Services
Educational services, namely, conducting seminars, conference and workshops in the fields of security and identity management; training services in the field of security and identity management; Arranging and conducting educational conferences in the field of security and identity management
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
(1) Software as a service (SAAS) services, namely, services for hosting non-downloadable computer software for use by others that facilitates identity verification and identity proofing to establish a real person's identity based on their biometric facial image; software as a service (SAAS) services, namely, services for hosting non-downloadable computer software for use by others that facilitates identity verification and identity proofing to establish a real person's identity based on a form of government identification.
(2) Identity verification services, namely, providing authentication of personal identification information, namely, a person's verified identity; identity validation services, namely, providing authentication of personal identification information, namely, a person's verified identity; identity validation, namely, providing authentication of personal identification information via the internet; fraud detection services in the field of identity verification, namely validating a person's identity based on their biometric facial image and providing validation of a person's verified identity based on a form of government identification; identity verification services, namely, providing validation of a person's verified identity based on their biometric facial image and providing validation of a person's verified identity based on a form of government identification.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
Downloadable computer software that facilitates identity federation in the field of digital security and identity verification that is used to build mobile applications that capture facial image and government identification document(s) and maintains that information securely within the mobile application; Downloadable computer software that facilitates identity verification that captures personal validation information related to health records, namely, immunization and vaccination status, educational status and degree credentials, personal and real property ownership credentials, namely, deeds of ownership, insurance and employment information and status, and third party verified information about a user Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that facilitates identity verification and proofing to establish a real person's identity based on their biometric facial image and a government identification; Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that that facilitates identity verification that captures personal validation information related to health records, namely, immunization and vaccination status, educational status and degree credentials, personal and real property ownership credentials, namely, deeds of ownership, insurance and employment information and status, and third party verified information about a user Identity verification services, namely, providing validation of one's proof of verified identity between two or more entities in the field of digital security; Identity verification services, namely, providing validation of one's proof of verified identity, namely, personal validation information related to health records and immunization and vaccination status, educational status and degree credentials, personal and real property ownership credentials, namely, deeds of ownership, insurance and employment information and status, and third party verified information about a user
09 - Scientific and electric apparatus and instruments
Goods & Services
Downloadable computer software that facilitates identity federation in the field of digital security and identity verification that is used to build mobile applications that capture facial image and government identification document(s) and maintains that information securely within the mobile application; Downloadable computer software that facilitates identity verification that captures personal validation information related to health records, namely, immunization and vaccination status, educational status and degree credentials, personal and real property ownership credentials, namely, deeds of ownership, insurance and employment information and status, and third party verified information about a user
55.
Methods and apparatus for analyzing sequences of application programming interface traffic to identify potential malicious actions
In some embodiments, a method includes receiving, at a processor of a server, a first application programming interface (API) call from a client device and providing an indication associated with the first API call as an input to a machine learning model such that the machine learning model identifies a set of parameters associated with a set of likely subsequent API calls. The method can further include receiving a second API call from the client device, identifying the second API call as an anomalous API call based on the second API call not meeting the set of parameters associated with the set of likely subsequent API calls, and sending a signal to perform a remedial action based on the identifying.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04L 41/16 - Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using machine learning or artificial intelligence
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
Software as a service (SAAS) services, namely, services for hosting non-downloadable computer software for use by others that facilitates identity verification and identity proofing to establish a real person's identity based on their biometric facial image; Software as a service (SAAS) services, namely, services for hosting non-downloadable computer software for use by others that facilitates identity verification and identity proofing to establish a real person's identity based on a form of government identification Identity verification services, namely, providing authentication of personal identification information, namely, a person's verified identity; identity validation services, namely, providing authentication of personal identification information, namely, a person's verified identity; identity validation, namely, providing authentication of personal identification information via the internet; fraud detection services in the field of identity verification Identity verification services, namely, providing validation of a person's verified identity
57.
Methods and systems for API proxy based adaptive security
The invention concerns API proxy based adaptive security. The invention implements adaptive security for API servers, while avoiding data bottlenecks and maintaining client experience. The invention provides methods and configurations for API security that may be employed at proxies for implementing routing decisions involving client messages received at said proxies. The invention also involves generating or collecting at proxies, log information that captures data corresponding to received client messages and responses from API servers—which log information correlates communications between clients, proxies and backend API servers, and includes data relevant for purposes generating API metrics and identifying anomalies and/or indicators of compromise. The invention yet further provides security server clusters configured for generating API metrics and/or identify anomalies or indicators of compromise—which may be used by proxies to terminate existing connections and block subsequent requests or messages from clients associated with the identified anomalies or indicators of compromise.
H04L 67/1095 - Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
H04L 67/12 - Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
H04L 67/145 - Termination or inactivation of sessions, e.g. event-controlled end of session avoiding end of session, e.g. keep-alive, heartbeats, resumption message or wake-up for inactive or interrupted session
H04L 69/40 - Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass for recovering from a failure of a protocol instance or entity, e.g. service redundancy protocols, protocol state redundancy or protocol service redirection
H04L 67/60 - Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
H04L 67/1014 - Server selection for load balancing based on the content of a request
H04L 41/0893 - Assignment of logical groups to network elements
09 - Scientific and electric apparatus and instruments
41 - Education, entertainment, sporting and cultural services
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software that facilitates identity
federation; multi-factor and strong authentication (terms
too vague in the opinion of the International Bureau – Rule
13 (2) (b) of the Regulations); access control for web,
mobile and application programmable interface (API) all of
the foregoing in the field of authorization policy services
(terms too vague in the opinion of the International Bureau
– Rule 13 (2) (b) of the Regulations); directory, identity
provisioning and identity administration services (terms too
vague in the opinion of the International Bureau – Rule 13
(2) (b) of the Regulations); identity services auditing and
reporting (terms too vague in the opinion of the
International Bureau – Rule 13 (2) (b) of the Regulations);
and other identity and access management services in the
field of digital security and identity verification (terms
too vague in the opinion of the International Bureau – Rule
13 (2) (b) of the Regulations); software for API traffic
security; software for API activity monitoring and attack
detection and reporting; security software for data,
applications, and computer systems accessed via API or other
programmatic methods; software for reporting programmatic
interface traffic activity; software for reporting API
traffic activity; software for computer network security;
software for cloud-based computer security; software for
monitoring computer networks; software for detecting
computer network intrusion; software for monitoring and
maintaining network security; computer software for use in
the safeguarding of network data or network services;
computer software for detecting security threat; computer
software for analyzing attacker behavior within computer
networks; computer software for discovering, documenting,
and analyzing attacker tools and methods; computer software
for exporting computer security threat information and for
creating attack signatures to safeguard computer networks;
software for firewall protection in computer networks,
monitoring incoming and outgoing data carried by a computer
network, detecting and reporting computer network
intrusions, and computer network security management;
software for securing API traffic across hybrid clouds;
software for protecting computers and network services from
attack; computer, network, and telecommunications software
for providing active protection for network servers and
network adapters by detecting packet content, detecting
network traffic, recording packet content or network
traffic, capturing packet content or network traffic,
monitoring packet content or network traffic, filtering
packet content or network traffic, attack blocking, namely,
blocking or rate limiting network traffic, event management
and reporting; software for creating, centrally managing,
maintaining, and executing firewall filters, content
filters, and access control; software for implementing
network packet. Educational services, namely, conducting seminars,
conference and workshops in the fields of security and
identity management; training services in the field of
security and identity management; arranging and conducting
educational conferences; arranging, organizing and
conducting collaborative meetings in the field of enterprise
security solutions, namely, identity and access security,
authentication services, directory services, enterprise
mobility management, cloud governance and threat and fraud
detection. Software as a service (SAAS) services, namely, hosting
non-downloadable computer software for use by others that
facilitates identity federation, multi-factor and strong
authentication of computer users and identity verification
protocols, and access control for web, mobile and
application programmable interfaces (API); identity (terms
too vague in the opinion of the International Bureau – Rule
13 (2) (b) of the Regulations); software as a service (SAAS)
services, namely, hosting non-downloadable computer software
for use by others that provides a self-service portal for
application owners and developers to centrally manage
policies across all products, create policy templates, and
manage the configuration of applications.
59.
Methods and systems for deep learning based API traffic security
The present invention relates to the field of networking and API/application security. In particular, the invention is directed towards methods, systems and computer program products for deep learning based API traffic analysis and network security. The invention provides an automated approach to threat and/or attack detection by machine learning based accumulation and/or interpretation of various API/application traffic patterns, identifying and mapping characteristics of normal traffic for each API, and thereafter identifying any deviations from the normal traffic parameter baselines, which deviations may be classified as anomalies or attacks.
A method of replicating changes to a dataset includes receiving from a client a request for an operation on the dataset, dynamically selecting from a plurality of replication assurance policies a selected replication assurance policy for the operation, the selected replication assurance policy determining a selected assurance level, wherein the selection is based on at least one of an operation criteria or a connection criteria, submitting, to a first replica of the dataset, a command comprising the operation, and reporting to the client the result of the operation according to the selected assurance level.
G06F 16/27 - Replication, distribution or synchronisation of data between databases or within a distributed database systemDistributed database system architectures therefor
G06F 16/28 - Databases characterised by their database models, e.g. relational or object models
61.
Large data transfer using visual codes with feedback confirmation
A method of confirming receipt, including iteratively capturing by a receiving device visual codes in a series of visual codes displayed on a sending device. A corresponding captured visual code being from a display block that resulted from a partition of an original data file into display blocks, and wherein each display block is converted to a corresponding string and header including an ordered identifying display block number and a total count of the display blocks. Each corresponding string is converted to a corresponding visual code. Each of the captured visual codes is converted into a corresponding string and a header is read for the corresponding string. Captured display blocks are determined. A confirmation message is generated including information indicating which display blocks have been received. The confirmation message is sent over a wireless communication link to the sending device to reduce the number of visual codes being displayed.
G06K 7/10 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation
G06K 19/06 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
G06K 7/14 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
G09C 5/00 - Ciphering or deciphering apparatus or methods not provided for in other groups of this subclass, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages
62.
Electronic identification verification methods and systems with storage of certification records to a side chain
Method of certification including receiving user data at a device of a certifying entity. The method includes generating a salt that is unique. The method includes hashing the data combined with the salt to create a generated hashed data. The method includes generating a certification record based on signing the generated hashed data using a private key of the certifying entity to create a signed certification of the data. The method includes hashing the certification record. The method includes transmitting the hashed certification record to a blockchain for storing. The method includes receiving a certification tx-ID of the hashed certification record. The method includes generating a certification data block including the certification record and the certification tx-ID. The method includes storing the certification data block to a side chain.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
G06Q 20/06 - Private payment circuits, e.g. involving electronic currency used only among participants of a common payment scheme
G06K 7/14 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software that facilitates identity
federation; software for API traffic security; software for
API activity monitoring and attack detection and reporting;
security software for data, applications, and computer
systems accessed via API or other programmatic methods;
software for reporting programmatic interface traffic
activity; software for reporting API traffic activity;
software for computer network security; software for
cloud-based computer security; software for monitoring
computer networks; software for detecting computer network
intrusion; software for monitoring and maintaining network
security; computer software for use in the safeguarding of
network data or network services; computer software for
detecting security threat; computer software for analyzing
attacker behavior within computer networks; computer
software for discovering, documenting, and analyzing
attacker tools and methods; computer software for exporting
computer security threat information and for creating attack
signatures to safeguard computer networks; software for
firewall protection in computer networks, monitoring
incoming and outgoing data carried by a computer network,
detecting and reporting computer network intrusions, and
computer network security management; software for securing
API traffic across hybrid clouds; software for protecting
computers and network services from attack; computer,
network, and telecommunications software for providing
active protection for network servers and network adapters
by detecting packet content, detecting network traffic,
recording packet content or network traffic, capturing
packet content or network traffic, monitoring packet content
or network traffic, filtering packet content or network
traffic, attack blocking, namely, blocking or rate limiting
network traffic, event management and reporting; software
for creating, centrally managing, maintaining, and executing
firewall filters, content filters, and access control;
software for implementing network packet brokers, intrusion
prevention systems and network load balancers; software for
monitoring, analyzing or reporting of network information,
data, and traffic. Software as a service (SAAS) services, namely, hosting
non-downloadable computer software for use by others that
facilitates identity federation, multi-factor and strong
authentication of computer users and identity verification
protocols, and access control for web, mobile and
application programmable interfaces (API); identity
verification services, namely, providing user authentication
between two or more entities using digital certificates,
multi factor authentication and strong identification
protocols in the field of digital security for allowing user
access to web, mobile and application programmable
interfaces (API); user authentication, identification and
monitoring services, namely multi-factor and strong
authentication, access control for web, mobile and
application programmable interface (API) all of the
foregoing in the field of authorization policy services;
user authentication, identification and monitoring services,
namely identity provisioning and administration services,
identity services auditing and reporting and other identity
and access management services in the field of digital
security and identity verification.
64.
Methods and systems for API deception environment and API traffic control and security
The present invention relates to the field of networking and API/application security. In particular, the invention is directed towards methods, systems and computer program products for Application Programming Interface (API) based flow control and API based security at the application layer of the networking protocol stack. The invention additionally provides an API deception environment to protect a server backend from threats, attacks and unauthorized access.
The invention enables high-availability, high-scale, high security and disaster recovery for API computing, including in terms of capture of data traffic passing through proxies, routing communications between clients and servers, and load balancing and/or forwarding functions. The invention inter alia provides (i) a scalable cluster of proxies configured to route communications between clients and servers, without any single point of failure, (ii) proxy nodes configured for implementing the scalable cluster (iii) efficient methods of configuring the proxy cluster, (iv) natural resiliency of clusters and/or proxy nodes within a cluster, (v) methods for scaling of clusters, (vi) configurability of clusters to span multiple servers, multiple racks and multiple datacenters, thereby ensuring high availability and disaster recovery (vii) switching between proxies or between servers without loss of session.
A method for login, including making a login request to an entity through a federation server that generates a session identifier. A QR code is sent to the federation server to receive the session identifier. A secure envelope including user personal information is sent to the federation server to verify user registration with the federation server. A login token generated by the federation server is received and is associated with a smart contract generated by the federation server and stored on a blockchain. The login token is signed using user private key and sent to the blockchain for inclusion in the smart contract. A transaction identifier is received from the blockchain, and is sent to the federation server that generates a session record based on the login token. The federation server sends user verification to the entity to authorize a communication session between the user device and the entity.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
67.
Methods and systems for creating and recovering accounts using dynamic passwords
A method for recovering data. Identity factors are collected at a device, wherein hashes of the identity factors are configured to be stored at a server. A dynamic password is generated at the device based on the identity factors and a Salt generated by the server and configured to be delivered to the device. A selfie is captured of a user. The device generates a symmetric key used to encrypt the selfie. The symmetric key is encrypted using the dynamic password. The encrypted symmetric key and the encrypted selfie are stored on the server. One or more data items are stored on the server. The dynamic password is recoverable by presenting the plurality of identity factors that are hashed to the server. The symmetric key is recoverable using the recovered dynamic password. The data items are recoverable by presenting the symmetric key and a second selfie of the user.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
(1) Downloadable computer software that facilitates identity federation, facilitates multi-factor and strong authentication, facilitates access control for web, mobile and application programmable interface (API) all of the foregoing in the field of authorization policy services; downloadable computer software that facilitates directory, identity provisioning and identity administration services, facilitates identity services auditing and reporting, and facilitates multi-factor authentication and strong authentication in the field of digital security and identity verification; downloadable software for API traffic security; downloadable software for API activity monitoring and attack detection and reporting; downloadable digital security software for secure transmission of user generated data, software applications, and computer systems accessed via application programmable interface (API) or the Internet; software for reporting programmatic interface traffic activity; downloadable software for reporting API traffic activity; downloadable software for computer network security; downloadable software for cloud-based computer security; downloadable software for monitoring computer networks; downloadable software for detecting computer network intrusion; downloadable software for monitoring and maintaining network security; downloadable computer software for use in the safeguarding of network data or network services; downloadable computer software for detecting security threat; downloadable computer software for analyzing attacker behavior within computer networks; downloadable computer software for discovering, documenting, and analyzing attacker tools and methods; downloadable computer software for exporting computer security threat information and for creating attack signatures to safeguard computer networks; downloadable software for firewall protection in computer networks, monitoring incoming and outgoing data carried by a computer network, detecting and reporting computer network intrusions, and computer network security management; downloadable software for securing API traffic across hybrid clouds; downloadable software for protecting computers and computer network services from cyber attack; downloadable computer, network, and telecommunications software for providing active protection for network servers and network adapters by detecting packet content, detecting network traffic, recording packet content or network traffic, capturing packet content or network traffic, monitoring packet content or network traffic, filtering packet content or network traffic, attack blocking, namely, blocking or rate limiting network traffic, event management and reporting; downloadable software for creating, centrally managing, maintaining, and executing firewall protection filters, content filters, and controlling access to computer networks; downloadable software for filtering network packet brokers, intrusion prevention systems and network load balancers; downloadable software for monitoring, analyzing and reporting of computer network security, user generated data, and computer network traffic in the field of digital security and identity verification. (1) Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that facilitates identity federation, multi-factor and strong authentication of computer users and identity verification protocols, and access control for web, mobile and application programmable interfaces (API); identity verification services, namely, providing user authentication between two or more entities using digital certificates, multi factor authentication and strong identification protocols in the field of digital security for allowing user access to web, mobile and application programmable interfaces (API).
09 - Scientific and electric apparatus and instruments
Goods & Services
Downloadable computer software that facilitates identity federation, multi-factor and strong authentication, access control for web, mobile and application programmable interface (API), all of the foregoing in the field of authorization policy services, directory, identity provisioning and identity administration services, identity services auditing and reporting, and other identity and access management services in the field of digital security and identity verification; downloadable software for API traffic security; downloadable software for API activity monitoring and attack detection and reporting; downloadable security software for data, applications, and computer systems accessed via API or other programmatic methods; software for reporting programmatic interface traffic activity; software for reporting API traffic activity; downloadable software for computer network security; downloadable software for cloud-based computer security; downloadable software for monitoring computer networks; downloadable software for detecting computer network intrusion; downloadable software for monitoring and maintaining network security; downloadable computer software for use in the safeguarding of network data or network services; downloadable computer software for detecting security threat; downloadable computer software for analyzing attacker behavior within computer networks; downloadable computer software for discovering, documenting, and analyzing attacker tools and methods; downloadable computer software for exporting computer security threat information and for creating attack signatures to safeguard computer networks; downloadable software for firewall protection in computer networks, monitoring incoming and outgoing data carried by a computer network, detecting and reporting computer network intrusions, and computer network security management; software for securing API traffic across hybrid clouds; downloadable software for protecting computers and network services from attack; downloadable computer, network, and telecommunications software for providing active protection for network servers and network adapters by detecting packet content, detecting network traffic, recording packet content or network traffic, capturing packet content or network traffic, monitoring packet content or network traffic, filtering packet content or network traffic, attack blocking, namely, blocking or rate limiting network traffic, event management and reporting; downloadable software for creating, centrally managing, maintaining, and executing firewall filters, content filters, and access control; downloadable software for implementing network packet
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software that facilitates identity
federation, multi-factor and strong authentication and
access control for web, mobile and application programmable
interface (API), all of the foregoing in the field of
authorization policy services, directory, identity
provisioning and identity administration services, identity
services auditing and reporting, and other identity and
access management services in the field of digital security
and identity verification; software for API traffic
security; software for API activity monitoring and attack
detection and reporting; security software for data,
applications, and computer systems accessed via API or other
programmatic methods; software for reporting programmatic
interface traffic activity; software for reporting API
traffic activity; software for computer network security;
software for cloud-based computer security; software for
monitoring computer networks; software for detecting
computer network intrusion; software for monitoring and
maintaining network security; computer software for use in
the safeguarding of network data or network services;
computer software for detecting security threat; computer
software for analyzing attacker behavior within computer
networks; computer software for discovering, documenting,
and analyzing attacker tools and methods; computer software
for exporting computer security threat information and for
creating attack signatures to safeguard computer networks;
software for firewall protection in computer networks,
monitoring incoming and outgoing data carried by a computer
network, detecting and reporting computer network
intrusions, and computer network security management;
software for securing API traffic across hybrid clouds;
software for protecting computers and network services from
attack; computer, network, and telecommunications software
for providing active protection for network servers and
network adapters by detecting packet content, detecting
network traffic, recording packet content or network
traffic, capturing packet content or network traffic,
monitoring packet content or network traffic, filtering
packet content or network traffic, attack blocking, namely,
blocking or rate limiting network traffic, event management
and reporting; software for creating, centrally managing,
maintaining, and executing firewall filters, content
filters, and access control; software for implementing
network packet brokers, intrusion prevention systems and
network load balancers; software for monitoring, analyzing
or reporting of network information, data, and traffic. Software as a service (SAAS) services, namely, hosting non-
downloadable computer software for use by others that
facilitates identity federation, multi-factor and strong
authentication of computer users and identity verification
protocols, and access control for web, mobile and
application programmable interfaces (API); identity
verification services, namely, providing user authentication
between two or more entities using digital certificates,
multi factor authentication and strong identification
protocols in the field of digital security for allowing user
access to web, mobile and application programmable
interfaces (API).
71.
Methods and systems for recovering data using dynamic passwords
A method for recovering data. The method including collecting identity factors at a user device, wherein hashes of the identity factors are configured to be stored at a server. The method including generating at the user device a dynamic password based on the identity factors and a Salt configured to be generated by the server and configured to be delivered to the user device. The method including generating at the user device a data key and encrypting the data key using the dynamic password to generate an encrypted data key configured to be stored at the server. The method including encrypting at the user device data items using the data key to generate encrypted data items configured to be stored at the server. As such, the data items are recoverable by presenting the identity factors to the server.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 29/06 - Communication control; Communication processing characterised by a protocol
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software that facilitates identity federation, facilitates multi-factor and strong authentication, facilitates access control for web, mobile and application programmable interface (API) all of the foregoing in the field of authorization policy services; downloadable computer software that facilitates directory, identity provisioning and identity administration services, facilitates identity services auditing and reporting, and facilitates other identity and access management services in the field of digital security and identity verification; downloadable software for API traffic security; downloadable software for API activity monitoring and attack detection and reporting; security software, being downloadable, for data, applications, and computer systems accessed via API or other programmatic methods; software for reporting programmatic interface traffic activity; downloadable software for reporting API traffic activity; downloadable software for computer network security; downloadable software for cloud-based computer security; downloadable software for monitoring computer networks; downloadable software for detecting computer network intrusion; downloadable software for monitoring and maintaining network security; downloadable computer software for use in the safeguarding of network data or network services; downloadable computer software for detecting security threat; downloadable computer software for analyzing attacker behavior within computer networks; downloadable computer software for discovering, documenting, and analyzing attacker tools and methods; downloadable computer software for exporting computer security threat information and for creating attack signatures to safeguard computer networks; downloadable software for firewall protection in computer networks, monitoring incoming and outgoing data carried by a computer network, detecting and reporting computer network intrusions, and computer network security management; downloadable software for securing API traffic across hybrid clouds; downloadable software for protecting computers and network services from attack; downloadable computer, network, and telecommunications software for providing active protection for network servers and network adapters by detecting packet content, detecting network traffic, recording packet content or network traffic, capturing packet content or network traffic, monitoring packet content or network traffic, filtering packet content or network traffic, attack blocking, namely, blocking or rate limiting network traffic, event management and reporting; downloadable software for creating, centrally managing, maintaining, and executing firewall filters, content filters, and access control; downloadable software for implementing network packet brokers, intrusion prevention systems and network load balancers; downloadable software for monitoring, analyzing or reporting of network information, data, and traffic Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that facilitates identity federation, multi-factor and strong authentication of computer users and identity verification protocols, and access control for web, mobile and application programmable interfaces (API); identity verification services, namely, providing user authentication between two or more entities using digital certificates, multi factor authentication and strong identification protocols in the field of digital security for allowing user access to web, mobile and application programmable interfaces (API)
73.
Method and system for authenticated login using static or dynamic codes
Method of authentication including sending a login web page to a first device of a user including a scannable code having an envelope ID and a login challenge. The envelope ID generated by an identity manager is associated with a first envelope of data including a session ID. A confirmation login request is received from a second device associated with the user, and includes a second envelope of data comprising the session ID, a user ID, and a seal of the user ID registering the user ID with the identity manager. The confirmation login request to the login challenge is verified using the session ID, and the user is verified using the user ID and seal. User login is authorized upon successful verification of the login challenge and user, and a communication session having the session ID is established between the web server and the first device.
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
74.
Methods and apparatus for analyzing sequences of application programming interface traffic to identify potential malicious actions
In some embodiments, a method includes receiving, at a processor of a server, a first application programming interface (API) call from a client device and providing an indication associated with the first API call as an input to a machine learning model such that the machine learning model identifies a set of parameters associated with a set of likely subsequent API calls. The method can further include receiving a second API call from the client device, identifying the second API call as an anomalous API call based on the second API call not meeting the set of parameters associated with the set of likely subsequent API calls, and sending a signal to perform a remedial action based on the identifying.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software that facilitates identity
federation, multi-factor and strong authentication of
computer users and identity verification protocols, and
access control for web, mobile and application programmable
interfaces (API), all of the foregoing in the field of
authorization policy services, directory, identity
provisioning and identity administration services, identity
services auditing and reporting, and other identity and
access management services in the field of digital security
and identity verification. Software as a service (SaaS) services, namely, hosting non-
downloadable computer software for use by others that
facilitates identity federation, multi-factor and strong
authentication of computer users and identity verification
protocols, and access control for web, mobile and
application programmable interfaces (API); identity
verification services, namely, providing user authentication
between two or more entities using digital certificates,
multi factor authentication and strong identification
protocols in the field of digital security for allowing user
access to web, mobile and application programmable
interfaces (API).
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software that facilitates identity
federation, multi-factor and strong authentication of
computer users and identity verification protocols, and
access control for web, mobile and application programmable
interfaces (API), all of the foregoing in the field of
authorization policy services, directory, identity
provisioning and identity administration services, identity
services auditing and reporting, and other identity and
access management services in the field of digital security
and identity verification. Software as a service (SaaS) services, namely, hosting non-
downloadable computer software for use by others that
facilitates identity federation, multi-factor and strong
authentication of computer users and identity verification
protocols, and access control for web, mobile and
application programmable interfaces (API); identity
verification services, namely, providing user authentication
between two or more entities using digital certificates,
multi factor authentication and strong identification
protocols in the field of digital security for allowing user
access to web, mobile and application programmable
interfaces (API).
77.
Methods and systems for API proxy based adaptive security
The invention concerns API proxy based adaptive security. The invention implements adaptive security for API servers, while avoiding data bottlenecks and maintaining client experience. The invention provides methods and configurations for API security that may be employed at proxies for implementing routing decisions involving client messages received at said proxies. The invention also involves generating or collecting at proxies, log information that captures data corresponding to received client messages and responses from API servers—which log information correlates communications between clients, proxies and backend API servers, and includes data relevant for purposes generating API metrics and identifying anomalies and/or indicators of compromise. The invention yet further provides security server clusters configured for generating API metrics and/or identify anomalies or indicators of compromise—which may be used by proxies to terminate existing connections and block subsequent requests or messages from clients associated with the identified anomalies or indicators of compromise.
The invention enables high-availability, high-scale, high security and disaster recovery for API computing, including in terms of capture of data traffic passing through proxies, routing communications between clients and servers, and load balancing and/or forwarding functions. The invention inter alia provides (i) a scalable cluster of proxies configured to route communications between clients and servers, without any single point of failure, (ii) proxy nodes configured for implementing the scalable cluster (iii) efficient methods of configuring the proxy cluster, (iv) natural resiliency of clusters and/or proxy nodes within a cluster, (v) methods for scaling of clusters, (vi) configurability of clusters to span multiple servers, multiple racks and multiple datacenters, thereby ensuring high availability and disaster recovery (vii) switching between proxies or between servers without loss of session.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
(1) Downloadable computer software that facilitates identity federation; downloadable computer software that facilitates multi-factor authentication and strong authentication in the field of digital security and identity verification; downloadable computer software that facilitates access control for web, mobile and application programmable interface (API), all in the field of digital security and identity verification; downloadable computer software that facilitates authorization policy services authentication in the field of digital security and identity verification; downloadable computer software that facilitates directory, identity provisioning and identity administration services in the field of digital security and identity verification; downloadable computer software that facilitates identity services auditing and reporting in the field of digital security and identity verification; downloadable computer software that facilitates identity federation and access management services in the field of digital security and identity verification; Software for API traffic security; software for API activity monitoring and attack detection and reporting; security software for digital security and identity verification data, applications, and computer systems accessed via API; software for reporting programmatic interface traffic activity; software for reporting API traffic activity; software for computer network security; software for cloud-based computer security; software for monitoring computer networks; software for detecting computer network intrusion; software for monitoring and maintaining network security; computer software for use in the safeguarding of network data or network services; computer software for detecting security threat; computer software for analyzing attacker behavior within computer networks; computer software for discovering, documenting, and analyzing attacker tools and methods; computer software for exporting computer security threat information and for creating attack signatures to safeguard computer networks; software for firewall protection in computer networks, monitoring incoming and outgoing data carried by a computer network, detecting and reporting computer network intrusions, and computer network security management; software for securing API traffic across hybrid clouds; software for protecting computers and network services from security breaches and cyber attacks; Computer, network, and telecommunications software for providing active protection for network servers and network adapters by detecting packet content, detecting network traffic, recording packet content or network traffic, capturing packet content or network traffic, monitoring packet content or network traffic, filtering packet content or network traffic, attack blocking, namely, blocking or rate limiting network traffic, event management and reporting; software for creating, centrally managing, maintaining, and executing firewall filters, content filters of computers and computer networks, and access control for web, mobile and application programmable interface (API); Software for implementing network packet brokers, intrusion prevention systems and network load balancers; software for monitoring, analyzing or reporting of global computer network digital security and identity information, data, and traffic (1) Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that facilitates identity federation, multi-factor and strong authentication, access control for web, mobile and application programmable interface (API)
(2) Identity verification services, namely, providing user authentication between two or more entities in the field of digital security
80.
Transferring data files using a series of visual codes
Software on an image-capturing device iteratively captures a visual code in a series of visual codes displayed in a repeating progression on a screen of a mobile device. The visual code was generated from a display block that resulted from a partition of an original data file into a series of display blocks of at least a specified size. The software converts the visual code back into a display block and reads a header for the display block, discarding the display block if it has already been captured, as determined by the ordered identifying block number in a header. The software stops the iterative capturing when all of the display blocks in the series have been captured, as determined by the count in the header and coalesces the captured display blocks into the original data file, using an order determined by the ordered identifying block numbers.
G06F 17/00 - Digital computing or data processing equipment or methods, specially adapted for specific functions
G06K 7/10 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation
G06K 7/14 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
G06K 19/06 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/14 - Arrangements for secret or secure communicationsNetwork security protocols using a plurality of keys or algorithms
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
G09C 5/00 - Ciphering or deciphering apparatus or methods not provided for in other groups of this subclass, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
(1) Downloadable computer software that facilitates identity federation; downloadable computer software that facilitates multi-factor authentication and strong authentication in the field of digital security and identity verification; downloadable computer software that facilitates access control for web, mobile and application programmable interface (API), all in the field of digital security and identity verification; downloadable computer software that facilitates authorization policy services authentication in the field of digital security and identity verification; downloadable computer software that facilitates directory, identity provisioning and identity administration services in the field of digital security and identity verification; downloadable computer software that facilitates identity services auditing and reporting in the field of digital security and identity verification; downloadable computer software that facilitates identity federation and access management services in the field of digital security and identity verification (1) Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that facilitates identity federation, multi-factor and strong authentication, access control for web, mobile and application programmable interface (API)
(2) Identity verification services, namely, providing user authentication between two or more entities in the field of digital security
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
45 - Legal and security services; personal services for individuals.
Goods & Services
(1) Downloadable computer software that facilitates identity federation; downloadable computer software that facilitates multi-factor authentication and strong authentication in the field of digital security and identity verification; downloadable computer software that facilitates access control for web, mobile and application programmable interface (API), all in the field of digital security and identity verification; downloadable computer software that facilitates authorization policy services authentication in the field of digital security and identity verification; downloadable computer software that facilitates directory, identity provisioning and identity administration services in the field of digital security and identity verification; downloadable computer software that facilitates identity services auditing and reporting in the field of digital security and identity verification; downloadable computer software that facilitates identity federation and access management services in the field of digital security and identity verification (1) Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that facilitates identity federation, multi-factor and strong authentication, access control for web, mobile and application programmable interface (API)
(2) Identity verification services, namely, providing user authentication between two or more entities in the field of digital security
09 - Scientific and electric apparatus and instruments
Goods & Services
Downloadable computer software that facilitates identity federation; multi-factor and strong authentication; access control for web, mobile and application programmable interface (API) all of the foregoing in the field of authorization policy services; directory, identity provisioning and identity administration services; identity services auditing and reporting; and other identity and access management services in the field of digital security and identity verification; Software for API traffic security; software for API activity monitoring and attack detection and reporting; security software for data, applications, and computer systems accessed via API or other programmatic methods; software for reporting programmatic interface traffic activity; software for reporting API traffic activity; software for computer network security; software for cloud-based computer security; software for monitoring computer networks; software for detecting computer network intrusion; software for monitoring and maintaining network security; computer software for use in the safeguarding of network data or network services; computer software for detecting security threat; computer software for analyzing attacker behavior within computer networks; computer software for discovering, documenting, and analyzing attacker tools and methods; computer software for exporting computer security threat information and for creating attack signatures to safeguard computer networks; software for firewall protection in computer networks, monitoring incoming and outgoing data carried by a computer network, detecting and reporting computer network intrusions, and computer network security management; software for securing API traffic across hybrid clouds; software for protecting computers and network services from attack; Computer, network, and telecommunications software for providing active protection for network servers and network adapters by detecting packet content, detecting network traffic, recording packet content or network traffic, capturing packet content or network traffic, monitoring packet content or network traffic, filtering packet content or network traffic, attack blocking, namely, blocking or rate limiting network traffic, event management and reporting; Software for creating, centrally managing, maintaining, and executing firewall filters, content filters, and access control; Software for implementing network packet brokers, intrusion prevention systems and network load balancers; Software for monitoring, analyzing or reporting of network information, data, and traffic
84.
Electronic identification verification methods and systems with storage of certification records to a side chain
Method of certification including receiving user data at a device of a certifying entity. The method includes generating a salt that is unique. The method includes hashing the data combined with the salt to create a generated hashed data. The method includes generating a certification record based on signing the generated hashed data using a private key of the certifying entity to create a signed certification of the data. The method includes hashing the certification record. The method includes transmitting the hashed certification record to a blockchain for storing. The method includes receiving a certification tx-ID of the hashed certification record. The method includes generating a certification data block including the certification record and the certification tx-ID. The method includes storing the certification data block to a side chain.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
G06Q 20/06 - Private payment circuits, e.g. involving electronic currency used only among participants of a common payment scheme
G06K 7/14 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
Method of certification including receiving user data at a certification device of a certifying entity, and receiving a registration tx-ID of the data, wherein the registration tx-ID was generated from a blockchain when receiving and storing a signed hash value of the data for registration signed using a private key of the user, wherein the hash value of the data was generated using a registration hash algorithm. The method includes generating a salt that is unique. The method includes hashing the data combined with the salt to create generated hashed data. The method includes signing the generated hashed data using a private key of the certifying entity to create a signed certification of the data. The method includes transmitting the signed certification of the data to a blockchain for storing. The method includes receiving a certification tx-ID of the signed certification of the data.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
G06Q 20/06 - Private payment circuits, e.g. involving electronic currency used only among participants of a common payment scheme
G06K 7/14 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
Systems and methods for managing the identity of a user are provided. One example includes receiving personal data identifying the user to define input data. The receiving of personal data is via an application that enables entry of said personal data for verifying the identity of the user by third parties. Then, executing a hash of the input data for generating a hash value. The method includes executing, responsive to input via a user accessible interface of the application, instructions for transmitting the hash value to a block chain over a network connection. The application is configured for receiving back from the block chain a transaction number corresponding to the hash value transmitted to the block chain. Then providing said personal data identifying the user and the transaction number to a third party for verifying the identity of the user. The third party is configured to generate a second hash value using at least part of the personal data. The third party is configured to use the transaction number to retrieve the hash value from the block chain and compare the second hash value with the hash value retrieved from the block chain. If said second hash value matches the retrieved hash value the identity of the user is considered verified by the third party.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
87.
Method, System and apparatus for synchronizing changes in a directory service
In a directory service, a sync request requesting changes to a dataset is received from a sync client, the sync request comprising a token, and sync requests containing tokens are sent to first and second directory servers. Changes are returned by the directory servers with tokens, and the changes are returned to the sync client with a unified token. In embodiments, the changes returned to the sync client are new to the sync client. Also disclosed is a method where a request for new changes to a dataset is received from a sync client, the request including a token, and a response that contains a token and changes that are new to the sync client is returned.
A method of confirming receipt, including iteratively capturing by a receiving device visual codes in a series of visual codes displayed on a sending device. A corresponding captured visual code being from a display block that resulted from a partition of an original data file into display blocks, and wherein each display block is converted to a corresponding string and header including an ordered identifying display block number and a total count of the display blocks. Each corresponding string is converted to a corresponding visual code. Each of the captured visual codes is converted into a corresponding string and a header is read for the corresponding string. Captured display blocks are determined. A confirmation message is generated including information indicating which display blocks have been received. The confirmation message is sent over a wireless communication link to the sending device to reduce the number of visual codes being displayed.
G06K 17/00 - Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups , e.g. automatic card files incorporating conveying and reading operations
G06K 7/10 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation
G06K 7/14 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
G09C 5/00 - Ciphering or deciphering apparatus or methods not provided for in other groups of this subclass, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
89.
Methods and systems for API deception environment and API traffic control and security
The present invention relates to the field of networking and API/application security. In particular, the invention is directed towards methods, systems and computer program products for Application Programming Interface (API) based flow control and API based security at the application layer of the networking protocol stack. The invention additionally provides an API deception environment to protect a server backend from threats, attacks and unauthorized access.
The present invention relates to the field of networking and API/application security. In particular, the invention is directed towards methods, systems and computer program products for deep learning based API traffic analysis and network security. The invention provides an automated approach to threat and/or attack detection by machine learning based accumulation and/or interpretation of various API/application traffic patterns, identifying and mapping characteristics of normal traffic for each API, and thereafter identifying any deviations from the normal traffic parameter baselines, which deviations may be classified as anomalies or attacks.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software that facilitates identity federation, multi-factor and strong authentication of computer users and identity verification protocols, and access control for web, mobile and application programmable interfaces (API), all of the foregoing in the field of authorization policy services, directory, identity provisioning and identity administration services, identity services auditing and reporting, and other identity and access management services in the field of digital security and identity verification Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that facilitates identity federation, multi-factor and strong authentication of computer users and identity verification protocols, and access control for web, mobile and application programmable interfaces (API); identity verification services, namely, providing user authentication between two or more entities using digital certificates, multi factor authentication and strong identification protocols in the nature of Security Assertion Markup Language (SAML), OpenID Connect (OIDC), OAuth, WS-Fed, WS-Trust, Lightweight Directory Access Protocol (LDAP), System for Cross-domain Identity Management (SCIM), Fast Identity Online (FIDO), Universal Authentication Framework (UAF), FIDO Universal 2nd Factor (U2F), Web Authentication (WebAuthn), Client-to-Authenticator Protocol (CTAP), Open Authentication (OATH) protocols for one-time password (OTP), time-based one-time password (TOTP), HMAC-based One-Time Password (HTOP), and Public Key Cryptography Standards (PKCS) in the field of digital security for allowing user access to web, mobile and application programmable interfaces (API)
09 - Scientific and electric apparatus and instruments
Goods & Services
Downloadable computer software that facilitates identity federation, multi-factor and strong authentication of computer users and identity verification protocols, and access control for web, mobile and application programmable interfaces (API), all of the foregoing in the field of authorization policy services, directory, identity provisioning and identity administration services, identity services auditing and reporting, and other identity and access management services in the field of digital security and identity verification
42 - Scientific, technological and industrial services, research and design
Goods & Services
Software as a service (SAAS) services, namely, hosting non-downloadable computer software for use by others that facilitates identity federation, multi-factor and strong authentication of computer users and identity verification protocols, and access control for web, mobile and application programmable interfaces (API); identity verification services, namely, providing user authentication between two or more entities using digital certificates, multi factor authentication and strong identification protocols in the nature of Security Assertion Markup Language (SAML), OpenID Connect (OIDC), OAuth, WS-Fed, WS-Trust, Lightweight Directory Access Protocol (LDAP), System for Cross-domain Identity Management (SCIM), Fast Identity Online (FIDO), Universal Authentication Framework (UAF), FIDO Universal 2 nd Factor (U2F), Web Authentication (WebAuthn), Client-to-Authenticator Protocol (CTAP), Open Authentication (OATH) protocols for one-time password (OTP), time-based one-time password (TOTP), HMAC-based One-Time Password (HTOP), and Public Key Cryptography Standards (PKCS) in the field of digital security for allowing user access to web, mobile and application programmable interfaces (API)
41 - Education, entertainment, sporting and cultural services
Goods & Services
Educational services, namely, conducting seminars,
conference and workshops in the fields of security and
identity management; training services in the field of
security and identity management; arranging and conducting
educational conferences.
95.
Identity management service using a blockchain providing certifying transactions between devices
Logic on a first remote device receives a first transaction number and personal data transmitted from a second remote device. The first transaction number was received from a distributed public database in response to a transmission, from the second remote device, of a signed hash value and a first public key associated with a first private key on the second remote device. The signed hash value was created by signing a hash value with the first private key and the hash value was generated by hashing the personal data with a hashing algorithm on the second remote device. The logic uses the first transaction number to retrieve the signed hash value and the first public key from the distributed public database. The logic hashes the personal data using the hashing algorithm to create a generated hash value and verifies the signed hash value against the generated hash value.
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
G06Q 20/40 - Authorisation, e.g. identification of payer or payee, verification of customer or shop credentialsReview and approval of payers, e.g. check of credit lines or negative lists
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/14 - Arrangements for secret or secure communicationsNetwork security protocols using a plurality of keys or algorithms
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
G06Q 20/02 - Payment architectures, schemes or protocols involving a neutral third party, e.g. certification authority, notary or trusted third party [TTP]
G06Q 20/32 - Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
G06F 21/34 - User authentication involving the use of external additional devices, e.g. dongles or smart cards
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
G06K 19/06 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
H04W 12/00 - Security arrangementsAuthenticationProtecting privacy or anonymity
96.
METHODS AND APPARATUS FOR ASSESSING AUTHENTICATION RISK AND IMPLEMENTING SINGLE SIGN ON (SSO) USING A DISTRIBUTED CONSENSUS DATABASE
In some embodiments, a method includes receiving, from a client compute device and at a server, a request to access a resource. The request can include an identifier associated with the client compute device. The method can further include accessing risk information associated with the client compute device from an instance of a distributed database at the server using the identifier. The risk information is provided to the distributed database by a set of compute devices. Each compute device from the set of compute devices implements a different instance of the distributed database. The risk information can be analyzed to identify an access decision and a level of access to the resource can be granted to the client compute device based on the access decision.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04L 29/08 - Transmission control procedure, e.g. data link level control procedure
G06F 9/50 - Allocation of resources, e.g. of the central processing unit [CPU]
G06F 12/14 - Protection against unauthorised use of memory
G06F 15/173 - Interprocessor communication using an interconnection network, e.g. matrix, shuffle, pyramid, star or snowflake
41 - Education, entertainment, sporting and cultural services
Goods & Services
(1) Educational services, namely conducting seminars, conferences and workshops in the fields of digital security and customer, employee and partner identity management; Training services in the field of digital security and customer, employee and partner identity management; Arranging and conducting educational conferences in the fields of digital security and customer, employee and partner identity management.
09 - Scientific and electric apparatus and instruments
41 - Education, entertainment, sporting and cultural services
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable computer software that facilitates identity
federation in the field of digital security and identity
verification. Educational services, namely, conducting seminars,
conference and workshops in the fields of security and
identity management; training services in the field of
security and identity management; arranging and conducting
educational conferences. Software as a service (SAAS) services, namely, hosting
non-downloadable computer software for use by others that
facilitates identity federation in the fields of digital
security, identification, best practices, and content
distribution.
99.
Method and system for authenticated login using static or dynamic codes
Method of authentication including sending a login web page to a first device of a user including a scannable code having an envelope ID and a login challenge. The envelope ID generated by an identity manager is associated with a first envelope of data including a session ID. A confirmation login request is received from a second device associated with the user, and includes a second envelope of data comprising the session ID, a user ID, and a seal of the user ID registering the user ID with the identity manager. The confirmation login request to the login challenge is verified using the session ID, and the user is verified using the user ID and seal. User login is authorized upon successful verification of the login challenge and user, and a communication session having the session ID is established between the web server and the first device.
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
100.
Transferring data files using a series of visual codes
Software on an image-capturing device iteratively captures a visual code in a series of visual codes displayed in a repeating progression on a screen of a mobile device. The visual code was generated from a display block that resulted from a partition of an original data file into a series of display blocks of at least a specified size. The software converts the visual code back into a display block and reads a header for the display block, discarding the display block if it has already been captured, as determined by the ordered identifying block number in a header. The software stops the iterative capturing when all of the display blocks in the series have been captured, as determined by the count in the header and coalesces the captured display blocks into the original data file, using an order determined by the ordered identifying block numbers.
G06F 17/00 - Digital computing or data processing equipment or methods, specially adapted for specific functions
G06K 7/10 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation
G06K 7/14 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
H04L 9/14 - Arrangements for secret or secure communicationsNetwork security protocols using a plurality of keys or algorithms
G06K 19/06 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
