US Pat. No. 10,169,738

STOCK LEVEL INDICATION APPARATUS AND METHOD

Walmart Apollo, LLC, Ben...

1. A stock level indication system comprising:a shelving unit comprising:
an upstanding back wall;
a plurality of shelves mounted to the back wall, the plurality of shelves each including a product support member having a curved configuration with a convex upper surface and concave lower surface such that an intermediate portion of the product support member is raised with respect to outer edges thereof, wherein the curved configuration of the product support members is configured to sequentially flatten as products are stocked thereon such that a lateral dimension of the product support member varies with respect to a weight of products stocked on the product support member;
one or more electronic imagers mounted adjacent to the shelving unit and oriented to capture images of the lateral dimensions of the product support members; and
a control circuit in communication with the one or more electronic imagers and configured to analyze the images to estimate the lateral dimensions of the product support members and estimate a weight of products stocked on each of the product support members based on the lateral dimensions.

US Pat. No. 10,169,737

CONVERTING ASSETS FOR REUSE DURING MANUFACTURING

International Business Ma...

1. A method for reusing a partially manufactured product during a manufacturing process, comprising:processing an order in program logic executing on a processor of a mass routing processing and manufacturing computer system to produce at least a partially manufactured but not yet complete product;
registering a cancellation of the order in the program logic of the computer system subsequent to having processed the order in the program logic and having produced the partially manufactured product; and
responsive to the registration of the cancellation of the order:
reading a configuration of the partially manufactured product and identifying in the configuration, a part number of a part associated with the partially manufactured product;
reading a set of rules that match a given configuration with one of a set of defined target configurations of a different product including a range of part numbers acceptable for use in building a product corresponding to one of the defined target configurations; and,
executing a reconfiguration process in which the set of rules are applied to the configuration of the partially manufactured product so as to match the part number identified in the configuration of the partially manufactured product to the range of part numbers acceptable for use in building a different, yet to be manufactured product corresponding to the one of the defined target configurations, initiating a re-configuration of the partially manufactured product with respect to the one of the target configurations corresponding to the different, yet to be manufactured product with which the part number identified in the configuration of the partially manufactured product matched according to the rule specifying the range of part numbers, and subsequent to re-configuration in the one of the target configurations, placing back into inventory the re-configured partially manufactured product and rendering the re-configured partially manufactured product as available in the mass routing processing and manufacturing computer system for use in future work orders while remaining stocked in the inventory;
receiving a new work order subsequent to the reconfiguration; and,
completing the new work order for a complete product utilizing the re-configured partially manufactured product in the one of the target configurations in the inventory in order to complete manufacturing of the complete product.

US Pat. No. 10,169,736

IMPLEMENTING DEVICE OPERATIONAL MODES USING MOTION INFORMATION OR LOCATION INFORMATION ASSOCIATED WITH A ROUTE

Amazon Technologies, Inc....

1. A method of managing operation of a device, the method comprising:determining a destination and boundary associated with one or more items to be picked up or dropped off at the destination;
obtaining route information for a route to at least the destination, the route information including a threshold deviation of the route that is permissible;
storing customer information and information about the one or more items as first privileged data on the device;
storing the route information as second privileged data on the device;
determining a current location of the device relative to the boundary and the route;
causing the device to operate in an employee mode based at least in part on a determination by the device that the current location is outside of the boundary and within the threshold deviation of the route, operation in the employee mode at least causing display of at least some of the second privileged data;
causing the device to operate in a customer mode based at least in part on a determination by the device that the current location is within the boundary, operation in the customer mode at least causing display of at least some of the first privileged data while restricting access of at least the second privileged data; and
causing the device to operate in a secure mode based at least in part on a determination by the device that the current location is outside of the boundary and outside of the threshold deviation of the route, operation in the secure mode restricting access, at least temporarily, to the first privileged data and the second privileged data.

US Pat. No. 10,169,735

CUSTOMIZED PACKAGING FOR UNMANNED AUTONOMOUS VEHICLE ITEM DELIVERY

QUALCOMM Incorporated, S...

1. A method of delivering an item using an unmanned autonomous vehicle (UAV), comprising:receiving, in a processor, an electronic order for an item;
determining, by the processor, order parameters based on the electronic order identifying the item and details regarding delivery of the item;
selecting, by the processor, UAV components for operating the UAV based on UAV parameters meeting the determined order parameters;
determining, by the processor, UAV-compliant packaging parameters for transporting the item carried by the UAV, wherein the UAV-compliant packaging parameters enable the UAV to meet at least some of the determined order parameters and the UAV parameters;
coordinating, by the processor, assembly of the UAV including the selected UAV components and selected UAV-compliant packaging with the item therein, wherein the selected UAV-compliant packaging meets the determined UAV-compliant packaging parameters; and
dispatching the assembled UAV for delivering the item.

US Pat. No. 10,169,734

DYNAMIC LAYOUT FOR ORGANIZATIONAL CHARTS

SUCCESSFACTORS, INC., So...

1. A computer-implemented method, comprising:presenting, by a processor, an organizational chart within a window of a graphical user interface, the organizational chart including a plurality of nodes that each represent an employee within an organization as a tile within the window;
detecting, by the processor, a first user input on the graphical user interface that is representative of selecting a first node from the plurality of nodes;
querying, by the processor, a database storing hierarchical organization information to identify a first set of employees within the organization that are associated with the employee in the organization represented by the selected first node;
determining a number of employees in the first set of employees;
determining, by the processor, a matrix layout to be a vertical vector layout when the number of employees in the first set of employees is less than a predefined threshold in order to reduce horizontal scrolling to view the first set of employees;
determining the matrix layout to be a matrix layout other than the vertical vector layout when the number of employees in the first set of employees is greater than or equal to the predefined threshold;
generating, by the processor, a first matrix that represents the first set of employees, wherein the first matrix includes a set of tiles positioned according to the matrix layout, the set of tiles each being configured to represent an employee within the first set of employees;
presenting, by the processor, the first matrix with the plurality of nodes of the organizational chart; and
visually connecting, by the processor, the first matrix to the first node.

US Pat. No. 10,169,733

UTILIZING SOCIAL PERFORMANCE PATTERNS TO MANAGE AND EVALUATE PERFORMANCE OF USER

International Business Ma...

1. A computer program product for improving management and performance of an employee, the computer program product comprising a computer readable storage medium having program code embodied therewith, the program code comprising the programming instructions for:receiving an indication of a goal sponsored by an owner, wherein said goal is a desired result that a person, a group or an organization desires to achieve, wherein said goal is stored in a look-up table where said goal is associated with a tag;
receiving an indication of a first user subscribing to said goal sponsored by said owner;
monitoring communications on a social network involving said first user subscribed to said goal that includes said tag designating said goal;
detecting a completion of said goal based on said monitored communications using natural language processing;
determining a pattern of steps in accomplishing said goal by using natural language processing on said monitored communications involving said first user subscribed to said goal;
evaluating an effectiveness of said pattern to accomplish said goal by other subscribed users, wherein said effectiveness of said pattern is based on a success or a failure in achieving said goal using said pattern, a length of time in achieving said goal, social media comments pertaining to said pattern, and a profit or revenue generated from achieving said goal;
presenting said evaluated effectiveness of said pattern to said owner to determine whether steps of said pattern should be modified to better assist said first user to accomplish said goal or whether said pattern should be replaced with a better pattern;
monitoring communications on said social network involving a second user that includes said tag designating said goal; and
recommending actions to said second user concerning accomplishing said goal based on said pattern of steps in response to detecting a delay in completing said goal by said second user, wherein said second user subscribed to said goal sponsored by said owner.

US Pat. No. 10,169,732

GOAL AND PERFORMANCE MANAGEMENT PERFORMABLE AT UNLIMITED TIMES AND PLACES

Oracle International Corp...

1. A method comprising:establishing, at a mobile device, a first connection to a remote server;
downloading, by the mobile device, over the first connection from the remote server to the mobile device, one or more goals documents corresponding to goals associated with a user of the mobile device;
downloading, by the mobile device, over the first connection from the remote server to the mobile device, one or more performance documents related to the goals associated with the user of the mobile device;
storing, by the mobile device, the one or more downloaded goals documents within a memory device on the mobile device;
storing, by the mobile device, the one or more downloaded performance documents within the memory device on the mobile device;
terminating, by the mobile device, the first connection between the mobile device and the remote server, after downloading the goals documents and performance documents;
after the termination of the first connection, receiving user input at the mobile device, via a performance mobile application relating to the one or more goals associated with the user, the received user input comprising at least one network resource identifier corresponding to a data feed, and one or more filter parameters associated with the data feed;
modifying, by the mobile device, the one or more performance documents stored in the memory device of the mobile device based on the user input received via the performance mobile application, wherein said modifying comprises embedding the at least one network resource identifier corresponding to the data feed and the filter parameters within the one or more performance documents related to the goals associated with the user of the mobile device, wherein said embedding is performed at a time when no network connection is available to connect the mobile device to the remote server; and
subsequent to embedding the at least one network resource identifier corresponding to the data feed and the filter parameters within the one or more performance documents:
(a) detecting that a network connection between the mobile device and the remote server has become available;
(b) establishing, by the mobile device, a second connection between the mobile device and the remote server;
(c) uploading, by the mobile device, the one or more modified performance documents over the second connection from the mobile device to the remote server;
(d) downloading, by the mobile device, one or more notifications relating to the goals associated with the user of the mobile device, from the remote server; and
(e) terminating, by the mobile device, the second connection between the mobile device and the remote server, after uploading the one or more modified performance documents and downloading the one or more notifications,
wherein each of (b)-(e) are performed by the mobile device automatically and without user intervention, in response to the detection that a network connection between the mobile device and the remote server has become available.

US Pat. No. 10,169,731

SELECTING KEY PERFORMANCE INDICATORS FOR ANOMALY DETECTION ANALYTICS

INTERNATIONAL BUSINESS MA...

1. A computer program product for selecting key performance indicators, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions being readable and executable by a processing circuit to cause the processing circuit to:determine from historical data which anomaly detectors are associated with key performance indicators (KPIs) for identifying an anomalous event in a first metric group related to central processing unit (CPU) utilization in a first computing system, wherein the anomaly detectors comprise two or more of:
a Gaussian detector, which generates an alarm when the historical data exhibits a predefined deviation;
a flat line detector, which generates an alarm when the historical data remains at a same value for a predefined time;
an increased variance detector, which generates an alarm when the historical data exhibits an increased variance from a baseline value;
a de-correlation detector, which generates an alarm when the historical data exhibits a de-correlation from other data;
a top out detector, which generates an alarm when the historical data achieves a maximum value from which the historical data does not recede;
a bottom out detector, which generates an alarm when the historical data achieves a minimum value from which the historical data does not recede; and
stop and start reporting detectors, which respectively generate alarm when historical data reporting that is normally online or offline goes offline or online;
extract descriptors of the first metric group from the KPIs to create a first anomaly detector feature profile thereof;
repeat the determining and the extracting with respect to historical data of second and third metric groups, which are unrelated or indirectly related to the CPU utilization in the first computing system of the first metric group, to create second and third anomaly detector feature profiles thereof, respectively;
ascertain which of the second and third anomaly detector feature profiles has a greater correlation to the first anomaly detector feature profile; and
rank the second and third anomaly detector feature profiles based on which one has the greater correlation and compare the higher ranked one to future metrics in current or subsequent environments to determine if specific KPIs are likely to produce anomalies.

US Pat. No. 10,169,730

SYSTEM AND METHOD TO PRESENT A SUMMARIZED TASK VIEW IN A CASE MANAGEMENT SYSTEM

Open Text Corporation, W...

1. A computer implemented method for providing information related to a task in a case management system configured to process a plurality of cases, the computer implemented method comprising:monitoring, by a server, requests for resources used to perform a plurality of tasks and storing correlations between the requested resources and tasks from the plurality of tasks;
clustering the plurality of cases, by the server, into a plurality of case clusters, wherein each of the plurality of case clusters is associated with a case similarity factor shared by at least two cases of the plurality of cases;
for a case cluster of the plurality of case clusters, identifying, by the server, a plurality of task clusters, wherein each of the plurality of task clusters is associated with a task similarity factor shared by at least two tasks of the task cluster, and tasks of the plurality of task clusters are performed on cases of the case cluster;
analyzing, by the server, reports and documents used to perform the at least two tasks of the task cluster sharing the task similarity factor;
associating, by the server, the reports and documents used to perform the at least two tasks of the task cluster sharing the task similarity factor with the task cluster associated with the task similarity factor; and
when performing a task sharing the task similarity factor with the at least two tasks of the task cluster sharing the task similarity factor, providing, by the server, to a remote computer, at least one report based on the reports associated with the task cluster and at least one summary based on the documents associated with the task cluster.

US Pat. No. 10,169,729

EQUIPMENT CONTROL SYSTEM

General Electric Company,...

1. A rail vehicle management system comprising:plural rail vehicles within a facility; and
an equipment controller comprising one or more processors and a communication unit operatively coupled to the one or more processors, wherein the communication unit is configured to receive first signals from first sensors associated with different materials, the first signals indicative of material locations of the different materials within the facility, the communication unit also configured to receive second signals associated with the rail vehicles, the second signals indicative of one or more vehicle locations of the rail vehicles within the facility, and the communication unit is configured to receive third signals indicative of allocation requests for at least one of the materials from different remote locations,
wherein the equipment controller is configured to generate a map based on the material locations and the vehicle locations,
wherein the equipment controller is configured to schedule enactment of the allocation requests based on designated times associated with one or more operations involved in the enactment of the allocation requests and to monitor capacities of the rail vehicles to carry the materials within the facility while the rail vehicles enact the allocation requests, and
wherein the equipment controller is configured to generate fourth signals for movement control of the rail vehicles to combine the materials for the allocation requests of the different remote locations in at least one of the rail vehicles,
wherein the rail vehicles move the materials within the facility and mix the materials to create one or more component products under direction of the fourth signals for movement received from the equipment controller to enact the allocation requests according to the enactment that is scheduled,
wherein the equipment controller is configured to communicate the fourth signals to one or more of the rail vehicles to remotely control the one or more of the rail vehicles to mix the materials in at least one of the rail vehicles based on one or more of a loading time for loading the materials onto the rail vehicles or an unloading time for unloading the materials from the rail vehicles, and
wherein the equipment controller is configured to communicate the fourth signals to one or more of the rail vehicles to remotely control the one or more of the rail vehicles to mix the materials and create the one or more component products in at least one of the rail vehicles based on a transportation cost at the capacity of at least one of the rail vehicles.

US Pat. No. 10,169,728

OPPORTUNISTIC JOB PROCESSING OF INPUT DATA DIVIDED INTO PARTITIONS OF DIFFERENT SIZES

Google LLC, Mountain Vie...

1. A method for processing one or more work orders using a global-level manager and one or more cluster-level managers that manage a plurality of clusters, that is performed by one or more processors, the method comprising:receiving, at the global-level manager, a work order of the one or more work orders referencing at least one binary executable file and one or more input files, the one or more input files including multiple input resources of at least a first-type having a first size, and a second-type having a second size, wherein the first size is larger than the second size;
generating at the global-level manager, a plurality of first-type input shards by splitting the first-type of input resource in the one or more input files, and a plurality of second-type input shards by splitting the second-type of input resource in the one or more input files, wherein each of the plurality of first-type input shards and second-type input shards have a respective input shard size;
creating, at the global level manager, reference values for each input shard in order of their input shard size wherein each of the first-type input shards is associated with a copy of every second-type input shard by the reference values;
distributing, by the global-level manager, the plurality of first-type and second-type input shards, according to the reference values, to the plurality of clusters that are managed by the one or more cluster-level managers and are capable of executing the binary executable file to process the first-type and second-type input shards, such that a different first-type input shard and a copy of every second-type input shard is distributed to each cluster;
creating, by the clusters and according to the reference values, workers to execute the binary executable file on the first-type and second-type input shards to create output shards;
receiving, by the global-level manager, the output shards; and
assembling, by the global-level manager the output shards into an output file for the work order.

US Pat. No. 10,169,727

SYSTEMS AND METHODS FOR INITIATING A VIRTUAL MEETING AND TRANSMITTING ANCILLARY INFORMATION

AirWatch, LLC, Atlanta, ...

1. A method for managing participation in a virtual meeting using a mobile device, comprising:detecting an upcoming event associated with a calendar event record;
identifying a plurality of participation elements within the calendar event record;
identifying a set of permissions associated with a user of the mobile device, wherein the set of permissions differs from a second set of permissions associated with a second user of a second mobile device;
selecting, without input from the user, a participation element from the plurality of participation elements, wherein the selection is based on the set of permissions associated with the user, and wherein the selection differs from a selection based on the second set of permissions;
displaying a notification of the event to the user, the notification prompting the user for input associated with joining the event and being displayed while the mobile device is in a locked state;
in response to displaying the notification prompting the user for input receiving an input from the user associated with delaying participation in the event;
determining whether the user is an organizer of the event;
based on determining that the user is the organizer of the event, transmitting one or more messages to other event participants rescheduling or otherwise delaying the event; and
based on determining that the user is not the organizer of the event, transmitting one or more messages to other event participants notifying them that the user is delayed.

US Pat. No. 10,169,726

SYSTEMS, METHODS AND APPARATUS FOR IMPROVED OPERATION OF ELECTRICITY MARKETS

SIEMENS INDUSTRY, INC., ...

1. A method of operating a power system to deliver energy at a market clearing price, the method comprising:receiving constraints within a scheduling and pricing system;
receiving bids with corresponding generation capacity and offers with corresponding load requirements, within the scheduling and pricing system;
applying the constraints, the bids, the generation capacity, the offers, and the load requirements to a quadratic programming model of a market clearing system within the scheduling and pricing system wherein the quadratic programming model includes a relaxation of all pricing constraints that are epsilon proportional to the market clearing price of the constraints;
determining market clearing prices and corresponding generation and load schedules based on optimizing the quadratic programming model of the market clearing system;
distributing the market clearing prices and the corresponding generation and load schedules to a billing and settlement system;
distributing each generation and load schedule to a generation control and load management system; and
controlling operation of generator resources and managing loads by the generation control and load management system to deliver energy to customers based on the generation and load schedules.

US Pat. No. 10,169,725

CHANGE-REQUEST ANALYSIS

International Business Ma...

1. A method for analyzing a change request of a project involving an IT system, wherein the IT system comprises a plurality of IT artifacts, the method comprising:one or more processors receiving a change request that requests a performance of a task associated with the project, wherein the change request comprises values of a set of parameters that each describe a characteristic of the change request;
the one or more processors selecting an applicable decomposition agent from a plurality of decomposition agents as a function of the values of the set of parameters comprised by the change request,
wherein the applicable decomposition agent contains information necessary for the one or more processors to decompose the received change request into a set of sub-requests,
wherein each agent of the plurality of decomposition agents is a predefined computer-executable process configured to automatically decompose a specific class of change request into multiple sub-change requests, but does not itself perform tasks that satisfy the sub-change requests,
wherein the selection is performed as a function of parameters, of the set of parameters, that consist of an identification that the change request requests an installation of a new instance of a software application on a particular type of computing platform,
wherein each decomposition agent of the plurality of decomposition agents is adapted to satisfy one distinct class of change request,
wherein the one distinct class of change request is selected from the group consisting of migrating a computerized entity to a new environment, installing a new instance of a software application, or performing a software upgrade, and
wherein the applicable decomposition agent is an agent of the plurality of decomposition agents that is best adapted to satisfy a class of change requests that comprises the received change request;
the one or more processors generating the set of sub-change requests as a function of the information contained by the applicable decomposition agent; and
the one or more processors identifying a correlation between at least one sub-change request of the plurality of sub-change requests and one IT artifact of the plurality of IT artifacts.

US Pat. No. 10,169,724

DISPLAY OF USER RELATIONSHIPS

International Business Ma...

11. A computer program product comprising a storage device storing computer-readable code executable by a processor to perform a method comprising:receiving, by an email messaging computer program of a user, one email having a plurality of recipients including the user;
displaying, by the email messaging computer program, the one email to the user within an email display area of a graphical user interface (GUI) window of the email messaging computer program;
after displaying the one email to the user, and responsive to receiving user selection of a GUI button displayed within the GUI window,
retrieving information regarding each recipient of the one email;
determining a plurality of relationships of a plurality of different relationship types among the recipients of the one email, based on the information retrieved regarding each recipient of the one email, the plurality of relationships including relationships among the recipients of the one email;
displaying, by the email messaging computer program, the relationships of a first relationship type of the different relationship types among the recipients of the email to the user within a second GUI window, the second GUI window displayed responsive to receiving user selection of the GUI button displayed within the GUI window, wherein displaying the relationships of the first relationship type comprises:
displaying a GUI element for each recipient at a corresponding position within the second GUI window, the GUI element for each recipient including a name of the recipient;
for each relationship of the first relationship type, displaying a corresponding polygon surrounding the GUI element of each recipient that is part of the relationship, the corresponding polygon having a unique line type;
for each relationship of the first relationship type, displaying text identifying the relationship inside the polygon outside of the GUI element of each recipient;
displaying, by the email messaging computer program, a plurality of second GUI buttons within the second GUI window, each second GUI button corresponding to one of the different relationship types, the second GUI buttons separate from the relationships displayed within the second GUI window; and
responsive to receiving user selection of a particular button of the second GUI buttons displayed within the second GUI window, displaying within the second GUI window, by the email messaging computer program, the relationships of the relationship type corresponding to the particular button, comprising:
displaying the GUI element for each recipient at the corresponding position within the second GUI window, the corresponding position at which the GUI element for each recipient is displayed as part of displaying the relationships of the relationship type corresponding to the particular button being a same position at which the GUI element was displayed as part of displaying the relationships of the first relationship type;
for each relationship of the relationship type corresponding to the particular button, displaying a second corresponding polygon surrounding the GUI element of each recipient that is part of the relationship, the second corresponding polygon having a second unique line type;
for each relationship of the relationship type corresponding to the particular button, displaying text identifying the relationship inside the polygon and outside the GUI element of each recipient.

US Pat. No. 10,169,723

DISTRIBUTED POLICY DISTRIBUTION FOR COMPLIANCE FUNCTIONALITY

International Business Ma...

1. A method for automated policy compliance in a data processing system comprising:configuring a set of log-enabled components in an audit environment that includes multiple diverse physical devices, at least one log-enabled component being of a first type and supported on a first of the multiple diverse physical devices, and at least one log-enabled component being of a second type distinct from the first type and supported on a second of the multiple diverse physical devices, wherein a log-enabled component is a software agent that captures log event data;
during an information flow, capturing, by each of the set of log-enabled components, log event data;
receiving, at a compliance server executing in hardware, logging property data from each log-enabled component in the set of log-enabled components, the logging property data distinct from the log event data captured by the log-enabled component during the information flow and indicating a set of one or more logging properties associated with the log-enabled component;
determining, at the compliance server, based at least in part on the logging property data received, which of a set of one or more log events are required from individual log-enabled components in the set of log-enabled components to support a compliance policy being managed by the compliance server;
configuring, by the compliance server, each log-enabled component in the set of log-enabled components to capture the one or more log events so determined for that individual log-enabled component, wherein configuring at least one log-enabled component in the set of log-enabled components includes restarting the log-enabled component and providing a directive to update a logging property otherwise set at that log-enabled component; and
evaluating logs collected from the set of log-enabled components to determine compliance with the compliance policy.

US Pat. No. 10,169,722

SELECTIVE ISOLATION OF FREQUENCY MULTIPLEXED MICROWAVE SIGNALS USING CASCADING MULTI-PATH INTERFEROMETRIC JOSEPHSON ISOLATORS WITH NONOVERLAPPING BANDWIDTHS

INTERNATIONAL BUSINESS MA...

1. A cascading selective microwave isolator (cascade) comprising:a set of Josephson devices, each Josephson device in the set having a corresponding operating bandwidth of microwave frequencies, wherein different operating bandwidths have different corresponding center frequencies; and
a series coupling between first Josephson device from the set and an nth Josephson device from the set, wherein the series coupling causes the first Josephson device to isolate a signal at a first frequency from a frequency multiplexed microwave signal (multiplexed signal) in a first signal flow direction through the series coupling and the nth Josephson device to isolate a signal of an nth frequency in a second signal flow direction through the series, wherein the second signal flow direction is opposite of the first signal flow direction.

US Pat. No. 10,169,721

INJECTION MOLDING CONTROLLER INTERFACE WITH USER-ADJUSTABLE VARIABLES

IMFLUX, INC., Hamilton, ...

1. A method of retrofitting an injection molding machine, the method comprising:retrofitting an injection molding machine with a retrofit controller, the injection molding machine including a native controller adapted to control operation of the injection molding machine;
entering a learning mode of at least one of the native controller or the retrofit controller to calculate an initial load value of the injection molding machine based on a first set of operating parameters;
calculating a modified load value of the injection molding machine by operating the injection molding machine based on a second set of operating parameters;
generating a reference load curve based on at least the first set of operating parameters and the second set of operating parameters;
entering an operational mode of the retrofit controller; and
using the retrofit controller, selectively operating the injection molding machine such that an operational load value of the injection molding machine remains at or below the reference load curve.

US Pat. No. 10,169,720

SYSTEMS AND METHODS FOR MACHINE LEARNING USING CLASSIFYING, CLUSTERING, AND GROUPING TIME SERIES DATA

SAS INSTITUTE INC., Cary...

1. A system for performing data mining and statistical learning techniques on a data set, the system comprising:a processor; and
a non-transitory computer-readable storage medium including instructions stored thereon, which when executed by the processor, cause the system to perform operations including:
receiving a plurality of time series included in a prediction hierarchy for performing statistical learning to develop the prediction hierarchy, each individual time series of the plurality of time series comprising one or more need output characteristics and a need output pattern for an object, the one or more need output characteristics including at least one of a need output data, an intermittence, or a time period of a year, the need output pattern indicating one or more time intervals for which need output for the object is greater than a threshold amount;
pre-processing data associated with each of the plurality of time series, wherein the pre-processing includes executing tasks in parallel using a grid-enabled computing environment, the tasks comprising, for each time series of the plurality of time series:
determining a classification for the individual time series based on the one or more need output characteristics;
determining a pattern group for each individual time series by comparing the need output pattern to need output patterns for other time series in the plurality of time series; and
determining a level of the prediction hierarchy at which the each individual time series comprises a need output amount greater than the threshold amount, wherein determining the level further includes, for each time series in each level of the hierarchy and starting with a lowest level of the hierarchy:
determining whether the individual time series includes a sufficient volume of data by determining whether the individual time series includes an amount of need output above the threshold amount; and
based upon the determination, for each time series that does not include an amount of need output above the threshold amount, aggregating multiple time series from a particular level into a node that is one level higher than the particular level in the hierarchy;
generating an additional prediction hierarchy using the prediction hierarchy, the classification, the pattern group, and the determined level, wherein utilizing the additional prediction hierarchy generates more accurate need output predictions than need output predictions generated utilizing the prediction hierarchy; and
transmitting, to one or more nodes in the grid-enabled computing environment, prediction data related to at least one time series of the plurality of time series based on the additional prediction hierarchy.

US Pat. No. 10,169,719

USER CONFIGURABLE MESSAGE ANOMALY SCORING TO IDENTIFY UNUSUAL ACTIVITY IN INFORMATION TECHNOLOGY SYSTEMS

INTERNATIONAL BUSINESS MA...

1. A method for identifying unusual activity in an information technology (IT) system based on user configurable message anomaly scoring, the method comprising:receiving, by a processing device, a message stream for the IT system;
selecting a plurality of status messages from the message stream that correspond to an interval of time;
determining a default message anomaly score for each status message of the plurality of the status messages of the interval, wherein the default message anomaly scores are generated by IT equipment of the IT system and are included in the plurality of status messages received from the IT equipment;
calculating, by the processing device, an interval anomaly score for the interval by at least performing the following for each status message of the plurality of status messages of the interval:
determining whether the default message anomaly score of the status message corresponds to a message anomaly group comprising a custom scoring group having a custom message anomaly score, wherein the custom message anomaly score of the message anomaly group is received by the processing device as an input from a system expert during training of a model of a historical message stream;
upon determining that the default message anomaly score of the status message corresponds to the message anomaly group having the custom message anomaly score, adding the custom message anomaly score to an interval anomaly score for the interval; and
upon determining that the default message anomaly score of the status message does not correspond to the message anomaly group having the custom message anomaly score, adding the default message anomaly score of the status message to the interval anomaly score for the interval;
identifying a priority level of the interval by comparing the interval anomaly score to one or more priority level cutoffs, wherein the one or more priority level cutoffs are established based on the trained model; and
generating an alert for the selected plurality of status messages of the interval only when the identified priority level of the interval meets the one or more priority level cutoffs based on the comparison, wherein the alert flags the interval such that only the selected plurality of status message of the message stream are transmitted to the system expert.

US Pat. No. 10,169,718

SYSTEM AND METHOD FOR DEFINING AND USING DIFFERENT LEVELS OF GROUND TRUTH

International Business Ma...

1. A computer-implemented method comprising:receiving, by a computing device, a first set of ground truth instances from a first source;
receiving a second set of ground truth instances from a second source;
weighting the first and second sets of ground truth instances differently based on a level of trust associated with each of the first and second sources; and
applying the weighted first and second sets of ground truth instances in a machine learning task executed by a computer, wherein applying the weighted first and second sets of ground truth instances in the machine learning task includes adjusting a loss function for at least one of the first and second sets of ground truth instances based upon, at least in part, the level of trust associated with each of the first and second sources, and at least one of a mean squared error and duplication of instances for the first set of ground truth instances over that of the second set of ground truth instances, wherein the first set of ground truth instances are more trusted than the second set of ground truth instances, and wherein a model is created by the duplication of instances for the first set of ground truth instances in a model data set to create a more effective model by more thoroughly reflecting more trusted data.

US Pat. No. 10,169,717

SYSTEM AND METHOD FOR DEFINING AND USING DIFFERENT LEVELS OF GROUND TRUTH

International Business Ma...

1. A computer program product residing on a non-transitory computer readable storage medium having a plurality of instructions stored thereon which, when executed by a processor, cause the processor to perform operations comprising:receiving a first set of ground truth instances from a first source;
receiving a second set of ground truth instances from a second source;
weighting the first and second sets of ground truth instances differently based on a level of trust associated with each of the first and second sources; and
applying the weighted first and second sets of ground truth instances in a machine learning task executed by a computer, wherein applying the weighted first and second sets of ground truth instances in the machine learning task includes adjusting a loss function for at least one of the first and second sets of ground truth instances based upon, at least in part, the level of trust associated with each of the first and second sources, and at least one of a mean squared error and duplication of instances for the first set of ground truth instances over that of the second set of ground truth instances, wherein the first set of ground truth instances are more trusted than the second set of ground truth instances, and wherein a model is created by the duplication of instances for the first set of ground truth instances in a model data set to create a more effective model by more thoroughly reflecting more trusted data.

US Pat. No. 10,169,716

INTERACTIVE LEARNING

INTERNATIONAL BUSINESS MA...

1. A method for shared machine learning, comprising:providing a model to a plurality of agents comprised in a machine learning system, the model specifying attributes and attribute value data types for an event in which the plurality of agents act;
receiving agent-provided inputs from the plurality of agents during an instance of the event, the agent-provided inputs include estimated attribute values that are consistent with the attribute value data types;
determining expertise weights for at least one of the plurality of agents in response to at least one ground-truth which is learned from the estimated attribute values; and
determining an estimate value for one or more of the attributes using adaptive mixtures of the estimated attribute values.

US Pat. No. 10,169,715

FEATURE PROCESSING TRADEOFF MANAGEMENT

Amazon Technologies, Inc....

1. A system, comprising:one or more computing devices configured to:
determine, via one or more programmatic interactions with a client of a machine learning service of a provider network, (a) one or more target variables to be predicted using a specified training data set, (b) one or more prediction quality metrics including a particular prediction quality metric, and (c) one or more prediction run-time goals including a particular prediction run-time goal;
identify a set of candidate feature processing transformations to derive a first set of processed variables from one or more input variables of the specified data set, wherein at least a subset of the first set of processed variables is usable to train a machine learning model to predict the one or more target variables, and wherein the set of candidate feature processing transformations includes a particular feature processing transformation;
determine (a) a quality estimate indicative of an effect, on the particular prediction quality metric, of implementing the particular candidate feature processing transformation, and (b) a cost estimate indicative of an effect, on a particular run-time performance metric associated with the particular prediction run-time goal, of implementing the particular candidate feature processing transformation;
generate, based at least in part on the quality estimate and at least in part on the cost estimate, a feature processing proposal to be provided to the client for approval, wherein the feature processing proposal includes a recommendation to implement the particular feature processing transformation; and
in response to an indication of approval from the client, execute a machine learning model trained using a particular processed variable obtained from the particular feature processing transformation.

US Pat. No. 10,169,714

MODULAR ARRAY OF VERTICALLY INTEGRATED SUPERCONDUCTING QUBIT DEVICES FOR SCALABLE QUANTUM COMPUTING

INTERNATIONAL BUSINESS MA...

1. A quantum device comprising:a first substrate including a first set of locations;
a second substrate including a second set of locations; and
qubit chips having a first end positioned at the first set of locations and having a second end positioned at the second set of locations, wherein at least one of the qubit chips is configured to be removable.

US Pat. No. 10,169,713

REAL-TIME ANALYSIS OF PREDICTIVE AUDIENCE FEEDBACK DURING CONTENT CREATION

International Business Ma...

1. A method for providing and utilizing predictive feedback during content creation in real-time comprising:obtaining demographic data for profile generation from a viewer profile database;
receiving, by a server computer via a network adapter or interface from a user-computing device, an author-created electronic document during creation of the electronic document in real-time, the electronic document selected from a group consisting of a text file, a video file, and an audio file;
receiving, by the server computer, an intended audience specification for the received electronic document;
receiving, by the server computer from the user-computing device, a similarity score threshold;
calculating by the server computer a similarity score for a plurality of viewer profiles, the viewer profiles generated via obtaining of the demographic data and a viewer profile member assay via each viewer wearing one or more wearable sensors while consuming sample digital content;
determining by the server computer which viewer profiles have similarity score equal to or exceeding the similarity score threshold and storing the determined viewer profiles;
calculating by the server computer an individual interest level and an individual emotional response of the determined viewer profiles for a portion of the received electronic document by presentation of a graphic user interface, the individual interest level indicating a level of interest each viewer profile of the determined viewer profiles is likely to express regarding the portion of the received electronic document and the individual emotional response indicting indicating an emotional response anticipated for the portion of the electronic document for each viewer profile of the determined viewer profiles;
transmitting, by the server computer to the user-computing device, the individual interest level and the individual emotional response of the determined viewer profiles, weighting the individual interest level and individual emotional response of the determined viewer profiles according to the similarity score; and
modifying automatically by the server computer in real-time the portion of the received electronic document to improve the individual interest level of the determined viewer profiles and the individual emotional response of the determined viewer profiles by automatically altering objectionable language by the server computer including text, if the received electronic document is the text file, or by automatically bleeping out offensive words by the server computer if the received electronic document is the video file or the audio file.

US Pat. No. 10,169,712

DISTRIBUTED, PREDICTIVE, DICHOTOMOUS DECISION ENGINE FOR AN ELECTRONIC PERSONAL ASSISTANT

Telepathy IP Holdings, G...

1. A method comprising:receiving on a personal electronic device an environmental input from a user;
if the environmental input cannot be fully processed on the personal electronic device, the personal electronic device forwarding the environmental input to a remote device via a communication link while registering input from the user, processing the environmental input on the remote device, and the remote device returning a response for processing on the personal electronic device based on the environmental input; and
if the environmental input can be fully processed on the personal electronic device, fully processing the environmental input on the personal electronic device.

US Pat. No. 10,169,711

GENERALIZED ENGINE FOR PREDICTING ACTIONS

Google LLC, Mountain Vie...

1. A prediction computer system comprising one or more computers and one or more storage devices storing instructions that are operable, when executed by the one or more computers, to cause the one or more computers to perform operations comprising:receiving, by the prediction computer system, a query requesting one or more predicted activities that are likely to be performed by users having a particular attribute;
determining, by the prediction computer system, a plurality of matching sessions from user session data of a plurality of users, each matching session of the plurality of matching sessions being a user session for a user having the particular attribute of the query, wherein each user session for each user of the plurality of users includes data representing one or more user activities performed by the user during a particular time period,
wherein the user session data is partitioned into a plurality of shards, each shard of the plurality of shards being stored on one of multiple index servers of the prediction computer system, wherein the index servers include a root server and a plurality of leaf servers;
computing, by the prediction computer system for each activity of a plurality of activities represented in the matching sessions, a respective lower bound of a number of distinct users having data contributing to the activity in the matching sessions for the activity,
wherein computing a lower bound for an activity comprises:
hashing, by each leaf server for each matching session, a portion of a respective user identifier associated with the matching session to generate one or more user key positions for the matching session,
generating, by each leaf server for each activity of one or more activities occurring in the matching sessions stored in the shard assigned to the leaf server, a respective merged user key for the activity including setting each position in the merged user key indicated by any user key position generated for matching sessions having the activity,
generating, by the root server for each activity of one or more activities occurring in the matching sessions, an overall merged user key for the activity including setting each position in the overall merged user key indicated by any set position in any merged user key received from the leaf servers for matching sessions having the activity, and
computing, by the root server for each activity of one or more activities occurring in the matching sessions, a count of positions that are set in the overall merged user key for the activity;
computing, by the prediction computer system, for each user activity of one or more activities having a lower bound that satisfies a threshold:
a respective first score representing a likelihood that the user activity occurs in the plurality of matching sessions;
a respective second score representing a likelihood that the user activity occurs in any of the user sessions of the user session data;
a respective third score that measures a relative magnitude of the first score compared to the second score;
designating, as the one or more predicted activities, one or more of the user activities having a third score that satisfies a threshold; and
providing, by the prediction computer system and based on the designation of the one or more user activities as the one or more predicted activities, data representing a respective predicted activity for each of the one or more predicted activities.

US Pat. No. 10,169,710

AUTOMATED DECISION SUPPORT PROVENANCE AND SIMULATION

INTERNATIONAL BUSINESS MA...

1. A computer-implemented method for supporting a decision making process, comprising:generating, by at least one computer, a graph that represents a decision making process, the graph comprising a plurality of nodes and a plurality of edges connecting the nodes, the nodes representing local decisions contributing to a global decision of the decision making process, each node associated with one or more parameters used for modeling the local decision represented by the node, each edge associated with one or more parameters used for defining a relationship between two nodes connected by the edge;
simulating, by the at least one computer, the graph based at least in part on the parameters of the nodes and edges to derive an output global decision of the decision making process;
receiving a change to at least one of the parameters for at least one of the nodes and edges of the graph from a user; and
simulating the graph based at least in part on the at least one changed parameter to determine that the output global decision of the decision making process changes.

US Pat. No. 10,169,709

AVOIDING INCOMPATIBILITY BETWEEN DATA AND COMPUTING PROCESSES TO ENHANCE COMPUTER PERFORMANCE

SAS INSTITUTE INC., Cary...

1. A non-transitory computer readable medium comprising program code executable by a processor for causing the processor to:receive a plurality of time series, each time series of the plurality of time series comprising respective data points arranged in a sequential order over a respective period of time;
determine that a first time series in the plurality of time series is compatible with a three-stage forecasting process by:
determining that the first time series spans at least a minimum time duration usable with the three-stage forecasting process;
determining that the first time series does not include a time period with inactivity as indicated by a timespan of at least a predetermined length with data points having magnitude values below a predetermined magnitude-threshold;
identifying a pattern of data-point magnitudes in the first time series indicating that the first time series exhibits a seasonal characteristic, the seasonal characteristic being a repetitive characteristic that repeats over a predetermined time period;
determining that the first time series comprises a magnitude spike with a value above a preset magnitude threshold by analyzing a plurality of data-point magnitudes in the first time series, the magnitude spike indicating a moving event that occurs on different days for at least two consecutive years; and
in response to determining that the first time series (i) spans at least the minimum time duration, (ii) lacks the time period with inactivity, (iii) exhibits the seasonal characteristic, and (iv) comprises the magnitude spike with the value above the preset magnitude threshold, determining that the first time series is compatible with the three-stage forecasting process;
subsequent to determining that the first time series is compatible with the three-stage forecasting process:
identify a plurality of time-series groups that are compatible with the three-stage forecasting process;
determine that the first time series is to be incorporated into a particular time-series group among the plurality of time-series groups by:
determining an attribute of the first time series, the attribute comprising a frequency of events in the first time series, a timing of events in the first time series, an average percentage of lift with respect to a base time series, or a maximum percentage of lift with respect to the base time series;
using the attribute of the first time series as input for a clustering method; and
receiving the particular time-series group as output from the clustering method;
in response to receiving the particular time-series group as output from the clustering method, incorporate the first time series into the particular time-series group; and
subsequent to incorporating the first time series into the particular time-series group, generate a predictive forecast based on at least two time series in the particular time-series group using the three-stage forecasting process, the predictive forecast indicating interest in an object over a future period of time;
determine that a second time series in the plurality of time series is incompatible with the three-stage forecasting process; and
in response to determining that the second time series is incompatible with the three-stage forecasting process, generate another predictive forecast based on the second time series using another forecasting process that is different from the three-stage forecasting process and thereby avoid consuming computing resources due to the incompatibility between the second time series and the three-stage forecasting process.

US Pat. No. 10,169,706

CORPUS QUALITY ANALYSIS

International Business Ma...

1. A method, in a data processing system comprising a processor and a memory, the memory comprising instructions executed by the processor to specifically configure the processor to implement a corpus quality analysis system for corpus quality analysis, the method comprising:applying, by the corpus quality analysis system, at least one filter to a candidate corpus to determine a degree to which the candidate corpus supplement existing corpora for performing a natural language processing (NLP) operation, wherein the at least one filter comprises a first filter to determine whether documents in the candidate corpus contain NLP features known to be helpful for performing the NLP operation, wherein applying the first filter comprises:
extracting a set of the most frequent NLP features from a combination of the current corpora and candidate corpus;
examining evidence and candidate answers for questions answered correctly and incorrectly using the combination of the current corpora and candidate corpus;
determining a set most effective features from the set of the most frequent NLP feature using a machine learning model based on the evidence and candidate answers;
determining a number of the set of most effective features that are present in the candidate corpus; and
comparing the number of the set of most effective features that are present in the candidate corpus to the set of prerequisites for adding the candidate corpus to the existing corpora;
responsive to a determination to add the candidate corpus to the existing corpora based on a result of applying the at least one filter, adding, by the corpus quality analysis system, the candidate corpus to the existing corpora to form modified corpora; and
performing, by a question answering system executing in the data processing system, the NLP operation using the modified corpora.

US Pat. No. 10,169,705

SYSTEM, METHOD, AND RECORDING MEDIUM FOR GEOFENCE FILTERING

INTERNATIONAL BUSINESS MA...

1. A geofence filtering system comprising:a user location monitoring circuit configured to monitor a pinpoint location of a user and a boundary location of the user;
a geofence determining circuit configured to determine a plurality of geofences that overlap with the boundary location of the user, the plurality of geofences being stored in a database; and
a cognitive filtering and ranking circuit configured to filter the plurality of geofences that overlap with the boundary location of the user according to a set of behavioral measures of the user over a period of time mapped to a set of feature nodes and vectors, feature nodes and vectors corresponding to the behavioral measures' representations in a lower dimensional feature space, the mapped data being used to identify an emergence of a certain cognitive state over the period of time as a representation of the user's total behavior.

US Pat. No. 10,169,704

ARTIFICIALLY INTELLIGENT COMMUNICATION GENERATION IN COMPLEX COMPUTING NETWORKS

Research New Group, Inc.,...

1. An apparatus for artificially intelligent (AI) communication generation by traversing routes of a graph in a complex computing network, the intelligent communication generation being used for determining whether an input signal has desired signal attributes, the intelligent communication generation and the traversing of the graph being rooted in computing technology, the apparatus comprising:a signal communication interface for:
establishing a first connection to a first input signal system;
receiving, from the first input signal system, a first desired signal attribute and a second desired signal attribute;
establishing a second connection to a second input signal system;
receiving, from the second input signal system, a first input signal;
establishing a third connection to a third input signal system;
accessing a graph stored at the third input signal system, the graph comprising a plurality of signal attributes and routes between at least some of the signal attributes in the plurality of signal attributes;
transmitting communications to a first computing device associated with the first input signal; and
receiving responses to the communications from the first computing device associated with the first input signal;
a signal sensor for:
sensing a first signal attribute associated with the first input signal;
a memory for storing instructions for execution by a signal processor; and
the signal processor for:
determining the first signal attribute is equivalent to the first desired signal attribute;
determining, for the first input signal, a second signal attribute not sensed by the signal sensor, the second signal attribute being equivalent to the second desired signal attribute;
generating a first communication for transmission to the first computing device;
determining, based on a first response to the first communication, an intermediary signal attribute for the first input signal;
generating, based on a route connecting, either directly or indirectly, the intermediary signal attribute with the second signal attribute on the graph, a second communication for transmission to the first computing device; and
determining, based on a second response to the second communication, that the second signal attribute is associated with the first input signal.

US Pat. No. 10,169,703

SYSTEM AND METHOD FOR ANALOGY DETECTION AND ANALYSIS IN A NATURAL LANGUAGE QUESTION AND ANSWERING SYSTEM

International Business Ma...

1. A method, in an information handling system comprising a processor and a memory, for evaluating an analogical pattern, the method comprising:applying, by the system, natural language processing to an information source to identify a first analogical pattern comprising a subject term, a first verb phrase, a comparator term, a second verb phrase, and an object term;
applying, by the system, deep analysis to refine the first analogical pattern terms based on semantic analysis into corresponding entities, ontology, and characteristics, thereby forming metadata for the first analogical pattern;
generating, by the system, interpretations of different combinations of the first analogical pattern terms and the metadata;
scoring, by the system, each interpretation for each of the different combinations; and
selecting a first interpretation exceeding a predetermined threshold for interpretation of the analogical pattern, thereby evaluating the first analogical pattern.

US Pat. No. 10,169,702

METHOD FOR SEARCHING RELEVANT IMAGES VIA ACTIVE LEARNING, ELECTRONIC DEVICE USING THE SAME

HTC Corporation, Taoyuan...

1. A method of searching relevant images via active learning, adapted for a mobile electronic device comprising a plurality of stored images, comprising:obtaining a query image comprising a first subject and a second subject, wherein the query image initiates a process of searching a plurality of relevant images;
learning a query concept based on content information of the query image by:
sampling a plurality of first sample images from the stored images according to the content information of the query image, wherein the content information is extracted from content-related metadata of the query image;
providing the first sample images for selection, wherein the first sample images comprising an image having the first subject, an image having the second subject, and an image having both the first and second subjects;
obtaining a first selected image selected from the first sample images; and
determining the content information of the first selected image as the query concept;
refining the query concept based on context information of the first selected image extracted from context-related metadata by:
sampling a plurality of second sample images from the stored images according to context information of the first selected images for selection;
obtaining a second selected image selected from the second sample images; and
determining the context information of the second selected image as the query concept in addition to the content information of the first selected image; and
searching the relevant images among the stored images according to the query concept and grouping the relevant images into a collection album.

US Pat. No. 10,169,701

NEURON PERIPHERAL CIRCUITS FOR NEUROMORPHIC SYNAPTIC MEMORY ARRAY BASED ON NEURON MODELS

International Business Ma...

1. A neuromorphic memory system comprising:a plurality of neuromorphic memory arrays, each of the neuromorphic memory arrays including rows and columns of neuromorphic memory cells;
a column of postsynaptic circuits, each of the postsynaptic circuits electrically coupled to a plurality of postsynaptic spike timing dependent plasticity (STDP) lines, each of the postsynaptic STDP lines coupled to a row of neuromorphic memory cells at a respective memory array of the memory arrays;
a column of summing circuits, each of the summing circuits electrically coupled to a plurality of postsynaptic leaky integrate and fire (LIF) lines, each of the postsynaptic LIF lines coupled to the row of neuromorphic memory cells at the respective memory array, each of the summing circuits providing a sum of signals from the postsynaptic LIF lines to a respective postsynaptic circuit of the postsynaptic circuits.

US Pat. No. 10,169,700

NEUROMORPHIC NETWORK COMPRISING ASYNCHRONOUS ROUTERS AND SYNCHRONOUS CORE CIRCUITS

International Business Ma...

1. A method comprising:at a scheduler for a core circuit of a neural network including a plurality of hardware core circuits:
receiving one or more address-event packets that are asynchronously communicated between the core circuits via a plurality of asynchronous routers;
decoding each of the one or more address-event packets;
storing one or more spikes decoded from the one or more address-event packets into a memory of the scheduler, wherein each spike is scheduled for delivery in a future time step; and
in response to receiving a synchronization signal indicating occurrence of a time step:
reading, from the memory, one or more spikes scheduled for delivery in the time step; and
sending the one or more spikes scheduled for delivery in the time step to one or more electronic axons of the core circuit;
wherein each core circuit comprises a processing circuit configured for processing and integrating spikes delivered to electronic axons of the core circuit;
wherein the synchronization signal is distributed to the core circuits simultaneously to synchronize processing of spikes at the core circuits; and
wherein the asynchronous routers operate at a clock speed that is faster than the core circuits.

US Pat. No. 10,169,699

COGNITIVE INTERACTIVE ELEVATOR ASSISTANT

International Business Ma...

1. A computer system for providing an interactive elevator assistant, comprising:one or more processors, one or more computer-readable memories, one or more computer-readable tangible storage devices, and program instructions stored on at least one of the one or more storage devices for execution by at least one of the one or more processors via at least one of the one or more memories, wherein the computer system is capable of performing a method comprising:
identifying a plurality of amenities associated with a property, and identifying a plurality of location-based features within a vicinity outside of the property, wherein identifying a plurality of amenities comprises querying a database to identify the plurality of amenities, querying a first application to identify the plurality of amenities, and receiving a plurality of property information from an administrator via a user interface;
wherein the identified plurality of amenities are located on the property;
wherein the identified plurality of location-based features are located within a vicinity outside of the property;
mapping the plurality of identified amenities to one or more floor levels associated with the property;
storing the plurality of identified and mapped amenities;
receiving user input from a user located on an elevator associated with the property;
in response to determining that the received user input comprises at least one amenity associated with the stored plurality of identified and mapped amenities, determining the one or more floor levels on the property that are associated with the at least one amenity and triggering the elevator to navigate to the determined one or more floor levels;
in response to determining that the received user input comprises at least one location-based feature associated with the plurality of location-based features within the vicinity outside of the property, sending the received user input to a second application for processing; and
providing a response to the user on the elevator based on the determined one or more floor levels and the processed received user input via the first application and the second application, wherein the response comprises at least one of an audible acknowledgement of the determined one or more floor levels that the elevator is triggered to navigate to, and an audible application response based on the received application response.

US Pat. No. 10,169,696

RFID SYSTEM FOR CHECKING MEDICAL ITEMS

OSCL CORPORATION LIMITED,...

1. A RFID system for checking medical items comprising:a processor;
a first RFID reader connected with the processor;
a second RFID reader connected with the processor;
a first antenna connected to the first RFID reader and covering a first coverage area;
a second antenna connected to the second RFID reader and covering a second coverage area;
a first tray disposed in the first coverage area;
a second tray disposed in the second coverage area; and
a plurality of RFID tags being respectively attached to a plurality of medical items;
wherein the RFID tags are configured to store identification codes that respectively and uniquely correspond to the medical items that the RFID tags are attached to;
the first RFID reader only reads the identification codes of the medical items from the RFID tags through the first antenna and send the identification codes to the processor before a surgical operation, the second RFID reader only reads the identification codes of the medical items from the RFID tags through the second antenna and send the identification codes to the processor after the surgical operation;
the first tray is adapted to load the medical items before the surgical operation, the second tray is adapted to load at least one of the medical items moved from the first tray during the surgical operation;
the first coverage area and the second coverage area are mutually exclusive;
wherein the processor stores a first predetermined standard list of the medical items to be loaded in the first tray before the surgical operation, and a second predetermined standard list of the at least one of the medical items to be loaded in the second tray during the operation, and wherein the processor generates a list of missing medical items and a warning after determining that a sum of total numbers of the medical items in the first tray and the second tray after the operation are not identical with a total number of the medical items in the first tray before the operation; and
wherein the first and second trays are open trays.

US Pat. No. 10,169,695

REMOVABLE MARKING ELEMENT WITH ACCESS CREDENTIALS

VISA INTERNATIONAL SERVIC...

1. A method comprising:a) obtaining, by a mobile device, a non-transactable product identifier by obtaining a machine readable code associated with a removable marking element adapted to adhere to skin, wherein the removable marking element includes an integrated circuit that is configured to transmit a first transactable access credential associated with a first account over a wireless communication channel to an access device during a transaction, the removable marking element being in the form of a temporary tattoo; and
b) transmitting, by the mobile device, to a server computer, a message comprising the non-transactable product identifier, a value, and a second transactable access credential associated with a second account, wherein the server computer identifies the first account based on the non-transactable product identifier, and wherein the server computer loads the first account with the value from the second account.

US Pat. No. 10,169,694

OVERLAPPING ANTENNA ARRAYS FOR GAMING

Magnet Consulting, Inc., ...

1. A system for locating gaming tokens on a gaming table, comprising:a first set of antennas oriented in a first direction, wherein the first set of antennas defines a betting area of the gaming table;
a second set of antennas oriented in a second direction that differs from the first direction, wherein the first set and the second set are overlapping; and
a control circuit, coupled to the first and second sets, that is configured to selectively energize the first and second sets, that is configured to receive a first plurality of signal strengths resulting from detecting a radio frequency identification (RFID) gaming token in the betting area according to the first set being selectively energized, that is configured to receive a second plurality of signal strengths resulting from detecting the RFID gaming token in the betting area according to the second set being selectively energized, and that is configured to determine a location of the RFID gaming token in the betting area by comparing the first plurality of signal strengths and the second plurality of signal strengths.

US Pat. No. 10,169,691

COVERT COATING FOR AUTHENTICATION OF MATERIALS

Spectra Systems Corporati...

1. A security feature for authenticating an article comprising:at least one emitter material that generates a visible broad range emission within an emission band in response to a first excitation; and
at least one absorber material that upon exposure to said first excitation absorbs a non-visibly detectable portion of said broad range emission and upon exposure to a second excitation within said emission band and at a wavelength different than said first excitation absorbs a different non-visibly detectable portion of said broad range emission creating a non-visibly detectable spectral response shift in said broad emission range,
wherein said non-visibly detectable shift in spectral response is a machine detectable shift in a spectral characteristic of said emission.

US Pat. No. 10,169,690

COMMUNICATION DEVICE THAT COMMUNICATES WITH EXTERNAL DEVICE, CONTROL METHOD FOR THE SAME, AND STORAGE MEDIUM

CANON KABUSHIKI KAISHA, ...

1. A communication device that utilizes an internet protocol (IP) address for data communication with an external device, the communication device comprising:a display device; and
at least one processor configured to control the display device so as to display a QR image including an IPv4 address of the communication device when the IPv4 address of the communication device is to be used by the communication device for data communication,
wherein when the IPv4 address of the communication device is not to be used by the communication device for data communication and an IPv6 address of the communication device is to be used by the communication device for data communication, the display device does not display a QR image including the IPv6 address of the communication device so that the external device does not obtain the IPv6 address of the communication device from the communication device.

US Pat. No. 10,169,689

WIRELESS IC DEVICE, CLIP-SHAPED RFID TAG, AND ARTICLE HAVING RFID TAG

MURATA MANUFACTURING CO.,...

1. A wireless IC device comprising:an object including a metal body;
a loop conductor including a first loop end and a second loop end;
an RFIC element including a first terminal electrode and a second terminal electrode respectively connected to the first loop end and the second loop end; and
a connection conductor including a first end and a second end respectively connected to the loop conductor and the object; wherein
a loop surface of the loop conductor extends along a surface of the object.

US Pat. No. 10,169,688

METHOD OF ENHANCING QUALITY OF IMAGE OBJECT INCLUDED IN COMPOUND DOCUMENT AND APPARATUS FOR PERFORMING THE METHOD

S-Printing Solution Co., ...

1. A method of enhancing quality of an image object included in a compound document comprising two or more types of objects, the method comprising:receiving a printing command to print the compound document, the printing command including a plurality of divided raster commands corresponding to the image object;
merging the plurality of divided raster commands corresponding to the image object;
assigning a group identification (ID) to a group of the merged raster commands;
applying an image enhancement algorithm to the merged raster commands;
re-dividing the merged raster commands;
assigning group information comprising the group ID, a number of commands included in the group, and positions of the re-divided raster commands in the group, to raster commands that are re-divided from the merged raster commands;
encoding data corresponding to the printing command by using a printer control language (PCL); and
outputting the encoded data.

US Pat. No. 10,169,687

PRINTING APPARATUS, PRINTING SYSTEM, AND PRINTING METHOD

Canon Kabushiki Kaisha, ...

1. A printing apparatus that can print an image of a printing target on a medium having a predetermined shape, the printing apparatus comprising at least one processor, the at least one processor control:a determination unit configured to determine whether or not predetermined processing in accordance with the predetermined shape is executed on the image of the printing target;
an execution unit configured to execute the predetermined processing on the image of the printing target in a case where the determination unit determines that the predetermined processing is not executed on the image of the printing target; and
a printing unit configured to print the image of the printing target on which the predetermined processing is executed by the execution unit on the medium having the predetermined shape,
wherein, in a case where the determination unit determines that the predetermined processing is executed on the image of the printing target, the printing unit prints the image of the printing target in which the determination unit determines that the predetermined processing is executed and also on which the predetermined processing is not executed by the execution unit.

US Pat. No. 10,169,686

SYSTEMS AND METHODS FOR IMAGE CLASSIFICATION BY CORRELATING CONTEXTUAL CUES WITH IMAGES

Facebook, Inc., Menlo Pa...

1. A system comprising:at least one processor; and
a memory storing instructions configured to instruct the at least one processor to perform:
receiving a sample set of images from which images are selected to train an image classifier associated with a plurality of image classes, at least one image in the sample set associated with one or more social cues, the one or more social cues comprising reliability of at least one of a generator or a tagger of the at least one image based on interactions of the at least one of the generator or the tagger on a social networking system;
scoring correlation of the at least one image in the sample set with an image class of the plurality of image classes based on the one or more social cues, wherein
each image class of the plurality of image classes is associated with depiction of an object, action, or concept, and
the scoring comprises generating a score indicative of an extent to which the at least one image depicts the image class; and
determining a training set of images to train the classifier from the sample set based on the scoring.

US Pat. No. 10,169,685

AUTOMATIC SEGMENTATION AND QUANTITATIVE PARAMETERIZATION OF BRAIN TUMORS IN MRI

The Regents of the Univer...

1. A method for processing a magnetic resonance imaging (MRI) image, comprising:preprocessing the MRI image to correct distortions;
performing, after the preprocessing, a preliminary segmentation of the MRI image to assign a tissue label of a set of tissue labels to one or more preliminary volumes of voxels of the MRI image;
comparing each voxel of the MRI image with the one or more preliminary volumes of voxels with an assigned tissue label and assigning each voxel of the MRI image a probability of being associated with each tissue label of the set of tissue labels; and
assigning each voxel of the MRI image a tissue label according to its greatest probability among probabilities for each voxel being associated with the set of tissue labels,
wherein the comparing and assigning is performed using a classifier trained on a subject-by-subject basis that segments each patient according to his or her own subject-specific classifier by using both intensity and spatial data from each voxel, and
wherein a weighted random sampling of the one or more preliminary volumes of voxels of the MRI image is used to train the classifier such that weights for sampling reflect a relative distribution of voxels assigned to tissue labels from preliminary segmentation.

US Pat. No. 10,169,684

METHODS AND SYSTEMS FOR RECOGNIZING OBJECTS BASED ON ONE OR MORE STORED TRAINING IMAGES

IntelliVision technologie...

1. An object recognition system, comprising of:a processor;
a non-transitory storage element coupled to the processor;
encoded instructions stored in the non-transitory storage element,
wherein the encoded instructions when implemented by the processor, configure the object recognition system to:
generate a signature for an input image of an object by an image signature generation unit, wherein the image signature generation unit is further comprising of:
a feature detection unit configured to detect one or more feature points in the input image; and
a feature description unit configured to compute a description for each feature point of the one or more the feature points, wherein the feature description unit is further configured to:
identify a dominant gradient direction in a region around the feature point, wherein an angle of the dominant gradient direction is ?;
center a patch around the feature point, wherein the patch is tilted at the angle ?;
divide the patch in R segments;
compute a vector of length N for each segment of the R segments, wherein the vector is computed based on a horizontal gradient (dx) and a vertical gradient (dy) corresponding to each pixel in the segment;
compute a consolidated vector of length R*N by consolidating vectors computed for all the R segments; and
compute a byte vector of length R*N, wherein the byte vector is computed by normalizing the consolidated vector, wherein the byte vector is the description of the feature point;
whereby, the signature of the input image comprises the description corresponding to each of the one or more feature points in the input image;
store the set of training images in a data storage, wherein each training image of the set of training images is associated with one or more training feature descriptors, the data storage further comprising:
an index mapping unit configured to create an index mapping based on training feature descriptors; and
identify a matching image of the set of training images by a search engine comparing the signature of the input image with the training feature descriptors using the index mapping.

US Pat. No. 10,169,683

METHOD AND DEVICE FOR CLASSIFYING AN OBJECT OF AN IMAGE AND CORRESPONDING COMPUTER PROGRAM PRODUCT AND COMPUTER-READABLE MEDIUM

Thomson Licensing, Issy ...

1. A method for classifying an object of a current image, a plurality of first landmarks representative of the shape of said object being associated with the current image, a first unique identifier being associated with each first landmark, the method comprising:for at least a first landmark selected among the plurality of first landmarks, obtaining at least a first descriptor describing an area of the current image comprising said at least first selected landmark,
said at least first landmark being selected when its first identifier corresponds to a second identifier of a second landmark, a second descriptor of which being used in a classifier for classifying said object, wherein said classifier is an iterative classifier implementing a plurality of iterations, wherein, from the second iteration, each iteration uses the result of the previous iteration; and
determining information representative of confidence of said shape according to said at least first descriptor and according to weighting information associated with said second descriptor.

US Pat. No. 10,169,682

IMAGE PROCESSING DEVICE

NK WORKS CO., LTD., Waka...

1. An image processing device for sorting frames included in one mixed time-lapse moving image into different channels, the mixed time-lapse moving image being a moving image wherein a plurality of moving images recorded using a time-lapse method are mixed on one time-line, the frames included in the mixed time-lapse moving image being a mixture of frames belonging to the different channels, comprisingan automatic sorting unit of a computer configured to calculate a similarity degree of the plurality of frames included in the mixed time-lapse moving image by performing image processing on the frames, and sort the plurality of frames into the plurality of channels based on the similarity degree;
a re-sorting unit of the computer configured to accept, from a user, an association operation of individually associating at least one non-sorted frame, which is not automatically sorted by the automatic sorting unit, with any of the plurality of channels, and individually sort the non-sorted frame to any of the plurality of channels based on content of the association operation; and
wherein the re-sorting unit is configured to accept, from the user, an instruction to reproduce frames belonging to a channel selected from the plurality of channels by the user, and display, in a display unit connected to the computer, the frames belonging to the selected channel sequentially along the time-line in a frame-by-frame format upon detecting the instruction,
wherein reproduction of the channel selected is enabled regardless of specifications by the which the moving image is recorded.

US Pat. No. 10,169,681

QUALITY CONTROL OF IMAGE REGISTRATION

Koninklijke Philips N.V.,...

1. An imaging quality control system, comprising:an imaging quality controller operable to execute an image processing of subject image data of an anatomical object,
wherein the image processing is at least one of a non-segmentation-based image registration and a segmentation-based image registration,
wherein the imaging quality controller is further operable to assess an accuracy of the image processing of the subject image data of the anatomical object as a function of a subject Eigen weight set relative to a training Eigen weight range set,
wherein the subject Eigen weight set is derived from the subject image data of the anatomical object, and
wherein the training Eigen weight range set is derived from multiple training image data of the anatomical object; and
a monitor in communication with the imaging quality controller to display an assessment of the accuracy of the image processing of the subject image data of the anatomical object by the imaging quality controller.

US Pat. No. 10,169,680

OBJECT IDENTIFICATION AND LABELING TOOL FOR TRAINING AUTONOMOUS VEHICLE CONTROLLERS

LUMINAR TECHNOLOGIES, INC...

1. A computer-implemented method for identifying and labeling objects within images for training machine-learning based models that are used to autonomously control vehicles, the method comprising:displaying, on a user interface, a three-dimensional (3-D) image of an environment in which vehicles operate, the 3-D environment image depicting one or more physical objects located in the environment, and the 3-D environment image presented on the user interface from a first perspective view;
receiving, via one or more user controls provided by the user interface and displayed on the user interface in conjunction with the 3-D environment image from the first perspective view, an indication of a graphical representation of a boundary of a particular object as depicted within the 3-D environment image from the first perspective view;
generating, based on the graphical representation, data indicative of the boundary of the particular object within the 3-D environment image from the first perspective view;
obtaining an indication of a particular label for the particular object, the particular label uniquely identifying the particular object;
generating, based on the data indicative of the boundary of the particular object within the 3-D environment image from the first perspective view, an association between the particular label uniquely identifying the particular object and a 3-D image of the particular object within the 3-D environment image, thereby distinguishing the 3-D image of the particular object within the 3-D environment image;
storing an indication of the association between the particular label uniquely identifying the particular object and the 3-D image of the particular object within the 3-D environment image in one or more tangible, non-transitory memories as a part of a training data set utilized to train one or more machine-learning based models, the one or more machine-learning based models used to autonomously control vehicles;
receiving, via the one or more user controls, an instruction to present the 3-D environment image on the user interface from a second perspective view different than the first perspective view, and based on the received view perspective instruction, adjusting a presentation of the 3-D environment image on the user interface to be from the second perspective view so that the 3-D environment image from the second perspective view and the graphical representation of the boundary of the particular object are displayed on the user interface;
receiving, via the one or more user controls, an indication of a refinement to the graphical representation of the boundary of the particular object as depicted within the 3-D environment image from the second perspective view;
generating, based on the refined graphical representation, data indicative of the boundary of the particular object within the 3-D environment image from the second perspective view; and
updating, based on the data indicative of the boundary of the particular object within the 3-D environment image from the second perspective view, the stored indication of the association between the particular label uniquely identifying the particular object and the 3-D image of the particular object within the 3-D environment image, thereby refining the distinguishing of the 3-D image of the particular object within the 3-D environment image.

US Pat. No. 10,169,678

OBJECT IDENTIFICATION AND LABELING TOOL FOR TRAINING AUTONOMOUS VEHICLE CONTROLLERS

LUMINAR TECHNOLOGIES, INC...

1. A computer-implemented method for identifying and labeling objects within images for training machine-learning based models that are used to autonomously operate vehicles, the method comprising:displaying, on a first display area of a user interface, a three-dimensional (3-D) video of an environment in which vehicles operate, the 3-D environment video including respective 3-D images of one or more physical objects located in the environment;
displaying, on a second display area of the user interface and in a time-synchronized manner with the 3-D video, a two-dimensional (2-D) video of at least a portion of the environment depicted in the 3-D environment video so that an image of the environment that was obtained at a particular time and that is included in the 2-D video is presented simultaneously on the user interface with an image of the environment that was obtained at the particular time and that is included in the 3-D video;
receiving, via one or more user controls provided by the user interface, an indication of a boundary of a particular physical object depicted within a 3-D environment image included in the 3-D video;
generating data indicative of the boundary of the particular physical object within the 3-D environment image;
receiving an indication of a particular label for the particular physical object;
associating the particular label for the particular physical object with the data indicative of the boundary of the particular physical object within the 3-D environment image, thereby distinguishing a set of data points that are representative of the particular physical object within the 3-D environment image from other data points included in the 3-D environment image; and
storing an indication of the association between the particular label and the data indicative of the boundary of the particular physical object within the 3-D environment image in one or more tangible memories as a part of a training data set utilized to train one or more machine-learning based models, the one or more machine-learning based models used to autonomously operate vehicles.

US Pat. No. 10,169,677

COUNTING STACKED INVENTORY USING IMAGE ANALYSIS

Amazon Technologies, Inc....

1. A computing system, comprising:a processor; and
a memory coupled to the processor and storing program instructions that when executed by the processor causes the processor to at least:
receive from a first camera a first image of an inventory location, wherein the first image includes a representation of a plurality of inventory items vertically stacked and located at the inventory location;
determine from an inventory location data store, an item type corresponding to the inventory location;
select a first histogram of oriented gradients (“HOG”) model and a second HOG model, wherein:
the first HOG model corresponds to the item type and is representative of a first vertical stack of a first quantity of an item of the item type;
the second HOG model corresponds to the item type and is representative of a second vertical stack of a second quantity of the item of the item type, wherein the first quantity and the second quantity are different;
process the first image to generate an inventory item feature vector representative of the plurality of inventory items vertically stacked and represented in the first image;
compare the inventory item feature vector with the first HOG model and the second HOG model;
determine that the inventory item feature vector substantially matches the first HOG model; and
in response to a determination that the inventory item feature vector substantially matches the first HOG model, determine an inventory item count representative of a number of inventory items vertically stacked at the inventory location to be the first quantity.

US Pat. No. 10,169,676

SHAPE-BASED REGISTRATION FOR NON-RIGID OBJECTS WITH LARGE HOLES

VanGogh Imaging, Inc., M...

1. A computerized method for closed-form 3D model generation of non-rigid complex objects from scans with large holes, the method comprising:receiving, by an image processing module of a computing device, (i) a partial scan of a non-rigid complex object captured by a sensor coupled to the computing device, (ii) a partial 3D model corresponding to the non-rigid complex object, and (iii) a whole 3D model corresponding to the non-rigid complex object, wherein the partial scan and the partial 3D model each includes one or more large holes;
performing, by the image processing module, a rough match between the partial 3D model and the partial scan;
changing, by the image processing module, the whole 3D model using the rough match to generate a deformed 3D model;
refining, by the image processing module, the deformed 3D model using a deformation graph;
reshaping, by the image processing module, the refined deformed 3D model to have greater detail; and
adjusting, by the image processing module, the refined deformed 3D model according to the reshaped 3D model to generate a closed-form 3D model that closes the one or more large holes in the partial scan.

US Pat. No. 10,169,675

METHOD AND APPARATUS FOR RECEIVING LISTINGS OF SIMILAR VEHICLES FROM AN IMAGE

Blinker, Inc., Denver, C...

1. A mobile apparatus, comprising:an image sensor configured to convert an optical image into an electrical signal, the optical image including an image of a vehicle license plate;
a storage for storing instructions;
a processor communicatively coupled to the storage, the processor configured to retrieve the instructions;
a license plate detector, which when executed by the processor:
processes the electrical signal to identify one or more object images from the image, each of said one or more images comprising a candidate vehicle license plate image,
processes the electrical signal to crop the image to said identified one or more of the object images,
processes the electrical signal to score each of the cropped one or more of the object images based on a probability that the cropped object image comprises the vehicle license plate image, wherein each of the cropped one or more object images is scored by:
detecting a plurality of alphanumeric characters in the object image, and
applying a score based on a position of one of the plurality of characters relative a position of another one of the plurality of characters, and
based on the scored object images, processes, at the mobile apparatus, the electrical signal to recover information from the vehicle license plate image; and
an interface configured to transmit the vehicle license plate information to a remote apparatus and receive a listing corresponding to another vehicle in response to the transmission.

US Pat. No. 10,169,674

VEHICLE TYPE RECOGNITION METHOD AND FAST VEHICLE CHECKING SYSTEM USING THE SAME METHOD

NUCTECH COMPANY LIMITED, ...

1. A fast vehicle type recognition system, comprising:a radiation scanning and imaging device comprising a radiation source for generating radiations and a detection device for receiving radiations passing through a vehicle to be checked, wherein the radiation source images the vehicle to be checked by emitting radiations towards the target to be checked;
a laser scanner for recognizing the type of the vehicle to be checked to distinguish a first portion and a second portion of the vehicle to be checked which are separated by a gap portion; and
a control device for controlling the radiation source based on a signal from the laser scanner to emit radiations to irradiate the vehicle to be checked, wherein when the first portion of the vehicle to be checked enters into a radiation scanning region, the control device controls the radiation source to scan with a first dose; when the second portion of the vehicle to be checked enters into the radiation scanning region, the control device controls the radiation source to scan with a second dose,
wherein the laser scanner is configured to
detect that the vehicle to be checked has entered into a recognition area;
move relative to the vehicle to be checked;
scan the vehicle to be checked on a basis of columns, and storing and splice data of each column obtained by scanning to form a three-dimensional image of the vehicle to be checked, wherein a lateral width value is specified for each single column of data;
specify a height difference threshold;
determine a height difference between the height at the lowest position of the vehicle to be checked in data of column N and the height at the lowest position of the vehicle to be checked in data of specified numbers of columns preceding and/or succeeding to the column N,
if
the absolute value of the height difference is larger than the specified height difference threshold;
the heights at the lowest position of the vehicle to be checked in data of the first N columns are all in a first predetermined range;
a length corresponding to data of the first N columns is in a second predetermined range; and
a contour spliced from the data of the first N columns complies with one of predetermined contours of head portions of vehicles,
label a position of the vehicle to be checked corresponding to the data of the column N as a start position of a gap portion of the vehicle to be checked, the length corresponding to data of the first N columns being the length of the head portion of the vehicle to be checked in the three-dimensional image.

US Pat. No. 10,169,673

REGION-OF-INTEREST DETECTION APPARATUS, REGION-OF-INTEREST DETECTION METHOD, AND RECORDING MEDIUM

Canon Kabushiki Kaisha, ...

1. A region-of-interest detection apparatus comprising:a memory; and
a processor in communication with the memory, the processor configured to provide:
a segmentation unit configured to segment an input image into a plurality of partial regions;
a background region setting unit configured to set a background region in the input image;
an overlap region setting unit configured to set a plurality of overlap regions each corresponding to a region in which one of the partial regions and the background region overlap each other, and calculate a region feature amount of each of the overlap regions;
a foreground level calculation unit configured to calculate a foreground level indicating a possibility of a foreground based on the region feature amount of each of the overlap regions and a pixel feature amount of each of a plurality of pixel positions in the input image, the foreground level being calculated for each of the plurality of pixel positions;
a saliency calculation unit configured to, based on the feature amount of each of the plurality of pixel positions and a feature amount of a portion around each of the plurality of the pixel positions, calculate a saliency indicating a degree of saliency of each of the plurality of pixel positions; and
a detection unit configured to detect a region of interest based on the foreground level and the saliency of the position.

US Pat. No. 10,169,672

METHOD OF HOST-DIRECTED ILLUMINATION AND SYSTEM FOR CONDUCTING HOST-DIRECTED ILLUMINATION

DAON HOLDINGS LIMITED, G...

1. A computer-implemented method for detecting user liveness comprising:illuminating, by an illumination device included in a computing device, the face of a user while capturing, by the computing device, face biometric data of the user as a sequence of discrete images, the illumination being randomly varied in color over time;
transmitting over a network, by the computing device, the sequence of discrete images to an authentication computer system;
recognizing, by the authentication computer system, reflections in a plurality of the images, the reflections resulting from said illuminating step; and
determining, by the authentication computer system, the user is live when the reflections recognized in each image included in the plurality of images correspond to the illumination applied during said capturing step.

US Pat. No. 10,169,671

FACE DETECTION WITH TEMPERATURE AND DISTANCE VALIDATION

Motorola Mobility LLC, C...

1. A method comprising:receiving an image captured by an image capturing device;
processing the image for characteristics associated with a presence of at least one candidate face with a spatial dimension; and
in response to receiving, from the image characteristics, an initial confidence value indicating the presence of a candidate face:
detecting at least one of (i) a distance from the image capturing device to the candidate face and (ii) a temperature of the candidate face;
determining, based on the detected at least one of the distance to and the temperature of the candidate face and using known biometric characteristics of a human face, whether the candidate face is a validated candidate face;
in response to determining that the candidate face is a validated candidate face, increasing a confidence value assigned to the candidate face to a higher confidence value assigned as a final confidence value;
in response to determining that the candidate face is not a validated candidate face, decreasing the confidence value assigned to the candidate face to a lower confidence value assigned as the final confidence value;
determining whether the final confidence value is above a threshold value; and
in response to the final confidence value being above the threshold value, performing at least one action selected from among a group comprising at least one of (i) adjusting camera image controls and (ii) enabling a face recognition security component.

US Pat. No. 10,169,670

STROKE EXTRACTION IN FREE SPACE

International Business Ma...

1. A method for stroke extraction in free space utilizing a paired ring device and a paired display device including a video recording module connected to the paired display device, the method comprising:receiving, by one or more computer processors, a video from the video recording module of a free space environment;
determining, by one or more computer processors, one or more bounded surface areas within the video of the free space environment, with each bounded surface area including at least two dimensions of space;
displaying, by one or more computer processors, on the paired display device, a modified free space environment including the determined one or more bounded surface areas;
receiving, by one or more computer processors, one or more images transmitted from the paired ring device, wherein the one or more images are transcribed sequentially from one or more language movements recorded by the paired ring device utilizing a magnitude value and a direction value of proper acceleration of the one or more language movements, and wherein the one or more images include one or more of a plurality of vector points, a plurality of coordinates, and a plurality of dots interconnected by a plurality of lines;
determining, by one or more processors, at least one of the one or more language movements crossed at least one side of at least one bounded surface area of the one or more bounded surface areas;
responsive to determining that at least one of the one or more language movements crossed at least one side of at least one bounded surface area of the one or more bounded surface areas, providing, by the one or more processors, haptic feedback to the paired ring device;
inputting, by one or more computer processors, the one or more images into a character training model;
mapping, by one or more computer processors, the one or more images into one or more characters in the character training model, wherein mapping includes determining whether the one or more images indicate at least one of the one or more characters in the character training model utilizing a pre-determined range of motion of the paired ring device during a time period of movement in free space, where the pre-determined range of motion creates a specific image; and
responsive to a determination that the one or more images indicate at least one of the one or more characters in the character training model, transcribing, by one or more computer processors, the at least one of the one or more characters into a digital document, wherein the digital document is a visual augmentation for displaying in a heads up display of the paired display device.

US Pat. No. 10,169,669

DRIVING ASSISTANCE APPARATUS AND DRIVING ASSISTANCE METHOD

DENSO CORPORATION, Kariy...

1. A driving assistance apparatus that assists in driving of an own vehicle, the driving assistance apparatus comprising:a sign recognizer, using a processor, that recognizes a traffic sign from an image captured by an on-board imaging apparatus;
a notification executer, using the processor, that notifies a driver of information indicated by the traffic sign recognized by the sign recognizer; and
a change determiner, using the processor, that determines whether or not the own vehicle is making a lane change, wherein
the notification executer notifies the driver of destination lane information that is information for a traffic lane to which the own vehicle is moving, if the change determiner determines that the own vehicle is making a lane change while the own vehicle is traveling on a road in which different traffic signs are provided among traffic lanes;
the notification executer notifies the driver of, as the destination lane information, information indicated by a traffic sign for the traffic lane to which the own vehicle is moving, if the change determiner determines that the own vehicle is making a lane change and the sign recognizer recognizes the traffic sign for the traffic lane to which the own vehicle is moving; and
the notification executer notifies the driver of, as the destination lane information, information indicated by a traffic sign in a position closest to the own vehicle, among traffic signs recognized by the sign recognizer, if the change determiner determines that the own vehicle is making a lane change and the sign recognizer does not recognize a traffic sign for the traffic lane to which the own vehicle is moving.

US Pat. No. 10,169,668

DRIVING ASSISTANCE APPARATUS AND DRIVING ASSISTANCE METHOD

DENSO CORPORATION, Kariy...

1. A driving assistance apparatus that assists in driving of an own vehicle, the driving assistance apparatus comprising:a processor;
a memory;
a sign recognizing unit that recognizes, via the processor, a traffic sign from an image captured by an on-board imaging apparatus, the traffic sign corresponding to a road on which the own vehicle is travelling; and
a notification executing unit that notifies a driver, via the processor, of sign information that is information indicated by the traffic sign recognized by the sign recognizing unit, the sign information being stored in the memory, wherein
the notification executing unit stops notifying the driver of the sign information that was stored in the memory based on an indication that the own vehicle is changing roads, the indication based on a vehicle speed of the own vehicle and operating information of a turn indicator of the own vehicle under a condition that the driver is being notified of the sign information.

US Pat. No. 10,169,667

EXTERNAL ENVIRONMENT RECOGNIZING DEVICE FOR VEHICLE AND VEHICLE BEHAVIOR CONTROL DEVICE

CLARION CO., LTD., Saita...

1. An external environment recognizing device for a vehicle, comprising:an image processor configured to be installed in the vehicle and obtain an image around the vehicle;
a first object detector configured to detect a moving object from the image;
a bird's-eye view image processor configured to generate a bird's-eye view image of the vehicle from the image;
a second object detector configured to detect a moving object from the bird's-eye view image;
a detected object determination part configured to: (i) obtain a distance between a point corresponding to a center of a lower side of a rectangular region circumscribing an outside of the moving object detected by the first object detector and a grounding point of the moving object detected by the second object detector, wherein the grounding point is configured to have contact with a road surface, and wherein the point and the grounding point are converted into XY coordinate values; and (ii) determine that the moving object detected by the first object detector and the moving object detected by the second object detector are the same moving object when a distance between the point and the grounding point is within a predetermined distance; and
a moving object position identifying part configured to identify a position of the moving object detected by the first object detector or the second object detector based on a distance from the vehicle to the moving object detected by the first object detector or the second object detector, a lateral direction position of the moving object detected by the first object detector or the second object detector, and a width of the moving object detected by the first object detector when the detected object determination part determines that the moving object detected by the first object detector and the moving object detected by the second object detector are the same moving object.

US Pat. No. 10,169,666

IMAGE-ASSISTED REMOTE CONTROL VEHICLE SYSTEMS AND METHODS

FLIR Systems, Inc., Wils...

1. A system, comprising:a remote control vehicle;
an infrared imaging module mounted on the remote control vehicle, wherein the infrared imaging module is configured to capture an infrared image based on thermal radiation of a scene; and
a processor configured to communicate with the infrared imaging module, wherein the processor is configured to:
determine thermal properties associated with the scene based on the infrared image; detect a first boundary in the infrared image and a second boundary in the infrared image based on the determined thermal properties associated with the scene;
determine a lane or a bounded area defined by the first boundary and the second boundary; and
modify an operation of the remote control vehicle based on the first boundary and the second boundary to keep the remote control vehicle within the lane or the bounded area and prevent the remote control vehicle from crossing the first boundary and the second boundary.

US Pat. No. 10,169,665

VIRTUAL INDUCTANCE LOOP

Alarm.com Incorporated, ...

1. A computer-implemented method, comprising:obtaining, by each of two or more cameras directed towards a scene, an image corresponding to the scene;
determining, by one or more processors and for each of the images corresponding to the scene, a virtual inductance loop (VIL) line to be imposed on each of the images;
comparing, by the one or more processors, the VIL lines to determine one or more offsets; and
determining, by the one or more processors, based on the one or more offsets, one or more characteristics of the scene.

US Pat. No. 10,169,664

RE-IDENTIFYING AN OBJECT IN A TEST IMAGE

International Business Ma...

1. A method of re-identifying a first object in a first test image, the method comprising steps of:during a testing mode subsequent to a completion of a training mode, a computer receiving the first test image and subsequently determining respective measures of similarity between the first test image and each of first training images captured by a first camera by (i) estimating a foreground region and a background region of the first test image by segmenting the first test image into segments by using normalized cuts on the first test image in which the first object is centered, the foreground region being initialized using first segments that lie in a center of the first test image and the background region being initialized using second segments that do not lie in the center of the first test image and (ii) determining Bhattacharyya distances between feature representations of the estimated background region of the first test image and respective feature representations of background regions of the first training images, the first test image being captured by the first camera during the testing mode;
based in part on the Bhattacharyya distances and subsequent to the first test image being captured by the first camera, the computer transforming the first test image which results in a transformed first test image having a brightness that (1) is different from a brightness of the first test image captured by the first camera and (2) matches a brightness of training images captured by a second camera during the training mode, so that an appearance of the transformed first test image resembles an appearance of a capture of the first test image by the second camera, the transformed first test image including the first object which is in the first test image which was captured by the first camera;
the computer performing comparisons between the transformed first test image and each of test images captured by the second camera;
based on the comparisons between the transformed first test image and each of the test images captured by the second camera, the computer identifying one of the test images captured by the second camera that is closer in appearance to the transformed first test image than other test images captured by the second camera; and
the computer designating a second object in the identified test image as a re-identification of the first object in the first test image.

US Pat. No. 10,169,663

SCENE CHANGE DETECTION VIA MULTIPLE SENSORS

The Boeing Company, Chic...

1. A method for determining whether a change occurred within a scene, the method comprising:determining, by a computing device, one or more first classification rules based on accessing one or more first references images and first data that classifies pixel groups of the one or more first reference images as types of objects, wherein the one or more first reference images are captured by a first sensor;
determining, by the computing device, one or more second classification rules based on accessing one or more second reference images and second data that classifies pixel groups of the one or more second reference images as types of objects, wherein the one or more second reference images are captured by a second sensor;
classifying, by the computing device, one or more pixel groups of a first image of the scene as respective first objects based on the one or more first classification rules;
classifying, by the computing device, one or more pixel groups of a second image of the scene as respective second objects based on the one or more second classification rules; and
based on the classification of the one or more pixel groups of the first image as the respective first objects and the classification of the one or more pixel groups of the second image as the respective second objects, determining, by the computing device, whether the change occurred within the scene.

US Pat. No. 10,169,662

REMOTE BIOMETRIC MONITORING SYSTEM

Google LLC, Mountain Vie...

1. A system for remotely monitoring a sleeping subject, the system comprising:a digital camera configured to capture images of a subject, the digital camera including a digital image sensor, one or more local processors in communication with the digital image sensor, and a memory, wherein the digital image sensor, the one or more local processors, and the memory are enclosed in a same housing, and wherein no sensors or markers are attached to the subject;
a tripod support having the digital camera articulatably attached thereto, wherein the tripod support includes a pair of short legs each having a first permanent length, and a long leg having a second permanent length at least fifty percent longer than the first permanent length;
an environmental sensor in communication with the one or more local processors of the digital camera, the environmental sensor configured to detect a physical characteristic of a local environment of the subject;
an environmental control device in communication with the one or more local processors of the digital camera, the environmental control device configured to produce a change in the local environment of the subject; and
a set of instructions stored in the memory of the digital camera and executable locally by the one or more local processors to:
receive a sensed input from the environmental sensor and a plurality of time-sequenced images of the subject from the digital image sensor;
determine a position of a torso region of the subject using an artificial intelligence module trained to determine a presence and a position of the subject in a subset of images of the time-sequenced plurality of images;
identify, using the position of the torso region determined by the artificial intelligence module to perform a biometric analysis on an uncompressed version of the plurality of time-sequenced images, an activity state of the subject; and
cause a change in the environmental control device based on the sensed input and the activity state of the subject.

US Pat. No. 10,169,661

FILTERING METHODS FOR VISUAL OBJECT DETECTION

International Business Ma...

1. A method comprising:receiving a set of images;
filtering the set of images using a set of integral filters, resulting in a filtered set of images; and
performing machine-learning based object detection on the filtered set of images to generate a set of object-detected images,
wherein filtering the set of images using the set of integral filters includes:
determining a candidate image region of an image of the set of images, wherein the candidate image region corresponds to a particular modality, wherein the particular modality includes one of: (i) color channels, (ii) contextual background selection, and (iii) pixel intensities,
for the image of the set of images, computing an integral image based on the particular modality,
computing integral image output, including at least an average of pixels of the particular modality, utilizing the computed integral image, and
based, at least in part, on the computed integral image output, removing the candidate image region from the image, wherein the image no longer includes the candidate image region.

US Pat. No. 10,169,660

COUNTING INVENTORY ITEMS USING IMAGE ANALYSIS

Amazon Technologies, Inc....

1. A computing system, comprising:a processor; and
a memory coupled to the processor and storing program instructions that when executed by the processor cause the processor to at least:
receive from a first camera a first image of an inventory location, wherein the first image includes a representation of a plurality of inventory items located at the inventory location;
determine from an inventory location data store, an item type corresponding to the inventory location;
segment the first image into a plurality of image segments;
select a first histogram of oriented gradients (“HOG”) model for a first image segment of the plurality of image segments and a second HOG model for a second image segment of the plurality of image segments, wherein:
the first HOG model corresponds to the item type and is representative of a second image of an item of the item type obtained at a first distance or at a first item orientation;
the second HOG model corresponds to the item type and is representative of a third image of the item of the item type obtained at a second distance or at a second orientation;
process the first image to:
generate a first plurality of inventory item feature vectors corresponding to the first image segment, and
generate a second plurality of inventory item feature vectors corresponding to the second image segment;
compare the first plurality of inventory item feature vectors with the first HOG model;
compare the second plurality of inventory item feature vectors with the second HOG model; and
count a number of the first plurality of inventory item feature vectors that are substantially similar to the first HOG model and the number of the second plurality of inventory item feature vectors that are substantially similar to the second HOG model, wherein the count is representative of a quantity of items at the inventory location.

US Pat. No. 10,169,659

VIDEO SUMMARIZATION USING SELECTED CHARACTERISTICS

Amazon Technologies, Inc....

1. A computer-implemented method, comprising:receiving video data;
determining that a first video frame of the video data includes a first representation of a first face and a second representation of a second face;
determining first image data including the first representation of the first face;
determining second image data including the second representation of the second face, the second image data corresponding to the first video frame of the video data;
determining a distance between the first representation and the second representation;
determining that the distance exceeds a distance threshold;
based at least in part on determining that the distance exceeds the distance threshold, creating a second video frame including the first image data and the second image data, but not including a portion of intervening space, wherein the intervening space is between the first image data and the second image data in the first video frame; and
generating a video summarization including the video data and the second video frame.

US Pat. No. 10,169,658

COMPUTERIZED VIDEO FILE ANALYSIS TOOL AND METHOD

INTERNATIONAL BUSINESS MA...

1. A system for dynamically creating and presenting video content information to a user, the system comprising:at least one processor;
a screen;
non-transient memory that stores program instructions which, when executed by the at least one processor, cause the at least one processor to:
i) load contents of a video file into a video player, for display in a user interface of the video player on the screen;
ii) display frames of the video file in the user interface;
iii) receive, via the user interface, a user's input indicating selection of an object displayed in at least one frame of the video file;
iv) perform an object identification analysis of frames comprising the video file to locate each instance where a specific frame of the video file contains the object;
v) for each specific frame of the video file that contains the object, perform a z-axis analysis of the object within the frame to determine prominence of the object within each specific frame;
vi) store metadata in non-volatile storage associated with the video file, the metadata indicating results of the object identification analysis and, for frames where the object was present, the z-axis analysis; and
vii) automatically generate and display for the video file, on the screen synchronized to the video file, a graphical timeline display for the user graphically reflecting frames of the video file containing the object and object prominence within those frames based upon the metadata.

US Pat. No. 10,169,656

VIDEO SYSTEM USING DUAL STAGE ATTENTION BASED RECURRENT NEURAL NETWORK FOR FUTURE EVENT PREDICTION

NEC Corporation, (JP)

1. A video camera system for video-based safety prediction, the device comprising:an imaging sensor configured to capture one or more video sequences in an environment having a plurality of safety concerns therein; and
a processor configured to:
generate a plurality of driving series based on a plurality of observations from the one or more video sequences;
generate predictions of one or more future events based on the observations using a dual-stage attention-based recurrent neural network (DA-RNN), wherein the DA-RNN includes;
an input attention mechanism to extract relevant driving series, an encoder to encode the extracted relevant driving series into hidden states, a temporal attention mechanism to extract relevant hidden states, and a decoder to decode the relevant hidden states; and
generate a signal for initiating an action to at least one of a plurality of machines to mitigate harm to at least one item.

US Pat. No. 10,169,655

DETECTION OF LOGOS IN A SEQUENCE OF VIDEO FRAMES

ARRIS Enterprises LLC, S...

1. One or more computer-readable storage media containing instructions which, when executed by the one or more processors performs a method, comprising:buffering N frames of a video program, where N?2;
calculating an absolute difference frame D(n,k) between a first subsequent frame n and each of the buffered frames k by determining an absolute value of a difference between pixel values for corresponding pixels in at least a portion of the first subsequent frame n and each of the buffered frames k;
generating a histogram H(n,k) for each absolute difference frame;
for each histogram H(n,k) calculating a weight w(n,k) based on a distribution in the histogram of the absolute value of the difference between pixel values;
repeating the calculating of the absolute difference frame, the histograms and the weights for at least a second subsequent frame n;
generating an accumulation difference frame A, where
andidentifying a region in the accumulation difference frame as a static graphical logo if an average value of the absolute value of the pixels in the identified region of the accumulation difference frame is below a threshold value.

US Pat. No. 10,169,654

CROWD-SOURCED VISION-BASED INFORMATION COLLECTION

OrCam Technologies Ltd., ...

1. A server-based system for interacting with a plurality of wearable apparatuses each being associated with a different user, the system comprising:a data interface; and
at least one processing device programmed to:
receive, via the data interface and for each of the plurality of wearable apparatuses, a data stream including image-based information associated with images captured by a camera present on a particular wearable apparatus from among the plurality of wearable apparatuses;
analyze the image-based information of the data streams received from each of the plurality of wearable apparatuses to determine at least one trait common to two or more of the different users of the plurality of wearable apparatuses;
determine at least one frequency related to the at least one trait;
store, in at least one database, the determined at least one frequency related to the at least one trait;
store, in the at least one database, information relating to the determined at least one trait; and
report the information relating to the determined at least one trait to at least one user of at least one of the plurality of wearable apparatuses.

US Pat. No. 10,169,653

REGISTERING THE HARVEST OF A RESOURCE USING IMAGE DATA AND METADATA

International Business Ma...

1. A method of tagging a resource, comprising:receiving a given number of unique electronic tags for tagging a specified resource;
for a harvested one of the specified resources, generating image data representing an image of the harvested one of the specified resources, and selecting one of the electronic tags for said harvested one of the specified resources;
sending said image data and data identifying said selected one of the electronic tags to a specified entity to register the harvested one of the resources;
generating said given number of unique physical tags for the specified resource; and
attaching said one of the physical tags to the harvested one of the resources; and wherein:
the generating image data representing an image of the harvested one of the resources comprises
including in the image data physical tag data representing one of the physical tags for the harvested one of the resources, and
capturing an image of the harvested one of the resources with said one of the physical tags attached to the harvested one of the resources;
each of the physical tags matches a respective one of the electronic tags; and
the method further comprises comparing the physical tag attached to the harvested one of the resources to the selected one of the electronic tags to determine if the physical tag attached to the harvested one of the resources matches the selected one of the electronic tags.

US Pat. No. 10,169,652

SPATIAL EXPANSION SEISMIC DATA PROCESSING METHOD AND APPARATUS

CGG SERVICES SAS, Massy ...

1. A method for processing seismic data corresponding to a subsurface, the method comprising:receiving input seismic data (di) characterized by N spatial coordinates, wherein the input seismic data is in a first spatial domain, and the N spatial coordinates describe positions of (1) seismic sources that generate seismic waves, and (2) seismic receivers that detect the seismic waves after have been passed through the subsurface;
expanding with a computer the N spatial coordinates of the input seismic data (di) to N? modified spatial coordinates, where N? is greater than N, to provide spatially expanded seismic data (de) that is in a second spatial domain;
transforming the spatially expanded seismic data (de) to a model domain to provide model domain data (dm); and
generating a final image (df) of the subsurface using the model domain data (dm),
wherein the N? modified spatial coordinates include plural modified coordinates, each of which is a non-linear function of two of the N spatial coordinates, and
wherein the plural modified spatial coordinates replace non-linear responses of the input seismic data (di) in the first spatial domain with pseudo-linear responses in the second spatial domain.

US Pat. No. 10,169,650

IDENTIFICATION OF EMPHASIZED TEXT IN ELECTRONIC DOCUMENTS

KONICA MINOLTA LABORATORY...

1. A method of identifying emphasized text, the method comprising:performing horizontal compression on an input image to generate a horizontally compressed image, the input image comprising lines of text, each line of text comprising a plurality of words or characters;
performing horizontal morphological dilation on the compressed image to form a horizontally dilated image, the horizontally dilated image comprising clusters, each cluster corresponding to a different one of the lines of text;
calculating a bounding box for each cluster, resulting in a plurality of bounding boxes;
calculating a first average density, the first average density calculated across all the bounding boxes;
for each of the bounding boxes, comparing the first average density to a density of the bounding box; and
identifying a specific bounding box, from among the plurality of bounding boxes, as having a word or character in bold, the identifying based on the comparison of the first average density to the density of the specific bounding box.

US Pat. No. 10,169,649

SMART IMAGE FILTERING METHOD WITH DOMAIN RULES APPLICATION

International Business Ma...

15. An image filtering system, comprising:a processor; and
a computer readable storage medium having program instructions embodied therewith for building computing components of the image filtering system prior to a runtime assessment of images for compliance by the image filtering system, the program instructions executable by the processor to cause the processor to:
define a vocabulary for a given domain, comprising:
extracting a set of entities from a set of corpus documents related to the given domain; and
grouping the set of entities into a set of image categories based on probabilities of co-occurrence of the set of entities;
build an image catalog, comprising:
identifying one or more objects in one or more images from the image catalog; and
associating the one or more objects with the set of entities in the set of image categories;
generate a set of compliance rules, comprising:
identifying a given image category of the set of image categories that relate to topics in corpus data sources; and
generating the set of compliance rules, using the set of entities grouped in the given image category; and
train an image classification pipeline, comprising:
identifying one or more entities in a given image of the one or more images from the image catalog;
classifying the given image according to one or more of the set of compliance rules; and
repeating the identifying of the one or more entities in the given image and the classifying of additional images until a set of performance metrics are met.

US Pat. No. 10,169,648

METHOD AND DEVICE FOR INPUTTING HANDWRITING CHARACTER

MOTOROLA SOLUTIONS, INC.,...

1. A method for inputting handwriting character, comprising:adding a handwriting input on a touch screen, where the touch screen has a plurality of input areas;
detecting a position of an initial point of the handwriting input;
determining an input area for the handwriting input among the plurality of input areas of the touch screen based on the position of the initial point of the handwriting input;
determining an operation of the handwriting input based on the position of the initial point of the handwriting input and performing the determined operation, wherein the step of determining an operation of the handwriting input further comprises:
if the position of the initial point of the handwriting input does not fall on an existing character, determining whether the position of the initial point of the handwriting input falls between two existing characters; and
if it is determined that the position of the initial point of the handwriting input falls between the two existing characters, determining the operation of the handwriting input as inserting a character between the two existing characters; and
upon completion of the handwriting input, recognizing the input as a character and displaying the recognized character in the determined input area on the touch screen.

US Pat. No. 10,169,647

INFERRING BODY POSITION IN A SCAN

International Business Ma...

1. A method for inferring body position in a medical-imaging scan, the method comprising:accessing a two-dimensional digital image generated by a medical-imaging device, wherein the image represents a cross-sectional view of a subject's body at a position along an axis of the subject's body;
deriving from the accessed image a set of pixel-intensity feature vectors and a set of learned feature vectors,
wherein each of the pixel-intensity feature vectors and each of the learned feature vectors is an n-tuple that represents characteristics of the accessed image as an ordered list of numbers,
wherein the set of pixel-intensity feature vectors comprises at least one vector that represents characteristics of the accessed image derived from relationships among intensities of pixels of the accessed image,
wherein the set of learned feature vectors comprises at least one vector that represents characteristics of the accessed image selected from output of an internal layer of a convolutional neural network, and
wherein a first layer of the convolutional neural network has been populated with a digital representation of the accessed image;
submitting the set of pixel-intensity feature vectors and the set of learned feature vectors to a support-vector machine;
receiving from the support-vector machine a candidate image label for each submitted feature vector, wherein each candidate image label identifies a position of the subject's body along the axis; and
generating a single image label of the accessed image by mathematically combining the received candidate image labels,
wherein the mathematically combining comprises solving a linear equation, and wherein the linear equation comprises regression coefficients selected as a function of a pretraining of the convolutional neural network and further as a function of a pretraining of the support-vector machine.

US Pat. No. 10,169,646

FACE AUTHENTICATION TO MITIGATE SPOOFING

APPLIED RECOGNITION INC.,...

1. A security platform comprising:an image capture device configured to detect a user within a field of view of a camera;
a processor configured to:
provide an electronic prompt to request the user to perform a sequence of one or more position requests, each position request defined by a change in pitch and yaw;
trigger the image capture device to capture a sequence images of the user performing the sequence of one or more position requests, the sequence images capturing pitch and yaw movements of the user;
generate a series of face signatures for the sequence of images of the user performing the sequence of the one or more position requests;
compare the generated series of face signatures to stored face signatures corresponding to the requested sequence of the one or more position requests;
authenticate the user as being a human user as a first authentication step;
trigger the image capture device to capture at least one additional image of the user;
verify the identity of the user as being an authorized user based on the at least one additional image of the user as a second authentication step;
store the at least one additional image of the user in a data storage as an audit trail in an encrypted format;
provide a calibration prompt directing the user to come to a resting place in front of the camera with the user's eyes are on a horizontal plane;
measure at least one key landmark on the face and an overall bounding box of the face and record values corresponding thereto;
display a head position prompt on a display screen, the head position prompt directing the user to turn their head to match a position denoted by a head position image forming part of the head position prompt; and
measure the at least one key landmark on the face and the overall bounding box of the face and recording values corresponding thereto again.

US Pat. No. 10,169,645

ENSURING A DESIRED DISTRIBUTION OF IMAGES IN A MULTIMEDIA DOCUMENT UTILIZING FACIAL SIGNATURES

International Business Ma...

1. A method for ensuring a desired distribution of images in a multimedia document, the method comprising:receiving a desired distribution of facial signatures in said multimedia document;
receiving an image to be added to said multimedia document;
inspecting said image for instances of faces;
generating a facial signature for a face detected in said image;
determining a number of instances of said facial signature in said multimedia document;
determining, by a processor, a desired distribution for said facial signature in said multimedia document based on said received desired distribution of facial signatures in said multimedia document;
providing an indication that said number of instances of said facial signature in said multimedia document meets or does not meet said desired distribution for said facial signature in said multimedia document based on said number of instances of said facial signature in said multimedia document and said desired distribution for said facial signature in said multimedia document;
providing images to a user from a set of source images to be added to said multimedia document in response to said number of instances of said facial signature in said multimedia document being below said desired distribution for said facial signature in said multimedia document; and
displaying images to said user from said multimedia document to be removed from said multimedia document in response to said number of instances of said facial signature in said multimedia document being above said desired distribution for said facial signature in said multimedia document.

US Pat. No. 10,169,644

HUMAN FACIAL DETECTION AND RECOGNITION SYSTEM

Blue Line Security Soluti...

1. A method for detecting faces comprising:detecting, using one or more computing devices, at least a portion of a face from at least one image of a sequence of images by applying a plurality of image strips to the sequence of images, the plurality of image strips together forming a particular curvature and a particular pattern, each image strip of the plurality of image strips having a same width, and determining at least one of an edge-like feature of the face and a ridge-like feature of the face by:
generating, using the one or more computing devices, a mapping of facial points corresponding to the at least one image by:
generating a plurality of points on an image plane corresponding to the at least one image and determining a distance between each point to the plurality of points, each point corresponding to the at least one of the edge-like feature of the face and the ridge-like feature of the face;
projecting the plurality of points from the image plane to a surface of a face model;
mirroring the plurality of points using facial symmetry;
identifying, using the one or more computing devices, a match for the mapping of facial points by comparing the distance between each point to the plurality of points and the mapping of facial points to a recognized image stored in a database; and
triggering, using the one or more computing devices, an alert of the match and transmitting the alert for display to a user computer device.

US Pat. No. 10,169,643

IMAGE OPTIMIZATION DURING FACIAL RECOGNITION

Google LLC, Mountain Vie...

1. A method for a device to perform facial detection, comprising:capturing, by a camera coupled to the device, an image;
receiving an indication to perform facial detection;
selecting, in response to the indication, a metering region within a portion of the captured image based on a predefined set of coordinates specifying a position of the metering region based on a usage history of the camera and not based on a performance of facial detection by the device and not based on user input selecting a portion of a preview of the captured image, wherein the portion of the captured image is less than an entirety of the captured image, and the metering region is selected prior to executing an algorithm for locating a position of a face within the image;
adjusting the image based on the selected metering region; and
detecting the face within the adjusted image.

US Pat. No. 10,169,642

SYSTEMS AND METHODS FOR FACE ALERT

Facebook, Inc., Menlo Pa...

1. A computer-implemented method comprising:identifying, by a computing system, a set of candidate entities associated with a user;
identifying, by the computing system, a set of photos associated with the set of candidate entities;
performing, by the computing system, a facial recognition process on the set of photos to identify in the set of photos a subset of photos in which the user is recognized by the facial recognition process, wherein the facial recognition process is performed based on authorization by the user;
generating, by the computing system, for the subset of photos, a set of suggested photo tags associated with the user, wherein each suggested photo tag in the set of suggested photo tags identifies the user in a respective photo in the subset of photos as identified by the facial recognition process; and
receiving, by the computing system, from the user, a set of restriction responses with respect to the set of suggested photo tags, wherein the set of restriction responses comprises at least the user selecting to take no action with respect to one or more tags in the set of suggested photo tags.

US Pat. No. 10,169,641

APPARATUS AND METHOD FOR VISUALIZATION OF REGION OF INTEREST

Samsung Electronics Co., ...

1. An apparatus to visualize a region of interest (ROI), comprising:at least one processor; and
at least one memory storing one or more computer programs that, upon execution by the at least one processor, configure the at least one processor to:
receive images in sequence via a probe,
acquire at least one ROI comprising at least one pre-designated interest item from one (hereinafter, previous image) among the images,
output visualization information for visualizing the at least one ROI acquired from the previous image on the previous image,
detect at least one ROI from a current image received by a movement of the probe,
identify, in response to detection of the at least one ROI from the current image, whether an interest item exists in the at least one ROI detected from the current image,
remove, in response to a determination that the interest item does not exist in the at least one ROI detected from the current image, the visualization information of the at least one ROI acquired from the previous image,
determine, in response to a determination that the interest item exists in the at least one ROI detected from the current image, whether the interest item existing in the current image is identical to the pre-designated interest item in the previous image, and
output the visualization information of the at least one ROI acquired from the previous image as visualization information for visualizing the at least one ROI detected from the current image on the current image based on a result of the determination.

US Pat. No. 10,169,638

TRANSFORMED REPRESENTATION FOR FINGERPRINT DATA WITH HIGH RECOGNITION ACCURACY

CROSS MATCH TECHNOLOGIES,...

1. A system for processing fingerprint template data, and for generating transformed fingerprint template data from original fingerprint minutia template data, comprising:a first module configured to define for a minutia m included with in original fingerprint minutiae template data, a corresponding defined mega-vicinity as a vicinity area surrounding the minutia m as the center of the vicinity area;
a second module configured to align geometrically other minutiae located inside of the defined mega-vicinity with respect to the minutia m, and wherein the minutia m defines an origin of a coordinate system; wherein a direction of the minutia m of original fingerprint minutiae data defines an x-axis and a direction of a zero angle, of a Cartesian coordinate system and of a polar coordinate system, respectively;
a third module configured to check for each other minutia in the original fingerprint minutiae template data, to determine if its location is within the vicinity area; and
a fourth module configured to form mega-vicinity data for the minutia m as comprising first layer data comprising all minutiae located inside the vicinity area and second layer data comprising the respective N closest neighboring minutia around each of the minutiae in the first layer data, wherein N is a predetermined number, and wherein said N closest neighboring minutiae around each of the minutiae in the first layer data are not required to necessarily be located within said vicinity area.

US Pat. No. 10,169,637

ON-SCREEN OPTICAL FINGERPRINT CAPTURE FOR USER AUTHENTICATION

Qualcomm Incorporated, S...

1. A method comprising:receiving an image of a fingerprint captured by a camera, the image of the fingerprint being based on light reflected from a fingertip and propagated within a glass layer of a display assembly;
determining feature information from the captured image of the fingerprint;
reducing the amount of feature information through a quantization of the feature information;
generating a histogram associated with the captured image based on the reduced amount of feature information; and
authenticating a user based on the histogram.

US Pat. No. 10,169,636

SENSOR APPARATUS AND MOBILE TERMINAL

Shenzhen Goodix Technolog...

1. A sensor apparatus, comprising:a cover, a lower surface of the cover being provided with an ink layer;
a sensor, the sensor being arranged below the cover;
at least one light-emitting module, the light-emitting module being arranged as parallel to the sensor;
an upper reflecting layer and a lower reflecting layer, the upper reflecting layer being arranged on a lower surface of the ink layer, and the lower reflecting layer being arranged on an upper surface of the sensor; and
a light transmitting glue layer, the light transmitting glue layer being arranged between the upper reflecting layer and the lower reflecting layer.

US Pat. No. 10,169,635

DISPLAY DEVICE AND METHOD FOR FABRICATING A DISPLAY DEVICE

BOE TECHNOLOGY GROUP CO.,...

1. A display device comprising a display layer and a base layer under the display layer, wherein the base layer comprises:a substrate having a first conductivity type;
a well region, positioned in a portion of a side of the substrate facing towards the display layer, the well region having a second conductivity type opposite to the first conductivity type; and
an ultrasonic receiver formed in the well region, wherein the ultrasonic receiver comprises:
a first bottom electrode facing towards the substrate, the first bottom electrode comprising a first semiconductor region formed in the well region, and the first semiconductor region having the first conductivity type;
a first top electrode facing towards the display layer; and
a first piezoelectric layer, formed between the first bottom electrode and the first top electrode.

US Pat. No. 10,169,634

METHOD, DEVICE AND COMPUTER-READABLE STORAGE MEDIUM FOR FINGERPRINT RECOGNITION

XIAOMI INC., Beijing (CN...

1. A method for fingerprint recognition applied in an electronic device comprising a liquid crystal display, the liquid crystal display having fingerprint recognition sensors and optical proximity sensors, the method comprising:acquiring a fingerprint recognition instruction;
determining an area made up of a part of the optical proximity sensors after acquisition of the fingerprint recognition instruction, the distance between each of the part of the optical proximity sensor and a touch operation being less than a predetermined distance threshold;
selecting a part of the fingerprint recognition sensors according to the area; and
controlling the selected part of the fingerprint recognition sensors to perform fingerprint recognition.

US Pat. No. 10,169,633

DRIVING CIRCUIT, DRIVING METHOD, DISPLAY APPARATUS AND ELECTRONIC APPARATUS

FOCALTECH ELECTRONICS, LT...

1. An electronic device with a fingerprint sensing function, comprising:a fingerprint sensing region;
a fingerprint sensing component configured to sense fingerprint input information input by an object in the fingerprint sensing region;
a processor and instructions stored in a memory, wherein the processor performs the instructions to:
recognize a current state of the electronic device, provide a first driving signal to the fingerprint sensing component when the current state of the electronic device is in one of two preset states, to drive the fingerprint sensing component to sense a fingerprint,
receive the fingerprint input information fed back by the fingerprint sensing component, judge whether the fingerprint input information is valid, and determine, based on a judgment result, whether to initiate a corresponding application; and
wherein the fingerprint sensing component comprises a fingerprint sensing circuit and a fingerprint sensing element corresponding to the fingerprint sensing region, the fingerprint sensing element is connected to the fingerprint sensing circuit, wherein the fingerprint sensing circuit is configured to provide a fingerprint sensing signal to the fingerprint sensing element to drive the fingerprint sensing element to sense the fingerprint, and receive a sensing signal output by the fingerprint sensing element, and the fingerprint sensing circuit judges whether there is fingerprint input information based on the sensing signal and outputs the corresponding fingerprint input information to the control module if it is judged that there is the fingerprint input information;
a display panel comprising a plurality of display elements each comprising a first electrode, a second electrode and a display medium,
wherein the electronic device provides corresponding voltages to the first electrodes and the second electrodes to control the display medium to display a corresponding image, wherein the plurality of display elements form a display area,
the display panel further comprising a border area, wherein the border area is opaque and is located on at least one side of the display area, and the fingerprint sensing region is located in the border area or in the display area; and
wherein the fingerprint sensing element comprises a plurality of fingerprint sensing electrodes, and the fingerprint sensing circuit is configured to perform a self-capacitance sensing on the first electrodes serving as the fingerprint sensing electrodes to sense the fingerprint, in the case that the electronic device is in one of the two preset states.

US Pat. No. 10,169,632

TOUCH-SENSING APPARATUS, TOUCH DEVICE INCLUDING THE APPARATUS, AND ELECTRONIC APPLIANCE

LG INNOTEK CO., LTD., Se...

1. A touch-sensing apparatus, comprising: a substrate including an effective area and a non-effective area; a cavity provided in the non-effective area; a fingerprint sensor provided on a bottom surface of the cavity; and a first decorative layer provided inside the cavity and having a plurality of oxide layers, wherein the first decorative layer includes at least one metal layer provided between the plurality of oxide layers, and the at least one metal layer has a thickness ranging from 10 nm to 50 nm; wherein the substrate includes: a first surface to receive a touch input; and a second surface opposite the first surface, the cavity being provided in the second surface; wherein the fingerprint sensor includes: a third surface configured to face the bottom surface of the cavity; and a fourth surface being opposite to the third surface, and wherein the touch-sensing apparatus further includes an auxiliary substrate provided on the fourth surface of the fingerprint sensor.

US Pat. No. 10,169,631

RECOGNIZING FINGERPRINTS AND FINGERPRINT COMBINATIONS AS INPUTS

INTERNATIONAL BUSINESS MA...

1. A method of inputting an action to a computer device comprising:placing a fingerprint recognition sensor on a thumb of a first hand of a user, the fingerprint sensor having an outer surface to read a fingerprint of a user's finger placed in contact with the fingerprint recognition sensor, the fingerprint recognition sensor having an inner surface that does not read a fingerprint of the user's thumb;
setting a plurality of actions corresponding to fingerprint data from a user's fingerprint patterns;
storing the plurality of actions corresponding to the fingerprint data in the computer device;
placing a first finger of the first hand of the user in contact with the fingerprint recognition sensor;
reading fingerprint data by the fingerprint recognition sensor corresponding to the user's fingerprint patterns from the first finger of the first hand placed in contact with the fingerprint recognition sensor;
comparing the fingerprint pattern from the first finger of the first hand with the user's fingerprint data stored in the computer device;
responsive to a match between the fingerprint pattern from the first finger of the first hand and the user's fingerprint data stored in the computer device, initiating the action stored in the computer device corresponding to the first finger of the first hand placed in contact with the fingerprint recognition sensor;
placing another finger of the first hand of the user in contact with the fingerprint recognition sensor;
reading fingerprint data by the fingerprint recognition sensor corresponding to the user's fingerprint patterns from the another finger of the first hand placed in contact with the fingerprint recognition sensor;
comparing the fingerprint pattern from the another finger of the first hand with the user's fingerprint data stored in the computer device;
responsive to a match between the fingerprint pattern from the another finger of the first hand and the user's fingerprint data stored in the computer device, initiating the action stored in the computer device corresponding to the another finger of the first hand placed in contact with the fingerprint recognition sensor; and
repeating placing another finger, reading fingerprint data by the fingerprint recognition sensor corresponding to the user's fingerprint patterns from the another finger, comparing the fingerprint pattern from the another finger and initiating the action stored in the computer device corresponding to the another finger for additional fingers of the first hand placed in contact with the fingerprint recognition sensor.

US Pat. No. 10,169,630

OPTICAL SENSOR FOR INTEGRATION OVER A DISPLAY BACKPLANE

Synaptics Incorporated, ...

1. An optical sensor for imaging a biometric input object on a sensing region, comprising:a transparent layer having a first side and a second side opposite the first side;
a set of apertures disposed above the first side of the transparent layer;
a first set of reflective surfaces disposed below the second side of the transparent layer configured to receive light transmitted through the set of apertures and to reflect the received light;
a second set of reflective surfaces disposed above the first side of the transparent layer configured to receive the light reflected from the first set of reflective surfaces and to further reflect the light; and
a plurality of detector elements positioned to receive the further reflected light from the second set of reflective surfaces.

US Pat. No. 10,169,629

DECODING VISUAL CODES

A9.com, Inc., Palo Alto,...

1. A computing device, comprising:a computing device processor;
a memory device including instructions that, when executed by the computing device processor, cause the computing device to:
obtain an image including a visual code, the visual code being one of a plurality of format types and having an arbitrary orientation with respect to the image;
analyze the image to determine a connected region of pixels of a plurality of pixels;
determine a first pixel of the connected region of pixels associated with first pixel coordinates and a second pixel associated with second pixel coordinates;
determine a region of the image that includes the visual code based at least in part on the first pixel coordinates and the second pixel coordinates;
determine a plurality of borders associated with the region;
determine a geometric shape of the region based at least in part on the plurality of borders of the region, the geometric shape having a length and a width;
determine a ratio of the length and the width of the geometric shape;
determine whether the ratio meets at least one aspect ratio threshold;
verify the region includes the visual code when the ratio of the length and the width meets the at least one aspect ratio threshold;
determine the format type of the visual code; and
rectify the visual code from the arbitrary orientation to a rectified orientation suitable for a decoder for the format type; and
decode the visual code using the decoder.

US Pat. No. 10,169,628

SCANNING IMAGE CODES IN VIRTUAL MOBILE INFRASTRUCTURES

Trend Micro Incorporated,...

12. A computer-implemented method of scanning an image code, the method comprising:taking, by a mobile device, a photo of a first image code of an original data;
finding, by the mobile device, the first image code in camera data of the photo;
recovering, by the mobile device, the original the data by decoding the first image code;
forwarding, by the mobile device, the original data to a server computer;
encoding, by the server computer, the original data into a second image code;
generating, by the server computer, camera data of the second image code; and
providing, by the server computer, the camera data of the second image code to a scan app running on the server computer.

US Pat. No. 10,169,627

OPTICAL MARKER FOR DELIVERY DRONE CARGO DELIVERY

INTERNATIONAL BUSINESS MA...

1. A method, comprising:identifying a first optical marker contained in a first image captured by an image capture device of a delivery drone by processing at least the first image, the first optical marker indicating a first cargo recipient;
responsive to identifying the first optical marker contained in the first image, generating, using a processor, first data corresponding to the first optical marker by performing image processing on the first image; and
responsive to the generating the first data corresponding to the first optical marker, determining a first specific location at a general location by processing the first data, wherein the first optical marker indicates the first specific location and the first specific location is different than a second specific location where the first optical marker is positioned at the general location, and initiating the delivery drone to deliver the cargo at the first specific location indicated by the first optical marker.

US Pat. No. 10,169,626

INTERNET OF THINGS (IOT) APPARATUS AND METHOD FOR ELECTRONIC SHELF TAGS

Afero, Inc., Los Altos, ...

1. A system comprising:a mobile client device having a camera or other optical reader and a processor to process an app/application to cause the camera or other optical reader to read a quick response (QR) code or barcode containing a unique identifier (ID) of a shelf-tag Internet of Things (IoT) device, the app/application comprising program code executed by the processor and a graphical user interface (GUI) to step a user through associating the shelf-tag IoT device with a first product by prompting the user to capture the QR code/barcode and a Universal Product Code (UPC) of the first product with the camera or other optical reader, the app/application to associate the unique ID and the UPC code;
the shelf-tag Internet of Things (IoT) device comprising a memory for storing program code and a processor for executing the program code, the shelf-tag IoT device further comprising a secure communication module having a local wireless communication interface comprising a Bluetooth Low Energy (BTLE) link to establish a local wireless communication link with one or more IoT hubs or client devices, the one or more IoT hubs or client devices including a first communication interface to establish the local wireless communication link with the shelf-tag IoT device and a second communication interface to establish a second communication channel with an IoT service over the Internet, the shelf-tag IoT device to use the secure communication module to establish a secure communication channel with the IoT service over the Internet through the one or more IoT hubs or client devices using the local wireless communication link;
a display coupled to the shelf-tag IoT device to display product information related to the first product placed on a shelf;
a products database maintained on the IoT service and/or an external retail service, the products database to store an association between each shelf-tag IoT device and each of a plurality of products sold by a retailer;
shelf-tag management logic executed on the IoT service and/or the external retail service and configured to push pricing updates for products to each respective shelf-tag IoT device upon detecting a change in price for the products associated with each of the respective shelf-tag IoT device;
the app/application executed on the mobile client device to prompt the user to either select the first product from a list displayed by the GUI of the app/application or to manually enter data identifying the first product;
wherein responsive to the selection from the GUI or manual entry of the data identifying the first product by the user, the mobile client device is to transmit an association between the unique ID of the shelf-tag IoT device and the UPC code of the first product to the shelf-tag management logic executed on the IoT service, the shelf-tag management logic to update the products database to include the association;
wherein the secure communication channel between the shelf-tag IoT device and the IoT service is established by configuring the shelf-tag IoT device and the IoT service to:
generate a service public key and a service private key by key generation logic of a first encryption engine on the IoT service;
generate a device public key and a device private key by key generation logic of a second encryption engine on the shelf-tag IoT device;
transmit the service public key from the first encryption engine to the second encryption engine and transmit the device public key from the second encryption engine to the first encryption engine;
generate a secret using the device public key and the service private key;
generate the same secret using the service public key and the device private key;
encrypt and decrypt data packets transmitted between the first encryption engine and the second encryption engine using the secret or using data structures derived from the secret; and
wherein the first encryption engine comprises an elliptic curve method (ECM) module to generate a first key stream using a first counter value and the secret and the second encryption engine comprises an ECM module to generate a second key stream using the first counter value and the secret.

US Pat. No. 10,169,625

PROXY-BASED READER AUTHENTICATION BY TRUSTED AUTHORITY

Impinj, Inc., Seattle, W...

1. A method for a verification authority to authenticate Radio Frequency Identification (RFID) tags, the method comprising:transmitting a challenge to a proxy connected to a plurality of RFID readers;
receiving, from the proxy, a response to the proxy challenge;
verifying the proxy response based on at least the proxy challenge and a proxy key;
in response to verifying the proxy response, authenticating at least one of:
the proxy; and
at least a first one of the plurality of RFID readers;
receiving, from at least one of the proxy and the first authenticated RFID reader, a tag-authentication request including at least a tag identifier and a tag response;
verifying, using at least a tag challenge and a tag key determined from at least the tag identifier, whether the tag response is computed based on the tag challenge and the tag key; and
transmitting a tag-authenticity message based on verifying the tag response.

US Pat. No. 10,169,624

TAMPER-PROOF ELECTRONIC PACKAGES WITH TWO-PHASE DIELECTRIC FLUID

INTERNATIONAL BUSINESS MA...

1. A tamper-proof electronic package comprising:an enclosure to enclose, at least in part, at least one electronic component within a secure volume;
a two-phase dielectric fluid within the secure volume; and
a tamper-respondent detector to monitor, at least in part, temperature and pressure of the two-phase dielectric fluid to determine therefrom a current pressure temperature relationship, wherein in operation, the current pressure temperature relationship of the two-phase dielectric fluid deviates from an established saturation line thereof within the secure volume with an intrusion event into the secure volume, and the tamper-respondent detector detects, from the monitoring of the temperature and pressure of the two-phase dielectric fluid and the determining of the current pressure temperature relationship, deviation from the established saturation line, and thereby the intrusion event.

US Pat. No. 10,169,623

SECURITY APPARATUS FOR COMPUTING SYSTEMS

International Business Ma...

1. A security apparatus, comprising:a transmitter configured to transmit acoustic signals in a computing system according to an acoustic pattern;
a receiver configured to receive returned acoustic signals in response to the transmitted acoustic signals;
a logic configured to:
upon receiving the returned acoustic signals at the receiver, generate acoustic measurements from the returned acoustic signals based on the acoustic pattern, the generated acoustic measurements relating to a physical arrangement of computing components within the computing system;
compare the generated acoustic measurements to baseline acoustic measurements, wherein the baseline acoustic measurements are derived from acoustic profiles corresponding to a default physical arrangement of computing components within the computing system; and
upon determining that the generated acoustic measurements do not substantially match the baseline acoustic measurements, assert a signal indicating that the default physical arrangement of computing components within the computing system has been altered.

US Pat. No. 10,169,622

DETECTION OF THE AUTHENTICITY OF AN ELECTRONIC CIRCUIT OR OF A PRODUCT CONTAINING SUCH A CIRCUIT

PROTON WORLD INTERNATIONA...

1. A method, comprising:initializing, by a host device, a charge retention circuit of a slave device, wherein initializing the charge retention circuit comprises switching off a power supply of the slave device;
receiving, by the host device, an indication of a discharge time of the charge retention circuit;
determining, by the host device, an authenticity of the slave device based on the received indication of the discharge time of the charge retention circuit; and
controlling, by the host device, communication with the slave device based on the determined authenticity of the slave device.

US Pat. No. 10,169,621

MULTIMEDIA PIPELINE ARCHITECTURE

TiVo Solutions Inc., San...

1. A method, comprising:receiving, by a media device, a plurality of media content data streams;
storing, in one or more in-memory buffers, at least a portion of a particular media content stream of the plurality of media content data streams;
prior to the one or more in-memory buffers becoming full by the storage of the at least the portion of the particular media content stream, transferring content from the one or more in-memory buffers to a secondary storage device in response to determining that an amount of time since the portion of the particular media content stream started being stored in the one or more buffers exceeds a threshold amount of time;
determining whether on or more in-memory buffers have reached an encryption limit, wherein the encryption limit is one or more of a time limit, and a number of unencrypted in-memory buffers currently stored;
in response to determining that on or more in-memory buffers have reached an encryption limit, encrypting the one or more in-memory buffers;
receiving, from a client device, a request for the particular media content stream, the request indicating a position within the particular media content stream; and
in response to determining that the position within the particular media content stream corresponds to a particular buffer of the one or more in-memory data buffers, sending the particular buffer to the client device.

US Pat. No. 10,169,620

METHOD OF INTERACTING WITH AN ELECTRONIC DEVICE WHILE THE DISPLAY SCREEN IS DEACTIVATED

BlackBerry Limited, Wate...

1. A handheld electronic device, comprising:a processor;
a display screen coupled to the processor;
an input device coupled to the processor;
a communication subsystem coupled to the processor for communication over a wireless network;
a light emitting diode (LED) coupled to the processor;
a memory coupled to the processor, the memory storing executable instructions that, when executed by the processor, cause the handheld electronic device to:
initiate a locked state on the handheld electronic device;
deactivate the display screen;
flash the LED a number of times in dependence on a number of new events in response to receiving a predetermined input from the input device while the handheld electronic device is in the locked state and while the display screen remains deactivated.

US Pat. No. 10,169,619

PHYSICAL TOKEN BASED SECURED CHARGE MANAGEMENT OF A USER EQUIPMENT

INTERNATIONAL BUSINESS MA...

1. A method for physical token based secured charge management of a user equipment (UE) by a processor, comprising:authorizing a power charging session by firmware of the UE for charging the UE upon detecting one or more physical authentication tokens within a selected area of a power charging source or on the power charging source itself, or combination thereof, the power charging source comprising a power supply brick receiving power from an outlet; wherein the detecting further includes validating a current geographic location of the UE is on an approved list of authorized geographic locations stored in a database associated with the UE; and
allowing an unauthorized charging session, prior to the authorizing, to charge the UE up to a pre-authorized charging limit comprising a predetermined percentage of charged capacity of the UE; wherein the unauthorized charging session is allowed prior to the authorizing upon detecting, by the firmware of the UE, that an unauthorized power charging source has been connected to the UE.

US Pat. No. 10,169,618

ENCRYPTION METHOD FOR EXECUTE-IN-PLACE MEMORIES

Cypress Semiconductor Cor...

1. A device comprising:an internal memory configured to store a key; and
a controller configured to communicate with an external memory device over a serial interface, wherein the controller is configured at least to:
transfer, to the external memory device, an address for an access operation to the external memory device over the serial interface;
encrypt, with the key, the address for the access operation to obtain an encrypted address concurrently with transferring the address to the external memory device over the serial interface; and
encrypt or decrypt a block of data for the access operation with the encrypted address.

US Pat. No. 10,169,617

MULTI-TOPOLOGY LOGIC GATES

Bar-Ilan University, Ram...

1. A multi-topology logic gate for performing a specified logic function, said logic gate comprising logic inputs and a logic output, comprising:a logic output connection configured to output a logic output signal;
a plurality of logic input connections configured to input logic signals;
at least two logic blocks associated with said logic input connections and said logic output connection, each of said blocks respectively comprising a plurality of logic inputs connectable to said logic input connections and a logic output connected to said logic output connection, wherein at least one of said logic blocks is configured to operate in a plurality of modes in accordance with a respective mode control signal; and
a topology selector associated with said at least two logic blocks, configured to apply mode control signals to said logic blocks so as to operate said logic gate in a plurality of topologies.

US Pat. No. 10,169,616

CRYPTOGRAPHIC PROCESSING OF DATA AND INSTRUCTIONS STORED OFF-CHIP

XILINX, INC., San Jose, ...

1. A circuit arrangement, comprising:a programmable integrated circuit (IC) including:
a processor subsystem including:
an interconnect circuit; and
one or more processors coupled to the interconnect circuit; and
a programmable logic subsystem providing a first address space and including:
a proxy memory circuit coupled to the interconnect circuit and implemented in programmable logic circuitry of the programmable logic subsystem; and
a decryption circuit coupled to the proxy memory circuit and implemented in programmable logic circuitry of the programmable logic subsystem; and
a first memory circuit providing a second address space, external to the programmable IC, coupled to the interconnect circuit;
wherein the interconnect circuit is configured and arranged to receive a first transaction from one of the one or more processors and transmit the first transaction to the proxy memory circuit in response to a first address of the first address space in the first transaction;
wherein the proxy memory circuit is configured and arranged to translate the first address into a second address of the second address space, generate a second transaction including the second address, transmit the second transaction to the interconnect circuit, and receive encrypted data from the first memory circuit in a response to the second transaction;
wherein the decryption circuit is configured and arranged to decrypt the encrypted data into decrypted data; and
wherein the proxy memory circuit is further configured and arranged to transmit the decrypted data to the one processor in a response to the first transaction.

US Pat. No. 10,169,615

METHODS AND APPARATUSES FOR ENCRYPTION AND DECRYPTION

I-Patrol Technology Limit...

1. A digital data encryption method, comprising:obtaining a user feature of a user, the user feature including at least one of an operating feature of the user or a user terminal identification, the operating feature including at least one of a specified operation, a biological feature, or an input character of the user;
performing, using a hardware logic circuit, a logical operation on the obtained user feature to generate a hardware encryption function;
encrypting, by a processor, first application data with the generated hardware encryption function to obtain second application data;
assigning, by the processor, corresponding feature weights for a plurality of different operating features;
setting, by the processor, a first feature weight and a second feature weight for a first operating feature, and setting, by the processor, a third feature weight and a fourth feature weight for a second operating feature, the feature weights being used to calculate weights of corresponding operating features within a fault tolerance range, the first feature weight matching the third feature weight, and the second feature weight matching the fourth feature weight; and
during decryption of the second application data,
setting, by the processor, an error correcting code for the decryption of the second application data, the error correcting code determining at least one of a first fault tolerance range and a second fault tolerance range;
if the first operating feature is within the first fault tolerance range, applying, by the processor, the first feature weight for the first operating feature and applying, by the processor, the third feature weight for the second operating feature; and
if the first operating feature is within the second fault tolerance range, applying, by the processor, the second feature weight for the first operating feature and applying, by the processor, the fourth feature weight for the second operating feature.

US Pat. No. 10,169,614

CONTAINER UPDATE SYSTEM

International Business Ma...

1. A method, comprising:operating a software container, the software container including a blockchain subsystem and a blockchain ledger;
generating a blockchain entry by executing a hashing function on a current state of the software container and a last entry in the blockchain ledger, and wherein the blockchain entry is generated by extracting and providing information from a predetermined set of directories within the software container to the hashing function;
updating the blockchain ledger with the generated blockchain entry; and
transmitting the generated blockchain entry to one or more connected software containers.

US Pat. No. 10,169,613

SYSTEMS AND METHODS FOR WAVEFORM WATERMARKING

Raytheon Company, Waltha...

1. A device for watermarking a waveform, the device comprising:an overt symbol modulator to receive mapped overt data and provide overt data modulated in accord with an overt data modulation scheme;
a covert symbol modulator to receive mapped covert data and provide, using dither modulation and micro-amplitude modulation, covert data modulated in accord with a covert data modulation scheme;
a clock that operates with a jitter on the order of femtoseconds coupled to the overt symbol modulator and the covert symbol modulator;
a switch to receive the modulated covert data and the modulated overt data and forward the covert data and modulated overt data based on a signal indicating whether covert data is to be transmitted and/or the overt data is to be transmitted; and
transmission circuitry to produce an electromagnetic waveform of the modulated overt data and/or modulated covert data from the switch,
wherein the modulated overt data includes a constellation of symbols and the modulated covert data includes a symbol for every sub-constellation of symbols in the constellation of symbols, wherein the symbol is within a perimeter of the sub-constellation.

US Pat. No. 10,169,612

METHOD FOR EXECUTING A SAFETY-CRITICAL FUNCTION OF A COMPUTING UNIT IN A CYBER-PHYSICAL SYSTEM

ROBERT BOSCH GMBH, Stutt...

1. A method for executing a safety-critical function of a computing unit in a cyber-physical system, the method comprising:receiving a request by a first computing unit in the cyber-physical system from a second computing unit, separate from the first computing unit, for an execution of the a safety-critical function at the first computing unit, the safety-critical function being a cryptographic operation;
acquiring at least one of an environment-specific measurement value and a user-specific measurement value by at least one sensor of the first computing unit, the environment-specific measurement value describing an environment of the first computing unit, the user-specific measurement value describing an interaction of a user with the first computing unit;
determining, by the first computing unit, whether the acquired at least one of the environment-specific measurement value and the user user-specific measurement value fulfills a specified criterion, wherein the specified criterion describe a specific manner in which the user interacts with the first computing unit;
in response to the determination that the values fulfills the specified criterion, executing, by the first computing unit, a physical unclonable function as the safety-critical function;
generating a cryptographic key by the physical unclonable function; and
encrypting communication between the first computing unit and second computing unit using the generated cryptographic key.

US Pat. No. 10,169,611

DYNAMIC APPLICATION HIDING

International Business Ma...

1. A computer-implemented method for dynamic application hiding, the computer-implemented method comprising:detecting, repeatedly, by one or more processors, environmental cues in a vicinity of a computing device wherein the environmental dues comprise a location of the computing device, historical crime rates associated with the location, number of devices at the location, security level of a network communicatively connected to the computing device and keywords sent by the device towards social media;
determining, by one or more processors, a presence of a threat based on matching at least one of the detected environmental cues with one or more stored threat criteria;
determining, by one or more processors, a presence of one or more sensitive applications on a user interface; and
hiding, responsive to determining the presence of the threat, by one or more processors, the one or more sensitive applications based on removing icons associated with the one or more sensitive applications from the user interface and rearranging remaining icons on the user interface to fill empty space resulting from sensitive icon removal.

US Pat. No. 10,169,610

DATA PRIVACY EMPLOYING A K-ANONYMITY MODEL WITH PROBABALISTIC MATCH SELF-SCORING

International Business Ma...

1. A computer-implemented method of protecting data comprising:determining a desired duplication rate for a data set based on a level of desired anonymity for the data in the data set, wherein one or more attributes of data records within the data set that individually identify an identity for a corresponding data record are de-identified, and remaining attributes of the data records include quasi-identifiers;
generating a self-score threshold for the data records within the data set based on the desired duplication rate and Receiver Operating Characteristic (ROC) curves;
producing a data record self-score for each data record in the data set by comparing quasi-identifiers for that data record to quasi-identifiers of a corresponding original data record;
comparing the data record self-scores to the self-score threshold; and
controlling access to the data records of the data set based on the data record self-scores satisfying the self-score threshold, wherein controlling access further comprises:
modifying attributes of data records failing to satisfy the self-score threshold to be less specific; and
enabling access to data records in response to the data record self-scores satisfying the self-score threshold indicating a presence of the desired level of anonymity for the data records.

US Pat. No. 10,169,609

DATA PROCESSING SYSTEMS FOR FULFILLING DATA SUBJECT ACCESS REQUESTS AND RELATED METHODS

OneTrust, LLC, Atlanta, ...

1. A computer-implemented data processing method for responding to a data subject access request, the method comprising:receiving, by one or more computer processors, a data subject access request from a requestor comprising one or more request parameters, wherein the one or more request parameters comprise one or more pieces of personal data associated with the requestor;
validating, by the one or more computer processors, an identity of the requestor based at least in part on the one or more request parameters;
in response to validating the identity of the requestor, determining, by the one or more computer processors, based on fulfillment constraint data, whether the data subject access request is subject to one or more response fulfillment constraints associated with the requestor, wherein determining whether the data subject access request is subject to one or more response fulfillment constraints comprises determining whether the data subject request comprises one of a threshold quantity of data subject access requests from the requestor within a threshold time period;
in response to determining that the data subject access request is subject to one or more response fulfillment constraints, notifying, by the one or more computer processors, the requestor that the data subject access request is subject to one or more limitations, and taking at least one action based on the data subject access request and the one or more limitations, wherein the at least one action comprises denying the data subject access request, or requesting one or more processing fees prior to fulfilling the request; and
in response to determining that the data subject access request is not subject to one or more response fulfillment constraints:
(1) identifying, by one or more computer processors, the one or more pieces of personal data associated with the requestor, the one or more pieces of personal data being stored in one or more data repositories associated with a particular organization, and
(2) data using the one or more pieces of personal data to fulfill the data subject access request; and
updating the fulfillment constraint data, in computer memory, to reflect that the data subject access request has been made.

US Pat. No. 10,169,608

DYNAMIC MANAGEMENT OF DATA WITH CONTEXT-BASED PROCESSING

MICROSOFT TECHNOLOGY LICE...

1. A method comprising:receiving data that has been acquired;
determining, by a computing device, contextual information regarding data-handling of the data, the contextual information including at least two of:
function data indicating an action or a type of action for which the data was acquired;
authority data indicating at least one of a jurisdiction or authority that is applicable to the data, a law that is applicable to the data, a regulation that is applicable to the data, a rule that is applicable to the data, a standard that is applicable to the data, or an industry practice or procedure that is applicable to the data;
control data indicating at least one of a control on the data that is set for a device, a control on the data that is set by or on behalf of a data subject, a control on the data that is set by an entity, a control regarding a data-handling requirement for the data, a control regarding security or privacy of the data, a control regarding consent for the data, a choice mechanism control regarding a manner of obtaining the consent, or a choice control regarding a right to object to use of the data;
class data indicating at least one of a class related to a data authority, a class related to the data subject or a device associated with the data subject, a class regarding whether or not the data is sanitized or aggregated, a class related to protected business information, a class related to national security, a class related to protection of Critical Infrastructure, or a class related to public health or safety; or
history data indicating at least one of actions that the data has been involved with, who initiated actions that the data has been involved with, how the data was acquired, or how the data has changed overtime;
tagging the data with the contextual information;
receiving, by the computing device and from a requestor, a request regarding data-handling of the data, the data-handling including storing, manipulating, sharing, analyzing, or other use of the data;
determining, by the computing device, a response to the request based at least in part on the contextual information and one or more data-handling requirements that are applicable to the request, the response providing guidance on handling the data while complying with the one or more data-handling requirements that are applicable to the data or the request, the response indicating:
whether the data-handling indicated in the request can be performed with the data in view of the one or more data-handling requirements that are applicable to the request; or
a task that needs to be performed to enable the data-handling to be performed with the data to comply with the one or more data-handling requirements that are applicable to the request;
providing, by the computing device, the response to the requestor;
determining, by the computing device, that a particular action or type of action has been performed with the data; and
updating, by the computing device, the contextual information to reflect performance of the particular action or type of action.

US Pat. No. 10,169,607

INDIVIDUAL CENTRIC PERSONAL DATA MANAGEMENT PROCESS AND METHOD

1. An individual and group centric bidirectional data management method for a user to aggregate personal information, medical history and health and wellness data manually or through secure interfaces on an encrypted cloud based software platform designated computer system that said user can use to exchange said data with any authorized third party or recipient healthcare providers or with any recipient or authorized third party family members, care givers and others in a bidirectional controlled way via a one time secure token using a personal computer, tablet or smart phone, the method comprising the steps of:a) receiving a user's authorized account creation request at said designated computer system and said designated computer system completing authorized account setup and authorization process upon first login attempt, and completing verification and multifactor authentication on all login attempts and performing ID verification and authentication for validation and fraud prevention using user entered information or third party services;
b) said designated computer system encrypting all the personal and medical information using encryption with personal and public key;
c) said designated computer system presenting to said user a list of general and specialty medical history profiles and status of each profile completion including percentages, readings and alerts upon logging in;
d) said designated computer system receiving user input to complete personal information consisting of demographics, emergency contacts, insurance, payments, medical directives and medical information;
e) said designated computer system uploading or importing said user documents and images including lab reports, medical photos, identification card, insurance cards, directives and consents discharge summary and clinical reports;
f) said designated computer system receiving said user input to complete adult or child primary care information including purpose of visit, history of prior illnesses, previous surgical procedures, prior, hospitalization, and tests performed;
g) said designated computer system recording vitals and biometrics data including blood pressure, blood glucose level, blood oxygen level, weight, body temperature, and pulse rate manually entered by the user or automatically recorded from connected devices or transferred from a third party system;
h) said designated computer system presenting to said user or authorized third party the forms, documents, charts and readings aggregated from all sources;
i) said designated computer system user sharing aggregated records with authorized third parties using the same system;
j) said designated computer system user selecting one or more recipients of user information where said recipient may be an organization or a person with or without an authorized account on the system;
k) said designated computer system user selecting one or more medical data forms, documents and aggregated vital data readings and charts to be sent to the selected one or more recipients;
l) said designated computer system creating an optional out of band security token with optional finite validation time interval and single or multiple use for transmission to a recipient for validation of said recipient access to said system;
m) said designated computer system encrypting and decrypting the data using a public and private key that is filtered to match recipient organizational preferences and secured with sender's security token;
n) said recipient redeeming the security token so as to be able to receive the data;
o) said recipient viewing, printing, editing, forwarding or exporting the data to internal systems of the recipient;
p) said designated computer system receiving input from a recipient identifying incomplete parts of a data set sent by a user and prompting a user to complete the incomplete part of forms and readings and re-sending the data to said recipient; and
q) said designated computer system taking data from external systems of an authorized third party, the one or more recipients and the user via various interfaces and updating the user information with the latest information from the external systems such that said updated latest user information is available to the user, the authorized third party and the one or more recipients in a secure bidirectional manner that ensures maintenance of complete up to date user information; and
r) use of said up to date user information to treat said user.

US Pat. No. 10,169,606

VERIFIABLE DATA DESTRUCTION IN A DATABASE

International Business Ma...

1. A computer-implemented method for verifying data destruction in a database, the method comprising:determining, by a computing device, that a policy event to initiate data destruction for a first set of data has been triggered, the first set of data located on a first file;
identifying, by the computing device, a second set of data on the first file that does not need to be destroyed;
copying, in response to the identifying and prior to the deleting of a first security key, the second set of data to a second file;
generating, in response to the copying and prior to the deleting of the first security key, a second security key for the second file;
encrypting, in response to the generating, the second set of data with the second security key;
deleting, by the computing device and in response to the determining, the first security key used for decrypting the first set of data; and
deleting, by the computing device and in response to the determining, one or more transaction log entries associated with the first set of data, wherein the one or more transaction log entries include a copy of the first set of data, and wherein the one or more transaction log entries are a part of a transaction log, the transaction log being a second file that stores a history of each data change within the database.

US Pat. No. 10,169,605

IMPLEMENTING BLOCK DEVICE EXTENT GRANULARITY AUTHORIZATION MODEL PROCESSING IN CAPI ADAPTERS

International Business Ma...

1. A method for implementing block extent granularity authorization model processing for a Coherent Accelerator Processor Interface (CAPI) adapter in a computer system comprising:providing the CAPI adapter with an authorization table and a file system authorization function;
said file system authorization function, authenticating data access for each CAPI client at an extent granularity level and preventing an application from accessing unauthorized data in the CAPI adapter;
each authorization table providing for each said CAPI client, a CAPI client identification (ID), a CAPI server register space assigning resource ownership to the CAPI client and a CAPI set of allowed functions; and
the CAPI adapter, responsive to receiving a CAPI client requesting authorization to a file from a file system in the computer system, validating and processing the CAPI client request using said CAPI client identification (ID), said CAPI server register space assigning resource ownership to the CAPI client and said CAPI set of allowed functions for performing command operations.

US Pat. No. 10,169,604

METHOD AND SYSTEM TO PREVENT ULTRASOUND DATA LEAKS IN MOBILE DEVICES

International Business Ma...

1. An ultrasound security system that integrates with an operating system on a mobile computing device, and comprises:an app flow analysis system that generates and maintains runtime flow graphs for apps running on the mobile device and analyzes the runtime flow graphs to identify a set of apps having confidential data flow application programming interfaces (APIs) in their execution paths;
a detector that further evaluates the set of apps having confidential data flow APIs to identify a subset of vulnerable apps also having ultrasound emitting APIs; and
a runtime correlation system that flags a vulnerable app as a potential data leak when a call to an ultrasound emitting API is detected from the vulnerable app.

US Pat. No. 10,169,603

REAL-TIME DATA LEAKAGE PREVENTION AND REPORTING

INTERNATIONAL BUSINESS MA...

1. A method comprising:detecting, by an analysis engine, that an extract transform load (ETL) job in an ETL system has been submitted for execution, the ETL job including an input data storage location and an output data storage location;
analyzing, by the analysis engine, the ETL job to predict whether execution of the ETL job will result in sensitive information being made accessible to an unauthorized user, the analyzing based on a sensitivity status of contents of the input data storage location and a data lineage of contents of the output data storage location;
preventing, by the analysis engine, the ETL job from executing based on predicting that execution of the ETL job will result in sensitive information being made accessible to an unauthorized user; and
initiating execution of the ETL job based on predicting that execution of the ETL job will not result in sensitive information being made accessible to an unauthorized user,
wherein the predicting includes a recursive or iterative process of tracing data of the output data storage location through subsequent ETL jobs in the ETL system.

US Pat. No. 10,169,602

METHOD FOR LOCAL KEY MANAGEMENT SETUP AND RECOVERY

Dell Products, L.P., Rou...

1. A method in an information handling system (IHS) for local key management setup and recovery, the method comprising:receiving, from a first requesting device, a lock request to secure one or more drives;
in response to receiving the lock request, querying, by a service processor executing a security manager, for one or more key identifiers associated with the first requesting device, wherein the security manager is a module operating on the service processor;
in response to receiving at least one key identifier at the security manager, dynamically, generating, via the service processor, a first public-private key and a first public certificate associated with the at least one key identifier;
automatically transmitting the first public certificate to the first requesting device;
invoking the first public-private key to secure the one or more drives;
encrypting the public-private key to create a recovery key;
generating a recovery certificate associated with the recovery key;
archiving the recovery key and the recovery certificate in one or more of (i) at least one recovery server and (ii) at least one recovery database;
assigning a lifecycle period to the first public-private key, wherein the lifecycle period designates a set time period of existence for the first public-private key and the recovery key;
determining when a remaining period of existence of the first public-private key is within a predetermined time before an end of the lifecycle period;
in response to the remaining period of existence being within the predetermined time, dynamically transmitting a reminder message that the public-private key will be updated;
in response to detecting a manual intervention prior to the expiry of the lifecycle period, providing a temporary period of additional time beyond the lifecycle period to unlock the one or more drives via the first public-private key;
detecting an expiry of the lifecycle period; and in response to detecting the expiry of the lifecycle period, dynamically generating a new public-private key and securing the one or more drives via the dynamically generated new public-private key.

US Pat. No. 10,169,601

SYSTEM AND METHOD FOR READING AND WRITING TO BIG DATA STORAGE FORMATS

AMERICAN EXPRESS TRAVEL R...

1. A method comprising:receiving, by a processor, a request at a single, centralized access point created by an access interface for access to a first variable in a single logical data structure as viewed from an application side, wherein the request comprises a requested action and a variable identifier for the first variable, wherein the request has a first syntax, wherein a first data storage format is incompatible with the first syntax;
parsing, by the processor, the request to capture the variable identifier from the request;
looking up, by the processor, the first variable in a catalog using the variable identifier, wherein the first variable includes a location of the first variable and the first data storage format that maintains the first variable and the variable identifier within the first data storage format;
generating, by the processor, a query to access the first variable, wherein the query comprises a second syntax compatible with the first data storage format; and
submitting, by the processor, the query to access the first data storage format, wherein the query is configured to complete the requested action.

US Pat. No. 10,169,600

ENCRYPTION POLICIES FOR VARIOUS NODES OF A FILE

International Business Ma...

1. A computer-implemented method for providing encryption policies for various portions of a file in a file system, the method comprising:parsing, by a computing device, a file into a plurality of nodes, the file being organized into one or more inode blocks, one or more data blocks, and a super-block;
the one or more inode blocks includes:
information about a size of the file, one or more timestamps, one or more pointers to where data is in the one or more data blocks, which node of the plurality of nodes a data block is associated with, and security key information of an encryption policy associated with each node of the plurality of nodes;
the superblock includes:
information about how many of the one or more inode blocks and the one or more data blocks are in the file,
where the one or more inode blocks and the one or more data blocks begin,
and an identifier to identify a type of the file;
each node of the plurality of nodes is defined by two or more of the one or more data blocks, and the one or more inode blocks, the plurality of nodes being associated with a first database table of the file, a first node of the plurality of nodes is defined by a logical boundary that groups a first set of database records of the first database table of the file and does not group a second set of database records of the first database table of the file, a second node of the plurality of nodes is defined by a second logical boundary that groups a first plurality of database columns of the first database table of the file and does not group a second plurality of database columns of the first database table of the file;
associating, based on the security key information in the one or more inode blocks by the computing device, at least a first encryption policy with the first node of the plurality of nodes;
associating, based on the security key information in the one or more inode blocks by the computing device, at least a second encryption policy with the second node of the plurality of nodes;
encrypting, based on the associating the at least the first encryption policy with the first node, data within the first node;
encrypting, based on the associating the at least the second encryption policy with the second node, data within the second node;
receiving a first request from a first user to access the file;
receiving a user security key from the first user, the user security key for use in decrypting a particular set of data within at least one of the plurality of nodes;
receiving a first identifier (ID) associated with the first user, the first ID corresponding to a particular work title of the first user;
determining that the user security key and the first ID are associated with the first node and the first encryption policy;
determining, based on the determining that the user security key and the first ID are associated with the first node and the first encryption policy, that the first user is authorized to access the first set of database records of the first database table of the file within the first node; and
in response to the determining that the first user is authorized to access the first set of database records of the first database table of the file within the first node, decrypting the first set of database records using the user security key; and
wherein the parsing the file into the plurality of nodes is carried out after a file manager determines that a first portion and a second portion of the file need to be encrypted by identifying the file type of the file within the superblock of the file, and wherein the first portion corresponds to the first node and the second portion corresponds to the second node.

US Pat. No. 10,169,599

DATA ACCESS CONTROL WITH FLEXIBLE DATA DISCLOSURE

International Business Ma...

1. A computer-implemented method, comprising:controlling access to a data item value of a data item that is obscured by an indicator providing a description of the obscured data item value, wherein the data item is any one of a structured data and an unstructured data, by:
presenting, with a first computer output device, the indicator; and
in response to receiving a request from a requestor to access the data item value,
receiving a reason for the request, wherein the reason is associated with a level of access control, wherein the level of access control is based on any one of the requestor, a role, and the data item value;
determining that the reason is valid;
providing access to the data item value by presenting the data item value on a second computer output device; and
recording an identity of the requestor, the reason, and the description of the data item value.

US Pat. No. 10,169,598

SYSTEMS AND METHODS FOR SENDING AND RECEIVING ENCRYPTED SUBMESSAGES

United Services Automobil...

1. A system for controlling paths of messages over a plurality of networks, comprising:a first computing device comprising:
a memory coupled to a processor unit of the first computing device, wherein the processor unit and the memory are configured to store a set of computer-readable instructions executable by the processor unit to:
partition a word processing document into a plurality of submessages containing content from a portion of the word processing document,
wherein at least one submessage contains content from comments or metadata of the word processing document and at least one submessage contains randomly generated bits unrelated to the word processing document;
encrypt each of the submessages, thereby generating a plurality of encrypted submessages,
wherein a portion of the content of a first encrypted submessage and a portion of the content of a second encrypted submessage contain overlapping content from the word processing document; and
one or more routing devices of one or more networks accessible to the first computing device, at least one routing device configured to:
transmit to a second computing device the first encrypted submessage via a first path of the one or more networks according to header data of the first encrypted submessage of said two encrypted submessages;
transmit to the second computing device the second encrypted submessage via a second path of the one or more networks according to header data of the second encrypted submessage of said two encrypted submessages,
wherein at least a portion of the content of the second encrypted submessage contains comments associated with the word processing document or metadata associated with the word processing document;
transmitting to the second computing device at least one copy of at least one of the first and the second encrypted submessages via a third path of the one or more networks;
transmit to the second computing device a first key via a fourth path of the one or more networks, wherein the first key identifies the randomly generated bits as unrelated to the word processing document; and
transmit to the second computing device, a second key and a third key to decrypt the first and the second encrypted submessages respectively,
whereby when the second computing device receives more than one copy of an encrypted submessage, the second computing device decrypts the copy that is least corrupted, and
wherein a first routing device of the one or more routing devices is configured to ensure that a first network of the first path is different from a second network of the second path, and wherein the first key is transmitted at a different time than the transmission of the second key, the third key, and the first and the second encrypted submessages.

US Pat. No. 10,169,597

SYSTEM AND METHOD OF APPLYING ADAPTIVE PRIVACY CONTROL LAYERS TO ENCODED MEDIA FILE TYPES

Entefy Inc., Palo Alto, ...

1. A non-transitory computer readable medium comprising computer executable instructions stored thereon that when executed cause one or more processing units to:receive an indication of a first protected region of a file of an encoded media file type that uses lossy compression;
receive first access permission settings for the first protected region;
receive an indication of a first recipient for the first protected region;
generate a first layer representation corresponding to the first protected region, wherein the first layer representation comprises the first protected region of the file and a first pixel margin buffer surrounding the first protected region;
create an edited encoded media file based on the indication of the first protected region, wherein a size of the first pixel margin buffer surrounding the first protected region is determined based, at least in part, on an encoding method used to create the edited encoded media file;
add the first layer representation into one or more containers within the file structure of the edited encoded media file; and
transmit the edited encoded media file to the first recipient, wherein the first layer representation and the edited encoded media file are transmitted to the first recipient simultaneously.

US Pat. No. 10,169,596

INFORMATION PROCESSING APPARATUS, METHOD, AND STORAGE MEDIUM

Canon Kabushiki Kaisha, ...

1. An information processing apparatus configured to control an operation of software based on an issued license, the information processing apparatus comprising:at least one processor; and
at least one memory storing instructions that, when executed, cause the at least one processor to operate as:
a holding unit configured to hold a serial number input to issue a first license for controlling the operation of the software;
a reception unit configured to receive an input of a serial number required to issue a second license for controlling the operation of the software at a different version;
a checking unit configured to check whether the serial number corresponding to the first license held by the holding unit and the serial number received by the reception unit are different from each other; and
a control unit configured to control the software based on the second license issued by a licensing server based on the serial number received by the reception unit along with returning the first license to the licensing server, if the checking unit confirms that the serial number corresponding to the first license held by the holding unit and the serial number received by the reception unit are different.

US Pat. No. 10,169,595

DETECTING MALICIOUS DATA ACCESS IN A DISTRIBUTED ENVIRONMENT

International Business Ma...

7. A system, comprising:a processor; and
a memory containing a program which when executed by the processor performs an operation comprising:
identifying a first access to a first subset of a first database table on a first storage node, of a plurality of storage nodes;
identifying a second access to a second subset of the first database table on a second storage node, of the plurality of storage nodes; and
performing a predefined operation to restrict access to the first database table on the plurality of storage nodes based on the first and second accesses, and further based on determining that the first database table is being improperly accessed, wherein determining that the first database table is being improperly accessed comprises:
comparing a first bitmap associated with the first database table on the first storage node to a second bitmap associated with the first database table on the second storage node, wherein comparing the first and second bitmaps comprises performing at least one of: (i) an AND operation, and (ii) an OR operation on the first and second bitmaps; and
determining that a result of the comparison of the bitmaps exceeds a predefined threshold.

US Pat. No. 10,169,594

NETWORK SECURITY FOR DATA STORAGE SYSTEMS

International Business Ma...

1. A method comprising:creating, by one or more processors of a network adapter of a storage system, a set of filter rules, wherein the set of filter rules is located in a firmware that is included on the network adapter, and wherein the set of filter rules includes a list of port numbers and protocols that are allowed or blocked from being accessed within the storage system;
responsive to receiving a request to modify the set of filter rules, prompting, by one or more processors of the network adapter, a requestor for a cryptographic key, wherein the requestor has privileged access to a guest operating system running on the storage system only if the cryptographic key is provided;
receiving, by one or more processors of the network adapter, a first packet;
analyzing, by one or more processors of the network adapter, a header of the first packet to determine a set of packet parameters, wherein the set of packet parameters includes a set of ports and protocols;
determining, by one or more processors of the network adapter, that the set of packet parameters of the received first packet is consistent with a rule in the set of filter rules;
in response to determining that the set of packet parameters of the received first packet is consistent with a rule in the set of filter rules, transmitting, by one or more processors of the network adapter, the received first packet through the network adapter;
receiving, by one or more processors of the network adapter, a second packet;
analyzing, by one or more processors of the network adapter, a header of the second packet to determine a set of packet parameters, wherein the set of packet parameters includes a set of ports and protocols;
determining, by one or more processors of the network adapter, that the set of packet parameters of the received second packet is inconsistent with the set of filter rules; and
in response to determining that the set of packet parameters of the received second packet is inconsistent with the set of filter rules, dropping, by one or more processors of the network adapter, the received second packet to prevent transmission through the network adapter.

US Pat. No. 10,169,593

SECURITY SYSTEMS GUI APPLICATION FRAMEWORK

International Business Ma...

1. A computer-implemented method for injecting functionality into a security intelligence platform, comprising:providing the security intelligence platform with a plurality of backend endpoints, each of the plurality of backend endpoints comprising:
a visualization interface point, the visualization interface point enabling new screens to be presented in a new tab with content served from application code running securely within a customer module;
a right click menu interface point, the right click menu interface point enabling new right click menu options to be available within a user interface of the security intelligence platform, the right click menu interface point enabling the application code running securely within the customer module;
a toolbar buttons interface point, the toolbar buttons interface point enabling new toolbar buttons to be available to the user interface of the security intelligence platform, the toolbar buttons interface point enabling the application code running securely within the customer module;
a dashboard interface point, the dashboard interface point enabling new dashboard widgets to be added to the user interface of the security intelligence platform, the dashboard interface point enabling the application code running securely within the customer module;
an administrative screens interface point, the administrative screens interface point enabling new administrative tabs, configuration screens and setup screens to be added to the user interface of the security intelligence platform, the administrative screens interface point enabling the application code running securely within the customer module;
a hover over metadata endpoint, the hover over metadata endpoint enabling injection of hover over additional metadata functionality to be incorporated into existing hover over areas of the user interface of the security intelligence platform, the hover over metadata endpoint running securely within the customer module;
a Javascript page scripts interface point, the Javascript page scripts interface point enabling injected browser Javascript specific to a particular existing user interface of the security intelligence platform, the Javascript page scripts interface point dynamically linking Javascript from the application code running securely within the customer model module; and
a resource bundles interface point, the resource bundles interface point providing support for globalization and localization key value properties, the resource bundles interface point dynamically loading resource bundles from the application code running securely within the customer model module;
generating a modification to the security intelligence platform according to an application framework, the modification comprising metadata associated with its functionality, the metadata corresponding to a predefined format; and,
merging the modification with the security intelligence platform via a secure system container and an endpoint of the plurality of backend endpoints.

US Pat. No. 10,169,592

SECURITY SYSTEMS GUI APPLICATION FRAMEWORK

International Business Ma...

7. A non-transitory, computer-readable storage medium embodying computer program code, the computer program code comprising computer executable instructions configured for:providing the security intelligence platform with a plurality of backend endpoints, each of the plurality of backend endpoints comprising:
a visualization interface point, the visualization interface point enabling new screens to be presented in a new tab with content served from application code running securely within a customer module;
a right click menu interface point, the right click menu interface point enabling new right click menu options to be available within a user interface of the security intelligence platform, the right click menu interface point enabling the application code running securely within the customer module;
a toolbar buttons interface point, the toolbar buttons interface point enabling new toolbar buttons to be available to the user interface of the security intelligence platform, the toolbar buttons interface point enabling the application code running securely within the customer module;
a dashboard interface point, the dashboard interface point enabling new dashboard widgets to be added to the user interface of the security intelligence platform, the dashboard interface point enabling the application code running securely within the customer module;
an administrative screens interface point, the administrative screens interface point enabling new administrative tabs, configuration screens and setup screens to be added to the user interface of the security intelligence platform, the administrative screens interface point enabling the application code running securely within the customer module;
a hover over metadata endpoint, the hover over metadata endpoint enabling injection of hover over additional metadata functionality to be incorporated into existing hover over areas of the user interface of the security intelligence platform, the hover over metadata endpoint running securely within the customer module;
a Javascript page scripts interface point, the Javascript page scripts interface point enabling injected browser Javascript specific to a particular existing user interface of the security intelligence platform, the Javascript page scripts interface point dynamically linking Javascript from the application code running securely within the customer model module; and
a resource bundles interface point, the resource bundles interface point providing support for globalization and localization key value properties, the resource bundles interface point dynamically loading resource bundles from the application code running securely within the customer model module;
generating a modification to the security intelligence platform according to an application framework, the modification comprising metadata associated with its functionality, the metadata corresponding to a predefined format; and,
merging the modification with the security intelligence platform via a secure system container and an endpoint of the plurality of backend endpoints.

US Pat. No. 10,169,591

CHAINED SECURITY SYSTEMS

Amazon Technologies, Inc....

1. A computer-implemented method, comprising:receiving an attestation request from a customer system to a main subsystem of a computing device, the computing device operating a customer virtual machine associated with the customer system;
sending a request to a limited subsystem provided using trusted hardware physically connected to the computing device, the limited subsystem configured to perform administrative tasks for the customer virtual machine;
receiving, at the limited subsystem, a first certificate from a certificate authority;
generating, at the limited subsystem, first credentials using the first certificate, a first measurement, and a second certificate for authenticating the main subsystem;
receiving, at the main subsystem, the second certificate from the limited subsystem;
generating, at the main subsystem, second credentials using the second certificate, and a second measurement including state information for the customer virtual machine; and
sending an attestation response to the customer system, the attestation response including the first measurement with the first credentials and the second measurement with the second credentials.

US Pat. No. 10,169,590

APPARATUS AND METHOD FOR DISPLAYING COMPUTER HEALTH INDEX

Beijing Qihoo Technology ...

1. An apparatus for displaying a computer health index, comprising:a memory having instructions stored thereon;
a processor to execute the instructions to perform operations comprising:
calculating at least one health sub-index and calculating the computer health index based on the at least one health sub-index, wherein each of the at least one health sub-index is associated with at least one computer state, and each of the at least one health sub-index reflects a health degree of an associated computer state;
performing simple index display in a specific area on a desktop to display a first icon reflecting a value of the computer health index;
wherein the first icon displayed by the simple index display is a first sphere, the first sphere changes its shape with the value of the computer health index, a color filled the first sphere changes from red to green or vice versa based on the value of the computer health index, and when the value of the computer health index is 100%, the first icon displayed by the simple index display becomes a fixed icon;
triggering by a user, the specific area on the desktop to display a detailed index display area, the detailed index display area containing:
a second icon reflecting the value of the computer health index, the second icon is a second sphere and is larger than the first icon, and a color filled the second sphere changes from red to green or vice versa based on the value of the computer health index;
information of the computer health index and information of each of the at least one health sub-index;
a computer state setting trigger area for receiving at least one trigger command from the user when the user clicks on the computer state setting trigger area; and
updating the first and second icons to reflect the at least one trigger command received from the user.

US Pat. No. 10,169,589

SECURELY BOOTING A COMPUTER FROM A USER TRUSTED DEVICE

International Business Ma...

1. A method for allowing a computer to boot from a user trusted device, wherein:the computer comprises a long-term data storage device storing operating system (OS) services; and
the user trusted device is separate from the computer and stores:
a boot loader, detectable and executable by a firmware of the computer, upon detecting a connection of the user trusted device to said computer;
an OS loader designed to load an operating system, or OS, of the computer; and
one or more crypto drivers designed for allowing access to the OS and data stored encrypted on said data storage device of the computer;
the method comprising:
upon connection of the user trusted device to the computer, letting the boot loader be detected by said firmware for a subsequent execution of the boot loader at least partly at the computer to cause to transfer the OS loader of the user trusted device from the user trusted device to the computer, by loading the OS loader into a main memory of the computer;
executing the transferred OS loader at least partly at said computer, to cause the one or more crypto drivers of the user trusted device to access said OS and access said data stored on said long-term data storage device, to start said OS services and complete booting of the computer; and
configuring the one more crypto drivers or the OS loader to retrieve at least one key for encrypting and decrypting said long-term storage device.

US Pat. No. 10,169,588

CONTROLLED STARTING OF AN ELECTRONIC CIRCUIT

PROTON WORLD INTERNATIONA...

1. A method to authenticate content of a non-volatile memory of an electronic device, the electronic device having a microcontroller and an embedded secure element, the method comprising:starting the microcontroller by executing instructions stored in a first non-reprogrammable memory area of the non-volatile memory, the first non-reprogrammable memory area associated with the microcontroller;
starting a boot sequence in the secure element;
monitoring with the secure element whether a request originating from the microcontroller is received;
in response to the monitoring indicating no request from the microcontroller has been received within a threshold period of time, interrupting a power supply of the microcontroller;
verifying, with the secure element, a signature generated by the secure element from content stored in a second reprogrammable memory area of the non-volatile memory area, the second reprogrammable memory area associated with the microcontroller;
if the signature is verified, sending, by the secure element, a message of validation of the content of the second reprogrammable memory area to the microcontroller; and
interrupting the power supply of the microcontroller if the signature is not verified.

US Pat. No. 10,169,587

HOSTED DEVICE PROVISIONING PROTOCOL WITH SERVERS AND A NETWORKED INITIATOR

8. A method for conducting a device provisioning protocol (DPP), the method performed by a mobile phone, the method comprising:operating, by the mobile phone, a DPP application, wherein the DPP application comprises an initiator for the device provisioning protocol;
establishing, by the mobile phone, a secure session with a server, wherein the secure session comprises at least, in part, authentication of the DPP application;
receiving, by the mobile phone and from a device, a tag value for a responder;
sending, by the mobile phone and to the server, the received tag value;
receiving, by the mobile phone and from the server, an initiator configuration, wherein the mobile phone uses the received initiator configuration with a WiFi radio in the mobile phone;
receiving, by the mobile phone and from the server, an initiator ephemeral public key and a first ciphertext, wherein the first ciphertext includes an initiator nonce;
sending, by the mobile phone and to the device, the initiator ephemeral public key and the first ciphertext, wherein the mobile phone uses the received initiator configuration to send the initiator ephemeral public key and the first ciphertext to the device;
receiving, by the mobile phone and from the device, a responder ephemeral public key and a second ciphertext, wherein the second ciphertext includes a responder authentication value;
sending, by the mobile phone and to the server, the responder ephemeral public key and the second ciphertext; and,
receiving, by the mobile phone and from the server, a third ciphertext, wherein the third ciphertext includes a set of network credentials for the device.

US Pat. No. 10,169,586

RANSOMWARE DETECTION AND DAMAGE MITIGATION

Fortinet, Inc., Sunnyval...

1. A method comprising:installing, by a kernel mode driver running on a computer system, a file system event monitoring module within each of a plurality of active processes running on the computer system;
detecting, by a first file system event monitoring module installed within a first process of the plurality of active processes, performance of a directory traversal operation on a directory of a file system of the computer system in which a parameter of the directory traversal operation includes at least one wildcard character;
when a number of wildcard-based directory traversal operations performed by the first process meets or exceeds a false positive threshold, then deploying, by the first file system event monitoring module, a decoy file within the directory and notifying the kernel mode driver regarding deployment of the decoy file;
monitoring and detecting, by the kernel mode driver an attempt by the first process to tamper with the decoy file by intercepting and evaluating file system operations; and
responsive to detection of the attempt, identifying, by the kernel mode driver, the first process as a malware process and causing the malware process to be terminated.

US Pat. No. 10,169,585

SYSTEM AND METHODS FOR ADVANCED MALWARE DETECTION THROUGH PLACEMENT OF TRANSITION EVENTS

FireEye, Inc., Milpitas,...

1. A non-transitory storage medium having stored thereon instructions, the instructions being executable by one or more processors to perform operations including:instantiating a virtual machine (VM) with a virtual machine monitor (VMM), the VM to process an object to determine whether the object is associated with malware;
performing a first analysis of memory allocated for the VM for a point of interest (POI), the point of interest being an address an instruction of a set of instructions likely to be associated with malware, the set of instructions including one or more instructions;
detecting a memory violation during processing of the object, the memory violation being an attempt to access a page in the memory allocated for the VM having a permission other than “execute” from which a process running within the VM is attempting to execute;
responsive to detecting the memory violation, injecting a transition event at the point of interest on the page and setting the permission of the page to “execute only”; and
responsive to continuing the processing of the object and detecting an attempted execution of the transition event, (i) emulating the instruction of the set of instructions corresponding to the point of interest, and (ii) performing one or more malware detection routines.

US Pat. No. 10,169,584

SYSTEMS AND METHODS FOR IDENTIFYING NON-MALICIOUS FILES ON COMPUTING DEVICES WITHIN ORGANIZATIONS

Symantec Corporation, Mo...

1. A computer-implemented method for identifying non-malicious files on computing devices within organizations, at least a portion of the method being performed by a first computing device comprising at least one processor, the method comprising:identifying a file on the first computing device within a plurality of computing devices managed by an organization;
determining that an instance of the file appeared on a second computing device within the plurality of computing devices within a certain amount of time after identifying the file on the first computing device;
determining that the file represents an organization-specific program created for internal use within the organization due at least in part to the file having appeared on the second computing device within the certain amount of time after identifying the file on the first computing device;
determining, based at least in part on the file representing the organization-specific program, that the file is trusted within the organization;
concluding, based on the file being trusted within the organization, that the file is not malicious; and
protecting the security of the first computing device by:
in response to concluding that the file is not malicious, adding the file to a whitelist of files that the first computing device is permitted to access; and
preventing the first computing device from accessing files that are not included on the whitelist.

US Pat. No. 10,169,583

MALWARE DROPPER DISCOVERY METHOD AND SYSTEM

INTERNATIONAL BUSINESS MA...

1. A method for facilitating finding a potentially harmful malware dropper on a computer system, comprising the steps of:a) identifying an executable file upon execution of said executable file on a computer;
b) storing, responsive to identifying said executable file upon execution of said executable file on said computer, a copy of said executable file in a database; and
c) inspecting said copy of said executable file responsive to detecting malware on said computer and subsequent to said executable file deleting said executable file from said computer,
wherein the identifying and storing are embodied in computer-readable instructions stored on a computer-readable medium for execution by a computer processor.

US Pat. No. 10,169,582

SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR IDENTIFYING A FILE USED TO AUTOMATICALLY LAUNCH CONTENT AS UNWANTED

McAfee, LLC, Santa Clara...

1. One or more storage devices comprising instructions that when executed cause one or more processors to at least:perform a first scan of a computer system;
detect, during the first scan, a first file on the computer system, the first file known to be a malicious file;
delete or quarantine the first file;
determine whether the first file is of a type to be automatically launched via a second file different than the first file, the second file to automatically launch the first file by initiating execution of the first file;
in response to the determination that the first file is of the type to be automatically launched via the second file, perform a second scan of the computer system to locate the second file; and
delete the second file.

US Pat. No. 10,169,581

DETECTING MALICIOUS CODE IN SECTIONS OF COMPUTER FILES

Trend Micro Incorporated,...

1. A computer-implemented method of evaluating a file for malicious code, the method comprising:receiving a plurality of normal files and a plurality of malicious files;
dividing each of the normal files and each of the malicious files into a plurality of file sections;
labeling each file section of the normal files as a normal file section;
labeling each file section of the malicious files as a malicious file section;
generating a machine learning model using a machine learning training data set comprising the labeled file sections of the normal files and the malicious files; and
using the machine learning model to identify which particular section of a target file contains malicious code.

US Pat. No. 10,169,580

IDENTIFYING WHETHER AN APPLICATION IS MALICIOUS

INTERNATIONAL BUSINESS MA...

1. A method comprising:detecting a first application being presented for installation on a processing system;
scanning, via a static analysis implemented by a processor, the first application to determine whether a user interface layout of the first application is suspiciously similar to a user interface layout of a second application installed on the processing system, wherein the user interface layout of the first application being suspiciously similar to the user interface layout of a second application indicates the first application is attempting to emulate the second application; and
responsive to the static analysis being indeterminate as to whether the user interface layout of the first application is suspiciously similar to the user interface layout of the second application:
during execution of the first application by the processing system, performing a runtime analysis of the first application, the runtime analysis comprising determining whether each of a plurality of user interface layouts of the first application is suspiciously similar to a respective user interface layout of the second application; and
responsive to the runtime analysis indicating that each of the plurality of the user interface layouts of the first application is suspiciously similar to the respective user interface layout of the second application, generating an alert indicating that the first application is malicious.

US Pat. No. 10,169,579

MALICIOUS PDF DETECTION

Palo Alto Networks, Inc.,...

1. A system, comprising:a processor configured to:
receive a first Portable Document Format (PDF) document;
classify the received first PDF document using a classifier trained at least in part using a set of features extracted from a plurality of training PDF documents, wherein a first classification that can be determined for the first PDF document is a classification of “likely benign” and wherein a second classification that can be determined for the first PDF document is a classification of “likely malicious”, and wherein the plurality of training PDF documents comprise a set of PDF documents that were, at a time previous to the training of the classifier, known to be benign, and are labeled as belonging to a benign set, and wherein the plurality of training PDF documents further comprise a set of PDF documents that were, at a time previous to the training of the classifier, known to be malicious, and are labeled as belonging to a malicious set; and
wherein at least one feature extracted from the malicious set includes a feature associated with at least two stream filters cascaded to form a decoding pipeline; and
wherein, in the event the received first PDF document is classified as likely malicious, additional analysis of potential maliciousness of the first PDF document is caused to be performed, and wherein, in the event the received first PDF document is classified as likely benign, additional analysis of potential maliciousness of the first PDF document is not caused to be performed; and
a memory coupled to the processor and configured to provide the processor with instructions.

US Pat. No. 10,169,578

MIGRATION SERVICE METHOD AND MODULE FOR SOFTWARE MODULES

TELEFONAKTIEBOLAGET LM ER...

1. A migration service method for software modules, the method comprising:detecting a security flaw in a first environment in which the software modules are running, wherein the security flaw in the first environment is usable by an intrusion to intrude into the first environment, and wherein the security flaw is attributable to at least one of a software component in the first environment, a hardware component in the first environment, a version of a software component in the first environment, and a version of a hardware component in the first environment; and
when the security flaw is detected,
migrating the software modules or part of the software modules from the first environment to a second environment that differs from the first environment by not having the security flaw,
wherein detecting the security flaw in the first environment comprises:
monitoring security issues in a subscribed mailing list, on a web page, in a database or on a web forum; and
detecting the security flaw in the first environment based on whether or not the security issues are related to the software modules running on the first environment,
wherein migrating the software modules or part of the software modules from the first environment to the second environment further comprises:
identifying the software modules which are sensitive to the security flaw based on a pre-determined or calculated sensitivity rating; and
migrating the identified software modules from the first environment to the second environment.

US Pat. No. 10,169,577

SYSTEMS AND METHODS FOR DETECTING MODIFICATION ATTACKS ON SHARED PHYSICAL MEMORY

Symantec Corporation, Mo...

1. A computer-implemented method for detecting modification attacks on shared physical memory, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:identifying a page frame of physical memory that physically stores data and is shared by a plurality of virtual machines, wherein:
a page of virtual memory of each of the plurality of virtual machines contains the data and is mapped to the page frame;
the plurality of virtual machines have simultaneous read-only access to the page frame; and
a copy-on-write mechanism remaps, when one of the plurality of virtual machine attempts to write additional data to the page of virtual memory of the one of the plurality of virtual machines, the page of virtual memory of the one of the plurality of virtual machines to an additional page frame of the physical memory before writing the additional data to the additional page frame;
calculating, while the plurality of virtual machines still have simultaneous read-only access to the page frame, a first checksum for the page frame;
calculating, while the plurality of virtual machines still have simultaneous read-only access to the page frame and before any of the plurality of virtual machines writes to a page of virtual memory that is mapped to the page frame, a second checksum for the page frame;
detecting a modification attack on the page frame by one of the plurality of virtual machines by detecting that the first checksum does not equal the second checksum; and
performing a security action in response to detecting the modification attack.

US Pat. No. 10,169,576

MALWARE COLLUSION DETECTION

International Business Ma...

1. A method for malware collusion detection in a mobile computing device, the method comprising:filtering applications installed in the mobile device to identify a set of related applications;
monitoring, by the mobile device, computing operations associated with execution of the related applications in the set of related applications;
determining, based upon the monitoring, that resource utilization is high for a first related application of the set of related applications, which first application is executing in a background of the mobile device;
determining, based upon the monitoring, that computing execution performance is low for a second related application of the set of related applications; and,
responsive to the determination that the resource utilization for the first related application is high, and further responsive to the determination that computing execution performance for the second related application is low, generating a notification in the display of the mobile device that the first related application of the set of related applications is suspected of malware collusion with the second related application of the set of related applications.

US Pat. No. 10,169,575

SYSTEMS AND METHODS FOR PREVENTING INTERNAL NETWORK ATTACKS

Symantec Corporation, Mo...

1. A computer-implemented method for preventing internal network attacks, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:identifying a subnet of a network, the subnet comprising at least an endpoint host system and an additional endpoint host system;
detecting an intrusion on the endpoint host system, the intrusion on the endpoint host system having bypassed a security feature implemented on a gateway for obstructing attacks across the gateway on systems within the subnet from outside the subnet and thus having breached the network into the subnet and thus being capable of facilitating an internal network attack via the endpoint host system on another endpoint system within the subnet;
implementing a security measure on the additional endpoint host system to prevent the internal network attack based at least in part on detecting the intrusion that breached the network into the subnet and at least in part on the endpoint host system and additional endpoint host system being within the subnet,
wherein the security measure comprises a firewall restriction that is implemented on the additional endpoint host system and that regulates network traffic within the subnet between the endpoint host system and the additional endpoint host system, the firewall restriction is implemented by an agent on the additional endpoint host system, thereby employing resources of the additional endpoint host system to prevent the internal network attack beyond resources provided by the endpoint host system and the gateway, and
wherein implementing the security measure comprises increasing an aggressiveness of a malware detection policy on the additional endpoint host system and performing a scan for malware on the additional endpoint host system based on the malware detection policy.

US Pat. No. 10,169,574

USING TRUSTED EXECUTION ENVIRONMENTS FOR SECURITY OF CODE AND DATA

Intel Corporation, Santa...

1. An apparatus comprising:at least one memory comprising instructions; and
at least one processor to execute the instructions to:
create a first trusted execution environment (TXE) in protected non-privileged user address space of the at least one memory, the first TXE to make a first measurement of first executable code included in a first software application, the first TXE further to, while the first measurement is within the first TXE, encrypt the first measurement with a persistent first hardware based key, the first TXE to measure executable code only of the first software application;
create a second TXE in the non-privileged user address space, the second TXE to measure executable code only of a second software application;
create a third TXE in the non-privileged user address space;
create a first secure communication channel between the first and third TXEs; and
communicate the first measurement encrypted by the first TXE from the first TXE to the third TXE via the first secure communication channel.

US Pat. No. 10,169,573

MAINTAINING SECURE DATA ISOLATED FROM NON-SECURE ACCESS WHEN SWITCHING BETWEEN DOMAINS

ARM Limited, Cambridge (...

1. A data processing apparatus comprising:processing circuitry configured to execute a stack select flag set instruction specifying a register and, in response to said select flag set instruction, to determine whether a target address that is stored in said register is in a less secure region of a data store than a current operating region, and when said target address is determined to be in said less secure region to set a stack select flag to indicate said less secure region;
wherein in response to program code calling a function stored in a first region of the data store, the processing circuitry is configured to access a first stack stored in the first region for function arguments and return data values when said stack select flag indicates the first region, and to access a second stack stored in a second region of the data store for the function arguments and the return data values when said stack select flag indicates the second region.

US Pat. No. 10,169,572

STARTING AN APPLICATION ON A MOBILE DEVICE

CHINA UNIONPAY CO., LTD.,...

1. A method for activating application programs on a mobile device, characterized in that the method comprises the following steps:receiving an application request from a device which is located outside the mobile device;
identifying a transmission protocol associated with the application request; and
determining that there are a plurality of safety entities in the mobile device which support the transmission protocol and store application programs associated with the application request, and activating an application program associated with the application request in a default safety entity;
wherein a correlation between the safety entities and the transmission protocol being supported is stored in form of an application register table in an erasable non-volatile memory of the mobile device, the application register table includes an SE identification domain storing identifiers for identifying the safety entities, a protocol domain storing the type of the transmission protocols supported by each of the safety entities, and an application identification domain storing identifiers for identifying the application programs,
for each of the application programs, the identifiers for identifying all of the safety entities containing one of the application programs are stored in a cyclic ordering selection domain, and the ordering of them represents the order in which they are selected in sequence.

US Pat. No. 10,169,571

SYSTEM AND METHOD FOR SECURE, POLICY-BASED ACCESS CONTROL FOR MOBILE COMPUTING DEVICES

Sequitur Labs, Inc., Fal...

1. A system for hiding the adjudication for authorizing a client access request to a secure computing device resource, the system having hidden secure policy instructions, a hidden secure adjudication process and hidden secure condition and parameters for hidden permitted operations on the requested secure computing resource device, the system comprising:a hardened and hidden policy decision server having a secure persistent memory for storing hierarchical sets of policy instructions and parameters, and having a processor for applying at least one set of the hierarchical sets of policy instructions and parameters to the client access request and computing an adjudicated decision of authorized access or denial of access based on hidden permitted operations on the requested secure computing device resource;
an encrypted back-channel for communicating the client access request to the policy decision server and for hiding the policy instructions, the adjudication process, and the conditions and parameters utilized by the processor in adjudicating the client access requests from the requesting client;
an agent, hidden from the requesting client and coupled to the policy decision server by the encrypted back-channel for transmitting client access requests, including additional parameters needed to access the secure computing device resource as required by the policy instructions, to the policy decision server; and
a policy enforcement server coupled to the agent for receiving adjudicated decisions from the policy decision server, secure computing device resource and having an intercepting server for intercepting client access requests, said policy enforcement server being coupled to the agent for transmitting the access requests thereto, and for receiving and transmitting policy decisions to the agent and for enforcing the adjudicated decision received from the agent.

US Pat. No. 10,169,570

COGNITIVE PASSWORD PATTERN CHECKER TO ENFORCE STRONGER, UNREPEATABLE PASSWORDS

International Business Ma...

1. A processor-implemented method for determining a password strength, the method comprising:identifying a keyboard layout type associated with a keyboard utilized to enter a user-entered password;
mapping each character within a plurality of characters in the user-entered password to a corresponding location on a grid associated with the identified keyboard layout type, wherein mapping each of the plurality of characters in the user-entered password includes overlaying a plurality of icons on the grid, and wherein each of the plurality of icons represents a character within the plurality of characters;
determining a coordinate sequence associated with the user-entered password based on the mapped plurality of characters;
applying a pattern recognition algorithm to the determined coordinate sequence; and
determining a password strength based on the applied pattern recognition algorithm and comparing the determined coordinate sequence of the user-entered password with a previous password coordinate sequence.

US Pat. No. 10,169,569

AUTOMATED PASSWORD GENERATION AND CHANGE

Okta, Inc., San Francisc...

1. A computer-implemented method, comprising:learning heuristics to identify webpages of third-party services that request login information, wherein a user has an account on each third-party service;
selecting a third-party service from the third-party services;
identifying password complexity rules associated with the selected third-party service;
generating a random password that satisfies the password complexity rules as a new password for an account of the user on the selected third-party service;
causing the account of the user on the selected third-party service to use the new password, the causing comprising applying the learned heuristics to enter the new password into a webpage of the selected third-party service that requests login information;
configuring client devices of the user to be updated with the new password for use with the selected third-party service, the configuring comprising sending a request to a remote device management system to configure the client devices;
attempting to log the user in to the selected third-party service;
determining that the attempt failed; and
responsive to determining that the attempt failed, transmitting a notification of suspicious activity.

US Pat. No. 10,169,568

EYE GAZING PASSCODE GENERATION CROSSING AUGMENTED REALITY (AR) AND VIRTUAL REALITY (VR) DEVICES

International Business Ma...

1. A system, comprising:a processing circuit; and
logic integrated with the processing circuit, executable by the processing circuit, or integrated with and executable by the processing circuit, the logic being configured to cause the processing circuit to:
receive an eye gaze of a source user generated by a source augmented reality or virtual reality device (source AR/VR device) on a receiver AR/VR device;
determine gazed content from the eye gaze of the source user using a password key phrase determination feature;
generate a symmetric password key utilising the gazed content according to a set of password determination rules; and
perform an operation using the receiver AR/VR device, the operation being secured by the symmetric password key,
wherein the symmetric password key is not exchanged with any other device,
wherein the operation secured by the symmetric password key is selected from the group consisting of: a data transfer, determination of access rights for the source user, licensing of an application configured to operate on the source AR/VR device, and authentication of an identity of the source user.

US Pat. No. 10,169,567

BEHAVIORAL AUTHENTICATION OF UNIVERSAL SERIAL BUS (USB) DEVICES

Lockheed Martin Corporati...

1. A method for authenticating a universal serial bus (USB) device, the method comprising:receiving the USB device with a USB interface of a host device;
sensing a plurality of behavioral characteristics of the USB device;
comparing the plurality of behavioral characteristic of the USB device with data associated with the USB device, the data associated with the USB device being stored in a non-volatile memory of the host device, to obtain a value indicative of a degree of similarity between the plurality of behavioral characteristic of the USB device and the data associated with the USB device; and
determining whether the USB device is an authorized device based on the value indicative of the degree of similarity between the plurality of behavioral characteristics of the USB device and the data associated with the USB device;
wherein sensing a plurality of behavioral characteristics of the USB device comprises sensing a plurality of timing characteristics of the USB device, and comparing the plurality of behavioral characteristics of the USB device with the data associated with the USB device comprises comparing the plurality of timing characteristics of the USB device with timing data associated with the USB device.

US Pat. No. 10,169,566

AUTHENTICATION USING EMOJI-BASED PASSWORDS

Capital One Services, LLC...

1. A method, comprising:receiving, by a device, an input from a user,
the user being associated with a user account,
the input relating to a request for access to the user account, and including a selection of a plurality of emojis;
identifying, by the device, a plurality of text strings associated with the plurality of emojis after receiving the input,
each text string, of the plurality of text strings, corresponding to a respective emoji of the plurality of emojis;
performing, by the device, an action to generate a combined text string based on the plurality of text strings;
processing, by the device, the combined text string to derive an output value after performing the action;
determining, by the device, whether the output value corresponds to a particular value after processing the combined text string; and
authenticating, by the device, the user to permit the user to access the user account based on determining that the output value corresponds to the particular value.

US Pat. No. 10,169,565

METHOD OF DYNAMICALLY ADAPTING A SECURE GRAPHICAL PASSWORD SEQUENCE

1. A method of dynamically adapting a secure graphical password sequence by executing computer-executable instructions stored on a non-transitory computer-readable medium comprising:providing a computing device;
the computing device performing:
authenticating a user to request access to a restricted user account on the computing device;
defining a plurality of element selection requirements for a password sequence;
defining a plurality of preferences for the password sequence and a selection grid, the selection grid being used to input the password sequence;
dynamically generating the selection grid from the element selection requirements and the plurality of preferences, the selection grid comprising a plurality of grid cells containing at least one graphical element from a plurality of graphical elements, each of the graphical elements being associated with at least one element category and an authentication value;
displaying a user interface with the selection grid;
receiving a plurality of cell selections as the password sequence, each of the cell selections corresponding to one of the grid cells and corresponding to one of a plurality of sequential locations in the password sequence;
comparing the password sequence to the element selection requirements in order to authenticate the password sequence as a valid password sequence;
rejecting the password sequence as a current invalid password sequence;
accepting the password sequence as a current valid password sequence in response to determining the password sequence as valid; and
providing the access to the restricted user account in response to authenticating the user requesting the access with the current valid password sequence;
allowing the user to update parameters of the password sequence via successful or unsuccessful logins over time;
adding at least one additional layer of complexity to the element selection requirements in response to finding the pattern similarities between the current and previous invalid password sequences; and
randomizing or increasing or decreasing a probability of displaying incorrect selections.

US Pat. No. 10,169,564

VARIABLE IMAGE PRESENTATION FOR AUTHENTICATING A USER

INTERNATIONAL BUSINESS MA...

1. A method comprising:performing an authentication procedure to determine whether a user is authenticated to use a processing device, the performing comprising:
automatically selecting a graphical image, from a plurality of graphical images, for presentation to the user based on activation of the processing device, the plurality of graphical images being associated with predefined authenticators corresponding to at least one authentication type of a plurality of authentication types, wherein the predefined authenticators and the at least one authentication type are user-selected, wherein, for each graphical image of the plurality of graphical images, a user-selected authentication type to associate with the graphical image for use in authenticating the user is received and associated with the graphical image, and, based on that user-selected authentication type, a user-selected authenticator, of that user-selected authentication type, to associate with the graphical image for use in authenticating the user is also received and associated with the graphical image;
presenting, using a graphical display of the processing device, the selected graphical image to the user;
presenting, along with the selected graphical image, a plurality of elements each corresponding to a respective different authentication type of the plurality of authentication types; and
determining whether the user is authenticated to use the processing device, the determining whether the user is authenticated to use the processing device comprising:
based on presenting to the user the selected graphical image along with the plurality of elements, receiving a first input from the user comprising a selection of one element of the plurality of elements;
determining whether the authentication type to which the selected one element corresponds matches the user-selected authentication type associated with the graphical image; and
performing processing based on whether the authentication type to which the selected one element corresponds matches the user-selected authentication type associated with the graphical image.

US Pat. No. 10,169,563

ENCRYPTION AUTHORIZATION DONGLE HAVING VOLATILE MEMORY

International Business Ma...

1. A method comprising:establishing a communication link between an authorization dongle and a secure device, the authorization dongle being communicatively coupled with the secure device using a data connector, the secure device having encrypted data stored thereon;
establishing a communication link between the authorization dongle and a secure server, the authorization dongle being communicatively coupled with the secure server using a network adapter;
receiving an encryption key from the secure server, the encryption key being associated with the encrypted data stored on the secure device;
storing the encryption key on volatile memory of the authorization dongle;
receiving, from the secure device, an indication that a user is attempting to access the encrypted data stored on the secure device;
transmitting, in response to the user attempting to access the encrypted data stored on the secure device, the encryption key from the authorization dongle to the secure device;
receiving a second indication that the encryption key is cleared from the volatile memory, wherein the encryption key is cleared as a result of the communication link between the authorization dongle and the secure device being severed;
determining that the authorization dongle is authorized to access the secure server;
establishing, in response to the determination that the authorization dongle is authorized to access the secure server, a second communication link between the authorization dongle and the secure server; and
restoring, by the authorization dongle, the encryption key using updates received from the secure server in response to the second indication that the encryption key is cleared from the volatile memory.

US Pat. No. 10,169,562

ACTIVITY RECOGNITION TO CONFIRM SECURE AUTHENTICATION OF A USER

International Business Ma...

1. A method of two-factor authentication for gaining access to an application using a first device and a second device registered to a user, the first device and the second device each having a plurality of sensors for detecting activity modalities indicative of a user's behavior relative to the first device and the second device, the first device and the second device in communication with a server computer, comprising the steps of:the server computer receiving credentials from the first device for gaining access to the application and at least two detected activity modalities of a locomotive state of the user indicating a type of locomotion of the user and a geographical location state of the user detected by the first device;
the server computer sending a request to the second device registered to the user for at least two detected activity modalities of the locomotive state of the user and the geographical location state of the user;
the server computer receiving the at least two detected activity modalities of the locomotive state of the user and the geographical location state of the user from the second device;
the server computer comparing the at least two detected activity modalities of the locomotive state of the user and the geographical location state of the user detected by the first device to the at least two detected activity modalities of the locomotive state of the user and the geographical location state of the user received from the second device; and
the server computer granting access to the user on the first device to the application if the at least two detected activity modalities of the locomotive state of the user and the geographical location state of the user detected by the first device matches the at least two detected activity modalities of the locomotive state of the user and the geographical location state of the user received from the second device.

US Pat. No. 10,169,561

BIOMETRIC INTERFACE SYSTEM AND METHOD

1. An earpiece for authenticating users using stored finger print authentication data, the earpiece comprising:an earpiece housing;
at least one speaker;
at least one microphone;
a processor disposed within the earpiece housing and operatively connected to the at least one speaker and the at least one microphone, wherein once authentication occurs all or portions of earpiece operation or programming become accessible to a user;
a plurality of sensors operatively connected to the processor;
a data storage device disposed within the earpiece housing and operatively connected to the processor, wherein a first portion of the stored finger print authentication data is stored on the data storage device;
a radio transceiver disposed within the earpiece housing and operatively connected to the processor, wherein a second portion of the stored fingerprint authentication data is stored at a remote location and accessible over a network through the radio transceiver;
wherein the processor is configured to receive fingerprint data from a first sensor at a fingerprint contact surface on the earpiece housing and analyze the fingerprint data using the first portion of the stored fingerprint authentication data and the second portion of the stored fingerprint authentication data; and
wherein the processor is configured to receive users biometric data from a second sensor and make an authentication decision based on the fingerprint data and the biometric data.

US Pat. No. 10,169,560

STIMULI-BASED AUTHENTICATION

LENOVO ENTERPRISE SOLUTIO...

1. A method comprising:presenting, using a stimulus module, one or more stimuli to a person, wherein the stimulus module prevents imitation of a correct response by the person, by presenting the one or more presented stimuli to the person for random durations;
measuring, using a response module and an electroencephalography (“EEG”) monitor, a brainwave response of the person to the one or more stimuli; and
authenticating, using an authentication module, the person based on the measured brainwave response,
wherein said modules comprise one or more of hardware circuits, a programmable hardware device, and a processor.

US Pat. No. 10,169,559

CONTROLLING INPUT/OUTPUT DEVICES

Samsung Electronics Co., ...

1. A wearable electronic device comprising:one or more sensors;
a communication module;
a touchscreen display;
a battery module;
at least one memory configured to store executable instructions; and
at least one processor configured to execute the stored instructions to:
control the one or more sensors to obtain heart rate information of a user,
control the one or more sensors to obtain motion information of the user,
obtain power state information of the battery module including a remaining battery charge,
control operation of at least one of the touchscreen display and the communication module based on the obtained power state information, including controlling a Wireless Fidelity module of the communication module to be turned on or off based on the obtained power state information, and
control operation of the touchscreen display based on the obtained motion information of the user, including deactivating the touchscreen display when the motion information indicates a movement greater than a predefined value,
wherein the one or more sensors include at least one of a heartbeat sensor, an acceleration sensor, a gyro sensor, a geomagnetic sensor, and a GPS module.

US Pat. No. 10,169,558

ENHANCING BIOMETRIC SECURITY OF A SYSTEM

Intel Corporation, Santa...

1. A method comprising:receiving an ordered sequence of biometric inputs from a user via a biometric sensor associated with a processing system, wherein each biometric input of the ordered sequence of biometric inputs is associated with a corresponding digit of the user;
determining an indication of a direction of motion of the corresponding digit for each of the biometric inputs while the corresponding digit is being sensed by the biometric sensor;
determining if the biometric input and direction of motion of each of the ordered sequence of biometric inputs matches a corresponding entry stored in a table of a non-volatile storage of the processing system, the table including a stored ordered sequence of biometric inputs corresponding to a password pattern of the user selected by the user, the table including a plurality of entries each to store, for one of the stored ordered sequence, a biometric input, direction of motion, and mapping to an alphanumeric character;
if the biometric input and direction of motion of each of the ordered sequence of biometric inputs matches the corresponding entry stored in the table, determining whether a collection of the alphanumeric characters of each entry matches a stored password in a password database;
if so, enabling the user to access the processing system and converting the stored password to the password pattern, and otherwise preventing the user from accessing the processing system, wherein each of the ordered sequence of biometric inputs maps to an element of the password pattern selected by the user and the stored password is an alphanumeric password previously stored without biometrical-based information.

US Pat. No. 10,169,557

PICTURE/GESTURE PASSWORD PROTECTION

International Business Ma...

2. A system for identifying a strength of an input picture password formed from a selected picture and performing a sequence of gestures relative to the picture, the system comprising:a memory device for storing a crowd source history of picture passwords formed by tracking a plurality of picture passwords used to authenticate a plurality of users, each of the plurality of users having a respective user profile including at least one non-language demographic and each of the plurality of picture passwords including a picture selected by a user of the plurality of users and a sequence of gestures performed relative to the picture by the user;
a processor-based demography-based pattern usage assessment generator for generating a demography-based pattern usage assessment corresponding to the at least one non-language demographic by analyzing the crowd source history and the user profiles of the plurality of users to develop rules from the crowd source history according to common gestures for the at least one non-language demographic, wherein the rules are indicative of a strength of each gesture in the sequence of gestures according to how the sequence of gestures is performed relative to the picture; and
a user-perceptible indication device for providing an indication of the strength of the input picture password in accordance with the demography-based pattern usage assessment corresponding to the at least one non-language demographic.

US Pat. No. 10,169,556

VERIFYING A USER'S IDENTITY BASED ON ADAPTIVE IDENTITY ASSURANCE LEVELS

INTUIT INC., Mountain Vi...

1. A method for managing access to a computer-based resource, comprising:receiving a request from a user for a computer-based resource, wherein the computer-based resource is associated with a minimum identity assurance level;
determining an identity assurance level of the user by;
calculating an identity-proofing success rate based on usage data in a usage repository for each of a plurality of identity-proofing techniques;
determining a security level for each respective identity-proofing technique of the plurality of identity-proofing techniques based on the respective identity-proofing success rate associated with the respective identify-proofing technique,
calculating a user success rate based on the usage data in the usage repository for each of a plurality of identity-proofing techniques; and
calculating the identity assurance level of the user based on the user success rate and the security level of each of the plurality of the identify-proofing techniques; and
determining the identity assurance level of the user meets the minimum identity assurance level associated with the computer-based resource; and
enabling access to the computer-based resource in a response to the request.

US Pat. No. 10,169,555

MULTI-USER LOGIN FOR SHARED MOBILE DEVICES

Facebook, Inc., Menlo Pa...

1. A method comprising:by a shared mobile computing device, presenting a login interface for a plurality of users of the shared mobile computing device;
by the shared mobile computing device, detecting a first indication of a login action by a first user of the plurality of users;
by the shared mobile computing device, accessing one or more content objects stored on a third party system, wherein the content objects are uniquely associated to the first user;
by the shared mobile computing device, presenting a personalized user interface to the first user, wherein the personalized user interface is based at least in part on the one or more content objects and the associated information of the one or more content objects stored on the third party system;
by the shared mobile computing device, detecting, based at least on inputs from one or more biometric sensors, an attempt by a second user to access the shared mobile computing device; and
by the shared mobile computing device, transmitting a notification to the first user, wherein the notification comprises information related to the detected attempt to access by the second user.

US Pat. No. 10,169,554

WORK SUPPORT SYSTEM, WORK SUPPORT METHOD AND COMPUTER-READABLE RECORDING MEDIUM

CASIO COMPUTER CO., LTD.,...

1. A work support system, comprising:a processor configured to perform a display control process to display, on a display, a first list including a plurality of unprocessed task indices each of which has a first periphery size and a second list including a plurality of processed task indices each of which has a second periphery size smaller than the first periphery size,
wherein, in the display control process, when attribution of one of the unprocessed task indices in the first list is changed to a processed task index, a periphery size of the changed-to-processed task index, the attribution of which is changed to the processed task index, is reduced from the first periphery size to a third periphery size which is smaller than the first periphery size and larger than the second periphery size, and the changed-to-processed task index is displayed in a moving manner from the first list to the second list so that the changed-to-processed task index is visually recognized as passing behind other unprocessed task indices.

US Pat. No. 10,169,553

MANAGING GROUPED STUDENT DEVICES WITH TIMED LOCKS

AirWatch, LLC, Atlanta, ...

1. A system comprising:at least one processor; and at least one non-transitory computer-readable medium including instructions, which when executed by the at least one processor, cause the at least one processor to perform stages including:
determine at least one user device that corresponds to a session to which a master device is assigned;
send device identifiers to the master device that correspond to the at least one user device;
receive a lock request from the master device to apply a lock to a group of user devices comprising the at least one user device, the group being selected by the master device, wherein the lock request includes timing information relating to the lock and the lock is associated with a whitelist of resources that can be accessed by the group of user devices, wherein the lock request further includes a selection of a lock type and the lock type is selected from a group that includes an application lock, a file lock and a web lock;
determining two or more different operating systems of two or more user devices from the group of user devices and using two different messaging servers corresponding to the two different operating systems to send the lock requests to the two or more user devices, respectively; and
cause the group of user devices to apply the lock for a duration based on the timing information and the whitelist of resources, wherein applying the lock includes locking the group of user devices into a single application mode such that the user devices are locked into an application managed by a management server that specifies which resources are available to the application for access by the user devices, and wherein the timing information causes the group of user devices to unlock after the duration without further contact with the master device or the management server.