Symantec Patent Grants

Optimizing security seals on web pages

Granted: July 18, 2017
Patent Number: 9712532
A method of providing web site verification information to a user can include receiving a DNS query including a host name and a seal verification site name, parsing the DNS query, and extracting the host name from the DNS query. The method also can include accessing a DNS zone file including a list of Trust Services customers and determining if the host name is associated with a Trust Services customer in the list of Trust Services customers. The method further can include transmitting a…

Wireless router

Granted: July 11, 2017
Patent Number: D791768

Systems and methods for categorizing virtual-machine-aware applications for further analysis

Granted: July 11, 2017
Patent Number: 9703956
The disclosed computer-implemented method for categorizing virtual-machine-aware applications for further analysis may include (1) identifying a plurality of virtual-machine-aware applications, where each of the plurality of virtual-machine-aware applications exhibits different behavior when the virtual-machine-aware application detects that the virtual-machine-aware application is executing in a physical computing environment rather than in a virtual computing environment, (2)…

Service assisted reliable transaction signing

Granted: July 11, 2017
Patent Number: 9704158
Techniques are disclosed for authenticating transactions conducted over computer networks, e.g., online banking transactions or other transactions performed by a financial institution at a customer's request. After receiving a transaction request (and associated transaction details), the transaction signing service signs the transaction data and sends the resulting blob to the user requesting the transaction. After being transmitted to the user, the signed transaction data itself is then…

Fast CAN message authentication for vehicular systems

Granted: July 11, 2017
Patent Number: 9705678
A method for authenticating messages is provided. The method includes calculating a hash value based on a key and a message count value and receiving a data message associated with the message count value. The method includes receiving an authentication message that includes the message count value and a message authentication code derived from the data message, the message count value and the key. The method includes applying portions of the data message to look up portions of the hash…

Apparatus and method for network traffic classification and policy enforcement

Granted: July 11, 2017
Patent Number: 9705698
A machine has a bus, an input port connected to the bus to receive inbound network traffic, an output port connected to the bus to convey outbound network traffic and a processor complex connected to the bus. The processor complex is configured as a pipeline with individual processor cores assigned individual network traffic processing tasks. The pipeline includes a first set of processor cores to construct network traffic trees characterizing the inbound network traffic and the outbound…

Method and apparatus for automating security provisioning of workloads

Granted: July 11, 2017
Patent Number: 9705923
A method of automating security provisioning is provided. The method includes receiving a request to start a virtual application and determining an owner of the virtual application. The method includes determining a workload based on the virtual application, the workload including an application and a virtual machine and assigning the workload to a security container or sub-container, among a plurality of security containers, based on the owner of the virtual application.

Load balancing for network devices

Granted: July 11, 2017
Patent Number: 9705977
In one embodiment, an electronic device receives a request; obtains a current state from each of a plurality of electronic devices; and selects one of the plurality of electronic devices to service the request based on the current state of each of the plurality of electronic devices. The current state of each of the plurality of electronic devices is one of a plurality of states in a state model. Each of the plurality of states in the state model indicates a discrete level of workload…

Systems and methods for verifying user attributes

Granted: July 4, 2017
Patent Number: 9697660
The disclosed computer-implemented method for verifying user attributes may include (1) receiving a request to verify an attribute of a user who claims to be a particular person, (2) determining that the attribute can be verified using a trusted record that is associated with the particular person, (3) determining that the trusted record is associated with a vehicle to which the particular person has access rights, (4) confirming that the user has physical access to the vehicle by…

Systems and methods for selecting identifiers for wireless access points

Granted: July 4, 2017
Patent Number: 9699140
The disclosed computer-implemented method for selecting identifiers for wireless access points may include (1) receiving a request to establish an identifier for a configurable wireless access point, (2) identifying an existing access-point identifier that is used to identify at least one additional wireless access point, (3) determining a physical location of the configurable wireless access point, (4) verifying that the existing access-point identifier is not being used within a…

Method and apparatus for integrating security context in network routing decisions

Granted: July 4, 2017
Patent Number: 9699141
An apparatus identifies a request from a user device to access data on a storage server. The apparatus determines a sensitivity level of response data for a response to the request, security context of the response, and a routing action to perform for the response by applying a policy to the sensitivity level of the response data and the security context of the response. The apparatus executes the routing action for the response.

Computer readable storage media for selective proxification of applications and method and systems utilizing same

Granted: July 4, 2017
Patent Number: 9699169
Systems and methods for selective proxification of applications are disclosed. One or more computer readable storage media may be encoded with instructions executable by one or more processing units of a computing system. The instructions encoded on the computer readable storage media may comprise authenticating a single sign-on access at a proxy server, receiving a request at the proxy server to access an application on an application server requiring authentication, accessing the…

Systems and methods for logging out of cloud-based applications managed by single sign-on services

Granted: July 4, 2017
Patent Number: 9699171
The disclosed computer-implemented method for logging out of cloud-based applications managed by single sign-on services may include (1) identifying an attempt by a single sign-on service to log a user out of a set of cloud-based applications, (2) in response to identifying the attempt to log the user out of the set of applications, tracking a logout status of each application within the set of cloud-based applications by, for each application (a) identifying a logout request sent by the…

Systems and methods for controlling content for child browser users

Granted: July 4, 2017
Patent Number: 9699191
The disclosed computer-implemented method for controlling content for child browser users may include (1) identifying one or more indicators that a browser session user is a child, (2) calculating a session score indicating a likelihood that the browser session user is a child, (3) determining, based at least in part on the session score being above a threshold, that the browser session user is a child and therefore content controls should apply to a browser session of the child, and (4)…

Consumption control of protected cloud resources by open authentication-based applications in end user devices

Granted: June 27, 2017
Patent Number: 9690925
A server computer system identifies a request from an application hosted on a mobile device to consume a protected resource hosted by a cloud. The request is transmitted via a resource authorization protocol. The server computer system identifies a token state of an application on the mobile device. The token state is stored in a policy data store that is separate from expiration data that is stored on an access token on the mobile device. The server computer system determines whether…

Systems and methods for protecting computing devices from imposter accessibility services

Granted: June 27, 2017
Patent Number: 9690934
The disclosed computer-implemented method for protecting computing devices from imposter accessibility services may include (1) registering a security application with the computing device as an accessibility service that has special permissions on the computing device that are not available to other applications, (2) ensuring that the security application is the first registered accessibility service on the computing device, and (3) performing, by the security application, a security…

Confidence level threshold selection assistance for a data loss prevention system using machine learning

Granted: June 27, 2017
Patent Number: 9691027
Machine-learning based detection (MLD) profiles can be used to identify sensitive information in documents. The MLD profile can be used to generate a confidence value for the document that expresses the degree of confidence with which the MLD profile can classify the document as sensitive or not. In one embodiment, a data loss prevention system provides or suggests a confidence level threshold to a user of the data loss prevention system by providing a confidence level threshold for the…

Dynamic updates to a network server

Granted: June 27, 2017
Patent Number: 9692640
Techniques are disclosed for configuring a server to establish a secure network communication session. An application monitors one or more resource utilization metrics of the server. Upon determining that at least one of the monitored resource metrics satisfies a specified condition, an optimization algorithm is selected based on the resource metrics and a configuration of the server. The optimization algorithm determines an updated configuration of the server while maintaining the…

System and method for distributing heuristics to network intermediary devices

Granted: June 27, 2017
Patent Number: 9692656
A policy distribution server provides, on a subscription basis, policy updates to effect desired behaviors of network intermediary devices. The policy updates may specify caching policies, and may in some instances, include instructions for data collection by the network intermediary devices. Data collected in accordance with such instructions may be used to inform future policy updates distributed to the network intermediary devices.

Remote signing wrapped applications

Granted: June 27, 2017
Patent Number: 9692741
A method for signing a wrapped computer application is described. In some embodiments, methods may include receiving a wrapped computer application via a first secure communication connection from a first remote server, authenticating the first secure communication connection, modifying the wrapped computer application based at least in part on the authenticating, and transmitting the wrapped computer application via a second secure communication connection to a second remote server…