Category: Labs Site

U.S. Patent Number: 10,606,870
Patent Title: System and method of dynamic, encrypted searching
Issue Date: March 31, 2020
Inventors: Ghafourifar, et al.
Assignee: Entefy Inc.

Patent Abstract

This disclosure relates to personalized and dynamic server-side searching techniques for encrypted data. Current so-called ‘zero-knowledge’ privacy systems (i.e., systems where the server has ‘zero-knowledge’ about the client data that it is storing) utilize servers that hold encrypted data without the decryption keys necessary to decrypt, index, and/or re-encrypt the data. As such, the servers are not able to perform any kind of meaningful server-side search process, as it would require access to the underlying decrypted data. Therefore, such prior art ‘zero-knowledge’ privacy systems provide a limited ability for a user to search through a large dataset of encrypted documents to find critical information. Disclosed herein are communications systems that offer the increased security and privacy of client-side encryption to content owners, while still providing for highly relevant server-side search-based results via the use of content correlation, predictive analysis, and augmented semantic tag clouds for the indexing of encrypted data.

USPTO Technical Field

This disclosure relates generally to systems, methods, and computer readable media for performing highly relevant, dynamic, server-side searching on encrypted data that the server does not have the ability to decrypt.

Background

The proliferation of personal computing devices in recent years, especially mobile personal computing devices, combined with a growth in the number of widely-used communications formats (e.g., text, voice, video, image) and protocols (e.g., SMTP, IMAP/POP, SMS/MMS, XMPP, etc.) has led to a communications experience that many users find fragmented and difficult to search for relevant information in. Users desire a system that will provide for ease of message threading by “stitching” together related communications and documents across multiple formats and protocols—all seamlessly from the user’s perspective. Such stitching together of communications and documents across multiple formats and protocols may occur, e.g., by: 1) direct user action in a centralized communications application (e.g., by a user clicking ‘Reply’ on a particular message); 2) using semantic matching (or other search-style message association techniques); 3) element-matching (e.g., matching on subject lines or senders/recipients/similar quoted text, etc.); and/or 4) “state-matching” (e.g., associating messages if they are specifically tagged as being related to another message, sender, etc. by a third-party service, e.g., a webmail provider or Instant Messaging (IM) service). These techniques may be employed in order to provide a more relevant “search-based threading” experience for users.

With current communications technologies, conversations remain “siloed” within particular communication formats or protocols, leading to users being unable to search uniformly across multiple communications in multiple formats or protocols and across multiple applications and across multiple other computing devices from their computing devices to find relevant communications (or even communications that a messaging system may predict to be relevant), often resulting in inefficient communication workflows—and even lost business or personal opportunities. For example, a conversation between two people may begin over text messages (e.g., SMS) and then transition to email. When such a transition happens, the entire conversation can no longer be tracked, reviewed, searched, or archived by a single source since it had ‘crossed over’ protocols. For example, if the user ran a search on their email search system for a particular topic that had come up only in the user’s SMS conversations, even when pertaining to the same subject manner and “conversation,” such a search may not turn up optimally relevant results.

Users also desire a communications system with increased security and privacy with respect to their communications and documents, for example, systems wherein highly relevant search-based results may still be provided to the user by the system—even without the system actually having the ability to decrypt and/or otherwise have access to the underlying content of the user’s encrypted communications and documents. However, current so-called ‘zero-knowledge’ privacy systems (i.e., systems where the server has ‘zero-knowledge’ about the data that it is storing) utilize servers that hold encrypted data without the decryption keys necessary to decrypt, index, and/or re-encrypt the data. As such, this disallows any sort of meaningful server-side search process, which would require access to the underlying data (e.g., in order for the data to be indexed) to be performed, such that the encrypted data could be returned in viable query result sets. Therefore, such prior art ‘zero-knowledge’ systems provide a limited ability for a user to search through a large dataset of encrypted documents to find critical information.

It should be noted that attempts (both practical and theoretical) have been made to design proper ‘zero-knowledge’ databases and systems that can support complex query operations on fully encrypted data. Such approaches include, among others, homomorphic encryption techniques which have been used to support numerical calculations and other simple aggregations, as well as somewhat accurate retrieval of private information. However, no solution currently known to the inventors enables a system or database to perform complex operations on fully-encrypted data, such as index creation for the purpose of advanced search queries. Thus, the systems and methods disclosed herein aim to provide a user with the ability to leverage truly private, advanced server-side search capabilities from any connected client interface without relying on a ‘trusted’ server authority to authenticate identity or store the necessary key(s) to decrypt the content at any time.

Read the full patent here.

ABOUT ENTEFY

Entefy is an enterprise AI software company. Entefy’s patented, multisensory AI technology delivers on the promise of the intelligent enterprise, at unprecedented speed and scale.

Entefy products and services help organizations transform their legacy systems and business processes—everything from knowledge management to workflows, supply chain logistics, cybersecurity, data privacy, customer engagement, quality assurance, forecasting, and more. Entefy’s customers vary in size from SMEs to large global public companies across multiple industries including financial services, healthcare, retail, and manufacturing.

To leap ahead and future proof your business with Entefy’s breakthrough AI technologies, visit www.entefy.com  or contact us at contact@entefy.com.

U.S. Patent Number: 11,573,990
Patent Title: Search-based natural language intent determination
Issue Date: May 09, 2023
Inventors: Alston Ghafourifar
Assignee: Entefy Inc.

Patent Abstract

Improved intelligent personal assistant (IPA) software agents are disclosed that are configured to interact with various people, service providers, files, and/or smart devices. More particularly, this disclosure relates to an improved Natural Language Processing (NLP) Intent Determination Service (IDS) that is able to determine the likely best action to take in response to generic user commands and queries. The improved NLP IDS disclosed is said to be ‘search-based’ because, rather than attempt to parse incoming user commands and queries up front, the incoming user commands and queries are searched against a pre-generated database of exemplary user commands (e.g., having associated action or parsing identifiers) to determine the most relevant search result(s). The associated system actions and known grammar/parsing rules of the most relevant search result(s) may then be used to process the incoming user command or query—without having to actually parse the incoming user command or query from scratch.

USPTO Technical Field

This disclosure relates generally to apparatuses, methods, and computer readable media for improved natural language processing (NLP) intent determination, e.g., for use with intelligent personal assistant software agents that are configured to interact with people, services, and devices across multiple communications formats and protocols.

Background

Intelligent personal assistant (IPA) software systems comprise software agents that can perform various tasks or services on behalf of an individual user. These tasks or services may be based on a number of factors, including: spoken word or verbal input from a user, textual input from a user, gesture input from a user, a user’s geolocation, a user’s preferences, a user’s social contacts, and an ability to access information from a variety of online sources, such as via the World Wide Web. However, current IPA software systems have fundamental limitations in natural language processing, natural language understanding (NLU), and so-called “intent determination” in practical applications.

For example, in some systems, language context and action possibilities gleaned from user commands may be constrained ‘up front’ by identifying the specific service that the user is sending the command to before attempting to perform any NLP/NLU—thus increasing the accuracy of results and significantly reducing the amount of processing work needed to understand the commands. However, this strategy may not provide a satisfactory user experience in the context of AI-enabled IPAs, wherein the user may often engage in macro-level ‘conversations’ with his or her device via a generic query to a single IPA ‘persona’ that is capable of interacting with many third-party services, APIs, file, document, and/or systems. In such situations, it becomes more complex and challenging for the IPA to reliably direct the user’s commands to the appropriate data, interface, third-party service, etc.—especially when a given command may seemingly apply with equal validity to two or more known third-party interfaces or services that the IPA software agent is capable of interfacing with. For example, the command, “Send {item}.” may apply with seemingly equal validity to a native text messaging interface, a native email client, a third-party messaging interface, a flower delivery service, etc.

Moreover, it is quite computationally expensive to attempt to parse the grammar of each incoming user command or query ‘up front,’ i.e., to attempt to determine the intent of the user’s command and/or which specific services, APIs, file, document, or system the user intends for his command to be directed to. Computationally-expensive parsing may also be used to determine how certain words or phrases in the user’s command depend on, relate to, or modify other words or phrases in the user’s command, thereby giving the system a greater understanding of the user’s actual intent.

NLP systems may be used to attempt to glean the true intent of a user’s commands, but the success of such systems is largely dependent upon the training set of data which has been used to train the NLP system. NLP also requires computationally-intensive parsing to determine what parts of the user’s command refer to intents, which parts refer to entities, which parts refer to attributes, etc., as well as which entities and attributes are dependent upon (or are modifying) which intents.

The subject matter of the present disclosure is directed to overcoming, or at least reducing the effects of, one or more of the problems set forth above. To address these and other issues, techniques that enable a more computationally-efficient, so-called ‘search-based,’ NLP intent determination system are described herein.

Read the full patent here.

ABOUT ENTEFY

Entefy is an enterprise AI software company. Entefy’s patented, multisensory AI technology delivers on the promise of the intelligent enterprise, at unprecedented speed and scale.

Entefy products and services help organizations transform their legacy systems and business processes—everything from knowledge management to workflows, supply chain logistics, cybersecurity, data privacy, customer engagement, quality assurance, forecasting, and more. Entefy’s customers vary in size from SMEs to large global public companies across multiple industries including financial services, healthcare, retail, and manufacturing.

To leap ahead and future proof your business with Entefy’s breakthrough AI technologies, visit www.entefy.com  or contact us at contact@entefy.com.

U.S. Patent Number: 10,353,754
Patent Title: Application program interface analyzer for a universal interaction platform
Issue Date: July 16, 2019
Inventors: Ghafourifar, et al.
Assignee: Entefy Inc.

Patent Abstract

An application program interface (API) analyzer that determines protocols and formats to interact with a service provider or smart device. The API analyzer identifies an API endpoint or web sites for the service provider or smart device, determines a service category or device category, selects a category-specific corpus, forms a service-specific or device-specific corpus by appending information regarding the service provider or smart device to the category-specific corpus, and parses API documentation or the websites.

USPTO Technical Field

This disclosure relates generally to apparatuses, methods, and computer readable media for interacting with people, services, and devices across multiple communications formats and protocols.

Background

A growing number of service providers allow users to request information or services from those service providers via a third party software applications. Additionally, a growing number of smart devices allow users to obtain information from and control those smart devices via a third party software application. Meanwhile, individuals communicate with each other using a variety of protocols such as email, text, social messaging, etc. In an increasingly chaotic digital world, it’s becoming increasingly difficult for users to manage their digital interactions with service providers, smart devices, and individuals. A user may have separate software applications for requesting services from a number of service providers, for controlling a number of smart devices, and for communicating with individuals. Each of these separate software applications may have different user interfaces and barriers to entry.

The subject matter of the present disclosure is directed to overcoming, or at least reducing the effects of, one or more of the problems set forth above. To address these and other issues, techniques that enable seamless, multi-format, multi-protocol communications are described herein.

Read the full patent here.

ABOUT ENTEFY

Entefy is an enterprise AI software company. Entefy’s patented, multisensory AI technology delivers on the promise of the intelligent enterprise, at unprecedented speed and scale.

Entefy products and services help organizations transform their legacy systems and business processes—everything from knowledge management to workflows, supply chain logistics, cybersecurity, data privacy, customer engagement, quality assurance, forecasting, and more. Entefy’s customers vary in size from SMEs to large global public companies across multiple industries including financial services, healthcare, retail, and manufacturing.

To leap ahead and future proof your business with Entefy’s breakthrough AI technologies, visit www.entefy.com  or contact us at contact@entefy.com.

U.S. Patent Number: 10,169,300
Patent Title: Advanced zero-knowledge document processing and synchronization
Issue Date: January 01, 2019
Inventors: Ghafourifar, et al.
Assignee: Entefy Inc.

Patent Abstract

Techniques disclosed herein decouple a document’s structure from its general content wherein the structure is retained in plaintext (both at a client device and in a server system) and the data is retained in cyphertext, and where the cloud-based server system is not tasked with the saving or management of the relevant cryptographic keys. Because the network- or cloud-based server system has “zero-knowledge” about the document’s data content or the relevant cryptographic keys, an attack on the server system does not put the security of the document’s data at risk. In addition, the network- or cloud-based server system may be used to perform the computationally intensive tasks of converting the document between a first format (often associated with a full-function document processing application not supported by the client device) and a second format (easily displayed and manipulated by a client device).

USPTO Technical Field

This disclosure relates generally to cloud-based computing. More particularly, but not by way of limitation, this disclosure relates to a zero-knowledge approach to cloud-based document processing.

Background

As the world’s computing ecosystem evolves toward a “cloud-based” environment, more and more users (individual and corporate) will generate, edit and distribute documents on-line. At least one web-based editing program allows users to create, share and edit documents through a network. This program allows users to upload a number of differently formatted text-based documents into the system. From there, such documents are converted into the format used by the on-line editing program. Once this process is completed multiple users can work on the same document in real-time, editing content and altering the document’s structure from any location with Internet access (e.g., adding text, adjusting margins, adding or changing headers and footers, and inserting or deleting pictures). When the cloud-based document is ready for publication, it may be output or exported in any number of formats such as Microsoft Corporation’s Word or Rich Text format (RTF), the Apache Software Foundation’s OpenOffice format, Adobe System’s portable document format (PDF) or HyperText Markup Language (HTML) format. Products that enable cloud-based document preparation and/or collaboration between multiple users are implemented using a central server computer system to perform various transmission and conversion functions so that client applications, at each end-user, can view and edit document content in real-time. In doing so, the potentially highly sensitive content of these documents is necessarily exposed to the central server (that is, such systems are not “zero-knowledge”). This exposure creates a vulnerability for user privacy and system security.

Read the full patent here.

ABOUT ENTEFY

Entefy is an enterprise AI software company. Entefy’s patented, multisensory AI technology delivers on the promise of the intelligent enterprise, at unprecedented speed and scale.

Entefy products and services help organizations transform their legacy systems and business processes—everything from knowledge management to workflows, supply chain logistics, cybersecurity, data privacy, customer engagement, quality assurance, forecasting, and more. Entefy’s customers vary in size from SMEs to large global public companies across multiple industries including financial services, healthcare, retail, and manufacturing.

To leap ahead and future proof your business with Entefy’s breakthrough AI technologies, visit www.entefy.com  or contact us at contact@entefy.com.

U.S. Patent Number: 12,242,905
Patent Title: Automatic application program interface (API) selector for unsupervised natural language processing (NLP) intent classification
Issue Date: March 4, 2025
Inventors: Ghafourifar, et al.
Assignee: Entefy Inc.

Patent Abstract

Improved intelligent personal assistant (IPA) software agents are disclosed that are configured to interact with various people, service providers, files, and/or smart devices. More particularly, this disclosure relates to an improved Natural Language Processing (NLP) Intent Determination Service (IDS) that is able to determine the likely best action to take in response to generic user commands and queries. The disclosed NLP IDS automatically selects valid (or potentially valid) API paths (e.g., sequence of API calls) to produce desired actions. Associated system actions and known API sequencing rules may then be used to process the incoming user command or query. A feedback loop is also disclosed to identify newly available APIs and success criteria for selected API paths. Discovery of API paths may be performed using predefined information, monitored information, programmatically determined interfaces, and programmatically tested interfaces. A directed graph model may be used to represent potential API paths.

USPTO Technical Field

This disclosure relates generally to apparatuses, methods, and computer readable media for improved natural language processing (NLP) intent determination, e.g., for use with intelligent personal assistant software agents that are configured to interact with people, services, and devices across multiple communications formats and protocols.

Background

Intelligent personal assistant (IPA) software systems comprise software agents that can perform various tasks or services on behalf of an individual user. These tasks or services may be based on a number of factors, including: spoken word or verbal input from a user, textual input from a user, gesture input from a user, a user’s geolocation, a user’s preferences, a user’s social contacts, and an ability to access information from a variety of online sources, such as via the World Wide Web. However, current IPA software systems have fundamental limitations in natural language processing, natural language understanding (NLU), and so-called “intent determination” in practical applications.

For example, in some systems, language context and action possibilities gleaned from user commands may be constrained ‘up front’ by identifying the specific service that the user is sending the command to before attempting to perform any NLP/NLU-thus increasing the accuracy of results and significantly reducing the amount of processing work needed to understand the commands. However, this strategy may not provide a satisfactory user experience in the context of AI-enabled IPAs, wherein the user may often engage in macro-level ‘conversations’ with his or her device via a generic query to a single IPA ‘persona’ that is capable of’ interacting with many third-party services, APIs, file, document, and/or systems. In such situations, it becomes more complex and challenging for the IPA to reliably direct the user’s commands to the appropriate data, interface, third-party service, etc.—especially when a given command may seemingly apply with equal validity to two or more known third-party interfaces or services that the IPA software agent is capable of interfacing with. For example, the command, “Send {item}.” may apply with seemingly equal validity to a native text messaging interface, a native email client, a third-party messaging interface, a flower delivery service, etc.

Moreover, it is quite computationally expensive to attempt to parse the grammar of each incoming user command or query ‘up front,’ i.e., to attempt to determine the intent of the user’s command and/or which specific services, APIs, file, document, or system the user intends for his command to be directed to. Computationally-expensive parsing may also be used to determine how certain words or phrases in the user’s command depend on, relate to, or modify other words or phrases in the user’s command, thereby giving the system a greater understanding of the user’s actual intent.

NLP systems may be used to attempt to glean the true intent of a user’s commands, but the success of such systems is largely dependent upon the training set of data which has been used to train the NLP system. NLP also requires computationally-intensive parsing to determine what parts of the user’s command refer to intents, which parts refer to entities, which parts refer to attributes, etc., as well as which entities and attributes are dependent upon (or are modifying) which intents.

The subject matter of the present disclosure is directed to overcoming, or at least reducing the effects of, one or more of the problems set forth above. To address these and other issues, techniques that enable a more computationally-efficient selection of APIs based on NLP intent classification are described herein.

Read the full patent here.

ABOUT ENTEFY

Entefy is an enterprise AI software company. Entefy’s patented, multisensory AI technology delivers on the promise of the intelligent enterprise, at unprecedented speed and scale.

Entefy products and services help organizations transform their legacy systems and business processes—everything from knowledge management to workflows, supply chain logistics, cybersecurity, data privacy, customer engagement, quality assurance, forecasting, and more. Entefy’s customers vary in size from SMEs to large global public companies across multiple industries including financial services, healthcare, retail, and manufacturing.

To leap ahead and future proof your business with Entefy’s breakthrough AI technologies, visit www.entefy.com  or contact us at contact@entefy.com.

U.S. Patent Number: 10,169,597
Patent Title: System and method of applying adaptive privacy control layers to encoded media file types
Issue Date: May 28, 2019
Inventors: Ghafourifar, et al.
Assignee: Entefy Inc.

Patent Abstract

Disclosed are systems to apply customized permission settings to protect particular regions of a document, and, in particular, documents that are of a ‘lossy’ encoded media file type, e.g., an MPEG video format. The custom access permission settings may be implemented by obfuscating the protected regions of the original file and then embedding “secret,” e.g., hidden and/or encrypted, versions of the obfuscated regions in parts of the data structure of the original file, e.g., in the form of “layers” that are held within video stream containers. The content of the individual encrypted video stream containers may then be decrypted according to each recipient’s permissions and layered on top of the obfuscated regions of the encoded media file before being displayed to the recipient. In some embodiments, additional layers of video may be used to reduce the appearance of aliasing around borders of the protected regions of the encoded media file.

USPTO Technical Field

This disclosure relates generally to systems, methods, and computer readable media for applying user-defined access permission settings to encoded media files in lossy file formats, e.g., MPEG video, which files may then be disseminated over a network and playable by recipients in a wide array of standardized software applications. More particularly, the access permission settings may be implemented by embedding one or more “secret,” e.g., hidden and/or encrypted, information portions in such encoded media file types, e.g., in the form of layers of video information.

Background

The proliferation of personal computing devices in recent years, especially mobile personal computing devices, combined with a growth in the number of widely-used communications formats (e.g., text, voice, video, image) and protocols (e.g., SMTP, IMAP/POP, SMS/MMS, XMPP, etc.) has led to increased concerns regarding the safety and security of documents and messages that are sent over networks. Users desire a system that provides for the setting of custom, e.g., user-defined, access permissions for all or part of a file, including files that have been encoded using lossy compression. A ‘lossy’ file, as used herein, refers to a file (or file format) that is compressed using inexact approximation methods (e.g., partial data discarding methods). As such, lossy compression techniques may be used to reduce data size for storage, handling, and transmitting content. However, because lossy compression reduces a file by permanently discarding certain information (e.g., redundant information), when the file is decompressed, it is not decompressed to 100% of the original. Lossy compression is generally used for multimedia files, e.g., images files, such as JPEG files, video files, such as MPEG files, and/or sound files, such as MP3 files—where a certain amount of information loss will not be detected by most users—and can result in significant gains in file size reduction or performance.

Certain lossy file types may also be described as “single-layered.” For example, in the case of a JPEG image, all the image content information may be stored in the form of a “byte array.” In order to change the appearance (e.g., color) of any pixels in the JPEG image, an editing or modification tool would need to modify or replace the particular information in the byte array corresponding to the region of pixels that are to be changed. Thus, the image data is said to be stored in a “single layer,” as there is no way to alter certain pixel regions in the JPEG image via the layering of new pixel information over the top of the original pixel information. By contrast, more complex image file types that support multiple image layers, e.g., PNG images, offer the ability to store image information in distinct layers which may, e.g., be ‘stacked’ in different orders, individually adjusted for opacity/transparency, or individually moved, rotated, shown, hidden, etc. before composition and display to a viewer. Due to the use of multiple layers, these changes to the image may be made and/or ‘unmade’ without undoing, overwriting, or otherwise degrading the quality of any of the underlying image information in a layer that happens to not be currently shown to the viewer.

Likewise, certain lossy file types for storing encoded multimedia, e.g., the various MPEG video formats, may also provide the ability to support “multi-layered” functionality. For example, through the use of Video Object Planes (VOPs) in certain encoded video files, multiple streams of video data (e.g., each represented in its own VOP) may be rendered simultaneously within the same video frame. A VOP, as used herein, comprises a stream of video data encoding picture information related to a specific region(s) or object(s) of interest that may be interacted with independently before being composited into the final video frames that are rendered for display. As with the PNG image layers discussed above, VOPs within a video frame may be ‘stacked’ on top of the ‘background’ video content in different orders, and can be individually adjusted by a given rendering engine with regard to opacity/transparency, or individually moved, rotated, shown, hidden, etc. before rendering and display to a viewer.

In some embodiments described herein, VOPs (or other parts of the video’s file structure), which are generically referred to herein as “stream containers,” may be used to hold isolated video bitstreams that an authorized encoded media viewing application may interpret and/or use in ways other than simple playback, as will be discussed in further detail below. For example, according to some embodiments described herein, the video bitstreams held in one or more of the stream containers packaged in the video’s file structure may need to be decrypted before being played back. In still other embodiments, the view of the video bitstreams held in one or more of the stream containers packaged in the video’s file structure may be adjusted before being rendered and displayed to a viewer, e.g., by adjusting the dimensions of the video bitstream that are actually made viewable to the viewer.

Lossy file types may also contain multiple “header,” or metadata, properties. These header properties may be used to store alternate contents such as metadata or other random information. Some lossy file types may also allow for the storage of multiple “layers” of media information within the same file, or even full encoding of other files or portions of files within the same file (e.g., in the case of VOPs within an MPEG file), such as in the embodiments described herein. Such a system would allow customized privacy settings to be specified for different recipients, e.g., recipients at various levels of social distance from the user sending the document or message (e.g., public, private, followers, groups, Level-1 contacts, Level-2 contacts, Level-3 contacts, etc.). Such a system may also allow the user to apply customized privacy settings and encryption keys differently to particular parts of a lossy file, e.g., making one or more parts of the lossy file available only to a first class of users, or by making other parts of the lossy file available to the first class of users and a second class of users, all while preventing access to parts of lossy file by users who do not have the requisite access privileges.

Thus, a system for providing access permission setting through Adaptive Privacy Controls (APC) is described herein. APC, as used herein, will refer to a user-controllable or system-generated, intelligent privacy system that can limit viewing, editing, and re-sharing privileges for lossy files, for example, image files and other multimedia files that include a lossy compression (including encoded multimedia file types), wherein changes made to the content of such ‘lossy’ files may not be reliably reversed or dynamically changed—as would be necessary according to prior art techniques attempting to implement the kinds of fine-grained access permission setting methods disclosed herein. Other embodiments of APC systems will, of course, be able to handle the setting of access permissions for recipients of lossless file formats, as well. In summary, APC systems, as used herein, allow users to share whatever information they want with whomever they want, while keeping others from accessing the same information, e.g., via hiding and/or encryption processes that can be initiated by user command or via system intelligence, even on lossy file types, and even when more than one region (including overlapping regions) in an encoded multimedia file have been selected by a user for APC-style protection. APC access permission settings may be applied to individuals, pre-defined groups, and/or ad-hoc groups. Customized encryption keys may further be applied to particular parties or groups of parties to enhance the security of the permission settings.

APC may be used to apply privacy settings to only particular portions of a lossy file, for example, a particular portion of a JPEG image or a frame (or series of frames) from an MPEG video. For example, User A may be a family member who may be authorized to see an entire JPEG image or MPEG video, but User B and other users may be mere acquaintances, who are only authorized to see a redacted portion or portions of the JPEG image or MPEG video. For example, the entire JPEG image or MPEG video file would be viewable to User A, but only a redacted portion or portions (e.g., everything but the face of the subject(s) in the image) would be available to the User B and other users when viewing the JPEG image or MPEG video file in an authorized viewing application.

According to some embodiments disclosed herein, a standard, i.e., “unauthorized,” viewing application, e.g. an image viewer or video player, would also be able to open the redacted version of the JPEG image or MPEG video file; it simply may not “know” where to look within the multimedia file’s structure for the “true” content from the redacted portion or portions of the JPEG image or MPEG video file. According to still other embodiments, even if an unauthorized viewing application were able to find the “true” content from the redacted portion or portions “hidden” within the file structure of the JPEG image or MPEG video (e.g., in the case of VOPs), the redacted portion or portions may be encrypted, and the unauthorized viewing application would not possess the necessary decryption keys to decrypt the encrypted redacted portion or portions. Moreover, the unauthorized viewing application also would not know where to “place” the encrypted portion or portions back within the image to reconstruct the original, i.e., unredacted, JPEG image or MPEG video in a seamless fashion.

Thus, according to some embodiments, the network-based, user-defined, APC controls for lossy file types or files (e.g., encoded media file types, such as MPEG) may include access permission systems, methods, and computer readable media that provide a seamless, intuitive user interface (e.g., using touch gestures or mouse input) allowing a user to: “block out” particular regions or areas of interest in a lossy file; hide (and optionally encrypt) such “blocked out” regions within parts the lossy file’s data structure; and then send the lossy file to particular recipients or groups of recipients with customized access permission settings, which settings may be specified on a per-recipient or per-group basis, and that either allow or do not allow a given recipient to locate the protected regions (if hidden) and decrypt such protected regions (if encrypted), so that the original lossy file may be reconstructed by the recipient.

Read the full patent here.

ABOUT ENTEFY

Entefy is an enterprise AI software company. Entefy’s patented, multisensory AI technology delivers on the promise of the intelligent enterprise, at unprecedented speed and scale.

Entefy products and services help organizations transform their legacy systems and business processes—everything from knowledge management to workflows, supply chain logistics, cybersecurity, data privacy, customer engagement, quality assurance, forecasting, and more. Entefy’s customers vary in size from SMEs to large global public companies across multiple industries including financial services, healthcare, retail, and manufacturing.

To leap ahead and future proof your business with Entefy’s breakthrough AI technologies, visit www.entefy.com  or contact us at contact@entefy.com.

U.S. Patent Number: 10,305,683
Patent Title: System and method of applying multiple adaptive privacy control layers to multi-channel bitstream data
Issue Date: May 28, 2019
Inventors: Ghafourifar, et al.
Assignee: Entefy Inc.

Patent Abstract

Disclosed are systems to apply customized permission settings to protect particular portions of a document, and, in particular, documents that are of bitstream datatypes containing multiple channels of audio, encoded or not encoded. The custom access permission settings may be implemented by obfuscating the protected portions of the original bitstream and then embedding “secret,” e.g., hidden and/or encrypted, versions of the obfuscated portions in parts of the data structure of the original file, e.g., in the form of “layers” that are held within audio stream containers such as channels. The content of the individual encrypted audio stream containers may then be decrypted according to each recipient’s permissions and layered on top of the obfuscated portions of the encoded media file before being rendered to the recipient.

USPTO Technical Field

This disclosure relates generally to systems, methods, and computer readable media for concealing information within encoded media files which may be distributed over a network and playable by recipients in a wide array of standardized software applications. More particularly, this disclosure is relates to Adaptive Privacy Controls for concealing information within audio files and audio bitstreams. Access permission settings for such audio files may be implemented by embedding one or more “secret,” e.g., hidden and/or encrypted, information portions in such encoded media file types, e.g., in the form of layers of audio information.

Background

The proliferation of personal computing devices in recent years, especially mobile personal computing devices, combined with a growth in the number of widely-used communications formats (e.g., text, voice, video, image) and protocols (e.g., SMTP, IMAP/POP, SMS/MMS, XMPP, etc.) has led to increased concerns regarding the safety and security of documents and messages that are sent over networks. Users desire a system that provides for the setting of custom, e.g., user-defined, access permissions for all or part of a file, including audio files that may or may not have been encoded using compression techniques.

Read the full patent here.

ABOUT ENTEFY

Entefy is an enterprise AI software company. Entefy’s patented, multisensory AI technology delivers on the promise of the intelligent enterprise, at unprecedented speed and scale.

Entefy products and services help organizations transform their legacy systems and business processes—everything from knowledge management to workflows, supply chain logistics, cybersecurity, data privacy, customer engagement, quality assurance, forecasting, and more. Entefy’s customers vary in size from SMEs to large global public companies across multiple industries including financial services, healthcare, retail, and manufacturing.

To leap ahead and future proof your business with Entefy’s breakthrough AI technologies, visit www.entefy.com  or contact us at contact@entefy.com.

U.S. Patent Number: 11,409,576
Patent Title: Dynamic distribution of a workload processing pipeline on a computing infrastructure
Issue Date: August 09, 2022
Inventors: Alston Ghafourifar
Assignee: Entefy Inc.

Patent Abstract

Disclosed are systems, methods, and computer readable media for automatically assessing and allocating virtualized resources (such as central processing unit (CPU) and graphics processing unit (GPU) resources). In some embodiments, this method involves a computing infrastructure receiving a request to perform a workload, determining one or more workflows for performing the workload, selecting a virtualized resource, from a plurality of virtualized resources, wherein the virtualized resource is associated with a hardware configuration, and wherein selecting the virtualized resources is based on a suitability score determined based on benchmark scores of the one or more workflows on the hardware configuration, scheduling performance of at least part of the workload on the selected virtualized resource, and outputting results of the at least part of the workload.

USPTO Technical Field

This disclosure relates generally to apparatuses, methods, and computer readable media for predicting and allocating computing resources for workloads.

Background

Modern computing infrastructures allow computational resources to be shared through one or more networks, such as the internet. For example, a cloud computing infrastructure may enable users, such as individuals and/or organizations, to access shared pools of computing resources, such as servers, both virtual and real, storage devices, networks, applications, and/or other computing based services. Remote services allow users to access computing resources on demand remotely in order to perform a variety computing functions. These functions may include computing data. For example, cloud computing may provide flexible access to computing resources without accruing up-front costs, such as purchasing computing devices, networking equipment, etc. and investing time in establishing a private network infrastructure. Utilizing remote computing resources, users are able to focus on their core functionality rather than optimizing data center operations.

With today’s communications networks, examples of cloud computing services a user may access includes software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS) technologies. SaaS is a delivery model that provides software as a service rather than an end product, while PaaS acts an extension of SaaS that goes beyond providing software services by offering customizability and expandability features to meet a user’s needs. Another example of cloud computing service includes infrastructure as a service (IaaS), where APIs are provided to access various computing resources, such as raw block storage, file or object level storage, virtual local area networks, firewalls, load balancers, etc. Service systems may handle requests for various resources using virtualized resources (VRs). VRs allows for hardware resources, such as servers, to be pooled for use by the service systems. These VRs may be configured using pools of hypervisors for virtual machines (VMs) or through containerization.

Containerization, or containers, are generally a logical packaging mechanism of resources for running an application which are abstracted out from the environment in which they are actually run. Multiple containers generally may be run directly on top of a host OS kernel and each container generally contains the resources, such as storage, memory, and APIs needed to run a particular application the container is set up to run. In certain cases, containers may be resized by adding or removing resources dynamically to account for workloads or a generic set of resources may be provided to handle different applications. As containers are created on and managed by a host system at a low level, they can be spawned very quickly. Containers may be configured to allow access to host hardware, such as central processing units (CPUs) or graphics processing units (GPUs), for example, through low-level APIs included with the container. Generally, containers may be run in any suitable host system and may be migrated from one host system to another as hardware and software compatibility is handled by the host and container layers. This allows for grouping containers to optimize use of the underlying host system. A host controller may also be provided to optimize distribution of containers across hosts.

Modern CPUs may be configured to help distribute CPU processing load across multiple processing cores, therefore allowing multiple computing tasks to execute simultaneously and reduce overall real or perceived processing time. For example, many CPUs include multiple independent and asynchronous cores, each capable of handling different tasks simultaneously. Generally, GPUs, while having multiple cores, can be limited in their ability to handle multiple different tasks simultaneously. A typical GPU can be characterized as a processor which can handle a Single Instruction stream with Multiple Data streams (SIMD) whereas a typical multi-core CPU can be characterized as a processor which can handle Multiple Instruction streams with Multiple Data streams (MIMD). A multi-core CPU or a cluster of multiple CPUs can also be characterized as parallelized SIMD processor(s), thereby in effect simulating a MIMD architecture.

A SIMD architecture is generally optimized to perform processing operations for simultaneous execution of the same computing instruction on multiple pieces of data, each processed using a different core. A MIMD architecture is generally optimized to perform processing operations which requires simultaneous execution of different computing instructions on multiple pieces of data, regardless of whether executing processes are synchronized. As such, SIMD processors, such as GPUs, typically perform well with discrete, highly parallel, computational tasks spread across as many of the GPU cores as possible and making use of a single instruction stream. Many GPUs have specific hardware and firmware limitations in place to limit the ability for the GPU cores to be separated, or otherwise virtualized, thereby reinforcing the SIMD architecture paradigm. CPUs typically have little or no such limitation, thereby making the process of dividing GPU processing time across multiple tasks difficult as compared to CPUs. Rather than attempting this, IaaS providers with GPU resources may need to provide more physical GPUs to handle GPU processing requests and possibly even dedicated GPUs for certain processes, for example, artificial intelligence (AI) workloads, even if the actual computational capacity of that infrastructure far out-strips the GPU compute demand, leading to inflated capital and operating costs associated with offering GPU resources in an IaaS, PaaS, SaaS, or other product or cloud infrastructure offering.

In the case of GPU-heavy workloads such as those demanded by certain AI-enabled offerings, not all AI workloads are the same and hardware optimal for running one AI workload may not be rightly-sized for another AI workload.

Virtualization techniques have emerged throughout the past decades to optimize the utilization of hardware resources such as CPUs by efficiently allowing computing tasks to be spread across multiple cores, CPUs, clusters, etc. However, such virtualization is generally not available or non-performant for GPUs and this can lead to higher operating costs and increased application or platform latency. What is needed is a technique for appropriately scaling a workflow pipeline to handle high-density processing operations (such as AI operations) which require frequent utilization of GPUs during processing.

Read the full patent here.

ABOUT ENTEFY

Entefy is an enterprise AI software company. Entefy’s patented, multisensory AI technology delivers on the promise of the intelligent enterprise, at unprecedented speed and scale.

Entefy products and services help organizations transform their legacy systems and business processes—everything from knowledge management to workflows, supply chain logistics, cybersecurity, data privacy, customer engagement, quality assurance, forecasting, and more. Entefy’s customers vary in size from SMEs to large global public companies across multiple industries including financial services, healthcare, retail, and manufacturing.

To leap ahead and future proof your business with Entefy’s breakthrough AI technologies, visit www.entefy.com  or contact us at contact@entefy.com.

U.S. Patent Number: 10,110,585
Patent Title: Universal interaction platform for people, services, and devices
Issue Date: October 23, 2018
Inventors: Ghafourifar, et al.
Assignee: Entefy Inc.

Patent Abstract

A zero-trust network and methods of using same are disclosed. The network includes a plurality of nodes, some of which are user devices, such as mobile phones, some of which are computer servers. One or more of the nodes includes a directory system. When a server receives an access request by a user device or other node, the directory system is notified of the request. The directory system will contact a number of randomly selected nodes, and if any one of the nodes does not recognize the requesting device, the requesting device will be denied access. If every queried node is able to authenticate the requesting device, the directory system creates a session for the first device to access the server. The directory system can grant access by providing the server and device reciprocating keys. After the session ends, the accessed node is assigned a new identifier.

USPTO Technical Field

This disclosure relates generally to computer network security. More specifically, this disclosure relates to systems, methods, and computer readable media for multi-party authentication for access permissions in a distributed system without a central trusted authority.

Background

The vast majority of software-based systems rely heavily on the assumption that a server and any client application are designed to interact with a “trusted” resource and therefore, the information and directives which are sent to and from the server are assumed to be “trusted” by the client. In some systems, this could constitute all aspects of the product, whereas in other more secure systems that facilitate end-to-end encryption schemes or possess limited client-server communication, the trusted authority is expected to reliably connect one peer to another for an anonymous key exchange, thus maintaining the privacy of data shared between each peer. In both cases, the central, otherwise trusted authority is still vulnerable to compromise and therefore, the assumption of a “trusted” resource, while traditionally necessary, is an inherent point of vulnerability when designing for system integrity. Further, compromise can occur by exploiting such vulnerabilities via external and internal penetration. Internal compromise is exceptionally difficult to protect against because, it requires that a system or set of processes does not trust itself, a system admin, server, or other authorizing party. This could be made to be analogous to the challenges with a body detecting and fighting cancer since the primary difficult results in detection and containment of one’s own cells. In a server system, these internal parties can, through malice, compromise, or negligence, violate the integrity of the trusted server, having likely been put in a position to be a trusted resource within an otherwise secure network.

The subject matter of the present disclosure is directed at overcoming, or at least reducing, the effects of one or more of the problems set forth above.

Read the full patent here.

ABOUT ENTEFY

Entefy is an enterprise AI software company. Entefy’s patented, multisensory AI technology delivers on the promise of the intelligent enterprise, at unprecedented speed and scale.

Entefy products and services help organizations transform their legacy systems and business processes—everything from knowledge management to workflows, supply chain logistics, cybersecurity, data privacy, customer engagement, quality assurance, forecasting, and more. Entefy’s customers vary in size from SMEs to large global public companies across multiple industries including financial services, healthcare, retail, and manufacturing.

To leap ahead and future proof your business with Entefy’s breakthrough AI technologies, visit www.entefy.com  or contact us at contact@entefy.com.

U.S. Patent Number: 10,055,384
Patent Title: Advanced zero-knowledge document processing and synchronization
Issue Date: August 21, 2018
Inventors: Ghafourifar, et al.
Assignee: Entefy Inc.

Patent Abstract

Techniques disclosed herein decouple a document’s structure from its general content wherein the structure is retained in plaintext (both at a client device and in a server system) and the data is retained in cyphertext, and where the cloud-based server system is not tasked with the saving or management of the relevant cryptographic keys. Because the network- or cloud-based server system has “zero-knowledge” about the document’s data content or the relevant cryptographic keys, an attack on the server system does not put the security of the document’s data at risk. In addition, the network- or cloud-based server system may be used to perform the computationally intensive tasks of converting the document between a first format (often associated with a full-function document processing application not supported by the client device) and a second format (easily displayed and manipulated by a client device).

USPTO Technical Field

This disclosure relates generally to cloud-based computing. More particularly, but not by way of limitation, this disclosure relates to a zero-knowledge approach to cloud-based document processing.

Background

As the world’s computing ecosystem evolves toward a “cloud-based” environment, more and more users (individual and corporate) will generate, edit and distribute documents on-line. At least one web-based editing program allows users to create, share and edit documents through a network. This program allows users to upload a number of differently formatted text-based documents into the system. From there, such documents are converted into the format used by the on-line editing program. Once this process is completed multiple users can work on the same document in real-time, editing content and altering the document’s structure from any location with Internet access (e.g., adding text, adjusting margins, adding or changing headers and footers, and inserting or deleting pictures). When the cloud-based document is ready for publication, it may be output or exported in any number of formats such as Microsoft Corporation’s Word or Rich Text format (RTF), the Apache Software Foundation’s OpenOffice format, Adobe System’s portable document format (PDF) or HyperText Markup Language (HTML) format. Products that enable cloud-based document preparation and/or collaboration between multiple users are implemented using a central server computer system to perform various transmission and conversion functions so that client applications, at each end-user, can view and edit document content in real-time. In doing so, the potentially highly sensitive content of these documents is necessarily exposed to the central server (that is, such systems are not “zero-knowledge”). This exposure creates a vulnerability for user privacy and system security.

Read the full patent here.

ABOUT ENTEFY

Entefy is an enterprise AI software company. Entefy’s patented, multisensory AI technology delivers on the promise of the intelligent enterprise, at unprecedented speed and scale.

Entefy products and services help organizations transform their legacy systems and business processes—everything from knowledge management to workflows, supply chain logistics, cybersecurity, data privacy, customer engagement, quality assurance, forecasting, and more. Entefy’s customers vary in size from SMEs to large global public companies across multiple industries including financial services, healthcare, retail, and manufacturing.

To leap ahead and future proof your business with Entefy’s breakthrough AI technologies, visit www.entefy.com  or contact us at contact@entefy.com.