Patents by Inventor Adrian Cowham
Adrian Cowham has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9356932Abstract: A method of dynamically applying a control policy to a network is described. A network layer of a plurality of network layers associated with user traffic is determined. A portion of a control policy corresponding to the network layer and the user traffic is accessed. Then, the portion is sent to a security device associated with the network layer, the portion being configured to be applied by the security device to the network layer and the user traffic.Type: GrantFiled: January 30, 2009Date of Patent: May 31, 2016Assignee: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LPInventors: Sherry Krell, Rebecca M. Ballesteros, Adrian Cowham, John M. Green
-
Patent number: 9349114Abstract: In one embodiment a method for managing event messages includes predicting an event message arrival rate, determining a current capacity of an event message repository in which received event messages are stored, and calculating a time at which to perform event message deletion relative to the predicted event message arrival rate and the determined current capacity of the event message repository.Type: GrantFiled: October 31, 2006Date of Patent: May 24, 2016Assignee: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LPInventor: Adrian Cowham
-
Patent number: 9178909Abstract: Information associated with a port security state of a network device is received. The received information is converted into an icon that corresponds to the port security state of the network device. The icon is displayed to a user.Type: GrantFiled: October 13, 2006Date of Patent: November 3, 2015Assignee: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.Inventors: Allan Chan, Neeshant D. Desai, Adrian Cowham
-
Patent number: 9032478Abstract: A method of managing security in a network is described. A data anomaly at a first location on a network is detected. A source of this data anomaly is identified. The source is compared with a plurality of access control policies, wherein each of the plurality of access control policies comprises at least one access restriction instruction associated with one or more sources. Based on the comparing, the source is associated with a corresponding one of the plurality of access control policies.Type: GrantFiled: January 29, 2009Date of Patent: May 12, 2015Assignee: Hewlett-Packard Development Company, L.P.Inventors: Rebecca M. Ballesteros, Sherry Krell, Adrian Cowham, John M. Green, Ramachandra Yalakanti
-
Patent number: 8892492Abstract: A system and method for declarative network access control are provided. The system includes an interpreter, a rules engine, a storage device, and a processor. The interpreter transforms sentences in a declarative network access control language to rules. The rules engine evaluates the rules to produce actions for providing access control to a network at a point of access. The storage device stores instructions for the interpreter, the rules and the rules engine and the processor executes those instructions.Type: GrantFiled: December 17, 2008Date of Patent: November 18, 2014Assignee: Hewlett-Packard Development Company, L.P.Inventor: Adrian Cowham
-
Patent number: 8676968Abstract: In a method for determining information about a computing system, a designated process in the computing system is monitored. A determination whether a selected event has occurred in the designated process is made. State information and configuration information regarding the computing device is collected in response to a determination that the selected event has occurred. Meta information associated with the designated process is determined in response to a determination that the selected event has occurred. The state information, the configuration information and the meta information is recorded in an accessible file.Type: GrantFiled: August 9, 2011Date of Patent: March 18, 2014Assignee: Hewlett-Packard Development Company, L.P.Inventors: Adrian Cowham, Serge Zelenov
-
Publication number: 20130041999Abstract: In a method for determining information about a computing system, a designated process in the computing system is monitored. A determination whether a selected event has occurred in the designated process is made. State information and configuration information regarding the computing device is collected in response to a determination that the selected event has occurred. Meta information associated with the designated process is determined in response to a determination that the selected event has occurred. The state information, the configuration information and the meta information is recorded in an accessible file.Type: ApplicationFiled: August 9, 2011Publication date: February 14, 2013Inventors: Adrian Cowham, Serge Zelenov
-
Patent number: 8341704Abstract: A user is enabled to select one or more client devices from a number of client devices and to select one or more server devices from a number of server devices. Secure communication is to occur between each selected client device and each selected server device. For each unique pair of a selected client device and a selected server device, a validation of a security configuration of the selected client device and a security configuration of the selected server device is performed, to determine whether secure communication can occur between the selected client device and the selected server device. Where the validation has failed, reconfiguration of one or more of the selected client device and the selected server device is performed so that secure communication can occur between the selected client device and the selected server device.Type: GrantFiled: October 30, 2009Date of Patent: December 25, 2012Assignee: Hewlett-Packard Development Company, L.P.Inventor: Adrian Cowham
-
Publication number: 20120110461Abstract: A headless appliance includes a network chassis management interface determiner configured to determine a network chassis management interface. The headless appliance is configured to be disposed in a network chassis. The headless appliance also includes a management interface command mapping configured to associate commands of the network chassis management interface to commands of a headless appliance management interface.Type: ApplicationFiled: October 29, 2010Publication date: May 3, 2012Inventors: Adrian COWHAM, Sherry Krell, Serge Zelenov
-
Patent number: 8140461Abstract: A method of selectively identifying conflicting network access rules within a knowledge base containing a plurality of network access rules, each rule having a condition portion and a consequence portion, and creating a corresponding resolved consequence, including the steps of comparing the condition portions of the rules, determining conflicting rules to be rules with matching condition portions and differing consequence portions, and analyzing the consequence portions of each of the conflicting rules to define the resolved consequence to be executed when the condition portion in any of the conflicting rules is executed.Type: GrantFiled: March 24, 2008Date of Patent: March 20, 2012Assignee: Hewlett-Packard Development Company, L.P.Inventor: Adrian Cowham
-
Publication number: 20110289557Abstract: A method of managing security in a network is described. A data anomaly at a first location on a network is detected. A source of this data anomaly is identified. The source is compared with a plurality of access control policies, wherein each of the plurality of access control policies comprises at least one access restriction instruction associated with one or more sources. Based on the comparing, the source is associated with a corresponding one of the plurality of access control policies.Type: ApplicationFiled: January 29, 2009Publication date: November 24, 2011Inventors: Rebecca M. Ballesteros, Sherry Krell, Adrian Cowham, John M. Green, Ramachandra Yalakanti
-
Publication number: 20110289551Abstract: A method of dynamically applying a control policy to a network is described. A network layer of a plurality of network layers associated with user traffic is determined. A portion of a control policy corresponding to the network layer and the user traffic is accessed. Then, the portion is sent to a security device associated with the network layer, the portion being configured to be applied by the security device to the network layer and the user traffic.Type: ApplicationFiled: January 30, 2009Publication date: November 24, 2011Inventors: Sherry Krell, Rebecca M. Ballesteros, Adrian Cowham, John M. green
-
Publication number: 20110107091Abstract: A user is enabled to select one or more client devices from a number of client devices and to select one or more server devices from a number of server devices. Secure communication is to occur between each selected client device and each selected server device. For each unique pair of a selected client device and a selected server device, a validation of a security configuration of the selected client device and a security configuration of the selected server device is performed, to determine whether secure communication can occur between the selected client device and the selected server device. Where the validation has failed, reconfiguration of one or more of the selected client device and the selected server device is performed so that secure communication can occur between the selected client device and the selected server device.Type: ApplicationFiled: October 30, 2009Publication date: May 5, 2011Inventor: Adrian Cowham
-
Patent number: 7873608Abstract: A method for validating a syslog message having a plurality of message components. The method includes providing a meta regular expression. The meta regular expression is formed from a set of regular expressions with each of the regular expressions corresponding to one of the plurality of message components. The meta-regular expression represents a plurality of message component patterns, each of the message component patterns representing a different ordering of individual regular expressions of the set of regular expressions. The method further includes comparing the syslog message with the meta regular expression. The syslog message is deemed valid if the syslog message matches one of the plurality of message component patterns represented by the meta regular expression.Type: GrantFiled: May 25, 2005Date of Patent: January 18, 2011Assignee: Hewlett-Packard Development Company, L.P.Inventors: Neeshant Desai, Adrian Cowham
-
Publication number: 20100153327Abstract: A system and method for declarative network access control are provided. The system includes an interpreter, a rules engine, a storage device, and a processor. The interpreter transforms sentences in a declarative network access control language to rules. The rules engine evaluates the rules to produce actions for providing access control to a network at a point of access. The storage device stores instructions for the interpreter, the rules and the rules engine and the processor executes those instructions.Type: ApplicationFiled: December 17, 2008Publication date: June 17, 2010Inventor: Adrian Cowham
-
Patent number: 7657491Abstract: A network management station includes a processor, memory coupled to the processor, and computer executable instructions provided to the memory and executable by the processor. The computer executable instructions are configured to transmit a network management message to a network device connected to the network management station over a network, receive response information from the network device based on the network management message, receive unsolicited information from the network device, and apply fuzzy logic to the received information and the unsolicited information to produce information associated with the health of the network device.Type: GrantFiled: October 31, 2006Date of Patent: February 2, 2010Assignee: Hewlett-Packard Development Company, L.P.Inventors: Devon L. Dawson, Steven V. Britt, Adrian Cowham
-
Patent number: 7624177Abstract: A method for processing syslog messages. The syslog messages are received from a plurality of components. The method includes receiving a first syslog message. The method further includes determining whether the first syslog message is one of a plurality of critical syslog messages. The method also includes, if the first syslog message is the one of the plurality of critical syslog messages, performing critical message handling using the first syslog message. The method yet also includes, if the first syslog message is not any of the plurality of critical syslog messages, performing non-critical message handling using the first syslog message.Type: GrantFiled: May 25, 2005Date of Patent: November 24, 2009Assignee: Hewlett-Packard Development Company, L.P.Inventors: Neeshant Desai, Adrian Cowham
-
Publication number: 20090240645Abstract: A method of selectively identifying conflicting network access rules within a knowledge base containing a plurality of network access rules, each rule having a condition portion and a consequence portion, and creating a corresponding resolved consequence, including the steps of comparing the condition portions of the rules, determining conflicting rules to be rules with matching condition portions and differing consequence portions, and analyzing the consequence portions of each of the conflicting rules to define the resolved consequence to be executed when the condition portion in any of the conflicting rules is executed.Type: ApplicationFiled: March 24, 2008Publication date: September 24, 2009Inventor: Adrian Cowham
-
Publication number: 20080154804Abstract: Embodiments include applying fuzzy based rules to information associated with various metrics from a network device to produce a variable fuzzy based rule expression. The variable fuzzy based rule expression can then be used as an input parameter to a fuzzy rule based heuristic.Type: ApplicationFiled: October 31, 2006Publication date: June 26, 2008Inventors: Devon L. Dawson, Steven V. Britt, Adrian Cowham
-
Publication number: 20080148293Abstract: An event broker that receives various types of events in a particular device, and decodes the events to a common meaning form as a generic event that is accessible by various software applications in the device. The event broker includes a plurality of event receivers that receive the events on various ports of the device. The events are then transferred to an event driver loader that accesses a particular event driver depending on how the particular event is formatted. The event driver decodes the event and stores the generic event in an event storage system and/or passes it on to a particular software module that may need to use the event at that particular time.Type: ApplicationFiled: October 17, 2006Publication date: June 19, 2008Inventors: Adrian Cowham, Devon L. Dawson, Daniel E. Ford