Patents by Inventor Anup K. Ghosh
Anup K. Ghosh has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9122540Abstract: A method and system for transforming a first computer program having program statements to a second computer program. A parsed first computer program is translated to the second computer program. The first computer program includes a first program statement that includes a first error. The translating includes: (i) identifying a second program statement in the parsed first computer program that includes a second error and has thrown a translation exception with respect to the second error, (ii) rolling back the translating to a predefined check point prior to the second program statement in the parsed first computer program such that the predefined check point is associated with a statement in the parsed first computer program that was successfully translated, and (iii) generating an executable equivalent translation for the second statement. After the translating, a mapping of one or more statements is generated.Type: GrantFiled: July 10, 2014Date of Patent: September 1, 2015Assignee: International Business Machines CorporationInventors: Pankaj Dhoolia, Anup K. Ghosh, Sugata Ghosal, Asidhara Lahiri, Mangala G. Nanda, Krishna Nandivada Venkata, Anjan Nandy, Diptikalyan Saha
-
Publication number: 20150212842Abstract: An on-demand disposable virtual work system that includes: a virtual machine monitor to host virtual machines, a virtual machine pool manager, a host operating system, a host program permissions list, and a request handler module. The virtual machine pool manager manages virtual machine resources. The host operating system interfaces with a user and virtual machines created with an image of a reference operating system. The host program permissions list may be a black list and/or a white list used to indicate allowable programs. The request handler module allows execution of the program if the program is allowable. If the program is not allowable, the host request handler module: denies program execution and urges a virtual machine specified by the virtual machine pool manager to execute the program. The virtual machine is terminated when the program closes.Type: ApplicationFiled: September 10, 2014Publication date: July 30, 2015Applicant: GEORGE MASON RESEARCH FOUNDATION, INC.Inventors: Anup K. GHOSH, Sushil JAJODIA, Yih HUANG, Jiang WANG
-
Publication number: 20150195302Abstract: A hardware-assisted integrity monitor may include one or more target machines and/or monitor machines. A target machine may include one or more processors, which may include one or more system management modes (SMM). A SMM may include one or more register checking modules, which may be configured to determine one or more current CPU register states. A SMM may include one or more acquiring modules, which may be configured to determine one or more current memory states. A SMM may include one or more network modules, which may be configured to direct one or more communications, for example of one or more current CPU register states and/or current memory states, to a monitor machine. A monitor machine may include one or more network modules and/or analysis modules. An analysis module may be configured to determine memory state differences and/or determine CPU register states differences.Type: ApplicationFiled: August 22, 2014Publication date: July 9, 2015Applicant: GEORGE MASON RESEARCH FOUNDATION, INC.Inventors: Anup K. GHOSH, Kun SUN, Jiang WANG, Angelos STAVROU
-
Publication number: 20140325491Abstract: A method and system for transforming a first computer program having program statements to a second computer program. A parsed first computer program is translated to the second computer program. The first computer program includes a first program statement that includes a first error. The translating includes: (i) identifying a second program statement in the parsed first computer program that includes a second error and has thrown a translation exception with respect to the second error, (ii) rolling back the translating to a predefined check point prior to the second program statement in the parsed first computer program such that the predefined check point is associated with a statement in the parsed first computer program that was successfully translated, and (iii) generating an executable equivalent translation for the second statement. After the translating, a mapping of one or more statements is generated.Type: ApplicationFiled: July 10, 2014Publication date: October 30, 2014Inventors: Pankaj Dhoolia, Anup K. Ghosh, Sugata Ghosal, Asidhara Lahiri, Mangala G. Nanda, Krishna Nandivada Venkata, Anjan Nandy, Diptikalyan Saha
-
Patent number: 8856782Abstract: An on-demand disposable virtual work system that includes: a virtual machine monitor to host virtual machines, a virtual machine pool manager, a host operating system, a host program permissions list, and a request handler module. The virtual machine pool manager manages virtual machine resources. The host operating system interfaces with a user and virtual machines created with an image of a reference operating system. The host program permissions list may be a black list and/or a white list used to indicate allowable programs. The request handler module allows execution of the program if the program is allowable. If the program is not allowable, the host request handler module: denies program execution and urges a virtual machine specified by the virtual machine pool manager to execute the program. The virtual machine is terminated when the program closes.Type: GrantFiled: February 26, 2008Date of Patent: October 7, 2014Assignee: George Mason Research Foundation, Inc.Inventors: Anup K Ghosh, Sushil Jajodia, Yih Huang, Jiang Wang
-
Publication number: 20140289563Abstract: A method and associated system for automatically correcting an application based on runtime behavior of the application. An incident indicates a performance of the application in which a problem object produces an outcome that had not been expected by a user or by a ticketing tool. An incident flow for the problem object is automatically analyzed. Actual run of the application renders a forward data flow and at least one backward data flow is simulated from an expected outcome of the problem object. The forward data flow and the backward data flow(s) are compared to create a candidate fault list for the problem object. A technical specification to correct the candidate fault list and a solution to replace the application are subsequently devised.Type: ApplicationFiled: March 21, 2013Publication date: September 25, 2014Applicant: International Business Machines CorporationInventor: Anup K. Ghosh
-
Patent number: 8839422Abstract: An embodiment for providing a secure virtual browsing environment includes creating a virtual browsing environment with a virtualized operating system sharing an operating system kernel of a supporting operating system and executing the browser application within the virtual browsing environment. Another embodiment includes receiving a website selection within a browser application, determining if the website selection corresponds to a secure bookmark, and creating a second virtual browsing environment and executing the browser application within the second virtual browsing environment to access the website selection when the website selection corresponds to a website specified as a secure bookmark.Type: GrantFiled: June 30, 2010Date of Patent: September 16, 2014Assignee: George Mason Research Foundation, Inc.Inventors: Anup K Ghosh, Sushil Jajodia, Yih Huang, Jiang Wang
-
Publication number: 20140207772Abstract: Embodiments of the present invention relate to an approach for reusing information/knowledge. Specifically, embodiments of the present invention provide an approach for retrieving previously stored data to satisfy queries (e.g., jobs/tickets) for solutions to problems while maintaining privacy/security of the data as well as ensuring the quality of the results. In a typical embodiment, a query for a solution to a problem is received and details are extracted therefrom. Using the details, a search is performed on a set of data stored in at least one computer storage device. Based on the search, a set of results will be generated and classified into a set of categories. In any event, the quality of each of the set of results will be assessed based on the usefulness of the set of results.Type: ApplicationFiled: March 24, 2014Publication date: July 24, 2014Applicant: International Business Machines CorporationInventors: Anup K. Ghosh, Sugata Ghosal, Nandakishore Kambhatla, Rose C. Kanjirathinkal, Asidhara Lahiri, Debapriyo Majumdar, Shajith I. Mohamed, Karthik Visweswariah
-
Patent number: 8768921Abstract: Embodiments of the present invention relate to an approach for reusing information/knowledge. Specifically, embodiments of the present invention provide an approach for retrieving previously stored data to satisfy queries (e.g., jobs/tickets) for solutions to problems while maintaining privacy/security of the data as well as ensuring the quality of the results. In a typical embodiment, a query for a solution to a problem is received and details are extracted therefrom. Using the details, a search is performed on a set of data stored in at least one computer storage device. Based on the search, a set of results will be generated and classified into a set of categories. In any event, the quality of each of the set of results will be assessed based on the usefulness of the set of results.Type: GrantFiled: October 20, 2011Date of Patent: July 1, 2014Assignee: International Business Machines CorporationInventors: Sugata Ghosal, Anup K. Ghosh, Nandakishore Kambhatla, Rose C. Kanjirathinkal, Asidhara Lahiri, Debapriyo Majumdar, Shajith I. Mohamed, Karthik Visweswariah
-
Publication number: 20140053269Abstract: An attack resistant continuous network service trustworthiness controller comprising: state estimation module(s), response selection module(s), actuation module(s), and client dispatcher communication module(s) for maintaining the availability and integrity of online server(s). The state estimation module(s) are configured to generate state estimate(s) for online server(s) using behavior data obtained using sensor module(s). The response selection module(s) are configured to determine corrective action(s) to maintain the availability and integrity of online server(s) when state estimate(s) indicate that the integrity of an online server(s) is compromised. The actuation module(s) are configured to activate actuator(s) based upon the corrective action(s). Client dispatcher communication module(s) are configured to communicate online server availability information to a client dispatcher.Type: ApplicationFiled: October 24, 2013Publication date: February 20, 2014Applicant: George Mason Research Foundation, Inc.Inventors: Anup K. Ghosh, Yih Huang, Arun Sood
-
Patent number: 8572735Abstract: An attack resistant continuous network service trustworthiness controller comprising: state estimation module(s), response selection module(s), actuation module(s), and client dispatcher communication module(s) for maintaining the availability and integrity of online server(s). The state estimation module(s) are configured to generate state estimate(s) for online server(s) using behavior data obtained using sensor module(s). The response selection module(s) are configured to determine corrective action(s) to maintain the availability and integrity of online server(s) when state estimate(s) indicate that the integrity of an online server(s) is compromised. The actuation module(s) are configured to activate actuator(s) based upon the corrective action(s). Client dispatcher communication module(s) are configured to communicate online server availability information to a client dispatcher.Type: GrantFiled: March 31, 2008Date of Patent: October 29, 2013Assignee: George Mason Research Foundation, Inc.Inventors: Anup K. Ghosh, Yih Huang, Arun Sood
-
Patent number: 8448139Abstract: A system and associated method for automatically correcting an application based on runtime behavior of the application. An incident indicates a performance of the application in which a problem object produces an outcome that had not been expected by a user or by a ticketing tool. An incident flow for the problem object is automatically analyzed. Actual run of the application renders a forward data flow and at least one backward data flow is simulated from an expected outcome of the problem object. The forward data flow and the backward data flow(s) are compared to create a candidate fault list for the problem object. A technical specification to correct the candidate fault list and a solution to replace the application are subsequently devised.Type: GrantFiled: October 5, 2009Date of Patent: May 21, 2013Assignee: International Business Machines CorporationInventor: Anup K. Ghosh
-
Publication number: 20130103682Abstract: Embodiments of the present invention relate to an approach for reusing information/knowledge. Specifically, embodiments of the present invention provide an approach for retrieving previously stored data to satisfy queries (e.g., jobs/tickets) for solutions to problems while maintaining privacy/security of the data as well as ensuring the quality of the results. In a typical embodiment, a query for a solution to a problem is received and details are extracted therefrom. Using the details, a search is performed on a set of data stored in at least one computer storage device. Based on the search, a set of results will be generated and classified into a set of categories. In any event, the quality of each of the set of results will be assessed based on the usefulness of the set of results.Type: ApplicationFiled: October 20, 2011Publication date: April 25, 2013Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Anup K. Ghosh, Sugata Ghosal, Nandakishore Kambhatla, Rose C. Kanjirathinkal, Asidhara Lahiri, Debapriyo Majumdar, Shajith I. Mohamed, Karthik Visweswariah
-
Publication number: 20120297177Abstract: An interoperable firmware memory containing a Basic Input Output System (BIOS) and a trusted platform module (TPSM). The BIOS includes CPU System Management Mode (SMM) firmware configured as read-only at boot. The SMM firmware configured to control switching subsequent to boot between at least: a first memory and second isolated memory; and a first and second isolated non-volatile storage device. The first memory including a first operating system and the second memory including a second operating system. The first non-volatile storage device configured to be used by the first operating system and the second non-volatile storage device configured to be used by the second operating system. The trusted platform module (TPSM) configured to check the integrity of the CPU system Management Mode (SMM) during the boot process.Type: ApplicationFiled: November 15, 2011Publication date: November 22, 2012Inventors: Anup K. Ghosh, Kun Sun, Jiang Wang, Angelos Stavrou
-
Publication number: 20120297057Abstract: A hardware-assisted integrity monitor may include one or more target machines and/or monitor machines. A target machine may include one or more processors, which may include one or more system management modes (SMM). A SMM may include one or more register checking modules, which may be configured to determine one or more current CPU register states. A SMM may include one or more acquiring modules, which may be configured to determine one or more current memory states. A SMM may include one or more network modules, which may be configured to direct one or more communications, for example of one or more current CPU register states and/or current memory states, to a monitor machine. A monitor machine may include one or more network modules and/or analysis modules. An analysis module may be configured to determine memory state differences and/or determine CPU register states differences.Type: ApplicationFiled: November 15, 2011Publication date: November 22, 2012Inventors: Anup K. Ghosh, Kun Sun, Jiang Wang, Angelos Stavrou
-
Publication number: 20120297457Abstract: An interactive detector that includes a challenger and authorizer. The challenger may send a challenge to a source application in response to an intercepted request intended for a destination application from the source application. The challenge may be configured to invoke an expected challenge response from component(s) of the source application. The authorizer may allow the request to proceed to the destination application if a received challenge response generated by the source application satisfies the expected challenge response.Type: ApplicationFiled: November 15, 2011Publication date: November 22, 2012Inventors: Brian Schulte, Angelos Stavrou, Anup K. Ghosh, Rhandi Martin, Charalampos Andrianakis
-
Publication number: 20110167492Abstract: An embodiment for providing a secure virtual browsing environment includes creating a virtual browsing environment with a virtualized operating system sharing an operating system kernel of a supporting operating system and executing the browser application within the virtual browsing environment. Another embodiment includes receiving a website selection within a browser application, determining if the website selection corresponds to a secure bookmark, and creating a second virtual browsing environment and executing the browser application within the second virtual browsing environment to access the website selection when the website selection corresponds to a website specified as a secure bookmark.Type: ApplicationFiled: June 30, 2010Publication date: July 7, 2011Inventors: Anup K. Ghosh, Sushil Jajodia, Yih Huang, Jiang Wang
-
Publication number: 20110083044Abstract: A system and associated method for automatically correcting an application based on runtime behavior of the application. An incident indicates a performance of the application in which a problem object produces an outcome that had not been expected by a user or by a ticketing tool. An incident flow for the problem object is automatically analyzed. Actual run of the application renders a forward data flow and at least one backward data flow is simulated from an expected outcome of the problem object. The forward data flow and the backward data flow(s) are compared to create a candidate fault list for the problem object. A technical specification to correct the candidate fault list and a solution to replace the application are subsequently devised.Type: ApplicationFiled: October 5, 2009Publication date: April 7, 2011Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventor: ANUP K. GHOSH
-
Publication number: 20090125902Abstract: An on-demand disposable virtual work system that includes: a virtual machine monitor to host virtual machines, a virtual machine pool manager, a host operating system, a host program permissions list, and a request handler module. The virtual machine pool manager manages virtual machine resources. The host operating system interfaces with a user and virtual machines created with an image of a reference operating system. The host program permissions list may be a black list and/or a white list used to indicate allowable programs. The request handler module allows execution of the program if the program is allowable. If the program is not allowable, the host request handler module: denies program execution and urges a virtual machine specified by the virtual machine pool manager to execute the program. The virtual machine is terminated when the program closes.Type: ApplicationFiled: February 26, 2008Publication date: May 14, 2009Inventors: Anup K. Ghosh, Sushil Jajodia, Yih Huang, Jiang Wang
-
Publication number: 20090044265Abstract: An attack resistant continuous network service trustworthiness controller comprising: state estimation module(s), response selection module(s), actuation module(s), and client dispatcher communication module(s) for maintaining the availability and integrity of online server(s). The state estimation module(s) are configured to generate state estimate(s) for online server(s) using behavior data obtained using sensor module(s). The response selection module(s) are configured to determine corrective action(s) to maintain the availability and integrity of online server(s) when state estimate(s) indicate that the integrity of an online server(s) is compromised. The actuation module(s) are configured to activate actuator(s) based upon the corrective action(s). Client dispatcher communication module(s) are configured to communicate online server availability information to a client dispatcher.Type: ApplicationFiled: March 31, 2008Publication date: February 12, 2009Inventors: Anup K. Ghosh, Yih Huang, Arun Sood