Patents by Inventor Chandrasekar Kannan
Chandrasekar Kannan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8707024Abstract: Embodiments of the present invention provide identity management security domains that may be used in an enterprise security system. A security domain provides a centralized registry of services provided by the enterprise security system. For example, certificate authorities and other services, such as key archives, and the like, in the enterprise security system may register information about themselves in the security domain. Authorized users can then discover the location of these services. In some embodiments, the security domain may provide an interface that indicates a topology between services of the enterprise security system. The security domain may also serve as a distribution point for security policies. A security policy may comprise information that indicates, for example, a set of trusted certificate authorities, certificate templates, certificate revocation lists, and the locations of the services in the enterprise security system.Type: GrantFiled: August 4, 2006Date of Patent: April 22, 2014Assignee: Red Hat, Inc.Inventors: Nang Kon Kwan, Chandrasekar Kannan, Shuk Yee Ho, Steven William Parkinson
-
Patent number: 8412927Abstract: Embodiments of the present invention provide a profile framework for handling enrollment requests. In particular, when a token processing system receives an enrollment request, it selects an applicable profile based on information in the request. The profile may indicate a variety of parameters for fulfilling the enrollment request, such as the locations of the applicable certificate authority, token key service, and the like. The profile may also indicate items, such as the number of keys to generate on a token, a token label, and connection information to securely communicate with other components and the client making the enrollment request.Type: GrantFiled: June 7, 2006Date of Patent: April 2, 2013Assignee: Red Hat, Inc.Inventors: Nang Kon Kwan, Chandrasekar Kannan, Shuk Yee Ho, Steven William Parkinson, Christina Fu
-
Patent number: 8364952Abstract: Methods, systems and computer readable mediums are provided for recovering subject keys and/or certificates for a token. A unique identifier associated with the token is obtained. The token is associated with subject keys and with a first status of statuses, the statuses including a lost status state and an other status state. In response to the token being in the lost status state, a key recovery plan is determined to recover at least one of the subject keys and the certificates associated with the token.Type: GrantFiled: June 6, 2006Date of Patent: January 29, 2013Assignee: Red Hat, Inc.Inventors: Shuk Yee Ho, Christina Fu, Chandrasekar Kannan, Nang Kon Kwan
-
Patent number: 8112624Abstract: Embodiments of the present invention provide a compression capability for compressing a CRL, such as an X.509 CRL, stored as a file, data structure or data object in a computer system having a certification authority (CA) and a security client. An exemplary method provides for accessing the CRL contents including a certificate revocation record and performing compression procedure, such as a lossless compression procedure on the contents of the CRL. The compressed CRL contents can be stored in another file, data structure or data object. A request for the compressed CRL is from a security client whereupon the compressed CRL is returned to the security client by transferring the compressed CRL contents to the security client. The security can client un-compress the compressed CRL contents. In some cases the uncompressed CRL contents can be transferred to the security client.Type: GrantFiled: November 29, 2006Date of Patent: February 7, 2012Assignee: Red Hat, Inc.Inventors: Steven William Parkinson, Chandrasekar Kannan
-
Patent number: 7997482Abstract: A method and apparatus for accessing a remote machine from a local machine via a smart card. In one embodiment, the presence of the smart card coupled to the local machine is detected. A card reader reads the credentials from the smart card and communicates them to a remote access client application of the local machine. The remote access client application transmits the credentials to the remote machine. The remote machine sends a query for login information to the local machine upon valid credentials. The local machine transmits the login information to the remote machine and is granted permission to access the remote machine upon valid login information.Type: GrantFiled: October 5, 2010Date of Patent: August 16, 2011Assignee: Red Hat, Inc.Inventor: Chandrasekar Kannan
-
Publication number: 20110017821Abstract: A method and apparatus for accessing a remote machine from a local machine via a smart card. In one embodiment, the presence of the smart card coupled to the local machine is detected. A card reader reads the credentials from the smart card and communicates them to a remote access client application of the local machine. The remote access client application transmits the credentials to the remote machine. The remote machine sends a query for login information to the local machine upon valid credentials. The local machine transmits the login information to the remote machine and is granted permission to access the remote machine upon valid login information.Type: ApplicationFiled: October 5, 2010Publication date: January 27, 2011Applicant: Red Hat, Inc.Inventor: Chandrasekar Kannan
-
Patent number: 7823775Abstract: A method and apparatus for accessing a remote machine from a local machine via a smart card. In one embodiment, the presence of the smart card coupled to the local machine is detected. A card reader reads the credentials from the smart card and communicates them to a remote access client application of the local machine. The remote access client application transmits the credentials to the remote machine. The remote machine sends a query for login information to the local machine upon valid credentials. The local machine transmits the login information to the remote machine and is granted permission to access the remote machine upon valid login information.Type: GrantFiled: February 28, 2007Date of Patent: November 2, 2010Assignee: Red Hat, Inc.Inventor: Chandrasekar Kannan
-
Publication number: 20080203154Abstract: A method and apparatus for accessing a remote machine from a local machine via a smart card. In one embodiment, the presence of the smart card coupled to the local machine is detected. A card reader reads the credentials from the smart card and communicates them to a remote access client application of the local machine. The remote access client application transmits the credentials to the remote machine. The remote machine sends a query for login information to the local machine upon valid credentials. The local machine transmits the login information to the remote machine and is granted permission to access the remote machine upon valid login information.Type: ApplicationFiled: February 28, 2007Publication date: August 28, 2008Inventor: Chandrasekar Kannan
-
Publication number: 20080126378Abstract: Embodiments of the present invention provide a compression capability for compressing a CRL, such as an X.509 CRL, stored as a file, data structure or data object in a computer system having a certification authority (CA) and a security client. An exemplary method provides for accessing the CRL contents including a certificate revocation record and performing compression procedure, such as a lossless compression procedure on the contents of the CRL. The compressed CRL contents can be stored in another file, data structure or data object. A request for the compressed CRL is from a security client whereupon the compressed CRL is returned to the security client by transferring the compressed CRL contents to the security client. The security can client un-compress the compressed CRL contents. In some cases the uncompressed CRL contents can be transferred to the security client.Type: ApplicationFiled: November 29, 2006Publication date: May 29, 2008Applicant: Red Hat, Inc.Inventors: Steven William Parkinson, Chandrasekar Kannan
-
Publication number: 20080022086Abstract: Methods, systems and computer readable mediums are provided for recovering subject keys and/or certificates for a token. A unique identifier associated with the token is obtained. The token is associated with subject keys and with a first status of statuses, the statuses including a lost status state and an other status state. In response to the token being in the lost status state, a key recovery plan is determined to recover at least one of the subject keys and the certificates associated with the token.Type: ApplicationFiled: June 6, 2006Publication date: January 24, 2008Inventors: Shuk Yee Ho, Christina Fu, Chandrasekar Kannan, Nang Kon Kwan
-
Publication number: 20070288747Abstract: Embodiments of the present invention provide identity management security domains that may be used in an enterprise security system. A security domain provides a centralized registry of services provided by the enterprise security system. For example, certificate authorities and other services, such as key archives, and the like, in the enterprise security system may register information about themselves in the security domain. Authorized users can then discover the location of these services. In some embodiments, the security domain may provide an interface that indicates a topology between services of the enterprise security system. The security domain may also serve as a distribution point for security policies. A security policy may comprise information that indicates, for example, a set of trusted certificate authorities, certificate templates, certificate revocation lists, and the locations of the services in the enterprise security system.Type: ApplicationFiled: August 4, 2006Publication date: December 13, 2007Inventors: Nang Kon KWAN, Chandrasekar KANNAN, Shuk Yee HO, Steven William PARKINSON
-
Publication number: 20070288745Abstract: Embodiments of the present invention provide a profile framework for handling enrollment requests. In particular, when a token processing system receives an enrollment request, it selects an applicable profile based on information in the request. The profile may indicate a variety of parameters for fulfilling the enrollment request, such as the locations of the applicable certificate authority, token key service, and the like. The profile may also indicate items, such as the number of keys to generate on a token, a token label, and connection information to securely communicate with other components and the client making the enrollment request.Type: ApplicationFiled: June 7, 2006Publication date: December 13, 2007Inventors: Nang Kon Kwan, Chandrasekar Kannan, Shuk Yee Ho, Steven William Parkinson, Christina Fu