Patents by Inventor Jason Chan
Jason Chan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9954822Abstract: Approaches, techniques, and mechanisms are disclosed for implementing a distributed firewall. In an embodiment, many different computer assets police incoming messages based on local policy data. This local policy data is synchronized with global policy data. The global policy data is generated by one or more separate analyzers. Each analyzer has access to message logs, or information derived therefrom, for groups of computer assets, and is thus able to generate policies based on intelligence from an entire group as opposed to an isolated asset. Among other effects, some of the approaches, techniques, and mechanisms may be effective even in computing environments with limited supervision over the attack surface, and/or computing environments in which assets may need to make independent decisions with respect to how incoming messages should be handled, on account of latency and/or unreliability in connections to other system components.Type: GrantFiled: March 28, 2017Date of Patent: April 24, 2018Assignee: NETFLIX, INC.Inventors: Jason Chan, Poornaprajna Udupi, Shashi Madappa
-
Patent number: 9953173Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database.Type: GrantFiled: May 4, 2015Date of Patent: April 24, 2018Assignee: NETFLIX, INC.Inventors: Ariel Tseitlin, Roy Rapoport, Jason Chan
-
Publication number: 20180004960Abstract: Provided herein are systems and methods for monitoring and assessing the security and risk presented by applications deployed in a complex computing environment. An exemplary application security system an application security server having a processing device in communication with one or more storage systems and includes a security testing system with a plurality of security test modules. The test modules include a first module associated with a first application associated with one or more application instances configured to receive and transmit over a network.Type: ApplicationFiled: September 15, 2017Publication date: January 4, 2018Inventors: Andy Hoernecke, Jason Chan
-
Patent number: 9836969Abstract: A system and method are provided for connecting intersections, to enable two-way wireless communication between a cloud-based traffic operations service and new and existing traffic cabinet hardware using “connected intersection” technology. By providing hardware in existing (or new) traffic control cabinets that can communicate wirelessly with a cloud-based traffic operations system, customers can enhance and upgrade legacy traffic networks using existing IT infrastructure (i.e. servers, hard drives, etc.) or existing communication networks. The connected intersection technology further provides software functionalities including real-time alerts, connectivity between existing cabinets and central systems, and signal timing-plan management for customers that lack an existing central system.Type: GrantFiled: May 9, 2016Date of Patent: December 5, 2017Assignee: Miovision Technologies IncorporatedInventors: David Thompson, Tyler Abbott, Kashif Umer, David Hillis, Roy Lemke, Jason Chan
-
Patent number: 9825956Abstract: Provided herein are systems and methods of managing permissions for applications deployed in a distributed computing infrastructure. An exemplary system includes an access management server having a processing device, a distributed computing infrastructure in communication with the management server having a plurality of resource instances and a request log, an administration system having a security application executing thereon. The security application has access policies associated with each of a plurality of applications. The processing device of the management server: receives application request information from the request log describing requests made by a first application being monitored by the access management server.Type: GrantFiled: October 6, 2015Date of Patent: November 21, 2017Assignee: NETFLIX, INC.Inventors: Patrick Kelley, Ben Hagen, Jason Chan, Kevin Glisson
-
Patent number: 9767291Abstract: Provided herein are systems and methods for monitoring and assessing the security and risk presented by applications deployed in a complex computing environment. An exemplary application security system includes a server having a processing device in communication with storage systems, computing devices executing application instances configured to receive and transmit information over a network, and a security testing system including a first test module that is associated with a first application, which is associated with one or more of the application instances.Type: GrantFiled: October 6, 2015Date of Patent: September 19, 2017Assignee: NETFLIX, INC.Inventors: Andy Hoernecke, Jason Chan
-
Publication number: 20170207911Abstract: Embodiments provide techniques generating and managing encryption keys within a computing infrastructure. Embodiments provide a key publisher that generates and maintains key pairs in a list at a configurable interval. In addition, the key publisher publishes the list to other components within the computing infrastructure. Embodiments also provide a key consumer that downloads the list of encrypted key pairs and maintains an active window of keys to can be accepted from client devices that communicate sensitive data to the computing infrastructure. If the key consumer receives a key from a client device that is outside of the active window yet that corresponds to a future key pair in the list, the key consumer advances the active window towards the future key pair.Type: ApplicationFiled: March 31, 2017Publication date: July 20, 2017Inventors: Poornaprajna UDUPI, Jason CHAN, Jay ZARFOSS
-
Publication number: 20170201489Abstract: Approaches, techniques, and mechanisms are disclosed for implementing a distributed firewall. In an embodiment, many different computer assets police incoming messages based on local policy data. This local policy data is synchronized with global policy data. The global policy data is generated by one or more separate analyzers. Each analyzer has access to message logs, or information derived therefrom, for groups of computer assets, and is thus able to generate policies based on intelligence from an entire group as opposed to an isolated asset. Among other effects, some of the approaches, techniques, and mechanisms may be effective even in computing environments with limited supervision over the attack surface, and/or computing environments in which assets may need to make independent decisions with respect to how incoming messages should be handled, on account of latency and/or unreliability in connections to other system components.Type: ApplicationFiled: March 28, 2017Publication date: July 13, 2017Inventors: Jason Chan, Poornaprajna Udupi, Shashi Madappa
-
Patent number: 9621588Abstract: Approaches, techniques, and mechanisms are disclosed for implementing a distributed firewall. In an embodiment, many different computer assets police incoming messages based on local policy data. This local policy data is synchronized with global policy data. The global policy data is generated by one or more separate analyzers. Each analyzer has access to message logs, or information derived therefrom, for groups of computer assets, and is thus able to generate policies based on intelligence from an entire group as opposed to an isolated asset. Among other effects, some of the approaches, techniques, and mechanisms may be effective even in computing environments with limited supervision over the attack surface, and/or computing environments in which assets may need to make independent decisions with respect to how incoming messages should be handled, on account of latency and/or unreliability in connections to other system components.Type: GrantFiled: September 24, 2014Date of Patent: April 11, 2017Assignee: NETFLIX, INC.Inventors: Jason Chan, Poornaprajna Udupi, Shashi Madappa
-
Publication number: 20170099292Abstract: Provided herein are systems and methods of managing permissions for applications deployed in a distributed computing infrastructure. An exemplary system includes an access management server having a processing device, a distributed computing infrastructure in communication with the management server having a plurality of resource instances and a request log, an administration system having a security application executing thereon. The security application has access policies associated with each of a plurality of applications. The processing device of the management server: receives application request information from the request log describing requests made by a first application being monitored by the access management server.Type: ApplicationFiled: October 6, 2015Publication date: April 6, 2017Inventors: Patrick Kelley, Ben Hagen, Jason Chan, Kevin Glisson
-
Publication number: 20170098086Abstract: Provided herein are systems and methods for monitoring and assessing the security and risk presented by applications deployed in a complex computing environment. An exemplary application security system includes a server having a processing device in communication with storage systems, computing devices executing application instances configured to receive and transmit information over a network, and a security testing system including a first test module that is associated with a first application, which is associated with one or more of the application instances.Type: ApplicationFiled: October 6, 2015Publication date: April 6, 2017Inventors: Andy Hoernecke, Jason Chan
-
Publication number: 20170098219Abstract: Provided herein are systems and methods of monitoring account activity in a streaming media environment. An exemplary system includes a monitoring system, an account creation and management system, and an account payment system. The monitoring system is coupled to the account creation and management system and the account payment system via a network. The processing device of the monitoring system retrieves account information for a first user account. Account information includes user consumption information and user payment information associated with the first user account. The processing device determines a fraudulent account score for the first user account based on at least one of the user consumption information, the user payment information, and account identification information.Type: ApplicationFiled: October 6, 2015Publication date: April 6, 2017Inventors: Rudra Peram, Jason Chan
-
Patent number: 9614818Abstract: Embodiments provide techniques generating and managing encryption keys within a computing infrastructure. Embodiments provide a key publisher that generates and maintains key pairs in a list at a configurable interval. In addition, the key publisher publishes the list to other components within the computing infrastructure. Embodiments also provide a key consumer that downloads the list of encrypted key pairs and maintains an active window of keys to can be accepted from client devices that communicate sensitive data to the computing infrastructure. If the key consumer receives a key from a client device that is outside of the active window yet that corresponds to a future key pair in the list, the key consumer advances the active window towards the future key pair.Type: GrantFiled: July 27, 2015Date of Patent: April 4, 2017Assignee: NETFLIX, INC.Inventors: Poornaprajna Udupi, Jason Chan, Jay Zarfoss
-
Publication number: 20160351048Abstract: A system and method are provided for connecting intersections, to enable two-way wireless communication between a cloud-based traffic operations service and new and existing traffic cabinet hardware using “connected intersection” technology. By providing hardware in existing (or new) traffic control cabinets that can communicate wirelessly with a cloud-based traffic operations system, customers can enhance and upgrade legacy traffic networks using existing IT infrastructure (i.e. servers, hard drives, etc.) or existing communication networks. The connected intersection technology further provides software functionalities including real-time alerts, connectivity between existing cabinets and central systems, and signal timing-plan management for customers that lack an existing central system.Type: ApplicationFiled: May 9, 2016Publication date: December 1, 2016Inventors: David THOMPSON, Tyler ABBOTT, Kashif UMER, David HILLIS, Roy LEMKE, Jason CHAN
-
Publication number: 20160169948Abstract: A method and apparatus for measuring power in an electronic device is provided. A voltage is sensed across a sense resistor and the current is then calculated by dividing the sensed voltage by the value of the sense resistor. The method incorporates a buffer for storing the sensed voltage and calculated current. In addition, the buffer permits the measurements to be taken while the electronic device is in a sleep state. The measurements that may be taken include voltage, current, and power.Type: ApplicationFiled: December 10, 2014Publication date: June 16, 2016Inventors: Joshua Thielen, Glenn Stroz, Lawrence King, Jason Chan, Shuangquan Wang
-
Publication number: 20160088020Abstract: Approaches, techniques, and mechanisms are disclosed for implementing a distributed firewall. In an embodiment, many different computer assets police incoming messages based on local policy data. This local policy data is synchronized with global policy data. The global policy data is generated by one or more separate analyzers. Each analyzer has access to message logs, or information derived therefrom, for groups of computer assets, and is thus able to generate policies based on intelligence from an entire group as opposed to an isolated asset. Among other effects, some of the approaches, techniques, and mechanisms may be effective even in computing environments with limited supervision over the attack surface, and/or computing environments in which assets may need to make independent decisions with respect to how incoming messages should be handled, on account of latency and/or unreliability in connections to other system components.Type: ApplicationFiled: September 24, 2014Publication date: March 24, 2016Inventors: Jason Chan, Poornaprajna Udupi, Shashi Madappa
-
Publication number: 20160015935Abstract: A vascular access system includes a catheter having an inner lumen in communication with an open distal end; a guidewire at least partially positioned in the catheter lumen and extending out the open distal end thereof, respective proximal and distal stops secured to the guidewire; and a centering device slidably mounted on the guidewire such that the centering device may freely within the catheter lumen relative to the guidewire between the proximal and distal stops, wherein the centering device substantially aligns a longitudinal axis of the catheter with a longitudinal axis of the guidewire proximate the centering device.Type: ApplicationFiled: July 14, 2015Publication date: January 21, 2016Inventors: Jason Chan, Huey Chan
-
Publication number: 20150333904Abstract: Embodiments provide techniques generating and managing encryption keys within a computing infrastructure. Embodiments provide a key publisher that generates and maintains key pairs in a list at a configurable interval. In addition, the key publisher publishes the list to other components within the computing infrastructure. Embodiments also provide a key consumer that downloads the list of encrypted key pairs and maintains an active window of keys to can be accepted from client devices that communicate sensitive data to the computing infrastructure. If the key consumer receives a key from a client device that is outside of the active window yet that corresponds to a future key pair in the list, the key consumer advances the active window towards the future key pair.Type: ApplicationFiled: July 27, 2015Publication date: November 19, 2015Inventors: Poornaprajna UDUPI, Jason CHAN, Jay ZARFOSS
-
Publication number: 20150235035Abstract: A security application manages security and reliability of networked applications executing collection of interacting computing elements within a distributed computing architecture. The security application monitors various classes of resources utilized by the collection of nodes within the distributed computing architecture and determine whether utilization of a class of resources is approaching a pre-determined maximum limit. The security application performs a vulnerability scan of a networked application to determine whether the networked application is prone to a risk of intentional or inadvertent breach by an external application. The security application scans a distributed computing architecture for the existence of access control lists (ACLs), and stores ACL configurations and configuration changes in a database.Type: ApplicationFiled: May 4, 2015Publication date: August 20, 2015Inventors: Ariel TSEITLIN, Roy RAPOPORT, Jason CHAN
-
Patent number: 9094377Abstract: Embodiments provide techniques generating and managing encryption keys within a computing infrastructure. Embodiments provide a key publisher that generates and maintains key pairs in a list at a configurable interval. In addition, the key publisher publishes the list to other components within the computing infrastructure. Embodiments also provide a key consumer that downloads the list of encrypted key pairs and maintains an active window of keys to can be accepted from client devices that communicate sensitive data to the computing infrastructure. If the key consumer receives a key from a client device that is outside of the active window yet that corresponds to a future key pair in the list, the key consumer advances the active window towards the future key pair.Type: GrantFiled: August 16, 2013Date of Patent: July 28, 2015Assignee: NETFLIX, INC.Inventors: Poornaprajna Udupi, Jason Chan, Jay Zarfoss