Patents by Inventor John Melvin Antony
John Melvin Antony has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10380548Abstract: The invention relates to a system and method for customizing and storing workflow processes for use in remediation incidents such as security events. One aspect of the invention relates to providing tools to enable creation of customized workflow processes for event driven incident remediation, monitoring and analyzing system activity to identify occurrence of incidents, assigning a workflow process to an incident, applying the assigned workflow process to remediate the incident, and tracking and graphically displaying the status of the workflow process, among other things.Type: GrantFiled: June 12, 2017Date of Patent: August 13, 2019Assignee: Oracle International CorporationInventors: Dipto Chakravarty, John Melvin Antony, Usman Choudhary, David Capuano, Srinivasa Phanindra Mallapragada
-
Patent number: 10057285Abstract: Described herein is a system and method for auditing governance, risk, and compliance using an event correlation architecture. In particular, the event correlation architecture may include a solution designer for defining a solution pack that enforces one or more specific governance, risk, or compliance controls, and a solution manager for deploying the solution pack within the event correlation architecture to configure the architecture for enforcement of the one or more controls. Thus, a collection of content defined in the solution pack may be used to enrich one or more events received at the event correlation architecture, and a correlation engine may then correlate the events using the content in the solution pack to enforce the one or more governance, risk, or compliance controls.Type: GrantFiled: April 15, 2009Date of Patent: August 21, 2018Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Usman Choudhary, John Melvin Antony, Michael Howard Cooper, Pattabiraman Srinivasan
-
Publication number: 20170278066Abstract: The invention relates to a system and method for customizing and storing workflow processes for use in remediation incidents such as security events. One aspect of the invention relates to providing tools to enable creation of customized workflow processes for event driven incident remediation, monitoring and analyzing system activity to identify occurrence of incidents, assigning a workflow process to an incident, applying the assigned workflow process to remediate the incident, and tracking and graphically displaying the status of the workflow process, among other things.Type: ApplicationFiled: June 12, 2017Publication date: September 28, 2017Applicant: Oracle International CorporationInventors: Dipto Chakravarty, John Melvin Antony, Usman Choudhary, David Capuano, Srinivasa Phanindra Mallapragada
-
Patent number: 9715675Abstract: The invention relates to a system and method for customizing and storing workflow processes for use in remediation incidents such as security events. One aspect of the invention relates to providing tools to enable creation of customized workflow processes for event driven incident remediation, monitoring and analyzing system activity to identify occurrence of incidents, assigning a workflow process to an incident, applying the assigned workflow process to remediate the incident, and tracking and graphically displaying the status of the workflow process, among other things.Type: GrantFiled: December 22, 2006Date of Patent: July 25, 2017Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Dipto Chakravarty, John Melvin Antony, Usman Choudhary, David Capuano, Srinivasa Phanindra Mallapragada
-
Patent number: 9111092Abstract: Apparatus, systems, and methods may operate to include transforming subsequent unmarked contexts into additional tainted contexts in response to identifying a tainted event as a link between a prior tainted context and the subsequent unmarked contexts. Further operations may include publishing an event horizon to a display. The event horizon may include the tainted event and all other events associated with a linked chain of contexts that include the prior tainted context and the additional tainted contexts, where the tainted event and the other events share the taint in common. In this way, a taint associated with malicious behavior can be propagated and tracked as it moves between contexts. Additional apparatus, systems, and methods are disclosed.Type: GrantFiled: August 29, 2011Date of Patent: August 18, 2015Assignee: Novell, Inc.Inventors: Paul Apostolescu, John Melvin Antony, Pattabiraman Srinivasan
-
Patent number: 8966392Abstract: Apparatus, systems, and methods may operate to generate a reference statistical model of an operating system, such as a computer system, and display the reference statistical model as a hierarchical, segmented time series event stream graph, along with a graph representing current behavior of the system. The event stream graph may be derived from one or more streams of security events. Additional operations may include receiving requests to display further detail respecting discrepancies between the reference statistical model and the current behavior. Other apparatus, systems, and methods are disclosed.Type: GrantFiled: August 29, 2011Date of Patent: February 24, 2015Assignee: Novell, Inc.Inventors: John Melvin Antony, Paul Apostolescu, Pattabiraman Srinivasan, Prathap Adusumilli, Usman Choudhary
-
Patent number: 8782734Abstract: Methods and apparatus teach defining an access policy to digital data available on one or more computing devices, including identifying one or more semantic attributes of at least one first digital data set and using the identified attributes to define policy dictating user access privileges. On receipt of a user request to access at least one second digital data set, semantic attributes are compared to the at least one first digital data set and access is allowed or not allowed based on the policy. Semantic attributes are selected from at least one of a closeness attribute, a relatedness attribute, and a semantic vector attribute. Also is taught configuring a policy enforcement agent on the one or more computing devices to undertake the comparing and to allow or not allow access. In turn, computer program products and computing systems for accomplishing the foregoing are provided.Type: GrantFiled: January 14, 2011Date of Patent: July 15, 2014Assignee: Novell, Inc.Inventors: Scott A. Isaacson, John Melvin Antony, Stephen R. Carter
-
Patent number: 8595837Abstract: Apparatus, systems, and methods may operate to receive multiple security event data streams from a plurality of hardware processing nodes, the multiple security event data streams comprising multiple security events. Additional operations may include extracting multiple security events from multiple security event data streams, and classifying the extracted multiple security events to form domain-specific, categorized data streams. A hierarchy of statistical data streams may then be generated from the domain-specific, categorized data streams. Additional apparatus, systems, and methods are disclosed.Type: GrantFiled: August 29, 2011Date of Patent: November 26, 2013Assignee: Novell, Inc.Inventors: John Melvin Antony, Paul Apostolescu, Pattabiraman Srinivasan, Prathap Adusumilli
-
Publication number: 20130055385Abstract: Apparatus, systems, and methods may operate to receive multiple security event data streams from a plurality of hardware processing nodes, the multiple security event data streams comprising multiple security events. Additional operations may include extracting multiple security events from multiple security event data streams, and classifying the extracted multiple security events to form domain-specific, categorized data streams. A hierarchy of statistical data streams may then be generated from the domain-specific, categorized data streams. Additional apparatus, systems, and methods are disclosed.Type: ApplicationFiled: August 29, 2011Publication date: February 28, 2013Inventors: John Melvin Antony, Paul Apostolescu, Pattabiraman Srinivasan, Prathap Adusumilli
-
Publication number: 20130055339Abstract: Apparatus, systems, and methods may operate to include transforming subsequent unmarked contexts into additional tainted contexts in response to identifying a tainted event as a link between a prior tainted context and the subsequent unmarked contexts. Further operations may include publishing an event horizon to a display. The event horizon may include the tainted event and all other events associated with a linked chain of contexts that include the prior tainted context and the additional tainted contexts, where the tainted event and the other events share the taint in common. In this way, a taint associated with malicious behavior can be propagated and tracked as it moves between contexts. Additional apparatus, systems, and methods are disclosed.Type: ApplicationFiled: August 29, 2011Publication date: February 28, 2013Inventors: Paul Apostolescu, John Melvin Antony, Pattabiraman Srinivasan
-
Publication number: 20130055145Abstract: Apparatus, systems, and methods may operate to generate a reference statistical model of an operating system, such as a computer system, and display the reference statistical model as a hierarchical, segmented time series event stream graph, along with a graph representing current behavior of the system. The event stream graph may be derived from one or more streams of security events. Additional operations may include receiving requests to display further detail respecting discrepancies between the reference statistical model and the current behavior. Other apparatus, systems, and methods are disclosed.Type: ApplicationFiled: August 29, 2011Publication date: February 28, 2013Inventors: John Melvin Antony, Paul Apostolescu, Pattabiraman Srinivasan, Prathap Adusumilli, Usman Choudhary
-
Patent number: 8185488Abstract: A system for pluggable event correlation may include an input manager that receives a plurality of events and converts the events into a format compatible with one or more of a plurality of correlation engines. The correlation engines may then evaluate the converted events using various rules and generate correlated events when the evaluated events trigger at least one of the rules. An action manager may execute remedial actions when the correlation engines generate the correlated events. Moreover, extensibility may be provided by enabling a user to define rules to be triggered when events occur in a predetermined pattern, and actions to be executed when a predetermined rule triggers a correlated event. Further, to plug a new correlation engine into the system, adapters may be deployed to handle input and output, while the user-defined rules may be validating according to semantic requirements of the new correlation engine.Type: GrantFiled: April 17, 2008Date of Patent: May 22, 2012Assignee: EMC CorporationInventors: Dipto Chakravarty, Usman Choudhary, John Melvin Antony, Michael Howard Cooper, Jason Lee Arrington, Cheryl Witt
-
Publication number: 20110225659Abstract: Methods and apparatus teach defining an access policy to digital data available on one or more computing devices, including identifying one or more semantic attributes of at least one first digital data set and using the identified attributes to define policy dictating user access privileges. On receipt of a user request to access at least one second digital data set, semantic attributes are compared to the at least one first digital data set and access is allowed or not allowed based on the policy. Semantic attributes are selected from at least one of a closeness attribute, a relatedness attribute, and a semantic vector attribute. Also is taught configuring a policy enforcement agent on the one or more computing devices to undertake the comparing and to allow or not allow access. In turn, computer program products and computing systems for accomplishing the foregoing are provided.Type: ApplicationFiled: January 14, 2011Publication date: September 15, 2011Inventors: Scott A. Isaacson, John Melvin Antony, Stephen R. Carter
-
Publication number: 20110173359Abstract: A computer-implemented device provides security events from publishers to subscribers. There is provided a message bus, configured to contain a plurality of security events. Also provided is a receiver unit, responsive to a plurality of publishers, to receive the plurality of security events from the publishers. There is also a queue unit, responsive to receipt of the security events, to queue the plurality of security events in the message bus. Also, there is a transport unit, responsive to the security events in the message bus, to transport the plurality of security events in the message bus to a plurality of subscribers.Type: ApplicationFiled: March 1, 2011Publication date: July 14, 2011Applicant: Novell, Inc.Inventors: Dipto CHAKRAVARTY, Usman Choudhary, Ofer Zajicek, Srinivasa Phanindra Mallapragada, John Paul Gassner, Frank Anthony Pellegrino, John Melvin Antony, Tao Yu, Michael Howard Cooper, William Matthew Weiner, Magdalence Ramona Merritt, Peng Liu, Raghunath Boyalakuntla, Srivani Sangita, Vasile Adiaconitei, Shahid Saied Malik, Karthik Ramu, Prathap Adusumilli, Walter Mathews, Adedoyin Akinnurun, Brett Hankins
-
Patent number: 7926099Abstract: A computer-implemented device provides security events from publishers to subscribers. There is provided a message bus, configured to contain a plurality of security events. Also provided is a receiver unit, responsive to a plurality of publishers, to receive the plurality of security events from the publishers. There is also a queue unit, responsive to receipt of the security events, to queue the plurality of security events in the message bus. Also, there is a transport unit, responsive to the security events in the message bus, to transport the plurality of security events in the message bus to a plurality of subscribers.Type: GrantFiled: December 27, 2005Date of Patent: April 12, 2011Assignee: Novell, Inc.Inventors: Dipto Chakravarty, Usman Choudhary, Ofer Zajicek, Srinivasa Phanindra Mallapragada, John Paul Gassner, Frank Anthony Pellegrino, John Melvin Antony, Tao Yu, Michael Howard Cooper, William Matthew Weiner, Magdalene Ramona Merritt, Peng Liu, Raghunath Boyalakuntla, Srivani Sangita, Vasile Adiaconitei, Shahid Saied Malik, Karthik Ramu, Prathap Adusumilli, Walter Mathews, Adedoyin Akinnurun, Brett Hankins
-
Publication number: 20100198636Abstract: Described herein is a system and method for auditing governance, risk, and compliance using an event correlation architecture. In particular, the event correlation architecture may include a solution designer for defining a solution pack that enforces one or more specific governance, risk, or compliance controls, and a solution manager for deploying the solution pack within the event correlation architecture to configure the architecture for enforcement of the one or more controls. Thus, a collection of content defined in the solution pack may be used to enrich one or more events received at the event correlation architecture, and a correlation engine may then correlate the events using the content in the solution pack to enforce the one or more governance, risk, or compliance controls.Type: ApplicationFiled: April 15, 2009Publication date: August 5, 2010Applicant: Novell, Inc.Inventors: Usman Choudhary, John Melvin Antony, Michael Howard Cooper, Pattabiraman Srinivasan
-
Publication number: 20090265288Abstract: A system for pluggable event correlation may include an input manager that receives a plurality of events and converts the events into a format compatible with one or more of a plurality of correlation engines. The correlation engines may then evaluate the converted events using various rules and generate correlated events when the evaluated events trigger at least one of the rules. An action manager may execute remedial actions when the correlation engines generate the correlated events. Moreover, extensibility may be provided by enabling a user to define rules to be triggered when events occur in a predetermined pattern, and actions to be executed when a predetermined rule triggers a correlated event. Further, to plug a new correlation engine into the system, adapters may be deployed to handle input and output, while the user-defined rules may be validating according to semantic requirements of the new correlation engine.Type: ApplicationFiled: April 17, 2008Publication date: October 22, 2009Applicant: Novell, Inc.Inventors: Dipto Chakravarty, Usman Choudhary, John Melvin Antony, Michael Howard Cooper, Jason Lee Arrington, Cheryl Witt
-
Publication number: 20080040191Abstract: The invention relates to a system and method for customizing and storing workflow processes for use in remediation incidents such as security events. One aspect of the invention relates to providing tools to enable creation of customized workflow processes for event driven incident remediation, monitoring and analyzing system activity to identify occurrence of incidents, assigning a workflow process to an incident, applying the assigned workflow process to remediate the incident, and tracking and graphically displaying the status of the workflow process, among other things.Type: ApplicationFiled: December 22, 2006Publication date: February 14, 2008Applicant: Novell, Inc.Inventors: Dipto Chakravarty, John Melvin Antony, Usman Choudhary, David Capuano, Srinivasa Phanindra Mallapragada