Patents by Inventor Kaushal K. Kapadia
Kaushal K. Kapadia has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11171982Abstract: Optimizing ingestion of security structured data into a graph database for security analytics is provided. A plurality of streams of information is received from a plurality of security information sources. Respective subsets of information are ingested from each of the plurality of security information sources to generate small subgraphs of security information. Each of the small subgraphs comply to a schema used by a master knowledge graph. A batch process is performed to ingest a plurality of small subgraphs into the master knowledge graph.Type: GrantFiled: June 22, 2018Date of Patent: November 9, 2021Assignee: International Business Machines CorporationInventors: Sulakshan Vajipayajula, Stephen C. Will, Dhilung Hang Kirat, Kaushal K. Kapadia, Anne Tilstra
-
Patent number: 11082414Abstract: Mechanisms are provided for facilitating recertification of a user access entitlement. These mechanisms collect, from a system resource of the data processing system, access information representative of accesses of the system resource by a user access entitlement. These mechanisms determine that recertification of the user access entitlement, with regard to the system resource, is to be performed and a pattern of access is determined based on the access information for the user access entitlement. A recertification request graphical user interface is output to a user based on the pattern of access. The graphical user interface includes the pattern of access and one or more graphical user interface elements for receiving a user input specifying acceptance or denial of the recertification of the user access entitlement.Type: GrantFiled: March 24, 2017Date of Patent: August 3, 2021Assignee: International Business Machines CorporationInventors: Manjeri R. Dharmarajan, Kaushal K. Kapadia, Vigneshwarnath Miriyala, Nataraj Nagaratnam, Darshini G. Swamy, Suyesh R. Tiwari
-
Patent number: 11050773Abstract: Prioritizing security incidents for analysis is provided. A set of security information and event management data corresponding to each of a set of security incidents is retrieved. A source weight of a security incident and a magnitude of the security incident are used to determine a priority of the security incident within the set of security incidents. A local analysis of the security incident is performed based on the retrieved set of security information and event management data corresponding to the security incident and the determined priority of the security incident.Type: GrantFiled: January 3, 2019Date of Patent: June 29, 2021Assignee: International Business Machines CorporationInventors: Stephen C. Will, Kevin Tabb, Ilgen B. Yuceer, Sulakshan Vajipayajula, Kaushal K. Kapadia
-
Patent number: 10834100Abstract: A method, apparatus and computer program product for managing a plurality of VPN tunnels between a first cloud and a second cloud in a hybrid cloud environment is described. In a first virtual private network (VPN) manager a request is received from a first cloud application resident in the first cloud. The request includes a first set of requirements for a first VPN tunnel in the plurality of VPN tunnels. The VPN manager sends a first VPN manager request to a first system in a first cloud, wherein the first system creates the first VPN tunnel according to the first set of requirements. The VPN manager receives a request from a second cloud application resident in the first cloud. The request includes a second set of requirements for a VPN tunnel in the plurality of VPN tunnels. The VPN manager sends a second VPN manager request to the system in a first cloud, wherein the second VPN manager request contains the second set of requirements.Type: GrantFiled: October 28, 2019Date of Patent: November 10, 2020Assignee: International Business Machines CorporationInventors: Jeffrey R Hoy, Sreekanth R Iyer, Kaushal K Kapadia, Ravi K Muthukrishnan, Nataraj Nagaratnam
-
Patent number: 10713031Abstract: In response to an attempt to install an instance of a container in a production environment, a set of security criteria associated with the container and features of the production environment are compared. Based on the comparison, a determination is made as to whether the features of the production environment satisfy the set of security criteria.Type: GrantFiled: December 6, 2018Date of Patent: July 14, 2020Assignee: International Business Machines CorporationInventors: Sreekanth R. Iyer, Kaushal K. Kapadia, Ravi K. Muthukrishnan, Nataraj Nagaratnam, Sulakshan Vajipayajula
-
Publication number: 20200220885Abstract: Prioritizing security incidents for analysis is provided. A set of security information and event management data corresponding to each of a set of security incidents is retrieved. A source weight of a security incident and a magnitude of the security incident are used to determine a priority of the security incident within the set of security incidents. A local analysis of the security incident is performed based on the retrieved set of security information and event management data corresponding to the security incident and the determined priority of the security incident.Type: ApplicationFiled: January 3, 2019Publication date: July 9, 2020Inventors: Stephen C. Will, Kevin Tabb, Ilgen B. Yuceer, Sulakshan Vajipayajula, Kaushal K. Kapadia
-
Publication number: 20200067877Abstract: A method, apparatus and computer program product for managing a plurality of VPN tunnels between a first cloud and a second cloud in a hybrid cloud environment is described. In a first virtual private network (VPN) manager a request is received from a first cloud application resident in the first cloud. The request includes a first set of requirements for a first VPN tunnel in the plurality of VPN tunnels. The VPN manager sends a first VPN manager request to a first system in a first cloud, wherein the first system creates the first VPN tunnel according to the first set of requirements. The VPN manager receives a request from a second cloud application resident in the first cloud. The request includes a second set of requirements for a VPN tunnel in the plurality of VPN tunnels. The VPN manager sends a second VPN manager request to the system in a first cloud, wherein the second VPN manager request contains the second set of requirements.Type: ApplicationFiled: October 28, 2019Publication date: February 27, 2020Inventors: Jeffrey R. Hoy, Sreekanth R. Iyer, Kaushal K. Kapadia, Ravi K. Muthukrishnan, Nataraj Nagaratnam
-
Publication number: 20190394225Abstract: Optimizing ingestion of security structured data into a graph database for security analytics is provided. A plurality of streams of information is received from a plurality of security information sources. Respective subsets of information are ingested from each of the plurality of security information sources to generate small subgraphs of security information. Each of the small subgraphs comply to a schema used by a master knowledge graph. A batch process is performed to ingest a plurality of small subgraphs into the master knowledge graph.Type: ApplicationFiled: June 22, 2018Publication date: December 26, 2019Inventors: Sulakshan Vajipayajula, Stephen C. Will, Dhilung Hang Kirat, Kaushal K. Kapadia, Anne Tilstra
-
Patent number: 10505904Abstract: A method, apparatus and computer program product manage a plurality of VPN tunnels between a first cloud and a second cloud in a hybrid cloud environment is described. A first virtual private network (VPN) agent manages a first VPN tunnel in a plurality of VPN tunnels. The first VPN tunnel provides communication for traffic between a first node in a first cloud and a second node in a second cloud in a hybrid cloud environment. The agent receives a request from a VPN manager which includes a first set of requirements for a first cloud application for the first VPN tunnel in the plurality of VPN tunnels. The agent creates the first VPN tunnel according to the first set of requirements. Next, the agent receives a modification request from the VPN manager containing a second set of requirements for a second cloud application.Type: GrantFiled: October 14, 2018Date of Patent: December 10, 2019Assignee: International Business Machines CorporationInventors: Jeffrey R Hoy, Sreekanth R Iyer, Kaushal K Kapadia, Ravi K Muthukrishnan, Nataraj Nagaratnam
-
Patent number: 10367837Abstract: Embodiments of the present invention provide systems and methods for performing a security analysis on a set of observables by inferring malicious relationships. The method includes receiving a set of observables and structured and unstructured threat data. The method further includes analyzing the observables and the structured and unstructured threat data using cognitive computing, and creating and transferring a subgraph.Type: GrantFiled: January 25, 2017Date of Patent: July 30, 2019Assignee: International Business Machines CorporationInventors: Kaushal K. Kapadia, Dhilung H. Kirat, Youngja Park, Marc P. Stoecklin, Sulakshan Vajipayajula
-
Publication number: 20190114161Abstract: In response to an attempt to install an instance of a container in a production environment, a set of security criteria associated with the container and features of the production environment are compared. Based on the comparison, a determination is made as to whether the features of the production environment satisfy the set of security criteria.Type: ApplicationFiled: December 6, 2018Publication date: April 18, 2019Inventors: Sreekanth R. Iyer, Kaushal K. Kapadia, Ravi K. Muthukrishnan, Nataraj Nagaratnam, Sulakshan Vajipayajula
-
Patent number: 10255054Abstract: In response to an attempt to install an instance of a container in a production environment, a set of security criteria associated with the container and features of the production environment are compared. Based on the comparison, a determination is made as to whether the features of the production environment satisfy the set of security criteria.Type: GrantFiled: April 13, 2016Date of Patent: April 9, 2019Assignee: International Business Machines CorporationInventors: Sreekanth R. Iyer, Kaushal K. Kapadia, Ravi K. Muthukrishnan, Nataraj Nagaratnam, Sulakshan Vajipayajula
-
Publication number: 20190052601Abstract: A method, apparatus and computer program product manage a plurality of VPN tunnels between a first cloud and a second cloud in a hybrid cloud environment is described. A first virtual private network (VPN) agent manages a first VPN tunnel in a plurality of VPN tunnels. The first VPN tunnel provides communication for traffic between a first node in a first cloud and a second node in a second cloud in a hybrid cloud environment. The agent receives a request from a VPN manager which includes a first set of requirements for a first cloud application for the first VPN tunnel in the plurality of VPN tunnels. The agent creates the first VPN tunnel according to the first set of requirements. Next, the agent receives a modification request from the VPN manager containing a second set of requirements for a second cloud application.Type: ApplicationFiled: October 14, 2018Publication date: February 14, 2019Inventors: Jeffrey R Hoy, Sreekanth R Iyer, Kaushal K Kapadia, Ravi K Muthukrishnan, Nataraj Nagaratnam
-
Patent number: 10084804Abstract: Embodiments of the present invention provide systems and methods for performing a security analysis on a set of observables by inferring malicious relationships. The method includes receiving a set of observables and structured and unstructured threat data. The method further includes analyzing the observables and the structured and unstructured threat data using cognitive computing, and creating and transferring a subgraph.Type: GrantFiled: February 6, 2018Date of Patent: September 25, 2018Assignee: International Business Machines CorporationInventors: Kaushal K. Kapadia, Dhilung H. Kirat, Youngja Park, Marc P. Stoecklin, Sulakshan Vajipayajula
-
Publication number: 20180212984Abstract: Embodiments of the present invention provide systems and methods for performing a security analysis on a set of observables by inferring malicious relationships. The method includes receiving a set of observables and structured and unstructured threat data. The method further includes analyzing the observables and the structured and unstructured threat data using cognitive computing, and creating and transferring a subgraph.Type: ApplicationFiled: January 25, 2017Publication date: July 26, 2018Inventors: Kaushal K. Kapadia, Dhilung H. Kirat, Youngja Park, Marc P. Stoecklin, Sulakshan Vajipayajula
-
Publication number: 20180212990Abstract: Embodiments of the present invention provide systems and methods for performing a security analysis on a set of observables by inferring malicious relationships. The method includes receiving a set of observables and structured and unstructured threat data. The method further includes analyzing the observables and the structured and unstructured threat data using cognitive computing, and creating and transferring a subgraph.Type: ApplicationFiled: February 6, 2018Publication date: July 26, 2018Inventors: Kaushal K. Kapadia, Dhilung H. Kirat, Youngja Park, Marc P. Stoecklin, Sulakshan Vajipayajula
-
Publication number: 20170300697Abstract: In response to an attempt to install an instance of a container in a production environment, a set of security criteria associated with the container and features of the production environment are compared. Based on the comparison, a determination is made as to whether the features of the production environment satisfy the set of security criteria.Type: ApplicationFiled: April 13, 2016Publication date: October 19, 2017Inventors: Sreekanth R. Iyer, Kaushal K. Kapadia, Ravi K. Muthukrishnan, Nataraj Nagaratnam, Sulakshan Vajipayajula
-
Publication number: 20170201505Abstract: Mechanisms are provided for facilitating recertification of a user access entitlement. These mechanisms collect, from a system resource of the data processing system, access information representative of accesses of the system resource by a user access entitlement. These mechanisms determine that recertification of the user access entitlement, with regard to the system resource, is to be performed and a pattern of access is determined based on the access information for the user access entitlement. A recertification request graphical user interface is output to a user based on the pattern of access. The graphical user interface includes the pattern of access and one or more graphical user interface elements for receiving a user input specifying acceptance or denial of the recertification of the user access entitlement.Type: ApplicationFiled: March 24, 2017Publication date: July 13, 2017Inventors: Manjeri R. Dharmarajan, Kaushal K. Kapadia, Vigneshwarnath Miriyala, Nataraj Nagaratnam, Darshini G. Swamy, Suyesh R. Tiwari
-
Publication number: 20170104740Abstract: In an approach to user authorization by mobile-optimized CAPTCHA, a computing device detects information suggesting a risk level. The computing device displays one or more prompts based on the risk level. The computing device receives a user response in the form of touchless, gesture-based input. The computing device makes a CAPTCHA determination based on the user response.Type: ApplicationFiled: October 7, 2015Publication date: April 13, 2017Inventors: Jeffrey R. Hoy, Sreekanth R. Iyer, Kaushal K. Kapadia, Ravi Krishnan Muthukrishnan, Nataraj Nagaratnam
-
Patent number: 9607142Abstract: Mechanisms are provided for facilitating recertification of a user access entitlement. These mechanisms collect, from a system resource of the data processing system, access information representative of accesses of the system resource by a user access entitlement. These mechanisms determine that recertification of the user access entitlement, with regard to the system resource, is to be performed and a pattern of access is determined based on the access information for the user access entitlement. A recertification request graphical user interface is output to a user based on the pattern of access. The graphical user interface includes the pattern of access and one or more graphical user interface elements for receiving a user input specifying acceptance or denial of the recertification of the user access entitlement.Type: GrantFiled: September 9, 2011Date of Patent: March 28, 2017Assignee: International Business Machines CorporationInventors: Manjeri R. Dharmarajan, Kaushal K. Kapadia, Vigneshwarnath Miriyala, Nataraj Nagaratnam, Darshini G. Swamy, Suyesh R. Tiwari