Patents by Inventor Magesh Rajamani
Magesh Rajamani has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240086728Abstract: An embodiment for managing machine learning models to generate and utilize perforations within machine learning models to improve their ability to consider and learn from exception decisions. The embodiment may detect an exception decision in a base model. The embodiment may automatically determine data considered in making the exception decision and identify and store in a database known features from the gathered data. The embodiment may automatically identify and store in the database remaining additional features considered, and generate and store perforations corresponding to the remaining additional features considered. The embodiment may, in response to detecting subsequent decisions involving shared additional features contained in the generated perforations, automatically validate feature boundaries within the generated perforations from a set of data sources.Type: ApplicationFiled: September 9, 2022Publication date: March 14, 2024Inventors: Magesh Rajamani, Gandhi Sivakuma, RAMANAKUMAR NATARAJAN
-
Patent number: 9916461Abstract: Identity context-based access control is implemented by generating an identity context expression from user identity data. In particular, users are clustered based on combinations of one or more attributes. These clusters comprise one or more identity context(s). Preferably, an intersection of attribute sets of each user in the cluster is formed. In addition, an intersection of attribute sets of each user not in the cluster also is formed. If the attribute set that is common across the cluster of users is not a subset of the attribute set that is common across the rest of the users, then the attribute set forms a unique identity context expression. To reduce the number of roles used in role-based access control (RBAC), at least one role is replaced with an identity context expression. Run-time access control is then enabled.Type: GrantFiled: September 10, 2012Date of Patent: March 13, 2018Assignee: International Business Machines CorporationInventors: Kaushal Kiran Kapadia, Rahul Prabhakar Kulkarni, Nataraj Nagaratnam, Anindya Neogi, Magesh Rajamani
-
Patent number: 9282151Abstract: A computer implemented method, apparatus, and computer program product for managing requests. Responsive to receiving a request from a client, a determination is made as to whether a connection within a pool of connections has a set of outstanding requests for the client to handle a previous request from the same client. Responsive to a determination that the connection has any outstanding request, a determination is made as to whether a set of requests queued for the connection is equal to or exceeds a threshold. Responsive to a determination that the set of outstanding requests is equal to or exceeds the threshold, subsequent requests from the client are unprocessed until the set of outstanding requests becomes less than the threshold.Type: GrantFiled: September 11, 2008Date of Patent: March 8, 2016Assignee: International Business Machines CorporationInventors: Yogesh Vilas Golwalkar, Kristin Marie Hazlewood, John Ryan McGarvey, Magesh Rajamani
-
Patent number: 8918425Abstract: Mechanisms are provided for performing a role engineering project for applying security roles to access operations targeting resources. A plurality of data objects representing one or more user identities, permissions, and resources of an organization computing system are received. One or more filter criteria for filtering the plurality of data objects to generate a subset of data objects for consideration during the role engineering project are received. The one or more filter criteria specify a scope of the role engineering project. The one or more filter criteria are applied to generate the subset of data objects. Role engineering project operations are performed on the subset of data objects to generate one or more security roles. The one or more security roles are deployed to the organization computing system to control access operations targeting resources of the organization computing system.Type: GrantFiled: October 21, 2011Date of Patent: December 23, 2014Assignee: International Business Machines CorporationInventors: Luis B. Casco-Arias Sanchez, Todd D. Jordan, David G. Kuehr-McLaren, Oriana J. Love, David W. Palmieri, Chrystian L. Plachco, Magesh Rajamani, Jeffrey T. Robke
-
Patent number: 8918426Abstract: Mechanisms are provided for performing a role engineering project for applying security roles to access operations targeting resources. A plurality of data objects representing one or more user identities, permissions, and resources of an organization computing system are received. One or more filter criteria for filtering the plurality of data objects to generate a subset of data objects for consideration during the role engineering project are received. The one or more filter criteria specify a scope of the role engineering project. The one or more filter criteria are applied to generate the subset of data objects. Role engineering project operations are performed on the subset of data objects to generate one or more security roles. The one or more security roles are deployed to the organization computing system to control access operations targeting resources of the organization computing system.Type: GrantFiled: March 14, 2013Date of Patent: December 23, 2014Assignee: International Business Machines CorporationInventors: Luis B. Casco-Arias Sanchez, Todd D. Jordan, David G. Kuehr-McLaren, Oriana J. Love, David W. Palmieri, Chrystian L. Plachco, Magesh Rajamani, Jeffrey T. Robke
-
Publication number: 20140075492Abstract: Identity context-based access control is implemented by generating an identity context expression from user identity data. In particular, users are clustered based on combinations of one or more attributes. These clusters comprise one or more identity context(s). Preferably, an intersection of attribute sets of each user in the cluster is formed. In addition, an intersection of attribute sets of each user not in the cluster also is formed. If the attribute set that is common across the cluster of users is not a subset of the attribute set that is common across the rest of the users, then the attribute set forms a unique identity context expression. To reduce the number of roles used in role-based access control (RBAC), at least one role is replaced with an identity context expression. Run-time access control is then enabled.Type: ApplicationFiled: September 10, 2012Publication date: March 13, 2014Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Kaushal Kiran Kapadia, Rahul Prabhakar Kulkarni, Nataraj Nagaratnam, Anindya Neogi, Magesh Rajamani
-
Patent number: 8620926Abstract: In association with a data processing system that includes one or more servers, one or more clients and a partitionable distributed directory contained in a database, a computer implemented method is provided for selectively processing data entries that reside in the directory. The method comprises the steps of generating a request to perform an operation on each data entry in a specified group of intended entries, and specifying a hashing control index that uniquely identifies each entry of the specified group, and excludes all other entries. The requested operation is applied only to data entries in the directory that are identified by the specified hashing control index.Type: GrantFiled: January 14, 2008Date of Patent: December 31, 2013Assignee: International Business Machines CorporationInventors: Yogesh Vilas Golwalkar, Kristin Marie Hazlewood, Magesh Rajamani, Gary Dale Williams
-
Publication number: 20130104046Abstract: Mechanisms are provided for performing a role engineering project for applying security roles to access operations targeting resources. A plurality of data objects representing one or more user identities, permissions, and resources of an organization computing system are received. One or more filter criteria for filtering the plurality of data objects to generate a subset of data objects for consideration during the role engineering project are received. The one or more filter criteria specify a scope of the role engineering project. The one or more filter criteria are applied to generate the subset of data objects. Role engineering project operations are performed on the subset of data objects to generate one or more security roles. The one or more security roles are deployed to the organization computing system to control access operations targeting resources of the organization computing system.Type: ApplicationFiled: October 21, 2011Publication date: April 25, 2013Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Luis B. Casco-Arias Sanchez, Todd D. Jordan, David G. Kuehr-McLaren, Oriana J. Love, David W. Palmieri, Chrystian L. Plachco, Magesh Rajamani, Jeffrey T. Robke
-
Patent number: 8423560Abstract: A filter range based search control to request a range of data from one or more directory servers. A directory server receives a search request from a client application comprising a search filter control defining a set of requested data, a sort control defining a sorting order of the set of requested data, and a range filter control defining a range of entries in the requested data. Data entries matching a search value defined in the search filter control and sorted according to sort attributes defined in the sort control are obtained from a set of directories associated with the directory server to form a sorted list of matching entries. A subset of data entries in the sorted list that match a range value defined in the range filter control are collected, and a response comprising the collected subset of data entries is then sent to the client application.Type: GrantFiled: March 7, 2012Date of Patent: April 16, 2013Assignee: International Business Machines CorporationInventors: Yogesh Vilas Golwalkar, Kristin Marie Hazlewood, Magesh Rajamani
-
Patent number: 8326846Abstract: A computer implemented method, data processing system, and computer program product for performing a virtual list view search in a distributed directory environment using a proxy server. The mechanism described in the illustrative embodiments enables a proxy server to provide virtual list view search support in a distributed directory environment when data is partitioned across multiple directory servers.Type: GrantFiled: January 11, 2011Date of Patent: December 4, 2012Assignee: International Business Machines CorporationInventors: Yogesh V. Golwalkar, Kristin M. Hazlewood, Rajalakshmi S. Iyer, Magesh Rajamani
-
Patent number: 8219565Abstract: A filter range based search control to request a range of data from one or more directory servers. A directory server receives a search request from a client application comprising a search filter control defining a set of requested data, a sort control defining a sorting order of the set of requested data, and a range filter control defining a range of entries in the requested data. Data entries matching a search value defined in the search filter control and sorted according to sort attributes defined in the sort control are obtained from a set of directories associated with the directory server to form a sorted list of matching entries. A subset of data entries in the sorted list that match a range value defined in the range filter control are collected, and a response comprising the collected subset of data entries is then sent to the client application.Type: GrantFiled: June 15, 2009Date of Patent: July 10, 2012Assignee: International Business Machines CorporationInventors: Yogesh Vilas Golwalkar, Kristin Marie Hazlewood, Magesh Rajamani
-
Publication number: 20120166455Abstract: A filter range based search control to request a range of data from one or more directory servers. A directory server receives a search request from a client application comprising a search filter control defining a set of requested data, a sort control defining a sorting order of the set of requested data, and a range filter control defining a range of entries in the requested data. Data entries matching a search value defined in the search filter control and sorted according to sort attributes defined in the sort control are obtained from a set of directories associated with the directory server to form a sorted list of matching entries. A subset of data entries in the sorted list that match a range value defined in the range filter control are collected, and a response comprising the collected subset of data entries is then sent to the client application.Type: ApplicationFiled: March 7, 2012Publication date: June 28, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Yogesh Vilas Golwalkar, Kristin Marie Hazlewood, Magesh Rajamani
-
Patent number: 8055665Abstract: A mechanism for performing a sorted search in a distributed directory environment using a proxy server. A sorted search request for a set of top entries is sent to each backend server. The proxy server identifies a target server which returned a top entry in the set and sends another sorted search request to the target server for all entries having a sort order higher than or equal to the top entry and a sort order lower than or equal to the next top entry of the set, and returns the entries to a requesting client. The proxy server sends another sorted search request to the target server for a new top entry having a sort order greater than the next top entry and adds the new top entry to the set. The proxy server returns to the evaluating step until no top entries remain in the set.Type: GrantFiled: March 13, 2008Date of Patent: November 8, 2011Assignee: International Business Machines CorporationInventors: Yogesh Vilas Golwalkar, Kristin Marie Hazlewood, Magesh Rajamani
-
Patent number: 7962583Abstract: Dynamically adding n partitions to a distributed directory setup having x existing servers by modifying the configuration file to include the n new servers and implementing a replication setup mechanism with agreements to x+n?1 servers. The migration to dynamically add partitions is carried out while continuing to serve clients.Type: GrantFiled: December 13, 2007Date of Patent: June 14, 2011Assignee: International Business Machines CorporationInventors: Yogesh V. Golwalkar, Kristin M. Hazlewood, Magesh Rajamani, Gary Dale Williams
-
Publication number: 20110106822Abstract: A computer implemented method, data processing system, and computer program product for performing a virtual list view search in a distributed directory environment using a proxy server. The mechanism described in the illustrative embodiments enables a proxy server to provide virtual list view search support in a distributed directory environment when data is partitioned across multiple directory servers.Type: ApplicationFiled: January 11, 2011Publication date: May 5, 2011Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Yogesh Vilas Golwalkar, Kristin Marie Hazlewood, Rajalakshmi S. Iyer, Magesh Rajamani
-
Patent number: 7904464Abstract: A computer implemented method, data processing system, and computer program product for performing a virtual list view search in a distributed directory environment using a proxy server. The mechanism described in the illustrative embodiments enables a proxy server to provide virtual list view search support in a distributed directory environment when data is partitioned across multiple directory servers.Type: GrantFiled: August 27, 2008Date of Patent: March 8, 2011Assignee: International Business Machines CorporationInventors: Yogesh Vilas Golwalkar, Kristin Marie Hazlewood, Rajalakshmi S. Iyer, Magesh Rajamani
-
Patent number: 7890632Abstract: A method, system, and computer usable program product for load balancing using replication delay are provided in the illustrative embodiments. In response to a request to update, a system updates data associated with a write server, forming updated data of a data partition. The system receives a read request for the data partition. The system calculates a time difference between an arrival time of the request to update and an arrival time of the read request. The system receives a set of average replication delays for a set of replica servers serving the data partition. The system directs the read request to a replica server in the set of replica servers whose average replication delay is less than or equal to the time difference.Type: GrantFiled: August 11, 2008Date of Patent: February 15, 2011Assignee: International Business Machines CorporationInventors: Kristin Marie Hazlewood, Yogesh Vilas Golwalkar, Magesh Rajamani
-
Publication number: 20100318541Abstract: A filter range based search control to request a range of data from one or more directory servers. A directory server receives a search request from a client application comprising a search filter control defining a set of requested data, a sort control defining a sorting order of the set of requested data, and a range filter control defining a range of entries in the requested data. Data entries matching a search value defined in the search filter control and sorted according to sort attributes defined in the sort control are obtained from a set of directories associated with the directory server to form a sorted list of matching entries. A subset of data entries in the sorted list that match a range value defined in the range filter control are collected, and a response comprising the collected subset of data entries is then sent to the client application.Type: ApplicationFiled: June 15, 2009Publication date: December 16, 2010Applicant: International Business Machines CorporationInventors: Yogesh Vilas Golwalkar, Kristin Marie Hazlewood, Magesh Rajamani
-
Publication number: 20100061233Abstract: A computer implemented method, apparatus, and computer program product for managing requests. Responsive to receiving a request from a client, a determination is made as to whether a connection within a pool of connections has a set of outstanding requests for the client to handle a previous request from the same client. Responsive to a determination that the connection has any outstanding request, a determination is made as to whether a set of requests queued for the connection is equal to or exceeds a threshold. Responsive to a determination that the set of outstanding requests is equal to or exceeds the threshold, subsequent requests from the client are unprocessed until the set of outstanding requests becomes less than the threshold.Type: ApplicationFiled: September 11, 2008Publication date: March 11, 2010Applicant: International Business Machines CorporationInventors: Yogesh Vilas Golwalkar, Kristin Marie Hazlewood, John Ryan McGarvey, Magesh Rajamani
-
Publication number: 20100057697Abstract: A computer implemented method, data processing system, and computer program product for performing a virtual list view search in a distributed directory environment using a proxy server.Type: ApplicationFiled: August 27, 2008Publication date: March 4, 2010Applicant: International Business Machines CorporationInventors: Yogesh Vilas Golwalkar, Kristin Marie Hazlewood, Rajalakshmi S. Iyer, Magesh Rajamani