Patents by Inventor Radhika Chirra
Radhika Chirra has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10432725Abstract: A method, programmed medium and system are provided for preventing the denial of file system access to a plurality of clients accessing a NFS server. In one example, an NFS server is configured to listen on a server port. The server runs a separate daemon which “watches” client requests as they are received at the NFS server. The server processing system tracks the number of times a client sends consecutive TCP zero-window packets in response to a data packet from the server. If the number of zero-window packets crosses a user-defined threshold, then a routine is called to stop responding to that client using a backoff algorithm. When the server reaches a point where the number of available threads or any other relevant resource dips below a user-defined threshold, the server process starts terminating connections to the clients starting from the ones with the oldest entry in the table.Type: GrantFiled: November 14, 2017Date of Patent: October 1, 2019Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Adekunle Bello, Radhika Chirra, Nikhil Hegde, Aruna Yedavilli
-
Publication number: 20180069927Abstract: A method, programmed medium and system are provided for preventing the denial of file system access to a plurality of clients accessing a NFS server. In one example, an NFS server is configured to listen on a server port. The server runs a separate daemon which “watches” client requests as they are received at the NFS server. The server processing system tracks the number of times a client sends consecutive TCP zero-window packets in response to a data packet from the server. If the number of zero-window packets crosses a user-defined threshold, then a routine is called to stop responding to that client using a backoff algorithm. When the server reaches a point where the number of available threads or any other relevant resource dips below a user-defined threshold, the server process starts terminating connections to the clients starting from the ones with the oldest entry in the table.Type: ApplicationFiled: November 14, 2017Publication date: March 8, 2018Inventors: Adekunle Bello, Radhika Chirra, Nikhil Hegde, Aruna Yedavilli
-
Patent number: 9866636Abstract: A method, programmed medium and system are provided for preventing the denial of file system access to a plurality of clients accessing a NFS server. In one example, an NFS server is configured to listen on a server port. The server runs a separate daemon which “watches” client requests as they are received at the NFS server. The server processing system tracks the number of times a client sends consecutive TCP zero-window packets in response to a data packet from the server. If the number of zero-window packets crosses a user-defined threshold, then a routine is called to stop responding to that client using a backoff algorithm. When the server reaches a point where the number of available threads or any other relevant resource dips below a user-defined threshold, the server process starts terminating connections to the clients starting from the ones with the oldest entry in the table.Type: GrantFiled: October 21, 2016Date of Patent: January 9, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Adekunle Bello, Radhika Chirra, Nikhil Hegde, Aruna Yedavilli
-
Patent number: 9836340Abstract: A method, system, and computer program product for safe management of data storage using a VM are provided in the illustrative embodiments. An I/O request is received from the VM. A determination is made whether the I/O request requests a data manipulation on the data storage in an address range that overlaps with an address range of a VM signature stored on the data storage. In response to determining that the address range of the data manipulation overlaps with the address range of the VM signature, a determination is made whether an identifier of the VM matches an identifier of a second VM associated with the signature. In response to determining that the identifier of the VM does not match the identifier of the second VM, the I/O request is failed, thereby preventing an unsafe overwriting of the signature on the data storage.Type: GrantFiled: October 3, 2011Date of Patent: December 5, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Adenkunle Bello, Radhika Chirra, Anil Kumar Kaniveedu Damodaran, Rakesh Thoutem
-
Publication number: 20170054804Abstract: A method, programmed medium and system are provided for preventing the denial of file system access to a plurality of clients accessing a NFS server. In one example, an NFS server is configured to listen on a server port. The server runs a separate daemon which “watches” client requests as they are received at the NFS server. The server processing system tracks the number of times a client sends consecutive TCP zero-window packets in response to a data packet from the server. If the number of zero-window packets crosses a user-defined threshold, then a routine is called to stop responding to that client using a backoff algorithm. When the server reaches a point where the number of available threads or any other relevant resource dips below a user-defined threshold, the server process starts terminating connections to the clients starting from the ones with the oldest entry in the table.Type: ApplicationFiled: October 21, 2016Publication date: February 23, 2017Inventors: Adekunle Bello, Radhika Chirra, Nikhil Hegde, Aruna Yedavilli
-
Patent number: 9516142Abstract: A method, programmed medium and system are provided for preventing the denial of file system access to a plurality of clients accessing a NFS server. In one example, an NFS server is configured to listen on a server port. The server runs a separate daemon which “watches” client requests as they are received at the NFS server. The server processing system tracks the number of times a client sends consecutive TCP zero-window packets in response to a data packet from the server. If the number of zero-window packets crosses a user-defined threshold, then a routine is called to stop responding to that client using a backoff algorithm. When the server reaches a point where the number of available threads or any other relevant resource dips below a user-defined threshold, the server process starts terminating connections to the clients starting from the ones with the oldest entry in the table.Type: GrantFiled: April 28, 2012Date of Patent: December 6, 2016Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Adekunle Bello, Radhika Chirra, Nikhil Hegde, Aruna Yedavilli
-
Patent number: 8931075Abstract: A computer implemented method and computer program product for obtaining a secure route. A trusted host sets a node security association for a trusted host. The trusted host receives, at the trusted host, a client communication request directed to a destination host. The trusted host builds a secure route query comprising a trusted host address, a destination host address, and at least one security level, to form at least one secure route. The trusted host sends packets from the trusted host to the destination host based on the at least one secure route. The packets are responsive to the client communication request, and the packets each have a security label that matches the security level.Type: GrantFiled: April 18, 2013Date of Patent: January 6, 2015Assignee: International Business Machines CorporationInventors: Adekunle Bello, Radhika Chirra, Venkat Venkatsubra, Aruna Yedavilli
-
Patent number: 8931076Abstract: A computer implemented method for obtaining a secure route. A trusted host sets a node security association for a trusted host. The trusted host receives, at the trusted host, a client communication request directed to a destination host. The trusted host builds a secure route query comprising a trusted host address, a destination host address, and at least one security level, to form at least one secure route. The trusted host sends packets from the trusted host to the destination host based on the at least one secure route. The packets are responsive to the client communication request, and the packets each have a security label that matches the security level.Type: GrantFiled: April 18, 2013Date of Patent: January 6, 2015Assignee: International Business Machines CorporationInventors: Adekunle Bello, Radhika Chirra, Venkat Venkatsubra, Aruna Yedavilli
-
Patent number: 8914456Abstract: A computer implemented method, system and apparatus for rebooting a host having a plurality of network interfaces. A server reboots the host by stopping an NFS server process on the host. The server sends at least one consolidated notification to a plurality of clients identified in a consolidated notification table, wherein the consolidated notification comprises at least two addresses of network interfaces of the host. The server determines that an acknowledgement is received from each of the plurality of clients. The server halts resending of consolidated notifications, responsive to determining that an acknowledgement is received from the each of the plurality of clients.Type: GrantFiled: December 7, 2011Date of Patent: December 16, 2014Assignee: International Business Machines CorporationInventors: Adekunle Bello, Radhika Chirra, Aruna Yedavilli
-
Patent number: 8555369Abstract: A kernel extension is configured to intercept a call to associate a socket with a port of a node in a network. The call originates from a kernel of the node. The kernel extension is configured to determine the port from the call. The kernel extension is configured to determine that the port is one of a plurality of ports for which the node has authority to modify firewall rules of a firewall of the network. The kernel extension is configured to modify firewall rules maintained by the firewall to allow communications for the port to the node through the firewall.Type: GrantFiled: October 10, 2011Date of Patent: October 8, 2013Assignee: International Business Machines CorporationInventors: Radhika Chirra, Nikhil Hegde, Richard J. Knight, Rashmi Narasimhan
-
Publication number: 20130232548Abstract: A computer implemented method and computer program product for obtaining a secure route. A trusted host sets a node security association for a trusted host. The trusted host receives, at the trusted host, a client communication request directed to a destination host. The trusted host builds a secure route query comprising a trusted host address, a destination host address, and at least one security level, to form at least one secure route. The trusted host sends packets from the trusted host to the destination host based on the at least one secure route. The packets are responsive to the client communication request, and the packets each have a security label that matches the security level.Type: ApplicationFiled: April 18, 2013Publication date: September 5, 2013Applicant: International Business Machines CorporationInventors: Adekunle Bello, Radhika Chirra, Venkat Venkatsubra, Aruna Yedavilli
-
Publication number: 20130232559Abstract: A computer implemented method for obtaining a secure route. A trusted host sets a node security association for a trusted host. The trusted host receives, at the trusted host, a client communication request directed to a destination host. The trusted host builds a secure route query comprising a trusted host address, a destination host address, and at least one security level, to form at least one secure route. The trusted host sends packets from the trusted host to the destination host based on the at least one secure route. The packets are responsive to the client communication request, and the packets each have a security label that matches the security level.Type: ApplicationFiled: April 18, 2013Publication date: September 5, 2013Applicant: International Business Machines CorporationInventors: Adekunle Bello, Radhika Chirra, Venkat Venkatsubra, Aruna Yedavilli
-
Publication number: 20130151828Abstract: A computer implemented method, system and apparatus for rebooting a host having a plurality of network interfaces. A server reboots the host by stopping an NFS server process on the host. The server sends at least one consolidated notification to a plurality of clients identified in a consolidated notification table, wherein the consolidated notification comprises at least two addresses of network interfaces of the host. The server determines that an acknowledgement is received from each of the plurality of clients. The server halts resending of consolidated notifications, responsive to determining that an acknowledgement is received from the each of the plurality of clients.Type: ApplicationFiled: December 7, 2011Publication date: June 13, 2013Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Adekunle Bello, Radhika Chirra, Aruna Yedavilli
-
Publication number: 20130091538Abstract: A kernel extension is configured to intercept a call to associate a socket with a port of a node in a network. The call originates from a kernel of the node. The kernel extension is configured to determine the port from the call. The kernel extension is configured to determine that the port is one of a plurality of ports for which the node has authority to modify firewall rules of a firewall of the network. The kernel extension is configured to modify firewall rules maintained by the firewall to allow communications for the port to the node through the firewall.Type: ApplicationFiled: October 10, 2011Publication date: April 11, 2013Applicant: International Business Machines CorporationInventors: Radhika Chirra, Nikhil Hegde, Richard J. Knight, Rashmi Narasimhan
-
Publication number: 20130086318Abstract: A method, system, and computer program product for safe management of data storage using a VM are provided in the illustrative embodiments. An I/O request is received from the VM. A determination is made whether the I/O request requests a data manipulation on the data storage in an address range that overlaps with an address range of a VM signature stored on the data storage. In response to determining that the address range of the data manipulation overlaps with the address range of the VM signature, a determination is made whether an identifier of the VM matches an identifier of a second VM associated with the signature. In response to determining that the identifier of the VM does not match the identifier of the second VM, the I/O request is failed, thereby preventing an unsafe overwriting of the signature on the data storage.Type: ApplicationFiled: October 3, 2011Publication date: April 4, 2013Applicant: International Business Machines CorporationInventors: Adekunle BELLO, Radhika CHIRRA, Anil Kumar Kaniveedu DAMODARAN, Rakesh THOUTEM
-
Publication number: 20120215916Abstract: A method, programmed medium and system are provided for preventing the denial of file system access to a plurality of clients accessing a NFS server. In one example, an NFS server is configured to listen on a server port. The server runs a separate daemon which “watches” client requests as they are received at the NFS server. The server processing system tracks the number of times a client sends consecutive TCP zero-window packets in response to a data packet from the server. If the number of zero-window packets crosses a user-defined threshold, then a routine is called to stop responding to that client using a backoff algorithm. When the server reaches a point where the number of available threads or any other relevant resource dips below a user-defined threshold, the server process starts terminating connections to the clients starting from the ones with the oldest entry in the table.Type: ApplicationFiled: April 28, 2012Publication date: August 23, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Adekunle Bello, Radhika Chirra, Nikhil Hegde, Aruna Yedavilli
-
Patent number: 8095628Abstract: A computer implemented method and apparatus for rebooting a host having a plurality of network interfaces. A server reboots the host by stopping an NFS server process on the host. The server sends at least one consolidated notification to a plurality of clients identified in a consolidated notification table, wherein the consolidated notification comprises at least two addresses of network interfaces of the host. The server determines that an acknowledgement is received from each of the plurality of clients. The server halts resending of consolidated notifications, responsive to determining that an acknowledgement is received from the each of the plurality of clients.Type: GrantFiled: October 26, 2009Date of Patent: January 10, 2012Assignee: International Business Machines CorporationInventors: Adekunle Bello, Radhika Chirra, Aruna Yedavilli
-
Publication number: 20110113134Abstract: A method, programmed medium and system are provided for preventing the denial of file system access to a plurality of clients accessing a NFS server. In one example, an NFS server is configured to listen on a server port. The server runs a separate daemon which “watches” client requests as they are received at the NFS server. The server processing system tracks the number of times a client sends consecutive TCP zero-window packets in response to a data packet from the server. If the number of zero-window packets crosses a user-defined threshold, then a routine is called to stop responding to that client using a backoff algorithm. When the server reaches a point where the number of available threads or any other relevant resource dips below a user-defined threshold, the server process starts terminating connections to the clients starting from the ones with the oldest entry in the table.Type: ApplicationFiled: November 9, 2009Publication date: May 12, 2011Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Adekunle Bello, Radhika Chirra, Nikhil Hegde, Aruna Yedavilli
-
Publication number: 20110099253Abstract: A computer implemented method and apparatus for rebooting a host having a plurality of network interfaces. A server reboots the host by stopping an NFS server process on the host. The server sends at least one consolidated notification to a plurality of clients identified in a consolidated notification table, wherein the consolidated notification comprises at least two addresses of network interfaces of the host. The server determines that an acknowledgement is received from each of the plurality of clients. The server halts resending of consolidated notifications, responsive to determining that an acknowledgement is received from the each of the plurality of clients.Type: ApplicationFiled: October 26, 2009Publication date: April 28, 2011Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Adekunle Bello, Radhika Chirra, Aruna Yedavilli
-
Publication number: 20110066851Abstract: A computer implemented method and computer program product for obtaining a secure route. A trusted host sets a node security association for a trusted host. The trusted host receives, at the trusted host, a client communication request directed to a destination host. The trusted host builds a secure route query comprising a trusted host address, a destination host address, and at least one security level, to form at least one secure route. The trusted host sends packets from the trusted host to the destination host based on the at least one secure route. The packets are responsive to the client communication request, and the packets each have a security label that matches the security level.Type: ApplicationFiled: September 14, 2009Publication date: March 17, 2011Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Adekunle Bello, Radhika Chirra, Venkat Venkatsubra, Aruna Yedavilli