Patents by Inventor Richard James McCarty
Richard James McCarty has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230419803Abstract: According to one embodiment, a method, computer system, and computer program product for intrusion movement prediction is provided. The embodiment may include receiving environmental sensor data corresponding to a monitored space as captured by a plurality of sensors affixed to an airflow component. The embodiment may also include generating a three-dimensional model of the monitored space using the received environmental data. The method may further include, in response to determining a disturbance is present in the three-dimensional model, performing a security action.Type: ApplicationFiled: September 6, 2023Publication date: December 28, 2023Inventors: Doga Tav, Cesar Augusto Rodriguez Bravo, Richard James McCarty
-
Publication number: 20230343196Abstract: According to one embodiment, a method, computer system, and computer program product for intrusion movement prediction is provided. The embodiment may include receiving environmental sensor data corresponding to a monitored space as captured by a plurality of sensors affixed to an airflow component. The embodiment may also include generating a three-dimensional model of the monitored space using the received environmental data. The method may further include, in response to determining a disturbance is present in the three-dimensional model, performing a security action.Type: ApplicationFiled: April 26, 2022Publication date: October 26, 2023Inventors: Doga Tav, Cesar Augusto Rodriguez Bravo, Richard James McCarty
-
Patent number: 11790744Abstract: According to one embodiment, a method, computer system, and computer program product for intrusion movement prediction is provided. The embodiment may include receiving environmental sensor data corresponding to a monitored space as captured by a plurality of sensors affixed to an airflow component. The embodiment may also include generating a three-dimensional model of the monitored space using the received environmental data. The method may further include, in response to determining a disturbance is present in the three-dimensional model, performing a security action.Type: GrantFiled: April 26, 2022Date of Patent: October 17, 2023Assignee: International Business Machines CorporationInventors: Doga Tav, Cesar Augusto Rodriguez Bravo, Richard James McCarty
-
Patent number: 11782068Abstract: A computer-implemented method, a system, and a computer program product for detecting objects are disclosed. The method can include receiving, by a computer communicatively connected to a plurality of anemometers positioned throughout the space, first sensor data from the plurality of anemometers, creating a baseline profile of airflow in the space based on the first sensor data, and receiving second sensor data from the plurality of anemometers at a different time than the first sensor data. The method can include comparing the second sensor data with the first sensor data to determine first different data, rendering, in response to determining that the second sensor data is different from the first sensor data, a representation of the object using the first different data and first location data related to the first different data, and calculating a vector associated with the object using the first different data and the first location data.Type: GrantFiled: June 9, 2021Date of Patent: October 10, 2023Assignee: International Business Machines CorporationInventors: Doga Tav, Richard James McCarty, Cesar Augusto Rodriguez Bravo
-
Patent number: 11722527Abstract: An application-centric authorization model utilizes locally-evaluated rules derived from non-local policies and provided to the application via an authorization object, preferably in the subject's session context. Preferably, the approach does not involve a runtime determination regarding the policy or policies; rather, one or more existing policies are merely used to derive authorization rules associated with a subject, and which are then evaluated and enforced at runtime in a computationally-efficient manner within the local runtime context of the application or service.Type: GrantFiled: September 26, 2021Date of Patent: August 8, 2023Assignee: International Business Machines CorporationInventors: Richard James McCarty, Pradeep Kadiyala
-
Publication number: 20220397586Abstract: A computer-implemented method, a system, and a computer program product for detecting objects are disclosed. The method can include receiving, by a computer communicatively connected to a plurality of anemometers positioned throughout the space, first sensor data from the plurality of anemometers, creating a baseline profile of airflow in the space based on the first sensor data, and receiving second sensor data from the plurality of anemometers at a different time than the first sensor data. The method can include comparing the second sensor data with the first sensor data to determine first different data, rendering, in response to determining that the second sensor data is different from the first sensor data, a representation of the object using the first different data and first location data related to the first different data, and calculating a vector associated with the object using the first different data and the first location data.Type: ApplicationFiled: June 9, 2021Publication date: December 15, 2022Inventors: Doga Tav, Richard James McCarty, Cesar Augusto Rodriguez Bravo
-
Publication number: 20220014564Abstract: An application-centric authorization model utilizes locally-evaluated rules derived from non-local policies and provided to the application via an authorization object, preferably in the subject's session context. Preferably, the approach does not involve a runtime determination regarding the policy or policies; rather, one or more existing policies are merely used to derive authorization rules associated with a subject, and which are then evaluated and enforced at runtime in a computationally-efficient manner within the local runtime context of the application or service.Type: ApplicationFiled: September 26, 2021Publication date: January 13, 2022Applicant: International Business Machines CorporationInventors: Richard James McCarty, Pradeep Kadiyala
-
Publication number: 20210392168Abstract: A cookie compliance management system enables automated evaluation of cookie compliance within an enterprise. The system determines whether a cookie set by an application in the environment is compliant with a policy. It comprises a workflow engine, a cookie discovery engine (CDE), a cookie characterization engine (CCE), a cookie policy engine (PE), and a cookie registry. The workflow engine receives a request to initiate an evaluation of an application for cookie compliance. The CDE is invoked and returns cookies that are set by the application. The CCE receives a set of base attributes associated with a cookie discovered by the CDE, and computes a set of descriptive attributes determined to be required to enable evaluation of the cookie according to a policy. The policy engine receives policy rules and the set of descriptive attributes and, in response, determines whether the cookie is compliant with the policy. The cookie registry stores cookie data.Type: ApplicationFiled: August 27, 2021Publication date: December 16, 2021Applicant: International Business Machines CorporationInventors: Richard James McCarty, Ning Yan, Vishwas Chouhan
-
Patent number: 11146593Abstract: An application-centric authorization model utilizes locally-evaluated rules derived from non-local policies and provided to the application via an authorization object, preferably in the subject's session context. Preferably, the approach does not involve a runtime determination regarding the policy or policies; rather, one or more existing policies are merely used to derive authorization rules associated with a subject, and which are then evaluated and enforced at runtime in a computationally-efficient manner within the local runtime context of the application or service.Type: GrantFiled: May 10, 2019Date of Patent: October 12, 2021Assignee: International Business Machines CorporationInventors: Richard James McCarty, Pradeep Kadiyala
-
Patent number: 11122086Abstract: A cookie compliance management system enables automated evaluation of cookie compliance within an enterprise. The system determines whether a cookie set by an application in the environment is compliant with a policy. It comprises a workflow engine, a cookie discovery engine (CDE), a cookie characterization engine (CCE), a cookie policy engine (PE), and a cookie registry. The workflow engine receives a request to initiate an evaluation of an application for cookie compliance. The CDE is invoked and returns cookies that are set by the application. The CCE receives a set of base attributes associated with a cookie discovered by the CDE, and computes a set of descriptive attributes determined to be required to enable evaluation of the cookie according to a policy. The policy engine receives policy rules and the set of descriptive attributes and, in response, determines whether the cookie is compliant with the policy. The cookie registry stores cookie data.Type: GrantFiled: May 30, 2019Date of Patent: September 14, 2021Assignee: International Business Machines CorporationInventors: Richard James McCarty, Ning Yan, Vishwas Chouhan
-
Publication number: 20200382554Abstract: A cookie compliance management system enables automated evaluation of cookie compliance within an enterprise. The system determines whether a cookie set by an application in the environment is compliant with a policy. It comprises a workflow engine, a cookie discovery engine (CDE), a cookie characterization engine (CCE), a cookie policy engine (PE), and a cookie registry. The workflow engine receives a request to initiate an evaluation of an application for cookie compliance. The CDE is invoked and returns cookies that are set by the application. The CCE receives a set of base attributes associated with a cookie discovered by the CDE, and computes a set of descriptive attributes determined to be required to enable evaluation of the cookie according to a policy. The policy engine receives policy rules and the set of descriptive attributes and, in response, determines whether the cookie is compliant with the policy. The cookie registry stores cookie data.Type: ApplicationFiled: May 30, 2019Publication date: December 3, 2020Applicant: International Business Machines CorporationInventors: Richard James McCarty, Ning Yan, Vishwas Chouhan
-
Publication number: 20200358823Abstract: An application-centric authorization model utilizes locally-evaluated rules derived from non-local policies and provided to the application via an authorization object, preferably in the subject's session context. Preferably, the approach does not involve a runtime determination regarding the policy or policies; rather, one or more existing policies are merely used to derive authorization rules associated with a subject, and which are then evaluated and enforced at runtime in a computationally-efficient manner within the local runtime context of the application or service.Type: ApplicationFiled: May 10, 2019Publication date: November 12, 2020Applicant: International Business Machines CorporationInventors: Richard James McCarty, Pradeep Kadiyala
-
Patent number: 9596123Abstract: A proxy is integrated within an F-SSO environment and interacts with an external identity provider (IdP) instance discovery service. The proxy proxies IdP instance requests to the discovery service and receives responses that include the IdP instance assignments. The proxy maintains a cache of the instance assignment(s). As new instance requests are received, the cached assignment data is used to provide appropriate responses in lieu of proxying these requests to the discovery service, thereby reducing the time needed to identify the required IdP instance. The proxy dynamically maintains and manages its cache by subscribing to updates from the discovery service. The updates identify IdP instance changes (such as servers being taken offline for maintenance, new services being added, etc.) occurring within the set of geographically-distributed instances that comprise the IdP service. The updates are provided via a publication-subscription model such that the proxy receives change notifications proactively.Type: GrantFiled: March 1, 2013Date of Patent: March 14, 2017Assignee: International Business Machines CorporationInventors: Heather Maria Hinton, Richard James McCarty, Clifton Steve Looney
-
Patent number: 9596122Abstract: A proxy is integrated within an F-SSO environment and interacts with an external identity provider (IdP) instance discovery service. The proxy proxies IdP instance requests to the discovery service and receives responses that include the IdP instance assignments. The proxy maintains a cache of the instance assignment(s). As new instance requests are received, the cached assignment data is used to provide appropriate responses in lieu of proxying these requests to the discovery service, thereby reducing the time needed to identify the required IdP instance. The proxy dynamically maintains and manages its cache by subscribing to updates from the discovery service. The updates identify IdP instance changes (such as servers being taken offline for maintenance, new services being added, etc.) occurring within the set of geographically-distributed instances that comprise the IdP service. The updates are provided via a publication-subscription model such that the proxy receives change notifications proactively.Type: GrantFiled: February 23, 2012Date of Patent: March 14, 2017Assignee: International Business Machines CorporationInventors: Heather Maria Hinton, Richard James McCarty, Clifton Steve Looney
-
Patent number: 8838792Abstract: A method of discovering an identity provider instance according to this disclosure begins upon receipt from a service provider (or from a discovery service to which the service provider redirects the user) of a request for an IdP instance. Preferably, the request for an IdP instance is received as a Web services request following receipt at the service provider of an end user client request to access an application. In response to receiving the request, an IdP instance is selected, preferably using one or more criteria, such as user proximity, instance load, instance availability, the existence of a prior IdP binding, or the like. Following the selection, a response to the request is generated and returned to the requesting service provider. Preferably, the response is a redirect to the selected IdP instance.Type: GrantFiled: February 28, 2013Date of Patent: September 16, 2014Assignee: International Business Machines CorporationInventor: Richard James McCarty
-
Patent number: 8832271Abstract: An identity provider instance is discovered upon receipt from a service provider (or from a discovery service to which the service provider redirects the user) of a request for an IdP instance. Preferably, the request for an IdP instance is received as a Web services request following receipt at the service provider of an end user client request to access an application. In response to receiving the request, an IdP instance is selected, preferably using one or more criteria, such as user proximity, instance load, instance availability, the existence of a prior IdP binding, or the like. Following the selection, a response to the request is generated and returned to the requesting service provider. Preferably, the response is a redirect to the selected IdP instance.Type: GrantFiled: December 3, 2010Date of Patent: September 9, 2014Assignee: International Business Machines CorporationInventor: Richard James McCarty
-
Publication number: 20130227099Abstract: A proxy is integrated within an F-SSO environment and interacts with an external identity provider (IdP) instance discovery service. The proxy proxies IdP instance requests to the discovery service and receives responses that include the IdP instance assignments. The proxy maintains a cache of the instance assignment(s). As new instance requests are received, the cached assignment data is used to provide appropriate responses in lieu of proxying these requests to the discovery service, thereby reducing the time needed to identify the required IdP instance. The proxy dynamically maintains and manages its cache by subscribing to updates from the discovery service. The updates identify IdP instance changes (such as servers being taken offline for maintenance, new services being added, etc.) occurring within the set of geographically-distributed instances that comprise the IdP service. The updates are provided via a publication-subscription model such that the proxy receives change notifications proactively.Type: ApplicationFiled: February 23, 2012Publication date: August 29, 2013Applicant: International Business Machines CorporationInventors: Heather Maria Hinton, Richard James McCarty, Clifton Steve Looney
-
Publication number: 20120144034Abstract: An identity provider service comprises a plurality of identity provider instances, with at least one identity provider instance being remote from at least one other identity provider instance. A method of discovering an identity provider instance according to this disclosure begins upon receipt from a service provider (or from a discovery service to which the service provider redirects the user) of a request for an IdP instance. Preferably, the request for an IdP instance is received as a Web services request following receipt at the service provider of an end user client request to access an application. In response to receiving the request, an IdP instance is selected, preferably using one or more criteria, such as user proximity, instance load, instance availability, the existence of a prior IdP binding, or the like. Following the selection, a response to the request is generated and returned to the requesting service provider. Preferably, the response is a redirect to the selected IdP instance.Type: ApplicationFiled: December 3, 2010Publication date: June 7, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventor: Richard James McCarty
-
Patent number: 7853652Abstract: Instant messages are processed in accordance with restrictions associated with privacy codes. A privacy code is obtained from a sender system prior to acceptance or delivery of any instant messages from the sender system. If a privacy code is received from the sender system, then a recipient system accepts or delivers instant messages from the sender system.Type: GrantFiled: January 18, 2003Date of Patent: December 14, 2010Assignee: International Business Machines CorporationInventor: Richard James McCarty
-
Patent number: 7743403Abstract: A method and system for transparently encrypting (and decrypting) sensitive data stored in a directory (or other database) is provided. Sensitive data, a password for example, may be required by a client in a distributed data processing environment. When the database entry is created, the sensitive data received from a user, or more generally, a client, may be encrypted, and saved in the directory entry in encrypted form. Encryption of sensitive data may be performed in accordance with a predetermined set of policies. When the sensitive information is needed, it may be selectively delivered in encrypted or unencrypted form based on a policy in the set. Policies may include criteria external to the database, and interfaced to the database via a policy engine.Type: GrantFiled: May 23, 2008Date of Patent: June 22, 2010Assignee: International Business Machines CorporationInventor: Richard James McCarty