Patents by Inventor Sirish V Vepa
Sirish V Vepa has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230185934Abstract: Aspects of the present disclosure provide techniques for rule-based document security. Embodiments include receiving, from a computing device: an amended document; an encrypted sensitive component; and information relating to reconstructing a document based on the amended document and the encrypted sensitive component. Embodiments include decrypting the encrypted sensitive component to produce a decrypted sensitive component. Embodiments include determining, based on the information relating to reconstructing the document, a document location that corresponds to the decrypted sensitive component. Embodiments include reconstructing the document by inserting the decrypted sensitive component into the amended document at the document location.Type: ApplicationFiled: December 14, 2021Publication date: June 15, 2023Inventors: Michael J. SEILNACHT, Sirish V. VEPA, Richard Lee SLATER, Cody Allyn EDGINGTON
-
Patent number: 11398900Abstract: Embodiments are directed to managing cryptographic keys in a multi-tenant cloud based system. Embodiments receive from a client a request for a wrapped data encryption key (“DEK”). Embodiments generate a random key and fetch encryption context that corresponds to the client. Embodiments generate the wrapped DEK including the random key and the encryption context encoded in the wrapped DEK. Embodiments then return the wrapped DEK to the client.Type: GrantFiled: February 7, 2019Date of Patent: July 26, 2022Assignee: Oracle International CorporationInventors: Sirish V. Vepa, Prateek Mishra, Sreedhar Katti, Varanasi Kumar Ravi, Harold William Lockhart, Rakesh Keshava
-
Patent number: 10878079Abstract: A system for authorizing access to a resource associated with a tenancy in an identity management system that includes a plurality of tenancies receives an access token request for an access token that corresponds to the resource, the request including user information and application information, the user information including roles of a user and the application information including roles of the application. The system evaluates the access token request by computing dynamic roles and corresponding dynamic scopes for the access token including a second intersection between the dynamic roles of the user and the dynamic roles of the application. The system then provides the access token that includes the computed static scopes, where the scopes are based at least on the roles of the user and the roles of the application, and further including the computed dynamic roles and corresponding dynamic scopes.Type: GrantFiled: May 9, 2017Date of Patent: December 29, 2020Assignee: Oracle International CorporationInventors: Sirish V. Vepa, Sreedhar Katti, Maheshkumar Shivlal Dhaduk, Vadim Lander
-
Publication number: 20190394024Abstract: Embodiments are directed to managing cryptographic keys in a multi-tenant cloud based system. Embodiments receive from a client a request for a wrapped data encryption key (“DEK”). Embodiments generate a random key and fetch encryption context that corresponds to the client. Embodiments generate the wrapped DEK including the random key and the encryption context encoded in the wrapped DEK. Embodiments then return the wrapped DEK to the client.Type: ApplicationFiled: February 7, 2019Publication date: December 26, 2019Inventors: Sirish V. VEPA, Prateek MISHRA, Sreedhar KATTI, Varanasi Kumar RAVI, Harold William LOCKHART, Rakesh KESHAVA
-
Patent number: 10454940Abstract: A system for authorizing access to a resource receives a request for an access token that corresponds to the resource, where the request includes user information and application information. The user information includes a role of the user and the application information includes a role of the application. The system evaluates the request by computing scopes for the access token, including determining an intersection between the user information and the application information. The system then provides the access token that includes the computed scopes, the scopes being based at least on the role of the user and the role of the application.Type: GrantFiled: March 30, 2017Date of Patent: October 22, 2019Assignee: Oracle International CorporationInventors: Vadim Lander, Hari Sastry, Sreedhar Katti, Sirish V. Vepa, Swathi Vinayak Shenoy
-
Patent number: 10230732Abstract: A global policy store, in which policies applicable to multiple applications in an enterprise environment can be stored, can be stored in association with that environment. An application-level policy combining algorithm can be associated with a specific application to resolve conflicts between the results of evaluating policies that pertain to that application's resources. A persistent model is defined for an Extensible Access Control Markup Language (XACML) target definition.Type: GrantFiled: September 28, 2016Date of Patent: March 12, 2019Assignee: Oracle International CorporationInventors: Sirish V. Vepa, Hari Sastry, Alan Cao, Cynthia Ding
-
Patent number: 10142371Abstract: Application customization enables many different types of customers, from small companies to large multinational enterprises, to use various applications provided by a cloud service provider. To accommodate these customizations, previous systems generally require manual human intervention to identify custom, customized, and cloud service provider authorization policies (also referred to herein as “seed” authorization policies) and to decide how each type of authorization policy should be upgraded. When applications are customized, artifacts that represent those customizations can be created. In some embodiments, the customizations can include new resources or entitlements, and grants to new roles. In addition to new resources, entitlements, and grants, existing resources, entitlements, and grants can be modified and artifacts corresponding to those modifications can be generated.Type: GrantFiled: December 18, 2015Date of Patent: November 27, 2018Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Hari Sastry, Krishnakumar Sriramadhesikan, Vineet Garg, Sirish V. Vepa, Srivatsa Manjunath, Yi Wang
-
Publication number: 20170331832Abstract: A system for authorizing access to a resource receives a request for an access token that corresponds to the resource, where the request includes user information and application information. The user information includes a role of the user and the application information includes a role of the application. The system evaluates the request by computing scopes for the access token, including determining an intersection between the user information and the application information. The system then provides the access token that includes the computed scopes, the scopes being based at least on the role of the user and the role of the application.Type: ApplicationFiled: March 30, 2017Publication date: November 16, 2017Inventors: VADIM LANDER, Hari SASTRY, Sreedhar KATTI, Sirish V. VEPA, Swathi Vinayak SHENOY
-
Publication number: 20170329957Abstract: A system for authorizing access to a resource associated with a tenancy in an identity management system that includes a plurality of tenancies receives an access token request for an access token that corresponds to the resource, the request including user information and application information, the user information including roles of a user and the application information including roles of the application. The system evaluates the access token request by computing dynamic roles and corresponding dynamic scopes for the access token including a second intersection between the dynamic roles of the user and the dynamic roles of the application. The system then provides the access token that includes the computed static scopes, where the scopes are based at least on the roles of the user and the roles of the application, and further including the computed dynamic roles and corresponding dynamic scopes.Type: ApplicationFiled: May 9, 2017Publication date: November 16, 2017Inventors: Sirish V. VEPA, Sreedhar KATTI, Maheshkumar Shivlal DHADUK, Vadim LANDER
-
Publication number: 20170019408Abstract: A global policy store, in which policies applicable to multiple applications in an enterprise environment can be stored, can be stored in association with that environment. An application-level policy combining algorithm can be associated with a specific application to resolve conflicts between the results of evaluating policies that pertain to that application's resources. A persistent model is defined for an Extensible Access Control Markup Language (XACML) target definition.Type: ApplicationFiled: September 28, 2016Publication date: January 19, 2017Applicant: Oracle International CorporationInventors: Sirish V. Vepa, Hari Sastry, Alan Cao, Cynthia Ding
-
Publication number: 20160315965Abstract: Application customization enables many different types of customers, from small companies to large multinational enterprises, to use various applications provided by a cloud service provider. To accommodate these customizations, previous systems generally require manual human intervention to identify custom, customized, and cloud service provider authorization policies (also referred to herein as “seed” authorization policies) and to decide how each type of authorization policy should be upgraded. When applications are customized, artifacts that represent those customizations can be created. In some embodiments, the customizations can include new resources or entitlements, and grants to new roles. In addition to new resources, entitlements, and grants, existing resources, entitlements, and grants can be modified and artifacts corresponding to those modifications can be generated.Type: ApplicationFiled: December 18, 2015Publication date: October 27, 2016Inventors: Hari Sastry, Krishnakumar Sriramadhesikan, Vineet Garg, Sirish V. Vepa, Srivatsa Manjunath, Yi Wang
-
Patent number: 9471798Abstract: A global policy store, in which policies applicable to multiple applications in an enterprise environment can be stored, can be stored in association with that environment. An application-level policy combining algorithm can be associated with a specific application to resolve conflicts between the results of evaluating policies that pertain to that application's resources. A persistent model is defined for an Extensible Access Control Markup Language (XACML) target definition.Type: GrantFiled: September 11, 2014Date of Patent: October 18, 2016Assignee: Oracle International CorporationInventors: Sirish V. Vepa, Hari Sastry, Alan Cao, Cynthia Ding
-
Patent number: 9058471Abstract: A unified authorization system for an enterprise that includes heterogeneous access control environments is provided. Components in the enterprise utilizing either Java Platform Security (JPS) or Oracle Access Manager (OAM) can both use the unified authorization system to perform authorization. A common policy store can contain policies applicable to diverse components in a canonical form conducive to varieties of access control models. The data model used within the common policy store can support access control features found in both role-based policies and delegable access control administration. The common policy store can enable the querying and retrieval of authorization policies that are based on various access control models. A unified administrator interface permits administrators of applications following any kind of access control model to administer policies for resources.Type: GrantFiled: March 15, 2013Date of Patent: June 16, 2015Assignee: Oracle International CorporationInventors: Hari VN. Sastry, Sirish V Vepa, Uppili Srinivasan, Vrinda S. Joshi
-
Patent number: 9053302Abstract: An authorization system that conforms to legacy access control models provides mechanisms whereby structures already existing within those legacy access control models can be used to pass additional information to and from that authorization system. Legacy applications can still interact with the authorization system without modification. Because the authorization system also provides mechanisms whereby the existing structures can be used to pass the additional information or return additional information, more advanced applications can make use of enhanced access control features of the authorization system. Such enhanced features can involve policy-based decisions that take into account the additional information in determining whether to permit resource access. Such enhanced features can involve the placement of policy-specified obligations within the existing structures to be returned back to the advanced applications.Type: GrantFiled: March 15, 2013Date of Patent: June 9, 2015Assignee: Oracle International CorporationInventors: Hari VN. Sastry, Sirish V Vepa, Uppili Srinivasan, Vrinda S. Joshi
-
Publication number: 20150089575Abstract: A global policy store, in which policies applicable to multiple applications in an enterprise environment can be stored, can be stored in association with that environment. An application-level policy combining algorithm can be associated with a specific application to resolve conflicts between the results of evaluating policies that pertain to that application's resources. A persistent model is defined for an Extensible Access Control Markup Language (XACML) target definition.Type: ApplicationFiled: September 11, 2014Publication date: March 26, 2015Inventors: Sirish V. Vepa, Hari Sastry, Alan Cao, Cynthia Ding
-
Publication number: 20130332984Abstract: A unified authorization system for an enterprise that includes heterogeneous access control environments is provided. For example, components in the enterprise utilizing either JPS or OAM can both use the unified authorization system to perform authorization. A common policy store can contain policies applicable to diverse components in a canonical form conducive to varieties of access control models. The data model used within the common policy store can support access control features found in both JSP and OAM environments, such as both role-based policies and delegable access control administration. The common policy store can enable the querying and retrieval of authorization policies that are based on various access control models. A single unified administrator interface permits administrators of applications following any kind of access control model to administer policies for resources.Type: ApplicationFiled: March 15, 2013Publication date: December 12, 2013Applicant: Oracle International CorporationInventors: Hari VN. Sastry, Sirish V Vepa, Uppili Srinivasan, Vrinda S. Joshi
-
Publication number: 20130332985Abstract: An authorization system that conforms to legacy access control models provides mechanisms whereby structures already existing within those legacy access control models can be used to pass additional information to and from that authorization system. Because the authorization system conforms to the legacy model, legacy applications can still interact with the authorization system without modification. Because the authorization system also provides mechanisms whereby the existing structures can be used to pass the additional information or return additional information, more advanced applications can make use of enhanced access control features of the authorization system. Such enhanced features can involve policy-based decisions that take into account the additional information in determining whether to permit resource access. Such enhanced features can involve the placement of policy-specified obligations within the existing structures to be returned back to the advanced applications.Type: ApplicationFiled: March 15, 2013Publication date: December 12, 2013Applicant: Oracle International CorporationInventors: Hari VN. Sastry, Sirish V. Vepa, Uppili Srinivasan, Vrinda S. Joshi