Patents by Inventor Stephen D. Pipes
Stephen D. Pipes has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9473511Abstract: The method includes identifying a computing device attempting to access content. The method further includes identifying a defined geographical boundary that is associated with the content, wherein the defined geographical boundary includes coordinates that define a geographical area that allows access to the content within the defined geographical boundary. The method further includes determining a geographical location of the computing device. The method further includes determining whether the geographical location of the computing device is within the identified defined geographical boundary.Type: GrantFiled: March 21, 2016Date of Patent: October 18, 2016Assignee: International Business Machines CorporationInventors: Saritha Arunkumar, Raghu K. Ganti, Stephen D. Pipes, Mudhakar Srivatsa
-
Publication number: 20160285886Abstract: The method includes identifying a computing device attempting to access content. The method further includes identifying a defined geographical boundary that is associated with the content, wherein the defined geographical boundary includes coordinates that define a geographical area that allows access to the content within the defined geographical boundary. The method further includes determining a geographical location of the computing device. The method further includes determining whether the geographical location of the computing device is within the identified defined geographical boundary.Type: ApplicationFiled: March 27, 2015Publication date: September 29, 2016Inventors: Saritha Arunkumar, Raghu K. Ganti, Stephen D. Pipes, Mudhakar Srivatsa
-
Publication number: 20160285888Abstract: The method includes identifying a computing device attempting to access content. The method further includes identifying a defined geographical boundary that is associated with the content, wherein the defined geographical boundary includes coordinates that define a geographical area that allows access to the content within the defined geographical boundary. The method further includes determining a geographical location of the computing device. The method further includes determining whether the geographical location of the computing device is within the identified defined geographical boundary.Type: ApplicationFiled: March 21, 2016Publication date: September 29, 2016Inventors: Saritha Arunkumar, Raghu K. Ganti, Stephen D. Pipes, Mudhakar Srivatsa
-
Patent number: 9432843Abstract: A technique for anonymizing location information of a mobile device includes intercepting, by the mobile device, a request for access to actual location information of the mobile device made by an application. The mobile device redirects the request to a trusted edge server. The trusted edge server obfuscates the location information based on a location of one or more other mobile devices proximal to the mobile device to generate obfuscated location information. The one or more other mobile devices are selected based on a similarity between a user profile associated with the mobile device and user profiles associated with the one or more other mobile devices. The trusted edge server returns the obfuscated location information to the mobile device, which sends the obfuscated location information to the application in place of the requested location information.Type: GrantFiled: May 29, 2015Date of Patent: August 30, 2016Assignee: International Business Machines CorporationInventors: Saritha Arunkumar, Mudhakar Srivatsa, Stephen D. Pipes
-
Publication number: 20160165437Abstract: Anonymizing location information of a mobile device by an anonymization provider. The anonymizing provider receives, from the mobile device, location information identifying the location of the mobile device and an anonymity requirement. The anonymization provider selects an obfuscation value indicating an extent of location obfuscation that satisfies the received anonymity requirement. The extent of location obfuscation determines location boundaries within which a generated obfuscated location will reside. The anonymization provider generates an obfuscated location for the mobile device and sends the obfuscated location to the mobile device.Type: ApplicationFiled: February 18, 2016Publication date: June 9, 2016Inventors: Saritha Arunkumar, Stephen D. Pipes, Mudhakar Srivatsa
-
Publication number: 20160149883Abstract: A method for authenticating a user of a computing device. The method includes a computer processor receiving an indication that a user of a computing device is accessing an object that utilizes an authentication process. The method further includes a computer processor selecting a first multi-media file that is associated with a user profile of the user and the object of the authentication process, wherein the first multi-media file is associated with a baseline user input authentication sequence. The method further includes creating a first temporal manipulation vector based on the user profile and a security requirement of the object of the authentication process, wherein the temporal manipulation vector modifies a presentation of a multi-media file and a corresponding time sequence of a user input authentication sequence in the multi-media file. The method further includes transmitting the first temporal manipulation vector and the first multi-media file to the computing device.Type: ApplicationFiled: April 15, 2015Publication date: May 26, 2016Inventors: Saritha Arunkumar, Stephen D. Pipes
-
Publication number: 20160149902Abstract: A method for authenticating a user of a computing device. The method includes a computer processor receiving an indication that a user of a computing device is accessing an object that utilizes an authentication process. The method further includes a computer processor selecting a first multi-media file that is associated with a user profile of the user and the object of the authentication process, wherein the first multi-media file is associated with a baseline user input authentication sequence. The method further includes creating a first temporal manipulation vector based on the user profile and a security requirement of the object of the authentication process, wherein the temporal manipulation vector modifies a presentation of a multi-media file and a corresponding time sequence of a user input authentication sequence in the multi-media file. The method further includes transmitting the first temporal manipulation vector and the first multi-media file to the computing device.Type: ApplicationFiled: November 25, 2014Publication date: May 26, 2016Inventors: Saritha Arunkumar, Stephen D. Pipes
-
Patent number: 9319876Abstract: Anonymizing location information of a mobile device by an anonymization provider. The anonymization provider receives, from the mobile device, location information identifying the location of the mobile device and anonymity requirements. The anonymization provider determines whether the received location information satisfies the received anonymity requirements. Based on the received location information satisfying the received anonymity requirements, the anonymization provider generates an obfuscated location for the mobile device and sends the obfuscated location to the mobile device. Based on the received location information not satisfying the received anonymity requirements, the anonymization provider sends a request for new anonymity requirements to the mobile device.Type: GrantFiled: March 26, 2015Date of Patent: April 19, 2016Assignee: International Business Machines CorporationInventors: Saritha Arunkumar, Stephen D. Pipes, Mudhakar Srivatsa
-
Publication number: 20160065554Abstract: A method of managing authentication during a user session comprises the steps of operating a user session for a specific user, maintaining a user authentication level for the user session, monitoring one or more factors relating to the user's activity, applying one or more rules to the monitored factors, detecting that a rule has indicated the user's current authentication level is too high, and lowering the user's authentication level, without ending the user's session.Type: ApplicationFiled: August 21, 2015Publication date: March 3, 2016Inventors: Kevin C. Brown, Peter W. Jenkins, Stephen D. Pipes, Larissa C. Romualdo Suzuki
-
Publication number: 20150350890Abstract: Anonymizing location information of a mobile device by an anonymization provider. The anonymization provider receives, from the mobile device, location information identifying the location of the mobile device and anonymity requirements. The anonymization provider determines whether the received location information satisfies the received anonymity requirements. Based on the received location information satisfying the received anonymity requirements, the anonymization provider generates an obfuscated location for the mobile device and sends the obfuscated location to the mobile device. Based on the received location information not satisfying the received anonymity requirements, the anonymization provider sends a request for new anonymity requirements to the mobile device.Type: ApplicationFiled: March 26, 2015Publication date: December 3, 2015Inventors: Saritha Arunkumar, Stephen D. Pipes, Mudhakar Srivatsa
-
Publication number: 20150350891Abstract: A technique for anonymizing location information of a mobile device includes intercepting, by the mobile device, a request for access to actual location information of the mobile device made by an application. The mobile device redirects the request to a trusted edge server. The trusted edge server obfuscates the location information based on a location of one or more other mobile devices proximal to the mobile device to generate obfuscated location information. The one or more other mobile devices are selected based on a similarity between a user profile associated with the mobile device and user profiles associated with the one or more other mobile devices. The trusted edge server returns the obfuscated location information to the mobile device, which sends the obfuscated location information to the application in place of the requested location information.Type: ApplicationFiled: May 29, 2015Publication date: December 3, 2015Inventors: SARITHA ARUNKUMAR, MUDHAKAR SRIVATSA, STEPHEN D. PIPES
-
Publication number: 20150256539Abstract: Providing a user apparatus access to a computer system including services and authentication levels. A service request is determined for at least one of the services from a user apparatus. A distributed authentication provider is negotiated with to provide an authentication level based access control for the plurality of authentication levels associated with the plurality of services. The user apparatus to is redirected to access the distributed authentication provider such that the user apparatus authenticates itself at the distributed authentication provider for the authentication level associated with the at least one of the services within the service request. The user apparatus is provided access to the at least one of the services within the service request based on a successful authentication at the distributed authentication provider for the authentication level associated with the at least one of the services within the service request.Type: ApplicationFiled: February 23, 2015Publication date: September 10, 2015Inventors: John Duffell, Sam Marland, Stephen D. Pipes
-
Publication number: 20150256541Abstract: Providing a user apparatus access to a computer system including services and authentication levels. A service request is determined for at least one of the services from a user apparatus. A distributed authentication provider is negotiated with to provide an authentication level based access control for the plurality of authentication levels associated with the plurality of services. The user apparatus to is redirected to access the distributed authentication provider such that the user apparatus authenticates itself at the distributed authentication provider for the authentication level associated with the at least one of the services within the service request. The user apparatus is provided access to the at least one of the services within the service request based on a successful authentication at the distributed authentication provider for the authentication level associated with the at least one of the services within the service request.Type: ApplicationFiled: February 23, 2015Publication date: September 10, 2015Inventors: John Duffell, Sam Marland, Stephen D. Pipes
-
Publication number: 20150220723Abstract: An approach is described for authenticating a user. An associated method includes displaying a dynamic image on a display screen, detecting a user interaction with the displayed image, and detecting a duration of the detected user interaction. The method further includes comparing the detected user interaction and the detected duration with a stored user interaction and a stored duration. The method further includes authenticating the user upon determining that the detected user interaction matches the stored user interaction and the detected duration matches the stored duration. In an embodiment, the method further includes transmitting the detected user interaction and the detected duration to a remote device. In such embodiment, the method step of comparing the detected user interaction and the detected duration with the stored user interaction and the stored duration is performed by the remote device.Type: ApplicationFiled: January 23, 2015Publication date: August 6, 2015Inventors: DAVID P. GEORGE, BENJAMIN J. HARDILL, STEPHEN D. PIPES, ROBERT S. SMART
-
Publication number: 20150156185Abstract: A method and/or computer program product indicates a trustworthiness of data processed in accordance with a processing rule. A first trust weight is assigned to a data item to be processed to provide a weighted data item, the first trust weight representing a level of trust in the data item. A second trust weight is assigned to the processing rule to provide a weighted processing rule, the second trust weight representing a level of trust in the processing rule. The weighted data item is processed in accordance with the weighted processing rule to generate a data output and an indication of a level of trust in the data output.Type: ApplicationFiled: December 1, 2014Publication date: June 4, 2015Inventors: SARITHA ARUNKUMAR, STEPHEN D. PIPES, MUDHAKAR SRIVATSA
-
Publication number: 20150106953Abstract: A method, system and/or computer program product secures response data sent from a responder to a querier. Path information for query data is collected. The path information identifies paths from the querier to the responder and includes a physical machine identifier for each node hosted by a physical machine. One or more sets of return paths are identified for sending response data. For each set of return paths, any return paths that utilize any nodes sharing a physical machine identifier with any node present in another of the return paths within the set of return paths are discarded.Type: ApplicationFiled: October 8, 2014Publication date: April 16, 2015Inventors: THOMAS J.C. BERMAN, Stephen D. Pipes
-
Publication number: 20150077223Abstract: A method and/or computer program product verifies code. An input of an access code is received. A passcode comprising a set of one or more code elements is retrieved, wherein one or more of the code elements are associated with a respective time period. An input access code is compared to the retrieved passcode. In response to the input access code matching the passcode, a verification of the access code is output.Type: ApplicationFiled: September 5, 2014Publication date: March 19, 2015Inventor: Stephen D. Pipes
-
Publication number: 20140208419Abstract: Disclosed is a method for providing a user access to a computer system comprising a plurality of services and a plurality of authentication levels, the method comprising dynamically monitoring a risk profile of a user authenticated on said computer system; dynamically selecting an authentication level for each of said services based on said monitored risk profile; and if said authentication level for a service is higher than an actual authentication level for said user, sending a further authentication request to the user requesting the user to provide authentication information corresponding to the dynamically selected authentication level upon said authenticated user requesting access to said service.Type: ApplicationFiled: January 23, 2014Publication date: July 24, 2014Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Matthew-Louis Chen Wen Chang, John W. Duffell, Sophie D. Green, Sam Marland, Joe Pavitt, Stephen D. Pipes