Patents by Inventor Vincent Burckhardt
Vincent Burckhardt has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220368694Abstract: A method, system and computer program product relating to an application server operable to manage a microservice-based application, i.e. app, on behalf of clients, the clients being available for use by system actors who may be, for example, end users, bots, developers or other apps. A permissions validator is used to compute effective permissions in response to client requests. The requests are granted or denied conditional on the effective permissions being at least a subset of the permissions required to be given by any of the app's microservices that are needed for the resource being requested. The effective permissions are computed from an intersection of a set of actor permissions, a set of client permissions and a set of resource permissions.Type: ApplicationFiled: July 29, 2022Publication date: November 17, 2022Inventors: Vincent Burckhardt, Andre Fischer, Olgierd Pieczul, Jürgen Schmidt, Xiao F. Yu
-
Publication number: 20220337593Abstract: A method, system and computer program product relating to an application server operable to manage a microservice-based application, i.e. app, on behalf of clients, the clients being available for use by system actors who may be, for example, end users, bots, developers or other apps. A permissions validator is used to compute effective permissions in response to client requests. The requests are granted or denied conditional on the effective permissions being at least a subset of the permissions required to be given by any of the app's microservices that are needed for the resource being requested. The effective permissions are computed from an intersection of a set of actor permissions, a set of client permissions and a set of resource permissions.Type: ApplicationFiled: June 30, 2022Publication date: October 20, 2022Inventors: Vincent Burckhardt, Andre Fischer, Olgierd Pieczul, Jürgen Schmidt, Xiao F. Yu
-
Patent number: 11477199Abstract: A method, system and computer program product relating to an application server operable to manage a microservice-based application, i.e. app, on behalf of clients, the clients being available for use by system actors who may be, for example, end users, bots, developers or other apps. A permissions validator is used to compute effective permissions in response to client requests. The requests are granted or denied conditional on the effective permissions being at least a subset of the permissions required to be given by any of the app's microservices that are needed for the resource being requested. The effective permissions are computed from an intersection of a set of actor permissions, a set of client permissions and a set of resource permissions.Type: GrantFiled: April 24, 2019Date of Patent: October 18, 2022Assignee: International Business Machines CorporationInventors: Vincent Burckhardt, Andre Fischer, Olgierd Pieczul, Jürgen Schmidt, Xiao F. Yu
-
Patent number: 11457014Abstract: A method, system and computer program product relating to an application server operable to manage a microservice-based application, i.e. app, on behalf of clients, the clients being available for use by system actors who may be, for example, end users, bots, developers or other apps. A permissions validator is used to compute effective permissions in response to client requests. The requests are granted or denied conditional on the effective permissions being at least a subset of the permissions required to be given by any of the app's microservices that are needed for the resource being requested. The effective permissions are computed from an intersection of a set of actor permissions, a set of client permissions and a set of resource permissions.Type: GrantFiled: October 26, 2017Date of Patent: September 27, 2022Assignee: International Business Machines CorporationInventors: Vincent Burckhardt, Andre Fischer, Olgierd Pieczul, Jürgen Schmidt, Xiao F. Yu
-
Patent number: 11165890Abstract: A secure client-server connection method compatible with RESTful (REpresentational State Transfer) APIs (Application Programming Interface) that is resistant to cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. The server generates a token for the client and a random value which it pairs with the token. The random value is hashed. The hash value is transmitted to the client contained in the token and the random value is transmitted to the client contained in an HTTPOnly cookie. Even if an attacker steals the token and/or the hash, security is maintained, since the server verifies communications from the client by validating the token on the basis of its hash value. Validation is performed by the server hashing the random value contained in the HTTPOnly cookie paired with the token to obtain a further hash value, and checking that this further hash value matches the token's hash value.Type: GrantFiled: January 23, 2020Date of Patent: November 2, 2021Assignee: International Business Machines CorporationInventors: Vincent Burckhardt, Carlos C. Manias Diez, Olgierd Pieczul
-
Patent number: 10834058Abstract: In some embodiments of the invention a method provides for processing a mention in textual content being input to a content provider. The method can include detecting input by a user of the content provider of the mention and identifying a member of a mention provider such as a social network based on the mention while maintaining privacy of information about the member with respect to the content provider. In some embodiments a computer program product for processing the mention includes a computer readable storage medium having program instructions embodied therewith. In some embodiments of the invention, a system for processing the mention includes a computer system readable media with a program module embodied therewith to detect the mention in the textual content as provided to a content provider. A network adapter with the system can provide the program module or program modules over a network.Type: GrantFiled: June 12, 2018Date of Patent: November 10, 2020Assignee: International Business Machines CorporationInventors: Jonathan F. Brunn, Vincent Burckhardt, Ryan A Davis, Claudio Procida
-
Patent number: 10757225Abstract: A secure client-server connection method compatible with RESTful (REpresentational State Transfer) APIs (Application Programming Interface) that is resistant to cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. The server generates a token for the client and a random value which it pairs with the token. The random value is hashed. The hash value is transmitted to the client contained in the token and the random value is transmitted to the client contained in an HTTPOnly cookie. Even if an attacker steals the token and/or the hash, security is maintained, since the server verifies communications from the client by validating the token on the basis of its hash value. Validation is performed by the server hashing the random value contained in the HTTPOnly cookie paired with the token to obtain a further hash value, and checking that this further hash value matches the token's hash value.Type: GrantFiled: October 29, 2018Date of Patent: August 25, 2020Assignee: International Business Machines CorporationInventors: Vincent Burckhardt, Carlos C. Manias Diez, Olgierd Pieczul
-
Publication number: 20200162583Abstract: A secure client-server connection method compatible with RESTful (REpresentational State Transfer) APIs (Application Programming Interface) that is resistant to cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. The server generates a token for the client and a random value which it pairs with the token. The random value is hashed. The hash value is transmitted to the client contained in the token and the random value is transmitted to the client contained in an HTTPOnly cookie. Even if an attacker steals the token and/or the hash, security is maintained, since the server verifies communications from the client by validating the token on the basis of its hash value. Validation is performed by the server hashing the random value contained in the HTTPOnly cookie paired with the token to obtain a further hash value, and checking that this further hash value matches the token's hash value.Type: ApplicationFiled: January 23, 2020Publication date: May 21, 2020Inventors: Vincent Burckhardt, Carlos C. Manias Diez, Olgierd Pieczul
-
Patent number: 10587732Abstract: A secure client-server connection method compatible with RESTful (REpresentational State Transfer) APIs (Application Programming Interface) that is resistant to cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. The server generates a token for the client and a random value which it pairs with the token. The random value is hashed. The hash value is transmitted to the client contained in the token and the random value is transmitted to the client contained in an HTTPOnly cookie. Even if an attacker steals the token and/or the hash, security is maintained, since the server verifies communications from the client by validating the token on the basis of its hash value. Validation is performed by the server hashing the random value contained in the HTTPOnly cookie paired with the token to obtain a further hash value, and checking that this further hash value matches the token's hash value.Type: GrantFiled: April 13, 2017Date of Patent: March 10, 2020Assignee: International Business Machines CorporationInventors: Vincent Burckhardt, Carlos C. Manias Diez, Olgierd Pieczul
-
Publication number: 20200021564Abstract: In some embodiments of the invention a method provides for processing a mention in textual content being input to a content provider. The method can include detecting input by a user of the content provider of the mention and identifying a member of a mention provider such as a social network based on the mention while maintaining privacy of information about the member with respect to the content provider. In some embodiments a computer program product for processing the mention includes a computer readable storage medium having program instructions embodied therewith. In some embodiments of the invention, a system for processing the mention includes a computer system readable media with a program module embodied therewith to detect the mention in the textual content as provided to a content provider. A network adapter with the system can provide the program module or program modules over a network.Type: ApplicationFiled: June 12, 2018Publication date: January 16, 2020Inventors: Jonathan F. Brunn, Vincent Burckhardt, Ryan A Davis, Claudio Procida
-
Publication number: 20190253424Abstract: A method, system and computer program product relating to an application server operable to manage a microservice-based application, i.e. app, on behalf of clients, the clients being available for use by system actors who may be, for example, end users, bots, developers or other apps. A permissions validator is used to compute effective permissions in response to client requests. The requests are granted or denied conditional on the effective permissions being at least a subset of the permissions required to be given by any of the app's microservices that are needed for the resource being requested. The effective permissions are computed from an intersection of a set of actor permissions, a set of client permissions and a set of resource permissions.Type: ApplicationFiled: April 24, 2019Publication date: August 15, 2019Inventors: Vincent Burckhardt, Andre Fischer, Olgierd Pieczul, Jürgen Schmidt, Xiao F. Yu
-
Publication number: 20190132320Abstract: A method, system and computer program product relating to an application server operable to manage a microservice-based application, i.e. app, on behalf of clients, the clients being available for use by system actors who may be, for example, end users, bots, developers or other apps. A permissions validator is used to compute effective permissions in response to client requests. The requests are granted or denied conditional on the effective permissions being at least a subset of the permissions required to be given by any of the app's microservices that are needed for the resource being requested. The effective permissions are computed from an intersection of a set of actor permissions, a set of client permissions and a set of resource permissions.Type: ApplicationFiled: October 26, 2017Publication date: May 2, 2019Inventors: Vincent Burckhardt, Andre Fischer, Olgierd Pieczul, Jürgen Schmidt, Xiao F. Yu
-
Publication number: 20190068602Abstract: A secure client-server connection method compatible with RESTful (REpresentational State Transfer) APIs (Application Programming Interface) that is resistant to cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. The server generates a token for the client and a random value which it pairs with the token. The random value is hashed. The hash value is transmitted to the client contained in the token and the random value is transmitted to the client contained in an HTTPOnly cookie. Even if an attacker steals the token and/or the hash, security is maintained, since the server verifies communications from the client by validating the token on the basis of its hash value. Validation is performed by the server hashing the random value contained in the HTTPOnly cookie paired with the token to obtain a further hash value, and checking that this further hash value matches the token's hash value.Type: ApplicationFiled: October 29, 2018Publication date: February 28, 2019Inventors: Vincent Burckhardt, Carlos C. Manias Diez, Olgierd Pieczul
-
Patent number: 10164946Abstract: In some embodiments of the invention a method provides for processing a mention in textual content being input to a content provider. The method can include detecting input by a user of the content provider of the mention and identifying a member of a mention provider such as a social network based on the mention while maintaining privacy of information about the member with respect to the content provider. In some embodiments a computer program product for processing the mention includes a computer readable storage medium having program instructions embodied therewith. In some embodiments of the invention, a system for processing the mention includes a computer system readable media with a program module embodied therewith to detect the mention in the textual content as provided to a content provider. A network adapter with the system can provide the program module or program modules over a network.Type: GrantFiled: June 24, 2015Date of Patent: December 25, 2018Assignee: International Business Machines CorporationInventors: Jonathan F. Brunn, Vincent Burckhardt, Ryan A. Davis, Claudio Procida
-
Publication number: 20180302406Abstract: A secure client-server connection method compatible with RESTful (REpresentational State Transfer) APIs (Application Programming Interface) that is resistant to cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. The server generates a token for the client and a random value which it pairs with the token. The random value is hashed. The hash value is transmitted to the client contained in the token and the random value is transmitted to the client contained in an HTTPOnly cookie. Even if an attacker steals the token and/or the hash, security is maintained, since the server verifies communications from the client by validating the token on the basis of its hash value. Validation is performed by the server hashing the random value contained in the HTTPOnly cookie paired with the token to obtain a further hash value, and checking that this further hash value matches the token's hash value.Type: ApplicationFiled: April 13, 2017Publication date: October 18, 2018Inventors: Vincent Burckhardt, Carlos C. Manias Diez, Olgierd Pieczul
-
Publication number: 20180295102Abstract: In some embodiments of the invention a method provides for processing a mention in textual content being input to a content provider. The method can include detecting input by a user of the content provider of the mention and identifying a member of a mention provider such as a social network based on the mention while maintaining privacy of information about the member with respect to the content provider. In some embodiments a computer program product for processing the mention includes a computer readable storage medium having program instructions embodied therewith. In some embodiments of the invention, a system for processing the mention includes a computer system readable media with a program module embodied therewith to detect the mention in the textual content as provided to a content provider. A network adapter with the system can provide the program module or program modules over a network.Type: ApplicationFiled: June 12, 2018Publication date: October 11, 2018Inventors: Jonathan F. Brunn, Vincent Burckhardt, Ryan A Davis, Claudio Procida
-
Patent number: 10057216Abstract: In some embodiments of the invention a method provides for processing a mention in textual content being input to a content provider. The method can include detecting input by a user of the content provider of the mention and identifying a member of a mention provider such as a social network based on the mention while maintaining privacy of information about the member with respect to the content provider. In some embodiments a computer program product for processing the mention includes a computer readable storage medium having program instructions embodied therewith. In some embodiments of the invention, a system for processing the mention includes a computer system readable media with a program module embodied therewith to detect the mention in the textual content as provided to a content provider. A network adapter with the system can provide the program module or program modules over a network.Type: GrantFiled: May 31, 2016Date of Patent: August 21, 2018Assignee: International Business Machines CorporationInventors: Jonathan F. Brunn, Vincent Burckhardt, Ryan A. Davis, Claudio Procida
-
Publication number: 20160380946Abstract: In some embodiments of the invention a method provides for processing a mention in textual content being input to a content provider. The method can include detecting input by a user of the content provider of the mention and identifying a member of a mention provider such as a social network based on the mention while maintaining privacy of information about the member with respect to the content provider. In some embodiments a computer program product for processing the mention includes a computer readable storage medium having program instructions embodied therewith. In some embodiments of the invention, a system for processing the mention includes a computer system readable media with a program module embodied therewith to detect the mention in the textual content as provided to a content provider. A network adapter with the system can provide the program module or program modules over a network.Type: ApplicationFiled: May 31, 2016Publication date: December 29, 2016Inventors: Jonathan F. Brunn, Vincent Burckhardt, Ryan A. Davis, Claudio Procida
-
Publication number: 20160380978Abstract: In some embodiments of the invention a method provides for processing a mention in textual content being input to a content provider. The method can include detecting input by a user of the content provider of the mention and identifying a member of a mention provider such as a social network based on the mention while maintaining privacy of information about the member with respect to the content provider. In some embodiments a computer program product for processing the mention includes a computer readable storage medium having program instructions embodied therewith. In some embodiments of the invention, a system for processing the mention includes a computer system readable media with a program module embodied therewith to detect the mention in the textual content as provided to a content provider. A network adapter with the system can provide the program module or program modules over a network.Type: ApplicationFiled: June 24, 2015Publication date: December 29, 2016Inventors: Jonathan F. Brunn, Vincent Burckhardt, Ryan A. Davis, Claudio Procida
-
Patent number: 9176793Abstract: Apparatus and method for use with a data processing system, wherein the data processing system comprises a client and a server, comprising: a receive component for receiving a call from a client application to a first method of an object, and for receiving a reply on the channel; an interceptor component, for wrapping the object to provide a wrapped call to a second method of the wrapped object, and for invoking a response handler; a client encoder component for converting the wrapped call into a message; a client channel manager component for establishing a channel to the server; a sender component, for sending the message on the channel; a reply decoder component for decoding the reply to provide a response; and the sender component further for sending the response to the client application.Type: GrantFiled: November 23, 2010Date of Patent: November 3, 2015Assignee: International Business Machines CorporationInventor: Vincent Burckhardt