Patents by Inventor Vipin Koottayi
Vipin Koottayi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11290438Abstract: The disclosure relates to techniques for enforcing a limit on single sign-on (SSO) sessions for users across multiple data centers in a multi data center deployment. Users may request access to resources that are governed by an access manager deployed across multiple data centers, with each data center being associated with its own identifier. Each user may be associated with an identity attribute preserved in identity stores across the multiple data centers. The prerequisite for session creation at a data center may be to update the identity attribute of the user to that data center's identifier. If the identity attribute can be updated successfully, the access manager can create a new SSO session at that data center. Updates to the identity attribute may be synchronized across all of the data centers, with each data center aware of any existing sessions based on the current value of the identity attribute.Type: GrantFiled: October 13, 2017Date of Patent: March 29, 2022Assignee: Oracle International CorporationInventors: Stephen Mathew, Vipin Koottayi
-
Patent number: 11265329Abstract: The present disclosure relates generally to threat detection, and more particularly, to techniques for managing user access to resources in an enterprise environment. Some aspects are directed to the concept of managing access to a target resource based on a threat perception of a user that is calculated using a rule or policy based risk for the user and a behavior based risk for the user. Other aspects are directed to preventing insider attacks in a system based on a threat perception for each user logged into the system that is calculated using a rule or policy based risk for each user and a behavior based risk for each user. Yet other aspects are directed to providing a consolidated view of users, applications being accessed by users, and the threat perception, if any, generated for each of the users.Type: GrantFiled: May 5, 2020Date of Patent: March 1, 2022Assignee: Oracle International CorporationInventors: Vipin Koottayi, Vikas Pooven Chathoth, Aarathi Balakrishnan, Madhu Martin, Deepak Ramakrishanan
-
Publication number: 20200267162Abstract: The present disclosure relates generally to threat detection, and more particularly, to techniques for managing user access to resources in an enterprise environment. Some aspects are directed to the concept of managing access to a target resource based on a threat perception of a user that is calculated using a rule or policy based risk for the user and a behavior based risk for the user. Other aspects are directed to preventing insider attacks in a system based on a threat perception for each user logged into the system that is calculated using a rule or policy based risk for each user and a behavior based risk for each user. Yet other aspects are directed to providing a consolidated view of users, applications being accessed by users, and the threat perception, if any, generated for each of the users.Type: ApplicationFiled: May 5, 2020Publication date: August 20, 2020Applicant: Oracle International CorporationInventors: Vipin Koottayi, Vikas Pooven Chathoth, Aarathi Balakrishnan, Madhu Martin, Deepak Ramakrishanan
-
Patent number: 10721239Abstract: The present disclosure relates generally to threat detection, and more particularly, to techniques for managing user access to resources in an enterprise environment. Some aspects are directed to the concept of managing access to a target resource based on a threat perception of a user that is calculated using a rule or policy based risk for the user and a behavior based risk for the user. Other aspects are directed to preventing insider attacks in a system based on a threat perception for each user logged into the system that is calculated using a rule or policy based risk for each user and a behavior based risk for each user. Yet other aspects are directed to providing a consolidated view of users, applications being accessed by users, and the threat perception, if any, generated for each of the users.Type: GrantFiled: March 29, 2018Date of Patent: July 21, 2020Assignee: Oracle International CorporationInventors: Vipin Koottayi, Vikas Pooven Chathoth, Aarathi Balakrishnan, Madhu Martin, Deepak Ramakrishanan
-
Patent number: 10637871Abstract: Location-based authentication may be provided by an access management system on a server. The location-based authentication may determine whether a device should be granted access to a resource. The resource may either be located on or remote from the server. The location-based authentication may provide an additional authentication factor that is based on a past location of a user and/or device associated with the user requesting authentication. The past location may be associated with a user-configured question. The user-configured question may be provided to the device for an additional level of security. An answer received in response to a user-configured question may be compared to a user-configured answer that is associated with the user-configured question. In other examples, the answer may be compared to one or more possible answers that are determined by the access management system.Type: GrantFiled: July 25, 2017Date of Patent: April 28, 2020Assignee: Oracle International CorporationInventors: Aarathi Balakrishnan, Vipin Koottayi, Vikas Pooven Chathoth
-
Publication number: 20190036940Abstract: Location-based authentication may be provided by an access management system on a server. The location-based authentication may determine whether a device should be granted access to a resource. The resource may either be located on or remote from the server. The location-based authentication may provide an additional authentication factor that is based on a past location of a user and/or device associated with the user requesting authentication. The past location may be associated with a user-configured question. The user-configured question may be provided to the device for an additional level of security. An answer received in response to a user-configured question may be compared to a user-configured answer that is associated with the user-configured question. In other examples, the answer may be compared to one or more possible answers that are determined by the access management system.Type: ApplicationFiled: July 25, 2017Publication date: January 31, 2019Applicant: Oracle International CorporationInventors: Aarathi Balakrishnan, Vipin Koottayi, Vikas Pooven Chathoth
-
Publication number: 20190014102Abstract: The disclosure relates to techniques for enforcing a limit on single sign-on (SSO) sessions for users across multiple data centers in a multi data center deployment. Users may request access to resources that are governed by an access manager deployed across multiple data centers, with each data center being associated with its own identifier. Each user may be associated with an identity attribute preserved in identity stores across the multiple data centers. The prerequisite for session creation at a data center may be to update the identity attribute of the user to that data center's identifier. If the identity attribute can be updated successfully, the access manager can create a new SSO session at that data center. Updates to the identity attribute may be synchronized across all of the data centers, with each data center aware of any existing sessions based on the current value of the identity attribute.Type: ApplicationFiled: October 13, 2017Publication date: January 10, 2019Applicant: Oracle International CorporationInventors: Stephen Mathew, Vipin Koottayi
-
Publication number: 20180288063Abstract: The present disclosure relates generally to threat detection, and more particularly, to techniques for managing user access to resources in an enterprise environment. Some aspects are directed to the concept of managing access to a target resource based on a threat perception of a user that is calculated using a rule or policy based risk for the user and a behavior based risk for the user. Other aspects are directed to preventing insider attacks in a system based on a threat perception for each user logged into the system that is calculated using a rule or policy based risk for each user and a behavior based risk for each user. Yet other aspects are directed to providing a consolidated view of users, applications being accessed by users, and the threat perception, if any, generated for each of the users.Type: ApplicationFiled: March 29, 2018Publication date: October 4, 2018Applicant: Oracle International CorporationInventors: Vipin Koottayi, Vikas Pooven Chathoth, Aarathi Balakrishnan, Madhu Martin, Deepak Ramakrishanan
-
Patent number: 9596328Abstract: A method of applying a timeout protocol by an access manager to a plurality of resources may include storing the timeout protocol comprising at least one criterion, and receiving a request for a first resource. Each of the resources can be segregated into separate application domains, the first resource can be associated with a first attribute, and the first attribute can be assigned a first value. The method may also include determining that the first value satisfies the at least one criterion, associating the timeout protocol with the first resource, and associating the timeout protocol with each resource that is associated with the first attribute assigned a value that satisfies the at least one criterion. The method may further include granting access to the first resource according to the timeout protocol.Type: GrantFiled: August 9, 2012Date of Patent: March 14, 2017Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Ramya Subramanya, Vipin Koottayi, Aarathi Balakrishnan
-
Publication number: 20140047113Abstract: A method of applying a timeout protocol by an access manager to a plurality of resources may include storing the timeout protocol comprising at least one criterion, and receiving a request for a first resource. Each of the resources can be segregated into separate application domains, the first resource can be associated with a first attribute, and the first attribute can be assigned a first value. The method may also include determining that the first value satisfies the at least one criterion, associating the timeout protocol with the first resource, and associating the timeout protocol with each resource that is associated with the first attribute assigned a value that satisfies the at least one criterion. The method may further include granting access to the first resource according to the timeout protocol.Type: ApplicationFiled: August 9, 2012Publication date: February 13, 2014Applicant: Oracle International CorporationInventors: RAMYA SUBRAMANYA, Vipin Koottayi, Aarathi Balakrishnan
-
Patent number: 8468586Abstract: This disclosure describes, generally, methods and systems for implementing policy based trust management. The method includes receiving, at an host server, a trust request from a partner, and identifying, at the host server via a trust policy enforcer, parameters and attributes associated with the partner. The method further includes identifying, at the host server via the trust policy enforcer, parameters and attributes associated with the requested resource, and accessing, by the trust policy enforcer, a policy database. Furthermore, the method includes retrieving, by the trust policy enforcer, one or more trust policies associated with the requested resource, and based on the attributes and parameters of the partner, applying, by the trust policy enforcer, the one or more associated trust policies to the request. Further, the method includes based on conformity with the one or more trust policies, providing the partner with access to the requested resource.Type: GrantFiled: November 3, 2009Date of Patent: June 18, 2013Assignee: Oracle International CorporationInventors: Vipin Koottayi, Rohit Koul, Madhu Martin
-
Publication number: 20110107089Abstract: This disclosure describes, generally, methods and systems for implementing policy based trust management. The method includes receiving, at an host server, a trust request from a partner, and identifying, at the host server via a trust policy enforcer, parameters and attributes associated with the partner. The method further includes identifying, at the host server via the trust policy enforcer, parameters and attributes associated with the requested resource, and accessing, by the trust policy enforcer, a policy database. Furthermore, the method includes retrieving, by the trust policy enforcer, one or more trust policies associated with the requested resource, and based on the attributes and parameters of the partner, applying, by the trust policy enforcer, the one or more associated trust policies to the request. Further, the method includes based on conformity with the one or more trust policies, providing the partner with access to the requested resource.Type: ApplicationFiled: November 3, 2009Publication date: May 5, 2011Applicant: Oracle International CorporationInventors: Vipin Koottayi, Rohit Koul, Madhu Martin