Patents by Inventor Yuhsuke Kaneyasu
Yuhsuke Kaneyasu has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10341324Abstract: A new management node associated with a new rack sends at least a public key of the new management node to a first management node associated with a first rack and a plurality of autonomous management nodes. The first management node sends the new management node an access token trusted by at least a portion of the plurality of autonomous management nodes and a set of public keys corresponding to at least a portion of the plurality of autonomous management nodes. The new management node can send its public key and the access token to at least a portion of the plurality of autonomous management nodes. In response, the new management node can establish a mutual trust relationship with at least a portion of the plurality of autonomous management nodes.Type: GrantFiled: April 23, 2018Date of Patent: July 2, 2019Assignee: International Business Machines CorporationInventors: John Yow-Chun Chang, Ching-Yun Chao, Patrick L. Davis, Rohan Gandhi, Yuhsuke Kaneyasu, Lewis Lo, Ki H. Park, Ankit Patel, Kin Ueng, Iqbal M. Umair, Leonardo A. Uzcategui, Barbara J. Vander Weele
-
Patent number: 10171561Abstract: A construct having a plurality of distributed resources can include a portion of a second rack having a plurality of computing devices controlled by a second management node. The second management node can determine it contains insufficient construct data such as user data, group data, resource data, or authorization policy data to execute an operation associated with the construct. The second management node can synchronize at least a portion of construct data with a first management node. The first management node can be associated with the construct and a mutual trust relationship can exist between the first management node and the second management node. The first management node and the second management node can comprise autonomous management nodes capable of functioning independent of the network.Type: GrantFiled: November 10, 2015Date of Patent: January 1, 2019Assignee: International Business Machines CorporationInventors: John Yow-Chun Chang, Ching-Yun Chao, Patrick L. Davis, Rohan Gandhi, Yuhsuke Kaneyasu, Lewis Lo, Ki H. Park, Ankit Patel, Kin Ueng, Iqbal M. Umair, Leonardo A. Uzcategui, Barbara J. Vander Weele
-
Publication number: 20180241737Abstract: A new management node associated with a new rack sends at least a public key of the new management node to a first management node associated with a first rack and a plurality of autonomous management nodes. The first management node sends the new management node an access token trusted by at least a portion of the plurality of autonomous management nodes and a set of public keys corresponding to at least a portion of the plurality of autonomous management nodes. The new management node can send its public key and the access token to at least a portion of the plurality of autonomous management nodes. In response, the new management node can establish a mutual trust relationship with at least a portion of the plurality of autonomous management nodes.Type: ApplicationFiled: April 23, 2018Publication date: August 23, 2018Inventors: John Yow-Chun Chang, Ching-Yun Chao, Patrick L. Davis, Rohan Gandhi, Yuhsuke Kaneyasu, Lewis Lo, Ki H. Park, Ankit Patel, Kin Ueng, Iqbal M. Umair, Leonardo A. Uzcategui, Barbara J. Vander Weele
-
Patent number: 9985954Abstract: A new management node associated with a new rack sends at least a public key of the new management node to a first management node associated with a first rack and a plurality of autonomous management nodes. The first management node sends the new management node an access token trusted by at least a portion of the plurality of autonomous management nodes and a set of public keys corresponding to at least a portion of the plurality of autonomous management nodes. The new management node can send its public key and the access token to at least a portion of the plurality of autonomous management nodes. In response, the new management node can establish a mutual trust relationship with at least a portion of the plurality of autonomous management nodes.Type: GrantFiled: November 25, 2015Date of Patent: May 29, 2018Assignee: International Business Machines CorporationInventors: John Yow-Chun Chang, Ching-Yun Chao, Patrick L. Davis, Rohan Gandhi, Yuhsuke Kaneyasu, Lewis Lo, Ki H. Park, Ankit Patel, Kin Ueng, Iqbal M. Umair, Leonardo A. Uzcategui, Barbara J. Vander Weele
-
Patent number: 9906370Abstract: A first management node of a first rack can be registered to a shared file storage system by establishing a mutual trust relationship between the first management node and the shared file storage system. The first management node can access a plurality of respective public keys and a plurality of respective certificates of authority that are stored in the shared file storage system and associated with a plurality of respective registered management nodes. The first management node can store a public key and a certificate of authority in the shared file storage system. The first management node can form mutual trust relationships with other registered management nodes. The first management node can validate authenticity of messages received from registered management nodes of the plurality of registered management nodes using a respective public key and a respective certificate of authority associated with a respective registered management node sending a message.Type: GrantFiled: November 16, 2015Date of Patent: February 27, 2018Assignee: International Business Machines CorporationInventors: Ajay A. Apte, John Yow-Chun Chang, Ching-Yun Chao, Patrick L. Davis, Rohan Gandhi, Hugh E. Hockett, Yuhsuke Kaneyasu, Lewis Lo, Matthew D. McClintock, Scott C. Moonen, Ki H. Park, Ankit Patel, Kin Ueng, Iqbal M. Umair, Leonardo A. Uzcategui, Barbara J. Vander Weele
-
Publication number: 20170149765Abstract: A new management node associated with a new rack sends at least a public key of the new management node to a first management node associated with a first rack and a plurality of autonomous management nodes. The first management node sends the new management node an access token trusted by at least a portion of the plurality of autonomous management nodes and a set of public keys corresponding to at least a portion of the plurality of autonomous management nodes. The new management node can send its public key and the access token to at least a portion of the plurality of autonomous management nodes. In response, the new management node can establish a mutual trust relationship with at least a portion of the plurality of autonomous management nodes.Type: ApplicationFiled: November 25, 2015Publication date: May 25, 2017Inventors: John Yow-Chun Chang, Ching-Yun Chao, Patrick L. Davis, Rohan Gandhi, Yuhsuke Kaneyasu, Lewis Lo, Ki H. Park, Ankit Patel, Kin Ueng, Iqbal M. Umair, Leonardo A. Uzcategui, Barbara J. Vander Weele
-
Publication number: 20170141927Abstract: A first management node of a first rack can be registered to a shared file storage system by establishing a mutual trust relationship between the first management node and the shared file storage system. The first management node can access a plurality of respective public keys and a plurality of respective certificates of authority that are stored in the shared file storage system and associated with a plurality of respective registered management nodes. The first management node can store a public key and a certificate of authority in the shared file storage system. The first management node can form mutual trust relationships with other registered management nodes. The first management node can validate authenticity of messages received from registered management nodes of the plurality of registered management nodes using a respective public key and a respective certificate of authority associated with a respective registered management node sending a message.Type: ApplicationFiled: November 16, 2015Publication date: May 18, 2017Inventors: Ajay A. Apte, John Yow-Chun Chang, Ching-Yun Chao, Patrick L. Davis, Rohan Gandhi, Hugh E. Hockett, Yuhsuke Kaneyasu, Lewis Lo, Matthew D. McClintock, Scott C. Moonen, Ki H. Park, Ankit Patel, Kin Ueng, Iqbal M. Umair, Leonardo A. Uzcategui, Barbara J. Vander Weele
-
Publication number: 20170134302Abstract: A construct having a plurality of distributed resources can include a portion of a second rack having a plurality of computing devices controlled by a second management node. The second management node can determine it contains insufficient construct data such as user data, group data, resource data, or authorization policy data to execute an operation associated with the construct. The second management node can synchronize at least a portion of construct data with a first management node. The first management node can be associated with the construct and a mutual trust relationship can exist between the first management node and the second management node. The first management node and the second management node can comprise autonomous management nodes capable of functioning independent of the network.Type: ApplicationFiled: November 10, 2015Publication date: May 11, 2017Inventors: John Yow-Chun Chang, Ching-Yun Chao, Patrick L. Davis, Rohan Gandhi, Yuhsuke Kaneyasu, Lewis Lo, Ki H. Park, Ankit Patel, Kin Ueng, Iqbal M. Umair, Leonardo A. Uzcategui, Barbara J. Vander Weele
-
Patent number: 9426155Abstract: A cloud deployment appliance (or other platform-as-a-service (IPAS) infrastructure software) includes a mechanism to deploy a product as a “shared service” to the cloud, as well as to enable the product to establish a trust relationship between itself and the appliance or IPAS. The mechanism further enables multiple products deployed to the cloud to form trust relationships with each other (despite the fact that each deployment and each product typically, by the nature of the cloud deployment, are intended to be isolated from one another). In addition, once deployed and provisioned into the cloud, a shared service can become part of a single sign-on (SSO) domain automatically. SSO is facilitated using a token-based exchange. Once a product registers with a token service, it can participate in SSO. This approach enables enforcement of consistent access control policy across product boundaries, and without requiring a user to perform any configuration.Type: GrantFiled: April 18, 2013Date of Patent: August 23, 2016Assignee: International Business Machines CorporationInventors: Ching-Yun Chao, John Yow-Chun Chang, Paul W. Bennett, John C. Sanchez, Donald R. Woods, Yuhsuke Kaneyasu, Sriram Srinivasan, Stuart Robert Douglas Monteith, Marcos Lohmann
-
Publication number: 20140317716Abstract: A cloud deployment appliance (or other platform-as-a-service (IPAS) infrastructure software) includes a mechanism to deploy a product as a “shared service” to the cloud, as well as to enable the product to establish a trust relationship between itself and the appliance or IPAS. The mechanism further enables multiple products deployed to the cloud to form trust relationships with each other (despite the fact that each deployment and each product typically, by the nature of the cloud deployment, are intended to be isolated from one another). In addition, once deployed and provisioned into the cloud, a shared service can become part of a single sign-on (SSO) domain automatically. SSO is facilitated using a token-based exchange. Once a product registers with a token service, it can participate in SSO. This approach enables enforcement of consistent access control policy across product boundaries, and without requiring a user to perform any configuration.Type: ApplicationFiled: April 18, 2013Publication date: October 23, 2014Applicant: International Business Machines CorporationInventors: Ching-Yun Chao, John Yow-Chun Chang, Paul W. Bennett, John C. Sanchez, Donald R. Woods, Yuhsuke Kaneyasu, Sriram Srinivasan, Stuart Robert Douglas Monteith, Marcos Lohmann
-
Patent number: 8856086Abstract: A cloud deployment appliance includes a mechanism to enable permitted users to move event records reliably from an internal event log of the appliance to a data store located external to the appliance while ensuring the integrity of event records. The mechanism ensures that the event records are not tampered with in storage or during download. Further, the approach ensures that no event records can be removed from the appliance internal storage before being successfully downloaded to the external data store.Type: GrantFiled: August 24, 2012Date of Patent: October 7, 2014Assignee: International Business Machines CorporationInventors: Ching-Yun Chao, John Yow-Chun Chang, Bertrand Be-chung Chiu, Jr., Douglas Yellow Shue, Yuhsuke Kaneyasu, Jay William Warfield
-
Patent number: 8806273Abstract: In a mechanism for supporting detection of a failure event, history information of a system including log information of the system including plural components and/or failure information output from each component upon occurrence of a failure in the system is collected. A detection rule for detecting an event included in a component related to the failure that has occurred is generated, and a symptom with additional information added to the generated detection rule is applied to detect the event that has caused the failure. System configuration information as configuration information of the system is acquired, and from the acquired system configuration information, partial configuration information as system configuration information related to the component that sent out the event the selection of which has been accepted is extracted. The extracted partial configuration information is added to the symptom to update the symptom.Type: GrantFiled: October 20, 2009Date of Patent: August 12, 2014Assignee: International Business Machines CorporationInventors: Yasuhisa Gotoh, Yuhsuke Kaneyasu
-
Patent number: 8762777Abstract: In a mechanism for supporting detection of a failure event, history information of a system including log information of the system including plural components and/or failure information output from each component upon occurrence of a failure in the system is collected. A detection rule for detecting an event included in a component related to the failure that has occurred is generated, and a symptom with additional information added to the generated detection rule is applied to detect the event that has caused the failure. System configuration information as configuration information of the system is acquired, and from the acquired system configuration information, partial configuration information as system configuration information related to the component that sent out the event the selection of which has been accepted is extracted. The extracted partial configuration information is added to the symptom to update the symptom.Type: GrantFiled: March 12, 2013Date of Patent: June 24, 2014Assignee: International Business Machines CorporationInventors: Yasuhisa Gotoh, Yuhsuke Kaneyasu
-
Publication number: 20140059013Abstract: A cloud deployment appliance includes a mechanism to enable permitted users to move event records reliably from an internal event log of the appliance to a data store located external to the appliance while ensuring the integrity of event records. The mechanism ensures that the event records are not tampered with in storage or during download. Further, the approach ensures that no event records can be removed from the appliance internal storage before being successfully downloaded to the external data store.Type: ApplicationFiled: August 24, 2012Publication date: February 27, 2014Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Ching-Yun Chao, John Yow-Chun Chang, Bertrand Be-chung Chiu, JR., Douglas Yellow Shue, Yuhsuke Kaneyasu, Jay William Warfield
-
Patent number: 8612372Abstract: An apparatus for generating event detection rules in a multiple-component computer system in accordance with embodiments of the invention may include a configuration information-extracting section for acquiring system configuration information from a multiple-component computer system. The system configuration information may include related information that describes relationships among system components. The apparatus may further include a history information-collecting section for collecting history information from the multiple-component computer system, such as log information and/or failure information output from a component upon a system failure. A candidate event-identifying section may identify candidate events that may be selected by a user to generate a detection rule based on the system configuration information and the history information. Finally, a candidate event-presenting section may present the candidate events to a user for selection.Type: GrantFiled: June 5, 2009Date of Patent: December 17, 2013Assignee: International Business Machines CorporationInventors: Yasuhisa Gotoh, Yuhsuke Kaneyasu
-
Publication number: 20110202802Abstract: In a mechanism for supporting detection of a failure event, history information of a system including log information of the system including plural components and/or failure information output from each component upon occurrence of a failure in the system is collected. A detection rule for detecting an event included in a component related to the failure that has occurred is generated, and a symptom with additional information added to the generated detection rule is applied to detect the event that has caused the failure. System configuration information as configuration information of the system is acquired, and from the acquired system configuration information, partial configuration information as system configuration information related to the component that sent out the event the selection of which has been accepted is extracted. The extracted partial configuration information is added to the symptom to update the symptom.Type: ApplicationFiled: October 20, 2009Publication date: August 18, 2011Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Yasuhisa Gotoh, Yuhsuke Kaneyasu
-
Publication number: 20100057667Abstract: An apparatus for generating event detection rules in a multiple-component computer system in accordance with embodiments of the invention may include a configuration information-extracting section for acquiring system configuration information from a multiple-component computer system. The system configuration information may include related information that describes relationships among system components. The apparatus may further include a history information-collecting section for collecting history information from the multiple-component computer system, such as log information and/or failure information output from a component upon a system failure. A candidate event-identifying section may identify candidate events that may be selected by a user to generate a detection rule based on the system configuration information and the history information. Finally, a candidate event-presenting section may present the candidate events to a user for selection.Type: ApplicationFiled: June 5, 2009Publication date: March 4, 2010Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Yasuhisa Gotoh, Yuhsuke Kaneyasu