Patents by Inventor Aarathi Balakrishnan
Aarathi Balakrishnan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20150373011Abstract: An aspect of the present invention facilitates flexible credential collection in an authentication server employing diverse authentication schemes. In an embodiment, an access manager in the authentication server determines that an authentication scheme is to be used for allowing access to a resource requested by a user. A custom module (implementing the authentication scheme) in the authentication server then sends to the access manager commands indicating corresponding sets of credentials to be collected. The access manager, in response to receiving each command, collects the corresponding credentials from the user and checks whether the collected credentials authenticates the user. The custom module sends each command after the checking of the previously collected credentials. Accordingly, a developer of the custom module is enabled to request for and to perform the authentication of the user based on different sets of credentials.Type: ApplicationFiled: June 19, 2014Publication date: December 24, 2015Applicant: Oracle International CorporationInventors: Ramya Subramanya, Aarathi Balakrishnan, Vikas Pooven Chathoth
-
Publication number: 20150319154Abstract: Methods and systems are described for state driven orchestration of authentication components to access a resource protected by an access manager framework. In response to a client request for a protected resource, relevant authentication components and their respective order are determined. Upon successful authentication of the first authentication component, proper state information of the authentication process is stored by the client indicating the next authentication component. In response to a request for additional credential information for the authentication process from the next authentication component, the client provides the stored state information so that the authentication process continues with the second authentication component according to the determined order of the authentication components within an authentication process.Type: ApplicationFiled: June 29, 2015Publication date: November 5, 2015Inventors: Aarathi Balakrishnan, Ramya Kukkehali Subramanya, Deepak Ramakrishnan
-
Patent number: 9100387Abstract: Methods and systems are described for state driven orchestration of authentication components to access a resource protected by an access manager framework. In response to a client request for a protected resource, relevant authentication components and their respective order are determined. Upon successful authentication of the first authentication component, proper state information of the authentication process is stored by the client indicating the next authentication component. In response to a request for additional credential information for the authentication process from the next authentication component, the client provides the stored state information so that the authentication process continues with the second authentication component according to the determined order of the authentication components within an authentication process.Type: GrantFiled: January 24, 2013Date of Patent: August 4, 2015Assignee: Oracle International CorporationInventors: Aarathi Balakrishnan, Ramya Kukkehali Subramanya, Deepak Ramakrishnan
-
Publication number: 20150082398Abstract: Various arrangements for providing authentication information to a user are presented. A single-point authentication manager executed by a computer system may receive a request to access a resource from a remote client computer system. The single-point authentication manager may manage access to a plurality of resources including the resource. The single-point authentication manager may communicate with an authentication plug-in application that performs a type of authentication. Authentication of the user may be performed. In response to performing authentication of the user, the authentication plug-in application may generate a message to be transmitted to the remote client computer system. The message may include an indication that the message is to be passed to the remote client computer system and information regarding the authentication of the user. In response to receiving the message from the authentication plug-in application, the message may be transmitted to the remote client computer system.Type: ApplicationFiled: November 20, 2014Publication date: March 19, 2015Applicant: Oracle International CorporationInventors: Aarathi Balakrishnan, Ramya Subramanya
-
Patent number: 8925050Abstract: Various arrangements for providing authentication information to a user are presented. A single-point authentication manager executed by a computer system may receive a request to access a resource from a remote client computer system. The single-point authentication manager may manage access to a plurality of resources including the resource. The single-point authentication manager may communicate with an authentication plug-in application that performs a type of authentication. Authentication of the user may be performed. In response to performing authentication of the user, the authentication plug-in application may generate a message to be transmitted to the remote client computer system. The message may include an indication that the message is to be passed to the remote client computer system and information regarding the authentication of the user. In response to receiving the message from the authentication plug-in application, the message may be transmitted to the remote client computer system.Type: GrantFiled: October 29, 2012Date of Patent: December 30, 2014Assignee: Oracle International CorporationInventors: Aarathi Balakrishnan, Ramya Subramanya
-
Patent number: 8856517Abstract: A method of using an access manager server to establish a communication session between a resource and a user device may include receiving a request from the user device to access the resource, determining that the client system is registered as a trusted partner, sending the client system a first encrypted token that includes a resource identifier where the client system has access to a first cryptographic key that decrypts the first encrypted token. The method may also include receiving a second encrypted token that signifies that access to the resource has been granted by the client system where the second token comprises a user identifier and the access manager server has access to a second cryptographic key that decrypts the second token. The method may additionally include decrypting the second token and establishing the communication session between the user device and the resource using the user identifier.Type: GrantFiled: November 27, 2012Date of Patent: October 7, 2014Assignee: Oracle International CorporationInventors: Aarathi Balakrishnan, Vikas Pooven Chathath, Madhu Martin
-
Patent number: 8806589Abstract: An aspect of the present invention facilitates flexible credential collection in an authentication server employing diverse authentication schemes. In an embodiment, an access manager in the authentication server determines that an authentication scheme is to be used for allowing access to a resource requested by a user. A custom module (implementing the authentication scheme) in the authentication server then sends to the access manager commands indicating corresponding sets of credentials to be collected. The access manager, in response to receiving each command, collects the corresponding credentials from the user and checks whether the collected credentials authenticates the user. The custom module sends each command after the checking of the previously collected credentials. Accordingly, a developer of the custom module is enabled to request for and to perform the authentication of the user based on different sets of credentials.Type: GrantFiled: June 19, 2012Date of Patent: August 12, 2014Assignee: Oracle International CorporationInventors: Ramya Subramanya, Aarathi Balakrishnan, Vikas Pooven Chatoth
-
Publication number: 20140208401Abstract: Methods and systems are described for state driven orchestration of authentication components to access a resource protected by an access manager framework. In response to a client request for a protected resource, relevant authentication components and their respective order are determined. Upon successful authentication of the first authentication component, proper state information of the authentication process is stored by the client indicating the next authentication component. In response to a request for additional credential information for the authentication process from the next authentication component, the client provides the stored state information so that the authentication process continues with the second authentication component according to the determined order of the authentication components within an authentication process.Type: ApplicationFiled: January 24, 2013Publication date: July 24, 2014Applicant: Oracle International CorporationInventors: Aarathi Balakrishnan, Ramya Kukkehali Subramanya, Deepak Ramakrishnan
-
Publication number: 20140149741Abstract: A method of using an access manager server to establish a communication session between a resource and a user device may include receiving a request from the user device to access the resource, determining that the client system is registered as a trusted partner, sending the client system a first encrypted token that includes a resource identifier where the client system has access to a first cryptographic key that decrypts the first encrypted token. The method may also include receiving a second encrypted token that signifies that access to the resource has been granted by the client system where the second token comprises a user identifier and the access manager server has access to a second cryptographic key that decrypts the second token. The method may additionally include decrypting the second token and establishing the communication session between the user device and the resource using the user identifier.Type: ApplicationFiled: November 27, 2012Publication date: May 29, 2014Applicant: ORACLE INTERNATIONAL CORPORATIONInventors: AARATHI BALAKRISHNAN, VIKAS POOVEN CHATHATH, MADHU MARTIN
-
Publication number: 20140123248Abstract: Various arrangements for providing authentication information to a user are presented. A single-point authentication manager executed by a computer system may receive a request to access a resource from a remote client computer system. The single-point authentication manager may manage access to a plurality of resources including the resource. The single-point authentication manager may communicate with an authentication plug-in application that performs a type of authentication. Authentication of the user may be performed. In response to performing authentication of the user, the authentication plug-in application may generate a message to be transmitted to the remote client computer system. The message may include an indication that the message is to be passed to the remote client computer system and information regarding the authentication of the user. In response to receiving the message from the authentication plug-in application, the message may be transmitted to the remote client computer system.Type: ApplicationFiled: October 29, 2012Publication date: May 1, 2014Applicant: Oracle International CorporationInventors: Aarathi Balakrishnan, Ramya Subramanya
-
Publication number: 20140047113Abstract: A method of applying a timeout protocol by an access manager to a plurality of resources may include storing the timeout protocol comprising at least one criterion, and receiving a request for a first resource. Each of the resources can be segregated into separate application domains, the first resource can be associated with a first attribute, and the first attribute can be assigned a first value. The method may also include determining that the first value satisfies the at least one criterion, associating the timeout protocol with the first resource, and associating the timeout protocol with each resource that is associated with the first attribute assigned a value that satisfies the at least one criterion. The method may further include granting access to the first resource according to the timeout protocol.Type: ApplicationFiled: August 9, 2012Publication date: February 13, 2014Applicant: Oracle International CorporationInventors: RAMYA SUBRAMANYA, Vipin Koottayi, Aarathi Balakrishnan
-
Publication number: 20130340054Abstract: An aspect of the present invention facilitates flexible credential collection in an authentication server employing diverse authentication schemes. In an embodiment, an access manager in the authentication server determines that an authentication scheme is to be used for allowing access to a resource requested by a user. A custom module (implementing the authentication scheme) in the authentication server then sends to the access manager commands indicating corresponding sets of credentials to be collected. The access manager, in response to receiving each command, collects the corresponding credentials from the user and checks whether the collected credentials authenticates the user. The custom module sends each command after the checking of the previously collected credentials. Accordingly, a developer of the custom module is enabled to request for and to perform the authentication of the user based on different sets of credentials.Type: ApplicationFiled: June 19, 2012Publication date: December 19, 2013Applicant: ORACLE INTERNATIONAL CORPORATIONInventors: Ramya Subramanya, Aarathi Balakrishnan, Vikas Pooven Chatoth