Patents by Inventor Bhaskar Mathur
Bhaskar Mathur has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11522855Abstract: Embodiments establish a pool of tunnel connections using a secure protocol. A pool of tunnels can be initiated from endpoint connection managers to cloud connection managers, where a request is received from the endpoint connection managers by the cloud connection managers. A request from a cloud client to communicate with a secure computing device using a first of the endpoint connection managers is received at a first of the cloud connection managers. One of the pool of tunnels that is connected to the first endpoint connection manager is identified. The identified tunnel is configured to connect the cloud client and the first endpoint connection manager.Type: GrantFiled: July 23, 2020Date of Patent: December 6, 2022Assignee: Oracle International CorporationInventors: Bhaskar Mathur, Feroz Alam Khan, Abhishek Dadhich, Kant C. Patel
-
Publication number: 20220029989Abstract: Embodiments establish a pool of tunnel connections using a secure protocol. A pool of tunnels can be initiated from endpoint connection managers to cloud connection managers, where a request is received from the endpoint connection managers by the cloud connection managers. A request from a cloud client to communicate with a secure computing device using a first of the endpoint connection managers is received at a first of the cloud connection managers. One of the pool of tunnels that is connected to the first endpoint connection manager is identified. The identified tunnel is configured to connect the cloud client and the first endpoint connection manager.Type: ApplicationFiled: July 23, 2020Publication date: January 27, 2022Inventors: Bhaskar MATHUR, Feroz Alam KHAN, Abhishek DADHICH, Kant C. PATEL
-
Patent number: 11122019Abstract: Described is an improved approach to ensure high availability for established sessions (e.g., application layer sessions) over network connections that negotiates and renegotiates encryption keys (e.g., TLS/SSL) at clean boundaries to ensure in-transit data are properly handled during migration of an application (e.g., a reverse proxy server instance). Connected TCP sessions may be handed off to another application (e.g., from existing proxy server to new/upgraded proxy server) and after establishing a new TLS session with a new encryption key, data transfer may be resumed between a client and a server using the new/upgraded application in a client-server architecture.Type: GrantFiled: September 13, 2019Date of Patent: September 14, 2021Assignee: Oracle International CorporationInventors: Abhishek Dadhich, Kant C. Patel, Feroz Alam Khan, Bhaskar Mathur, Srinivas Pamu
-
Patent number: 11036542Abstract: A process or thread is implemented to issue a command which executes without use of a processor that issues the command, retain control of the processor to check whether the issued command has completed, and when the issued command has not completed repeat the checking without relinquishing the processor, until a limiting condition is satisfied. The limiting condition may be determined specifically for a current execution of the command, based on one or more factors, such as durations of executions of the command after start of the process or thread and/or an indicator of delay in a current execution of the command. When the limiting condition is satisfied, the processor is relinquished by the process or thread issuing a sleep command, after setting an interrupt. After the command completes, the limiting condition is determined anew based on the duration of the current execution, for use in a next execution.Type: GrantFiled: August 1, 2018Date of Patent: June 15, 2021Assignee: Oracle International CorporationInventors: Bhaskar Mathur, Feroz Alam Khan, Kant C. Patel
-
Publication number: 20210084016Abstract: Described is an improved approach to ensure high availability for established sessions (e.g., application layer sessions) over network connections that negotiates and renegotiates encryption keys (e.g., TLS/SSL) at clean boundaries to ensure in-transit data are properly handled during migration of an application (e.g., a reverse proxy server instance). Connected TCP sessions may be handed off to another application (e.g., from existing proxy server to new/upgraded proxy server) and after establishing a new TLS session with a new encryption key, data transfer may be resumed between a client and a server using the new/upgraded application in a client-server architecture.Type: ApplicationFiled: September 13, 2019Publication date: March 18, 2021Applicant: Oracle International CorporationInventors: Abhishek DADHICH, Kant C. PATEL, Feroz Alam KHAN, Bhaskar MATHUR, Srinivas PAMU
-
Publication number: 20190102216Abstract: A process or thread is implemented to issue a command which executes without use of a processor that issues the command, retain control of the processor to check whether the issued command has completed, and when the issued command has not completed repeat the checking without relinquishing the processor, until a limiting condition is satisfied. The limiting condition may be determined specifically for a current execution of the command, based on one or more factors, such as durations of executions of the command after start of the process or thread and/or an indicator of delay in a current execution of the command. When the limiting condition is satisfied, the processor is relinquished by the process or thread issuing a sleep command, after setting an interrupt. After the command completes, the limiting condition is determined anew based on the duration of the current execution, for use in a next execution.Type: ApplicationFiled: August 1, 2018Publication date: April 4, 2019Applicant: Oracle International CorporationInventors: Bhaskar Mathur, Feroz Alam Khan, Kant C. Patel
-
Patent number: 9888010Abstract: An integrated firewall provides security in a multi-tenant environment having a connection-based switched fabric directly connecting database servers which provide a plurality of database services with application servers hosting database service consumers each having a different database service consumer identity. The firewall functionality integrated into each database server provides access control by discarding communication packets which do not include a database service consumer identity and using the database service consumer identity in combination with an access control list to control access from the database service consumers to the database services. The access control includes address resolution access control, connection establishment access control, and data exchange access control based on said access control list.Type: GrantFiled: June 28, 2017Date of Patent: February 6, 2018Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Vadim Makhervaks, Richard Mousseau, Bjørn Dag Johnsen, Sumanta Chatterjee, Avneesh Pant, Jean De Lavarene, Kant C. Patel, Bhaskar Mathur, Feroz Alam Khan, Sudeep Vatsanath Reguna
-
Patent number: 9825960Abstract: Systems, methods, and other embodiments are disclosed that are configured to generate a hierarchy of access rules in a protocol stack. Access rules corresponding to a first layer in a protocol stack are analyzed. The access rules determine, at the first layer, whether network sources are permitted access to a computing device. Dependent access rules are generated based at least in part on a combination of the access rules from the first layer. The dependent access rules are pushed down to a second layer in the protocol stack by implementing the dependent access rules at the second layer to determine, at the second layer, whether the network sources are permitted access to the computing device.Type: GrantFiled: May 29, 2015Date of Patent: November 21, 2017Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Feroz Alam Khan, Bhaskar Mathur, Kant C. Patel
-
Publication number: 20170302673Abstract: An integrated firewall provides security in a multi-tenant environment having a connection-based switched fabric directly connecting database servers which provide a plurality of database services with application servers hosting database service consumers each having a different database service consumer identity. The firewall functionality integrated into each database server provides access control by discarding communication packets which do not include a database service consumer identity and using the database service consumer identity in combination with an access control list to control access from the database service consumers to the database services. The access control includes address resolution access control, connection establishment access control, and data exchange access control based on said access control list.Type: ApplicationFiled: June 28, 2017Publication date: October 19, 2017Inventors: Vadim Makhervaks, Richard Mousseau, Bjørn Dag Johnsen, Sumanta Chatterjee, Avneesh Pant, Jean De Lavarene, Kant C. Patel, Bhaskar Mathur, Feroz Alam Khan, Sudeep Vatsanath Reguna
-
Patent number: 9723008Abstract: An integrated firewall provides security in a multi-tenant environment having a connection-based switched fabric directly connecting database servers which provide a plurality of database services with application servers hosting database service consumers each having a different database service consumer identity. The firewall functionality integrated into each database server provides access control by discarding communication packets which do not include a database service consumer identity and using the database service consumer identity in combination with an access control list to control access from the database service consumers to the database services. The access control includes address resolution access control, connection establishment access control, and data exchange access control based on said access control list.Type: GrantFiled: September 8, 2015Date of Patent: August 1, 2017Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Vadim Makhervaks, Richard Mousseau, Bjørn Dag Johnsen, Sumanta Chatterjee, Avneesh Pant, Jean De Lavarene, Kant C. Patel, Bhaskar Mathur, Feroz Alam Khan, Sudeep Vatsanath Reguna
-
Patent number: 9723009Abstract: A security solution provides secure communication in a multi-tenant environment which includes a connection-based fabric, storage cells holding data associated with different tenants, database servers which provide a plurality of database services using said data, application servers hosting database service consumers. The fabric is configured into partitions isolating the storage cells from the database service consumers. The application servers securely associate unique database service consumer identities with each database service consumer and all communications with the database servers. The database servers reject all communications from the application servers which do not include an identity and use an access control list to control access from the database service consumers to the database services using address resolution access control, connection establishment access control, and data exchange access control based on said access control list.Type: GrantFiled: September 8, 2015Date of Patent: August 1, 2017Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Vadim Makhervaks, Richard Mousseau, Bjørn Dag Johnsen, Sumanta Chatterjee, Avneesh Pant, Jean De Lavarene, Kant C. Patel, Bhaskar Mathur, Feroz Alam Khan, Sudeep Vatsanath Reguna
-
Patent number: 9621964Abstract: Techniques and systems that allow receiving a data stream and a location value. The location value, in one embodiment, is indicative of a location in the data stream at which the data stream has been aborted. This value may be determined by a sending entity and sent to a receiving entity. In various embodiments, the receiving entity may compute the remaining amount of data to be received in the data stream, and then receive that amount of data. In some embodiments, a checkpoint value may be used in conjunction with the location value to indicate an abort location for a data stream. A checkpoint value may correspond to an amount of data between successive checkpoints in the data stream. In some embodiments, upon aborting a data stream, a receiving entity receives data until a next checkpoint in the data stream.Type: GrantFiled: September 30, 2012Date of Patent: April 11, 2017Assignee: Oracle International CorporationInventors: Bhaskar Mathur, Feroz Alam Khan, Kant C. Patel
-
Publication number: 20160352747Abstract: Systems, methods, and other embodiments are disclosed that are configured to generate a hierarchy of access rules in a protocol stack. Access rules corresponding to a first layer in a protocol stack are analyzed. The access rules determine, at the first layer, whether network sources are permitted access to a computing device. Dependent access rules are generated based at least in part on a combination of the access rules from the first layer. The dependent access rules are pushed down to a second layer in the protocol stack by implementing the dependent access rules at the second layer to determine, at the second layer, whether the network sources are permitted access to the computing device.Type: ApplicationFiled: May 29, 2015Publication date: December 1, 2016Inventors: Feroz Alam KHAN, Bhaskar MATHUR, Kant C. PATEL
-
Publication number: 20160072817Abstract: A security solution provides secure communication in a multi-tenant environment which includes a connection-based fabric, storage cells holding data associated with different tenants, database servers which provide a plurality of database services using said data, application servers hosting database service consumers. The fabric is configured into partitions isolating the storage cells from the database service consumers. The application servers securely associate unique database service consumer identities with each database service consumer and all communications with the database servers. The database servers reject all communications from the application servers which do not include an identity and use an access control list to control access from the database service consumers to the database services using address resolution access control, connection establishment access control, and data exchange access control based on said access control list.Type: ApplicationFiled: September 8, 2015Publication date: March 10, 2016Inventors: Vadim Makhervaks, Richard Mousseau, Bjørn Dag Johnsen, Sumanta Chatterjee, Avneesh Pant, Jean De Lavarene, Kant C. Patel, Bhaskar Mathur, Feroz Alam Khan, Sudeep Vatsanath Reguna
-
Publication number: 20160072816Abstract: An integrated firewall provides security in a multi-tenant environment having a connection-based switched fabric directly connecting database servers which provide a plurality of database services with application servers hosting database service consumers each having a different database service consumer identity. The firewall functionality integrated into each database server provides access control by discarding communication packets which do not include a database service consumer identity and using the database service consumer identity in combination with an access control list to control access from the database service consumers to the database services. The access control includes address resolution access control, connection establishment access control, and data exchange access control based on said access control list.Type: ApplicationFiled: September 8, 2015Publication date: March 10, 2016Inventors: Vadim Makhervaks, Richard Mousseau, Bjørn Dag Johnsen, Sumanta Chatterjee, Avneesh Pant, Jean De Lavarene, Kant C. Patel, Bhaskar Mathur, Feroz Alam Khan, Sudeep Vatsanath Reguna
-
Patent number: 9268840Abstract: Techniques are provided to allow users to define a global service that is offered across multiple replicated databases. Database clients connect to and use a global service just as they do with regular services on a single database today. Upon receiving a connection request, a collection of components, referred to collectively as the Global Data Service framework (GDS framework), automatically chooses the best database server instances to which to connect a client. Once those connections have been established, the clients determine which database server instance, of those database server instances to which they are connected, to send requests to based, at least in part, on advisory messages sent to the clients by the GDS framework.Type: GrantFiled: July 31, 2014Date of Patent: February 23, 2016Assignee: Oracle International CorporationInventors: Wei-Ming Hu, Lakshminaray Chidambaran, Mark Dilman, Feroz A. Khan, Bhaskar Mathur, Kevin S. Neel, Leonid Novak, Kant C. Patel, Saravanakumar Ramasubramanian, Michael J. Stewart, Hubert Sun
-
Patent number: 9182941Abstract: Systems and methods are described herein that include flow control mechanisms that provide a receiving device with the ability to reclaim buffers that have been previously advertised to a sending device. Data structures and communication methods are described that facilitate the communication of flow control messages between sending and receiving devices that allow an advertised window to be reduced, and buffers to be released, by a sending device in response to a flow control message from the receiving device.Type: GrantFiled: January 6, 2014Date of Patent: November 10, 2015Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Bhaskar Mathur, Feroz Alam Khan, Kant C. Patel, Sudeep Reguna
-
Publication number: 20150193201Abstract: Systems and methods are described herein that include flow control mechanisms that provide a receiving device with the ability to reclaim buffers that have been previously advertised to a sending device. Data structures and communication methods are described that facilitate the communication of flow control messages between sending and receiving devices that allow an advertised window to be reduced, and buffers to be released, by a sending device in response to a flow control message from the receiving device.Type: ApplicationFiled: January 6, 2014Publication date: July 9, 2015Inventors: Bhaskar MATHUR, Feroz Alam KHAN, Kant C. PATEL, Sudeep REGUNA
-
Publication number: 20150058290Abstract: Techniques are provided to allow users to define a global service that is offered across multiple replicated databases. Database clients connect to and use a global service just as they do with regular services on a single database today. Upon receiving a connection request, a collection of components, referred to collectively as the Global Data Service framework (GDS framework), automatically chooses the best database server instances to which to connect a client. Once those connections have been established, the clients determine which database server instance, of those database server instances to which they are connected, to send requests to based, at least in part, on advisory messages sent to the clients by the GDS framework.Type: ApplicationFiled: July 31, 2014Publication date: February 26, 2015Inventors: WEI-MING HU, LAKSHMINARAY CHIDAMBARAN, MARK DILMAN, FEROZ A. KHAN, BHASKAR MATHUR, KEVIN S. NEEL, LEONID NOVAK, KANT C. PATEL, SARAVANAKUMAR RAMASUBRAMANIAN, MICHAEL J. STEWART, HUBERT SUN
-
Patent number: 8838535Abstract: Techniques are provided to allow users to define a global service that is offered across multiple replicated databases. Database clients connect to and use a global service just as they do with regular services on a single database today. Upon receiving a connection request, a collection of components, referred to collectively as the Global Data Service framework (GDS framework), automatically chooses the best database server instances to which to connect a client. Once those connections have been established, the clients determine which database server instance, of those database server instances to which they are connected, to send requests to based, at least in part, on advisory messages sent to the clients by the GDS framework.Type: GrantFiled: October 5, 2012Date of Patent: September 16, 2014Assignee: Oracle International CorporationInventors: Wei-Ming Hu, Lakshminaray Chidambaran, Mark Dilman, Feroz A. Khan, Bhaskar Mathur, Kevin S. Neel, Leonid Novak, Kant C. Patel, Saravanakumar Ramasubramanian, Michael J. Stewart, Hubert Sun