Patents by Inventor Blair Nicodemus

Blair Nicodemus has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9608997
    Abstract: Methods and systems are provided for fine tuning access control by remote, endpoint systems to host systems. Multiple conditions/states of one or both of the endpoint and host systems are monitored, collected and fed to an analysis engine. Using one or more of many different flexible, adaptable models and algorithms, an analysis engine analyzes the status of the conditions and makes decisions in accordance with pre-established policies and rules regarding the security of the endpoint and host system. Based upon the conditions, the policies, and the analytical results, actions are initiated regarding security and access matters. In one described embodiment of the invention, the monitored conditions include software vulnerabilities.
    Type: Grant
    Filed: February 10, 2015
    Date of Patent: March 28, 2017
    Assignee: International Business Machines Corporation
    Inventors: Blair Nicodemus, Billy Edison Stephens
  • Publication number: 20150229651
    Abstract: Methods and systems are provided for fine tuning access control by remote, endpoint systems to host systems. Multiple conditions/states of one or both of the endpoint and host systems are monitored, collected and fed to an analysis engine. Using one or more of many different flexible, adaptable models and algorithms, an analysis engine analyzes the status of the conditions and makes decisions in accordance with pre-established policies and rules regarding the security of the endpoint and host system. Based upon the conditions, the policies, and the analytical results, actions are initiated regarding security and access matters. In one described embodiment of the invention, the monitored conditions include software vulnerabilities.
    Type: Application
    Filed: February 10, 2015
    Publication date: August 13, 2015
    Inventors: BLAIR NICODEMUS, Billy Edison Stephens
  • Patent number: 8955038
    Abstract: Methods and systems are provided for fine tuning access control by remote, endpoint systems to host systems. Multiple conditions/states of one or both of the endpoint and host systems are monitored, collected and fed to an analysis engine. Using one or more of many different flexible, adaptable models and algorithms, an analysis engine analyzes the status of the conditions and makes decisions in accordance with pre-established policies and rules regarding the security of the endpoint and host system. Based upon the conditions, the policies, and the analytical results, actions are initiated regarding security and access matters. In one described embodiment of the invention, the monitored conditions include software vulnerabilities.
    Type: Grant
    Filed: August 16, 2012
    Date of Patent: February 10, 2015
    Assignee: Fiberlink Communications Corporation
    Inventors: Blair Nicodemus, Billy Edison Stephens
  • Publication number: 20130254833
    Abstract: Methods and systems are provided for fine tuning access control by remote, endpoint systems to host systems. Multiple conditions/states of one or both of the endpoint and host systems are monitored, collected and fed to an analysis engine. Using one or more of many different flexible, adaptable models and algorithms, an analysis engine analyzes the status of the conditions and makes decisions in accordance with pre-established policies and rules regarding the security of the endpoint and host system. Based upon the conditions, the policies, and the analytical results, actions are initiated regarding security and access matters. In one described embodiment of the invention, the monitored conditions include software vulnerabilities.
    Type: Application
    Filed: August 16, 2012
    Publication date: September 26, 2013
    Applicant: FIBERLINK COMMUNICATIONS CORPORATION
    Inventors: Blair Nicodemus, Billy Edison Stephens
  • Publication number: 20090165132
    Abstract: A security agent monitoring and protection system is provided. A security agent on an end point computing device can be accompanied by or can load into the device's memory at startup one or more independent software processes whose primary function is to directly protect the security agent itself and take protective actions against the end point computing device should a security agent protecting the device become disabled. Protection of the security agent can be achieved in several ways, including installing the security agent with restricted permissions, making it difficult to shutdown, restarting the security agent automatically if it is halted without authorization, disabling network connectivity of the end point device if the security agent does not successfully start or restart, protecting executable and dynamic link library (DLL) files of the security agent, and controlling access to the security agent's Common Object Model (COM) interfaces.
    Type: Application
    Filed: December 21, 2007
    Publication date: June 25, 2009
    Applicant: FIBERLINK COMMUNICATIONS CORPORATION
    Inventors: Rahul Jain, Blair Nicodemus
  • Publication number: 20090158407
    Abstract: An application programming interface (API) translation agent and method for converting a message from one application configured according to a first API to a message configured according to a second API so that the first application, which is configured to communicate only in accordance with the first API, can communicate with a second application, which is configured to communicate only in accordance with the second API. The first and second applications can include a security application and a network access control (NAC) agent installed on an end point computing device, and the API translation agent can be used by the NAC agent to obtain information regarding a security status of the end point computing device, the information being used to determine whether the end point computing device is in compliance with the security policies of a network.
    Type: Application
    Filed: December 13, 2007
    Publication date: June 18, 2009
    Applicant: FIBERLINK COMMUNICATIONS CORPORATION
    Inventors: Blair Nicodemus, Thomas Herchek
  • Publication number: 20090158302
    Abstract: An application programming interface (API) translation agent and method for converting a message from one application configured according to a first API to a message configured according to a second API so that the first application, which is configured to communicate only in accordance with the first API, can communicate with a second application, which is configured to communicate only in accordance with the second API. The first and second applications can include a security application and a network access control (NAC) agent installed on an end point computing device, and the API translation agent can be used by the NAC agent to obtain information regarding a security status of the end point computing device, the information being used to determine whether the end point computing device is in compliance with the security policies of a network.
    Type: Application
    Filed: December 13, 2007
    Publication date: June 18, 2009
    Applicant: FIBERLINK COMMUNICATIONS CORPORATION
    Inventors: Blair Nicodemus, Thomas Herchek
  • Publication number: 20070143827
    Abstract: Methods and systems are provided for fine tuning access control by remote, endpoint systems to host systems. Multiple conditions/states of one or both of the endpoint and host systems are monitored, collected and fed to an analysis engine. Using one or more of many different flexible, adaptable models and algorithms, an analysis engine analyzes the status of the conditions and makes decisions in accordance with pre-established policies and rules regarding the security of the endpoint and host system. Based upon the conditions, the policies, and the analytical results, actions are initiated regarding security and access matters. In one described embodiment of the invention, the monitored conditions include software vulnerabilities.
    Type: Application
    Filed: June 13, 2006
    Publication date: June 21, 2007
    Inventors: Blair Nicodemus, Billy Edison Stephens
  • Publication number: 20070143851
    Abstract: Methods and systems are provided for fine tuning access control by remote, endpoint systems to host systems. Multiple conditions/states of one or both of the endpoint and host systems are monitored, collected and fed to an analysis engine. Using one or more of many different flexible, adaptable models and algorithms, an analysis engine analyzes the status of the conditions and makes decisions in accordance with pre-established policies and rules regarding the security of the endpoint and host system. Based upon the conditions, the policies, and the analytical results, actions are initiated regarding security and access matters. In one described embodiment of the invention, the monitored conditions include software vulnerabilities.
    Type: Application
    Filed: June 13, 2006
    Publication date: June 21, 2007
    Inventors: Blair Nicodemus, Billy Stephens
  • Publication number: 20050254651
    Abstract: A system, method, signal, and computer program product for providing secure wireless access to private databases and applications without requiring a separate wireless client-server internetworking security protocol infrastructure. The wireless device (201) communicates with the wireless access service provider (205) via hypertext transfer protocol (HTTP) messages, and the wireless access service provider (205) and the secure network (204) perform a RADIUS authentification for the wireless device (201).
    Type: Application
    Filed: July 24, 2002
    Publication date: November 17, 2005
    Inventors: Baryy Porozni, Blair Nicodemus, Glenn Schille
  • Publication number: 20050086492
    Abstract: A computer-implemented method and apparatus provides secured access to a computer. In one aspect of the present invention, credentials are received from a user, the credentials including a user identification and a password. The credentials are encrypted with an encryption algorithm. A request for access to a computer is created, the request for access to the computer including the encrypted credentials. The request for access to the computer is transmitted over a network. Verification is received that access to the computer is granted. Access to the computer is received.
    Type: Application
    Filed: August 16, 2004
    Publication date: April 21, 2005
    Applicant: FIBERLINK COMMUNICATIONS CORPORATION
    Inventors: Blair Nicodemus, Derek Bluestone, Clinton Adams, Joseph Pappano, Howard Pressman
  • Publication number: 20050086510
    Abstract: A computer-implemented method and apparatus prevents unsecured access to a computer over a network by a client running on a remote computer. In one aspect of the present invention, a client policy is stored on the remote computer. The client policy includes a configuration of the remote computer that reduces the likelihood of a security breach of the computer as a result of the remote computer accessing the computer. A request is received from a user for access to the computer. It is verified that the remote computer conforms with the client policy, and the client is connected to said computer.
    Type: Application
    Filed: August 16, 2004
    Publication date: April 21, 2005
    Applicant: FIBERLINK COMMUNICATIONS CORPORATION
    Inventors: Blair Nicodemus, Derek Bluestone, Clinton Adams, Joseph Pappano, Howard Pressman
  • Publication number: 20050081045
    Abstract: A computer-implemented method and apparatus authenticates a user of a remote computer over a network. In one aspect of the present invention, an authentication challenge is received at said remote computer an authentication challenge message from an authentication server over a network, at least a portion of the network including an Internet communication link. A passcode is received at the remote computer. A response message to the authentication challenge is created, the response message including the passcode. The response message is transmitted from the remote computer to the authentication server over the network. The remote computer receives a verification message from the authentication server that the response message is verified.
    Type: Application
    Filed: August 16, 2004
    Publication date: April 14, 2005
    Applicant: FIBERLINK COMMUNICATIONS CORPORATION
    Inventors: Blair Nicodemus, Derek Bluestone, Clinton Adams, Joseph Pappano, Howard Pressman