Patents by Inventor Bryan Stephenson
Bryan Stephenson has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10389693Abstract: Examples described herein include receiving a key request from a requestor, determining a validity of the key request, and sending the key to the requestor based on the determination of the validity of the key request. In some examples, the key request is for a key to an encrypted disk partition of a protected computing device and comprises a unique identifier associated with the encrypted disk partition.Type: GrantFiled: August 23, 2016Date of Patent: August 20, 2019Assignee: Hewlett Packard Enterprise Development LPInventors: Robert Graham Clark, Timothy John Kelsey, Bryan Stephenson, Douglas Chivers
-
Publication number: 20180063101Abstract: Examples described herein include receiving a key request from a requestor, determining a validity of the key request, and sending the key to the requestor based on the determination of the validity of the key request. In some examples, the key request is for a key to an encrypted disk partition of a protected computing device and comprises a unique identifier associated with the encrypted disk partition.Type: ApplicationFiled: August 23, 2016Publication date: March 1, 2018Inventors: Robert Graham Clark, Timothy John Kelsey, Bryan Stephenson, Douglas Chivers
-
Patent number: 9465922Abstract: A method for secure distribution of data in an interchange network, comprises having a network in which data records stored on at least one computer; and including an authorization service, where the authorization service grants a contractor access to at least a portion of the data records; and a watermarking module that adds one or more artificial records to said portion. The artificial records cannot be distinguished from the data records by the contractor and are valid for processing in the same way as the data records.Type: GrantFiled: January 22, 2009Date of Patent: October 11, 2016Assignee: Hewlett Packard Enterprise Development LPInventors: Bryan Stephenson, Jun Li
-
Patent number: 8732094Abstract: A functional model of a business process which is annotated with security requirements is provided. Platform-specific executable code and at least one configuration file for a given security enforcement component to enforce the security requirements of the model are then generated automatically.Type: GrantFiled: July 30, 2010Date of Patent: May 20, 2014Assignee: Hewlett-Packard Development Company, L.P.Inventors: Nelson Souto Rosa, Fernando Antonio Aires Lins, Robson Wagner Albuquerque de Medeiros, Paulo Romero Martins Maciel, Julio Cesar Damasceno, Bruno Leonardo Barros Silva, Andre Ricardo da Silva Souza, Bryan Stephenson, Hamid Reza Motahari-Nezhad, Jun Li, Caio Northfleet
-
Patent number: 8656452Abstract: Data assurance capabilities are received that are related to at least one individual persistent object type in a plurality of persistent object types linked to persistent objects stored on the service provider server. In addition, data assurance specifications are received from a customer, the data assurance specifications being based on the data assurance capabilities. Computer-readable data assurance policies for the at least one persistent object type are generated based on the received data assurance specification. The computer-readable data assurance policies then are combined with a corresponding template of data assurance capabilities for the at least one individual persistent object type to generate an enforceable customer-specific data policy.Type: GrantFiled: July 20, 2010Date of Patent: February 18, 2014Assignee: Hewlett-Packard Development Company, L.P.Inventors: Jun Li, Hamid Reza Motahari Nezhand, Bryan Stephenson
-
Publication number: 20130346339Abstract: Systems and methods of configuring process variants for on-boarding customers for information technology (IT) outsourcing are provided. An example method includes modeling roles, responsibilities, and business context for a standard process template. The method also includes developing cause-and-effect rules affecting outcome of the standard process template. The method also includes adjusting the standard process template for process variants across different customer on-boarding scenarios.Type: ApplicationFiled: June 22, 2012Publication date: December 26, 2013Inventors: Wen Yao, Sujoy Basu, Jun Li, Bryan Stephenson, Sharad Singhai
-
Patent number: 8538029Abstract: An encryption key may be fragmented into n encryption key fragments such that k<n fragments are sufficient for reconstructing the encryption key. The encryption key fragments may be distributed across data stores located within first and second geographic regions. For example, at least k of the encryption key fragments may be distributed across data stores realized at N different availability zones within the first geographic region such that less than k of the encryption key fragments are distributed to each of the N availability zones within the first geographic region. Similarly, at least k of the encryption key fragments may be distributed across data stores realized at M different availability zones within the second geographic region such that less than k of the encryption key fragments are distributed to each of the M availability zones within the second geographic region.Type: GrantFiled: March 24, 2011Date of Patent: September 17, 2013Assignee: Hewlett-Packard Development Company, L.P.Inventors: Jun Li, Sharad Singhal, Ram Swaminathan, Bryan Stephenson
-
Patent number: 8533828Abstract: Disclosed is a system for protecting security of a provisionable network, comprising: a network server, a network client communicatively coupled with the server, a pool of resources coupled with the server for employment by the client, a resource management system for managing the resources, and an intrusion detection system enabled to detect and respond to an intrusion in said network.Type: GrantFiled: January 21, 2003Date of Patent: September 10, 2013Assignee: Hewlett-Packard Development Company, L.P.Inventors: John Mendonca, Amit Raikar, Bryan Stephenson
-
Patent number: 8412755Abstract: A method comprises receiving, by a processor, a copy of a database containing records, each record having a plurality of attributes. The method also comprises determining, by the processor, whether a first attribute in each record results in a predetermined value in modulo P when hashed with a key and determining, by the processor, whether a second attribute in each record results in the predetermined value in modulo P when hashed with a key. For a first record whose first attribute results in the predetermined value in modulo P when hashed with a key and a second record whose second attribute also results in the predetermined value in modulo P when hashed with a key, the method further comprises swapping by the processor the second attributes between the first and second records.Type: GrantFiled: June 23, 2009Date of Patent: April 2, 2013Assignee: Hewlett-Packard Development Company, L.P.Inventors: Bryan Stephenson, Ersin Uzun
-
Patent number: 8296342Abstract: A method comprising fingerprinting, by the at least one processor, a first copy of a database with a fingerprint. The fingerprint has at least one part in common with another fingerprint used in another copy of the database, and at least one part unique to the first copy of the database. The fingerprinting comprises swapping attributes between multiple records in the first copy of the database.Type: GrantFiled: August 31, 2009Date of Patent: October 23, 2012Assignee: Hewlett-Packard Development Company, L.P.Inventors: Bryan Stephenson, Ersin Uzun
-
Publication number: 20120243687Abstract: An encryption key may be fragmented into n encryption key fragments such that k<n fragments are sufficient for reconstructing the encryption key. The encryption key fragments may be distributed across data stores located within first and second geographic regions. For example, at least k of the encryption key fragments may be distributed across data stores realized at N different availability zones within the first geographic region such that less than k of the encryption key fragments are distributed to each of the N availability zones within the first geographic region. Similarly, at least k of the encryption key fragments may be distributed across data stores realized at M different availability zones within the second geographic region such that less than k of the encryption key fragments are distributed to each of the M availability zones within the second geographic region.Type: ApplicationFiled: March 24, 2011Publication date: September 27, 2012Inventors: Jun Li, Sharad Singhai, Ram Swaminathan, Bryan Stephenson
-
Patent number: 8117220Abstract: A method comprises receiving a database containing records. The method further comprises determining a number of artificial records to add to the database to achieve a false negative mark detection rate less than a specified threshold. The method also comprises marking the database by adding the determined number of artificial records to the database. Each artificial record contains at least one value that, when used, is detectable by a third party. The false negative rate comprises a probability of failing to detect the mark in a discovered subset of the database.Type: GrantFiled: April 30, 2009Date of Patent: February 14, 2012Assignee: Hewlett-Packard Development Company, L.P.Inventors: Bryan Stephenson, Ersin Uzun
-
Publication number: 20120030120Abstract: A functional model of a business process which is annotated with security requirements is provided. Platform-specific executable code and at least one configuration file for a given security enforcement component to enforce the security requirements of the model are then generated automatically.Type: ApplicationFiled: July 30, 2010Publication date: February 2, 2012Inventors: Nelson Souto Rosa, Fernando Antonio Aires Lins, Robson Wagner Albuquerque da Medeiros, Paulo Romero Martins Maciel, Julio Cesar Damasceno, Bruno Leonardo Barros Silva, Andre Ricardo Da Silva Souza, Bryan Stephenson, Hamid Reza Motahari-Nezhad, Jun Li, Caio Northfleet
-
Publication number: 20120023544Abstract: Data assurance capabilities are received that are related to at least one individual persistent object type in a plurality of persistent object types linked to persistent objects stored on the service provider server. In addition, data assurance specifications are received from a customer, the data assurance specifications being based on the data assurance capabilities. Computer-readable data assurance policies for the at least one persistent object type are generated based on the received data assurance specification. The computer-readable data assurance policies then are combined with a corresponding template of data assurance capabilities for the at least one individual persistent object type to generate an enforceable customer-specific data policy.Type: ApplicationFiled: July 20, 2010Publication date: January 26, 2012Inventors: Jun Li, Hamid Reza Motahari Nezhand, Bryan Stephenson
-
Publication number: 20110055166Abstract: A method comprising fingerprinting, by the at least one processor, a first copy of a database with a fingerprint. The fingerprint has at least one part in common with another fingerprint used in another copy of the database, and at least one part unique to the first copy of the database. The fingerprinting comprises swapping attributes between multiple records in the first copy of the database.Type: ApplicationFiled: August 31, 2009Publication date: March 3, 2011Inventors: Bryan Stephenson, Ersin Uzun
-
Publication number: 20110004565Abstract: A modelling system to provide a computer based business process for an enterprise, allows the enterprise to input values for a plurality of non functional requirements (760) for the deployment, and allows at least some of the values to be varied independently of others of the values, and creates a design of software application components (770) and a design of computing infrastructure (780), for running the software application components, so that the business process operates according to the values input for the non functional requirements of the business process. By modelling the underlying computing infrastructure, it becomes feasible to create models with greater certainty that they will deploy successfully, and with greater predictability of how well they will meet given non functional requirements. This enables more freedom to be allowed to vary the values of these non functional requirements and get greater customisation to suit the needs of the enterprise.Type: ApplicationFiled: December 20, 2007Publication date: January 6, 2011Inventors: Bryan Stephenson, Guillaume Alexandre Belrose, Nigel Edwards, Sven Graupner, Jerome Rolia, Lawrence Wiloock
-
Publication number: 20110004564Abstract: A method of automated deployment managed by a service provider, of a computer based business process, involves generating a model (730) of the business process including a design of computing infrastructure, and deploying the model on hardware (770) dedicated to the enterprise, with an interface for the service provider to enable ongoing management of the deployed process by the service provider. Having dedicated hardware means the location of the hardware can be arranged to suit the enterprise. This means limitations such as bandwidth or latency of WAN links, can be addressed by choosing the location of the dedicated hardware appropriately. Trust of security can also be increased compared to that of the shared data centres. The automated model driven deployment can help enable the service provider to provide such deployments on different types of hardware. The need for the enterprise to maintain specialist expertise in house is reduced.Type: ApplicationFiled: December 20, 2007Publication date: January 6, 2011Inventors: Jerome Rolia, Nigel Edwards, Guillaume Alexandre Belrose, Sven Graupner, Lawrence Wilcock, Bryan Stephenson
-
Publication number: 20100325095Abstract: A method comprises receiving, by a processor, a copy of a database containing records, each record having a plurality of attributes. The method also comprises determining, by the processor, whether a first attribute in each record results in a predetermined value in modulo P when hashed with a key and determining, by the processor, whether a second attribute in each record results in the predetermined value in modulo P when hashed with a key. For a first record whose first attribute results in the predetermined value in modulo P when hashed with a key and a second record whose second attribute also results in the predetermined value in modulo P when hashed with a key, the method further comprises swapping by the processor the second attributes between the first and second records.Type: ApplicationFiled: June 23, 2009Publication date: December 23, 2010Inventors: Bryan STEPHENSON, Ersin Uzun
-
Publication number: 20100281069Abstract: A method comprises receiving a database containing records. The method further comprises determining a number of artificial records to add to the database to achieve a false negative mark detection rate less than a specified threshold. The method also comprises marking the database by adding the determined number of artificial records to the database. Each artificial record contains at least one value that, when used, is detectable by a third party. The false negative rate comprises a probability of failing to detect the mark in a discovered subset of the database.Type: ApplicationFiled: April 30, 2009Publication date: November 4, 2010Inventors: Bryan STEPHENSON, Ersin Uzun
-
Publication number: 20100280863Abstract: A system for generating a model representing an existing computer based business process involves analysing existing source content (910) which has annotations (920) added, to provide information for the modelling. Static analysis of the annotations can provide some of the information. Other information can be discovered at run time if the annotations alter the run time behaviour to generate monitoring events showing the behaviour. The annotations need not be restricted to codes or symbols or structures of the language of the source content, and can use concepts closer to those in the model being generated. Using annotations rather than manual modelling can reduce errors and lead to better predictions of performance from the model, and result in better reconfiguration of the software or the computing infrastructure to make more efficient usage of shared resources.Type: ApplicationFiled: December 20, 2007Publication date: November 4, 2010Inventors: Lawrence Wilcock, Nigel Edwards, Sven Graupner, Jerome Rolia, Bryan Stephenson