Patents by Inventor Canturk Isci
Canturk Isci has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11659003Abstract: Systems, computer-implemented methods, and computer program products that facilitate container inspection components of a container-based virtualization environment are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a container inspection control component that can define one or more constrained capabilities of a container inspection. The computer executable components can further comprise a container inspection component that can inspect a virtual container based on the one or more constrained capabilities.Type: GrantFiled: August 30, 2018Date of Patent: May 23, 2023Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Sahil Suneja, Canturk Isci
-
Patent number: 11281767Abstract: A sandbox component, operatively coupled to a host and a guest container, the sandbox component securely extends systems data collection software with potentially untrusted third-party code. A secure environment is enabled where plugins will run inside a sidecar container that is separate from a guest container. A container consists of an entire runtime environment: an application, plus its dependencies, libraries and other binaries, and configuration files needed to run it, bundled into one package. A sidecar service is not necessarily part of the application but is connected to the guest container and follows the parent application. A sidecar is independent from its primary application in terms of runtime environment and programming language. The sidecar plugin will be given a sparse/limited set of privileges required to simply perform its intended function and the Linux kernel constructs will control data access and transfer.Type: GrantFiled: March 23, 2018Date of Patent: March 22, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Sahil Suneja, Shripad Nadgowda, Canturk Isci
-
Patent number: 11157474Abstract: Techniques facilitating representing and analyzing cloud computing data as pseudo systems are provided. A system comprises a memory that stores, and a processor that executes, computer executable components. The computer executable components comprise a framework component and a generation component. The framework component can recreate a system state of a computing device as a pseudo system state for the computing device. The pseudo system state can be decoupled from an original operating state of the computing device and can comprise data abstracted from the original operating state. The data abstracted can mimic an operation of the computing device. The generation component can create the pseudo system state and can facilitate black-box execution of software over the pseudo system state. The black-box execution of software can comprise running applications in the pseudo system state as if the applications were executing in the original operating state of the computing device.Type: GrantFiled: August 22, 2019Date of Patent: October 26, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Mustafa Bal, Canturk Isci, Shripad Nadgowda
-
Patent number: 11075983Abstract: Techniques facilitating compliance aware service registry and load balancing are provided. A system can comprise a memory that stores computer executable components and a processor that executes computer executable components stored in the memory. The computer executable components can comprise an extraction component that removes a service from a load balancer ring based on a first determination by a verification component that a compliance state of the service is a non-compliant state. Further, the computer executable components can comprise an insertion component that adds the service to the load balancer ring based on a second determination by the verification component that, after a defined amount of time, the compliance state of the service is a compliant state.Type: GrantFiled: November 20, 2019Date of Patent: July 27, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Canturk Isci, Shripad Nadgowda
-
Patent number: 10833955Abstract: A container cloud platform that allows software functions to be shared by multiple applications in different application containers is provided. The service functions are containerized and disaggregated from the application containers. The containerized services are delivered as a capsule for applications that invoke the service functions at application runtime. The images of the service containers are deployed at the host computing devices operating the corresponding application containers. The container cloud platform monitors the deployed service containers for their execution as well as their termination.Type: GrantFiled: January 3, 2018Date of Patent: November 10, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Canturk Isci, Shripad Nadgowda
-
Publication number: 20200301443Abstract: Techniques are provided for discovery and monitoring of an environment using a plurality of robots. A plurality of robots navigate an environment by determining a navigation buffer for each of the robots; and allowing each of the robots to navigate within the environment while maintaining a substantially minimum distance from other robots, wherein the substantially minimum distance corresponds to the navigation buffer, and wherein a size of each of the navigation buffers is reduced over time based on a percentage of the environment that remains to be navigated. The robots can also navigate an environment by obtaining a discretization of the environment to a plurality of discrete regions; and determining a next unvisited discrete region for one of the plurality of robots to explore in the exemplary environment using a breadth-first search. The plurality of discrete regions can be, for example, a plurality of real or virtual tiles.Type: ApplicationFiled: June 5, 2020Publication date: September 24, 2020Inventors: Shang Q. Guo, Canturk Isci, Jonathan Lenchner, Maharaj Mukherjee
-
Patent number: 10776157Abstract: A system and method for providing quality of service during live migration includes determining one or more quality of service (QoS) specifications for one or more virtual machines (VMs) to be live migrated. Based on the one or more QoS specifications, a QoS is applied to a live migration of the one or more VMs by controlling; resources including at least one of live migration network characteristics and VM execution parameters.Type: GrantFiled: March 2, 2017Date of Patent: September 15, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Bulent Abali, Canturk Isci, Jeffrey O. Kephart, Suzanne K. McIntosh, Dipankar Sarma
-
Patent number: 10778709Abstract: Techniques facilitating cloud-native extensibility provided to security analytics are provided. A system comprises a memory that stores, and a processor that executes, computer executable components. The computer executable components can comprise a security component that implements an instance of an encapsulated security application. The encapsulated security application can be embedded into a container image as an extended analytic script. The computer executable components can also comprise an execution component that applies the instance of the encapsulated security application to a simulated system state of a computing device during subsequent scanning operations that result in respective analytics for scanning operations of the subsequent scanning operations.Type: GrantFiled: October 31, 2018Date of Patent: September 15, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Shripad Nadgowda, Canturk Isci
-
Patent number: 10761882Abstract: A system and method for providing quality of service during live migration includes determining one or more quality of service (QoS) specifications for one or more virtual machines (VMs) to be live migrated. Based on the one or more QoS specifications, a QoS is applied to a live migration of the one or more VMs by controlling resources including at least one of live migration network characteristics and VM execution parameters.Type: GrantFiled: March 2, 2017Date of Patent: September 1, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Bulent Abali, Canturk Isci, Jeffrey O. Kephart, Suzanne K. McIntosh, Dipankar Sarma
-
Patent number: 10712749Abstract: Techniques are provided for discovery and monitoring of an environment using a plurality of robots. A plurality of robots navigate an environment by determining a navigation buffer for each of the robots; and allowing each of the robots to navigate within the environment while maintaining a substantially minimum distance from other robots, wherein the substantially minimum distance corresponds to the navigation buffer, and wherein a size of each of the navigation buffers is reduced over time based on a percentage of the environment that remains to be navigated. The robots can also navigate an environment by obtaining a discretization of the environment to a plurality of discrete regions; and determining a next unvisited discrete region for one of the plurality of robots to explore in the exemplary environment using a breadth-first search. The plurality of discrete regions can be, for example, a plurality of real or virtual tiles.Type: GrantFiled: January 11, 2017Date of Patent: July 14, 2020Assignee: Daedalus Blue LLCInventors: Shang Q. Guo, Canturk Isci, Jonathan Lenchner, Maharaj Mukherjee
-
Patent number: 10705537Abstract: Techniques are provided for discovery and monitoring of an environment using a plurality of robots. A plurality of robots navigate an environment by determining a navigation buffer for each of the robots; and allowing each of the robots to navigate within the environment while maintaining a substantially minimum distance from other robots, wherein the substantially minimum distance corresponds to the navigation buffer, and wherein a size of each of the navigation buffers is reduced over time based on a percentage of the environment that remains to be navigated. The robots can also navigate an environment by obtaining a discretization of the environment to a plurality of discrete regions; and determining a next unvisited discrete region for one of the plurality of robots to explore in the exemplary environment using a breadth-first search. The plurality of discrete regions can be, for example, a plurality of real or virtual tiles.Type: GrantFiled: January 11, 2017Date of Patent: July 7, 2020Assignee: Daedalus Blue LLCInventors: Shang Q. Guo, Canturk Isci, Jonathan Lenchner, Maharaj Mukherjee
-
Publication number: 20200137091Abstract: Techniques facilitating cloud-native extensibility provided to security analytics are provided. A system comprises a memory that stores, and a processor that executes, computer executable components. The computer executable components can comprise a security component that implements an instance of an encapsulated security application. The encapsulated security application can be embedded into a container image as an extended analytic script. The computer executable components can also comprise an execution component that applies the instance of the encapsulated security application to a simulated system state of a computing device during subsequent scanning operations that result in respective analytics for scanning operations of the subsequent scanning operations.Type: ApplicationFiled: October 31, 2018Publication date: April 30, 2020Inventors: Shripad Nadgowda, Canturk Isci
-
Publication number: 20200092358Abstract: Techniques facilitating compliance aware service registry and load balancing are provided. A system can comprise a memory that stores computer executable components and a processor that executes computer executable components stored in the memory. The computer executable components can comprise an extraction component that removes a service from a load balancer ring based on a first determination by a verification component that a compliance state of the service is a non-compliant state. Further, the computer executable components can comprise an insertion component that adds the service to the load balancer ring based on a second determination by the verification component that, after a defined amount of time, the compliance state of the service is a compliant state.Type: ApplicationFiled: November 20, 2019Publication date: March 19, 2020Inventors: Canturk Isci, Shripad Nadgowda
-
Publication number: 20200076854Abstract: Systems, computer-implemented methods, and computer program products that facilitate container inspection components of a container-based virtualization environment are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a container inspection control component that can define one or more constrained capabilities of a container inspection. The computer executable components can further comprise a container inspection component that can inspect a virtual container based on the one or more constrained capabilities.Type: ApplicationFiled: August 30, 2018Publication date: March 5, 2020Inventors: Sahil Suneja, Canturk Isci
-
Patent number: 10530837Abstract: A mechanism is provided in a data processing system for monitoring a virtual machine in a distributed computing system. An out-of-virtual machine monitor receives, via an out-of-band path, disk and memory state data of the virtual machine exposed in a hypervisor hosting the virtual machine. The out-of-virtual machine monitor interprets logical information from the virtual machine disk and memory state data. The out-of-virtual machine monitor parses the logical information to extract related system or log information for a monitoring endpoint. The out-of-virtual machine monitor translates the system or log information to a standard format expected by the monitoring endpoint. The out-of-virtual machine monitor forwards a monitoring data stream to the monitoring endpoint.Type: GrantFiled: April 10, 2014Date of Patent: January 7, 2020Assignee: International Business Machines CorporationInventors: Vasanth Bala, Canturk Isci, Todd W. Mummert, Sahil Suneja
-
Patent number: 10530849Abstract: Techniques facilitating compliance aware service registry and load balancing are provided. A system can comprise a memory that stores computer executable components and a processor that executes computer executable components stored in the memory. The computer executable components can comprise an extraction component that removes a service from a load balancer ring based on a first determination by a verification component that a compliance state of the service is a non-compliant state. Further, the computer executable components can comprise an insertion component that adds the service to the load balancer ring based on a second determination by the verification component that, after a defined amount of time, the compliance state of the service is a compliant state.Type: GrantFiled: October 20, 2017Date of Patent: January 7, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Canturk Isci, Shripad Nadgowda
-
Publication number: 20190377717Abstract: Techniques facilitating representing and analyzing cloud computing data as pseudo systems are provided. A system comprises a memory that stores, and a processor that executes, computer executable components. The computer executable components comprise a framework component and a generation component. The framework component can recreate a system state of a computing device as a pseudo system state for the computing device. The pseudo system state can be decoupled from an original operating state of the computing device and can comprise data abstracted from the original operating state. The data abstracted can mimic an operation of the computing device. The generation component can create the pseudo system state and can facilitate black-box execution of software over the pseudo system state. The black-box execution of software can comprise running applications in the pseudo system state as if the applications were executing in the original operating state of the computing device.Type: ApplicationFiled: August 22, 2019Publication date: December 12, 2019Inventors: Mustafa Bal, Canturk Isci, Shripad Nadgowda
-
Patent number: 10467211Abstract: Techniques facilitating representing and analyzing cloud computing data as pseudo systems are provided. A system comprises a memory that stores, and a processor that executes, computer executable components. The computer executable components comprise a framework component and a generation component. The framework component can recreate a system state of a computing device as a pseudo system state for the computing device. The pseudo system state can be decoupled from an original operating state of the computing device and can comprise data abstracted from the original operating state. The data abstracted can mimic an operation of the computing device. The generation component can create the pseudo system state and can facilitate black-box execution of software over the pseudo system state. The black-box execution of software can comprise running applications in the pseudo system state as if the applications were executing in the original operating state of the computing device.Type: GrantFiled: November 15, 2017Date of Patent: November 5, 2019Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Mustafa Bal, Canturk Isci, Shripad Nadgowda
-
Publication number: 20190294779Abstract: A sandbox component, operatively coupled to a host and a guest container, the sandbox component securely extends systems data collection software with potentially untrusted third-party code. A secure environment is enabled where plugins will run inside a sidecar container that is separate from a guest container. A container consists of an entire runtime environment: an application, plus its dependencies, libraries and other binaries, and configuration files needed to run it, bundled into one package. A sidecar service is not necessarily part of the application but is connected to the guest container and follows the parent application. A sidecar is independent from its primary application in terms of runtime environment and programming language. The sidecar plugin will be given a sparse/limited set of privileges required to simply perform its intended function and the Linux kernel constructs will control data access and transfer.Type: ApplicationFiled: March 23, 2018Publication date: September 26, 2019Inventors: Sahil Suneja, Shripad Nadgowda, Canturk Isci
-
Patent number: 10397370Abstract: In an approach for determining optimal performance-related configurations of applications by analyzing peer data, a processor monitors instances of an application, wherein the instances of the application are running on a plurality of devices. A processor receives data related to: configuration parameters of the application, system parameters of the plurality of devices, and performance metrics of the plurality of devices. A processor determines correlation and dependencies between the configuration parameters with associated system parameters, using: an all pair analysis and a Pearson product-moment correlation coefficient (PPMCC). A processor determines dependencies between the configuration parameters with performance metrics. A processor recommends to a user, configuration settings of the application, based on the analysis of the data.Type: GrantFiled: September 11, 2017Date of Patent: August 27, 2019Assignee: International Business Machines CorporationInventors: Byung Chul Tak, Salman A. Baset, Sahil Suneja, Canturk Isci