Patents by Inventor Cataldo Mega
Cataldo Mega has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10977088Abstract: Provided are a method, system, and article of manufacture for selecting a resource manager to satisfy a service request. A catalog indicating a plurality of resource managers and at least one service offered by the resource managers is provided. Further provided is resource manager information indicating resource availability information for resource managers offering at least one service. A request for a requested service from a subscriber is received. The catalog is processed to identify resource managers publishing the requested service and the resource manager information is processed to determine at least one identified resource manager publishing the requested service that also satisfies at least one rule applicable to the service request.Type: GrantFiled: November 3, 2011Date of Patent: April 13, 2021Assignee: International Business Machines CorporationInventors: Stewart Eugene Tate, Cataldo Mega, James Allen Reimer
-
Patent number: 10554508Abstract: A distributed computing system provides at least one service, and the service is provided by resources of the distributed computing system. Resources are represented by a topology graph including storage, application and database server nodes joined by edges indicative of relationships between nodes. Predefined parameters are monitored that are indicative of operating characteristics of the distributed computing system when providing the service. Values of the predefined parameters are compared with respective predetermined performance threshold values. The performance threshold values are determined based on a service level agreement (SLA). The SLA includes a service level objective (SLO). The performance threshold values are indicative of the respective operating characteristics prior to an event. Rules are provided for selecting a combination of application, storage and database server nodes to meet the SLO for each parameter of the parameter.Type: GrantFiled: September 7, 2016Date of Patent: February 4, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Andreas Boerner, David Lebutsch, Cataldo Mega, Chun Guang Zeng
-
Patent number: 10270593Abstract: In response to at least one message received by a processor of a gateway server from a user device wherein each message requests that an encryption key be downloaded to the user device, the processor generates at least one unique encryption key for each message and sends the at least one generated encryption key to the user device, but does not store any of the generated encryption keys in the cloud. For each encryption key having been sent to the user device, the processor receives each encryption key returned from the user device. For each encryption key received from the user device, the processor stores each received encryption key in the cloud.Type: GrantFiled: January 31, 2018Date of Patent: April 23, 2019Assignee: International Business Machines CorporationInventors: Jonathan M. Barney, Cataldo Mega, Edmond Plattier, Daniel Suski
-
Publication number: 20180152291Abstract: In response to at least one message received by a processor of a gateway server from a user device wherein each message requests that an encryption key be downloaded to the user device, the processor generates at least one unique encryption key for each message and sends the at least one generated encryption key to the user device, but does not store any of the generated encryption keys in the cloud. For each encryption key having been sent to the user device, the processor receives each encryption key returned from the user device. For each encryption key received from the user device, the processor stores each received encryption key in the cloud.Type: ApplicationFiled: January 31, 2018Publication date: May 31, 2018Inventors: Jonathan M. Barney, Cataldo Mega, Edmond Plattier, Daniel Suski
-
Patent number: 9948458Abstract: In response to at least one message received by a processor of a gateway server from a user device wherein each message requests that an encryption key be downloaded to the user device, the processor generates at least one unique encryption key for each message and sends the at least one generated encryption key to the user device, but does not store any of the generated encryption keys in the cloud. For each encryption key having been sent to the user device, the processor receives each encryption key returned from the user device. For each encryption key received from the user device, the processor stores each received encryption key in the cloud.Type: GrantFiled: December 21, 2016Date of Patent: April 17, 2018Assignee: International Business Machines CorporationInventors: Jonathan M. Barney, Cataldo Mega, Edmond Plattier, Daniel Suski
-
Publication number: 20170104587Abstract: In response to at least one message received by a processor of a gateway server from a user device wherein each message requests that an encryption key be downloaded to the user device, the processor generates at least one unique encryption key for each message and sends the at least one generated encryption key to the user device, but does not store any of the generated encryption keys in the cloud. For each encryption key having been sent to the user device, the processor receives each encryption key returned from the user device. For each encryption key received from the user device, the processor stores each received encryption key in the cloud.Type: ApplicationFiled: December 21, 2016Publication date: April 13, 2017Inventors: Jonathan M. Barney, Cataldo Mega, Edmond Plattier, Daniel Suski
-
Patent number: 9613038Abstract: Embodiments relate to digital data retention management. An aspect includes calculating a retention date associated with a data object in a storage system. Another aspect includes generating a cryptographic checksum for metadata relating to said data object, the metadata comprising the retention date. Another aspect includes storing said metadata and said cryptographic checksum. Another aspect includes, based on receiving a request to perform a deletion transaction on said data object for deleting said data object from the storage system: verifying metadata validity by checking the cryptographic checksum for the metadata associated with said data object to detect possible tampering of the metadata; verifying retention expiration by determining that a current date is past the retention date comprised in said metadata; and based on successful verification of metadata validity and retention expiration, authorizing deletion of said data object by the storage system.Type: GrantFiled: August 21, 2014Date of Patent: April 4, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Michael E. Factor, Bernhard Kurtz, David Lebutsch, Cataldo Mega, Alexandra Shulman-Peleg, Tim Waizenegger
-
Patent number: 9560019Abstract: A method and system for managing data security in a computing environment. A processor at the gateway server receives, from a user device, at least one message. Each message requests that an encryption key be downloaded to the user device. The gateway server interfaces between the user device and a cloud that includes interconnected computing systems external to the user device. In response to the received at least one message, the processor generates at least one unique encryption key for each message and sends the at least one generated encryption key to the user device, but does not store any of the generated encryption keys in the cloud. For each encryption key having been sent to the user device, the processor receives each encryption key returned from the user device. For each encryption key received from the user device, the processor stores each received encryption key in the cloud.Type: GrantFiled: February 19, 2014Date of Patent: January 31, 2017Assignee: International Business Machines CorporationInventors: Jonathan M. Barney, Cataldo Mega, Edmond Plattier, Daniel Suski
-
Patent number: 9548866Abstract: A data processing and storage apparatus has a hardware security module and a data storage medium storing encrypted data objects and a hierarchical data maintenance structure of encrypted partition tables and hash-nodes forming a rooted tree, where a given partition table comprises a first reference to a given encrypted data object and a first cryptographic key for decryption thereof, where a given hash-node comprises a second reference to a partition tables or hash-node and a second cryptographic key being suitable for decryption thereof, and where the root node is decipherable using a master cryptographic key stored in the hardware security module, the given data object being assigned to the root node via the first and second references of the given partition table and the given hash-nodes forming a set of successive nodes in the rooted tree.Type: GrantFiled: February 18, 2016Date of Patent: January 17, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Jonathan M. Barney, David Lebutsch, Cataldo Mega, Stefan Schleipen, Tim Waizenegger
-
Publication number: 20160380846Abstract: A distributed computing system provides at least one service, and the service is provided by resources of the distributed computing system. Resources are represented by a topology graph including storage, application and database server nodes joined by edges indicative of relationships between nodes. Predefined parameters are monitored that are indicative of operating characteristics of the distributed computing system when providing the service. Values of the predefined parameters are compared with respective predetermined performance threshold values. The performance threshold values are determined based on a service level agreement (SLA). The SLA includes a service level objective (SLO). The performance threshold values are indicative of the respective operating characteristics prior to an event. Rules are provided for selecting a combination of application, storage and database server nodes to meet the SLO for each parameter of the parameter.Type: ApplicationFiled: September 7, 2016Publication date: December 29, 2016Inventors: Andreas Boerner, David Lebutsch, Cataldo Mega, Chun Guang Zeng
-
Patent number: 9455881Abstract: A distributed computing system provides at least one service, and the service is provided by resources of the distributed computing system. Resources are represented by a topology graph including storage, application and database server nodes joined by edges indicative of relationships between nodes. Predefined parameters are monitored that are indicative of operating characteristics of the distributed computing system when providing the service. Values of the predefined parameters are compared with respective predetermined performance threshold values. The performance threshold values are determined based on a service level agreement (SLA). The SLA includes a service level objective (SLO). The performance threshold values are indicative of the respective operating characteristics prior to an event. Rules are provided for selecting a combination of application, storage and database server nodes to meet the SLO for each parameter of the parameter.Type: GrantFiled: October 15, 2013Date of Patent: September 27, 2016Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Andreas Boerner, David Lebutsch, Cataldo Mega, Chun Guang Zeng
-
Publication number: 20160164683Abstract: A data processing and storage apparatus has a hardware security module and a data storage medium storing encrypted data objects and a hierarchical data maintenance structure of encrypted partition tables and hash-nodes forming a rooted tree, where a given partition table comprises a first reference to a given encrypted data object and a first cryptographic key for decryption thereof, where a given hash-node comprises a second reference to a partition tables or hash-node and a second cryptographic key being suitable for decryption thereof, and where the root node is decipherable using a master cryptographic key stored in the hardware security module, the given data object being assigned to the root node via the first and second references of the given partition table and the given hash-nodes forming a set of successive nodes in the rooted tree.Type: ApplicationFiled: February 18, 2016Publication date: June 9, 2016Inventors: Jonathan M. BARNEY, David LEBUTSCH, Cataldo MEGA, Stefan SCHLEIPEN, Tim WAIZENEGGER
-
Patent number: 9298951Abstract: A data processing and storage apparatus has a hardware security module and a data storage medium storing encrypted data objects and a hierarchical data maintenance structure of encrypted partition tables and hash-nodes forming a rooted tree, where a given partition table comprises a first reference to a given encrypted data object and a first cryptographic key for decryption thereof, where a given hash-node comprises a second reference to a partition tables or hash-node and a second cryptographic key being suitable for decryption thereof, and where the root node is decipherable using a master cryptographic key stored in the hardware security module, the given data object being assigned to the root node via the first and second references of the given partition table and the given hash-nodes forming a set of successive nodes in the rooted tree.Type: GrantFiled: November 19, 2014Date of Patent: March 29, 2016Assignee: International Business Machines CorporationInventors: Jonathan M. Barney, David Lebutsch, Cataldo Mega, Stefan Schleipen, Tim Waizenegger
-
Publication number: 20150143136Abstract: A data processing and storage apparatus has a hardware security module and a data storage medium storing encrypted data objects and a hierarchical data maintenance structure of encrypted partition tables and hash-nodes forming a rooted tree, where a given partition table comprises a first reference to a given encrypted data object and a first cryptographic key for decryption thereof, where a given hash-node comprises a second reference to a partition tables or hash-node and a second cryptographic key being suitable for decryption thereof, and where the root node is decipherable using a master cryptographic key stored in the hardware security module, the given data object being assigned to the root node via the first and second references of the given partition table and the given hash-nodes forming a set of successive nodes in the rooted tree.Type: ApplicationFiled: November 19, 2014Publication date: May 21, 2015Inventors: Jonathan M. BARNEY, David LEBUTSCH, Cataldo MEGA, Stefan SCHLEIPEN, Tim WAIZENEGGER
-
Publication number: 20150134619Abstract: Embodiments relate to digital data retention management. An aspect includes calculating a retention date associated with a data object in a storage system. Another aspect includes generating a cryptographic checksum for metadata relating to said data object, the metadata comprising the retention date. Another aspect includes storing said metadata and said cryptographic checksum.Type: ApplicationFiled: August 21, 2014Publication date: May 14, 2015Inventors: Michael E. Factor, Bernhard Kurtz, David Lebutsch, Cataldo Mega, Alexandra Shulman-Peleg, Tim Waizenegger
-
Publication number: 20140310513Abstract: A method and system for managing data security in a computing environment. A processor at the gateway server receives, from a user device, at least one message. Each message requests that an encryption key be downloaded to the user device. The gateway server interfaces between the user device and a cloud that includes interconnected computing systems external to the user device. In response to the received at least one message, the processor generates at least one unique encryption key for each message and sends the at least one generated encryption key to the user device, but does not store any of the generated encryption keys in the cloud. For each encryption key having been sent to the user device, the processor receives each encryption key returned from the user device. For each encryption key received from the user device, the processor stores each received encryption key in the cloud.Type: ApplicationFiled: February 19, 2014Publication date: October 16, 2014Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Jonathan M. Barney, Cataldo Mega, Edmond Plattier, Daniel Suski
-
Publication number: 20140122706Abstract: A distributed computing system provides at least one service, and the service is provided by resources of the distributed computing system. Resources are represented by a topology graph including storage, application and database server nodes joined by edges indicative of relationships between nodes. Predefined parameters are monitored that are indicative of operating characteristics of the distributed computing system when providing the service. Values of the predefined parameters are compared with respective predetermined performance threshold values. The performance threshold values are determined based on a service level agreement (SLA). The SLA includes a service level objective (SLO). The performance threshold values are indicative of the respective operating characteristics prior to an event. Rules are provided for selecting a combination of application, storage and database server nodes to meet the SLO for each parameter of the parameter.Type: ApplicationFiled: October 15, 2013Publication date: May 1, 2014Applicant: International Business Machines CorporationInventors: Andreas Boerner, David Lebutsch, Cataldo Mega, Chun Guang Zeng
-
Publication number: 20120054309Abstract: Provided are a method, system, and article of manufacture for selecting a resource manager to satisfy a service request. A catalog indicating a plurality of resource managers and at least one service offered by the resource managers is provided. Further provided is resource manager information indicating resource availability information for resource managers offering at least one service. A request for a requested service from a subscriber is received. The catalog is processed to identify resource managers publishing the requested service and the resource manager information is processed to determine at least one identified resource manager publishing the requested service that also satisfies at least one rule applicable to the service request.Type: ApplicationFiled: November 3, 2011Publication date: March 1, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Stewart Eugene Tate, Cataldo Mega, James Allen Reimer
-
Patent number: 8126914Abstract: Provided are a method, system, and article of manufacture for selecting a resource manager to satisfy a service request. A catalog indicating a plurality of resource managers and at least one service offered by the resource managers is provided. Further provided is resource manager information indicating resource availability information for resource managers offering at least one service. A request for a requested service from a subscriber is received. The catalog is processed to identify resource managers publishing the requested service and the resource manager information is processed to determine at least one identified resource manager publishing the requested service that also satisfies at least one rule applicable to the service request.Type: GrantFiled: March 23, 2005Date of Patent: February 28, 2012Assignee: International Business Machines CorporationInventors: Stewart Eugene Tate, Cataldo Mega, James Allen Reimer
-
Patent number: 8001277Abstract: Further provided are a method, system, and article of manufacture for determining, transmitting, and receiving performance information with respect to an operation performed locally and at remote nodes. Performance information is determined with respect to performing an operation at a node and transmitted to remote nodes over a network. Performance information is received from the remote nodes with respect to the remote nodes performing the operation. The determined and received performance information is used to determine whether to perform the operation at one of the remote nodes or the node. Other embodiments are disclosed and claimed.Type: GrantFiled: December 14, 2006Date of Patent: August 16, 2011Assignee: International Business Machines CorporationInventors: Cataldo Mega, Sundar Veliah