Patents by Inventor Christopher Colonna
Christopher Colonna has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11563588Abstract: A path is secured from one node to another node of the computing environment. The one node obtains a first encryption key and a second encryption key. A shared key is obtained by the one node from a key server, and the shared key is used to encrypt a message. The encrypted message includes the first encryption key and the second encryption key. The encrypted message and an identifier of the shared key is sent from the one node to the other node, and a response message is received by the one node. The response message at least provides an indication that the other node received the encrypted message and obtained the shared key.Type: GrantFiled: May 10, 2021Date of Patent: January 24, 2023Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Patricia G. Driever, Roger G. Hathorn, Christopher Colonna, John Flanagan, George P. Kuch, Richard M. Sczepczenski, Glen Jaquette
-
Patent number: 11522681Abstract: A path for a node of a computing environment is secured. The securing includes obtaining, by the node, a message that includes an identifier of a shared key and an encrypted message. The node obtains the shared key from a key server and uses it to decrypt the encrypted message to obtain an encryption key and one or more parameters. A security parameters index to be associated with the encryption key and the one or more parameters is obtained. The node sends a response message to another node, the response message including the security parameters index.Type: GrantFiled: December 30, 2020Date of Patent: December 6, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Patricia G. Driever, Roger G. Hathorn, Christopher Colonna, John Flanagan, George P. Kuch, Richard M. Sczepczenski, Glen Jaquette
-
Patent number: 11368413Abstract: Techniques for inter-switch link (ISL) identification and monitoring are described herein. An aspect includes sending a query fabric path command to a switch, the query fabric path command including an origin address and a destination address. Another aspect includes receiving a query fabric path response from the switch based on the query fabric path command, the query fabric path response including a plurality of port identifiers. Another aspect includes monitoring a plurality of ports, each of the plurality of ports corresponding to a respective port identifier of the plurality of port identifiers in the query fabric path response.Type: GrantFiled: June 11, 2019Date of Patent: June 21, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Christopher Colonna, Pasquale A. Catalano, Stephen Robert Guendert, Michael James Becht, Patricia G. Driever
-
Patent number: 11132135Abstract: An aspect includes monitoring, by a server, a round trip latency between a primary storage device and a secondary storage device in a SAN. The secondary storage device replicates the primary storage device in a replication mode that is either an asynchronous replication mode or a synchronous replication mode. Based on the replication mode being the asynchronous replication mode and on detecting that the round trip latency has decreased to a value below a synchronous latency threshold value, the replication mode is set to the synchronous replication mode. Based on the replication mode being the synchronous replication mode and on detecting that the round trip latency has increased to a value above the synchronous latency threshold value, the replication mode is set to the asynchronous replication mode. The monitoring is repeated.Type: GrantFiled: April 11, 2019Date of Patent: September 28, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Pasquale A. Catalano, Michael James Becht, Christopher Colonna, Stephen Robert Guendert
-
Patent number: 11112928Abstract: According to one or more embodiments of the present invention, a computer-implemented method includes receiving a request to update a layout of a user interface being rendered. The method further includes receiving a user input for an element of the user interface. The method further includes determining whether the user input is received within a predetermined duration since receiving the request to update the layout. The method further includes, based on a determination that the user input is received after completion of the predetermined duration, accepting the user input. The method further includes, based on a determination that the user input is received prior to completion of the predetermined duration, rejecting the user input.Type: GrantFiled: October 18, 2018Date of Patent: September 7, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Raymond M. Higgs, Christopher Colonna, Luke Hopkins
-
Publication number: 20210266182Abstract: A path is secured from one node to another node of the computing environment. The one node obtains a first encryption key and a second encryption key. A shared key is obtained by the one node from a key server, and the shared key is used to encrypt a message. The encrypted message includes the first encryption key and the second encryption key. The encrypted message and an identifier of the shared key is sent from the one node to the other node, and a response message is received by the one node. The response message at least provides an indication that the other node received the encrypted message and obtained the shared key.Type: ApplicationFiled: May 10, 2021Publication date: August 26, 2021Inventors: Patricia G. Driever, Roger G. Hathorn, Christopher Colonna, John Flanagan, George P. Kuch, Richard M. Sczepczenski, Glen Jaquette
-
Patent number: 11088829Abstract: A path for a node of a computing environment is secured. The securing includes obtaining, by the node, a message that includes an identifier of a shared key and an encrypted message, the encrypted message including a first encryption key, a second encryption key, one or more first parameters and one or more second parameters. The node obtains the shared key from a key server and uses it to decrypt the encrypted message to obtain the first encryption key, the second encryption key, the one or more first parameters and the one or more second parameters. A second security parameters index, to be associated with the second encryption key and the one or more second parameters, is obtained. The node sends a response message to another node, the response message including the second security parameters index.Type: GrantFiled: September 4, 2018Date of Patent: August 10, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Patricia G. Driever, Roger G. Hathorn, Christopher Colonna, John Flanagan, George P. Kuch, Richard M. Sczepczenski, Glen Jaquette
-
Patent number: 11038671Abstract: Authentication is performed on a plurality of links to be used to couple one node of the computing environment and another node of the computing environment. The performing authentication includes obtaining, by the other node from the one node via one link of the plurality of links, an identifier of a shared key maintained by a key server. The other node uses the identifier to obtain the shared key from the key server. An indication that the other node decrypted a message received from the one node using the shared key is sent from the other node via the one link. The sending the indication on one or more other links of the plurality of links is repeated for subsequent messages decrypted by the other node using the shared key previously obtained.Type: GrantFiled: September 4, 2018Date of Patent: June 15, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Patricia G. Driever, Roger G. Hathorn, Christopher Colonna, John Flanagan, George P. Kuch, Richard M. Sczepczenski, Glen Jaquette
-
Patent number: 11038698Abstract: A path is secured from one node to another node of the computing environment. The one node obtains a first encryption key and one or more first parameters for transmission of data, and a second encryption key and one or more second parameters for reception of data. A shared key is obtained by the one node from a key server, and the shared key is used to encrypt a message. The encrypted message includes the first encryption key, the one or more first parameters, the second encryption key and the one or more second parameters. The encrypted message and an identifier of the shared key is sent from the one node to the other node, and a response message is received by the one node. The response message at least provides an indication that the other node received the encrypted message and obtained the shared key.Type: GrantFiled: September 4, 2018Date of Patent: June 15, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Patricia G. Driever, Roger G. Hathorn, Christopher Colonna, John Flanagan, George P. Kuch, Richard M. Sczepczenski, Glen Jaquette
-
Patent number: 11025413Abstract: Authentication is performed on a plurality of links coupling one node of the computing environment and another node of the computing environment. The performing authentication includes obtaining by the one node a shared key from a key server coupled to the one node and another node of the computing environment. A message encrypted with the shared key is sent from the one node to the other node via one link of the plurality of links. An indication that the other node decrypted the message using the shared key obtained by the other node is received from the other node via the one link. The sending and the receiving are repeated on one or more other links of the plurality of links using the shared key previously obtained.Type: GrantFiled: September 4, 2018Date of Patent: June 1, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Patricia G. Driever, Roger G. Hathorn, Christopher Colonna, John Flanagan, George P. Kuch, Richard M. Sczepczenski, Glen Jaquette, Peter G. Sutton
-
Publication number: 20210119784Abstract: A path for a node of a computing environment is secured. The securing includes obtaining, by the node, a message that includes an identifier of a shared key and an encrypted message. The node obtains the shared key from a key server and uses it to decrypt the encrypted message to obtain an encryption key and one or more parameters. A security parameters index to be associated with the encryption key and the one or more parameters is obtained. The node sends a response message to another node, the response message including the security parameters index.Type: ApplicationFiled: December 30, 2020Publication date: April 22, 2021Inventors: Patricia G. Driever, Roger G. Hathorn, Christopher Colonna, John Flanagan, George P. Kuch, Richard M. Sczepczenski, Glen Jaquette
-
Publication number: 20200396182Abstract: Techniques for inter-switch link (ISL) identification and monitoring are described herein. An aspect includes sending a query fabric path command to a switch, the query fabric path command including an origin address and a destination address. Another aspect includes receiving a query fabric path response from the switch based on the query fabric path command, the query fabric path response including a plurality of port identifiers. Another aspect includes monitoring a plurality of ports, each of the plurality of ports corresponding to a respective port identifier of the plurality of port identifiers in the query fabric path response.Type: ApplicationFiled: June 11, 2019Publication date: December 17, 2020Inventors: Christopher Colonna, Pasquale A. Catalano, Stephen Robert Guendert, Michael James Becht, Patricia G. Driever
-
Patent number: 10833856Abstract: A shared key, used by one node and another node of a computing environment in authentication of one or more links coupling the one node and the other node, is determined to be within an expiration range. Based on determining the shared key is within the expiration range, re-authentication of at least one link is automatically initiated. The automatically initiating re-authentication includes obtaining, by the one node, a new shared key from a key server, sending a message encrypted with the new shared key from the one node to the other node via one link of the one or more links, and receiving by the one node via the one link an indication that the other node decrypted the message using the new shared key.Type: GrantFiled: September 4, 2018Date of Patent: November 10, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Roger G. Hathorn, John Flanagan, Christopher Colonna, George P. Kuch, Richard M. Sczepczenski, Patricia G. Driever
-
Patent number: 10833860Abstract: Authentication is performed on a plurality of links of a computing environment. One node requests generation of a shared key by a key server coupled to the one node. The one node obtains the shared key and an identifier of the shared key and sends the identifier from the one node to another node. A message encrypted with the shared key is sent from the one node to the other node via one link of the plurality of links. The one node receives via the one link an indication that the other node decrypted the encrypted message using the shared key obtained by the other node. The sending the encrypted message and the receiving the indication that the other node decrypted the encrypted message are repeated on one or more other links of the plurality of links using the shared key previously obtained.Type: GrantFiled: September 4, 2018Date of Patent: November 10, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Patricia G. Driever, Roger G. Hathorn, Christopher Colonna, John Flanagan, George P. Kuch, Richard M. Sczepczenski, Glen Jaquette
-
Publication number: 20200326866Abstract: An aspect includes monitoring, by a server, a round trip latency between a primary storage device and a secondary storage device in a SAN. The secondary storage device replicates the primary storage device in a replication mode that is either an asynchronous replication mode or a synchronous replication mode. Based on the replication mode being the asynchronous replication mode and on detecting that the round trip latency has decreased to a value below a synchronous latency threshold value, the replication mode is set to the synchronous replication mode. Based on the replication mode being the synchronous replication mode and on detecting that the round trip latency has increased to a value above the synchronous latency threshold value, the replication mode is set to the asynchronous replication mode. The monitoring is repeated.Type: ApplicationFiled: April 11, 2019Publication date: October 15, 2020Inventors: Pasquale A. Catalano, Michael James Becht, Christopher Colonna, Stephen Robert Guendert
-
Patent number: 10764291Abstract: Access between a plurality of nodes of the computing environment is controlled by a key server. The key server receives from one node of the plurality of nodes, a request for a shared key, in which the shared key is created for a selected node pair. A determination is made by the key server as to whether the one node is a node of the selected node pair. In one example, the determining checks an alternate name of the one node to determine whether it matches an alternate name associated with the shared key. Based on determining the one node is a node of the selected node pair, the key server provides the shared key to the one node.Type: GrantFiled: September 4, 2018Date of Patent: September 1, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Patricia G. Driever, Roger G. Hathorn, Christopher Colonna, John Flanagan, George P. Kuch, Richard M. Sczepczenski, Glen Jaquette, Jacob L. Sheppard, Peter G. Sutton
-
Publication number: 20200125217Abstract: According to one or more embodiments of the present invention, a computer-implemented method includes receiving a request to update a layout of a user interface being rendered. The method further includes receiving a user input for an element of the user interface. The method further includes determining whether the user input is received within a predetermined duration since receiving the request to update the layout. The method further includes, based on a determination that the user input is received after completion of the predetermined duration, accepting the user input. The method further includes, based on a determination that the user input is received prior to completion of the predetermined duration, rejecting the user input.Type: ApplicationFiled: October 18, 2018Publication date: April 23, 2020Inventors: Raymond M. Higgs, Christopher Colonna, Luke Hopkins
-
Publication number: 20200076581Abstract: Authentication is performed on a plurality of links to be used to couple one node of the computing environment and another node of the computing environment. The performing authentication includes obtaining, by the other node from the one node via one link of the plurality of links, an identifier of a shared key maintained by a key server. The other node uses the identifier to obtain the shared key from the key server. An indication that the other node decrypted a message received from the one node using the shared key is sent from the other node via the one link. The sending the indication on one or more other links of the plurality of links is repeated for subsequent messages decrypted by the other node using the shared key previously obtained.Type: ApplicationFiled: September 4, 2018Publication date: March 5, 2020Inventors: Patricia G. Driever, Roger G. Hathorn, Christopher Colonna, John Flanagan, George P. Kuch, Richard M. Sczepczenski, Glen Jaquette
-
Publication number: 20200076600Abstract: Authentication is performed on a plurality of links of a computing environment. One node requests generation of a shared key by a key server coupled to the one node. The one node obtains the shared key and an identifier of the shared key and sends the identifier from the one node to another node. A message encrypted with the shared key is sent from the one node to the other node via one link of the plurality of links. The one node receives via the one link an indication that the other node decrypted the encrypted message using the shared key obtained by the other node. The sending the encrypted message and the receiving the indication that the other node decrypted the encrypted message are repeated on one or more other links of the plurality of links using the shared key previously obtained.Type: ApplicationFiled: September 4, 2018Publication date: March 5, 2020Inventors: Patricia G. Driever, Roger G. Hathorn, Christopher Colonna, John Flanagan, George P. Kuch, Richard M. Sczepczenski, Glen Jaquette
-
Publication number: 20200076618Abstract: A path is secured from one node to another node of the computing environment. The one node obtains a first encryption key and one or more first parameters for transmission of data, and a second encryption key and one or more second parameters for reception of data. A shared key is obtained by the one node from a key server, and the shared key is used to encrypt a message. The encrypted message includes the first encryption key, the one or more first parameters, the second encryption key and the one or more second parameters. The encrypted message and an identifier of the shared key is sent from the one node to the other node, and a response message is received by the one node. The response message at least provides an indication that the other node received the encrypted message and obtained the shared key.Type: ApplicationFiled: September 4, 2018Publication date: March 5, 2020Inventors: Patricia G. Driever, Roger G. Hathorn, Christopher Colonna, John Flanagan, George P. Kuch, Richard M. Sczepczenski, Glen Jaquette