Patents by Inventor Christopher J. Hockings
Christopher J. Hockings has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11681757Abstract: Disclosed herein is a system and method for identifying a spam email message. To identify a spam message a similarity measurement hash and a sender hash is generated for each email message. Two or more previously received email messages are compared with an incoming email message. The incoming email message is identified as a spam message when the similarity measurement hash between incoming message and one of the received messages matches and the corresponding sender hash does not match. The system may integrate with other email servers through a DNS to identify spam emails across different organizations and locations. The system and method may further apply rules to particular match to whitelist a potential spam email.Type: GrantFiled: November 5, 2019Date of Patent: June 20, 2023Assignee: International Business Machines CorporationInventors: Mark H. Barber, Carsten Hagemann, Christopher J. Hockings
-
Patent number: 11012455Abstract: A method for modifying a user session lifecycle is provided. The method may include verifying a user session on a cloud service provider is valid. The method may also include monitoring a plurality of user behaviors exhibited during the verified user session. The method may further include determining a plurality of session data within an identity provider should be updated based on the monitored plurality of user behaviors and a policy within a database. The method may also include modifying the determined plurality of session data.Type: GrantFiled: April 3, 2019Date of Patent: May 18, 2021Assignee: International Business Machines CorporationInventors: Shahnawaz Backer, Christopher J. Hockings, Codur S. Pranam, Rohit U. Satyanarayana
-
Patent number: 10834084Abstract: Embodiments can provide a method for accessing an endpoint, including: receiving, from a privileged user, a request for accessing the endpoint; providing, by a user behavior analytics device, a risk score with respect to the privileged user, wherein the risk score is calculated based on at least one action performed by the privileged user. If the risk score is lower than a first predefined value, providing access to the endpoint for the privileged user. If the risk score is higher than a second predefined value, denying the request for accessing the endpoint. If the risk score is between the first predefined value and the second predefined value, performing at least one of: providing, by a privileged identity management server, a multi-factor authentication against the privileged user; and rerouting the request for accessing the endpoint for approval.Type: GrantFiled: July 20, 2018Date of Patent: November 10, 2020Assignee: International Business Machines CorporationInventors: Matthew P. Ouellette, Christopher J. Hockings, Suhas V. Kashyap, Chee Meng Low
-
Patent number: 10657182Abstract: Disclosed herein is a system and method for identifying a spam email message. To identify a spam message a similarity measurement hash and a sender hash is generated for each email message. Two or more previously received email messages are compared with an incoming email message. The incoming email message is identified as a spam message when the similarity measurement hash between incoming message and one of the received messages matches and the corresponding sender hash does not match. The system may integrate with other email servers through a DNS to identify spam emails across different organizations and locations. The system and method may further apply rules to particular match to whitelist a potential spam email.Type: GrantFiled: September 20, 2016Date of Patent: May 19, 2020Assignee: International Business Machines CorporationInventors: Mark H. Barber, Carsten Hagemann, Christopher J. Hockings
-
Publication number: 20200065335Abstract: Disclosed herein is a system and method for identifying a spam email message. To identify a spam message a similarity measurement hash and a sender hash is generated for each email message. Two or more previously received email messages are compared with an incoming email message. The incoming email message is identified as a spam message when the similarity measurement hash between incoming message and one of the received messages matches and the corresponding sender hash does not match. The system may integrate with other email servers through a DNS to identify spam emails across different organizations and locations. The system and method may further apply rules to particular match to whitelist a potential spam email.Type: ApplicationFiled: November 5, 2019Publication date: February 27, 2020Inventors: Mark H. Barber, Carsten Hagemann, Christopher J. Hockings
-
Publication number: 20200028850Abstract: Embodiments can provide a method for accessing an endpoint, including: receiving, from a privileged user, a request for accessing the endpoint; providing, by a user behavior analytics device, a risk score with respect to the privileged user, wherein the risk score is calculated based on at least one action performed by the privileged user. If the risk score is lower than a first predefined value, providing access to the endpoint for the privileged user. If the risk score is higher than a second predefined value, denying the request for accessing the endpoint. If the risk score is between the first predefined value and the second predefined value, performing at least one of: providing, by a privileged identity management server, a multi-factor authentication against the privileged user; and rerouting the request for accessing the endpoint for approval.Type: ApplicationFiled: July 20, 2018Publication date: January 23, 2020Inventors: Matthew P. Ouellette, Christopher J. Hockings, Suhas V. Kashyap, Chee Meng Low
-
Publication number: 20190230111Abstract: A method for modifying a user session lifecycle is provided. The method may include verifying a user session on a cloud service provider is valid. The method may also include monitoring a plurality of user behaviors exhibited during the verified user session. The method may further include determining a plurality of session data within an identity provider should be updated based on the monitored plurality of user behaviors and a policy within a database. The method may also include modifying the determined plurality of session data.Type: ApplicationFiled: April 3, 2019Publication date: July 25, 2019Inventors: Shahnawaz Backer, Christopher J. Hockings, Codur S. Pranam, Rohit U. Satyanarayana
-
Patent number: 10291636Abstract: A method for modifying a user session lifecycle is provided. The method may include verifying a user session on a cloud service provider is valid. The method may also include monitoring a plurality of user behaviors exhibited during the verified user session. The method may further include determining a plurality of session data within an identity provider should be updated based on the monitored plurality of user behaviors and a policy within a database. The method may also include modifying the determined plurality of session data.Type: GrantFiled: May 23, 2016Date of Patent: May 14, 2019Assignee: International Business Machines CorporationInventors: Shahnawaz Backer, Christopher J. Hockings, Codur S. Pranam, Rohit U. Satyanarayana
-
Patent number: 10291641Abstract: Assessment of threat risks associated with a given mobile device application (app) on a device type specific basis, so that the threat assessment is specific to a particular device type that is suitable for running the given app. The assessed device-type-specific risk is represented as device-type-specific risk metadata, which is associated as metadata with the given app. For example, the metadata may be stored along with the given app in a common repository that includes many apps. In some embodiments, the device-type-specific risk metadata is generated and stored comprehensively for all apps and device types used in an enterprise. The device-type-specific risk assessment, and corresponding device-type-specific risk metadata, may be based upon run time behavior of the given app on a given device type.Type: GrantFiled: July 7, 2017Date of Patent: May 14, 2019Assignee: International Business Machines CorporationInventors: Vikas B. Desai, Carsten Hagemann, Christopher J. Hockings, Mark D. Johnston
-
Patent number: 10255430Abstract: A mechanism is provided for sending a password to a terminal. A password send request is received. The status of each of a plurality of terminals coupled to the information processing device via a network is acquired. On the basis of the acquired statuses, at least one item is selected from a group comprising the terminal serving as a destination for the password, the communication method with the terminal, or the method for inputting the password in the terminal. The password is then sent to the selected terminal via a network.Type: GrantFiled: August 15, 2017Date of Patent: April 9, 2019Assignee: International Business Machines CorporationInventors: Christopher J. Hockings, Philip A. J. Nye, Tadashi Tsumura
-
Patent number: 10251033Abstract: A request for a first resource by a user is received. In response to receiving the request for a first resource, a second resource is determined based on the first resource and a resource usage pattern of the user. A response to the request for the first resource is provided. The response includes the first resource and the second resource.Type: GrantFiled: December 18, 2015Date of Patent: April 2, 2019Assignee: International Business Machines CorporationInventors: Ann-Louise Bolger, Scott A. Exton, Yaqian Fang, Christopher J. Hockings
-
Patent number: 10178096Abstract: Embodiments describing an approach to receiving user data, and monitoring a user data transaction. Monitoring a user data transaction. Identifying a plurality of attribute elements associated with the user data and the user data transaction. Creating benchmark data based on one or more identified attributes and user data gathered from a user data transaction, and storing, by the one or more processors, benchmark data.Type: GrantFiled: March 31, 2017Date of Patent: January 8, 2019Assignee: International Business Machines CorporationInventors: Christopher J. Hockings, Budi Mulyono, Sumana S. Narasipur, Codur S. Pranam
-
Publication number: 20180288051Abstract: Embodiments describing an approach to receiving user data, and monitoring a user data transaction. Monitoring a user data transaction. Identifying a plurality of attribute elements associated with the user data and the user data transaction. Creating benchmark data based on one or more identified attributes and user data gathered from a user data transaction, and storing, by the one or more processors, benchmark data.Type: ApplicationFiled: March 31, 2017Publication date: October 4, 2018Inventors: Christopher J. Hockings, Budi Mulyono, Sumana S. Narasipur, Codur S. Pranam
-
Patent number: 10079928Abstract: A mechanism is provided for authenticating a second terminal based on information sensed by a first terminal. Responsive to receiving an authentication request, a first output request is sent to a second terminal instructing the second terminal to generate information able to be sensed by a sensor in a first terminal. An authentication of the authentication request is performed based on a condition that the sensor in the first terminal has sensed the information generated by the second terminal.Type: GrantFiled: July 21, 2015Date of Patent: September 18, 2018Assignee: International Business Machines CorporationInventors: Christopher J. Hockings, Philip A. J. Nye, Tadashi Tsumura
-
Publication number: 20180262534Abstract: A policy enforcement point includes fraud prevention information associated with devices and/or users which is collected from: (i) many cloud fraud services located in the cloud; and/or (ii) authorization processing of users and/or devices. The policy enforcement point is consulted when a user/device undergoes authorization processing for a transaction with an application (for example, an application that serves protected content such as financial records, email, etc.). Fraud prevention information is added to session data, associated with the attempted authorization to the application, for the user/device as the user/device proceeds its attempted authorization to the application. In some cases, the authorization to the application may be refused based on the data added to the session data by the policy enforcement point or the policy enforcement point will propagate fraud prevention information to the application to make the decision.Type: ApplicationFiled: May 11, 2018Publication date: September 13, 2018Inventors: Scott M. Andrews, Timothy J. Ashton, Leigh Doddy, Christopher J. Hockings, Trevor S. Norvill
-
Patent number: 10063593Abstract: A policy enforcement point includes fraud prevention information associated with devices and/or users which is collected from: (i) many cloud fraud services located in the cloud; and/or (ii) authorization processing of users and/or devices. The policy enforcement point is consulted when a user/device undergoes authorization processing for a transaction with an application (for example, an application that serves protected content such as financial records, email, etc.). Fraud prevention information is added to session data, associated with the attempted authorization to the application, for the user/device as the user/device proceeds its attempted authorization to the application. In some cases, the authorization to the application may be refused based on the data added to the session data by the policy enforcement point or the policy enforcement point will propagate fraud prevention information to the application to make the decision.Type: GrantFiled: December 29, 2015Date of Patent: August 28, 2018Assignee: International Business Machines CorporationInventors: Scott M. Andrews, Timothy J. Ashton, Leigh Doddy, Christopher J. Hockings, Trevor S. Norvill
-
Patent number: 10038690Abstract: A first user request may be received to access a particular resource. A first authentication credential from a first client device may be received based on a first authentication challenge being issued to a user of the first client device. A second client device of the user may be notified to prompt the user to provide a second authentication credential to complete at least a second authentication challenge. The access to the particular resource may require at least successfully completing the first authentication challenge on the first client device and the second authentication challenge on the second client device.Type: GrantFiled: May 31, 2016Date of Patent: July 31, 2018Assignee: International Business Machines CorporationInventors: Scott M. Andrews, Christopher J. Hockings, Sumana Srinath Narasipur, Codur Sreedhar Pranam
-
Patent number: 10003602Abstract: Monitoring across multiple-channels, used by multiple devices, to determine which email messages being sent to a user are solicited by the user. A broad spectrum of network and telephony access records are analyzed to determine whether an email message is likely being sent as a result of legitimate services access by the user.Type: GrantFiled: June 24, 2014Date of Patent: June 19, 2018Assignee: International Business Machines CorporationInventors: Christopher J. Hockings, Neil I. Readshaw
-
Patent number: 9998468Abstract: A management component of a computing system evaluates end-users, end-user devices, and user accounts for access to provisioned-resources of the computing system. The management component utilizes device compliance attributes to form a device risk vector associated with an end-user device. The management component further utilizes resource compliance attributes to form a resource risk vector associated with a provisioned-resource. The management component forms a policy vector utilizing compliance attributes included in a compliance policy. The management component compares the device and resource risk vectors to the policy vector to determine a threat vector, and uses the threat vector to evaluate the end-users, end-user devices, and user accounts for risk of security breach, damage to, and/or loss of components of the computing system.Type: GrantFiled: August 30, 2017Date of Patent: June 12, 2018Assignee: International Business Machines CorporationInventors: Christopher J. Hockings, Dinesh T. Jain, Rohit U. Satyanarayana, Vincent C. Williams
-
Patent number: 9998470Abstract: Embodiments describing an approach to receiving user data, and monitoring a user data transaction. Monitoring a user data transaction. Identifying a plurality of attribute elements associated with the user data and the user data transaction. Creating benchmark data based on one or more identified attributes and user data gathered from a user data transaction, and storing, by the one or more processors, benchmark data.Type: GrantFiled: September 19, 2017Date of Patent: June 12, 2018Assignee: International Business Machines CorporationInventors: Christopher J. Hockings, Budi Mulyono, Sumana S. Narasipur, Codur S. Pranam