Patents by Inventor Christopher Van Wart
Christopher Van Wart has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11570185Abstract: An insider attack resistant system for providing cloud services integrity checking is disclosed. In particular, the system utilizes an automated integrity checking script and virtual machines to check the integrity of a service. The system may utilize the integrity checking script and virtual machines to execute a set of operations associated with the service so as to check the integrity of the service. When executing the set of operations, the system may only have access to the minimum level of access to peripherals that is required for each operation in the set of operations to be executed. After each operation is executed, the system may log each result for each operation, and analyze each result to determine if a failure exists for any of the operations. If a failure exists, the system may determine that a change in an expected system behavior associated with the service has occurred.Type: GrantFiled: October 21, 2019Date of Patent: January 31, 2023Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Thusitha Jayawardena, Jeffrey E. Bickford, Mikhail Istomin, John Liefert, Gokul Singaraju, Christopher Van Wart
-
Publication number: 20230024436Abstract: Concepts and technologies directed to scrubbed internet protocol domain for enhanced cloud security are disclosed herein. In various aspects, a system can include a processor and memory storing instructions that, upon execution, cause performance of operations. The operations can include exposing an application to a service provider network that provides an internet connection, where the application is provided by a datacenter that communicates with the service provider network. The operations can include monitoring traffic flows to the application during an observation time period, where the traffic flows include probe traffic that attempts to reach the application. The operations can include constructing a scrubbed internet protocol domain such that detected probe traffic is prevented from reaching a plurality of virtual machines provided by the datacenter.Type: ApplicationFiled: September 30, 2022Publication date: January 26, 2023Applicant: AT&T Intellectual Property I, L.P.Inventors: Thusitha Jayawardena, Christopher Van Wart, Leonard Russo, Nicholas Arconati, Robert Chin
-
Patent number: 11477163Abstract: Concepts and technologies directed to scrubbed internet protocol domain for enhanced cloud security are disclosed herein. In various aspects, a system can include a processor and memory storing instructions that, upon execution, cause performance of operations. The operations can include exposing an application to a service provider network that provides an internet connection, where the application is provided by a datacenter that communicates with the service provider network. The operations can include monitoring traffic flows to the application during an observation time period, where the traffic flows include probe traffic that attempts to reach the application. The operations can include constructing a scrubbed internet protocol domain such that detected probe traffic is prevented from reaching a plurality of virtual machines provided by the datacenter.Type: GrantFiled: August 26, 2019Date of Patent: October 18, 2022Assignee: AT&T Intellectual Property I, L.P.Inventors: Thusitha Jayawardena, Christopher Van Wart, Leonard Russo, Nicholas Arconati, Robert Chin
-
Publication number: 20210067489Abstract: Concepts and technologies directed to scrubbed internet protocol domain for enhanced cloud security are disclosed herein. In various aspects, a system can include a processor and memory storing instructions that, upon execution, cause performance of operations. The operations can include exposing an application to a service provider network that provides an internet connection, where the application is provided by a datacenter that communicates with the service provider network. The operations can include monitoring traffic flows to the application during an observation time period, where the traffic flows includes probe traffic that attempts to reach the application. The operations can include constructing a scrubbed internet protocol domain such that detected probe traffic is prevented from reaching a plurality of virtual machines provided by the datacenter.Type: ApplicationFiled: August 26, 2019Publication date: March 4, 2021Applicant: AT&T Intellectual Property I, L.P.Inventors: Thusitha Jayawardena, Christopher Van Wart, Leonard Russo, Nicholas Arconati, Robert Chin
-
Patent number: 10681611Abstract: Aspects of the subject disclosure may include, for example, determining a first access point name according to a first service set identifier associated with a first wireless message transmitted according to a first wireless protocol from a first device, where the first access point name is included in a set of access point names of a cellular communication system, and transmitting a second wireless message according to a second wireless protocol to a communication node of a guided wave communication system, where the guided wave communication system is communicatively coupled to the cellular communication system, where the second wireless message is associated with the first wireless message and includes the first access point name, and where the cellular communication system determines a first routing of first communications associated with the first device according to first access point name. Other embodiments are disclosed.Type: GrantFiled: November 16, 2018Date of Patent: June 9, 2020Assignee: AT&T Intellectual Property I, L.P.Inventors: Thusitha Jayawardena, Christopher Van Wart, Donald Levy, Cristina Serban, David Gross, Deon Ogle, Shawn Hiemstra, Jayaraman Ramachandran
-
Publication number: 20200162994Abstract: Aspects of the subject disclosure may include, for example, determining a first access point name according to a first service set identifier associated with a first wireless message transmitted according to a first wireless protocol from a first device, where the first access point name is included in a set of access point names of a cellular communication system, and transmitting a second wireless message according to a second wireless protocol to a communication node of a guided wave communication system, where the guided wave communication system is communicatively coupled to the cellular communication system, where the second wireless message is associated with the first wireless message and includes the first access point name, and where the cellular communication system determines a first routing of first communications associated with the first device according to first access point name. Other embodiments are disclosed.Type: ApplicationFiled: November 16, 2018Publication date: May 21, 2020Applicant: AT&T Intellectual Property I, L.P.Inventors: Thusitha Jayawardena, Christopher Van Wart, Donald Levy, Cristina Serban, David Gross, Deon Ogle, Shawn Hiemstra, Jayaraman Ramachandran
-
Publication number: 20200053107Abstract: An insider attack resistant system for providing cloud services integrity checking is disclosed. In particular, the system utilizes an automated integrity checking script and virtual machines to check the integrity of a service. The system may utilize the integrity checking script and virtual machines to execute a set of operations associated with the service so as to check the integrity of the service. When executing the set of operations, the system may only have access to the minimum level of access to peripherals that is required for each operation in the set of operations to be executed. After each operation is executed, the system may log each result for each operation, and analyze each result to determine if a failure exists for any of the operations. If a failure exists, the system may determine that a change in an expected system behavior associated with the service has occurred.Type: ApplicationFiled: October 21, 2019Publication date: February 13, 2020Applicant: AT&T Intellectual Property I, L.P.Inventors: Thusitha Jayawardena, Jeffrey E. Bickford, Mikhail Istomin, John Liefert, Gokul Singaraju, Christopher Van Wart
-
Patent number: 10547647Abstract: A system and method for identifying distributed attacks, such as, but not limited to, distributed denial of service attacks and botnet attacks, in a first network serviced by a first carrier and configured to alert a second network serviced by a second carrier that is different from the first carrier is disclosed. Once an attack has been identified, an attack alert is generated and provided to the second network or other aspects of the first network, or both. The attack alerts may be distributed dynamically with the second network via diameter based security protocol Rs. Such system and method may mitigate distributed malicious attacks by sharing destination internet protocol and bad international mobile subscriber identity information across carriers.Type: GrantFiled: January 29, 2019Date of Patent: January 28, 2020Assignee: AT&T Intellectual Property I, L.P.Inventors: Gokul Singaraju, Ashutosh Dutta, Thusitha Jayawardena, Christopher Van Wart
-
Patent number: 10454956Abstract: An insider attack resistant system for providing cloud services integrity checking is disclosed. In particular, the system utilizes an automated integrity checking script and virtual machines to check the integrity of a service. The system may utilize the integrity checking script and virtual machines to execute a set of operations associated with the service so as to check the integrity of the service. When executing the set of operations, the system may only have access to the minimum level of access to peripherals that is required for each operation in the set of operations to be executed. After each operation is executed, the system may log each result for each operation, and analyze each result to determine if a failure exists for any of the operations. If a failure exists, the system may determine that a change in an expected system behavior associated with the service has occurred.Type: GrantFiled: August 13, 2018Date of Patent: October 22, 2019Assignee: AT&T Intellectual Property I, L.P.Inventors: Thusitha Jayawardena, Jeffrey E. Bickford, Mikhail Istomin, John Liefert, Gokul Singaraju, Christopher Van Wart
-
Patent number: 10425419Abstract: A system for providing access control in a cloud includes a software defined network including a software defined network controller. The system is configured to authenticate user access using multi-factor authentication. If the user is authorized to access a cloud resource the software defined network controller sends instructions to insert layer 3 and 4 user-specific flows to a software defined network device connected to the cloud resource. The user-specific flows cause the software defined network device to grant access to the cloud resource to the user.Type: GrantFiled: July 21, 2016Date of Patent: September 24, 2019Assignee: AT&T Intellectual Property I, L.P.Inventors: Thusitha Jayawardena, John Liefert, Christopher Van Wart
-
Publication number: 20190158542Abstract: A system and method for identifying distributed attacks, such as, but not limited to, distributed denial of service attacks and botnet attacks, in a first network serviced by a first carrier and configured to alert a second network serviced by a second carrier that is different from the first carrier is disclosed. Once an attack has been identified, an attack alert is generated and provided to the second network or other aspects of the first network, or both. The attack alerts may be distributed dynamically with the second network via diameter based security protocol Rs. Such system and method may mitigate distributed malicious attacks by sharing destination internet protocol and bad international mobile subscriber identity information across carriers.Type: ApplicationFiled: January 29, 2019Publication date: May 23, 2019Applicant: AT&T Intellectual Property I, L.P.Inventors: Gokul Singaraju, Ashutosh Dutta, Thusitha Jayawardena, Christopher Van Wart
-
Patent number: 10230767Abstract: A system and method for identifying distributed attacks, such as, but not limited to, distributed denial of service attacks and botnet attacks, in a first network serviced by a first carrier and configured to alert a second network serviced by a second carrier that is different from the first carrier is disclosed. Once an attack has been identified, an attack alert is generated and provided to the second network or other aspects of the first network, or both. The attack alerts may be distributed dynamically with the second network via diameter based security protocol Rs. Such system and method may mitigate distributed malicious attacks by sharing destination internet protocol and bad international mobile subscriber identity information across carriers.Type: GrantFiled: July 29, 2015Date of Patent: March 12, 2019Assignee: AT&T Intellectual Property I, L.P.Inventors: Gokul Singaraju, Ashutosh Dutta, Thusitha Jayawardena, Christopher Van Wart
-
Publication number: 20190007431Abstract: An insider attack resistant system for providing cloud services integrity checking is disclosed. In particular, the system utilizes an automated integrity checking script and virtual machines to check the integrity of a service. The system may utilize the integrity checking script and virtual machines to execute a set of operations associated with the service so as to check the integrity of the service. When executing the set of operations, the system may only have access to the minimum level of access to peripherals that is required for each operation in the set of operations to be executed. After each operation is executed, the system may log each result for each operation, and analyze each result to determine if a failure exists for any of the operations. If a failure exists, the system may determine that a change in an expected system behavior associated with the service has occurred.Type: ApplicationFiled: August 13, 2018Publication date: January 3, 2019Applicant: AT&T Intellectual Property I, L.P.Inventors: Thusitha Jayawardena, Jeffrey E. Bickford, Mikhail Istomin, John Liefert, Gokul Singaraju, Christopher Van Wart
-
Patent number: 10079844Abstract: An insider attack resistant system for providing cloud services integrity checking is disclosed. In particular, the system utilizes an automated integrity checking script and virtual machines to check the integrity of a service. The system may utilize the integrity checking script and virtual machines to execute a set of operations associated with the service so as to check the integrity of the service. When executing the set of operations, the system may only have access to the minimum level of access to peripherals that is required for each operation in the set of operations to be executed. After each operation is executed, the system may log each result for each operation, and analyze each result to determine if a failure exists for any of the operations. If a failure exists, the system may determine that a change in an expected system behavior associated with the service has occurred.Type: GrantFiled: August 22, 2017Date of Patent: September 18, 2018Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Thusitha Jayawardena, Jeffrey E. Bickford, Mikhail Istomin, John Liefert, Gokul Singaraju, Christopher Van Wart
-
Publication number: 20180262467Abstract: Systems and methods provide mitigation for denial of service attacks against servers open to the Internet by preventing delivery of malicious traffic to servers using network gateways.Type: ApplicationFiled: March 8, 2017Publication date: September 13, 2018Inventors: Thusitha JAYAWARDENA, John LIEFERT, Christopher VAN WART
-
Publication number: 20180026987Abstract: A system for providing access control in a cloud includes a software defined network including a software defined network controller. The system is configured to authenticate user access using multi-factor authentication. If the user is authorized to access a cloud resource the software defined network controller sends instructions to insert layer 3 and 4 user-specific flows to a software defined network device connected to the cloud resource. The user-specific flows cause the software defined network device to grant access to the cloud resource to the user.Type: ApplicationFiled: July 21, 2016Publication date: January 25, 2018Inventors: Thusitha Jayawardena, John Liefert, Christopher Van Wart
-
Publication number: 20170353479Abstract: An insider attack resistant system for providing cloud services integrity checking is disclosed. In particular, the system utilizes an automated integrity checking script and virtual machines to check the integrity of a service. The system may utilize the integrity checking script and virtual machines to execute a set of operations associated with the service so as to check the integrity of the service. When executing the set of operations, the system may only have access to the minimum level of access to peripherals that is required for each operation in the set of operations to be executed. After each operation is executed, the system may log each result for each operation, and analyze each result to determine if a failure exists for any of the operations. If a failure exists, the system may determine that a change in an expected system behavior associated with the service has occurred.Type: ApplicationFiled: August 22, 2017Publication date: December 7, 2017Applicant: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Thusitha Jayawardena, Jeffrey E. Bickford, Mikhail Istomin, John Liefert, Gokul Singaraju, Christopher Van Wart
-
Patent number: 9787701Abstract: An insider attack resistant system for providing cloud services integrity checking is disclosed. In particular, the system utilizes an automated integrity checking script and virtual machines to check the integrity of a service. The system may utilize the integrity checking script and virtual machines to execute a set of operations associated with the service so as to check the integrity of the service. When executing the set of operations, the system may only have access to the minimum level of access to peripherals that is required for each operation in the set of operations to be executed. After each operation is executed, the system may log each result for each operation, and analyze each result to determine if a failure exists for any of the operations. If a failure exists, the system may determine that a change in an expected system behavior associated with the service has occurred.Type: GrantFiled: March 16, 2017Date of Patent: October 10, 2017Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Thusitha Jayawardena, Jeffrey E. Bickford, Mikhail Istomin, John Liefert, Gokul Singaraju, Christopher Van Wart
-
Publication number: 20170187732Abstract: An insider attack resistant system for providing cloud services integrity checking is disclosed. In particular, the system utilizes an automated integrity checking script and virtual machines to check the integrity of a service. The system may utilize the integrity checking script and virtual machines to execute a set of operations associated with the service so as to check the integrity of the service. When executing the set of operations, the system may only have access to the minimum level of access to peripherals that is required for each operation in the set of operations to be executed. After each operation is executed, the system may log each result for each operation, and analyze each result to determine if a failure exists for any of the operations. If a failure exists, the system may determine that a change in an expected system behavior associated with the service has occurred.Type: ApplicationFiled: March 16, 2017Publication date: June 29, 2017Applicant: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Thusitha Jayawardena, Jeffrey E. Bickford, Mikhail Istomin, John Liefert, Gokul Singaraju, Christopher Van Wart
-
Patent number: 9606854Abstract: An insider attack resistant system for providing cloud services integrity checking is disclosed. In particular, the system utilizes an automated integrity checking script and virtual machines to check the integrity of a service. The system may utilize the integrity checking script and virtual machines to execute a set of operations associated with the service so as to check the integrity of the service. When executing the set of operations, the system may only have access to the minimum level of access to peripherals that is required for each operation in the set of operations to be executed. After each operation is executed, the system may log each result for each operation, and analyze each result to determine if a failure exists for any of the operations. If a failure exists, the system may determine that a change in an expected system behavior associated with the service has occurred.Type: GrantFiled: August 13, 2015Date of Patent: March 28, 2017Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Thusitha Jayawardena, Jeffrey E. Bickford, Mikhail Istomin, John Liefert, Gokul Singaraju, Christopher Van Wart