Patents by Inventor Dale Bowie
Dale Bowie has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11689574Abstract: A configuration of a security system is optimized based on revising metadata categories and one or more associated properties which comprise the metadata categories included in at least one rule used by the security system. The optimized configuration is transmitted to the security system. A current configuration of the security system is update. An indication of the update being successful is received.Type: GrantFiled: March 9, 2021Date of Patent: June 27, 2023Assignee: International Business Machines CorporationInventor: Dale Bowie
-
Patent number: 11677864Abstract: A computer-implemented method comprising: (i) defining a new ethertype to be used in communicating PIDs (process identification codes), with the new ethertype being assigned a new ethertype code; (ii) determining a selected abstraction layer from a plurality of abstraction layers to be used in communicating PIDs; and (iii) making a plurality of network communications among and between computers of a networked computers system, with each communication, with the making of each given communication including: (a) inserting the new ethertype code and a PID of a process causing the given communication to occur into a data structure, and (b) communicating the data structure between computers of the networked computers system at the selected abstraction layer.Type: GrantFiled: December 16, 2020Date of Patent: June 13, 2023Assignee: International Business Machines CorporationInventors: Dale Bowie, Sophia Sampath
-
Publication number: 20230169215Abstract: Before deployment, artifacts and/or binaries are generated by the process of compilation from source code files are double signed with signatures. Immediately before deployment, a copy of the artifacts and/or binaries is made for the planned deployment and the double signed signatures are checked to ensure source code integrity and security.Type: ApplicationFiled: December 1, 2021Publication date: June 1, 2023Inventors: Dale Bowie, Narayana Aditya Madineni, Matthew Green
-
Patent number: 11558367Abstract: A processor may receive a packet configured to travel in a network. The packet may be configured to travel from a first device to a second device. The processor may analyze the packet. The processor may detect a password with the packet. The processor may determine whether the detected password complies with at least one password policy. The processor may provide a password policy compliance output to a user. The password policy compliance output may indicate to the user whether the detected password complies with the at least one password policy.Type: GrantFiled: March 25, 2020Date of Patent: January 17, 2023Assignee: International Business Machines CorporationInventors: Holly Wright, Dale Bowie, Peter Terence Cogill, Hannah Claire Jury
-
Patent number: 11516138Abstract: A computer-implemented system and method identifies a network flow direction. The method includes observing, by a network flow monitor, a plurality of data packets as each data packet travels past a connection point. The method further includes identifying, from the plurality of data packets, a flow session, wherein the flow session comprises a source port, a source device, a destination device, a destination port, and a communication protocol. The method also includes, gathering, from the plurality of data packets, directional metadata. The method includes, comparing the source port and the destination port against a list of common destination ports. The method further includes determining, based on the plurality of data packets, a flow direction of the flow session. The method includes storing the flow session in a database.Type: GrantFiled: April 27, 2020Date of Patent: November 29, 2022Assignee: International Business Machines CorporationInventor: Dale Bowie
-
Publication number: 20220294826Abstract: A configuration of a security system is optimized based on revising metadata categories and one or more associated properties which comprise the metadata categories included in at least one rule used by the security system. The optimized configuration is transmitted to the security system. A current configuration of the security system is update. An indication of the update being successful is received.Type: ApplicationFiled: March 9, 2021Publication date: September 15, 2022Inventor: Dale Bowie
-
Publication number: 20220191308Abstract: A computer-implemented method comprising: (i) defining a new ethertype to be used in communicating PIDs (process identification codes), with the new ethertype being assigned a new ethertype code; (ii) determining a selected abstraction layer from a plurality of abstraction layers to be used in communicating PIDs; and (iii) making a plurality of network communications among and between computers of a networked computers system, with each communication, with the making of each given communication including: (a) inserting the new ethertype code and a PID of a process causing the given communication to occur into a data structure, and (b) communicating the data structure between computers of the networked computers system at the selected abstraction layer.Type: ApplicationFiled: December 16, 2020Publication date: June 16, 2022Inventors: Dale Bowie, Sophia Sampath
-
Patent number: 11349841Abstract: A method, system and/or computer usable program product for managing user access to restricted data including authenticating a set of users requesting attendance to a teleconference; obtaining content access rights associated with each of the authenticated users; converting and reviewing content of the teleconference in real-time to identify restricted data in the teleconference content; determining whether each of the authenticated users has content access rights to identified restricted data; upon determining at least one authenticated user does not have content access rights to the identified restricted data, redacting the identified restricted data in real-time from the teleconference content to generate a redacted teleconference content; and providing the teleconference content in real-time to each authenticated user with content access rights to the identified restricted data, and providing the redacted teleconference content in real-time to each authenticated user without content access rights to the iType: GrantFiled: January 1, 2019Date of Patent: May 31, 2022Assignee: International Business Machines CorporationInventors: Dale Bowie, Jasmine Anne Smith
-
Patent number: 11223633Abstract: A technique to identify and distinguish flow sessions begins by capturing a flow record indicating an initiation of a network flow. A unique session identifier associated with the captured flow record is computed by applying a given function over data comprising a set of information (e.g., a tuple) captured in the flow record, together with a time value associated with collection interval having a start time. The given function may be a hash function. The unique session identifier is associated with one or more additional network flows captured during the collection interval, e.g., from another network flow device that computes the same identifier for at least a second flow record captured during the collection interval. In one embodiment, the flow records are captured by distinct data collectors and comprise portions of a same flow session. The distinct data collectors may utilize the same or different flow record types or protocols.Type: GrantFiled: February 21, 2020Date of Patent: January 11, 2022Assignee: International Business Machines CorporationInventors: Holly Wright, Dale Bowie
-
Publication number: 20210336890Abstract: A computer-implemented system and method identifies a network flow direction. The method includes observing, by a network flow monitor, a plurality of data packets as each data packet travels past a connection point. The method further includes identifying, from the plurality of data packets, a flow session, wherein the flow session comprises a source port, a source device, a destination device, a destination port, and a communication protocol. The method also includes, gathering, from the plurality of data packets, directional metadata. The method includes, comparing the source port and the destination port against a list of common destination ports. The method further includes determining, based on the plurality of data packets, a flow direction of the flow session. The method includes storing the flow session in a database.Type: ApplicationFiled: April 27, 2020Publication date: October 28, 2021Inventor: Dale Bowie
-
Publication number: 20210306315Abstract: A processor may receive a packet configured to travel in a network. The packet may be configured to travel from a first device to a second device. The processor may analyze the packet. The processor may detect a password with the packet. The processor may determine whether the detected password complies with at least one password policy. The processor may provide a password policy compliance output to a user. The password policy compliance output may indicate to the user whether the detected password complies with the at least one password policy.Type: ApplicationFiled: March 25, 2020Publication date: September 30, 2021Inventors: Holly Wright, Dale Bowie, Peter Terence Cogill, Hannah Claire Jury
-
Publication number: 20210266333Abstract: A technique to identify and distinguish flow sessions begins by capturing a flow record indicating an initiation of a network flow. A unique session identifier associated with the captured flow record is computed by applying a given function over data comprising a set of information (e.g., a tuple) captured in the flow record, together with a time value associated with collection interval having a start time. The given function may be a hash function. The unique session identifier is associated with one or more additional network flows captured during the collection interval, e.g., from another network flow device that computes the same identifier for at least a second flow record captured during the collection interval. In one embodiment, the flow records are captured by distinct data collectors and comprise portions of a same flow session. The distinct data collectors may utilize the same or different flow record types or protocols.Type: ApplicationFiled: February 21, 2020Publication date: August 26, 2021Applicant: International Business Machines CorporationInventors: Holly Wright, Dale Bowie
-
Publication number: 20200374287Abstract: A method, system, and computer program product for frictionless mutual authentication of unsolicited communications may detect an incoming communication. A verification interface may be displayed on a consumer device. On the consumer device, a first valid verification may be received via the verification interface. In response to receiving the first valid verification, a challenge interface may be presented to an enterprise device. On the enterprise device, a second valid verification may be received via the challenge interface. In response to receiving the second valid verification, a verification credential may be presented to both the consumer device and the enterprise device. A connection for the incoming communication may be established between the consumer device and the enterprise device.Type: ApplicationFiled: May 24, 2019Publication date: November 26, 2020Inventors: Dale Bowie, Jasmine Anne Smith, Jared ROSS PAGE
-
Publication number: 20200213319Abstract: A method, system and/or computer usable program product for managing user access to restricted data including authenticating a set of users requesting attendance to a teleconference; obtaining content access rights associated with each of the authenticated users; converting and reviewing content of the teleconference in real-time to identify restricted data in the teleconference content; determining whether each of the authenticated users has content access rights to identified restricted data; upon determining at least one authenticated user does not have content access rights to the identified restricted data, redacting the identified restricted data in real-time from the teleconference content to generate a redacted teleconference content; and providing the teleconference content in real-time to each authenticated user with content access rights to the identified restricted data, and providing the redacted teleconference content in real-time to each authenticated user without content access rights to the iType: ApplicationFiled: January 1, 2019Publication date: July 2, 2020Inventors: Dale Bowie, Jasmine Anne Smith