Patents by Inventor David Walsh Palmieri

David Walsh Palmieri has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9942261
    Abstract: An identity and access management (IAM) system is associated with a set of data sources from which data is collected. A set of vulnerabilities that the IAM system should attempt to detect is identified. For each vulnerability to be detected, a prioritized list of strategies used to detect that vulnerability is generated. Preferably, each strategy specifies the type(s) of data required to detect that vulnerability. An algorithm to determine a best strategy to be used for detecting each vulnerability, preferably based on the data available from the data sources, is then identified. The IAM system then collects data in an optimized manner. In particular, during the collection process, the IAM system preferably collects only what is necessary based on the configuration, even if the data source is capable of providing additional data. The collected data is then processed to detect security vulnerabilities associated with the IAM accounts.
    Type: Grant
    Filed: March 21, 2017
    Date of Patent: April 10, 2018
    Assignee: International Business Machines Corporation
    Inventors: John Leslie Harter, David Walsh Palmieri, Jeffrey Tobias Robke
  • Publication number: 20170195360
    Abstract: An identity and access management (IAM) system is associated with a set of data sources from which data is collected. A set of vulnerabilities that the IAM system should attempt to detect is identified. For each vulnerability to be detected, a prioritized list of strategies used to detect that vulnerability is generated. Preferably, each strategy specifies the type(s) of data required to detect that vulnerability. An algorithm to determine a best strategy to be used for detecting each vulnerability, preferably based on the data available from the data sources, is then identified. The IAM system then collects data in an optimized manner. In particular, during the collection process, the IAM system preferably collects only what is necessary based on the configuration, even if the data source is capable of providing additional data. The collected data is then processed to detect security vulnerabilities associated with the IAM accounts.
    Type: Application
    Filed: March 21, 2017
    Publication date: July 6, 2017
    Inventors: John Leslie Harter, David Walsh Palmieri, Jeffrey Tobias Robke
  • Publication number: 20170091658
    Abstract: An identity and access management IAM system is augmented to provide for supervised, iterative machine learning (ML), preferably with a user-generated training set for classification. The training set may include various types of data, including characteristics or attributes of the account types, the users, or the like. A goal of the initial ML training, which may include one or multiple passes, is to enable the machine to identify specific characteristics or attributes that provide a good classification result, with the resulting classifications then applied within the IAM system. In particular, the output of the ML system may be used by the IAM system for enforcing rights associated with the identified accounts, managing accounts, and so forth.
    Type: Application
    Filed: September 29, 2015
    Publication date: March 30, 2017
    Inventors: Brian Robert Matthiesen, Gee Ngoo Chia, John Leslie Harter, David Walsh Palmieri
  • Patent number: 9600666
    Abstract: An identity and access management (IAM) system is associated with a set of data sources from which data is collected. A set of vulnerabilities that the IAM system should attempt to detect is identified. For each vulnerability to be detected, a prioritized list of strategies used to detect that vulnerability is generated. Preferably, each strategy specifies the type(s) of data required to detect that vulnerability. An algorithm to determine a best strategy to be used for detecting each vulnerability, preferably based on the data available from the data sources, is then identified. The IAM system then collects data in an optimized manner. In particular, during the collection process, the IAM system preferably collects only what is necessary based on the configuration, even if the data source is capable of providing additional data. The collected data is then processed to detect security vulnerabilities associated with the IAM accounts.
    Type: Grant
    Filed: December 3, 2015
    Date of Patent: March 21, 2017
    Assignee: International Business Machines Corporation
    Inventors: John Leslie Harter, David Walsh Palmieri, Jeffrey Tobias Robke
  • Patent number: 9591016
    Abstract: A method for assessing security risks associated with a cloud application to which one or more connected applications are coupled begins by configuring a security risk assessment application to function as a connected application. The security risk assessment application collects “first” data associated with one or more accounts, and “second” data associated with the one or more connected applications coupled to the cloud application. After receiving the first and second data, the security risk assessment application instantiates that data into a generic “data object” that the system uses to represent each account and each of the connected applications. Each such data object thus is populated either with the first data or the second data, depending on whether the data object represents an account or a connected application. A risk assessment is then applied to the generic data object to assess a security risk associated with the cloud application.
    Type: Grant
    Filed: November 20, 2015
    Date of Patent: March 7, 2017
    Assignee: International Business Machines Corporation
    Inventors: David Walsh Palmieri, Gee Ngoo Chia, Jeffrey Tobias Robke
  • Publication number: 20120110434
    Abstract: A method, system, and computer usable program product for automated document governance in a data processing environment are provided in the illustrative embodiments. A set of structured documents is received at an application executing in a computer in the data processing environment. A structure is recognized, parts of which structure are present in the documents in the set. A set of similarities in the documents in the set is summarized according to the recognized structure. A summarized information from the summarizing is presented such that a document governance action can be performed on a subset of the set of documents using the summarized information.
    Type: Application
    Filed: October 29, 2010
    Publication date: May 3, 2012
    Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Ramakrishna Janardhana Gorthi, Oriana Jeannette Love, David Walsh Palmieri, Jeffrey Tobias Robke
  • Patent number: 6249800
    Abstract: Apparatus and accompanying methods for use preferably in a multi-system shared data (sysplex) environment (100), wherein each system (110) provides one or more servers (115), for dynamically and adaptively assigning and balancing new work and for new session requests, among the servers in the sysplex, in view of attendant user-defined business importance of these requests and available sysplex resource capacity so as to meet overall business goals. Specifically, systems and servers are categorized into two classes: eligible, i.e., goal-oriented servers running under a policy and for which capacity information is currently available, and candidate, i.e., servers which lack capacity information.
    Type: Grant
    Filed: June 7, 1995
    Date of Patent: June 19, 2001
    Assignee: International Business Machines Corporartion
    Inventors: Jeffrey David Aman, David Bruce Emmes, David Walsh Palmieri