Patents by Inventor Dennis Vance Pollutro
Dennis Vance Pollutro has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230208822Abstract: A system/method for secure communication between client devices includes receiving a request, at a secure communication platform, from a from a first client device to communicate with a second client device; determining, by the secure communication platform, whether the first client device is permitted to communicate with the second client device; if communication is permitted: generating, by the secure communication platform, a one-time use ephemeral key; transmitting, by the secure communication platform, the generated one-time use ephemeral key to the first and second client devices; establishing, by the secure communication platform, a secure communication session directly between the first and second client devices, wherein communications between the first and second client devices are encrypted and decrypted using the one-time use ephemeral key; and destroying, by the secure communication platform, the one-time use ephemeral key upon termination of the secure communication session between the first andType: ApplicationFiled: March 6, 2023Publication date: June 29, 2023Inventors: Dennis Vance POLLUTRO, Viji BETTADAPURA, Charles ILLINGWORTH, Saroop MATHUR, John ZAVGREN
-
Patent number: 11621945Abstract: A system/method for secure communication between client devices includes receiving a request, at a secure communication platform, from a from a first client device to communicate with a second client device; determining, by the secure communication platform, whether the first client device is permitted to communicate with the second client device; if communication is permitted: generating, by the secure communication platform, a one-time use ephemeral key; transmitting, by the secure communication platform, the generated one-time use ephemeral key to the first and second client devices; establishing, by the secure communication platform, a secure communication session directly between the first and second client devices, wherein communications between the first and second client devices are encrypted and decrypted using the one-time use ephemeral key; and destroying, by the secure communication platform, the one-time use ephemeral key upon termination of the secure communication session between the first andType: GrantFiled: February 19, 2021Date of Patent: April 4, 2023Assignee: SDSE NETWORKS, INCInventors: Dennis Vance Pollutro, Viji Bettadapura, Charles Illingworth, Saroop Mathur, John Zavgren
-
Publication number: 20210266303Abstract: A system/method for secure communication between client devices includes receiving a request, at a secure communication platform, from a from a first client device to communicate with a second client device; determining, by the secure communication platform, whether the first client device is permitted to communicate with the second client device; if communication is permitted: generating, by the secure communication platform, a one-time use ephemeral key; transmitting, by the secure communication platform, the generated one-time use ephemeral key to the first and second client devices; establishing, by the secure communication platform, a secure communication session directly between the first and second client devices, wherein communications between the first and second client devices are encrypted and decrypted using the one-time use ephemeral key; and destroying, by the secure communication platform, the one-time use ephemeral key upon termination of the secure communication session between the first andType: ApplicationFiled: February 19, 2021Publication date: August 26, 2021Applicant: SDSE Networks LLCInventors: Dennis Vance Pollutro, Viji Bettadapura, Charles Illingworth, Saroop Mathur, John Zavgren
-
Patent number: 9781114Abstract: A method of packet management for restricting access to a resource of a computer system. The method includes identifying client parameters and network parameters, as a packet management information, used to determine access to the resource, negotiating a session key between client and server devices, generating a session ID based on at least the negotiated session key, inserting the packet management information and the session ID into each information packet sent from the client device to the server device, monitoring packet management information in each information packet from the client device, and filtering out respective information packets sent to the server device from the client device when the monitored packet management information indicates that access to the resource is restricted.Type: GrantFiled: December 8, 2014Date of Patent: October 3, 2017Assignee: Citrix Systems, Inc.Inventors: Dennis Vance Pollutro, Kiet Tuan Tran, Srinivas Kumar
-
Publication number: 20150244735Abstract: Instrumented networks and platforms having target subjects (devices, transactions, services, users, organizations) are disclosed. A security orchestration service generates runtime operational integrity profiles representing and identifying a level of threat or contextual trustworthiness, at near real time, of subjects and applications on the instrumented target platform. Systems and methods use a graphical user interface (GUI) console to orchestrate operational integrity of a platform. In an embodiment, a method presents a data center-level runtime operational integrity dashboard and remediation controls for infected systems in a display of a platform having a network trust agent, an endpoint trust agent, and a trust orchestrator. The method receives runtime integrity metrics for trust vectors and displays risk indicators based on the confidence level of received integrity metrics in the GUI.Type: ApplicationFiled: February 16, 2015Publication date: August 27, 2015Applicant: Taasera, Inc.Inventors: Srinivas KUMAR, Dennis Vance Pollutro
-
Publication number: 20150096010Abstract: A method of packet management for restricting access to a resource of a computer system. The method includes identifying client parameters and network parameters, as a packet management information, used to determine access to the resource, negotiating a session key between client and server devices, generating a session ID based on at least the negotiated session key, inserting the packet management information and the session ID into each information packet sent from the client device to the server device, monitoring packet management information in each information packet from the client device, and filtering out respective information packets sent to the server device from the client device when the monitored packet management information indicates that access to the resource is restricted.Type: ApplicationFiled: December 8, 2014Publication date: April 2, 2015Inventors: Dennis Vance Pollutro, Kiet Tuan Tran, Srinivas Kumar
-
Patent number: 8910241Abstract: A method of packet management for restricting access to a resource of a computer system. The method includes identifying client parameters and network parameters, as a packet management information, used to determine access to the resource, negotiating a session key between client and server devices, generating a session ID based on at least the negotiated session key, inserting the packet management information and the session ID into each information packet sent from the client device to the server device, monitoring packet management information in each information packet from the client device, and filtering out respective information packets sent to the server device from the client device when the monitored packet management information indicates that access to the resource is restricted.Type: GrantFiled: June 27, 2008Date of Patent: December 9, 2014Assignee: Citrix Systems, Inc.Inventors: Dennis Vance Pollutro, Kiet Tuan Tran, Srinivas Kumar
-
Patent number: 8234699Abstract: A method of identifying the originator of a message transmitted between a client and a server system is provided. The method includes modifying a message to be transmitted between a client and a server system to include a session identification flag and/or a session identifier 500 (e.g., at an end of the message). The method optionally includes one or more of the steps of re-computing a control portion of the message to reflect the inclusion of the session identification flag and the session identifier 502, transmitting the message between the client and the server system 504, and checking the transmitted message for the session identification flag 506, reading the session identifier of the transmitted message to determine the originator of the message 508, removing the session identification flag and/or the session identifier from the transmitted message 510, and re-computing the control portion of the message to reflect the removal of the session identification flag and/or the session identifier 512.Type: GrantFiled: December 22, 2004Date of Patent: July 31, 2012Assignee: Citrix Systems, Inc.Inventors: Dennis Vance Pollutro, Andrew A. Almquist
-
Patent number: 7644434Abstract: A method of providing access to an authenticated user, and restricting access to an unauthorized user, of a computer system, is provided. The method includes determining whether a user is authenticated to access at least one resource included in the computer system. The method also includes establishing a session and a session identifier such that the user has access to the at least one resource if the user is authenticated to access the at least one resource. The method also includes changing the session identifier each time the user completes an interaction with the computer system during the session.Type: GrantFiled: April 25, 2003Date of Patent: January 5, 2010Assignee: Applied Identity, Inc.Inventors: Dennis Vance Pollutro, Andrew Almquist
-
Publication number: 20090328186Abstract: A method of packet management for restricting access to a resource of a computer system. The method includes identifying client parameters and network parameters, as a packet management information, used to determine access to the resource, negotiating a session key between client and server devices, generating a session ID based on at least the negotiated session key, inserting the packet management information and the session ID into each information packet sent from the client device to the server device, monitoring packet management information in each information packet from the client device, and filtering out respective information packets sent to the server device from the client device when the monitored packet management information indicates that access to the resource is restricted.Type: ApplicationFiled: June 27, 2008Publication date: December 31, 2009Inventors: Dennis Vance Pollutro, Kiet Tuan Tran, Srinivas Kumar
-
Publication number: 20040006710Abstract: A method of providing access to an authenticated user, and restricting access to an unauthorized user, of a computer system, is provided. The method includes determining whether a user is authenticated to access at least one resource included in the computer system. The method also includes establishing a session and a session identifier such that the user has access to the at least one resource if the user is authenticated to access the at least one resource. The method also includes changing the session identifier each time the user completes an interaction with the computer system during the session.Type: ApplicationFiled: April 25, 2003Publication date: January 8, 2004Inventors: Dennis Vance Pollutro, Andrew Almquist