Patents by Inventor Dmitri V. Pal
Dmitri V. Pal has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9954844Abstract: A method including determining, by a processing device, whether a computer system is able to access an authentication server, in response to determining that the computer system is able to access the authentication server, requesting a first set of credentials, authenticating the first set of credentials, assigning a user a first role for performing operations on the computer system in view of the first set of credentials, and in response to determining that the computer system is unable to access the authentication server, requesting a second set of credentials different from the first set of credentials, authenticating one or more credentials provided by the user, and assigning the user a second role for performing operations on the computer system in view of the one or more credentials, wherein the first role specifies a first type of access to at least one object on the computer system, and the second role specifies a second type of access to the at least one object, wherein the first type of access is diType: GrantFiled: January 28, 2015Date of Patent: April 24, 2018Assignee: Red Hat, Inc.Inventor: Dmitri V. Pal
-
Patent number: 9769179Abstract: A user credential comprising a user password and a one-time password (OTP) may be provided to access a computing system. The user password is authenticated and the network connection status of the computing system is determined. If the computing system is offline, the user password and the OTP are stored in memory and the user is granted a first level of access to the computing system. Upon detecting that the network connection status of the computing system has changed to online, the user password and the OTP are provided to an authentication server for authentication. If the authentication of the user password and the OTP is successful, the user is granted a second level of access to the computing system, the second level of access being higher than the first level of access.Type: GrantFiled: May 16, 2016Date of Patent: September 19, 2017Assignee: Red Hat, Inc.Inventors: Dmitri V. Pal, Stephen J. Gallagher
-
Publication number: 20160261604Abstract: A user credential comprising a user password and a one-time password (OTP) may be provided to access a computing system. The user password is authenticated and the network connection status of the computing system is determined. If the computing system is offline, the user password and the OTP are stored in memory and the user is granted a first level of access to the computing system. Upon detecting that the network connection status of the computing system has changed to online, the user password and the OTP are provided to an authentication server for authentication. If the authentication of the user password and the OTP is successful, the user is granted a second level of access to the computing system, the second level of access being higher than the first level of access.Type: ApplicationFiled: May 16, 2016Publication date: September 8, 2016Inventors: Dmitri V. Pal, Stephen J. Gallagher
-
Patent number: 9367678Abstract: A user credential comprising a user password and a one-time password (OTP) may be provided to access a computing system. The user password is authenticated and the network connection status of the computing system is determined. If the computing system is offline, the user password and the OTP are stored in memory and the user is granted a first level of access to the computing system. Upon detecting that the network connection status of the computing system has changed to online, the user password and the OTP are provided to an authentication server for authentication. If the authentication of the user password and the OTP is successful, the user is granted a second level of access to the computing system, the second level of access being higher than the first level of access.Type: GrantFiled: February 29, 2012Date of Patent: June 14, 2016Assignee: Red Hat, Inc.Inventors: Dmitri V. Pal, Stephen J. Gallagher
-
Patent number: 9342679Abstract: A user credential comprising a user password and a one-time password (OTP) may be provided to access a computing system. The user password is authenticated and the network connection status of the computing system is determined. If the computing system is offline, the user password and the OTP are stored in memory and the user is granted a first level of access to the computing system. Upon detecting that the network connection status of the computing system has changed to online, the user password and the OTP are provided to an authentication server for authentication. If the authentication of the user password and the OTP is successful, the user is granted a second level of access to the computing system, the second level of access being higher than the first level of access.Type: GrantFiled: February 29, 2012Date of Patent: May 17, 2016Assignee: Red Hat, Inc.Inventors: Dmitri V. Pal, Stephen J. Gallagher
-
Publication number: 20150143498Abstract: A method including determining, by a processing device, whether a computer system is able to access an authentication server, in response to determining that the computer system is able to access the authentication server, requesting a first set of credentials, authenticating the first set of credentials, assigning a user a first role for performing operations on the computer system in view of the first set of credentials, and in response to determining that the computer system is unable to access the authentication server, requesting a second set of credentials different from the first set of credentials, authenticating one or more credentials provided by the user, and assigning the user a second role for performing operations on the computer system in view of the one or more credentials, wherein the first role specifies a first type of access to at least one object on the computer system, and the second role specifies a second type of access to the at least one object, wherein the first type of access is diType: ApplicationFiled: January 28, 2015Publication date: May 21, 2015Inventor: Dmitri V. Pal
-
Patent number: 9015790Abstract: A method and apparatus for integrating Sudo rules into a Lightweight Directory Access Protocol (LDAP) repository. An LDAP directory server receives a request to add a sudo rule to the LDAP repository. The sudo rule defines at least one sudo command and one or more entities associated with the execution of the sudo command. The LDAP directory server creates an LDAP entry for the sudo rule, and links in the LDAP entry of the sudo rule an LDAP entry of the sudo command and LDAP entries of the entities associated with the execution of the sudo command.Type: GrantFiled: July 20, 2011Date of Patent: April 21, 2015Assignee: Red Hat, Inc.Inventors: Dmitri V. Pal, Sumit Bose
-
Patent number: 8997116Abstract: An event logging interface on a computer system is used to record an event when an application hosted by the computer system encounters the event. The event logging interface receives data pertaining to an event from the application. Using the event logging interface, the computer system determines a logical target of the event, and determines one or more physical destinations referenced by the logical target. The data is then dispatched to one of the physical destinations.Type: GrantFiled: November 12, 2009Date of Patent: March 31, 2015Assignee: Red Hat, Inc.Inventors: Dmitri V. Pal, Stephen J. Gallagher, John R. Dennis
-
Patent number: 8955086Abstract: A computer system determines whether the computer system is able to access an authentication server. If the computer system is able to access the authentication server, the computer system requesting a first set of credentials from a user. If the first set of credentials is valid, the computer system assigns the user a first role for performing operations on the computer system based on the first set of credentials. If the computer system is unable to access the authentication server, the computer system requests another set of credentials from the user. If the other set of credentials is valid, the computer system assigns the user another role for performing operations on the computer system based on the other set of credentials.Type: GrantFiled: March 16, 2012Date of Patent: February 10, 2015Assignee: Red Hat, Inc.Inventor: Dmitri V. Pal
-
Patent number: 8863257Abstract: Securely connecting a virtual machine in a public cloud to corporate resources. A cloud computing system is coupled to an enterprise computing system via a network. The enterprise computing system includes a management server, an authentication server and a virtual private network (VPN) server. A cloud engine runs on the management server. The cloud engine starts an exchange with the authentication server that leads to a state in which both parties know a one-time password (OTP) and an identifier (ID) of a virtual machine (VM) hosted by the cloud computing system. The cloud engine sends the OTP and the ID to the VM. The VPN server then receives credentials from the VM. If the credentials are successfully authenticated against the OTP and the ID, a secure connection is established between the enterprise computing system and the VM.Type: GrantFiled: March 10, 2011Date of Patent: October 14, 2014Assignee: Red Hat, Inc.Inventor: Dmitri V. Pal
-
Publication number: 20130247165Abstract: A computer system determines whether the computer system is able to access an authentication server. If the computer system is able to access the authentication server, the computer system requesting a first set of credentials from a user. If the first set of credentials is valid, the computer system assigns the user a first role for performing operations on the computer system based on the first set of credentials. If the computer system is unable to access the authentication server, the computer system requests another set of credentials from the user. If the other set of credentials is valid, the computer system assigns the user another role for performing operations on the computer system based on the other set of credentials.Type: ApplicationFiled: March 16, 2012Publication date: September 19, 2013Applicant: RED HAT, INC.Inventor: Dmitri V. Pal
-
Publication number: 20130227677Abstract: A user credential comprising a user password and a one-time password (OTP) may be provided to access a computing system. The user password is authenticated and the network connection status of the computing system is determined. If the computing system is offline, the user password and the OTP are stored in memory and the user is granted a first level of access to the computing system. Upon detecting that the network connection status of the computing system has changed to online, the user password and the OTP are provided to an authentication server for authentication. If the authentication of the user password and the OTP is successful, the user is granted a second level of access to the computing system, the second level of access being higher than the first level of access.Type: ApplicationFiled: February 29, 2012Publication date: August 29, 2013Applicant: RED HAT, INC.Inventors: Dmitri V. Pal, Stephen J. Gallagher
-
Publication number: 20130024907Abstract: A method and apparatus for integrating Sudo rules into a Lightweight Directory Access Protocol (LDAP) repository. An LDAP directory server receives a request to add a sudo rule to the LDAP repository. The sudo rule defines at least one sudo command and one or more entities associated with the execution of the sudo command. The LDAP directory server creates an LDAP entry for the sudo rule, and links in the LDAP entry of the sudo rule an LDAP entry of the sudo command and LDAP entries of the entities associated with the execution of the sudo command.Type: ApplicationFiled: July 20, 2011Publication date: January 24, 2013Inventors: Dmitri V. Pal, Sumit Bose
-
Publication number: 20120233678Abstract: A method and system for securely and automatically connecting a virtual machine in a public cloud to corporate resources. A cloud computing system is coupled to an enterprise computing system via a network. The enterprise computing system includes a management server, an authentication server and a virtual private network (VPN) server. A cloud engine runs on the management server. The cloud engine starts an exchange with the authentication server that leads to a state in which both parties know a one-time password (OTP) and an identifier (ID) of a virtual machine (VM) hosted by the cloud computing system. The cloud engine sends the OTP and the ID to the VM. The VPN server then receives credentials from the VM. If the credentials are successfully authenticated against the OTP and the ID, a secure connection is established between the enterprise computing system and the VM.Type: ApplicationFiled: March 10, 2011Publication date: September 13, 2012Applicant: Red Hat, Inc.Inventor: Dmitri V. Pal
-
Publication number: 20110113436Abstract: An event logging interface on a computer system is used to record an event when an application hosted by the computer system encounters the event. The event logging interface receives data pertaining to an event from the application. Using the event logging interface, the computer system determines a logical target of the event, and determines one or more physical destinations referenced by the logical target. The data is then dispatched to one of the physical destinations.Type: ApplicationFiled: November 12, 2009Publication date: May 12, 2011Applicant: Red Hat, Inc.Inventors: Dmitri V. Pal, Stephen J. Gallagher, John R. Dennis