Patents by Inventor Elisha Ben-Zvi
Elisha Ben-Zvi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240121085Abstract: This document describes techniques for rotating keys used to tokenize data stored in a streaming data store where data is stored for a maximum time [W]. In some embodiments, a data layer of such a data store can encrypt arriving original data values twice. The original data value is first encrypted with a first key, producing a first token. The original data value is encrypted with a second key, producing a second token. Each encrypted token can be stored separately in the data store. A field may be associated with two database columns, one holding the value encrypted with the first key and the second holding the value encrypted with the second key. Keys are rotated after time [K], which is at least equal to and preferably longer than [W]. Rotation can involve discarding the older key and generating a new key so that two keys are still used.Type: ApplicationFiled: October 20, 2023Publication date: April 11, 2024Applicant: Akamai Technologies, Inc.Inventors: Eugene (John) Neystadt, Jonathan Herzog, Ittay Dror, Elisha Ben-Zvi
-
Patent number: 11849036Abstract: This document describes techniques for rotating keys used to tokenize data stored in a streaming data store where data is stored for a maximum time [W]. In some embodiments, a data layer of such a data store can encrypt arriving original data values twice. The original data value is first encrypted with a first key, producing a first token. The original data value is encrypted with a second key, producing a second token. Each encrypted token can be stored separately in the data store. A field may be associated with two database columns, one holding the value encrypted with the first key and the second holding the value encrypted with the second key. Keys are rotated after time [K], which is at least equal to and preferably longer than [W]. Rotation can involve discarding the older key and generating a new key so that two keys are still used.Type: GrantFiled: June 23, 2022Date of Patent: December 19, 2023Assignee: Akamai Technologies, Inc.Inventors: Eugene (John) Neystadt, Jonathan Herzog, Ittay Dror, Elisha Ben-Zvi
-
Patent number: 11831609Abstract: This document describes among other things, network security systems that incorporate a feedback loop so as to automatically and dynamically adjust the scope of network traffic that is subject to inspection. Risky traffic can be sent for inspection; risky traffic that is demonstrated to have high rate of threats can be outright blocked without further inspection; traffic that is causing errors due to protocol incompatibility or should not be inspected for regulatory or other reasons can be flagged so it bypasses the security inspection system. The system can operate on a domain by domain basis, IP address basis, or otherwise.Type: GrantFiled: April 18, 2022Date of Patent: November 28, 2023Assignee: Akamai Technologies, Inc.Inventors: Eugene (“John”) Neystadt, Eyal Heiman, Elisha Ben-Zvi, Asaf Nadler
-
Patent number: 11799645Abstract: This document describes techniques for rotating keys used to tokenize data stored in a streaming data store where data is stored for a maximum time [W]. In some embodiments, a data layer of such a data store can encrypt arriving original data values twice. The original data value is first encrypted with a first key, producing a first token. The original data value is encrypted with a second key, producing a second token. Each encrypted token can be stored separately in the data store. A field may be associated with two database columns, one holding the value encrypted with the first key and the second holding the value encrypted with the second key. Keys are rotated after time [K], which is at least equal to and preferably longer than [W]. Rotation can involve discarding the older key and generating a new key so that two keys are still used.Type: GrantFiled: June 23, 2022Date of Patent: October 24, 2023Assignee: Akamai Technologies, Inc.Inventors: Eugene (John) Neystadt, Jonathan Herzog, Ittay Dror, Elisha Ben-Zvi
-
Publication number: 20230108907Abstract: This document describes techniques for rotating keys used to tokenize data stored in a streaming data store where data is stored for a maximum time [W]. In some embodiments, a data layer of such a data store can encrypt arriving original data values twice. The original data value is first encrypted with a first key, producing a first token. The original data value is encrypted with a second key, producing a second token. Each encrypted token can be stored separately in the data store. A field may be associated with two database columns, one holding the value encrypted with the first key and the second holding the value encrypted with the second key. Keys are rotated after time [K], which is at least equal to and preferably longer than [W]. Rotation can involve discarding the older key and generating a new key so that two keys are still used.Type: ApplicationFiled: June 23, 2022Publication date: April 6, 2023Applicant: Akamai Technologies Inc.Inventors: Eugene (John) Neystadt, Jonathan Herzog, Ittay Dror, Elisha Ben-Zvi
-
Publication number: 20220385633Abstract: This document describes among other things, network security systems that incorporate a feedback loop so as to automatically and dynamically adjust the scope of network traffic that is subject to inspection. Risky traffic can be sent for inspection; risky traffic that is demonstrated to have high rate of threats can be outright blocked without further inspection; traffic that is causing errors due to protocol incompatibility or should not be inspected for regulatory or other reasons can be flagged so it bypasses the security inspection system. The system can operate on a domain by domain basis, IP address basis, or otherwise.Type: ApplicationFiled: April 18, 2022Publication date: December 1, 2022Applicant: Akamai Technologies, Inc.Inventors: Eugene ("John") Neystadt, Eyal Heiman, Elisha Ben-Zvi, Asaf Nadler
-
Patent number: 11381393Abstract: This document describes techniques for rotating keys used to tokenize data stored in a streaming data store where data is stored for a maximum time [W]. In some embodiments, a data layer of such a data store can encrypt arriving original data values twice. The original data value is first encrypted with a first key, producing a first token. The original data value is encrypted with a second key, producing a second token. Each encrypted token can be stored separately in the data store. A field may be associated with two database columns, one holding the value encrypted with the first key and the second holding the value encrypted with the second key. Keys are rotated after time [K], which is at least equal to and preferably longer than [W]. Rotation can involve discarding the older key and generating a new key so that two keys are still used.Type: GrantFiled: September 24, 2019Date of Patent: July 5, 2022Assignee: Akamai Technologies Inc.Inventors: Eugene (John) Neystadt, Jonathan Herzog, Ittay Dror, Elisha Ben-Zvi
-
Patent number: 11310201Abstract: This document describes among other things, network security systems that incorporate a feedback loop so as to automatically and dynamically adjust the scope of network traffic that is subject to inspection. Risky traffic can be sent for inspection; risky traffic that is demonstrated to have high rate of threats can be outright blocked without further inspection; traffic that is causing errors due to protocol incompatibility or should not be inspected for regulatory or other reasons can be flagged so it bypasses the security inspection system. The system can operate on a domain by domain basis, IP address basis, or otherwise.Type: GrantFiled: October 23, 2018Date of Patent: April 19, 2022Assignee: Akamai Technologies, Inc.Inventors: Eugene (“John”) Neystadt, Eyal Heiman, Elisha Ben-Zvi, Asaf Nadler
-
Patent number: 11245667Abstract: It is known in the art to route client traffic to a network security gateway using the domain name system, or DNS. More specifically, a local DNS resolver on a private network may apply security intelligence to client DNS lookup requests, based on the domains that clients are seeking to resolve. If a requested domain represents a known security threat, the client can be blocked or directed to the network security gateway instead of to the desired host. This routing of the client request to the network security gateway can be accomplished by giving the client the IP address of the network security gateway instead of the actual IP address corresponding to the domain name, in response to a given DNS name query from the client. Request routing can be accomplished using other techniques, such as IP layer routing, as well.Type: GrantFiled: October 23, 2018Date of Patent: February 8, 2022Assignee: Akamai Technologies, Inc.Inventors: Eugene (John) Neystadt, Eyal Heiman, Elisha Ben-Zvi, Robert D. Blumofe
-
Publication number: 20210091940Abstract: This document describes techniques for rotating keys used to tokenize data stored in a streaming data store where data is stored for a maximum time [W]. In some embodiments, a data layer of such a data store can encrypt arriving original data values twice. The original data value is first encrypted with a first key, producing a first token. The original data value is encrypted with a second key, producing a second token. Each encrypted token can be stored separately in the data store. A field may be associated with two database columns, one holding the value encrypted with the first key and the second holding the value encrypted with the second key. Keys are rotated after time [K], which is at least equal to and preferably longer than [W]. Rotation can involve discarding the older key and generating a new key so that two keys are still used.Type: ApplicationFiled: September 24, 2019Publication date: March 25, 2021Applicant: Akamai Technologies Inc.Inventors: Eugene (John) Neystadt, Jonathan Herzog, Ittay Dror, Elisha Ben-Zvi
-
Publication number: 20200127976Abstract: This document describes among other things, network security systems that incorporate a feedback loop so as to automatically and dynamically adjust the scope of network traffic that is subject to inspection. Risky traffic can be sent for inspection; risky traffic that is demonstrated to have high rate of threats can be outright blocked without further inspection; traffic that is causing errors due to protocol incompatibility or should not be inspected for regulatory or other reasons can be flagged so it bypasses the security inspection system. The system can operate on a domain by domain basis, IP address basis, or otherwise.Type: ApplicationFiled: October 23, 2018Publication date: April 23, 2020Applicant: Akamai Technologies, Inc.Inventors: Eugene ("John") Neystadt, Eyal Heiman, Elisha Ben-Zvi, Asaf Nadler
-
Publication number: 20200128038Abstract: This document describes among other things, network security systems that incorporate a feedback loop so as to automatically and dynamically adjust the scope of network traffic that is subject to inspection. Risky traffic can be sent for inspection; risky traffic that is demonstrated to have high rate of threats can be outright blocked without further inspection; traffic that is causing errors due to protocol incompatibility or should not be inspected for regulatory or other reasons can be flagged so it bypasses the security inspection system. The system can operate on a domain by domain basis, IP address basis, or otherwise.Type: ApplicationFiled: October 23, 2018Publication date: April 23, 2020Applicant: Akamai Technologies, Inc.Inventors: Eugene ("John") Neystadt, Eyal Heiman, Elisha Ben-Zvi, Robert D. Blumofe
-
Patent number: 8745583Abstract: Methods, systems, and software for managing development components or other enterprise content—whether developed internally or by third parties—are described herein. One method for managing reusable development components includes identifying a first development component of a first type. This first development component is stored in a repository, with the repository including a plurality of other development components with at least a second development component of a second type. The method then includes presenting an interface to a user operable to display information for at least the first and second development components.Type: GrantFiled: March 31, 2006Date of Patent: June 3, 2014Assignee: SAP AGInventors: Benzi Ronen, Aharon Avitzur, Gilat Fisch, Yariv Zur, Barak Naveh, Elisha Ben-Zvi
-
Patent number: 8423954Abstract: Methods, systems, and software for providing or utilizing a software solutions bag of development components and enterprise knowledge—whether developed internally or by third parties—are described herein. One method for managing reusable development components comprises providing a catalog of a plurality of development components to a user. The cataloged development components may include or reference at least a first development component of a first type and a second development component of a second type. A software solutions bag is then generated based on a user selection of at least one of the cataloged development components.Type: GrantFiled: March 31, 2006Date of Patent: April 16, 2013Assignee: SAP AGInventors: Benzi Ronen, Aharon Avitzur, Gilat Fisch, Yariv Zur, Barak Naveh, Elisha Ben-Zvi
-
Patent number: 8321430Abstract: A method and apparatus for handling a data structure in a computerized system, the data structure comprising a first object having content and a second object having content, and interdependencies between the first object and the second object, the method comprising: receiving a description of the data structure; creating a graph structure indicating the interdependencies between the objects, the graph structure comprising at least a first vertex and a second vertex, the first vertex and the second vertex connected by an edge; and associating the first vertex with content of the first object and the second vertex with content of the second object, wherein the first vertex and the second vertex do not contain the content of the first object or the second object. In some embodiments, an application executed by computing platforms in a cluster comprising symmetrical nodes, statically registers relevant filters with every node in the cluster, and registers to the filter upon loading.Type: GrantFiled: May 4, 2009Date of Patent: November 27, 2012Assignee: SAP Portals Israel Ltd.Inventors: Elisha Ben Zvi, Robert Krien, Zohar Sheinberg, Vitaly Vainer
-
Patent number: 8175936Abstract: Methods, systems, and software for identifying reusable development components or other enterprise knowledge—whether developed internally or by third parties—are described herein. One method for identifying reusable development components includes receiving a request for development components according to search criteria. A catalog with at least a first development component of a first type and a second development component of a second type is then provided to a user on any suitable client.Type: GrantFiled: March 31, 2006Date of Patent: May 8, 2012Assignee: SAP AGInventors: Benzi Ronen, Aharon Avitzur, Gilat Fisch, Yariv Zur, Barak Naveh, Elisha Ben-Zvi
-
Patent number: 7984417Abstract: According to some embodiments, meta-model information associated with an enterprise portal is defined. The meta-model information may then be consumed (e.g., by a design tool) when not in communication with an executing enterprise portal server. According to some embodiments, the meta-model information includes UML class diagram definitions associated with the enterprise portal.Type: GrantFiled: June 29, 2007Date of Patent: July 19, 2011Assignee: SAP Portals Israel Ltd.Inventors: Elisha Ben-Zvi, Nimrod Barak, Robert Krien, Marina Razumovsky
-
Publication number: 20100281071Abstract: A method and apparatus for handling a data structure in a computerized system, the data structure comprising a first object having content and a second object having content, and interdependencies between the first object and the second object, the method comprising: receiving a description of the data structure; creating a graph structure indicating the interdependencies between the objects, the graph structure comprising at least a first vertex and a second vertex, the first vertex and the second vertex connected by an edge; and associating the first vertex with content of the first object and the second vertex with content of the second object, wherein the first vertex and the second vertex do not contain the content of the first object or the second object. In some embodiments, an application executed by computing platforms in a cluster comprising symmetrical nodes, statically registers relevant filters with every node in the cluster, and registers to the filter upon loading.Type: ApplicationFiled: May 4, 2009Publication date: November 4, 2010Inventors: Elisha BEN-ZVI, Robert Krien, Zohar Sheinberg, Vitaly Vainer
-
Publication number: 20090007061Abstract: According to some embodiments, meta-model information associated with an enterprise portal is defined. The meta-model information may then be consumed (e.g., by a design tool) when not in communication with an executing enterprise portal server. According to some embodiments, the meta-model information includes UML class diagram definitions associated with the enterprise portal.Type: ApplicationFiled: June 29, 2007Publication date: January 1, 2009Inventors: Elisha Ben-Zvi, Nimrod Barak, Robert Krien, Marina Razumovsky
-
Publication number: 20070250405Abstract: Methods, systems, and software for identifying reusable development components or other enterprise knowledge—whether developed internally or by third parties—are described herein. One method for identifying reusable development components includes receiving a request for development components according to search criteria. A catalog with at least a first development component of a first type and a second development component of a second type is then provided to a user on any suitable client.Type: ApplicationFiled: March 31, 2006Publication date: October 25, 2007Inventors: Benzi Ronen, Aharon Avitzur, Gilat Fisch, Yariv Zur, Barak Naveh, Elisha Ben-Zvi