Patents by Inventor Etai Lev Ran
Etai Lev Ran has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20190347406Abstract: In an example computer-implemented method, a trusted root certificate for an application running in a container is dynamically generated. The generated trusted root certificate is injected at runtime. The generated certificate is dynamically added to a list of trusted root certificates. A proxy associated with the application instance is authenticated based on the generated root trust certificate.Type: ApplicationFiled: May 9, 2018Publication date: November 14, 2019Inventor: Etai Lev-Ran
-
Patent number: 10425475Abstract: In some examples, a system for managing distributed data can include a processor to detect an update notification from a client device to update a managing server, the update notification indicating that a remote server node is unavailable. The processor can also generate a comparison value by comparing a first time stamp to a second time stamp, wherein the first time stamp corresponds to a time at which the system receives the update notification from the client device and the second time stamp corresponds to a time the remote server node transmits a set of renewal data. Furthermore, the processor can determine that the comparison value indicates the remote server node is unavailable and remove the remote server node from the managing server.Type: GrantFiled: February 27, 2017Date of Patent: September 24, 2019Assignee: International Business Machines CorporationInventors: Zvi Cahana, Etai Lev-Ran, Idan Zach
-
Patent number: 10379880Abstract: Embodiments of the present invention may provide techniques by which missed interactions with display advertising may be reduced or recovered. For example, in an embodiment of the present invention, a computer-implemented method for processing computer input may comprise displaying on a display screen at least one background application and a foreground item frame, removing display of the foreground item frame, and after removing display of the foreground item frame, detecting user input in the location where the foreground item frame was displayed.Type: GrantFiled: September 25, 2016Date of Patent: August 13, 2019Assignee: International Business Machines CorporationInventors: Itzhack Goldberg, Etai Lev-Ran, Idan Zach
-
Patent number: 10360410Abstract: An example system includes a plurality of containers associated with a plurality of tenants. The plurality of containers are to execute code in isolation for the associated plurality of tenants. The system also include a container daemon communicatively coupled to the plurality of containers via an internal proxy. The container daemon is to provide a service to the plurality of containers. The internal proxy is to receive a daemon access policy. The internal proxy is to further intercept a daemon command from a container. The internal proxy is to detect that the container is allowed access to the container daemon based on the daemon access policy. The internal proxy is to also generate a modified daemon command and forward the modified daemon command to the container daemon.Type: GrantFiled: November 14, 2016Date of Patent: July 23, 2019Assignee: International Business Machines CorporationInventors: Zvi Cahana, Etai Lev-Ran, Idan Zach
-
Publication number: 20180248940Abstract: In some examples, a system for managing distributed data can include a processor to detect an update notification from a client device to update a managing server, the update notification indicating that a remote server node is unavailable. The processor can also generate a comparison value by comparing a first time stamp to a second time stamp, wherein the first time stamp corresponds to a time at which the system receives the update notification from the client device and the second time stamp corresponds to a time the remote server node transmits a set of renewal data. Furthermore, the processor can determine that the comparison value indicates the remote server node is unavailable and remove the remote server node from the managing server.Type: ApplicationFiled: February 27, 2017Publication date: August 30, 2018Inventors: Zvi Cahana, Etai Lev-Ran, Idan Zach
-
Publication number: 20180137296Abstract: An example system includes a plurality of containers associated with a plurality of tenants. The plurality of containers are to execute code in isolation for the associated plurality of tenants. The system also include a container daemon communicatively coupled to the plurality of containers via an internal proxy. The container daemon is to provide a service to the plurality of containers. The internal proxy is to receive a daemon access policy. The internal proxy is to further intercept a daemon command from a container. The internal proxy is to detect that the container is allowed access to the container daemon based on the daemon access policy. The internal proxy is to also generate a modified daemon command and forward the modified daemon command to the container daemon.Type: ApplicationFiled: November 14, 2016Publication date: May 17, 2018Inventors: Zvi Cahana, Etai Lev-Ran, Idan Zach
-
Publication number: 20180137174Abstract: An example system and method includes a processor to receive an image ID corresponding to a container image of a container to be run. The processor is to also send the image ID to a registry. The processor is also to receive an image metadata corresponding to the image ID from the registry. The processor is to store the image metadata on a local file system. The processor is to generate a container comprising an application. The processor is to execute the application using the image metadata.Type: ApplicationFiled: November 14, 2016Publication date: May 17, 2018Inventors: Zvi Cahana, Etai Lev-Ran, Idan Zach
-
Publication number: 20180088759Abstract: Embodiments of the present invention may provide techniques by which missed interactions with display advertising may be reduced or recovered. For example, in an embodiment of the present invention, a computer-implemented method for processing computer input may comprise displaying on a display screen at least one background application and a foreground item frame, removing display of the foreground item frame, and after removing display of the foreground item frame, detecting user input in the location where the foreground item frame was displayed.Type: ApplicationFiled: September 25, 2016Publication date: March 29, 2018Inventors: Itzhack Goldberg, Etai Lev-Ran, Idan Zach
-
Patent number: 9547726Abstract: A method for enabling access to a data resource, which is held on a file server (25) on a first local area network (LAN) (21a), by a client (28) on a second LAN (21b). A proxy receiver (48) on the second LAN (21b) intercepts a request for the data resource submitted by the client (28) and transmits a message via a wide area network (WAN) (29) to a proxy transmitter (52) on the first LAN (21a), requesting the data resource. The proxy transmitter (52) retrieves a replica of the data resource from the file server (25) and conveys the replica of the data resource over the WAN (29) to the proxy receiver (48), which serves the replica of the data resource from the proxy receiver (48) to the client (28) over the second LAN (21b).Type: GrantFiled: March 15, 2010Date of Patent: January 17, 2017Assignee: Cisco Technology, Inc.Inventors: Etai Lev Ran, Shahar Glixman, Israel Ben Shaul, Vita Bortnikov, Daniel Kaminsky, Danit Ben Kiki, Idan Zach, Israel Cidon
-
Patent number: 9154557Abstract: One embodiment comprises an apparatus for automatic proxy registration and discovery in a multi-proxy communication system. The apparatus executes a proxy server that is configured to provide optimized connections to remote proxy servers that are communicatively connected to the proxy server over a Wide Area Network (WAN). A file server, which is communicatively connected to the proxy server over a Local Area Network (LAN), is automatically discovered. An association record corresponding to the file server is created, where the association record identifies the file server and the proxy server and indicates that the proxy server is configured to provide the remote proxy servers with optimized connections to the file server. The association record is registered with a centralized database server, where the remote proxy servers are communicatively connected to the centralized database server over the WAN.Type: GrantFiled: October 12, 2006Date of Patent: October 6, 2015Assignee: Cisco Technology, Inc.Inventors: Etai Lev-Ran, Leonid Vasetsky, Daniel Kaminsky
-
Patent number: 8935336Abstract: In various embodiments, data processing apparatus, software, or machine-implemented methods can optimize NFSv3 asynchronous write requests or MSRPC calls that traverse a wide area network, for example, by receiving, from a client, a first request directed to a server across a wide area network; determining whether a related second request has been received previously; when a related second request has been received previously, sending, to the client, a first reply to the second request and forwarding the first request to the server, and otherwise forwarding the first request to the server without sending any reply to the client for the first request. Sending local replies from a WAN optimizer induces the client to send continuous requests, improving throughput, but at least one client request remains unreplied to, and one server error reply is always reported to the client, facilitating correct error processing at the client.Type: GrantFiled: June 18, 2008Date of Patent: January 13, 2015Assignee: Cisco Technology, Inc.Inventors: Boaz Sedan, Moshe Yosevshvili, Etai Lev Ran, Daniel Kaminsky, Israel Ben-Shaul
-
Patent number: 8583914Abstract: In one embodiment, a method for providing secure communications using a proxy is provided. The proxy negotiates with a client and a server to determine a session key to use with communications between the client and the proxy and between the proxy and the server. Encrypted data may then be received from the client at the proxy. The proxy can decrypt the encrypted data for processing using the session key. In one embodiment, the decrypted data is not altered. The proxy then sends the encrypted data that was received from the client to the server without re-encrypting the data that was decrypted. Because the proxy did not alter the data in its processing of the decrypted data and the same session key is used between communications for the proxy and the server, the encrypted data stream that was received from the client can be forwarded to the server.Type: GrantFiled: May 25, 2012Date of Patent: November 12, 2013Assignee: Cisco Technology, Inc.Inventors: Etai Lev Ran, Ajit Sanzgiri
-
Patent number: 8332485Abstract: Approaches are disclosed for lock optimization and lock prediction for reducing the number of client-server messages involved in working with server-based resources. First one or more lock requests for first one or more locks on a remote data resource that is linked by a slow communication link are received. Based on the first one or more lock requests, a sequence of lock requests for locks on the remote data resource is determined. A first message that includes the sequence of lock requests is sent. A second message is received. The second message includes second one or more locks on the remote data resource, where the second one or more locks correspond to second one or more lock requests of the sequence of lock requests. A particular lock of the second one or more locks is granted in response to receiving a particular lock request for the particular lock on the remote data resource.Type: GrantFiled: March 4, 2005Date of Patent: December 11, 2012Assignee: Cisco Technology, Inc.Inventors: Israel Zvi Ben-Shaul, Idan Zach, Etai Lev-Ran, Shahar Glixman
-
Publication number: 20120233453Abstract: In one embodiment, a method for providing secure communications using a proxy is provided. The proxy negotiates with a client and a server to determine a session key to use with communications between the client and the proxy and between the proxy and the server. Encrypted data may then be received from the client at the proxy. The proxy can decrypt the encrypted data for processing using the session key. In one embodiment, the decrypted data is not altered. The proxy then sends the encrypted data that was received from the client to the server without re-encrypting the data that was decrypted. Because the proxy did not alter the data in its processing of the decrypted data and the same session key is used between communications for the proxy and the server, the encrypted data stream that was received from the client can be forwarded to the server.Type: ApplicationFiled: May 25, 2012Publication date: September 13, 2012Applicant: CISCO TECHNOLOGY, INC.Inventors: Etai Lev Ran, Ajit Sanzgiri
-
Patent number: 8254273Abstract: In one embodiment, a method for tracing a connection path from a source node to a destination node through a network having one or more transparent proxies includes generating a trace packet at the source node, transmitting the trace packet over the network towards the destination node, and receiving trace response packets in response to transmission of the trace packet. The trace response packets include a packet from the destination node and a packet from each of the transparent proxies in a data path from the source node to the destination node. Each of the packets from the transparent proxies includes an identifier of the transparent proxy transmitting the packet. The method further includes identifying the transparent proxies in the connection path based on information in the trace response packets. An apparatus for tracing a connection path is also disclosed.Type: GrantFiled: November 12, 2009Date of Patent: August 28, 2012Assignee: Cisco Technology, Inc.Inventors: Daniel Kaminsky, Arivu Ramasamy, Martin Cieslak, Mukund Ingle, Siddharth Vajirkar, Etai Lev Ran
-
Patent number: 8190875Abstract: In one embodiment, a method for providing secure communications using a proxy is provided. The proxy negotiates with a client and a server to determine a session key to use with communications between the client and the proxy and between the proxy and the server. Encrypted data may then be received from the client at the proxy. The proxy can decrypt the encrypted data for processing using the session key. In one embodiment, the decrypted data is not altered. The proxy then sends the encrypted data that was received from the client to the server without re-encrypting the data that was decrypted. Because the proxy did not alter the data in its processing of the decrypted data and the same session key is used between communications for the proxy and the server, the encrypted data stream that was received from the client can be forwarded to the server.Type: GrantFiled: March 22, 2007Date of Patent: May 29, 2012Assignee: Cisco Technology, Inc.Inventors: Etai Lev Ran, Ajit Sanzgiri
-
Patent number: 7843823Abstract: A method and apparatus is disclosed for balancing throughput and compression in a network communication system. A message is received. A first compression mechanism is applied to the message to generate a first compressed message, where applying the first compression mechanism comprises gathering compression information. Based on the compression information, a compression metric associated with the first compressed message is computed. The compression metric is compared to a threshold value. A second compression mechanism is applied to the first compressed message to generate a second compressed message only when the compression metric does not exceed the threshold value. The second compressed message is then transmitted.Type: GrantFiled: July 28, 2006Date of Patent: November 30, 2010Assignee: Cisco Technology, Inc.Inventors: Etai Lev-Ran, Maxim S. Martynov, Daniel Kaminsky, Hamid R. Amirazizi
-
Patent number: 7814284Abstract: A data redundancy elimination system.Type: GrantFiled: January 18, 2007Date of Patent: October 12, 2010Assignee: Cisco Technology, Inc.Inventors: Gideon Glass, Maxim Martynov, Qiwen Zhang, Etai Lev Ran, Dan Li
-
Publication number: 20100169392Abstract: A method for enabling access to a data resource, which is held on a file server (25) on a first local area network (LAN) (21a), by a client (28) on a second LAN (21b). A proxy receiver (48) on the second LAN (21b) intercepts a request for the data resource submitted by the client (28) and transmits a message via a wide area network (WAN) (29) to a proxy transmitter (52) on the first LAN (21a), requesting the data resource. The proxy transmitter (52) retrieves a replica of the data resource from the file server (25) and conveys the replica of the data resource over the WAN (29) to the proxy receiver (48), which serves the replica of the data resource from the proxy receiver (48) to the client (28) over the second LAN (21b).Type: ApplicationFiled: March 15, 2010Publication date: July 1, 2010Inventors: Etai LEV RAN, Shahar Glixman, Israel Z. Ben Shaul, Vita Bortnikov, Daniel Kaminsky, Danit Ben Kiki, Idan Zach, Israel Cidon
-
Patent number: 7711788Abstract: A method for enabling access to a data resource, which is held on a file server (25) on a first local area network (LAN) (21a), by a client (28) on a second LAN (21b). A proxy receiver (48) on the second LAN (21b) intercepts a request for the data resource submitted by the client (28) and transmits a message via a wide area network (WAN) (29) to a proxy transmitter (52) on the first LAN (21a), requesting the data resource. The proxy transmitter (52) retrieves a replica of the data resource from the file server (25) and conveys the replica of the data resource over the WAN (29) to the proxy receiver (48), which serves the replica of the data resource from the proxy receiver (48) to the client (28) over the second LAN (21b).Type: GrantFiled: April 20, 2006Date of Patent: May 4, 2010Inventors: Etai Lev Ran, Shahar Glixman, Israel Z. Ben Shaul, Vita Bortnikov, Daniel Kaminsky, Danit Ben Kiki, Idan Zach, Israel Cidon