Patents by Inventor Gaurav Bhatia

Gaurav Bhatia has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 7174383
    Abstract: One embodiment of the present invention provides a system that facilitates single sign-on services in a hosting environment. The system operates by first receiving a request from a user to access a partner application at an application server. The system then determines if the user holds a token granting access to this partner application. If the user does not hold this token, the system redirects the request to a single sign-on server. This single sign-on server requests a user authentication credential from the user. Upon receiving the user authentication credential, including an entity identifier, the single sign-on server verifies if the user is authorized to access the partner application based on the entity identifier. If the user is authorized to access the partner application, the single sign-on server issues a token to the user, which grants the user access to the partner application.
    Type: Grant
    Filed: June 3, 2002
    Date of Patent: February 6, 2007
    Assignee: Oracle International Corp.
    Inventors: Kamalendu Biswas, Arun Swaminathan, Gaurav Bhatia
  • Patent number: 7111323
    Abstract: One embodiment of the present invention provides a system to facilitate global timeout in a distributed computing environment. The system operates by receiving an access request from a user at an application within the distributed computing environment. The system determines if the distributed computing environment has issued an authentication to a user device through which the user accesses the application and also determines if the authentication has expired because of non-use for a specified period. This authentication is stored within a time-stamped token on the user-device. If the authentication has not been received or has expired, the system redirects the access request to a single sign-on server for the distributed computing environment requiring the user to reauthenticate with the distributed computing environment, otherwise the system grants the user access to the application.
    Type: Grant
    Filed: February 8, 2002
    Date of Patent: September 19, 2006
    Assignee: Oracle International Corporation
    Inventors: Gaurav Bhatia, Kamalendu Biswas, Arun Swaminathan
  • Patent number: 7032026
    Abstract: One embodiment of the present invention provides a system that facilitates locking an adversary out of a network application. The system operates by receiving a request at a server, which includes an authentication credential, to access the network application. This authentication credential includes a user identifier associated with a user and an address of a user device. The system examines an audit log to determine if the user identifier has been locked out from the address of the user device. If so, the system denies access to the network application. Otherwise, the system checks the authentication credential for validity. If the authentication credential is valid, the system allows access to the network application. Otherwise, the system logs a failed attempt in the audit log and denies access to the network application. After a threshold number of failed attempts, the user identifier is locked out from the network address.
    Type: Grant
    Filed: January 10, 2002
    Date of Patent: April 18, 2006
    Assignee: Oracle International Corp.
    Inventors: Kamalendu Biswas, Arun Swaminathan, Gaurav Bhatia
  • Publication number: 20050039008
    Abstract: One embodiment of the present invention provides a system that facilitates end-to-end identity propagation to a backend-tier application that is not single sign-on enabled. During operation, the system receives request from a user at a middle-tier application to access private data from the backend-tier application. Upon receiving this request, the system redirects the user to a single sign-on server that verifies authentication credentials of the user. The middle-tier application then receives a token from the single sign-on server authorizing access to a backend-tier application. Next, the middle-tier application uses the token to access the private data from the backend-tier application, and then provides the private data to the user.
    Type: Application
    Filed: October 9, 2003
    Publication date: February 17, 2005
    Inventors: Gaurav Bhatia, Arun Swaminathan
  • Publication number: 20040243839
    Abstract: One embodiment of the present invention provides a system that facilitates security-enabled content caching. The system operates by first receiving a request from a user at a cache server for restricted content, wherein the cache server stores content for an application server. Next, the system determines if the restricted content is located on the cache server. If so, the system determines if the user is authorized to access the restricted content. If the user is authorized to access the restricted content, the system provides the restricted content to the user from the cache server. Providing the restricted content from the cache server eliminates the time consuming operations involved in requesting and receiving the restricted content from the application server.
    Type: Application
    Filed: May 29, 2003
    Publication date: December 2, 2004
    Inventors: Gaurav Bhatia, Arun Swaminathan, Ajay Desai