Patents by Inventor Graham A. Bent
Graham A. Bent has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9692744Abstract: A method, apparatus and/or computer program provides secure user authentication in a network having a dynamic set of services. The method comprises a client authenticating with an edge service and generating a query key. The edge service issues a request to the dynamic set of services. The request comprises (i) an encrypted identifier associated with the client, (ii) a private portion of the request being encrypted with the query key, and (iii) a public portion of the request. In response to ascertaining from the public portion of the request that it is able to respond to the request, one or more of the dynamic set of services respond to the edge service with (i) an identifier associated with the dynamic set of services, and (ii) the identifier associated with the client. The edge service then authenticates that it is able to respond to the request, including generating a session key.Type: GrantFiled: June 16, 2016Date of Patent: June 27, 2017Assignee: International Business Machines CorporationInventors: Graham A. Bent, Dominic P. Harries
-
Publication number: 20170147835Abstract: A querying node generates public keys, secret keys, and switch key matrices. A public key associated with a first level and the switch key matrices are sent to a receiving node. The receiving node generates a key-value table, mapping values to keys, and encodes the keys and values using a polynomial ring of a predetermined type. The querying node encodes using a polynomial ring of the same predetermined type, then encrypts a query, using a public key, and sends the query to the receiving node. The receiving node performs a homomorphic comparison of the encrypted, encoded query with each encoded key entry in the encoded key-value store to determine a comparison result. The receiving node sums the results for each of the value entries and returns the summed result to the querying node. The querying node decrypts and decodes the received result using the corresponding secret key.Type: ApplicationFiled: November 25, 2015Publication date: May 25, 2017Inventors: DAVID F. BACON, GRAHAM A. BENT, FLAVIO A. BERGAMASCHI, WEI ZHANG
-
Publication number: 20170149557Abstract: In computer-implemented technology for comparing first and second values that are encrypted according to a fully homomorphic encryption scheme, the following function is computed: f ? ( ? ? ( x ) , ? ? ( y ) ) = { ? ? ( 0 ) ? ? … ? ? if ? ? … ? ? x ? y ? ? ( 1 ) ? ? … ? ? ? if ? ? … ? ? x = y } where ?(.) is a fully homomorphic encryption scheme.Type: ApplicationFiled: November 25, 2015Publication date: May 25, 2017Inventors: DAVID F. BACON, GRAHAM A. BENT, FLAVIO A. BERGAMASCHI, WEI ZHANG
-
Publication number: 20170093842Abstract: A method, apparatus and/or computer program provides secure user authentication in a network having a dynamic set of services. The method comprises a client authenticating with an edge service and generating a query key. The edge service issues a request to the dynamic set of services. The request comprises (i) an encrypted identifier associated with the client, (ii) a private portion of the request being encrypted with the query key, and (iii) a public portion of the request. In response to ascertaining from the public portion of the request that it is able to respond to the request, one or more of the dynamic set of services respond to the edge service with (i) an identifier associated with the dynamic set of services, and (ii) the identifier associated with the client. The edge service then authenticates that it is able to respond to the request, including generating a session key.Type: ApplicationFiled: June 16, 2016Publication date: March 30, 2017Inventors: GRAHAM A. BENT, DOMINIC P. HARRIES
-
Publication number: 20170063525Abstract: Searching for desired data within an encrypted set of data (using a fully homomorphic encryption) without decrypting the set of data. A lookup key is compared against a set of encrypted data, employing characteristics of the fully homomorphic encryption, to locate and return desired data correlated to the lookup key.Type: ApplicationFiled: August 25, 2015Publication date: March 2, 2017Inventors: David F. Bacon, Graham A. Bent, Flavio A. Bergamaschi
-
Publication number: 20160359724Abstract: A query is propagated from a querying node to a destination node in a network of connected nodes, where at least one node is designated as a delay node. A query is transmitted from the querying node to one or more connected nodes in the network of connected nodes. One or more nodes, from the one or more connected nodes, are designated as delay nodes, wherein delay nodes apply delays to the query before retransmitting the query to other nodes from the one or more connected nodes. Upon receiving the query, each node, from the one or more connected nodes, retransmits the query to another one or more nodes from the one or more connected nodes. The query is repeatedly received and retransmitted by the connected nodes until the query is received at the destination node.Type: ApplicationFiled: November 18, 2013Publication date: December 8, 2016Inventors: GRAHAM A. BENT, THOMAS J. C. BERMAN, PATRICK DANTRESSANGLE, DAVID R. VYVYAN
-
Patent number: 9471647Abstract: A database query is received that includes a logical query indicator at a distributed database node within a distributed network of databases. The logical query indicator includes at least one physical database query and at least one database node identifier that allows at least one distributed database node to identify at least one physical database to execute the physical database query against. It is determined that the at least one database node identifier matches a local node identifier. The at least one physical database query is executed against at least one local physical database table. A local query response is formed including data retrieved from the at least one local physical database table. The database query is responded to with at least the local query response.Type: GrantFiled: September 30, 2015Date of Patent: October 18, 2016Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Graham A. Bent, Patrick Dantressangle, David R. Vyvyan
-
Patent number: 9419960Abstract: A method, apparatus and/or computer program provides secure user authentication in a network having a dynamic set of services. The method comprises a client authenticating with an edge service and generating a query key. The edge service issues a request to the dynamic set of services. The request comprises (i) an encrypted identifier associated with the client, (ii) a private portion of the request being encrypted with the query key, and (iii) a public portion of the request. In response to ascertaining from the public portion of the request that it is able to respond to the request, one or more of the dynamic set of services respond to the edge service with (i) an identifier associated with the dynamic set of services, and (ii) the identifier associated with the client. The edge service then authenticates that it is able to respond to the request, including generating a session key.Type: GrantFiled: February 28, 2014Date of Patent: August 16, 2016Assignee: International Business Machines CorporationInventors: Graham A. Bent, Dominic P. Harries
-
Publication number: 20160117369Abstract: A database query is received that includes a logical query indicator at a distributed database node within a distributed network of databases. The logical query indicator includes at least one physical database query and at least one database node identifier that allows at least one distributed database node to identify at least one physical database to execute the physical database query against. It is determined that the at least one database node identifier matches a local node identifier. The at least one physical database query is executed against at least one local physical database table. A local query response is formed including data retrieved from the at least one local physical database table. The database query is responded to with at least the local query response.Type: ApplicationFiled: September 30, 2015Publication date: April 28, 2016Inventors: Graham A. Bent, Patrick Dantressangle, David R. Vyvyan
-
Patent number: 9183260Abstract: A database query is received that includes a logical query indicator at a distributed database node within a distributed network of databases. The logical query indicator includes at least one physical database query and at least one database node identifier that allows at least one distributed database node to identify at least one physical database to execute the physical database query against. It is determined that the at least one database node identifier matches a local node identifier. The at least one physical database query is executed against at least one local physical database table. A local query response is formed including data retrieved from the at least one local physical database table. The database query is responded to with at least the local query response. This abstract is not to be considered limiting, since other embodiments may deviate from the features described in this abstract.Type: GrantFiled: October 9, 2008Date of Patent: November 10, 2015Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Graham A. Bent, Patrick Dantressangle, David R. Vyvyan
-
Publication number: 20140281496Abstract: A method, apparatus and/or computer program provides secure user authentication in a network having a dynamic set of services. The method comprises a client authenticating with an edge service and generating a query key. The edge service issues a request to the dynamic set of services. The request comprises (i) an encrypted identifier associated with the client, (ii) a private portion of the request being encrypted with the query key, and (iii) a public portion of the request. In response to ascertaining from the public portion of the request that it is able to respond to the request, one or more of the dynamic set of services respond to the edge service with (i) an identifier associated with the dynamic set of services, and (ii) the identifier associated with the client. The edge service then authenticates that it is able to respond to the request, including generating a session key.Type: ApplicationFiled: February 28, 2014Publication date: September 18, 2014Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: GRAHAM A. BENT, DOMINIC P. HARRIES
-
Patent number: 8812535Abstract: A method for propagating a query in a system made up of a number connectable database management system nodes, where each node is associated at least one database, includes: selecting a first node from the number of nodes; generating at least one connection operable to propagate a query from the first node to a first subset of the number of nodes; generating at least one connection operable to propagate a query from a second node in the first subset to a second subset of the plurality of nodes; where at least one node in the second subset is different from nodes in the first subset.Type: GrantFiled: September 3, 2008Date of Patent: August 19, 2014Assignee: International Business Machines CorporationInventors: Graham A. Bent, Patrick Dantressangle, John B. Ibbotson
-
Publication number: 20140229633Abstract: A method of operating a hypercube network of processing devices includes determining that a plurality of the processing devices are storing data to be processed at a single processing device, obtaining the addresses of the plurality of processing devices storing the data to be processed, determining the most common number for each digit of the addresses of the plurality of processing devices storing the data to be processed, generating a new address comprising the determined most common number for each digit, and transferring the data to be processed to the processing device with the generated new address.Type: ApplicationFiled: September 25, 2012Publication date: August 14, 2014Applicant: International Business Machines CorporationInventors: Graham A. Bent, Patrick Dantressangle, Paul D. Stone
-
Publication number: 20140219278Abstract: Method and system are provided for assessing response routes in a network of connected nodes wherein a querying node propagates a query through multiple routes of intermediate nodes to a data source node and the data source node returns data to the querying node. The method at a data source node may include: receiving a query instance including metadata with route information of the route of intermediate nodes in the network that the query instance has travelled through from a querying node to the data source node; comparing the route information to a route policy; and responding to a query instance which meets the route policy by returning the query response via the route of intermediate nodes of the query instance.Type: ApplicationFiled: February 3, 2014Publication date: August 7, 2014Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: GRAHAM A. BENT, THOMAS J. C. BERMAN, PATRICK DANTRESSANGLE, DAVID R. VYVYAN
-
Patent number: 8626747Abstract: A database query comprising a logical table definition and at least one route tracing indicator is forwarded to at least one distributed database node within a distributed network of databases. At least one query response is received including distributed route tracing information associated with each distributed database node that processed the database query along a path associated with the at least one query response. The received distributed route tracing information is processed to characterize query route propagation within the distributed network of databases. This abstract is not to be considered limiting, since other embodiments may deviate from the features described in this abstract.Type: GrantFiled: July 30, 2012Date of Patent: January 7, 2014Assignee: International Business Machines CorporationInventors: Graham A. Bent, Patrick Dantressangle, David R. Vyvyan
-
Patent number: 8560570Abstract: A logical table definition is received as part of a database query within a distributed database system. A determination is made as to whether the received logical table definition matches a local logical table definition. The query is processed in response to determining that the received logical table definition matches the local logical table definition. The query is forwarded to at least one other distributed database node.Type: GrantFiled: February 2, 2012Date of Patent: October 15, 2013Assignee: International Business Machines CorporationInventors: Graham A. Bent, Patrick Dantressangle, David R. Vyvyan
-
Patent number: 8478803Abstract: A method for managing a logical statement within a distributed database includes checking, responsive to receipt of a first logical statement for by first database management system node, whether the first logical statement is stored within a segment of the distributed database; and storing, responsive to a determination that the first logical statement is not stored within a segment of the distributed database, storing the first logical statement in at least one of non-unique fact table and unique fact table.Type: GrantFiled: September 3, 2008Date of Patent: July 2, 2013Assignee: International Business Machines CorporationInventors: Graham A. Bent, Patrick Dantressangle
-
Patent number: 8458166Abstract: A database query is received including a logical table identifier at a distributed database node within a distributed network of databases. The logical table identifier includes a dynamically-updatable constant column identifier. Local logical table definitions are filtered based upon the logical table identifier and the dynamically-updatable constant column identifier to identify a local logical table associated with the logical table identifier and the dynamically-updatable constant column identifier. A local query response is formed including data retrieved from a local physical database table mapped by the local logical table in response to identifying the local logical table associated with the logical table identifier and the dynamically-updatable constant column identifier. The database query is responded to, in response to forming the local query response, with at least the local query response.Type: GrantFiled: October 9, 2008Date of Patent: June 4, 2013Assignee: International Business Machines CorporationInventors: Graham A. Bent, Patrick Dantressangle, David R. Vyvyan
-
Patent number: 8386515Abstract: Methods and systems are provided, for persistent querying in a federated database system. A federated database system has a plurality of connectable database management system nodes, each database node having at least one database. Persistent querying includes: receiving a query at a first database node and propagating the query from the first database node to other database nodes in the federated database system. A responding database node satisfying the query: obtains a query results set; defines a topic identifier for the query; and publishes subsequent messages relating to the topic identifier when data updates are available. The first database node receives query results sets from one or more responding nodes and the first database node subscribes to topic identifiers for publications of subsequent messages from the responding database nodes. Subsequent messages are published relating to the query along the connection through which the query is returned.Type: GrantFiled: November 23, 2010Date of Patent: February 26, 2013Assignee: International Business Machines CorporationInventors: Graham Bent, Patrick Dantressangle, Christopher R. Gibson, David R. Vyvyan
-
Publication number: 20120303609Abstract: A database query comprising a logical table definition and at least one route tracing indicator is forwarded to at least one distributed database node within a distributed network of databases. At least one query response is received including distributed route tracing information associated with each distributed database node that processed the database query along a path associated with the at least one query response. The received distributed route tracing information is processed to characterize query route propagation within the distributed network of databases. This abstract is not to be considered limiting, since other embodiments may deviate from the features described in this abstract.Type: ApplicationFiled: July 30, 2012Publication date: November 29, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Graham A. Bent, Patrick Dantressangle, David R. Vyvyan