Patents by Inventor Idan Zach

Idan Zach has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20220131865
    Abstract: A method and a system for checking permissions compatibility between a configuration management system and an orchestration system of a computing cluster are disclosed. The method comprises: identifying a request to approve a change in at least one file of the computing cluster. Retrieving from a repository of the configuration management system an identity of a user for performing the change. Acquiring a denial response or an approval response received in response to a query provisioned to the orchestration system, the query is for rights to change the at least one file using the identity of the user. In response to the approval response, entering the approval response, into the configuration management system for confirming the checking permissions compatibility is approved. In response to the denial received, sending a message to the configuration management system, the message is indicative that the checking permissions compatibility is not approved.
    Type: Application
    Filed: October 26, 2020
    Publication date: April 28, 2022
    Inventors: Etai Lev Ran, Alexey Roytman, Zvi Cahana, Idan Zach, Michal Malka, Vita Bortnikov
  • Patent number: 10841336
    Abstract: Examples of techniques for selectively providing mTLS using alternative server names are described herein. An example system includes a processor to generate an alternative server name in response to detecting a legacy indicator. The processor is to also associate the alternative server name with an address of a pod. The processor is to further configure a proxy associated with the pod to selectively provide mutual transport layer security (mTLS) based on the alternative server name.
    Type: Grant
    Filed: May 21, 2018
    Date of Patent: November 17, 2020
    Assignee: International Business Machines Corporation
    Inventors: Zvi Cahana, Etai Lev-Ran, Idan Zach, Shriram Rajagopalan
  • Patent number: 10521447
    Abstract: An example system and method includes a processor to receive an image ID corresponding to a container image of a container to be run. The processor is to also send the image ID to a registry. The processor is also to receive an image metadata corresponding to the image ID from the registry. The processor is to store the image metadata on a local file system. The processor is to generate a container comprising an application. The processor is to execute the application using the image metadata.
    Type: Grant
    Filed: November 14, 2016
    Date of Patent: December 31, 2019
    Assignee: International Business Machines Corporation
    Inventors: Zvi Cahana, Etai Lev-Ran, Idan Zach
  • Publication number: 20190356693
    Abstract: Examples of techniques for selectively providing mTLS using alternative server names are described herein. An example system includes a processor to generate an alternative server name in response to detecting a legacy indicator. The processor is to also associate the alternative server name with an address of a pod. The processor is to further configure a proxy associated with the pod to selectively provide mutual transport layer security (mTLS) based on the alternative server name.
    Type: Application
    Filed: May 21, 2018
    Publication date: November 21, 2019
    Inventors: Zvi Cahana, Etai Lev-Ran, Idan Zach, Shriram Rajagopalan
  • Publication number: 20190354386
    Abstract: A system for executing one or more operating-system-level virtualization software objects (virtualization containers), comprising at least one controller hardware processor, adapted to: receive a request to connect one or more target virtualization containers, executed by at least one target hardware processor, to at least one digital storage connected to the at least one target hardware processor via at least one data communication network interface; and instruct execution of one or more management virtualization containers on the at least one target hardware processor, such that executing the one or more management virtualization containers configures the one or more target virtualization containers to direct at least one access to the at least one file system of the one or more target virtualization containers to the at least one digital storage.
    Type: Application
    Filed: May 21, 2018
    Publication date: November 21, 2019
    Inventors: Zvi Cahana, Etai Lev-Ran, Or Ozeri, Idan Zach
  • Patent number: 10425475
    Abstract: In some examples, a system for managing distributed data can include a processor to detect an update notification from a client device to update a managing server, the update notification indicating that a remote server node is unavailable. The processor can also generate a comparison value by comparing a first time stamp to a second time stamp, wherein the first time stamp corresponds to a time at which the system receives the update notification from the client device and the second time stamp corresponds to a time the remote server node transmits a set of renewal data. Furthermore, the processor can determine that the comparison value indicates the remote server node is unavailable and remove the remote server node from the managing server.
    Type: Grant
    Filed: February 27, 2017
    Date of Patent: September 24, 2019
    Assignee: International Business Machines Corporation
    Inventors: Zvi Cahana, Etai Lev-Ran, Idan Zach
  • Patent number: 10379880
    Abstract: Embodiments of the present invention may provide techniques by which missed interactions with display advertising may be reduced or recovered. For example, in an embodiment of the present invention, a computer-implemented method for processing computer input may comprise displaying on a display screen at least one background application and a foreground item frame, removing display of the foreground item frame, and after removing display of the foreground item frame, detecting user input in the location where the foreground item frame was displayed.
    Type: Grant
    Filed: September 25, 2016
    Date of Patent: August 13, 2019
    Assignee: International Business Machines Corporation
    Inventors: Itzhack Goldberg, Etai Lev-Ran, Idan Zach
  • Patent number: 10360410
    Abstract: An example system includes a plurality of containers associated with a plurality of tenants. The plurality of containers are to execute code in isolation for the associated plurality of tenants. The system also include a container daemon communicatively coupled to the plurality of containers via an internal proxy. The container daemon is to provide a service to the plurality of containers. The internal proxy is to receive a daemon access policy. The internal proxy is to further intercept a daemon command from a container. The internal proxy is to detect that the container is allowed access to the container daemon based on the daemon access policy. The internal proxy is to also generate a modified daemon command and forward the modified daemon command to the container daemon.
    Type: Grant
    Filed: November 14, 2016
    Date of Patent: July 23, 2019
    Assignee: International Business Machines Corporation
    Inventors: Zvi Cahana, Etai Lev-Ran, Idan Zach
  • Patent number: 10361995
    Abstract: Embodiments of the present invention provide a means for managing portable Internet Protocol (IP) addresses and virtual machine persistent storage. The invention includes defining a set of available portable IP addresses. When a request for a portable IP address is received from a first virtual machine (VM), a first portable IP address is assigned to the first VM. The assignment of the first portable IP address to the first VM extends for a predetermined amount of time and requires a lease renewal to extend the assignment.
    Type: Grant
    Filed: November 9, 2015
    Date of Patent: July 23, 2019
    Assignee: International Business Machines Corporation
    Inventors: Vita Bortnikov, Guy Laden, Bruno Wassermann, Idan Zach
  • Publication number: 20180248940
    Abstract: In some examples, a system for managing distributed data can include a processor to detect an update notification from a client device to update a managing server, the update notification indicating that a remote server node is unavailable. The processor can also generate a comparison value by comparing a first time stamp to a second time stamp, wherein the first time stamp corresponds to a time at which the system receives the update notification from the client device and the second time stamp corresponds to a time the remote server node transmits a set of renewal data. Furthermore, the processor can determine that the comparison value indicates the remote server node is unavailable and remove the remote server node from the managing server.
    Type: Application
    Filed: February 27, 2017
    Publication date: August 30, 2018
    Inventors: Zvi Cahana, Etai Lev-Ran, Idan Zach
  • Publication number: 20180137174
    Abstract: An example system and method includes a processor to receive an image ID corresponding to a container image of a container to be run. The processor is to also send the image ID to a registry. The processor is also to receive an image metadata corresponding to the image ID from the registry. The processor is to store the image metadata on a local file system. The processor is to generate a container comprising an application. The processor is to execute the application using the image metadata.
    Type: Application
    Filed: November 14, 2016
    Publication date: May 17, 2018
    Inventors: Zvi Cahana, Etai Lev-Ran, Idan Zach
  • Publication number: 20180137296
    Abstract: An example system includes a plurality of containers associated with a plurality of tenants. The plurality of containers are to execute code in isolation for the associated plurality of tenants. The system also include a container daemon communicatively coupled to the plurality of containers via an internal proxy. The container daemon is to provide a service to the plurality of containers. The internal proxy is to receive a daemon access policy. The internal proxy is to further intercept a daemon command from a container. The internal proxy is to detect that the container is allowed access to the container daemon based on the daemon access policy. The internal proxy is to also generate a modified daemon command and forward the modified daemon command to the container daemon.
    Type: Application
    Filed: November 14, 2016
    Publication date: May 17, 2018
    Inventors: Zvi Cahana, Etai Lev-Ran, Idan Zach
  • Publication number: 20180088759
    Abstract: Embodiments of the present invention may provide techniques by which missed interactions with display advertising may be reduced or recovered. For example, in an embodiment of the present invention, a computer-implemented method for processing computer input may comprise displaying on a display screen at least one background application and a foreground item frame, removing display of the foreground item frame, and after removing display of the foreground item frame, detecting user input in the location where the foreground item frame was displayed.
    Type: Application
    Filed: September 25, 2016
    Publication date: March 29, 2018
    Inventors: Itzhack Goldberg, Etai Lev-Ran, Idan Zach
  • Publication number: 20170134339
    Abstract: Embodiments of the present invention provide a means for managing portable Internet Protocol (IP) addresses and virtual machine persistent storage. The invention includes defining a set of available portable IP addresses. When a request for a portable IP address is received from a first virtual machine (VM), a first portable IP address is assigned to the first VM. The assignment of the first portable IP address to the first VM extends for a predetermined amount of time and requires a lease renewal to extend the assignment.
    Type: Application
    Filed: November 9, 2015
    Publication date: May 11, 2017
    Inventors: Vita Bortnikov, Guy Laden, Bruno Wassermann, Idan Zach
  • Patent number: 9547726
    Abstract: A method for enabling access to a data resource, which is held on a file server (25) on a first local area network (LAN) (21a), by a client (28) on a second LAN (21b). A proxy receiver (48) on the second LAN (21b) intercepts a request for the data resource submitted by the client (28) and transmits a message via a wide area network (WAN) (29) to a proxy transmitter (52) on the first LAN (21a), requesting the data resource. The proxy transmitter (52) retrieves a replica of the data resource from the file server (25) and conveys the replica of the data resource over the WAN (29) to the proxy receiver (48), which serves the replica of the data resource from the proxy receiver (48) to the client (28) over the second LAN (21b).
    Type: Grant
    Filed: March 15, 2010
    Date of Patent: January 17, 2017
    Assignee: Cisco Technology, Inc.
    Inventors: Etai Lev Ran, Shahar Glixman, Israel Ben Shaul, Vita Bortnikov, Daniel Kaminsky, Danit Ben Kiki, Idan Zach, Israel Cidon
  • Patent number: 9342419
    Abstract: A method comprising using at least one hardware processor for managing persistent messaging data in a volatile memory, writing the persistent messaging data to a first section of a Fast Persistent Memory (FPM), responsive to the first section of the FPM approaching a full state, offloading the persistent messaging data from the first section of the FPM to a hard disk device (HDD), and erasing the persistent messaging data from the first section of the FPM, recording, in a second section of the FPM, an identifier of said offloading, responsive to receiving a request to erase or modify at least some of the persistent messaging data in the HDD, updating the identifier of the offloading in the second section of the FPM while leaving the persistent messaging data in the HDD intact, and responsive to a server failure, selectively reading at least some of the persistent messaging data from the HDD to the volatile memory, wherein the selective reading is based on the identifier of the offloading in the second section
    Type: Grant
    Filed: November 11, 2013
    Date of Patent: May 17, 2016
    Assignee: GlobalFoundries Inc.
    Inventors: Avraham Harpaz, Nir Naaman, Idan Zach
  • Patent number: 9164856
    Abstract: A method comprising managing persistent messaging data in a volatile memory of a primary instance of a multi-node server, wherein the persistent messaging data is stored in a Hard Disk Device (HDD) and a Fast Persistent Memory (FPM) of the primary instance, repeatedly replicating the persistent messaging data to a corresponding HDD and a corresponding FPM of at least one standby instance of the multi-node server, repeatedly copying the persistent messaging data stored in the FPM or the HDD of the at least one standby instance to a Recovery Memory Region (RMR) in a volatile memory of the at least one standby instance, and responsive to a failure of the primary instance, initiating a failover procedure by the standby instance, wherein the failover procedure comprises reading at least some of the persistent messaging data from the RMR in lieu of the HDD of the at least one standby instance.
    Type: Grant
    Filed: November 11, 2013
    Date of Patent: October 20, 2015
    Assignee: International Business Machines Corporation
    Inventors: Avraham Harpaz, Nir Naaman, Idan Zach
  • Publication number: 20150135001
    Abstract: A method comprising using at least one hardware processor for managing persistent messaging data in a volatile memory, writing the persistent messaging data to a first section of a Fast Persistent Memory (FPM), responsive to the first section of the FPM approaching a full state, offloading the persistent messaging data from the first section of the FPM to a hard disk device (HDD), and erasing the persistent messaging data from the first section of the FPM, recording, in a second section of the FPM, an identifier of said offloading, responsive to receiving a request to erase or modify at least some of the persistent messaging data in the HDD, updating the identifier of the offloading in the second section of the FPM while leaving the persistent messaging data in the HDD intact, and responsive to a server failure, selectively reading at least some of the persistent messaging data from the HDD to the volatile memory, wherein the selective reading is based on the identifier of the offloading in the second section
    Type: Application
    Filed: November 11, 2013
    Publication date: May 14, 2015
    Applicant: International Business Machines Corporation
    Inventors: Avraham Harpaz, Nir Naaman, Idan Zach
  • Publication number: 20150135002
    Abstract: A method comprising managing persistent messaging data in a volatile memory of a primary instance of a multi-node server, wherein the persistent messaging data is stored in a Hard Disk Device (HDD) and a Fast Persistent Memory (FPM) of the primary instance, repeatedly replicating the persistent messaging data to a corresponding HDD and a corresponding FPM of at least one standby instance of the multi-node server, repeatedly copying the persistent messaging data stored in the FPM or the HDD of the at least one standby instance to a Recovery Memory Region (RMR) in a volatile memory of the at least one standby instance, and responsive to a failure of the primary instance, initiating a failover procedure by the standby instance, wherein the failover procedure comprises reading at least some of the persistent messaging data from the RMR in lieu of the HDD of the at least one standby instance.
    Type: Application
    Filed: November 11, 2013
    Publication date: May 14, 2015
    Applicant: International Business Machines Corporation
    Inventors: Avraham Harpaz, Nir Naaman, Idan Zach
  • Patent number: 8738959
    Abstract: A computer-implemented method, a computerized system and a product for providing a cluster of replicated servers. The method performed by a computerized server in a cluster of servers, wherein the cluster of servers are executing replicated instances of an application, wherein the replicated instances are configured to perform the same processing of the same input, comprising: detecting a message loss in the server; electively determining a responsive action to the message loss; and notifying the cluster of servers of the responsive action determined by the server, whereby other servers of the cluster of servers are able to mimic operation of the server by simulating the responsive action.
    Type: Grant
    Filed: November 15, 2011
    Date of Patent: May 27, 2014
    Assignee: International Business Machines Corporation
    Inventors: Avraham Harpaz, Nir Naaman, Idan Zach