Patents by Inventor Igor V. Balabine

Igor V. Balabine has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10171590
    Abstract: A computer system implements a plurality of modules, including a tenant administration proxy that receives session credentials from a tenant application in the private communication system and authenticates the tenant application in response to the session credentials, a connector service that receives a bridge setup request from the tenant application and establishes a bridge connection with the tenant application in response to the bridge setup request; and a configuration manager that stores service information regarding a cloud-based service that is accessible through the computer system. The tenant administration proxy retrieves the service information from the configuration manager and provides the service information to the tenant application in response to a request from the tenant application, and wherein the connector service facilitates communication between the cloud-based service and an enterprise service in the private communication system over the bridge connection.
    Type: Grant
    Filed: January 9, 2017
    Date of Patent: January 1, 2019
    Assignee: CA, Inc.
    Inventors: Venkatababji Sama, Akkamapet Palaniappan Sundarraj, Igor V. Balabine
  • Patent number: 9756135
    Abstract: A method for accessing network services from external networks includes receiving at a cloud-based server a bridge setup request from a private communication system, establishing a bridge connection between the cloud-based server and the private communication system, establishing a communication path between the cloud-based server and a cloud-based application, receiving a request from a cloud-based entity that is directed to an enterprise service hosted within the private communication system, transmitting the request to the enterprise service over the bridge connection, receiving a response from the enterprise service over the bridge connection, and transmitting the response to the cloud-based entity. Related computer program products and systems are also disclosed.
    Type: Grant
    Filed: September 11, 2014
    Date of Patent: September 5, 2017
    Assignee: CA, INC.
    Inventors: Venkatababji Sama, Igor V. Balabine, Suril Desai, Akkamapet Palaniappan Sundarraj
  • Publication number: 20170118217
    Abstract: A computer system implements a plurality of modules, including a tenant administration proxy that receives session credentials from a tenant application in the private communication system and authenticates the tenant application in response to the session credentials, a connector service that receives a bridge setup request from the tenant application and establishes a bridge connection with the tenant application in response to the bridge setup request; and a configuration manager that stores service information regarding a cloud-based service that is accessible through the computer system. The tenant administration proxy retrieves the service information from the configuration manager and provides the service information to the tenant application in response to a request from the tenant application, and wherein the connector service facilitates communication between the cloud-based service and an enterprise service in the private communication system over the bridge connection.
    Type: Application
    Filed: January 9, 2017
    Publication date: April 27, 2017
    Applicant: CA, INC.
    Inventors: Venkatababji SAMA, Akkamapet Palaniappan SUNDARRAJ, Igor V. BALABINE
  • Patent number: 9560142
    Abstract: A computer system implements a plurality of modules, including a tenant administration proxy that receives session credentials from a tenant application in the private communication system and authenticates the tenant application in response to the session credentials, a connector service that receives a bridge setup request from the tenant application and establishes a bridge connection with the tenant application in response to the bridge setup request; and a configuration manager that stores service information regarding a cloud-based service that is accessible through the computer system. The tenant administration proxy retrieves the service information from the configuration manager and provides the service information to the tenant application in response to a request from the tenant application, and wherein the connector service facilitates communication between the cloud-based service and an enterprise service in the private communication system over the bridge connection.
    Type: Grant
    Filed: March 31, 2015
    Date of Patent: January 31, 2017
    Assignee: CA, Inc.
    Inventors: Venkatababji Sama, Akkamapet Palaniappan Sundarraj, Igor V. Balabine
  • Publication number: 20160072787
    Abstract: Techniques used in a network that includes non-trusted devices, in which packets of information communicated across the network include network address information for a source device and a destination device of the packets of information are described herein. According to one embodiment, a process of establishing a more secure subnetwork includes inserting at least one credential into at least one packet of information issued by the source device, the credential assessable by a plurality of devices on the network, enabling transmission of the at least one packet of information from the source device to at least one destination device on the subnetwork, assessing the credential by at least one of the devices, and permitting the source device to communicate with the destination device conditioned upon the results of the assessing step. Other methods and apparatuses are also described.
    Type: Application
    Filed: September 11, 2015
    Publication date: March 10, 2016
    Inventors: Igor V. Balabine, William G. Friedman, Ilya G. Minkin
  • Publication number: 20160036920
    Abstract: A method for accessing network services from external networks includes receiving at a cloud-based server a bridge setup request from a private communication system, establishing a bridge connection between the cloud-based server and the private communication system, establishing a communication path between the cloud-based server and a cloud-based application, receiving a request from a cloud-based entity that is directed to an enterprise service hosted within the private communication system, transmitting the request to the enterprise service over the bridge connection, receiving a response from the enterprise service over the bridge connection, and transmitting the response to the cloud-based entity. Related computer program products and systems are also disclosed.
    Type: Application
    Filed: September 11, 2014
    Publication date: February 4, 2016
    Applicant: CA, INC.
    Inventors: VENKATABABJI SAMA, IGOR V. BALABINE, SURIL DESAI, AKKAMAPET PALANIAPPAN SUNDARRAJ
  • Publication number: 20160036921
    Abstract: A computer system implements a plurality of modules, including a tenant administration proxy that receives session credentials from a tenant application in the private communication system and authenticates the tenant application in response to the session credentials, a connector service that receives a bridge setup request from the tenant application and establishes a bridge connection with the tenant application in response to the bridge setup request; and a configuration manager that stores service information regarding a cloud-based service that is accessible through the computer system. The tenant administration proxy retrieves the service information from the configuration manager and provides the service information to the tenant application in response to a request from the tenant application, and wherein the connector service facilitates communication between the cloud-based service and an enterprise service in the private communication system over the bridge connection.
    Type: Application
    Filed: March 31, 2015
    Publication date: February 4, 2016
    Applicant: CA, Inc.
    Inventors: Venkatababji Sama, Akkamapet Palaniappan Sundarraj, Igor V. Balabine
  • Publication number: 20150067872
    Abstract: A part can receive a communication that originates externally of the part, that conforms to a predetermined communications protocol, and that contains payload information consistent with the protocol but subject to a security provision supplemental to the protocol. The part extracts the payload information from the security provision.
    Type: Application
    Filed: August 31, 2013
    Publication date: March 5, 2015
    Applicant: SAVI TECHNOLOGY, INC.
    Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
  • Patent number: 8547957
    Abstract: A part can receive a communication that originates externally of the part, that conforms to a predetermined communications protocol, and that contains payload information consistent with the protocol but subject to a security provision supplemental to the protocol. The part extracts the payload information from the security provision.
    Type: Grant
    Filed: December 31, 2007
    Date of Patent: October 1, 2013
    Assignee: Savi Technology, Inc.
    Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
  • Patent number: 8204225
    Abstract: One aspect involves a communication that contains a portion encrypted with a selected key can be wirelessly transmitted by a part for reception and decryption by plural tags. A different aspect involves a tag receiving a first sequence of wireless communications that each contain sequencing information regarding the first sequence, while receiving a second sequence of wireless communications that each include sequencing information regarding the second sequence, and further involves monitoring the sequencing information from received communications of the first sequence while separately monitoring the sequencing information from received communications of the second sequence.
    Type: Grant
    Filed: December 31, 2007
    Date of Patent: June 19, 2012
    Assignee: Savi Technology, Inc.
    Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
  • Patent number: 8116454
    Abstract: One aspect involves receiving by a tag of wireless communications that utilize a first security provision, and wireless communications that utilize a second security provision different from the first security provision. A different aspect involves receiving by an entity of an authentication request that is based on a first digital certificate unknown to the entity, and determining by the entity, without external authentication of the first digital certificate, whether the first digital certificate is in a trust relationship with a second digital certificate that is different from the first digital certificate and that is known to the entity.
    Type: Grant
    Filed: December 31, 2007
    Date of Patent: February 14, 2012
    Assignee: Savi Technology, Inc.
    Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
  • Publication number: 20090028337
    Abstract: A method and apparatus involve storing in a tag a selected digital certificate that permits secure access to said tag from externally thereof.
    Type: Application
    Filed: December 31, 2007
    Publication date: January 29, 2009
    Applicant: SAVI TECHNOLOGY, INC.
    Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
  • Publication number: 20090028334
    Abstract: One aspect involves a communication that contains a portion encrypted with a selected key can be wirelessly transmitted by a part for reception and decryption by plural tags. A different aspect involves a tag receiving a first sequence of wireless communications that each contain sequencing information regarding the first sequence, while receiving a second sequence of wireless communications that each include sequencing information regarding the second sequence, and further involves monitoring the sequencing information from received communications of the first sequence while separately monitoring the sequencing information from received communications of the second sequence.
    Type: Application
    Filed: December 31, 2007
    Publication date: January 29, 2009
    Applicant: SAVI TECHNOLOGY, INC.
    Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
  • Publication number: 20090028078
    Abstract: A part can receive a communication that originates externally of the part, that conforms to a predetermined communications protocol, and that contains payload information consistent with the protocol but subject to a security provision supplemental to the protocol. The part extracts the payload information from the security provision.
    Type: Application
    Filed: December 31, 2007
    Publication date: January 29, 2009
    Applicant: Savi Technology, Inc.
    Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
  • Publication number: 20090028329
    Abstract: A response to an event involves transmitting a communication for propagation away from a part externally thereof, the communication containing first and second segments that are respectively subject to first and second security provisions that are different.
    Type: Application
    Filed: December 31, 2007
    Publication date: January 29, 2009
    Applicant: SAVI TECHNOLOGY, INC.
    Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
  • Publication number: 20090028333
    Abstract: One aspect involves receiving by a tag of wireless communications that utilize a first security provision, and wireless communications that utilize a second security provision different from the first security provision. A different aspect involves receiving by an entity of an authentication request that is based on a first digital certificate unknown to the entity, and determining by the entity, without external authentication of the first digital certificate, whether the first digital certificate is in a trust relationship with a second digital certificate that is different from the first digital certificate and that is known to the entity.
    Type: Application
    Filed: December 31, 2007
    Publication date: January 29, 2009
    Applicant: SAVI TECHNOLOGY, INC.
    Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
  • Patent number: 7069438
    Abstract: A method and apparatus for establishing authenticated network (e.g., TCP/IP) connections augments the network (e.g., TCP/IP) protocol and enables concealment of the presence of network (e.g., TCP/IP) servers on the network. One methodology uses one or more cryptographic techniques, and/or combinations of such techniques, to achieve the goal. A network (e.g., TCP/IP) connection establishment could be authenticated using both shared secret cryptographic and public key cryptographic methods. The trust between peers could be established either directly or via a trusted third party. One methodology allows network (e.g., TCP/IP) server concealment against Internet based eavesdroppers and eavesdroppers staging man-in-the-middle attacks on the local network or in the close proximity to the server. The techniques described herein may be used to protect a network (e.g., TCP/IP) server from establishing unsanctioned connections from both local and remote networks.
    Type: Grant
    Filed: August 19, 2002
    Date of Patent: June 27, 2006
    Assignee: Sowl Associates, Inc.
    Inventors: Igor V. Balabine, William G. Friedman, Ilya G. Minkin
  • Patent number: 6826698
    Abstract: A system, method and computer program product are provided for affording network security features. A plurality of network objects are identified. Rule sets associated with one or more of the identified network objects are retrieved. Each rule set includes a plurality of policy rules that govern actions relating to the identified network objects. Overlapping policy rules of the rule sets are reconciled amongst the network objects. The reconciled rule sets are executed. A computer program product and a method are also provided for establishing network security. A plurality of network objects of a network and a plurality of rule sets are provided. The network objects are associated with the rule sets. The rule sets include a plurality of policy rules that govern actions relating to the identified network objects during operation of the network.
    Type: Grant
    Filed: September 15, 2000
    Date of Patent: November 30, 2004
    Assignee: Networks Associates Technology, Inc.
    Inventors: Ilya Minkin, Igor V. Balabine, Gerhard Eschelbeck
  • Publication number: 20040034773
    Abstract: A method and apparatus for establishing authenticated network (e.g., TCP/IP) connections augments the network (e.g., TCP/IP) protocol and enables concealment of the presence of network (e.g., TCP/IP) servers on the network. One methodology uses one or more cryptographic techniques, and/or combinations of such techniques, to achieve the goal. A network (e.g., TCP/IP) connection establishment could be authenticated using both shared secret cryptographic and public key cryptographic methods. The trust between peers could be established either directly or via a trusted third party. One methodology allows network (e.g., TCP/IP) server concealment against Internet based eavesdroppers and eavesdroppers staging man-in-the-middle attacks on the local network or in the close proximity to the server. The techniques described herein may be used to protect a network (e.g., TCP/IP) server from establishing unsanctioned connections from both local and remote networks.
    Type: Application
    Filed: August 19, 2002
    Publication date: February 19, 2004
    Inventors: Igor V. Balabine, William G. Friedman, Ilya G. Minkin
  • Patent number: 6442548
    Abstract: Information in a database is accessed with a computer system by transforming a file system request from an application into a database query and retrieving information corresponding to the database query from the database. The retrieved information is made available to the application as a file system object, for example, as a directory, a file, a link or a collection thereof.
    Type: Grant
    Filed: June 25, 1999
    Date of Patent: August 27, 2002
    Assignee: International Business Machines Corporation
    Inventors: Igor V. Balabine, Ramiah Kandasamy, John A. Skier