Patents by Inventor Igor V. Balabine
Igor V. Balabine has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10171590Abstract: A computer system implements a plurality of modules, including a tenant administration proxy that receives session credentials from a tenant application in the private communication system and authenticates the tenant application in response to the session credentials, a connector service that receives a bridge setup request from the tenant application and establishes a bridge connection with the tenant application in response to the bridge setup request; and a configuration manager that stores service information regarding a cloud-based service that is accessible through the computer system. The tenant administration proxy retrieves the service information from the configuration manager and provides the service information to the tenant application in response to a request from the tenant application, and wherein the connector service facilitates communication between the cloud-based service and an enterprise service in the private communication system over the bridge connection.Type: GrantFiled: January 9, 2017Date of Patent: January 1, 2019Assignee: CA, Inc.Inventors: Venkatababji Sama, Akkamapet Palaniappan Sundarraj, Igor V. Balabine
-
Patent number: 9756135Abstract: A method for accessing network services from external networks includes receiving at a cloud-based server a bridge setup request from a private communication system, establishing a bridge connection between the cloud-based server and the private communication system, establishing a communication path between the cloud-based server and a cloud-based application, receiving a request from a cloud-based entity that is directed to an enterprise service hosted within the private communication system, transmitting the request to the enterprise service over the bridge connection, receiving a response from the enterprise service over the bridge connection, and transmitting the response to the cloud-based entity. Related computer program products and systems are also disclosed.Type: GrantFiled: September 11, 2014Date of Patent: September 5, 2017Assignee: CA, INC.Inventors: Venkatababji Sama, Igor V. Balabine, Suril Desai, Akkamapet Palaniappan Sundarraj
-
Publication number: 20170118217Abstract: A computer system implements a plurality of modules, including a tenant administration proxy that receives session credentials from a tenant application in the private communication system and authenticates the tenant application in response to the session credentials, a connector service that receives a bridge setup request from the tenant application and establishes a bridge connection with the tenant application in response to the bridge setup request; and a configuration manager that stores service information regarding a cloud-based service that is accessible through the computer system. The tenant administration proxy retrieves the service information from the configuration manager and provides the service information to the tenant application in response to a request from the tenant application, and wherein the connector service facilitates communication between the cloud-based service and an enterprise service in the private communication system over the bridge connection.Type: ApplicationFiled: January 9, 2017Publication date: April 27, 2017Applicant: CA, INC.Inventors: Venkatababji SAMA, Akkamapet Palaniappan SUNDARRAJ, Igor V. BALABINE
-
Patent number: 9560142Abstract: A computer system implements a plurality of modules, including a tenant administration proxy that receives session credentials from a tenant application in the private communication system and authenticates the tenant application in response to the session credentials, a connector service that receives a bridge setup request from the tenant application and establishes a bridge connection with the tenant application in response to the bridge setup request; and a configuration manager that stores service information regarding a cloud-based service that is accessible through the computer system. The tenant administration proxy retrieves the service information from the configuration manager and provides the service information to the tenant application in response to a request from the tenant application, and wherein the connector service facilitates communication between the cloud-based service and an enterprise service in the private communication system over the bridge connection.Type: GrantFiled: March 31, 2015Date of Patent: January 31, 2017Assignee: CA, Inc.Inventors: Venkatababji Sama, Akkamapet Palaniappan Sundarraj, Igor V. Balabine
-
Publication number: 20160072787Abstract: Techniques used in a network that includes non-trusted devices, in which packets of information communicated across the network include network address information for a source device and a destination device of the packets of information are described herein. According to one embodiment, a process of establishing a more secure subnetwork includes inserting at least one credential into at least one packet of information issued by the source device, the credential assessable by a plurality of devices on the network, enabling transmission of the at least one packet of information from the source device to at least one destination device on the subnetwork, assessing the credential by at least one of the devices, and permitting the source device to communicate with the destination device conditioned upon the results of the assessing step. Other methods and apparatuses are also described.Type: ApplicationFiled: September 11, 2015Publication date: March 10, 2016Inventors: Igor V. Balabine, William G. Friedman, Ilya G. Minkin
-
Publication number: 20160036920Abstract: A method for accessing network services from external networks includes receiving at a cloud-based server a bridge setup request from a private communication system, establishing a bridge connection between the cloud-based server and the private communication system, establishing a communication path between the cloud-based server and a cloud-based application, receiving a request from a cloud-based entity that is directed to an enterprise service hosted within the private communication system, transmitting the request to the enterprise service over the bridge connection, receiving a response from the enterprise service over the bridge connection, and transmitting the response to the cloud-based entity. Related computer program products and systems are also disclosed.Type: ApplicationFiled: September 11, 2014Publication date: February 4, 2016Applicant: CA, INC.Inventors: VENKATABABJI SAMA, IGOR V. BALABINE, SURIL DESAI, AKKAMAPET PALANIAPPAN SUNDARRAJ
-
Publication number: 20160036921Abstract: A computer system implements a plurality of modules, including a tenant administration proxy that receives session credentials from a tenant application in the private communication system and authenticates the tenant application in response to the session credentials, a connector service that receives a bridge setup request from the tenant application and establishes a bridge connection with the tenant application in response to the bridge setup request; and a configuration manager that stores service information regarding a cloud-based service that is accessible through the computer system. The tenant administration proxy retrieves the service information from the configuration manager and provides the service information to the tenant application in response to a request from the tenant application, and wherein the connector service facilitates communication between the cloud-based service and an enterprise service in the private communication system over the bridge connection.Type: ApplicationFiled: March 31, 2015Publication date: February 4, 2016Applicant: CA, Inc.Inventors: Venkatababji Sama, Akkamapet Palaniappan Sundarraj, Igor V. Balabine
-
Publication number: 20150067872Abstract: A part can receive a communication that originates externally of the part, that conforms to a predetermined communications protocol, and that contains payload information consistent with the protocol but subject to a security provision supplemental to the protocol. The part extracts the payload information from the security provision.Type: ApplicationFiled: August 31, 2013Publication date: March 5, 2015Applicant: SAVI TECHNOLOGY, INC.Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
-
Patent number: 8547957Abstract: A part can receive a communication that originates externally of the part, that conforms to a predetermined communications protocol, and that contains payload information consistent with the protocol but subject to a security provision supplemental to the protocol. The part extracts the payload information from the security provision.Type: GrantFiled: December 31, 2007Date of Patent: October 1, 2013Assignee: Savi Technology, Inc.Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
-
Patent number: 8204225Abstract: One aspect involves a communication that contains a portion encrypted with a selected key can be wirelessly transmitted by a part for reception and decryption by plural tags. A different aspect involves a tag receiving a first sequence of wireless communications that each contain sequencing information regarding the first sequence, while receiving a second sequence of wireless communications that each include sequencing information regarding the second sequence, and further involves monitoring the sequencing information from received communications of the first sequence while separately monitoring the sequencing information from received communications of the second sequence.Type: GrantFiled: December 31, 2007Date of Patent: June 19, 2012Assignee: Savi Technology, Inc.Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
-
Patent number: 8116454Abstract: One aspect involves receiving by a tag of wireless communications that utilize a first security provision, and wireless communications that utilize a second security provision different from the first security provision. A different aspect involves receiving by an entity of an authentication request that is based on a first digital certificate unknown to the entity, and determining by the entity, without external authentication of the first digital certificate, whether the first digital certificate is in a trust relationship with a second digital certificate that is different from the first digital certificate and that is known to the entity.Type: GrantFiled: December 31, 2007Date of Patent: February 14, 2012Assignee: Savi Technology, Inc.Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
-
Publication number: 20090028337Abstract: A method and apparatus involve storing in a tag a selected digital certificate that permits secure access to said tag from externally thereof.Type: ApplicationFiled: December 31, 2007Publication date: January 29, 2009Applicant: SAVI TECHNOLOGY, INC.Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
-
Publication number: 20090028334Abstract: One aspect involves a communication that contains a portion encrypted with a selected key can be wirelessly transmitted by a part for reception and decryption by plural tags. A different aspect involves a tag receiving a first sequence of wireless communications that each contain sequencing information regarding the first sequence, while receiving a second sequence of wireless communications that each include sequencing information regarding the second sequence, and further involves monitoring the sequencing information from received communications of the first sequence while separately monitoring the sequencing information from received communications of the second sequence.Type: ApplicationFiled: December 31, 2007Publication date: January 29, 2009Applicant: SAVI TECHNOLOGY, INC.Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
-
Publication number: 20090028078Abstract: A part can receive a communication that originates externally of the part, that conforms to a predetermined communications protocol, and that contains payload information consistent with the protocol but subject to a security provision supplemental to the protocol. The part extracts the payload information from the security provision.Type: ApplicationFiled: December 31, 2007Publication date: January 29, 2009Applicant: Savi Technology, Inc.Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
-
Publication number: 20090028329Abstract: A response to an event involves transmitting a communication for propagation away from a part externally thereof, the communication containing first and second segments that are respectively subject to first and second security provisions that are different.Type: ApplicationFiled: December 31, 2007Publication date: January 29, 2009Applicant: SAVI TECHNOLOGY, INC.Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
-
Publication number: 20090028333Abstract: One aspect involves receiving by a tag of wireless communications that utilize a first security provision, and wireless communications that utilize a second security provision different from the first security provision. A different aspect involves receiving by an entity of an authentication request that is based on a first digital certificate unknown to the entity, and determining by the entity, without external authentication of the first digital certificate, whether the first digital certificate is in a trust relationship with a second digital certificate that is different from the first digital certificate and that is known to the entity.Type: ApplicationFiled: December 31, 2007Publication date: January 29, 2009Applicant: SAVI TECHNOLOGY, INC.Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
-
Patent number: 7069438Abstract: A method and apparatus for establishing authenticated network (e.g., TCP/IP) connections augments the network (e.g., TCP/IP) protocol and enables concealment of the presence of network (e.g., TCP/IP) servers on the network. One methodology uses one or more cryptographic techniques, and/or combinations of such techniques, to achieve the goal. A network (e.g., TCP/IP) connection establishment could be authenticated using both shared secret cryptographic and public key cryptographic methods. The trust between peers could be established either directly or via a trusted third party. One methodology allows network (e.g., TCP/IP) server concealment against Internet based eavesdroppers and eavesdroppers staging man-in-the-middle attacks on the local network or in the close proximity to the server. The techniques described herein may be used to protect a network (e.g., TCP/IP) server from establishing unsanctioned connections from both local and remote networks.Type: GrantFiled: August 19, 2002Date of Patent: June 27, 2006Assignee: Sowl Associates, Inc.Inventors: Igor V. Balabine, William G. Friedman, Ilya G. Minkin
-
Patent number: 6826698Abstract: A system, method and computer program product are provided for affording network security features. A plurality of network objects are identified. Rule sets associated with one or more of the identified network objects are retrieved. Each rule set includes a plurality of policy rules that govern actions relating to the identified network objects. Overlapping policy rules of the rule sets are reconciled amongst the network objects. The reconciled rule sets are executed. A computer program product and a method are also provided for establishing network security. A plurality of network objects of a network and a plurality of rule sets are provided. The network objects are associated with the rule sets. The rule sets include a plurality of policy rules that govern actions relating to the identified network objects during operation of the network.Type: GrantFiled: September 15, 2000Date of Patent: November 30, 2004Assignee: Networks Associates Technology, Inc.Inventors: Ilya Minkin, Igor V. Balabine, Gerhard Eschelbeck
-
Publication number: 20040034773Abstract: A method and apparatus for establishing authenticated network (e.g., TCP/IP) connections augments the network (e.g., TCP/IP) protocol and enables concealment of the presence of network (e.g., TCP/IP) servers on the network. One methodology uses one or more cryptographic techniques, and/or combinations of such techniques, to achieve the goal. A network (e.g., TCP/IP) connection establishment could be authenticated using both shared secret cryptographic and public key cryptographic methods. The trust between peers could be established either directly or via a trusted third party. One methodology allows network (e.g., TCP/IP) server concealment against Internet based eavesdroppers and eavesdroppers staging man-in-the-middle attacks on the local network or in the close proximity to the server. The techniques described herein may be used to protect a network (e.g., TCP/IP) server from establishing unsanctioned connections from both local and remote networks.Type: ApplicationFiled: August 19, 2002Publication date: February 19, 2004Inventors: Igor V. Balabine, William G. Friedman, Ilya G. Minkin
-
Patent number: 6442548Abstract: Information in a database is accessed with a computer system by transforming a file system request from an application into a database query and retrieving information corresponding to the database query from the database. The retrieved information is made available to the application as a file system object, for example, as a directory, a file, a link or a collection thereof.Type: GrantFiled: June 25, 1999Date of Patent: August 27, 2002Assignee: International Business Machines CorporationInventors: Igor V. Balabine, Ramiah Kandasamy, John A. Skier