Patents by Inventor James M. Caffrey
James M. Caffrey has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11522683Abstract: Aspects of the invention include protecting data objects in a computing environment based on physical location. Aspects include receiving, by a computing system, a request to access an encrypted data from an authenticated user, wherein the encrypted data includes information about a data encryption key used to encrypt the encrypted data. Aspects also include providing, by the computing system, the encrypted data to the computer system where the user was authenticated, the computer system including a set of decryption keys protected by a master key stored within a hardware security module associated with the location of the hardware security module. Aspects further include decrypting, by the hardware security module, the encrypted data based on a determination that the data encryption key corresponds to one of the set of decryption keys, wherein the set of decryption keys are determined based on the location of the hardware security module.Type: GrantFiled: December 4, 2020Date of Patent: December 6, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Anthony Thomas Sofia, James M. Caffrey, Thomas Ginader, Jason G. Katonica
-
Patent number: 11455429Abstract: Techniques for container-based cryptography hardware security module (HSM) management in a computer system are described herein. An aspect includes providing a cryptography work daemon container in a computer system, wherein the cryptography work daemon container in the computer system has privileged access to a cryptography HSM of the computer system. Another aspect includes receiving, by the cryptography work daemon container, a request for a cryptography function of the cryptography HSM from an application container in the computer system. Another aspect includes causing, by the cryptography work daemon container, the cryptography HSM to perform the cryptography function based on receiving the request.Type: GrantFiled: December 3, 2020Date of Patent: September 27, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Anthony Thomas Sofia, James M. Caffrey, Thomas Ginader, Elizabeth Santiago
-
Publication number: 20220182233Abstract: Aspects of the invention include protecting data objects in a computing environment based on physical location. Aspects include receiving, by a computing system, a request to access an encrypted data from an authenticated user, wherein the encrypted data includes information about a data encryption key used to encrypt the encrypted data. Aspects also include providing, by the computing system, the encrypted data to the computer system where the user was authenticated, the computer system including a set of decryption keys protected by a master key stored within a hardware security module associated with the location of the hardware security module. Aspects further include decrypting, by the hardware security module, the encrypted data based on a determination that the data encryption key corresponds to one of the set of decryption keys, wherein the set of decryption keys are determined based on the location of the hardware security module.Type: ApplicationFiled: December 4, 2020Publication date: June 9, 2022Inventors: ANTHONY THOMAS SOFIA, JAMES M. CAFFREY, THOMAS GINADER, JASON G. KATONICA
-
Publication number: 20220180000Abstract: Techniques for container-based cryptography hardware security module (HSM) management in a computer system are described herein. An aspect includes providing a cryptography work daemon container in a computer system, wherein the cryptography work daemon container in the computer system has privileged access to a cryptography HSM of the computer system. Another aspect includes receiving, by the cryptography work daemon container, a request for a cryptography function of the cryptography HSM from an application container in the computer system.Type: ApplicationFiled: December 3, 2020Publication date: June 9, 2022Inventors: Anthony Thomas Sofia, James M. Caffrey, Thomas Ginader, Elizabeth Santiago
-
Patent number: 11074514Abstract: Anomaly scores for respective message types in computer log data and confidence intervals for respective anomaly scores are calculated based on a number of appearances of respective message types in a plurality of models generated from a historical set of computer log data. Respective models of the plurality of models can have at least a portion of the historical set of computer log data excluded from the respective models. Respective anomaly scores and respective confidence intervals can be applied to a new set of log data to identify and troubleshoot unusual log data events.Type: GrantFiled: August 18, 2016Date of Patent: July 27, 2021Assignee: International Business Machines CorporationInventor: James M. Caffrey
-
Patent number: 10885462Abstract: Examples of techniques for determining an interval duration and a training period length for log anomaly detection are disclosed. In one example implementation according to aspects of the present disclosure, a computer-implemented method may include: determining, by a processing resource, an interval duration for a time series from a plurality of message IDs; and determining, by the processing resource, a training period length based on the interval duration.Type: GrantFiled: June 30, 2016Date of Patent: January 5, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventor: James M. Caffrey
-
Labelling intervals using system data to identify unusual activity in information technology systems
Patent number: 10664765Abstract: Embodiments include identifying unusual activity in an IT system based on user configurable message anomaly scoring. Aspects include receiving a message stream for the IT system and dividing the message stream into a plurality of intervals, wherein each interval corresponds to a time period. Aspects also include identifying and removing one or more intervals from the plurality of intervals that include a startup or a shutdown of an element of the IT system, identifying and removing one or more intervals from the plurality of intervals that correspond to a standard level of command activity and an elevated level of user complaint activity, and identifying and removing one or more intervals from the plurality of intervals that correspond to an elevated level of command activity and an standard level of user complaint activity. Aspects further include creating a training set of intervals that consists of the remaining labelled intervals.Type: GrantFiled: August 22, 2016Date of Patent: May 26, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventor: James M. Caffrey -
Patent number: 10558545Abstract: Techniques are described for monitoring a performance metric. A multiple modeling approach is used to improve predictive analysis by avoiding the issuance of warnings during spikes which occur as a part of normal system processing. This approach increases the accuracy of predictive analytics on a monitored computing system, does not require creating rules defining periodic processing cycles, reduces the amount of data required to perform predictive modeling, and reduces the amount of CPU required to perform predictive modeling.Type: GrantFiled: November 27, 2012Date of Patent: February 11, 2020Assignee: International Business Machines CorporationInventors: Karla K. Arndt, James M. Caffrey, Keyur Patel, Aspen L. Payton
-
Patent number: 10558544Abstract: Techniques are described for monitoring a performance metric. A multiple modeling approach is used to improve predictive analysis by avoiding the issuance of warnings during spikes which occur as a part of normal system processing. This approach increases the accuracy of predictive analytics on a monitored computing system, does not require creating rules defining periodic processing cycles, reduces the amount of data required to perform predictive modeling, and reduces the amount of CPU required to perform predictive modeling.Type: GrantFiled: February 14, 2011Date of Patent: February 11, 2020Assignee: International Business Machines CorporationInventors: Karla K. Arndt, James M. Caffrey, Keyur Patel, Aspen L. Payton
-
Patent number: 10169719Abstract: Embodiments include method, systems and computer program products for identifying unusual activity in an IT system based on user configurable message anomaly scoring. Aspects include receiving a message stream for the IT system and selecting a plurality of messages from the message stream that correspond to an interval. Aspects also include determining a message anomaly score for each of the plurality of the messages, wherein the message anomaly score for each of the plurality of the messages is determined to be one of a default message anomaly score and a custom message anomaly score and calculating an interval anomaly score for the interval by adding the message anomaly score for each of the plurality of the messages. Aspects further include identifying a priority level of the interval by comparing the interval anomaly score to one or more thresholds.Type: GrantFiled: October 20, 2015Date of Patent: January 1, 2019Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventor: James M. Caffrey
-
Publication number: 20180053106Abstract: Anomaly scores for respective message types in computer log data and confidence intervals for respective anomaly scores are calculated based on a number of appearances of respective message types in a plurality of models generated from a historical set of computer log data. Respective models of the plurality of models can have at least a portion of the historical set of computer log data excluded from the respective models. Respective anomaly scores and respective confidence intervals can be applied to a new set of log data to identify and troubleshoot unusual log data events.Type: ApplicationFiled: August 18, 2016Publication date: February 22, 2018Inventor: James M. Caffrey
-
Publication number: 20180053109Abstract: Anomaly scores for respective message types in computer log data and confidence intervals for respective anomaly scores are calculated based on a number of appearances of respective message types in a plurality of models generated from a historical set of computer log data. Respective models of the plurality of models can have at least a portion of the historical set of computer log data excluded from the respective models. Respective anomaly scores and respective confidence intervals can be applied to a new set of log data to identify and troubleshoot unusual log data events.Type: ApplicationFiled: August 3, 2017Publication date: February 22, 2018Inventor: James M. Caffrey
-
LABELLING INTERVALS USING SYSTEM DATA TO IDENTIFY UNUSUAL ACTIVITY IN INFORMATION TECHNOLOGY SYSTEMS
Publication number: 20180053117Abstract: Embodiments include identifying unusual activity in an IT system based on user configurable message anomaly scoring. Aspects include receiving a message stream for the IT system and dividing the message stream into a plurality of intervals, wherein each interval corresponds to a time period. Aspects also include identifying and removing one or more intervals from the plurality of intervals that include a startup or a shutdown of an element of the IT system, identifying and removing one or more intervals from the plurality of intervals that correspond to a standard level of command activity and an elevated level of user complaint activity, and identifying and removing one or more intervals from the plurality of intervals that correspond to an elevated level of command activity and an standard level of user complaint activity. Aspects further include creating a training set of intervals that consists of the remaining labelled intervals.Type: ApplicationFiled: August 22, 2016Publication date: February 22, 2018Inventor: JAMES M. CAFFREY -
Publication number: 20180005133Abstract: Examples of techniques for determining an interval duration and a training period length for log anomaly detection are disclosed. In one example implementation according to aspects of the present disclosure, a computer-implemented method may include: determining, by a processing resource, an interval duration for a time series from a plurality of message IDs; and determining, by the processing resource, a training period length based on the interval duration.Type: ApplicationFiled: June 30, 2016Publication date: January 4, 2018Inventor: James M. Caffrey
-
Patent number: 9772896Abstract: Embodiments include method, systems and computer program products for identifying unusual intervals in an information technology (IT) system. Aspects include training a log analysis system based on historical data for the IT system, the historical data including a plurality of intervals each having an interval anomaly score and receiving status messages from a plurality of pieces of IT equipment in the IT system. Aspects also include grouping the status messages into an interval and calculating an interval anomaly score for the interval and comparing the interval anomaly score with one or more priority level cutoffs created by the training and responsively generating an alert based on the comparison, wherein the alert indicates that the interval is unusual.Type: GrantFiled: March 10, 2016Date of Patent: September 26, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventor: James M. Caffrey
-
Patent number: 9772895Abstract: Embodiments include method, systems and computer program products for identifying unusual intervals in an information technology (IT) system. Aspects include training a log analysis system based on historical data for the IT system, the historical data including a plurality of intervals each having an interval anomaly score and receiving status messages from a plurality of pieces of IT equipment in the IT system. Aspects also include grouping the status messages into an interval and calculating an interval anomaly score for the interval and comparing the interval anomaly score with one or more priority level cutoffs created by the training and responsively generating an alert based on the comparison, wherein the alert indicates that the interval is unusual.Type: GrantFiled: October 20, 2015Date of Patent: September 26, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventor: James M. Caffrey
-
Publication number: 20170109654Abstract: Embodiments include method, systems and computer program products for identifying unusual intervals in an information technology (IT) system. Aspects include training a log analysis system based on historical data for the IT system, the historical data including a plurality of intervals each having an interval anomaly score and receiving status messages from a plurality of pieces of IT equipment in the IT system. Aspects also include grouping the status messages into an interval and calculating an interval anomaly score for the interval and comparing the interval anomaly score with one or more priority level cutoffs created by the training and responsively generating an alert based on the comparison, wherein the alert indicates that the interval is unusual.Type: ApplicationFiled: March 10, 2016Publication date: April 20, 2017Inventor: JAMES M. CAFFREY
-
Publication number: 20170111378Abstract: Embodiments include method, systems and computer program products for identifying unusual activity in an IT system based on user configurable message anomaly scoring. Aspects include receiving a message stream for the IT system and selecting a plurality of messages from the message stream that correspond to an interval. Aspects also include determining a message anomaly score for each of the plurality of the messages, wherein the message anomaly score for each of the plurality of the messages is determined to be one of a default message anomaly score and a custom message anomaly score and calculating an interval anomaly score for the interval by adding the message anomaly score for each of the plurality of the messages. Aspects further include identifying a priority level of the interval by comparing the interval anomaly score to one or more thresholds.Type: ApplicationFiled: October 20, 2015Publication date: April 20, 2017Inventor: JAMES M. CAFFREY
-
Publication number: 20170109221Abstract: Embodiments include method, systems and computer program products for identifying unusual intervals in an information technology (IT) system. Aspects include training a log analysis system based on historical data for the IT system, the historical data including a plurality of intervals each having an interval anomaly score and receiving status messages from a plurality of pieces of IT equipment in the IT system. Aspects also include grouping the status messages into an interval and calculating an interval anomaly score for the interval and comparing the interval anomaly score with one or more priority level cutoffs created by the training and responsively generating an alert based on the comparison, wherein the alert indicates that the interval is unusual.Type: ApplicationFiled: October 20, 2015Publication date: April 20, 2017Inventor: JAMES M. CAFFREY
-
Patent number: 9367802Abstract: Techniques are described for determining what node of a classification and regression tree (CART) should be used by a predictive analysis application. A first approach is to use a standard deviation of the data at a given the level of the CART to determine whether data in the next, lower node is more consistent than the data in the current node. A second approach is to measure a correlation between data points in a given node and the time at which each point was sampled (or other correlation metric) to identify a preferred node.Type: GrantFiled: December 5, 2012Date of Patent: June 14, 2016Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Karla K. Arndt, James M. Caffrey, Aspen L. Payton