Patents by Inventor James Russell Godwin
James Russell Godwin has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8972475Abstract: Secure communications are provided over a network in a distributed workload environment having target hosts which are accessed through a distribution processor by a common network address. Secure communications are provided by routing both inbound and outbound communications with target hosts which are associated with a secure network communication through the distribution processor. Both inbound and outbound secure network communications are processed at the distribution processor so as to provide network security processing of communications from the target host and network security processing of communications to the target host.Type: GrantFiled: December 21, 2007Date of Patent: March 3, 2015Assignee: International Business Machines CorporationInventors: James Russell Godwin, David Anthony Herr, Linwood H. Overby, Jr.
-
Patent number: 7519721Abstract: Methods, systems and computer program products provide Internet Protocol Security (IPSec) to a plurality of target hosts in a cluster of data processing systems which communicate with a network through a routing communication protocol stack utilizing a dynamically routable Virtual Internet Protocol Address (DVIPA) by negotiating security associations (SAs) associated with the DVIPA utilizing an Internet Key Exchange (IKE) component associated with the routing communication protocol stack and distributing information about the negotiated SAs to the target hosts so as to allow the target hosts to perform IPSec processing of communications from the network utilizing the negotiated SAs.Type: GrantFiled: April 4, 2008Date of Patent: April 14, 2009Assignee: International Business Machines CorporationInventors: James Russell Godwin, Linwood H. Overby, Jr.
-
Patent number: 7426566Abstract: Methods, systems and computer program products provide Internet Protocol Security (IPSec) to a plurality of target hosts in a cluster of data processing systems which communicate with a network through a routing communication protocol stack utilizing a dynamically routable Virtual Internet Protocol Address (DVIPA) by negotiating security associations (SAs) associated with the DVIPA utilizing an Internet Key Exchange (IKE) component associated with the routing communication protocol stack and distributing information about the negotiated SAs to the target hosts so as to allow the target hosts to perform IPSec processing of communications from the network utilizing the negotiated SAs.Type: GrantFiled: January 17, 2001Date of Patent: September 16, 2008Assignee: International Business Machines CorporationInventors: James Russell Godwin, Linwood H. Overby, Jr.
-
Publication number: 20080189428Abstract: Methods, systems and computer program products provide Internet Protocol Security (IPSec) to a plurality of target hosts in a cluster of data processing systems which communicate with a network through a routing communication protocol stack utilizing a dynamically routable Virtual Internet Protocol Address (DVIPA) by negotiating security associations (SAs) associated with the DVIPA utilizing an Internet Key Exchange (IKE) component associated with the routing communication protocol stack and distributing information about the negotiated SAs to the target hosts so as to allow the target hosts to perform IPSec processing of communications from the network utilizing the negotiated SAs.Type: ApplicationFiled: April 4, 2008Publication date: August 7, 2008Inventors: James Russell Godwin, Linwood H. Overby
-
Patent number: 7340530Abstract: Secure communications are provided over a network in a distributed workload environment having target hosts which are accessed through a distribution processor by a common network address. Secure communications are provided by routing both inbound and outbound communications with target hosts which are associated with a secure network communication through the distribution processor. Both inbound and outbound secure network communications are processed at the distribution processor so as to provide network security processing of communications from the target host and network security processing of communications to the target host.Type: GrantFiled: January 17, 2001Date of Patent: March 4, 2008Assignee: International Business Machines CorporationInventors: James Russell Godwin, David Anthony Herr, Linwood H. Overby, Jr.
-
Patent number: 7146432Abstract: Methods, systems and computer program products provide for recovering from the failure of a primary distribution processor which provides secure communications over a network in a distributed workload environment having target hosts which are accessed through the primary distribution processor by a common network address. Information sufficient to restart communications through the primary distribution processor utilizing network security is provided to a backup distribution processor. Failure of the primary distribution processor is detected and the communications utilizing network security restarted at the backup distribution processor utilizing the provided information. Both inbound and outbound communications with target hosts utilizing the common network address and which are associated with a secure network communication are then routed through the backup distribution processor.Type: GrantFiled: January 17, 2001Date of Patent: December 5, 2006Assignee: International Business Machines CorporationInventors: Mark L. Antes, James Russell Godwin, David Anthony Herr, Linwood H. Overby, Jr., David J. Wierbowski
-
Patent number: 7107350Abstract: Methods, systems and computer program products provide Internet Protocol Security (IPSec) to a plurality of target hosts in a cluster of data processing systems which communicate with a network through a routing communication protocol stack utilizing a dynamically routable Virtual Internet Protocol Address (DVIPA) for communications from the plurality of target hosts by negotiating security associations (SAs) associated with the DVIPA utilizing an Internet Key Exchange (IKE) component associated with the routing communication protocol stack and distributing information about the negotiated SAs to the target hosts so as to allow the target hosts to perform IPSec processing of communications to the network utilizing the negotiated SAs. Communications to the network are IPSec processed utilizing the distributed information at communication protocol stacks at respective ones of the plurality of target hosts.Type: GrantFiled: January 17, 2001Date of Patent: September 12, 2006Assignee: International Business Machines CorporationInventors: James Russell Godwin, Linwood H. Overby, Jr.
-
Patent number: 6941366Abstract: Methods, systems and computer program products provide for transferring network security based communications from a first distribution processor, which provides secure communications over a network in a distributed workload environment having target hosts which are accessed through the first distribution processor by a common network address, to a second distribution processor. Information sufficient to restart the transferred network security based communications at the second distribution processor is provided. Takeover of the common address by the second distribution processor is detected and existing network security based communications to the first distribution processor are terminated. The transferred communications are restarted at the second distribution processor utilizing the provided information. Both inbound and outbound network security based communications with target hosts utilizing the common network address are routed through the second distribution processor.Type: GrantFiled: January 17, 2001Date of Patent: September 6, 2005Assignee: International Business Machines CorporationInventors: Mark L. Antes, James Russell Godwin, David Anthony Herr, Linwood H. Overby, Jr., David J. Wierbowski
-
Publication number: 20040230901Abstract: A portal server system and method is provided. The portal server system can include a portal coupled to one or more portlets, each portlet having associated portlet rendering logic. The system also can include a portlet aggregator communicatively linked to the portlet rendering logic. Finally, a visual service extension to the portlet aggregator can be provided. The visual service extension can be programmed to process the portlet rendering logic to transform visual stye attributes in the portlet rendering logic into markup language tags which can be rendered for display in a specified type of pervasive agent. In any event, preferably, the portlet rendering logic can be a Java server page (JSP).Type: ApplicationFiled: May 15, 2003Publication date: November 18, 2004Applicant: International Business Machines CorporationInventors: James Russell Godwin, Michael C. Wanderski
-
Patent number: 6754832Abstract: Ipsec rules are searched in order from rules containing the most specificity to those containing the least specificity of attributes. The static rules include placeholders for sets of dynamic rules. Dynamic rules are searched only if a placeholder is the first matching rule in the static table. For connection oriented protocols, security rule binding information is stored in association with the connection. This allows the searching of the rules to be performed only when a connection is first established. If a static or dynamic rule is changed during a connection, a search is repeated. For selected connectionless protocols, packets are treated as if they were part of a simulated connection. A pseudo-connection memory block is allocated with the creation of each socket and Ipsec security binding information is stored in the pseudo-connection memory block on a first packet.Type: GrantFiled: August 12, 1999Date of Patent: June 22, 2004Assignee: International Business Machines CorporationInventors: James Russell Godwin, Linwood Hugh Overby, Jr., Richard Allen Wenklar
-
Patent number: 6715081Abstract: Ipsec rules are searched in order from rules containing the most specificity to those containing the least specificity of attributes. The static rules include placeholders for sets of dynamic rules. Dynamic rules are searched only if a placeholder is the first matching rule in the static table. Sets of dynamic rules are partitioned into separate groups. Within each group there is no rule order dependence. Each such group is searched with an enhanced search mechanism, such as a search tree. For connection oriented protocols, security rule binding information is stored in association with the connection. This allows the searching of the rules to be performed only when a connection is first established. If a static or dynamic rule is changed during a connection, a search is repeated. For selected connectionless protocols, packets are treated as if they were part of a simulated connection.Type: GrantFiled: August 12, 1999Date of Patent: March 30, 2004Assignee: International Business Machines CorporationInventors: Kira Sterling Attwood, James Russell Godwin, Linwood Hugh Overby, Jr., Brian Sean Perry, David John Wierbowski
-
Publication number: 20030018813Abstract: Methods, systems and computer program products provide for recovering from the failure of a primary distribution processor which provides secure communications over a network in a distributed workload environment having target hosts which are accessed through the primary distribution processor by a common network address. Information sufficient to restart communications through the primary distribution processor utilizing network security is provided to a backup distribution processor. Failure of the primary distribution processor is detected and the communications utilizing network security restarted at the backup distribution processor utilizing the provided information. Both inbound and outbound communications with target hosts utilizing the common network address and which are associated with a secure network communication are then routed through the backup distribution processor.Type: ApplicationFiled: January 17, 2001Publication date: January 23, 2003Inventors: Mark L. Antes, James Russell Godwin, David Anthony Herr, Linwood H. Overby, David J. Wierbowski
-
Patent number: 6505192Abstract: IPSec rules are searched in an improved manner to reduce processing overhead. For selected connectionless protocols, packets are treated as if they were part of a simulated connection. A pseudo-connection memory block is allocated with the creation of each socket and IPSec security binding information is stored in the pseudo-connection memory block on a first packet. Thereafter, as long as the source address and port in incoming packets on the same socket or destination address and port in outgoing packets on the same socket remain the same, the packets are treated as part of a simulated connection. The security rules are not searched again until the simulated connection terminates or the static rule table is modified. In the preferred embodiment, security binding is made only to the static rule or placeholder.Type: GrantFiled: August 12, 1999Date of Patent: January 7, 2003Assignee: International Business Machines CorporationInventors: James Russell Godwin, David Andrew Jones, Linwood Hugh Overby, Jr., Richard Allen Wenklar
-
Publication number: 20020133602Abstract: Methods, systems and computer program products provide Internet Protocol Security (IPSec) to a plurality of target hosts in a cluster of data processing systems which communicate with a network through a routing communication protocol stack utilizing a dynamically routable Virtual Internet Protocol Address (DVIPA) for communications from the plurality of target hosts by negotiating security associations (SAs) associated with the DVIPA utilizing an Internet Key Exchange (IKE) component associated with the routing communication protocol stack and distributing information about the negotiated SAs to the target hosts so as to allow the target hosts to perform IPSec processing of communications to the network utilizing the negotiated SAs. Communications to the network are IPSec processed utilizing the distributed information at communication protocol stacks at respective ones of the plurality of target hosts.Type: ApplicationFiled: January 17, 2001Publication date: September 19, 2002Inventors: James Russell Godwin, Linwood H. Overby
-
Publication number: 20020133608Abstract: Methods, systems and computer program products provide Internet Protocol Security (IPSec) to a plurality of target hosts in a cluster of data processing systems which communicate with a network through a routing communication protocol stack utilizing a dynamically routable Virtual Internet Protocol Address (DVIPA) by negotiating security associations (SAs) associated with the DVIPA utilizing an Internet Key Exchange (IKE) component associated with the routing communication protocol stack and distributing information about the negotiated SAs to the target hosts so as to allow the target hosts to perform IPSec processing of communications from the network utilizing the negotiated SAs.Type: ApplicationFiled: January 17, 2001Publication date: September 19, 2002Inventors: James Russell Godwin, Linwood H. Overby
-
Publication number: 20020095496Abstract: Methods, systems and computer program products provide for transferring network security based communications from a first distribution processor, which provides secure communications over a network in a distributed workload environment having target hosts which are accessed through the first distribution processor by a common network address, to a second distribution processor. Information sufficient to restart the transferred network security based communications at the second distribution processor is provided. Takeover of the common address by the second distribution processor is detected and existing network security based communications to the first distribution processor are terminated. The transferred communications are restarted at the second distribution processor utilizing the provided information. Both inbound and outbound network security based communications with target hosts utilizing the common network address are routed through the second distribution processor.Type: ApplicationFiled: January 17, 2001Publication date: July 18, 2002Inventors: Mark L. Antes, James Russell Godwin, David Anthony Herr, Linwood H. Overby, David J. Wierbowski
-
Publication number: 20020095603Abstract: Methods, systems and computer program products provide secure communications over a network in a distributed workload environment having target hosts which are accessed through a distribution processor by a common network address. Secure communications are provided by routing both inbound and outbound communications with target hosts which are associated with a secure network communication through the distribution processor. Both inbound and outbound secure network communications are processed at the distribution processor so as to provide network security processing of communications from the target host and network security processing of communications to the target host.Type: ApplicationFiled: January 17, 2001Publication date: July 18, 2002Inventors: James Russell Godwin, David Anthony Herr, Linwood H. Overby
-
Patent number: 6347376Abstract: Ipsec rules are searched in order from rules containing the most specificity of attributes to those containing the least specificity of attributes. The static rules include placeholders for sets of dynamic rules. The placeholders in the static table immediately precede and point to an associated set of dynamic rules. Dynamic rules are searched only if a placeholder is found to be the first matching rule in the static table. Sets of dynamic rules are partitioned into separate groups. Within each group there is no rule order dependence. Each such group is searched with an enhanced search mechanism, such as a search tree. Searching is further improved by searching at layers higher than the IP layer.Type: GrantFiled: August 12, 1999Date of Patent: February 12, 2002Assignee: International Business Machines Corp.Inventors: Kira Sterling Attwood, James Russell Godwin, Linwood Hugh Overby, Jr., Brian Sean Perry, David John Wierbowski