Patents by Inventor Jayashree Ramanathan
Jayashree Ramanathan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10839011Abstract: Aspects generate application programming interface documents, wherein processors are configured to scan application programming interface code from representational state transfer request and from server-side responses, map matching application programming interface language definitions within a formal language definition database to matching language definition code values within the scanned code, and map matching object types within an application programming interface object type database to matching object code values within the scanned code.Type: GrantFiled: April 18, 2018Date of Patent: November 17, 2020Assignee: International Business Machines CorporationInventors: Alessandro Ghezzi, Giuseppe Ciano, Gianluca Bernardini, Jon P. Weiser, Matt Hartenbower, Jayashree Ramanathan
-
Publication number: 20190325074Abstract: Aspects generate application programming interface documents, wherein processors are configured to scan application programming interface code from representational state transfer request and from server-side responses, map matching application programming interface language definitions within a formal language definition database to matching language definition code values within the scanned code, and map matching object types within an application programming interface object type database to matching object code values within the scanned code.Type: ApplicationFiled: April 18, 2018Publication date: October 24, 2019Inventors: Alessandro Ghezzi, GIUSEPPE CIANO, Gianluca Bernardini, Jon P. Weiser, Matt Hartenbower, Jayashree Ramanathan
-
Patent number: 10432666Abstract: A method of policy management in a Data Loss Prevention (DLP) system uses a policy model that associates a user with one or more DLP endpoints. When an endpoint is added to the system, a set of policies for that endpoint are determined using an identity of the user that is associated with the endpoint and a list of roles or groups for that user. At policy distribution time, the method determines a set of endpoints to which the policy is to be distributed.Type: GrantFiled: April 8, 2016Date of Patent: October 1, 2019Assignee: Sailpoint Technology Holdings, Inc.Inventors: Neil Ian Readshaw, Jayashree Ramanathan, Gavin George Bray
-
Patent number: 9460277Abstract: An identity of a user performing an operation with respect to an application is propagated, from a point at which the user authenticates, to one or more other applications in a multi-product environment. The application may be a management console associated with an information cluster. In an embodiment, an administrator logs on to a management console (using an identity) and invokes a management operation. The management console then performs a programmatic remote access login (e.g., using SSH/RXA) to one or more nodes using a system account, invokes an application, and passes in the identity. As the application performs one or more management operations, audit events are logged, and these events each contain the identity that has been passed in by the management console during the SSH/RXA login.Type: GrantFiled: December 6, 2010Date of Patent: October 4, 2016Assignee: International Business Machines CorporationInventors: Christian Bolik, Neeta Garimella, Jayashree Ramanathan, Markus Rohwedder, Zhiguo Huang
-
Publication number: 20160226918Abstract: A method of policy management in a Data Loss Prevention (DLP) system uses a policy model that associates a user with one or more DLP endpoints. When an endpoint is added to the system, a set of policies for that endpoint are determined using an identity of the user that is associated with the endpoint and a list of roles or groups for that user. At policy distribution time, the method determines a set of endpoints to which the policy is to be distributed.Type: ApplicationFiled: April 8, 2016Publication date: August 4, 2016Applicant: International Business Machines CorporationInventors: Neil Ian Readshaw, Jayashree Ramanathan, Gavin George Bray
-
Patent number: 9311495Abstract: A method of policy management in a Data Loss Prevention (DLP) system uses a policy model that associates a user with one or more DLP endpoints. When an endpoint is added to the system, a set of policies for that endpoint are determined using an identity of the user that is associated with the endpoint and a list of roles or groups for that user. At policy distribution time, the method determines a set of endpoints to which the policy is to be distributed.Type: GrantFiled: December 9, 2010Date of Patent: April 12, 2016Assignee: International Business Machines CorporationInventors: Neil Ian Readshaw, Jayashree Ramanathan, Gavin George Bray
-
Patent number: 8590019Abstract: Authentication with credentials in a Java messaging service (“JMS”), including providing pre-authenticated credentials for a Java security domain for a user application and creating a JMS connection for the user application, including accepting the pre-authenticated credentials in a JMS connection function and authenticating the user application for the JMS in dependence upon the pre-authenticated credentials. Typical embodiments of the present invention also include caching the pre-authenticated credentials in the user application. Many embodiments also include caching the pre-authenticated credentials in a middleware security application.Type: GrantFiled: June 3, 2004Date of Patent: November 19, 2013Assignee: International Business Machines CorporationInventors: Aziza Faruqi, Jayashree Ramanathan, Neil Readshaw, Bruce Rich
-
Patent number: 8539562Abstract: One disclosed aspect of the present invention includes authentication and user account automation within a compute cluster for each cluster node that requires password or other credential administration. For example, a storage appliance computing system may rely on a plurality of subsystems (such as databases, storage management software, and application servers) that each have internal user accounts with associated passwords and credential keys that need to be changed at frequent intervals. Rather than requiring an administrator to manually manage all of these accounts, the presently described invention includes techniques and an authentication manager component to automatically manage, update, and refresh authentication information as required. Further, the authentication manager component may be used to perform and propagate automatic credential changes such as new sets of SSH keys or updated passwords as required within a computing system, and respond to new nodes or out-of-sync credentialing scenarios.Type: GrantFiled: December 9, 2010Date of Patent: September 17, 2013Assignee: International Business Machines CorporationInventors: Christian Bolik, Neeta Garimella, Zhiguo Huang, Erick C. Kissel, Jayashree Ramanathan
-
Publication number: 20120151563Abstract: One disclosed aspect of the present invention includes authentication and user account automation within a compute cluster for each cluster node that requires password or other credential administration. For example, a storage appliance computing system may rely on a plurality of subsystems (such as databases, storage management software, and application servers) that each have internal user accounts with associated passwords and credential keys that need to be changed at frequent intervals. Rather than requiring an administrator to manually manage all of these accounts, the presently described invention includes techniques and an authentication manager component to automatically manage, update, and refresh authentication information as required. Further, the authentication manager component may be used to perform and propagate automatic credential changes such as new sets of SSH keys or updated passwords as required within a computing system, and respond to new nodes or out-of-sync credentialing scenarios.Type: ApplicationFiled: December 9, 2010Publication date: June 14, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Christian Bolik, Neeta Garimella, Zhiguo Huang, Erick C. Kissel, Jayashree Ramanathan
-
Publication number: 20120151551Abstract: A method of policy management in a Data Loss Prevention (DLP) system uses a policy model that associates a user with one or more DLP endpoints. When an endpoint is added to the system, a set of policies for that endpoint are determined using an identity of the user that is associated with the endpoint and a list of roles or groups for that user. At policy distribution time, the method determines a set of endpoints to which the policy is to be distributed.Type: ApplicationFiled: December 9, 2010Publication date: June 14, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Neil Ian Readshaw, Jayashree Ramanathan, Gavin George Bray
-
Publication number: 20120144453Abstract: An identity of a user performing an operation with respect to an application is propagated, from a point at which the user authenticates, to one or more other applications in a multi-product environment. The application may be a management console associated with an information cluster. In an embodiment, an administrator logs on to a management console (using an identity) and invokes a management operation. The management console then performs a programmatic remote access login (e.g., using SSH/RXA) to one or more nodes using a system account, invokes an application, and passes in the identity. As the application performs one or more management operations, audit events are logged, and these events each contain the identity that has been passed in by the management console during the SSH/RXA login.Type: ApplicationFiled: December 6, 2010Publication date: June 7, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Christian Bolik, Neeta Garimella, Jayashree Ramanathan, Markus Rohwedder, Zhiguo Huang
-
Patent number: 7519610Abstract: A computer implemented method, apparatus, and computer usable program code for processing event data. In response to receiving an event, a size of the event data for the event is compared to a threshold size to form a comparison. The information about an event and event data is stored in a first entry in a main table in a database if the comparison indicates that the size of the event data is one that can be stored in the main table. The information about the event is placed in the first entry in the main table if the size is greater than the threshold size. The event data is stored in a second entry in an overflow table if the size is greater than the threshold size, wherein the entry includes a pointer to the first entry. The main table and overflow table form a live set and hold the current live data.Type: GrantFiled: November 15, 2006Date of Patent: April 14, 2009Assignee: International Business Machines CorporationInventors: Ovidiu Gheorghioiu, Christian Lita, Karthikeyan Ramamoorthy, Jayashree Ramanathan
-
Patent number: 7475090Abstract: A computer implemented method, apparatus, and computer usable program code for creating normalized data from markup language data. User defined parameters are received for retrieving event data, wherein the parameters define a type of event and a subset of attributes for the type of event. In response to receiving the parameters, a process is configured using the type of event and the subset of attributes for the type of event to form a configured process. A set of records is processed using the configured process, wherein the configured process places data corresponding to each attribute in the subset of attributes for the type of event from the set of records into a table to form the normalized data.Type: GrantFiled: November 15, 2006Date of Patent: January 6, 2009Assignee: International Business Machines CorporationInventors: Ovidiu Gheorghioiu, Christian Lita, Ernest R. Plassmann, Karthikeyan Ramamoorthy, Jayashree Ramanathan
-
Publication number: 20080114802Abstract: A computer implemented method, apparatus, and computer usable program code for creating normalized data from markup language data. User defined parameters are received for retrieving event data, wherein the parameters define a type of event and a subset of attributes for the type of event. In response to receiving the parameters, a process is configured using the type of event and the subset of attributes for the type of event to form a configured process. A set of records is processed using the configured process, wherein the configured process places data corresponding to each attribute in the subset of attributes for the type of event from the set of records into a table to form the normalized data.Type: ApplicationFiled: November 15, 2006Publication date: May 15, 2008Inventors: Ovidiu Gheorghioiu, Christian Lita, Ernst R. Plassmann, Karthikeyan Ramamoorthy, Jayashree Ramanathan
-
Publication number: 20080114817Abstract: A computer implemented method, apparatus, and computer usable program code for processing event data. In response to receiving an event, a size of the event data for the event is compared to a threshold size to form a comparison. The information about an event and event data is stored in a first entry in a main table in a database if the comparison indicates that the size of the event data is one that can be stored in the main table. The information about the event is placed in the first entry in the main table if the size is greater than the threshold size. The event data is stored in a second entry in an overflow table if the size is greater than the threshold size, wherein the entry includes a pointer to the first entry. The main table and overflow table form a live set and hold the current live data.Type: ApplicationFiled: November 15, 2006Publication date: May 15, 2008Inventors: Ovidiu Gheorghioiu, Christian Lita, Karthikeyan Ramamoorthy, Jayashree Ramanathan
-
Publication number: 20050273495Abstract: Authentication with credentials in a Java messaging service (“JMS”), including providing pre-authenticated credentials for a Java security domain for a user application and creating a JMS connection for the user application, including accepting the pre-authenticated credentials in a JMS connection function and authenticating the user application for the JMS in dependence upon the pre-authenticated credentials. Typical embodiments of the present invention also include caching the pre-authenticated credentials in the user application. Many embodiments also include caching the pre-authenticated credentials in a middleware security application.Type: ApplicationFiled: June 3, 2004Publication date: December 8, 2005Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Aziza Faruqi, Jayashree Ramanathan, Neil Readshaw, Bruce Rich
-
Patent number: 6058414Abstract: A system, method and program product enabling applications to be dynamically bound to resources as required by an application. Resource access exceptions are intercepted and, where access is authorized, cause the application to be bound to one of a plurality of processors linked in an asymmetric multiple processor configuration which has access to the resource required. If access is not permitted, an error is generated. Applications may invoke operating system application programming interfaces to register requirements for access to particular resources and to receive operating system feedback on resource assignment conflicts and potential processor thrashing situations. The operating system maintains a list of mapping processors to resources and manages the authorization of resource access by applications. Application processes are dynamically bound to a particular processor as necessary to meet resource requirements.Type: GrantFiled: January 7, 1998Date of Patent: May 2, 2000Assignee: International Business Machines CorporationInventors: Ravindranath Kasinath Manikundalam, Jayashree Ramanathan
-
Patent number: 6003075Abstract: Configuration changes are dynamically applied to a cluster multiprocessing system by enqueuing a configuration change event. When the configuration change event is processed, the prior configuration is backed up and each software component applies a relevant portion of a configuration change transaction in an ordered, synchronized manner. Each software component applies its portion of the transaction either by reinitialization or a logged transition operation. If the configuration change transaction fails, the software components roll back the portions, of the configuration change already applied in an ordered, synchronized manner to restore the prior configuration. Multiple events for different configuration changes may be enqueued.Type: GrantFiled: July 7, 1997Date of Patent: December 14, 1999Assignee: International Business Machines CorporationInventors: James W. Arendt, Ching-Yun Chao, Michael David Kistler, Frank Daniel Lawlor, Rodolfo Augusto Mancisidor, Jayashree Ramanathan, Hovey Raymond Strong
-
Patent number: 5961650Abstract: A user definable set of event rollup relationships are maintained as a configuration element. Transitive closure of event rollup relationships is checked at the time of specification to detect cycles and prevent runtime errors. When an event to be processed is detected, the event is compared to defined rollup relationships and queued events to determined if the detected event may be rolled up into at least one queued event or vice versa. If the detected event may be rolled up into a queued event, the detected event is not queued. When any of the queued event may be rolled up into the detected event, the queued events are deleted if processing has not already begun.Type: GrantFiled: July 9, 1997Date of Patent: October 5, 1999Assignee: International Business Machines CorporationInventors: James W. Arendt, Rodolfo Augusto Mancisidor, Jayashree Ramanathan