Patents by Inventor Jeffrey C. Venable, Sr.
Jeffrey C. Venable, Sr. has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220035937Abstract: The present disclosure provides an approach for a blockchain system in which (a) data of past transactions can be removed from the storage of network nodes based on node permissions, and (b) in which data can be made invisible to users based on user-specific or group-specific permissions. The blockchain system stores cryptographic proofs of data on an immutable ledger. The data itself is maintained within the blockchain system such that it can be partially or fully removed, while maintaining the integrity of the ledger.Type: ApplicationFiled: October 14, 2021Publication date: February 3, 2022Inventors: Jeffrey C. VENABLE, SR., Ramanathan JAGADEESAN
-
Patent number: 11228452Abstract: The present disclosure provides an approach for a certificate authority (CA) that is distributed among nodes of a network, such that only a portion of the network nodes are required to sign and issue a digital certificate. Each node of the network includes a partial private key, the partial private key having been obtained by sharding the full private key. The sharding may be performed by a process known in the art, such as Shamir Secret Sharing and Distributed Key Generation. Systems that are inherently distributed may use the techniques herein to create a CA that is not centralized. The techniques herein leverage a database in the form of a distributed blockchain to store issued certificates and status of the certificates.Type: GrantFiled: September 16, 2019Date of Patent: January 18, 2022Assignee: Cisco Technology, Inc.Inventor: Jeffrey C. Venable, Sr.
-
Patent number: 11151261Abstract: The present disclosure provides an approach for a blockchain system in which (a) data of past transactions can be removed from the storage of network nodes based on node permissions, and (b) in which data can be made invisible to users based on user-specific or group-specific permissions. The blockchain system stores cryptographic proofs of data on an immutable ledger. The data itself is maintained within the blockchain system such that it can be partially or fully removed, while maintaining the integrity of the ledger.Type: GrantFiled: April 3, 2019Date of Patent: October 19, 2021Assignee: Cisco Technology, Inc.Inventors: Jeffrey C. Venable, Sr., Ramanathan Jagadeesan
-
Publication number: 20210083882Abstract: The present disclosure provides an approach for a certificate authority (CA) that is distributed among nodes of a network, such that only a portion of the network nodes are required to sign and issue a digital certificate. Each node of the network includes a partial private key, the partial private key having been obtained by sharding the full private key. The sharding may be performed by a process known in the art, such as Shamir Secret Sharing and Distributed Key Generation. Systems that are inherently distributed may use the techniques herein to create a CA that is not centralized. The techniques herein leverage a database in the form of a distributed blockchain to store issued certificates and status of the certificates.Type: ApplicationFiled: September 16, 2019Publication date: March 18, 2021Inventor: Jeffrey C. VENABLE, SR.
-
Publication number: 20200320204Abstract: The present disclosure provides an approach for a blockchain system in which (a) data of past transactions can be removed from the storage of network nodes based on node permissions, and (b) in which data can be made invisible to users based on user-specific or group-specific permissions. The blockchain system stores cryptographic proofs of data on an immutable ledger. The data itself is maintained within the blockchain system such that it can be partially or fully removed, while maintaining the integrity of the ledger.Type: ApplicationFiled: April 3, 2019Publication date: October 8, 2020Inventors: Jeffrey C. VENABLE, SR., Ramanathan JAGADEESAN
-
Patent number: 10075432Abstract: A device may include an authentication server and a server. The authentication server may receive a first form of a password from a client device in accordance with an authentication protocol, and authenticate the client device based on a comparison of the first form to a value derived from a second form of the password stored in a password database, where the comparison fails when the first form is not comparable to a value derived from the second form. The server may establish a secure connection to the client, receive a plain-text password from the client device over the secure connection, authenticate the client device by comparing a value derived from the plain-text password with a value derived from the second form, and update the password database with a third form of the password that permits the authentication server to successfully authenticate the client device when the authentication server receives the first form.Type: GrantFiled: July 13, 2016Date of Patent: September 11, 2018Assignee: Pulse Secure, LLCInventors: Andy Tsang, Roger A. Chickering, Clifford E. Kahn, Jeffrey C. Venable, Sr.
-
Patent number: 9602372Abstract: A device receives, from a managed device, endpoint information associated with an unmanaged device connected to the managed device in a network. The device also receives unmanaged device information that partially identifies the unmanaged device, and completely identifies the unmanaged device based on the endpoint information and the unmanaged device information.Type: GrantFiled: May 22, 2015Date of Patent: March 21, 2017Assignee: Pulse Secure, LLCInventor: Jeffrey C. Venable, Sr.
-
Publication number: 20160323263Abstract: A device may include an authentication server and a server. The authentication server may receive a first form of a password from a client device in accordance with an authentication protocol, and authenticate the client device based on a comparison of the first form to a value derived from a second form of the password stored in a password database, where the comparison fails when the first form is not comparable to a value derived from the second form. The server may establish a secure connection to the client, receive a plain-text password from the client device over the secure connection, authenticate the client device by comparing a value derived from the plain-text password with a value derived from the second form, and update the password database with a third form of the password that permits the authentication server to successfully authenticate the client device when the authentication server receives the first form.Type: ApplicationFiled: July 13, 2016Publication date: November 3, 2016Inventors: Andy Tsang, Roger A. Chickering, Clifford E. Kahn, Jeffrey C. Venable, SR.
-
Patent number: 9401913Abstract: A device may include an authentication server and a server. The authentication server may receive a first form of a password from a client device in accordance with an authentication protocol, and authenticate the client device based on a comparison of the first form to a value derived from a second form of the password stored in a password database, where the comparison fails when the first form is not comparable to a value derived from the second form. The server may establish a secure connection to the client, receive a plain-text password from the client device over the secure connection, authenticate the client device by comparing a value derived from the plain-text password with a value derived from the second form, and update the password database with a third form of the password that permits the authentication server to successfully authenticate the client device when the authentication server receives the first form.Type: GrantFiled: March 17, 2015Date of Patent: July 26, 2016Assignee: Pulse Secure, LLCInventors: Andy Tsang, Roger A. Chickering, Clifford E. Kahn, Jeffrey C. Venable, Sr.
-
Patent number: 9398010Abstract: In general, techniques are described for provisioning layer two access in computer networks. A network device located in a public network comprising an interface and a control unit may implement the techniques. The interface establishes a session with a mobile device. The control unit requests security state data identifying a security state of the mobile device via the established session. The interface receives a mobile device identifier and the security state data from the mobile device via the session. The mobile device identifier identifies the mobile device. The control unit publishes the security state information to a database such that the security state information is associated with the mobile device identifier.Type: GrantFiled: March 23, 2015Date of Patent: July 19, 2016Assignee: Pulse Secure LLCInventors: Roger A. Chickering, Jeffrey C. Venable, Sr.
-
Publication number: 20150256426Abstract: A device receives, from a managed device, endpoint information associated with an unmanaged device connected to the managed device in a network. The device also receives unmanaged device information that partially identifies the unmanaged device, and completely identifies the unmanaged device based on the endpoint information and the unmanaged device information.Type: ApplicationFiled: May 22, 2015Publication date: September 10, 2015Inventor: Jeffrey C. Venable, SR.
-
Publication number: 20150195273Abstract: A device may include an authentication server and a server. The authentication server may receive a first form of a password from a client device in accordance with an authentication protocol, and authenticate the client device based on a comparison of the first form to a value derived from a second form of the password stored in a password database, where the comparison fails when the first form is not comparable to a value derived from the second form. The server may establish a secure connection to the client, receive a plain-text password from the client device over the secure connection, authenticate the client device by comparing a value derived from the plain-text password with a value derived from the second form, and update the password database with a third form of the password that permits the authentication server to successfully authenticate the client device when the authentication server receives the first form.Type: ApplicationFiled: March 17, 2015Publication date: July 9, 2015Inventors: Andy Tsang, Roger A. Chickering, Clifford E. Kahn, Jeffrey C. Venable, SR.
-
Patent number: 9071530Abstract: A device receives, from a managed device, endpoint information associated with an unmanaged device connected to the managed device in a network. The device also receives unmanaged device information that partially identifies the unmanaged device, and completely identifies the unmanaged device based on the endpoint information and the unmanaged device information.Type: GrantFiled: January 22, 2013Date of Patent: June 30, 2015Assignee: Pulse Secure, LLCInventor: Jeffrey C. Venable, Sr.
-
Patent number: 9001999Abstract: A device may include an authentication server and a server. The authentication server may receive a first form of a password from a client in accordance with an authentication protocol, and authenticate the client based on a comparison of the first form to a value derived from a second form of the password stored in a password database. The comparison fails when the first form is not comparable to a value derived from the second form. The server may establish a secure connection to the client, receive a plain-text password from the client over the secure connection, authenticate the client by comparing a value derived from the plain-text password with a value derived from the second form, and update the password database with a third form of the password that permits the authentication server to successfully authenticate the client when the authentication server receives the first form.Type: GrantFiled: December 6, 2011Date of Patent: April 7, 2015Assignee: Pulse Secure, LLCInventors: Andy Tsang, Roger A. Chickering, Clifford E. Kahn, Jeffrey C. Venable, Sr.
-
Patent number: 8990891Abstract: In general, techniques are described for provisioning layer two access in computer networks. A network device located in a public network comprising an interface and a control unit may implement the techniques. The interface establishes a session with a mobile device. The control unit requests security state data identifying a security state of the mobile device via the established session. The interface receives a mobile device identifier and the security state data from the mobile device via the session. The mobile device identifier identifies the mobile device. The control unit publishes the security state information to a database such that the security state information is associated with the mobile device identifier.Type: GrantFiled: June 22, 2011Date of Patent: March 24, 2015Assignee: Pulse Secure, LLCInventors: Roger A. Chickering, Jeffrey C. Venable, Sr.
-
Patent number: 8806567Abstract: A user device receives a captured image of an encoded identifier, analyzes the encoded identifier via the captured image, and extracts, based on the analysis, network access configuration data from the encoded identifier. The user device provides the network access configuration data to a network access control (NAC) device, and receives, based on the network access configuration data, access to the NAC device. The user device permits the NAC device to inspect the user device via the access to the NAC device, and receives, based on the inspection of the user device, access to a network.Type: GrantFiled: December 16, 2010Date of Patent: August 12, 2014Assignee: Juniper Networks, Inc.Inventor: Jeffrey C. Venable, Sr.
-
Publication number: 20130132569Abstract: A device receives, from a managed device, endpoint information associated with an unmanaged device connected to the managed device in a network. The device also receives unmanaged device information that partially identifies the unmanaged device, and completely identifies the unmanaged device based on the endpoint information and the unmanaged device information.Type: ApplicationFiled: January 22, 2013Publication date: May 23, 2013Applicant: JUNIPER NETWORKS, INC.Inventor: Jeffrey C. VENABLE, Sr.
-
Patent number: 8402301Abstract: A device may include a processor to execute a thread. The processor may be further configured to execute a set of wrappers that are called from within the thread to invoke a set of one-shot signal objects to generate delayed signals. Each of the set of wrappers may be configured to detect whether different ones of one-shot signal objects that were invoked from within the thread have generated signals at periodic time intervals, determine a delay to be used for invoking one of the set of one-shot signal objects, and invoke the one of the set of one-shot signal object to generate one of the delayed signals based on the delay when the different ones of one-shot signal objects have generated signals at periodic time intervals. The processor may be further configured to receive the delayed signals generated from the set of one-shot signal objects over a time period.Type: GrantFiled: December 29, 2010Date of Patent: March 19, 2013Assignee: Juniper Networks, Inc.Inventor: Jeffrey C. Venable, Sr.
-
Patent number: 8375117Abstract: A device receives, from a managed device, endpoint information associated with an unmanaged device connected to the managed device in a network. The device also receives unmanaged device information that partially identifies the unmanaged device, and completely identifies the unmanaged device based on the endpoint information and the unmanaged device information.Type: GrantFiled: April 28, 2010Date of Patent: February 12, 2013Assignee: Juniper Networks, Inc.Inventor: Jeffrey C. Venable, Sr.
-
Patent number: 8312540Abstract: In general, the invention is directed toward techniques for controlling access to a network or other computing resource in order to slow down the execution of a password attack while providing minimal obstruction to normal network activity. The method includes generating a history of successful network logins, detecting symptoms of a network password attack, and activating countermeasures in response to the detection. The method further includes receiving a valid login request from the user while the countermeasures are activated and analyzing the history of successful network logins to determine whether the valid login request satisfies a match condition. The method further includes granting the user access to the network when the valid login request satisfies the match condition and denying the user access to the network when the valid login request does not satisfy the match condition even though the valid login request contains a valid username and a valid password.Type: GrantFiled: August 26, 2008Date of Patent: November 13, 2012Assignee: Juniper Networks, Inc.Inventors: Clifford E. Kahn, Jeffrey C. Venable, Sr., Roger A. Chickering