Patents by Inventor Kenneth S. Beck

Kenneth S. Beck has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10205641
    Abstract: A method and related apparatus for performing inspection of flows within a software defined network includes identifying a security appliance within a software defined network, identifying candidate traffic flows flowing in the software defined network to be inspected, selecting one of the candidate traffic flows for security inspection, and communicating with a software defined network controller to cause the one of the candidate traffic flows to be redirected towards the security appliance for inspection or to cause the one of the candidate traffic flows to be copied and a resulting copy thereof forwarded to the security appliance for inspection.
    Type: Grant
    Filed: July 17, 2015
    Date of Patent: February 12, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: David McGrew, Kenneth S. Beck
  • Publication number: 20170118287
    Abstract: A computer system with read/write access to storage devices creates a snapshot of a data volume at a point in time while continuing to accept access requests to the mirrored data volume by copying before making changes to the base data volume. Multiple snapshots may be made of the same data volume at different points in time. Only data that is not stored in a previous snapshot volume or in the base data volume are stored in the most recent snapshot volume.
    Type: Application
    Filed: November 1, 2016
    Publication date: April 27, 2017
    Inventor: Kenneth S. Beck
  • Publication number: 20170026378
    Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.
    Type: Application
    Filed: July 26, 2016
    Publication date: January 26, 2017
    Inventor: Kenneth S. Beck
  • Publication number: 20170019417
    Abstract: A method and related apparatus for performing inspection of flows within a software defined network includes identifying a security appliance within a software defined network, identifying candidate traffic flows flowing in the software defined network to be inspected, selecting one of the candidate traffic flows for security inspection, and communicating with a software defined network controller to cause the one of the candidate traffic flows to be redirected towards the security appliance for inspection or to cause the one of the candidate traffic flows to be copied and a resulting copy thereof forwarded to the security appliance for inspection.
    Type: Application
    Filed: July 17, 2015
    Publication date: January 19, 2017
    Inventors: David McGrew, Kenneth S. Beck
  • Patent number: 9519657
    Abstract: A computer system with read/write access to storage devices creates a snapshot of a data volume at a point in time while continuing to accept access requests to the mirrored data volume by copying before making changes to the base data volume. Multiple snapshots may be made of the same data volume at different points in time. Only data that is not stored in a previous snapshot volume or in the base data volume are stored in the most recent snapshot volume.
    Type: Grant
    Filed: March 6, 2014
    Date of Patent: December 13, 2016
    Assignee: SILICON GRAPHICS INTERNATIONAL CORP.
    Inventor: Kenneth S. Beck
  • Publication number: 20160234234
    Abstract: Techniques are presented herein that allow for arranging traffic flows in a network, and using the capabilities for inspection, recording, and enforcement around the network, in a way that makes the best use of the resources. A software defined network (SDN) interface between the network and security applications exposes a programmatic way to control security resources around the network such that they are optimally utilized. The SDN interface prioritizes and optimizes the use of security elements in the network. Security requests with corresponding priorities are used by a network controller to direct traffic flows through appropriate security elements, such as recording, inspection, or enforcement elements. The configuration of traffic flows is optimized with respect to the capacity of the communication links, as well as the priority of the respective security requests.
    Type: Application
    Filed: February 5, 2015
    Publication date: August 11, 2016
    Inventors: David McGrew, Kenneth S. Beck
  • Patent number: 9405606
    Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.
    Type: Grant
    Filed: September 30, 2013
    Date of Patent: August 2, 2016
    Assignee: Silicon Graphics International Corp.
    Inventor: Kenneth S. Beck
  • Publication number: 20140188955
    Abstract: A computer system with read/write access to storage devices creates a snapshot of a data volume at a point in time while continuing to accept access requests to the mirrored data volume by copying before making changes to the base data volume. Multiple snapshots may be made of the same data volume at different points in time. Only data that is not stored in a previous snapshot volume or in the base data volume are stored in the most recent snapshot volume.
    Type: Application
    Filed: March 6, 2014
    Publication date: July 3, 2014
    Applicant: Silicon Graphics International Corp.
    Inventor: Kenneth S. Beck
  • Patent number: 8683021
    Abstract: A computer system with read/write access to storage devices creates a snapshot of a data volume at a point in time while continuing to accept access requests to the mirrored data volume by copying before making changes to the base data volume. Multiple snapshots may be made of the same data volume at different points in time. Only data that is not stored in a previous snapshot volume or in the base data volume are stored in the most recent snapshot volume.
    Type: Grant
    Filed: August 16, 2011
    Date of Patent: March 25, 2014
    Assignee: Silicon Graphics International, Corp.
    Inventor: Kenneth S. Beck
  • Publication number: 20140032958
    Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.
    Type: Application
    Filed: September 30, 2013
    Publication date: January 30, 2014
    Applicant: Silicon Graphics International Corp.
    Inventor: Kenneth S. Beck
  • Patent number: 8578478
    Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.
    Type: Grant
    Filed: April 3, 2012
    Date of Patent: November 5, 2013
    Assignee: Silicon Graphics International Corp.
    Inventor: Kenneth S. Beck
  • Publication number: 20120192270
    Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.
    Type: Application
    Filed: April 3, 2012
    Publication date: July 26, 2012
    Applicant: Silicon Graphics International
    Inventor: Kenneth S. Beck
  • Patent number: 8151347
    Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.
    Type: Grant
    Filed: December 29, 2009
    Date of Patent: April 3, 2012
    Assignee: Silicon Graphics International
    Inventor: Kenneth S. Beck
  • Patent number: 7765329
    Abstract: A cluster of computer system nodes connected by a storage area network transmit messages using a messaging protocol having multiple layers. The storage area network supports computer system nodes running different operating systems on different endian processors. A heartbeat signal is transmitted in a common wire format over the lowest level of the messaging protocol; however other messages between the nodes may be transmitted in a format different from the common wire format. The node receiving a message is responsible for converting the format as necessary in a layer just above the layer of the messaging protocol handling heartbeat signals. However, conversion may be performed by the sending node if the sending node knows the format used by the receiving node.
    Type: Grant
    Filed: April 16, 2003
    Date of Patent: July 27, 2010
    Assignee: Silicon Graphics International
    Inventors: Mark Cruciani, Kenneth S. Beck
  • Publication number: 20100154054
    Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.
    Type: Application
    Filed: December 29, 2009
    Publication date: June 17, 2010
    Applicant: Silicon Graphics, Inc.
    Inventor: Kenneth S. Beck
  • Patent number: 7640582
    Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.
    Type: Grant
    Filed: April 16, 2003
    Date of Patent: December 29, 2009
    Assignee: Silicon Graphics International
    Inventor: Kenneth S. Beck
  • Publication number: 20040250113
    Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.
    Type: Application
    Filed: April 16, 2003
    Publication date: December 9, 2004
    Applicant: Silicon Graphics, Inc.
    Inventor: Kenneth S. Beck
  • Publication number: 20040210656
    Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network connected to the nodes by switches, such as Fibre Channel switches. When a node fails to respond to other members of a cluster, the node is prevented from accessing storage devices shared by the nodes in the cluster by disabling port(s) on the switches connected to the failed node. The ports to be disabled are identified in a cluster configuration database that is updated as each node joins the cluster. Commands to disable port(s) of a switch may be transmitted to the switch in a telnet session from the node maintaining the cluster configuration database.
    Type: Application
    Filed: April 16, 2003
    Publication date: October 21, 2004
    Applicant: Silicon Graphics, Inc.
    Inventors: Kenneth S. Beck, Mark J. Goodwin
  • Publication number: 20040210673
    Abstract: A cluster of computer system nodes connected by a storage area network transmit messages using a messaging protocol having multiple layers. The storage area network supports computer system nodes running different operating systems on different endian processors. A heartbeat signal is transmitted in a common wire format over the lowest level of the messaging protocol; however other messages between the nodes may be transmitted in a format different from the common wire format. The node receiving a message is responsible for converting the format as necessary in a layer just above the layer of the messaging protocol handling heartbeat signals. However, conversion may be performed by the sending node if the sending node knows the format used by the receiving node.
    Type: Application
    Filed: April 16, 2003
    Publication date: October 21, 2004
    Applicant: Silicon Graphics, Inc.
    Inventors: Mark Cruciani, Kenneth S. Beck