Patents by Inventor Krishna Kishore Yellepeddy

Krishna Kishore Yellepeddy has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10389527
    Abstract: A security management system comprises a key management sub-system, an asset/workload management sub-system, and an event management sub-system. The event management sub-system detects events. The asset/workload management sub-system correlates events (irrespective of type) with the assets that generate them, and the key management sub-system uses the event-asset associations determined by the asset/workload management sub-system to automatically orchestrate the necessary key management activities (e.g., key creation, revocation, refresh, etc.) across the impacted components in the information technology and operational realms to ensure data security. In one use case, a security event detected by the event management sub-system triggers one or more actions within the asset/workload management sub-system. Service configuration records are identified from this scan, and assets defined in those records are identified.
    Type: Grant
    Filed: February 28, 2017
    Date of Patent: August 20, 2019
    Assignee: International Business Machines Corporation
    Inventors: Sadanand Rajaram Bajekal, Jai Singh Arun, Michael Delaine Nix, Krishna Kishore Yellepeddy
  • Patent number: 10122693
    Abstract: A method, system, and computer usable program product for protocol based key management are provided in the illustrative embodiments. A key management protocol associated with a key request is identified, the key request being a request for data usable in cryptographic security. A first subset is selected from a set of policies using the key management protocol. A set of permissions is computed based on the first subset of policies, the set of permissions indicating whether the key request is permitted under the key management protocol. The set of permissions is cached in a cache in a data storage device.
    Type: Grant
    Filed: October 25, 2010
    Date of Patent: November 6, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Bruce Arland Rich, Krishna Kishore Yellepeddy, Xiaoyan Y Zhang
  • Publication number: 20170244559
    Abstract: A security management system comprises a key management sub-system, an asset/workload management sub-system, and an event management sub-system. The event management sub-system detects events. The asset/workload management sub-system correlates events (irrespective of type) with the assets that generate them, and the key management sub-system uses the event-asset associations determined by the asset/workload management sub-system to automatically orchestrate the necessary key management activities (e.g., key creation, revocation, refresh, etc.) across the impacted components in the information technology and operational realms to ensure data security. In one use case, a security event detected by the event management sub-system triggers one or more actions within the asset/workload management sub-system. Service configuration records are identified from this scan, and assets defined in those records are identified.
    Type: Application
    Filed: February 28, 2017
    Publication date: August 24, 2017
    Inventors: Sadanand Rajaram Bajekal, Jai Singh Arun, MIchael Delaine Nix, Krishna Kishore Yellepeddy
  • Patent number: 9584314
    Abstract: A security management system comprises a key management sub-system, an asset/workload management sub-system, and an event management sub-system. The event management sub-system detects events. The asset/workload management sub-system correlates events (irrespective of type) with the assets that generate them, and the key management sub-system uses the event-asset associations determined by the asset/workload management sub-system to automatically orchestrate the necessary key management activities (e.g., key creation, revocation, refresh, etc.) across the impacted components in the information technology and operational realms to ensure data security. In one use case, a security event detected by the event management sub-system triggers one or more actions within the asset/workload management sub-system. Service configuration records are identified from this scan, and assets defined in those records are identified.
    Type: Grant
    Filed: August 21, 2013
    Date of Patent: February 28, 2017
    Assignee: International Business Machines Corporation
    Inventors: Sadanand Rajaram Bajekal, Jai Singh Arun, Michael Delaine Nix, Krishna Kishore Yellepeddy
  • Publication number: 20160080324
    Abstract: This disclosure describes an automated process of discovering characteristics needed to integrate a web-based application to a web portal, such as a reverse proxy. This process eliminates the need for application owners and security analysts to manually discover the information needed for the on-boarding process. To this end, application-specific information is determined by monitoring network traffic flows in and out of the application, user authentication and authorization event data, and the like. An application discovery engine analyzes the discovered data, preferably against a set of patterns and heuristic-based rules, to discover or identify the one or more application characteristics. A set of configuration data is then generated, and this configuration data is then used to integrate the application into the web reverse proxy and, in particular, by specifying the configuration needed to “board” the application.
    Type: Application
    Filed: September 16, 2014
    Publication date: March 17, 2016
    Inventors: Richard Jay Cohen, Anne Louise Bolgert, Randolph Michael Forlenza, Miguel Sang, Krishna Kishore Yellepeddy
  • Publication number: 20150055780
    Abstract: A security management system comprises a key management sub-system, an asset/workload management sub-system, and an event management sub-system. The event management sub-system detects events. The asset/workload management sub-system correlates events (irrespective of type) with the assets that generate them, and the key management sub-system uses the event-asset associations determined by the asset/workload management sub-system to automatically orchestrate the necessary key management activities (e.g., key creation, revocation, refresh, etc.) across the impacted components in the information technology and operational realms to ensure data security. In one use case, a security event detected by the event management sub-system triggers one or more actions within the asset/workload management sub-system. Service configuration records are identified from this scan, and assets defined in those records are identified.
    Type: Application
    Filed: August 21, 2013
    Publication date: February 26, 2015
    Applicant: International Business Machines Corporation
    Inventors: Sadanand Rajaram Bajekal, Jai Singh Arun, MIchael Delaine Nix, Krishna Kishore Yellepeddy
  • Patent number: 8645182
    Abstract: A computer implemented method for integrating a calendar and task scheduler to enable automatic scheduling of meetings and assignment of tasks based on priority. With the illustrative embodiments, a task in a user's calendaring system may be split into multiple time blocks, and each time block for the task may then be scheduled around meetings in a user's calendar. Tasks that are scheduled in the user's calendar may also be automatically rescheduled when meetings within the user's calendar change. Tasks may be scheduled over lower priority meetings in the user's calendar as needed in order to meet the due dates assigned to the tasks. The illustrative embodiments also allow for automatically adjusting meeting or task priorities based on policies, and identifying classes of activities that may be performed concurrently.
    Type: Grant
    Filed: October 2, 2007
    Date of Patent: February 4, 2014
    Assignee: International Business Machines Corporation
    Inventors: Conrad James Johnson, James Ealem Shewbert, Perry Lee Statham, Sandra Lee Tipton, Krishna Kishore Yellepeddy
  • Publication number: 20120099728
    Abstract: A method, system, and computer usable program product for protocol based key management are provided in the illustrative embodiments. A key management protocol associated with a key request is identified, the key request being a request for data usable in cryptographic security. A first subset is selected from a set of policies using the key management protocol. A set of permissions is computed based on the first subset of policies, the set of permissions indicating whether the key request is permitted under the key management protocol. The set of permissions is cached in a cache in a data storage device.
    Type: Application
    Filed: October 25, 2010
    Publication date: April 26, 2012
    Applicant: International Business Machines Corporation
    Inventors: Bruce Arland Rich, Krishna Kishore Yellepeddy, Xiaoyan Y. Zhang
  • Patent number: 8091138
    Abstract: A computer implemented method and apparatus for controlling the presentation of information. In response to receiving a request to present the information, a process confirms that conditions for presentation of the information are satisfied using a set of presentation policies, wherein the conditions are specified in the set of presentation policies, and wherein the conditions comprise a status of a user and a setting of the user. The process then determines whether confidential content is present in the information. Responsive to the confidential content being present, the process redacts the confidential content before presenting the information to a user, and then updates a presentation history with metadata describing the presentation of the information comprising the confidential content.
    Type: Grant
    Filed: September 6, 2007
    Date of Patent: January 3, 2012
    Assignee: International Business Machines Corporation
    Inventors: Krishna Kishore Yellepeddy, Conrad James Johnson, Helen McKinstry, Perry Lee Statham, Sandra Lee Tipton
  • Patent number: 7971069
    Abstract: A replicated networked storage domain of an original data partition and one or more replica data partitions in which each partition is stored on a storage device having a network address, is secured by associating with each partition a secret key; sharing the secret keys between the storage devices and a file manager; requesting access to a specific partition by a client; and accessing the specific partition by the client using a credential encrypted by the key associated with the specific partition and including a network address of a storage device which stores the partition.
    Type: Grant
    Filed: October 11, 2006
    Date of Patent: June 28, 2011
    Assignee: International Business Machines Corporation
    Inventor: Krishna Kishore Yellepeddy
  • Patent number: 7717326
    Abstract: A system for protecting data within a portable storage device. A self-destruct unit associated with the portable storage device is enabled. If the portable storage device is not within a pre-specified route tolerance or if the portable storage device is not at a pre-selected identification checkpoint, an alert message is sent. In response to receiving a particular response, a self-destruct signal is sent to the enabled self-destruct unit. Then the enabled self-destruct unit creates an electromagnetic pulse from a xenon flash tube to render confidential data within the portable storage device unusable.
    Type: Grant
    Filed: November 15, 2006
    Date of Patent: May 18, 2010
    Assignee: International Business Machines Corporation
    Inventors: David Bruce Kumhyr, Pamela Ann Nesbitt, Lorin Evan Ullmann, Krishna Kishore Yellepeddy
  • Publication number: 20090089133
    Abstract: A computer implemented method for integrating a calendar and task scheduler to enable automatic scheduling of meetings and assignment of tasks based on priority. With the illustrative embodiments, a task in a user's calendaring system may be split into multiple time blocks, and each time block for the task may then be scheduled around meetings in a user's calendar. Tasks that are scheduled in the user's calendar may also be automatically rescheduled when meetings within the user's calendar change. Tasks may be scheduled over lower priority meetings in the user's calendar as needed in order to meet the due dates assigned to the tasks. The illustrative embodiments also allow for automatically adjusting meeting or task priorities based on policies, and identifying classes of activities that may be performed concurrently.
    Type: Application
    Filed: October 2, 2007
    Publication date: April 2, 2009
    Inventors: Conrad James Johnson, James Ealem Shewbert, Perry Lee Statham, Sandra Lee Tipton, Krishna Kishore Yellepeddy
  • Publication number: 20090070881
    Abstract: A computer implemented method and apparatus for controlling the presentation of information. In response to receiving a request to present the information, a process confirms that conditions for presentation of the information are satisfied using a set of presentation policies, wherein the conditions are specified in the set of presentation policies, and wherein the conditions comprise a status of a user and a setting of the user. The process then determines whether confidential content is present in the information. Responsive to the confidential content being present, the process redacts the confidential content before presenting the information to a user, and then updates a presentation history with metadata describing the presentation of the information comprising the confidential content.
    Type: Application
    Filed: September 6, 2007
    Publication date: March 12, 2009
    Inventors: Krishna Kishore Yellepeddy, Conrad James Johnson, Helen McKinstry, Perry Lee Statham, Sandra Lee Tipton
  • Publication number: 20080112300
    Abstract: A system for protecting data within a portable storage device. A self-destruct unit associated with the portable storage device is enabled. If the portable storage device is not within a pre-specified route tolerance or if the portable storage device is not at a pre-selected identification checkpoint, an alert message is sent. In response to receiving a particular response, a self-destruct signal is sent to the enabled self-destruct unit. Then the enabled self-destruct unit creates an electromagnetic pulse from a xenon flash tube to render confidential data within the portable storage device unusable.
    Type: Application
    Filed: November 15, 2006
    Publication date: May 15, 2008
    Inventors: David Bruce Kumhyr, Pamela Ann Nesbitt, Lorin Evan Ullmann, Krishna Kishore Yellepeddy
  • Patent number: 7236465
    Abstract: A system and method for gathering data regarding receivers of multicast content is provided. A spanning tree is used to connect a content producer, such as a pay-per-view broadcaster, to one or more receivers over a computer network, such as the Internet. Clients that wish to join a multicast group to which content is sent join the multicast group at the client's designated multicast router. The router sends information regarding the request, such as a tally of the number of clients that have joined the group, through intermediate routers to an endpoint router as identified by the spanning tree. The content producer is able to use the information, such as the tally and demographic information, to analyze the group of receivers. In a pay-per-view setting, the tally can further be compared to the number of subscribers to determine whether illicit receivers have joined the group, whereupon appropriate action is taken.
    Type: Grant
    Filed: June 13, 2002
    Date of Patent: June 26, 2007
    Assignee: International Business Machines Corporation
    Inventors: Dwip N. Banerjee, Rabindranath Dutta, Kumar Ravi, Krishna Kishore Yellepeddy
  • Patent number: 7191192
    Abstract: A bidirectional metadirectory agent a data source converter layer; a filters and rules layer for blocking disallowed changes; a mapping layer for translating attributes in change commands from a local set of attribute names to a set of metadirectory attribute names, and vice versa, and for converting change commands between said agent-internal common format and a directory change protocol; an extensible user customization layer for implementing custom metadirectory agent functions; and a metadirectory interface for sending and receiving said change commands in said directory change protocol.
    Type: Grant
    Filed: September 30, 2002
    Date of Patent: March 13, 2007
    Assignee: International Business Machines Corporation
    Inventors: Krishna Kishore Yellepeddy, Rod Mancisidor
  • Patent number: 7146499
    Abstract: Through associating each data partition within a replicated storage domain of networked storage devices with one of multiple secret keys shared with a file manager, a credential is issued from the file manager to a client requesting access to a partition. The credential includes a network address for the partition to which the client is to direct its actions. The storage device periodically confirms with the file manager the validity of the shared secret keys. Through logical process and evaluations applied to issuing the credential and determining the address of the partition to be included in each credential, the file manager may invalidate partitions individually, provide load balancing between access of original and replica partitions, and provide security functions such as isolation of partitions for access by and tracking of unauthorized users, or for testing purposes.
    Type: Grant
    Filed: September 30, 2002
    Date of Patent: December 5, 2006
    Assignee: International Business Machines Corporation
    Inventor: Krishna Kishore Yellepeddy
  • Patent number: 7107297
    Abstract: A system and method which propagates change operations to data items within a metadirectory on a differential basis in order to minimize or eliminate redundant updates to attributes within data items that have not changed, as well as conserve computing resources and transmission bandwidth consumed by update activities in large organizations of data items. A best match entry in the metadirectory is selected using a weighted score process, a determination is made as to exactly which attributes are changed by the update operation, and a differential update is propagated throughout the metadirectory via direct joiner access to the data items, or through remote access such as through LDAP.
    Type: Grant
    Filed: January 10, 2002
    Date of Patent: September 12, 2006
    Assignee: International Business Machines Corporation
    Inventors: Krishna Kishore Yellepeddy, Rod Mancisidor
  • Publication number: 20040128266
    Abstract: The present invention enables a facility (home, business or industrial site) to optimize the consumption of energy in that facility. In this invention, the power companies that supply energy provide information to its client facilities on the cost and availability of energy from that company on a real-time basis. Each client facility would have a power accounting server. These servers store this and process this information to predict when the rates for using the energy will be the least expensive for a particular task or to operate a particular appliance. A homeowner (client facility) for example can program appliances such as a dishwasher or laundry machine to turn on when the cost of energy is below a particular threshold price. The present invention has the capability to receive characteristics about a particular appliance, generate a list of energy consumption options for that particular product at a particular time period and select and implement the most efficient energy supply option.
    Type: Application
    Filed: December 12, 2003
    Publication date: July 1, 2004
    Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Krishna Kishore Yellepeddy, Rabindranath Dutta
  • Publication number: 20040064502
    Abstract: A bidirectional metadirectory agent a data source converter layer; a filters and rules layer for blocking disallowed changes; a mapping layer for translating attributes in change commands from a local set of attribute names to a set of metadirectory attribute names, and vice versa, and for converting change commands between said agent-internal common format and a directory change protocol; an extensible user customization layer for implementing custom metadirectory agent functions; and a metadirectory interface for sending and receiving said change commands in said directory change protocol.
    Type: Application
    Filed: September 30, 2002
    Publication date: April 1, 2004
    Applicant: International Business Machines Corporation
    Inventors: Krishna Kishore Yellepeddy, Rod Mancisidor