Patents by Inventor Kumara Das Karunakaran
Kumara Das Karunakaran has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11812269Abstract: A request generated by an unmanaged app to access a resource is received from a mobile device. A notification is sent to the mobile device. A device level VPN connection to the mobile device is established. A unique identifier is associated with the device level VPN. App level traffic received via the device level VPN is tagged with the unique identifier. Access to the resource is allowed in response to the request based at least in part on a determination based on the tags that app level traffic from a trusted app and app level traffic from the unmanaged app are associated with the same mobile device.Type: GrantFiled: November 16, 2021Date of Patent: November 7, 2023Assignee: Ivanti, Inc.Inventors: Renchi Raju, Vijay Pawar, Kumara Das Karunakaran
-
Patent number: 11368449Abstract: In an embodiment, a system for asserting a mobile identity to users and devices in an enterprise authentication system includes a communication interface and a processor coupled to the interface. The processor is configured to receive, via the communication interface and from a first device, a request to authenticate a user to a service using a unique identity associated with a second device. The processor is configured to determine, based at least in part on the unique identity, an identity certificate associated with the request, generate an identity assertion based at least in part on the identity certificate, and provide the identity assertion via the communication interface to a requesting node with which the request to authenticate is associated.Type: GrantFiled: November 19, 2019Date of Patent: June 21, 2022Assignee: MOBILEIRON INC.Inventors: Alexei Volkov, Kumara Das Karunakaran, Vijay Pawar
-
Publication number: 20220150703Abstract: A request generated by an unmanaged app to access a resource is received from a mobile device. A notification is sent to the mobile device. A device level VPN connection to the mobile device is established. A unique identifier is associated with the device level VPN. App level traffic received via the device level VPN is tagged with the unique identifier. Access to the resource is allowed in response to the request based at least in part on a determination based on the tags that app level traffic from a trusted app and app level traffic from the unmanaged app are associated with the same mobile device.Type: ApplicationFiled: November 16, 2021Publication date: May 12, 2022Inventors: Renchi Raju, Vijay Pawar, Kumara Das Karunakaran
-
Patent number: 11228591Abstract: Techniques to provide secure access to a cloud service are disclosed. In various embodiments, enterprise mobility management (EMM) data associated with a set of enterprise users of mobile devices associated with an enterprise is received. Cloud service data associated with use of a cloud service of the cloud service provider by users associated with the enterprise is received and correlated with the EMM data. Usage of the cloud service by said users associated with the enterprise is analyzed, including one or both of access of the cloud service using one or more unmanaged devices and access of the cloud service using one or more unmanaged mobile apps.Type: GrantFiled: March 27, 2018Date of Patent: January 18, 2022Assignee: MOBILEIRON, INC.Inventors: Kumara Das Karunakaran, Vijay Pawar
-
Patent number: 11206540Abstract: A request generated by an unmanaged app to access a resource is received from a mobile device. A notification is sent to the mobile device. A device level VPN connection to the mobile device is established. A unique identifier is associated with the device level VPN. App level traffic received via the device level VPN is tagged with the unique identifier. Access to the resource is allowed in response to the request based at least in part on a determination based on the tags that app level traffic from a trusted app and app level traffic from the unmanaged app are associated with the same mobile device.Type: GrantFiled: January 11, 2019Date of Patent: December 21, 2021Assignee: MOBILEIRON, INC.Inventors: Renchi Raju, Vijay Pawar, Kumara Das Karunakaran
-
Patent number: 11178132Abstract: Techniques are disclosed to provide VPN and identity based authentication to cloud-based services. In various embodiments, a request to authenticate a user to a service is received. A user identity associated with one or both of the user and the request is determined based at least in part on data comprising the request. An identity assertion is generated based at least in part on the user identity. The identity assertion is provided to a requesting node with which the request to authenticate is associated.Type: GrantFiled: December 19, 2019Date of Patent: November 16, 2021Assignee: MOBILEIRON, INC.Inventors: Vijay Pawar, Atul Vijay Tulshibagwale, Kumara Das Karunakaran, Jian Liu
-
Patent number: 10673861Abstract: Techniques to provide secure access to a cloud-based service are disclosed. In various embodiments, a request is received from a client app on a device to connect to a security proxy associated with the cloud-based service. A secure tunnel connection between the device and a node with which the security proxy is associated is used to establish the requested connection to the security proxy. Information associated with the secure tunnel is used to determine that the requesting client app is authorized to access the cloud-based service from the device and to obtain from an identity provider associated with the cloud-based service a security token to be used by the client app to authenticate to the cloud-based service.Type: GrantFiled: April 26, 2019Date of Patent: June 2, 2020Assignee: MOBILE IRON, INC.Inventors: Kumara Das Karunakaran, Vijay Pawar, Jian Liu
-
Patent number: 10673838Abstract: Techniques are disclosed to provide VPN and identity based authentication to cloud-based services. In various embodiments, a request to authenticate a user to a service is received. A user identity associated with one or both of the user and the request is determined based at least in part on data comprising the request. An identity assertion is generated based at least in part on the user identity. The identity assertion is provided to a requesting node with which the request to authenticate is associated.Type: GrantFiled: May 15, 2017Date of Patent: June 2, 2020Assignee: MOBILEIRON, INC.Inventors: Vijay Pawar, Atul Vijay Tulshibagwale, Kumara Das Karunakaran, Jian Liu
-
Publication number: 20200128000Abstract: Techniques are disclosed to provide VPN and identity based authentication to cloud-based services. In various embodiments, a request to authenticate a user to a service is received. A user identity associated with one or both of the user and the request is determined based at least in part on data comprising the request. An identity assertion is generated based at least in part on the user identity. The identity assertion is provided to a requesting node with which the request to authenticate is associated.Type: ApplicationFiled: December 19, 2019Publication date: April 23, 2020Inventors: Vijay Pawar, Atul Vijay Tulshibagwale, Kumara Das Karunakaran, Jian Liu
-
Publication number: 20200092281Abstract: In an embodiment, a system for asserting a mobile identity to users and devices in an enterprise authentication system includes a communication interface and a processor coupled to the interface. The processor is configured to receive, via the communication interface and from a first device, a request to authenticate a user to a service using a unique identity associated with a second device. The processor is configured to determine, based at least in part on the unique identity, an identity certificate associated with the request, generate an identity assertion based at least in part on the identity certificate, and provide the identity assertion via the communication interface to a requesting node with which the request to authenticate is associated.Type: ApplicationFiled: November 19, 2019Publication date: March 19, 2020Inventors: Alexei Volkov, Kumara Das Karunakaran, Vijay Pawar
-
Patent number: 10523660Abstract: In an embodiment, a system for asserting a mobile identity to users and devices in an enterprise authentication system includes a communication interface and a processor coupled to the interface. The processor is configured to receive, via the communication interface and from a first device, a request to authenticate a user to a service using a unique identity associated with a second device. The processor is configured to determine, based at least in part on the unique identity, an identity certificate associated with the request, generate an identity assertion based at least in part on the identity certificate, and provide the identity assertion via the communication interface to a requesting node with which the request to authenticate is associated.Type: GrantFiled: January 25, 2019Date of Patent: December 31, 2019Assignee: MOBILEIRON, INC.Inventors: Alexei Volkov, Kumara Das Karunakaran, Vijay Pawar
-
Publication number: 20190319962Abstract: Techniques to provide secure access to a cloud-based service are disclosed. In various embodiments, a request is received from a client app on a device to connect to a security proxy associated with the cloud-based service. A secure tunnel connection between the device and a node with which the security proxy is associated is used to establish the requested connection to the security proxy. Information associated with the secure tunnel is used to determine that the requesting client app is authorized to access the cloud-based service from the device and to obtain from an identity provider associated with the cloud-based service a security token to be used by the client app to authenticate to the cloud-based service.Type: ApplicationFiled: April 26, 2019Publication date: October 17, 2019Inventors: Kumara Das Karunakaran, Vijay Pawar, Jian Liu
-
Patent number: 10397239Abstract: Techniques to provide secure mobile access to a cloud-based service are disclosed. In various embodiments, a request to access the cloud-based service is received from a mobile device. A security certificate associated with the request is used to synthesize a basic authentication header associated with the request. The synthesized basic authentication header is sent to the cloud-based service on behalf of the mobile device.Type: GrantFiled: August 8, 2018Date of Patent: August 27, 2019Assignee: MOBILE IRON, INC.Inventors: Kumara Das Karunakaran, Vijay Pawar, Ivan Golovenko
-
Publication number: 20190223021Abstract: A request generated by an unmanaged app to access a resource is received from a mobile device. A notification is sent to the mobile device. A device level VPN connection to the mobile device is established. A unique identifier is associated with the device level VPN. App level traffic received via the device level VPN is tagged with the unique identifier. Access to the resource is allowed in response to the request based at least in part on a determination based on the tags that app level traffic from a trusted app and app level traffic from the unmanaged app are associated with the same mobile device.Type: ApplicationFiled: January 11, 2019Publication date: July 18, 2019Inventors: Renchi Raju, Vijay Pawar, Kumara Das Karunakaran
-
Patent number: 10320801Abstract: Techniques to provide secure access to a cloud-based service are disclosed. In various embodiments, a request is received from a client app on a device to connect to a security proxy associated with the cloud-based service. A secure tunnel connection between the device and a node with which the security proxy is associated is used to establish the requested connection to the security proxy. Information associated with the secure tunnel is used to determine that the requesting client app is authorized to access the cloud-based service from the device and to obtain from an identity provider associated with the cloud-based service a security token to be used by the client app to authenticate to the cloud-based service.Type: GrantFiled: September 25, 2018Date of Patent: June 11, 2019Assignee: MOBILE IRON, INC.Inventors: Kumara Das Karunakaran, Vijay Pawar, Jian Liu
-
Patent number: 10255116Abstract: A method, apparatus and computer program product for performing load balancing of SNDs and FNDs is presented. The presently disclosed method and apparatus for providing load balancing solves the problem of improper wireless traffic distribution in an enterprise network that may cause overload on some FNDs while some others are lightly loaded. The presently described methods and apparatus, by use of a single command, allow a user to restore the FNDs and SNDs to a preplanned topology or balance the load on controllers without overriding the manual assignments specified by the user.Type: GrantFiled: July 30, 2010Date of Patent: April 9, 2019Assignee: Avaya Inc.Inventors: M. S. Badari Narayana, Kumara Das Karunakaran
-
Patent number: 10193865Abstract: Techniques described herein convert mobile traffic between different types of VPN protocols, including IP and Transport. In an embodiment, a security proxy associated with a server receives a packet associated with a client app on a device, the packet including a source identifier and a destination identifier. The security proxy reassigns a tunnel identifier as the source and a node identifier as the destination, then stores a correlation of the tunnel identifier, the source identifier, and the destination identifier. The security proxy forwards the packet to the node inside the security proxy, and determines the destination identifier based on the correlation. The node then forwards the packet to the destination. This allows for multiple devices to use a same source identifier, e.g., same IP address. In some embodiments, a secure connection is established and/or the device and server are mutually authenticated prior to the processing of the packets.Type: GrantFiled: March 17, 2016Date of Patent: January 29, 2019Assignee: MOBILE IRON, INC.Inventors: Kumara Das Karunakaran, Alexei Volkov, Pranav Desai, Victor Pavlov
-
Publication number: 20190028480Abstract: Techniques to provide secure access to a cloud-based service are disclosed. In various embodiments, a request is received from a client app on a device to connect to a security proxy associated with the cloud-based service. A secure tunnel connection between the device and a node with which the security proxy is associated is used to establish the requested connection to the security proxy. Information associated with the secure tunnel is used to determine that the requesting client app is authorized to access the cloud-based service from the device and to obtain from an identity provider associated with the cloud-based service a security token to be used by the client app to authenticate to the cloud-based service.Type: ApplicationFiled: September 25, 2018Publication date: January 24, 2019Inventors: Kumara Das Karunakaran, Vijay Pawar, Jian Liu
-
Publication number: 20180351960Abstract: Techniques to provide secure mobile access to a cloud-based service are disclosed. In various embodiments, a request to access the cloud-based service is received from a mobile device. A security certificate associated with the request is used to synthesize a basic authentication header associated with the request. The synthesized basic authentication header is sent to the cloud-based service on behalf of the mobile device.Type: ApplicationFiled: August 8, 2018Publication date: December 6, 2018Inventors: Kumara Das Karunakaran, Vijay Pawar, Ivan Golovenko
-
Patent number: 10116663Abstract: Techniques to provide secure access to a cloud-based service are disclosed. In various embodiments, a request is received from a client app on a device to connect to a security proxy associated with the cloud-based service. A secure tunnel connection between the device and a node with which the security proxy is associated is used to establish the requested connection to the security proxy. Information associated with the secure tunnel is used to determine that the requesting client app is authorized to access the cloud-based service from the device and to obtain from an identity provider associated with the cloud-based service a security token to be used by the client app to authenticate to the cloud-based service.Type: GrantFiled: April 25, 2018Date of Patent: October 30, 2018Assignee: MOBILE IRON, INC.Inventors: Kumara Das Karunakaran, Vijay Pawar, Jian Liu