Patents by Inventor Lap T. Huynh

Lap T. Huynh has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10523491
    Abstract: Embodiments of the present invention address deficiencies of the art in respect to connectivity management in a heterogeneous network and provide a method, system and computer program product for resilient and reliable end-to-end connectivity in a heterogeneous network. In one embodiment of the invention, a method for resilient and reliable end-to-end connectivity in a heterogeneous network environment can be provided. The method can include creating an instance of an abstracted network resource model (NRM) for a heterogeneous network environment of different network resource nodes. The method further can include binding an application endpoint in the instance of the abstracted NRM with a connectivity endpoint for a first of the different network resource nodes. The method yet further can include detecting an outage in the first of the different network resource nodes.
    Type: Grant
    Filed: October 25, 2010
    Date of Patent: December 31, 2019
    Assignee: International Business Machines Corporation
    Inventors: Dinakaran Joseph, Jon K. Franks, Christopher N. Freeman, Sivaram Gottimukkala, Jason P. Hawrysz, Lap T. Huynh, Barry Mosakowski
  • Publication number: 20170329624
    Abstract: In an embodiment of the invention, a method for secure live migration of a virtual machine (VM) in a virtualized computing environment can include selecting a VM in a secure virtualized computing environment for live migration to a different virtualized computing environment and blocking data communications with the selected VM and other VMs in the secure virtualized computing environment. The selected VM can be live migrated to the different virtualized computing environment and the VM can be restarted in the different virtualized computing environment. Notably, a secure communicative link can be established between the restarted VM and at least one other of the VMs in the secure virtualized computing environment. Finally, data communications between the restarted VM and the at least one other of the VMs can be enabled over the secure communicative link.
    Type: Application
    Filed: May 31, 2017
    Publication date: November 16, 2017
    Inventors: Wesley M. Devine, Sivaram Gottimukkala, Lap T. Huynh, Dinakaran Joseph, Michael S. Law, Linwood H. Overby
  • Patent number: 9742621
    Abstract: Embodiments of the present invention address deficiencies of the art in respect to connectivity management in a heterogeneous network and provide a method, system and computer program product for resilient and reliable end-to-end connectivity in a heterogeneous network. In one embodiment of the invention, a method for resilient and reliable end-to-end connectivity in a heterogeneous network environment can be provided. The method can include creating an instance of an abstracted network resource model (NRM) for a heterogeneous network environment of different network resource nodes. The method further can include binding an application endpoint in the instance of the abstracted NRM with a connectivity endpoint for a first of the different network resource nodes. Finally, the method can include re-binding the application endpoint to a second of the different network resource nodes in response to detecting the outage.
    Type: Grant
    Filed: February 28, 2012
    Date of Patent: August 22, 2017
    Assignee: International Business Machines Corporation
    Inventors: Dinakaran Joseph, Jon K. Franks, Christopher N. Freeman, Sivaram Gottimukkala, Jason P. Hawrysz, Lap T. Huynh, Barry Mosakowski
  • Patent number: 9715401
    Abstract: In an embodiment of the invention, a method for secure live migration of a virtual machine (VM) in a virtualized computing environment can include selecting a VM in a secure virtualized computing environment for live migration to a different virtualized computing environment and blocking data communications with the selected VM and other VMs in the secure virtualized computing environment. The selected VM can be live migrated to the different virtualized computing environment and the VM can be restarted in the different virtualized computing environment. Notably, a secure communicative link can be established between the restarted VM and at least one other of the VMs in the secure virtualized computing environment. Finally, data communications between the restarted VM and the at least one other of the VMs can be enabled over the secure communicative link.
    Type: Grant
    Filed: September 15, 2008
    Date of Patent: July 25, 2017
    Assignee: International Business Machines Corporation
    Inventors: Wesley M. Devine, Sivaram Gottimukkala, Lap T. Huynh, Dinakaran Joseph, Michael S. Law, Linwood H. Overby, Jr.
  • Patent number: 9485156
    Abstract: A system and method for monitoring liveliness includes a management device which has an application layer where applications are executed. A connection monitor is located other than on the application layer, and the connection monitor is configured to receive requests from clients and deliver the requests to components on the application layer. The components include a generic application monitor which responds to liveliness monitor requests from the clients for all applications monitored, and one or more applications which response to requests to that application.
    Type: Grant
    Filed: February 4, 2014
    Date of Patent: November 1, 2016
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Michael E. Baskey, Chun-Shi Chang, Lap T. Huynh, Dinakaran Joseph, Sambit Sahu, Dinesh C. Verma, Michael D. Williams
  • Patent number: 9300726
    Abstract: A method, system and computer program product for optimizing quality of service settings for virtual machine deployment and migration. A first network (e.g., user network) is provided that is dedicated to running user workloads deployed on virtual machines. A second network (e.g., cloud management network), isolated from the first network, is also provided that is dedicated to virtual machine deployment and migration. As a result of the first and second networks not being shared, the administrative server utilizes unique quality of service settings for virtual machine deployment and migration supported by the second network that would otherwise not be possible if the first and second networks were shared.
    Type: Grant
    Filed: January 15, 2013
    Date of Patent: March 29, 2016
    Assignee: International Business Machines Corporation
    Inventors: Rohith K. Ashok, Roy F. Brabson, Lap T. Huynh, Michael S. Law, Mickael Maison, Matthew J. Sheard
  • Publication number: 20160080501
    Abstract: An approach is provided for establishing a private network connection between source and target cloud data centers (CDCs). Requirements of the private network connection are received. Network service providers (NSPs) providing a network service to the source and target CDCs are determined. Performance information of respective NSPs is determined. Performance information of NSP(s) are determined to satisfy the requirements. One of the NSP(s) is selected based on the corresponding performance information optimally satisfying the requirements. First and second connection endpoints of the private network connection are generated in the source and target CDCs, respectively. Based on the first and second connection endpoints and responsive to a request from the target CDC to the selected NSP to attach the target CDC to the private network connection, the private network connection is established.
    Type: Application
    Filed: September 15, 2014
    Publication date: March 17, 2016
    Inventors: Douglas M. Freimuth, Lap T. Huynh, Jeffrey A. Sanden
  • Patent number: 9253016
    Abstract: An integrated hybrid system is provided. The hybrid system includes compute components of different types and architectures that are integrated and managed by a single point of control to provide federation and the presentation of the compute components as a single logical computing platform.
    Type: Grant
    Filed: November 2, 2010
    Date of Patent: February 2, 2016
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Ingo Adlung, Kimberly T. Bailey, Friedemann Baitinger, Patricia G. Driever, Jeffrey A. Frey, Lap T. Huynh, Constantinos Kassimis, Angelo Macchiano, Bruce Ratcliff, Jerry W. Stevens, Stephen R. Valley
  • Patent number: 9253017
    Abstract: An integrated hybrid system is provided. The hybrid system includes compute components of different types and architectures that are integrated and managed by a single point of control to provide federation and the presentation of the compute components as a single logical computing platform.
    Type: Grant
    Filed: December 17, 2012
    Date of Patent: February 2, 2016
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Ingo Adlung, Kimberly T. Bailey, Friedemann Baitinger, Patricia G. Driever, Jeffrey A. Frey, Lap T. Huynh, Constantinos Kassimis, Angelo Macchiano, Bruce Ratcliff, Jerry W. Stevens, Stephen R. Valley
  • Patent number: 8925081
    Abstract: Intrusion detection is performed by communicating an initialization request from an intrusion detection system enabled application to an intrusion module to begin intrusion detection. Also, a request is communicated to a policy transfer agent to provide an intrusion detection system policy specifically configured for the application. The application identifies where in the application code the intrusion detection system policy is to be checked against an incoming or outgoing communication. Information obtained by the application program is selectively evaluated against information in the intrusion detection system policy. A conditional response is made based upon information in the intrusion detection system policy if an intrusion associated with the application program is detected.
    Type: Grant
    Filed: May 11, 2012
    Date of Patent: December 30, 2014
    Assignee: International Business Machines Corporation
    Inventors: Lap T. Huynh, Linwood H. Overby, Jr.
  • Patent number: 8891550
    Abstract: Embodiments of the present invention address deficiencies of the art in respect to network services protocol implementation configuration and provide a method, system and computer program product for platform independent configuration of multiple network services protocol implementations. In one embodiment of the invention, a method for configuring a network services protocol implementation can include configuring a platform independent configuration for a network services protocol implementation. Thereafter, a target node can be selected to receive a deployment of the network services protocol implementation and the configured platform independent configuration can be transformed into a platform specific configuration for the target node. Finally, the transformed platform specific configuration can be deployed onto the target node.
    Type: Grant
    Filed: February 15, 2006
    Date of Patent: November 18, 2014
    Assignee: International Business Machines Corporation
    Inventors: Lap T. Huynh, Dinakaran Joseph, Linwood H. Overby, Jr., Mark T. Wright
  • Publication number: 20140201365
    Abstract: A method, system and computer program product for optimizing quality of service settings for virtual machine deployment and migration. A first network (e.g., user network) is provided that is dedicated to running user workloads deployed on virtual machines. A second network (e.g., cloud management network), isolated from the first network, is also provided that is dedicated to virtual machine deployment and migration. As a result of the first and second networks not being shared, the administrative server utilizes unique quality of service settings for virtual machine deployment and migration supported by the second network that would otherwise not be possible if the first and second networks were shared.
    Type: Application
    Filed: January 15, 2013
    Publication date: July 17, 2014
    Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Rohith K. Ashok, Roy F. Brabson, Lap T. Huynh, Michael S. Law, Mickael Maison, Matthew J. Sheard
  • Publication number: 20140156837
    Abstract: A system and method for monitoring liveliness includes a management device which has an application layer where applications are executed. A connection monitor is located other than on the application layer, and the connection monitor is configured to receive requests from clients and deliver the requests to components on the application layer. The components include a generic application monitor which responds to liveliness monitor requests from the clients for all applications monitored, and one or more applications which response to requests to that application.
    Type: Application
    Filed: February 4, 2014
    Publication date: June 5, 2014
    Applicant: International Business Machines Corporation
    Inventors: Michael E. Baskey, Chun-Shi Chang, Lap T. Huynh, Dinakaran Joseph, Sambit Sahu, Dinesh C. Verma, Michael D. Williams
  • Patent number: 8380861
    Abstract: Embodiments of the present invention address deficiencies of the art in respect to e2e SLA support in a network of both manageable and unmanageable portions and provide a method, system and computer program product for e2e SLA compliance across both managed and unmanaged network segments. In one embodiment of the invention, a method for e2e SLA compliance across both managed and unmanaged network segments can be provided. The method can include identifying both a managed segment and an unmanaged segment of an e2e network for a communications path implicated by an SLA, determining an observed delay for the unmanaged segment of the e2e network, computing from a desired delay for the communications path and the observed delay a differential delay, and constraining the managed segment to meet the differential delay in order to assure meeting the desired delay for the communications path implicated by the SLA.
    Type: Grant
    Filed: February 3, 2011
    Date of Patent: February 19, 2013
    Assignee: International Business Machines Corporation
    Inventors: Michael E. Baskey, Mandis S. Beigi, Sivaram Gottimukkala, Lap T. Huynh, Dinakaran Joseph, Einar Lueck, Debanjan Saha, Sambit Sahu, Dinesh C. Verma
  • Publication number: 20120222087
    Abstract: Intrusion detection is performed by communicating an initialization request from an intrusion detection system enabled application to an intrusion module to begin intrusion detection. Also, a request is communicated to a policy transfer agent to provide an intrusion detection system policy specifically configured for the application. The application identifies where in the application code the intrusion detection system policy is to be checked against an incoming or outgoing communication. Information obtained by the application program is selectively evaluated against information in the intrusion detection system policy. A conditional response is made based upon information in the intrusion detection system policy if an intrusion associated with the application program is detected.
    Type: Application
    Filed: May 11, 2012
    Publication date: August 30, 2012
    Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Lap T. Huynh, Linwood H. Overby, JR.
  • Publication number: 20120213059
    Abstract: Embodiments of the present invention address deficiencies of the art in respect to connectivity management in a heterogeneous network and provide a method, system and computer program product for resilient and reliable end-to-end connectivity in a heterogeneous network. In one embodiment of the invention, a method for resilient and reliable end-to-end connectivity in a heterogeneous network environment can be provided. The method can include creating an instance of an abstracted network resource model (NRM) for a heterogeneous network environment of different network resource nodes. The method further can include binding an application endpoint in the instance of the abstracted NRM with a connectivity endpoint for a first of the different network resource nodes. Finally, the method can include re-binding the application endpoint to a second of the different network resource nodes in response to detecting the outage.
    Type: Application
    Filed: February 28, 2012
    Publication date: August 23, 2012
    Applicant: International Business Machines Corporation
    Inventors: Dinakaran Joseph, Jon K. Franks, Christopher N. Freeman, Sivaram Gottimukkala, Jason P. Hawrysz, Lap T. Huynh, Barry Mosakowski
  • Publication number: 20120198542
    Abstract: A mechanism is provided for sharing one or more security appliances. A trusted system component associated with an application of a plurality of applications in a logically partitioned data processing system sets a destination address of a received packet to an address of a security appliance shared by the plurality of applications. The trusted system component sends the received packet to the security appliance. The trusted system component receives a response from the security appliance. The trusted system component determines whether the response indicates permitting the received packet to proceed to the intended recipient. The trusted system component sends the received packet to the recipient in response to the response indicating permitting the received packet to proceed.
    Type: Application
    Filed: March 19, 2012
    Publication date: August 2, 2012
    Applicant: International Business Machines Corporation
    Inventors: Lap T. Huynh, Constantinos Kassimis, Jeffrey A. Lucovsky, Linwood H. Overby, JR., Jerry W. Stevens
  • Patent number: 8220052
    Abstract: A method of detecting an intrusion into a computer. At least one communication to an application program is selectively evaluated by the application program accessing an intrusion detection service to evaluate the communication.
    Type: Grant
    Filed: June 10, 2003
    Date of Patent: July 10, 2012
    Assignee: International Business Machines Corporation
    Inventors: Lap T. Huynh, Linwood H. Overby, Jr.
  • Publication number: 20120110155
    Abstract: An integrated hybrid system is provided. The hybrid system includes compute components of different types and architectures that are integrated and managed by a single point of control to provide federation and the presentation of the compute components as a single logical computing platform.
    Type: Application
    Filed: November 2, 2010
    Publication date: May 3, 2012
    Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Ingo Adlung, Kimberly T. Bailey, Friedemann Baitinger, Patricia G. Driever, Jeffrey A. Frey, Lap T. Huynh, Constantinos Kassimis, Angelo Macchiano, Bruce Ratcliff, Jerry W. Stevens, Stephen R. Valley
  • Publication number: 20110125914
    Abstract: Embodiments of the present invention address deficiencies of the art in respect to e2e SLA support in a network of both manageable and unmanageable portions and provide a method, system and computer program product for e2e SLA compliance across both managed and unmanaged network segments. In one embodiment of the invention, a method for e2e SLA compliance across both managed and unmanaged network segments can be provided. The method can include identifying both a managed segment and an unmanaged segment of an e2e network for a communications path implicated by an SLA, determining an observed delay for the unmanaged segment of the e2e network, computing from a desired delay for the communications path and the observed delay a differential delay, and constraining the managed segment to meet the differential delay in order to assure meeting the desired delay for the communications path implicated by the SLA.
    Type: Application
    Filed: February 3, 2011
    Publication date: May 26, 2011
    Applicant: International Business Machines Corporation
    Inventors: Michael E. Baskey, Mandis S. Beigi, Sivaram Gottimukkala, Lap T. Huynh, Dinakaran Joseph, Einar Lueck, Debanjan Saha, Sambit Sahu, Dinesh C. Verma