Patents by Inventor Liviu Iftode
Liviu Iftode has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10693853Abstract: A non-transitory computer-readable storage medium storing a set of instructions executable by a processor. The set of instructions is operable to receive a request from a node to join a trusted ad hoc network. The set of instructions is further operable to authenticate the node to join the trusted ad hoc network. The authentication is performed based on a verification that the node will comply with a security policy of the trusted ad hoc network. The set of instructions is further operable to send, to the node, a verification that the trusted ad hoc network complies with the security policy. The set of instructions is further operable to add the node to the trusted ad hoc network.Type: GrantFiled: July 23, 2010Date of Patent: June 23, 2020Assignees: AT&T Intellectual Property I, LP, New Jersey Institute of TechnologyInventors: Gang Xu, Cristian Borcea, Liviu Iftode
-
Patent number: 8868626Abstract: According to various embodiments of the invention, a system and method for controlling a file system. In some embodiments, a control plane interposes between a data plane user and a data plane, intercepts file system operations, and performs control plane operations upon the file system operations. In one such embodiment, the system and method is implemented between a data plane user that is a local file system user and a data plane that is a local file system. In another such embodiment, the system and method is implemented between a data plane user that is a client and a data plane that is a file server. Furthermore, for an embodiment where the control plane that interposes between a client and a file server, the control plane can be implemented as a file system proxy. Control plane operations include, but are not limited to, observation, verification, and transformation of a file system operation.Type: GrantFiled: April 14, 2008Date of Patent: October 21, 2014Assignee: Rutgers, The State University of New JerseyInventors: Liviu Iftode, Stephen Smaldone, Aniruddha Bohra
-
Patent number: 8635669Abstract: A system and method to ensure trustworthiness of a remote service provided by a service provider. The method includes monitoring runtime dependencies invoked during execution of a service transaction associated with the remote service, the service transaction being requested by a service requester. The method further includes determining whether a deviation exists between the runtime dependencies and a trusted list of dependencies associated with the remote service. The method also includes blocking execution of the service transaction based on determining that the deviation between the runtime dependencies and the trusted list of dependencies exists.Type: GrantFiled: November 9, 2012Date of Patent: January 21, 2014Assignee: AT&T Properties, LLCInventors: Liviu Iftode, Gang Xu
-
Patent number: 8566935Abstract: The subject disclosure presents a novel technique for balancing the tradeoff between security monitoring and energy consumption on mobile devices. Security/energy tradeoffs for host-based detectors focusing on rootkits are analyzed along two axes: a scanning frequency, and a surface of attack. Experimental results are applied to a hypervisor-based framework, and a sweet spot is identified to minimize both energy consumption and a window of vulnerability for critical operating system objects such as code pages and kernel data.Type: GrantFiled: May 12, 2011Date of Patent: October 22, 2013Assignee: AT&T Intellectual Property I, L.P.Inventors: Horacio Andres Lagar-Cavilla, Jeffrey Bickford, Vinod Ganapathy, Liviu Iftode, Alexander Varshavsky
-
Patent number: 8332632Abstract: A system and method to ensure trustworthiness of a remote service provided by a service provider. The method includes monitoring runtime dependencies invoked during execution of a service transaction associated with the remote service, the service transaction being requested by a service requester. The method further includes determining whether a deviation exists between the runtime dependencies and a trusted list of dependencies associated with the remote service. The method also includes blocking execution of the service transaction based on determining that the deviation between the runtime dependencies and the trusted list of dependencies exists.Type: GrantFiled: April 12, 2011Date of Patent: December 11, 2012Assignees: AT&T Intellectual Property II, LP, Rutgers, The State University of New JerseyInventors: Liviu Iftode, Gang Xu
-
Publication number: 20120291126Abstract: The subject disclosure presents a novel technique for balancing the tradeoff between security monitoring and energy consumption on mobile devices. Security/energy tradeoffs for host-based detectors focusing on rootkits are analyzed along two axes: a scanning frequency, and a surface of attack. Experimental results are applied to a hypervisor-based framework, and a sweet spot is identified to minimize both energy consumption and a window of vulnerability for critical operating system objects such as code pages and kernel data.Type: ApplicationFiled: May 12, 2011Publication date: November 15, 2012Applicants: RUTGERS, THE STATE UNIVERSITY OF NEW JERSEY, AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Horacio Andres Lagar-Cavilla, Jeffrey Bickford, Vinod Ganapathy, Liviu Iftode, Alexander Varshavsky
-
Publication number: 20120023550Abstract: A non-transitory computer-readable storage medium storing a set of instructions executable by a processor. The set of instructions is operable to receive a request from a node to join a trusted ad hoc network. The set of instructions is further operable to authenticate the node to join the trusted ad hoc network. The authentication is performed based on a verification that the node will comply with a security policy of the trusted ad hoc network. The set of instructions is further operable to send, to the node, a verification that the trusted ad hoc network complies with the security policy. The set of instructions is further operable to add the node to the trusted ad hoc network.Type: ApplicationFiled: July 23, 2010Publication date: January 26, 2012Inventors: Gang Xu, Cristian Borcea, Liviu Iftode
-
Publication number: 20110258303Abstract: A system and method is disclosed which may comprise receiving, via a computing device, from a first user having a first personal device, a request for sharing access to a resource or a state of a second personal device of a second user, the first user and second user having an on-line social network relationship; and determining whether to grant sharing access to the one of the resource and the state of the second personal device of the second user. Determining whether to grant sharing access may be based, at least in part, upon the nature of the on-line social network relationship. The method and apparatus may comprise registering, via the computing device, an ownership link for a personal device and an owner having a certified identity within the social network; storing the ownership link; and utilizing the ownership link for determining whether to grant sharing access.Type: ApplicationFiled: March 29, 2011Publication date: October 20, 2011Inventors: Badri Nath, Liviu Iftode, Pravin Shankar, Lu Han
-
Publication number: 20110191580Abstract: A system and method to ensure trustworthiness of a remote service provided by a service provider. The method includes monitoring runtime dependencies invoked during execution of a service transaction associated with the remote service, the service transaction being requested by a service requester. The method further includes determining whether a deviation exists between the runtime dependencies and a trusted list of dependencies associated with the remote service. The method also includes blocking execution of the service transaction based on determining that the deviation between the runtime dependencies and the trusted list of dependencies exists.Type: ApplicationFiled: April 12, 2011Publication date: August 4, 2011Applicant: AT&T CORP.Inventors: Liviu Iftode, Gang Xu
-
Publication number: 20110145160Abstract: Embodiments are directed to modeling propagation of an information item in an online social network. A quality value for the information item to be posted in the online social network is calculated, and the quality value is compared to a posting threshold value. The posting threshold value being determined based on a strategic user model. A propagation of the information item through the online social network is emulated based on the comparison.Type: ApplicationFiled: December 11, 2009Publication date: June 16, 2011Applicant: AT&T Intellectual Property I, L.P.Inventors: Mohammad Hajiaghayi, Liviu Iftode, Raluca Mihaela Ursu, Mangesh Charudatta Gupte, Lu Han, Pravin Shankar
-
Patent number: 7930733Abstract: A system and method of providing trusted service transactions includes associating a commitment with a remote service. The commitment includes a trusted list of runtime dependencies to execute a transaction. The method includes monitoring an actual list of runtime dependencies invoked during execution of the transaction using a trusted monitor. Execution is blocked if a deviation of the actual list from the trusted list is detected. Therefore, a completed transaction is allowed only if no deviation is found between the trusted and invoked list of runtime dependencies. A certificate authority in cooperation with software vendors preferably provide a signed commitment. The commitment is delivered by the provider to a user upon request and verified by the requester. The transaction is then executed by the user. Therefore, trust is verified before and during the transaction and privacy of data is guaranteed after completion.Type: GrantFiled: April 10, 2006Date of Patent: April 19, 2011Assignees: AT&T Intellectual Property II, L.P., Rutgers, The State University of New JerseyInventors: Liviu Iftode, Gang Xu
-
Publication number: 20090043823Abstract: According to various embodiments of the invention, a system and method for controlling a file system. In some embodiments, a control plane interposes between a data plane user and a data plane, intercepts file system operations, and performs control plane operations upon the file system operations. In one such embodiment, the system and method is implemented between a data plane user that is a local file system user and a data plane that is a local file system. In another such embodiment, the system and method is implemented between a data plane user that is a client and a data plane that is a file server. Furthermore, for an embodiment where the control plane that interposes between a client and a file server, the control plane can be implemented as a file system proxy. Control plane operations include, but are not limited to, observation, verification, and transformation of a file system operation.Type: ApplicationFiled: April 14, 2008Publication date: February 12, 2009Inventors: LIVIU IFTODE, Stephen Smaldone, Aniruddha Bohra
-
Publication number: 20040030731Abstract: A distributed file system architecture, characterized as a Federated File System (FedFS), is provided as a loose clustering of local file systems existing in a plurality of cluster nodes. The distributed file system architecture is established as an ad-hoc global file space to be used by a distributed application and a separate FedFS process is created for each application. Correspondingly, the lifetime of a FedFS process is limited to the lifetime of the distributed application for which it was created. File access for files in the node cluster is provided in a location-independent manner. FedFS also supports dynamic reconfiguration, file migration and file replication. FedFS further operates on top of, and without constraint on autonomous local file systems.Type: ApplicationFiled: April 3, 2003Publication date: February 12, 2004Inventors: Liviu Iftode, Suresh Gopalakrishnan, Ashok Arumugam, Robert Sidie