Patents by Inventor Manu J. Kurian
Manu J. Kurian has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10601813Abstract: A system that includes a plurality of cloud servers in signal communication with user devices and an authentication server. Each cloud server is configure to generate a cloud key that is uniquely linked with a user associated with a user device and the cloud server and send the cloud key to the user device. The authentication server is configured to receive a network resource access request comprising the cloud key from the user device, perform multi-factor authentication with the user associated with the user device, and identify a cloud server from among the plurality of cloud servers based on a user profile linked with the user. The authentication server is further configured to send a key validation request to the identified cloud server, receive a key validation response, determine whether the cloud key passes verification, and send a network resource access response to the user device.Type: GrantFiled: October 26, 2017Date of Patent: March 24, 2020Assignee: BANK OF AMERICA CORPORATIONInventor: Manu J. Kurian
-
Patent number: 10586220Abstract: A system for performing authorization of a user in an augmented reality environment comprises an augmented reality user device, an automatic teller machine, and an authentication server. The automatic teller machine has a keypad with unmarked buttons. The augmented reality user device includes a display configured to overlay virtual objects onto a field of view of a user. The augmented reality user device receives a virtual keypad overlay, which assigns values to the unmarked buttons of the keypad. Using the overlay, the augmented reality user device displays the assigned values on the buttons of the keypad. The automatic teller machine detects an input sequence entered on the keypad and sends the input sequence to the authentication server. The authentication server determines an authentication code by combining the input sequence with the virtual keypad overlay, and compares the determined authentication code with an authentication code stored in a database.Type: GrantFiled: December 2, 2016Date of Patent: March 10, 2020Assignee: Bank of America CorporationInventors: Amanda J. Adams, Joseph N. Johansen, Michael Ogrinz, Heather Dolan, William P. Jacobson, Manu J. Kurian
-
Patent number: 10579511Abstract: A flexible testing environment may include requesting an allocation of resources and testing characteristics of a project, verifying the testing characteristics, registering the project for testing, determining whether resources can be allocated for testing based on the testing characteristics and available resources, and allocating resources based on the testing characteristics and available resources. During testing of the project, the system may receive changes to the testing characteristics of the project, thereby causing adjustments to the allocated resources based on the updated testing characteristics. In certain embodiments, testing characteristics may closely approximate the resources employed by the project in a live production environment.Type: GrantFiled: May 10, 2017Date of Patent: March 3, 2020Assignee: Bank of America CorporationInventors: Manu J. Kurian, James Heddleson
-
Publication number: 20200050701Abstract: A natural language processing system that includes an artificial intelligence (AI) engine and a tag management engine. The AI engine is configured to receive a set of audio files and to identify concepts within the set of audio files. The AI engine is further configured to determine a usage frequency for each of the identified concepts and to generate an AI-defined tag for concepts with a usage frequency that is greater than a usage frequency threshold. The tag management engine is configured to receive an audio file, identify tags linked with the audio file, to determine an access frequency for the audio file within a predetermined time period, and to adjust the activity level of the tags based on the access frequency. The tag management engine is further configured to remove tags from the set of tags with an activity level that is less than a purge threshold.Type: ApplicationFiled: August 9, 2018Publication date: February 13, 2020Inventors: Suki Ramasamy, Sasidhar Purushothaman, James McCormack, Manu J. Kurian, Sean M. Gutman, William P. Jacobson
-
Publication number: 20200050702Abstract: A natural language processing system that includes an artificial intelligence (AI) engine and a tagging engine. The AI engine is configured to receive a set of audio files and to identify concepts within the set of audio files. The AI engine is further configured to determine a usage frequency for each of the identified concepts and to generate an AI-defined tag for concepts with a usage frequency that is greater than a usage frequency threshold. The tagging engine is configured to receive an audio file and to identify observed concepts within the audio file. The tagging engine is further configured to compare the observed concepts to the first set of concepts, to determine one or more observed concepts matches concepts linked with AI-defined tags, and to modify metadata for the audio file to include AI-defined tags.Type: ApplicationFiled: August 9, 2018Publication date: February 13, 2020Inventors: James McCormack, Sean M. Gutman, Manu J. Kurian, Sasidhar Purushothaman, Suki Ramasamy, William P. Jacobson
-
Publication number: 20200050703Abstract: A natural language processing system that includes an artificial intelligence (AI) engine, a tagging engine, and a resource allocation engine. The AI engine is configured to receive a set of audio files and to identify concepts within the set of audio files. The AI engine is further configured to determine a usage frequency for each of the identified concepts and to generate an AI-defined tag for concepts with a usage frequency that is greater than a usage frequency threshold. The tagging engine is configured to receive an audio file and to modify metadata for the audio file to include AI-defined tags. The resource allocation engine is configured to identify a storage location from among the plurality of storage devices based on tags associated with the audio file and send the audio file to the identified storage location.Type: ApplicationFiled: August 9, 2018Publication date: February 13, 2020Inventors: Sasidhar Purushothaman, Manu J. Kurian, Sean M. Gutman, James McCormack, Suki Ramasamy, William P. Jacobson
-
Publication number: 20200014753Abstract: A system contains a network testing engine that sends test data along different paths of a network between a source and a destination, wherein each path contains a plurality of network nodes, and receives, in response to sending the test data, response data about the paths. The system further contains a network path characteristics engine that determines characteristics of each path based on the response data, and a delivery parameters engine that receives a request for delivery of a data load from the source to the destination and determines, based on the request, delivery parameters. Furthermore, the system contains the source and a path selection engine that determines a selected path of the different paths based on the characteristics of the paths and the delivery parameters, and sends the selected data path to the source, which sends the data load along the selected path to the destination.Type: ApplicationFiled: September 16, 2019Publication date: January 9, 2020Inventor: Manu J. Kurian
-
Publication number: 20190363923Abstract: A system includes a request processing system which enables the system to fulfill data requests by grouping and combining requested data elements, while conserving computing resources and increasing security of the requested data elements associated during storage and transmission over a network. The system is configured to identify one or more groups of data elements associated with one or more identifiers, each data element in a group associated with a component of an identifier. The system combines each of the one or more groups of data elements based on a unique association between the components of each identifier. The system subsequently removes the sub-wrappers from the data elements in the one or more groups of data elements, and sends the combined one or more groups of data elements to relevant requestors.Type: ApplicationFiled: August 6, 2019Publication date: November 28, 2019Inventors: Manu J. Kurian, Saritha P. Vrittamani, Jeff T. Burch
-
Publication number: 20190364046Abstract: An access control system that includes Internet of Things sensors and a controller within a controlled area. The controller is configured to detect a guest device for a guest, to identify a sponsor associated with the guest, and to identify a sponsor block chain account for the sponsor. The controller is configured to publish an access control contract to the block chain that includes executable instructions for publishing a transaction in the block chain transferring credits from the sponsor block chain account to a vendor block chain account and conditions linked with the instructions. The controller is configured to receive an access request, to determine whether the conditions have been satisfied, and to send a trigger message that triggers the access control contract to execute the instructions in response to determining the conditions have been satisfied.Type: ApplicationFiled: May 23, 2018Publication date: November 28, 2019Inventors: Manu J. Kurian, Joseph B. Castinado
-
Patent number: 10462126Abstract: A network authentication device that includes an authentication engine. The authentication engine is configured to receive an authentication key request from a user device that identifies an account. The authentication engine is configured to obtain an authentication key and to establish a first set of authentication rules for the authentication key. The authentication engine is configured to identify one or more triggering events associated with an increased threat to the account and to establish a second set of authentication rules for the authentication key. The authentication engine is configured to perform key validation for the authentication key using the first set of authentication rules and to send the authentication key to the user device. The authentication engine is configured to detect a triggering event from the one or more triggering events has occurred and perform the key validation for the authentication key using the second set of authentication rules.Type: GrantFiled: August 17, 2017Date of Patent: October 29, 2019Assignee: Bank of America CorporationInventors: Manu J. Kurian, James M. Heddleson, Morgan S. Allen, Ashish Arora
-
Patent number: 10462665Abstract: A network authentication device that includes an authentication engine in signal communication with a network interface. The authentication engine is configured to receive an authentication key request from a first user device that identifies an account linked with a first user and a second user device. The authentication engine is configured to generate an authentication key and to establish a first set of authentication rules for the first user and a second set of authentication rules for the second user. The authentication engine is configured to generate a first authentication key fragment comprising a first portion of the authentication key and a second authentication key fragment comprising a second portion of the authentication key and to send the first authentication key fragment to the first user device and the second authentication key fragment to the second user device.Type: GrantFiled: August 17, 2017Date of Patent: October 29, 2019Assignee: Bank of America CorporationInventors: Manu J. Kurian, Morgan S. Allen, Ashish Arora, James M. Heddleson
-
Patent number: 10461898Abstract: An example embodiment includes a first, second, and third subsystem, each in different locations, where the first subsystem receives a request to deliver data to the third subsystem, sends a first subset of the data to the second subsystem, and sends, through first nodes, a first data stream containing a second subset of the data different from the first subset to the third subsystem. The second subsystem receives the first subset from the first subsystem, and sends, through second nodes that differ from the first nodes, a second data stream containing the first subset to the third subsystem. Furthermore, the third subsystem receives the first and second data streams, determines that the first and second data streams, in combination, contain the data, builds a data set containing the data based on the first and second data streams, and sends the data set to a downstream component of the third subsystem.Type: GrantFiled: June 8, 2017Date of Patent: October 29, 2019Assignee: Bank of America CorporationInventor: Manu J. Kurian
-
Patent number: 10447722Abstract: An application associated with a remote device executes logic to receive, from a remote system, data identifying a plurality of compromising entities, identify an incoming communication initiated by the remote device, and identify information regarding a source of the incoming communication. Additionally, the logic determines an entity associated with the source of the incoming communication and determines that the entity associated with the source matches at least one of the plurality of compromising entities based on comparing the data identifying the plurality of compromising entities and the entity associated with the source of the incoming communication. In addition, the logic generates a signal configured to block the incoming communication.Type: GrantFiled: November 24, 2015Date of Patent: October 15, 2019Assignee: Bank of America CorporationInventors: David N. Hillis, Manu J. Kurian
-
Patent number: 10425456Abstract: A system includes a request processing system which enables the system to reduce request processing time, increase overall throughput of the system, while conserving computing resources and increasing data security associated with the storage and transmission of requests and requested information over a network. The system is configured to gather a plurality of requests, encapsulate each of the requests in a wrapper, split each of the encapsulated requests into sub-requests that are encapsulated in sub-wrappers, divide the encapsulated sub-requests into multiple groups based on some attributes, and send the multiple groups of encapsulated sub-requests relevant data repositories.Type: GrantFiled: November 29, 2017Date of Patent: September 24, 2019Assignee: Bank of America CorporationInventors: Manu J. Kurian, Saritha P. Vrittamani, Jeff T. Burch
-
Patent number: 10419265Abstract: A system includes a request processing system which enables the system to fulfill data requests by grouping and combining requested data elements, while conserving computing resources and increasing security of the requested data elements associated during storage and transmission over a network. The system is configured to identify one or more groups of data elements associated with one or more identifiers, each data element in a group associated with a component of an identifier. The system combines each of the one or more groups of data elements based on a unique association between the components of each identifier. The system subsequently removes the sub-wrappers from the data elements in the one or more groups of data elements, and sends the combined one or more groups of data elements to relevant requestors.Type: GrantFiled: November 29, 2017Date of Patent: September 17, 2019Assignee: Bank of America CorporationInventors: Manu J. Kurian, Saritha P. Vrittamani, Jeff T. Burch
-
Patent number: 10419539Abstract: In an embodiment, a system contains a network testing engine that sends test data along different paths of a network between a source and a destination, wherein each path contains a plurality of network nodes, and receives, in response to sending the test data, response data about the paths. The system further contains a network path characteristics engine that determines characteristics of each path based on the response data, and a delivery parameters engine that receives a request for delivery of a data load from the source to the destination and determines, based on the request, delivery parameters. Furthermore, the system contains the source and a path selection engine that determines a selected path of the different paths based on the characteristics of the paths and the delivery parameters, and sends the selected data path to the source, which sends the data load along the selected path to the destination.Type: GrantFiled: May 19, 2017Date of Patent: September 17, 2019Assignee: Bank of America CorporationInventor: Manu J. Kurian
-
Patent number: 10374801Abstract: An apparatus includes a tokenizer and a validator. The tokenizer divides a file into first, second, and third portions. The tokenizer also encrypts the first, second, and third portions using a first key to produce first, second, and third tokens. The validator receives a fourth token with a signature of a first user and receives a fifth token with a signature of a second user. The validator also combines the first token, the fourth token, and the fifth token to produce a second key and determines whether the second key matches the first key. If the second key does not match the first key, the validator communicates an alert indicating that the first key does not match the second key. If the second key does match the first key, the validator decrypts first, fourth, and fifth tokens to reproduce the file.Type: GrantFiled: July 14, 2017Date of Patent: August 6, 2019Assignee: Bank of America CorporationInventors: Manu J. Kurian, Monika V. Kapur
-
Publication number: 20190205557Abstract: A system that includes a network device, an access controller, and a data vault. The network device is configured to receive a first tokenized sub-string, combine a second tokenized sub-string with the first tokenized sub-string to generate an initiation token, and send the initiation token to the access controller. The access controller is configured to validate the initiation token and to send connection information comprising a connection identifier to the network device and send a post-action verification token to a data vault in response to validating the initiation token. The network device is further configured to send a network connection request comprising the connection identifier to the data vault. The data vault is configured to receive the network connection request, determine that the post-action verification token linked the connection identifier has been received, establish a network connection with the network device, and exchange data with the network device.Type: ApplicationFiled: January 3, 2018Publication date: July 4, 2019Inventors: Manu J. Kurian, Thomas A. Sodano, William McCann, Paul G. Roscoe
-
Patent number: 10325428Abstract: An access control system that includes Internet of Things sensors and a controller within a controlled area. The controller is configured to detect a guest device for a guest, to link a guest block chain account with the guest, to identify a sponsor associated with the guest, and to identify a sponsor block chain account for the sponsor. The controller is further configured to publish an access control contract to the block chain. The access control contract includes executable instructions for publishing a transaction in the block chain transferring a validation token from the sponsor block chain account to the guest block chain account and conditions linked with the executable instructions. The controller is configured to determine whether the conditions have been satisfied and to send a trigger message that triggers the access control contract to execute the instructions in response to determining the conditions have been satisfied.Type: GrantFiled: May 23, 2018Date of Patent: June 18, 2019Assignee: Bank of America CorporationInventors: Manu J. Kurian, Joseph B. Castinado
-
Patent number: 10313363Abstract: A system for proactive intrusion protection comprises a memory operable to store data identifying a plurality of compromising entities, comprising at least one of a device identifier or a contact identifier, and a processor communicatively coupled to the memory and operable to receive, from a remote application associated with a remote device and with the system, information regarding a destination of the outgoing communication. The processor is further operable to determine an entity associated with the destination of the outgoing communication and to determine that the entity associated with the destination matches at least one of the plurality of compromising entities based on comparing the data identifying the plurality of compromising entities and the entity associated with the destination of the outgoing communication. Furthermore, the processor is operable to send to the remote application, before the outgoing communication is sent, a signal configured to block the outgoing communication.Type: GrantFiled: November 24, 2015Date of Patent: June 4, 2019Assignee: Bank of America CorporationInventors: Manu J. Kurian, David N. Hillis