Patents by Inventor Michael Stair
Michael Stair has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230144487Abstract: A computer-implemented method includes receiving a request for one of a network session and a virtual network function, wherein the request includes a single packet authorization request. The method further includes classifying the single packet authorization request at a first service classifier. The method further includes routing the request, via a service function forwarder, to a single packet authorization service function for validation. The method further includes instantiating a security virtual function in response to the request, wherein instantiating the security virtual function occurs after validation of the single packet authorization request. The method further includes configuring the security virtual function to apply at least one connection policy to allow or deny traffic in a data session. The method further includes, in response to allowing the data session, terminating the security virtual function after the data session has concluded.Type: ApplicationFiled: January 5, 2023Publication date: May 11, 2023Applicant: AT&T Intellectual Property I, L.P.Inventors: Michael STAIR, Edward HOPE
-
Patent number: 11563742Abstract: A computer-implemented method includes receiving a request for one of a network session and a virtual network function, wherein the request includes a single packet authorization request. The method further includes classifying the single packet authorization request at a first service classifier. The method further includes routing the request, via a service function forwarder, to a single packet authorization service function for validation. The method further includes instantiating a security virtual function in response to the request, wherein instantiating the security virtual function occurs after validation of the single packet authorization request. The method further includes configuring the security virtual function to apply at least one connection policy to allow or deny traffic in a data session. The method further includes, in response to allowing the data session, terminating the security virtual function after the data session has concluded.Type: GrantFiled: July 23, 2020Date of Patent: January 24, 2023Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Michael Stair, Edward Hope
-
Patent number: 11349810Abstract: Concepts and technologies disclosed herein are directed to single packet authorization (“SPA”) in a cloud computing environment. A compute node can include a virtual switch operating on at least a portion of a plurality of hardware resources of a cloud computing environment, a virtual firewall, a cloud workload executing a cloud service, and a SPA service. The virtual switch can receive a SPA request from a SPA client executing on a computing device. The virtual switch can forward the SPA request to the virtual firewall and to the SPA service. The virtual firewall can deny the SPA request in accordance with a firewall policy. The SPA service can utilize a SPA validation scheme to validate the SPA request. The virtual firewall can implement a temporary firewall policy to allow incoming packets from the SPA client and directed to the cloud service.Type: GrantFiled: June 10, 2019Date of Patent: May 31, 2022Assignee: AT&T Intellectual Property I, L.P.Inventors: Michael Stair, Daniel Solero
-
Publication number: 20200358773Abstract: A computer-implemented method includes receiving a request for one of a network session and a virtual network function, wherein the request includes a single packet authorization request. The method further includes classifying the single packet authorization request at a first service classifier. The method further includes routing the request, via a service function forwarder, to a single packet authorization service function for validation. The method further includes instantiating a security virtual function in response to the request, wherein instantiating the security virtual function occurs after validation of the single packet authorization request. The method further includes configuring the security virtual function to apply at least one connection policy to allow or deny traffic in a data session. The method further includes, in response to allowing the data session, terminating the security virtual function after the data session has concluded.Type: ApplicationFiled: July 23, 2020Publication date: November 12, 2020Inventors: Michael Stair, Edward Hope
-
Patent number: 10757105Abstract: An on-demand virtual security system between a client and a server in communication with a network, the system including an orchestrator, wherein upon receiving a service request from at least one of the client and the server, the orchestrator instantiates a security virtual function within the network and supplies the security virtual function with at least one connectivity policy, and wherein the security virtual function applies the at least one connectivity policy to approve or disapprove a connection between the client and the server and wherein upon the security virtual function approving the connection between the client and the server, a orchestrator establishes a data session; and wherein after the data session has concluded, the orchestrator terminates the security virtual function.Type: GrantFiled: June 12, 2017Date of Patent: August 25, 2020Assignee: AT&T Intellectual Property I, L.P.Inventors: Michael Stair, Edward Hope
-
Publication number: 20190297054Abstract: Concepts and technologies disclosed herein are directed to single packet authorization (“SPA”) in a cloud computing environment. A compute node can include a virtual switch operating on at least a portion of a plurality of hardware resources of a cloud computing environment, a virtual firewall, a cloud workload executing a cloud service, and a SPA service. The virtual switch can receive a SPA request from a SPA client executing on a computing device. The virtual switch can forward the SPA request to the virtual firewall and to the SPA service. The virtual firewall can deny the SPA request in accordance with a firewall policy. The SPA service can utilize a SPA validation scheme to validate the SPA request. The virtual firewall can implement a temporary firewall policy to allow incoming packets from the SPA client and directed to the cloud service.Type: ApplicationFiled: June 10, 2019Publication date: September 26, 2019Applicant: AT&T Intellectual Property I, L.P.Inventors: Michael Stair, Daniel Solero
-
Patent number: 10320748Abstract: Concepts and technologies disclosed herein are directed to single packet authorization (“SPA”) in a cloud computing environment. A compute node can include a virtual switch operating on at least a portion of a plurality of hardware resources of a cloud computing environment, a virtual firewall, a cloud workload executing a cloud service, and a SPA service. The virtual switch can receive a SPA request from a SPA client executing on a computing device. The virtual switch can forward the SPA request to the virtual firewall and to the SPA service. The virtual firewall can deny the SPA request in accordance with a firewall policy. The SPA service can utilize a SPA validation scheme to validate the SPA request. The virtual firewall can implement a temporary firewall policy to allow incoming packets from the SPA client and directed to the cloud service.Type: GrantFiled: February 23, 2017Date of Patent: June 11, 2019Assignee: AT&T Intellectual Property I, L.P.Inventors: Michael Stair, Daniel Solero
-
Publication number: 20180359255Abstract: An on-demand virtual security system between a client and a server in communication with a network, the system including an orchestrator, wherein upon receiving a service request from at least one of the client and the server, the orchestrator instantiates a security virtual function within the network and supplies the security virtual function with at least one connectivity policy, and wherein the security virtual function applies the at least one connectivity policy to approve or disapprove a connection between the client and the server and wherein upon the security virtual function approving the connection between the client and the server, a orchestrator establishes a data session; and wherein after the data session has concluded, the orchestrator terminates the security virtual function.Type: ApplicationFiled: June 12, 2017Publication date: December 13, 2018Inventors: Michael STAIR, Edward HOPE
-
Publication number: 20180241718Abstract: Concepts and technologies disclosed herein are directed to single packet authorization (“SPA”) in a cloud computing environment. A compute node can include a virtual switch operating on at least a portion of a plurality of hardware resources of a cloud computing environment, a virtual firewall, a cloud workload executing a cloud service, and a SPA service. The virtual switch can receive a SPA request from a SPA client executing on a computing device. The virtual switch can forward the SPA request to the virtual firewall and to the SPA service. The virtual firewall can deny the SPA request in accordance with a firewall policy. The SPA service can utilize a SPA validation scheme to validate the SPA request. The virtual firewall can implement a temporary firewall policy to allow incoming packets from the SPA client and directed to the cloud service.Type: ApplicationFiled: February 23, 2017Publication date: August 23, 2018Applicant: AT&T Intellectual Property I, L.P.Inventors: Michael Stair, Daniel Solero