Patents by Inventor Neil I. Readshaw

Neil I. Readshaw has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20160103983
    Abstract: A method for determining if a user of a computer system is a human. A processor receives an indication that a computer security program is needed and acquires at least one image depicting a first string of characters including at least a first and second set of one or more characters. A processor assigns a substitute character to be used as input for each of the second set of one or more characters. A processor presents the at least one image and an indication of the substitute character and when to use the substitute character to the user. A processor receives a second string of characters from the user. A processor determines whether the second string of characters substantially matches the first string of characters based on the substitute character assigned to each of the second set of one or more characters and determines whether the user is a human.
    Type: Application
    Filed: December 21, 2015
    Publication date: April 14, 2016
    Inventors: Michael S. Brown, Carlos F. Franca da Fonseca, Neil I. Readshaw
  • Publication number: 20150373031
    Abstract: Monitoring across multiple-channels, used by multiple devices, to determine which email messages being sent to a user are solicited by the user. A broad spectrum of network and telephony access records are analyzed to determine whether an email message is likely being sent as a result of legitimate services access by the user.
    Type: Application
    Filed: June 24, 2014
    Publication date: December 24, 2015
    Inventors: Christopher J. Hockings, Neil I. Readshaw
  • Publication number: 20150365401
    Abstract: A method for determining if a user of a computer system is a human. A processor receives an indication that a computer security program is needed and acquires at least one image depicting a first string of characters including at least a first and second set of one or more characters. A processor assigns a substitute character to be used as input for each of the second set of one or more characters. A processor presents the at least one image and an indication of the substitute character and when to use the substitute character to the user. A processor receives a second string of characters from the user. A processor determines whether the second string of characters substantially matches the first string of characters based on the substitute character assigned to each of the second set of one or more characters and determines whether the user is a human.
    Type: Application
    Filed: June 13, 2014
    Publication date: December 17, 2015
    Inventors: Michael S. Brown, Carlos F. Franca da Fonseca, Neil I. Readshaw
  • Publication number: 20150365437
    Abstract: The method includes identifying an instance of software installed. The method further includes determining a fingerprint corresponding to the instance of software installed. The method further includes determining a security risk associated with the instance of software installed. The method further includes identifying a software management policy for the instance of software based upon the fingerprint, security risk, and designated purpose of the computing device. In one embodiment, the method further includes in response to identifying the software management policy, enforcing, by one or more computer processors, the software management policy on the instance of software installed on the computing device.
    Type: Application
    Filed: June 17, 2014
    Publication date: December 17, 2015
    Inventors: Jerome R. Bell, JR., Mari F. Heiser, Heather M. Hinton, Neil I. Readshaw, Karthik Sivakumar
  • Patent number: 9203700
    Abstract: A method for monitoring client information within a shared environment. The method includes identifying a first physical location of a server computer, the server computer providing computing resources to a client within a shared environment, and collecting information associated with the client, the information including computing resources of the server computer provided to the client. The method includes creating a map showing the first physical location of the server computer and the collected information associated with the client. The method includes identifying a current physical location of the server computer and determining whether the current location is different than the first location. The method then, in response to determining the current location is different than the first location, includes updating the map with the identified current physical location of the server computer.
    Type: Grant
    Filed: May 21, 2013
    Date of Patent: December 1, 2015
    Assignee: International Business Machines Corporation
    Inventors: Toni U. Basoglu, Heather M. Hinton, Neil I. Readshaw
  • Publication number: 20150294244
    Abstract: In a method for estimating a severity of a current security incident reported by a customer for the customer's computer system, a processor receives from one or more administrators for a plurality of prior security incidents reported by the customer, identifications of a respective plurality of actual severities for the plurality of prior security incidents. The processor estimates, based in part on the plurality of identified actual severities of the prior security incidents, a severity of the current security incident. The processor reports the estimated severity for the current security incident.
    Type: Application
    Filed: April 11, 2014
    Publication date: October 15, 2015
    Applicant: International Business Machines Corporation
    Inventors: Steven A. Bade, Heather M. Hinton, Neil I. Readshaw, Srinivas B. Tummalapenta
  • Patent number: 9088543
    Abstract: A computer-implemented method, computer program product, and computer system for implementing coordinated management of network security controls. The computer system determines a plurality of managed network devices affected by coordinated security policies in a network. The computer system converts the coordinated security policies to firewall rule configuration for each of the managed network devices affected. The computer system adds the firewall rule configuration to a set of firewall rules for the each of the managed network devices affected.
    Type: Grant
    Filed: June 3, 2013
    Date of Patent: July 21, 2015
    Assignee: International Business Machines Corporation
    Inventors: William A. Lemke, Neil I. Readshaw
  • Publication number: 20150127795
    Abstract: A distributed cloud environment system comprising: a repository; a plurality of cloud managed nodes with a client program interface; a plurality of service management components with a service management component interface; a central trusted computing platform service in communication with the repository, the plurality of cloud managed nodes and the plurality of service management components, comprising: a first interface for communication with the client program interface in each of the plurality of cloud managed nodes through a first single touch point; and a second interface for communication with the service management component interface for the plurality of service management components through a second single touch point. The central trusted computing platform service manages interaction of the plurality of service management components with the plurality of cloud managed nodes, and the interaction of the plurality of cloud managed nodes with the repository.
    Type: Application
    Filed: November 6, 2013
    Publication date: May 7, 2015
    Applicant: International Business Machines Corporation
    Inventors: Venkata R. Jagana, Srinivasa R. Mangipudi, Neil I. Readshaw, Karthik Sivakumar
  • Patent number: 9021594
    Abstract: A computing device receives requests for approval of a plurality of access entitlements, which includes respective identity accounts, each associated with security intelligence information. The computing device determines risk factors for each respective identity account and associated security intelligence information, and determines a risk level for each of the plurality of access entitlements based at least in part on the risk factors. The computing device groups the plurality of access entitlements based on the risk level determined for each of the plurality of access entitlements. The computing device determines if the risk level of a group is low-risk based on the risk level of the plurality of access entitlements of the group, and in response to determining the risk level of the group is low risk, the computing device enables approval of the plurality of access entitlements of the group.
    Type: Grant
    Filed: June 19, 2013
    Date of Patent: April 28, 2015
    Assignee: International Business Machines Corporation
    Inventors: Christopher Y. Choi, Neil I. Readshaw
  • Publication number: 20150067761
    Abstract: An inventory manager optimizes the security and maintenance of a plurality of virtual machines and their workloads in a cloud environment and has: an inventory database, a workload compliance history of scanning workloads database, and a workload category database including security rules and compliance policies relating to workload category in a repository. The inventory manager identifies changes to characteristics of the workload of the plurality of virtual machines; alters the inventory database stored in the repository and maintained by the inventory manager, based on the identified changes to the characteristics of the workload of the plurality of virtual machines; and initiates security rules and compliance policies of the workload category database based on the identified changes to the characteristics of the workload of the plurality of virtual machines through a security tools program.
    Type: Application
    Filed: August 29, 2013
    Publication date: March 5, 2015
    Applicant: International Business Machines Corporation
    Inventors: Steven A. Bade, Heather M. Hinton, Neil I. Readshaw
  • Patent number: 8955094
    Abstract: Methods, systems, and products are provided for user session management for web applications. Embodiments include identifying, by a web application, a user session directive and sending, from the web application to a proxy web security component, an instruction to implement the user session directive. Typical embodiments also include receiving, by the proxy web security component, the instruction to implement the user session directive and implementing, by the proxy web security component, the user session directive.
    Type: Grant
    Filed: January 17, 2006
    Date of Patent: February 10, 2015
    Assignee: International Business Machines Corporation
    Inventor: Neil I. Readshaw
  • Publication number: 20140380484
    Abstract: A computing device receives requests for approval of a plurality of access entitlements, which includes respective identity accounts, each associated with security intelligence information. The computing device determines risk factors for each respective identity account and associated security intelligence information, and determines a risk level for each of the plurality of access entitlements based at least in part on the risk factors. The computing device groups the plurality of access entitlements based on the risk level determined for each of the plurality of access entitlements. The computing device determines if the risk level of a group is low-risk based on the risk level of the plurality of access entitlements of the group, and in response to determining the risk level of the group is low risk, the computing device enables approval of the plurality of access entitlements of the group.
    Type: Application
    Filed: June 19, 2013
    Publication date: December 25, 2014
    Inventors: Christopher Y. Choi, Neil I. Readshaw
  • Publication number: 20140359693
    Abstract: A computer-implemented method, computer program product, and computer system for implementing coordinated management of network security controls. The computer system determines a plurality of managed network devices affected by coordinated security policies in a network. The computer system converts the coordinated security policies to firewall rule configuration for each of the managed network devices affected. The computer system adds the firewall rule configuration to a set of firewall rules for the each of the managed network devices affected.
    Type: Application
    Filed: June 3, 2013
    Publication date: December 4, 2014
    Inventors: William A. Lemke, Neil I. Readshaw
  • Publication number: 20140351409
    Abstract: A method for monitoring client information within a shared environment. The method includes identifying a first physical location of a server computer, the server computer providing computing resources to a client within a shared environment, and collecting information associated with the client, the information including computing resources of the server computer provided to the client. The method includes creating a map showing the first physical location of the server computer and the collected information associated with the client. The method includes identifying a current physical location of the server computer and determining whether the current location is different than the first location. The method then, in response to determining the current location is different than the first location, includes updating the map with the identified current physical location of the server computer.
    Type: Application
    Filed: May 21, 2013
    Publication date: November 27, 2014
    Inventors: Toni U. Basoglu, Heather M. Hinton, Neil I. Readshaw
  • Patent number: 8769018
    Abstract: Special interest subgroups are formed by a group of participants by establishing a profile for each participant. The profile defines contribution attributes dealing with contributions the profiled participant might make to a subgroup and attribution attributes dealing with benefits the profile participant might receive from participating in the subgroup. For each possible pairing of participants in the group, an overall contribution score and an overall benefit score is calculated for each participant. A mutual benefit score is calculated by combining the benefit scores for both participants in the pair. Participants are assigned to subgroups as a function of participant contribution and mutual benefit scores.
    Type: Grant
    Filed: November 29, 2012
    Date of Patent: July 1, 2014
    Assignee: International Business Machines Corporation
    Inventors: Simon G. Canning, Craig R. W. Forster, Neil I. Readshaw
  • Patent number: 8627405
    Abstract: A user provisioning system is extended to enable account reconciliation to occur in conjunction with a provisioning request. In response to a user provisioning request, a determination is made whether the user provisioning request is to be extended by including a reconciliation request. If so, the reconciliation request is piggy-backed on top of the provisioning request. This approach enables the reconciliation operation to be scoped to just the particular user account that is the subject to the provisioning operation, and it enables reconciliation to be carried out much more frequently as compared to the periodic, batch-oriented approach of prior techniques.
    Type: Grant
    Filed: October 2, 2012
    Date of Patent: January 7, 2014
    Assignee: International Business Machines Corporation
    Inventors: Christopher Y. Choi, Neil I. Readshaw
  • Patent number: 8600992
    Abstract: Mechanisms for correlating reported problem data from a plurality of sources of information are provided. A report of a problem in a computer system is received to thereby generate a reported problem in a problem management system. Data is collected from a plurality of sources of information in accordance with data collection rules. Content classification is performed on the collected data to classify the collected data into pre-determined classes of collected data in accordance with classification rules. Correlation of the classified data into sets of correlated data in accordance with correlation rules is performed. Each set of correlated data corresponds to a different reported problem in the problem management system. A representation of the reported problem in the problem management system is updated based on a set of correlated data corresponding to the reported problem and classifications of data within the set of correlated data.
    Type: Grant
    Filed: August 17, 2011
    Date of Patent: December 3, 2013
    Assignee: International Business Machines Corporation
    Inventors: Christopher Y. Choi, Neil I. Readshaw
  • Patent number: 8555351
    Abstract: A method, system and computer-usable medium are disclosed for validating user credentials submitted to a data source by an untrusted intermediary. An untrusted intermediary attempts to access a data source on behalf of a user. The untrusted intermediary challenges the user to provide credentials of the type and format required to access the data provided by the data source. The user's trust client connects to an authentication service and identification credentials of the required type and format are generated. The identification credentials are conveyed to the user's trust client, which then provides them to the user's client, which in turn conveys them to the untrusted intermediary. The untrusted intermediary then presents the identification credentials to an authentication plug-in of the data source. The authentication plug-in validates the authenticity of the provided credentials with their associated authentication service.
    Type: Grant
    Filed: September 29, 2008
    Date of Patent: October 8, 2013
    Assignee: International Business Machines Corporation
    Inventors: Neil I. Readshaw, Ivan M. Milman
  • Patent number: 8468585
    Abstract: An identity management (“IdM”) system can change the credentials at certain intervals. If credentials change, there is no way for an application that uses the credentials to know that the credentials have changed because the application dependency relationships are unknown. When service account credentials change, credentials are typically manually updated for each dependent application. Some embodiments of the inventive subject matter allow IdM systems to track application dependencies for service accounts. The IdM systems can detect when service account credentials change and automatically notify dependent applications of the new service account credentials.
    Type: Grant
    Filed: January 5, 2009
    Date of Patent: June 18, 2013
    Assignee: International Business Machines Corporation
    Inventors: Christopher Y. Choi, Christopher J. Hockings, Neil I. Readshaw
  • Publication number: 20130046764
    Abstract: Mechanisms for correlating reported problem data from a plurality of sources of information are provided. A report of a problem in a computer system is received to thereby generate a reported problem in a problem management system. Data is collected from a plurality of sources of information in accordance with data collection rules. Content classification is performed on the collected data to classify the collected data into pre-determined classes of collected data in accordance with classification rules. Correlation of the classified data into sets of correlated data in accordance with correlation rules is performed. Each set of correlated data corresponds to a different reported problem in the problem management system. A representation of the reported problem in the problem management system is updated based on a set of correlated data corresponding to the reported problem and classifications of data within the set of correlated data.
    Type: Application
    Filed: August 17, 2011
    Publication date: February 21, 2013
    Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Christopher Y. Choi, Neil I. Readshaw