Patents by Inventor Parthipan Kandasamy
Parthipan Kandasamy has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220294788Abstract: Techniques are provided for customizing authentication and for handling pre-authentication and post-authentication plug-ins in an access management system. Users may want to access a protected resource, such as an application, and apply customizations to the protected resource. The customizations can be applied through the use of plug-ins, such as pre-authentication and post-authentication plug-ins. After it is determined that the user has permissions to apply a specified plug-in, analysis is performed to ensure that the plug-in complies with system requirements and that the criteria for implementing the plug-in has been satisfied. A browser session and control of the application can then be forwarded to the user.Type: ApplicationFiled: March 9, 2021Publication date: September 15, 2022Applicant: Oracle International CorporationInventors: Nagaraj Pattar, Parthipan Kandasamy, Ashok Kumar Subbaiyan
-
Patent number: 11134071Abstract: An example system and method facilitates establishment of secure communications between software systems, e.g., a client computing device and one or more servers (e.g., a cloud) using Multi Factor Authentication (MFA) via strategic use of tokens. An example method for overcoming longstanding security loopholes and usability issues with conventional MFA methods includes efficiently securing registration code (e.g., via public key cryptography and tokens) and exchanged data (e.g., message payloads), in part by embedding a signed token (e.g., a JWT token signed by a private key of the server system) in a registration link used by a client system to communicate with one or more servers of a server system.Type: GrantFiled: April 23, 2018Date of Patent: September 28, 2021Assignee: Oracle International CorporationInventors: Pruthvithej Ramesh Kumar, Nagaraj Pattar, Mohamad Raja Gani Mohamad Abdul, Parthipan Kandasamy, Samanvitha Kumar, S Ashok Kumar
-
Patent number: 10841389Abstract: Techniques related to authentication and authorization are disclosed. In some embodiments, an access management system is provided for increasing the reliability of notification-based authentication and/or authorization. Push notifications, for example, may be used as part of multifactor authentication processing or authorization processing. In certain embodiments, in response to an event triggering an authentication or authorization flow for a user, multiple different ways are provided for delivering notifications related to the authentication or authorization flow to the user's device (e.g., a client device registered for push notification-based authentication or authorization). By providing multiple ways for communicating notifications related to the authentication or authorization to the user's device, the chance that an authentication-related or authorization-related notification is missed or not delivered to the user's device is dramatically reduced.Type: GrantFiled: July 31, 2018Date of Patent: November 17, 2020Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Samanvitha Kumar, Nagaraj Pattar, Pruthvithej Ramesh Kumar, Parthipan Kandasamy, Ashok Kumar Subbaiyan
-
Patent number: 10812473Abstract: Techniques are described for enrolling an authentication device for generating time-based one-time passwords (TOTPs) for use with multi-factor authentication (MFA). A user is prompted to initiate an enrollment procedure after successful authentication based on a first authentication factor in connection with a request for a resource protected by an access management (AM) system. The authentication device contacts the AM system to establish that the authentication device is a trusted device (e.g., through validation of an authentication token contained in a Quick Response (QR) code generated by the AM system). After the authentication device has been established as a trusted device, the AM system sends a shared secret to the authentication device, which uses the shared secret to complete enrollment (e.g., by generating a TOTP for verification by the AM system). A session is then created for the user to enable access to the protected resource.Type: GrantFiled: October 17, 2018Date of Patent: October 20, 2020Assignee: Oracle International CorporationInventors: Pruthvithej Ramesh Kumar, Nagaraj Pattar, Samanvitha Kumar, Parthipan Kandasamy, Ashok Kumar Subbaiyan
-
Publication number: 20190386981Abstract: Techniques are described for enrolling an authentication device for generating time-based one-time passwords (TOTPs) for use with multi-factor authentication (MFA). A user is prompted to initiate an enrollment procedure after successful authentication based on a first authentication factor in connection with a request for a resource protected by an access management (AM) system. The authentication device contacts the AM system to establish that the authentication device is a trusted device (e.g., through validation of an authentication token contained in a Quick Response (QR) code generated by the AM system). After the authentication device has been established as a trusted device, the AM system sends a shared secret to the authentication device, which uses the shared secret to complete enrollment (e.g., by generating a TOTP for verification by the AM system). A session is then created for the user to enable access to the protected resource.Type: ApplicationFiled: October 17, 2018Publication date: December 19, 2019Applicant: Oracle International CorporationInventors: Pruthvithej Ramesh Kumar, Nagaraj Pattar, Samanvitha Kumar, Parthipan Kandasamy, Ashok Kumar Subbaiyan
-
Publication number: 20190327223Abstract: An example system and method facilitates establishment of secure communications between software systems, e.g., a client computing device and one or more servers (e.g., a cloud) using Multi Factor Authentication (MFA) via strategic use of tokens. An example method for overcoming longstanding security loopholes and usability issues with conventional MFA methods includes efficiently securing registration code (e.g., via public key cryptography and tokens) and exchanged data (e.g., message payloads), in part by embedding a signed token (e.g., a JWT token signed by a private key of the server system) in a registration link used by a client system to communicate with one or more servers of a server system.Type: ApplicationFiled: April 23, 2018Publication date: October 24, 2019Applicant: Oracle International CorporationInventors: Pruthvithej Ramesh Kumar, Nagaraj Pattar, Mohamad Raja Gani Mohamad Abdul, Parthipan Kandasamy, Samanvitha Kumar, S Ashok Kumar
-
Publication number: 20190253509Abstract: Techniques related to authentication and authorization are disclosed. In some embodiments, an access management system is provided for increasing the reliability of notification-based authentication and/or authorization. Push notifications, for example, may be used as part of multifactor authentication processing or authorization processing. In certain embodiments, in response to an event triggering an authentication or authorization flow for a user, multiple different ways are provided for delivering notifications related to the authentication or authorization flow to the user's device (e.g., a client device registered for push notification-based authentication or authorization). By providing multiple ways for communicating notifications related to the authentication or authorization to the user's device, the chance that an authentication-related or authorization-related notification is missed or not delivered to the user's device is dramatically reduced.Type: ApplicationFiled: July 31, 2018Publication date: August 15, 2019Applicant: Oracle International CorporationInventors: Samanvitha Kumar, Nagaraj Pattar, Pruthvithej Ramesh Kumar, Parthipan Kandasamy, Ashok Kumar Subbaiyan
-
Patent number: 10075429Abstract: The present disclosure relates generally to managing compliance of remote devices that access an enterprise system. More particularly, techniques are disclosed for using a compliance policy to manage remediation of non-compliances of remote devices that access an enterprise system. A device access management system may be implemented to automate remediation of non-compliances of remote devices accessing an enterprise system. Remediation may be controlled based on different levels of non-compliance, each defined by one or more different non-compliances. In some embodiments, a level of non-compliance may be conditionally defined by one or more user roles for which non-compliance is assessed. Access to computing resources of an enterprise system may be controlled for a remote device based on compliance of the remote device. Access may be inhibited for those resources not permitted during a time period of a non-compliance.Type: GrantFiled: August 23, 2017Date of Patent: September 11, 2018Assignee: Oracle International CorporationInventors: Bhagavati Kumar Jayanti Venkata, Harsh Maheshwari, Mohamad Raja Gani Mohamad Abdul, Parthipan Kandasamy
-
Publication number: 20170374061Abstract: The present disclosure relates generally to managing compliance of remote devices that access an enterprise system. More particularly, techniques are disclosed for using a compliance policy to manage remediation of non-compliances of remote devices that access an enterprise system. A device access management system may be implemented to automate remediation of non-compliances of remote devices accessing an enterprise system. Remediation may be controlled based on different levels of non-compliance, each defined by one or more different non-compliances. In some embodiments, a level of non-compliance may be conditionally defined by one or more user roles for which non-compliance is assessed. Access to computing resources of an enterprise system may be controlled for a remote device based on compliance of the remote device. Access may be inhibited for those resources not permitted during a time period of a non-compliance.Type: ApplicationFiled: August 23, 2017Publication date: December 28, 2017Applicant: Oracle International CorporationInventors: Bhagavati Kumar Jayanti Venkata, Harsh Maheshwari, Mohamad Raja Gani Mohamad Abdul, Parthipan Kandasamy
-
Patent number: 9749311Abstract: The present disclosure relates generally to managing compliance of remote devices that access an enterprise system. More particularly, techniques are disclosed for using a compliance policy to manage remediation of non-compliances of remote devices that access an enterprise system. A device access management system may be implemented to automate remediation of non-compliances of remote devices accessing an enterprise system. Remediation may be controlled based on different levels of non-compliance, each defined by one or more different non-compliances. In some embodiments, a level of non-compliance may be conditionally defined by one or more user roles for which non-compliance is assessed. Access to computing resources of an enterprise system may be controlled for a remote device based on compliance of the remote device. Access may be inhibited for those resources not permitted during a time period of a non-compliance.Type: GrantFiled: April 17, 2015Date of Patent: August 29, 2017Assignee: Oracle International CorporationInventors: Bhagavati Kumar Jayanti Venkata, Harsh Maheshwari, Mohamad Raja Gani Mohamad Abdul, Parthipan Kandasamy
-
Publication number: 20160088021Abstract: The present disclosure relates generally to managing compliance of remote devices that access an enterprise system. More particularly, techniques are disclosed for using a compliance policy to manage remediation of non-compliances of remote devices that access an enterprise system. A device access management system may be implemented to automate remediation of non-compliances of remote devices accessing an enterprise system. Remediation may be controlled based on different levels of non-compliance, each defined by one or more different non-compliances. In some embodiments, a level of non-compliance may be conditionally defined by one or more user roles for which non-compliance is assessed. Access to computing resources of an enterprise system may be controlled for a remote device based on compliance of the remote device. Access may be inhibited for those resources not permitted during a time period of a non-compliance.Type: ApplicationFiled: April 17, 2015Publication date: March 24, 2016Inventors: Bhagavati Kumar Jayanti Venkata, Harsh Maheshwari, Mohamad Raja Gani Mohamad Abdul, Parthipan Kandasamy