Patents by Inventor Praveen Patnala
Praveen Patnala has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11457047Abstract: A computer-implemented method of managing security services for one or more cloud computing platforms is disclosed. The method comprises receiving, by a security gateway system having a processor, a digital communication related to one of one or more computing applications hosted by a virtual cluster for private use on a cloud computing platform, the security gateway system residing within the cloud computing platform, the security gateway system performing network security gateway functions for the one or more computing applications. The method also comprises storing the digital communication in association with a timestamp in a storage device. The method further comprises receiving a piece of threat intelligence data indicating a security threat from a main controller residing outside the virtual cluster; storing the piece of threat intelligence data in a database; and determining whether the piece of threat intelligence data applies to any of the digital communications in the storage device.Type: GrantFiled: March 9, 2021Date of Patent: September 27, 2022Assignee: VALTIX, INC.Inventors: Vijay Chander, Praveen Patnala, Vishal Jain
-
Publication number: 20210218777Abstract: A computer-implemented method of managing security services for one or more cloud computing platforms is disclosed. The method comprises receiving, by a security gateway system having a processor, a digital communication related to one of one or more computing applications hosted by a virtual cluster for private use on a cloud computing platform, the security gateway system residing within the cloud computing platform, the security gateway system performing network security gateway functions for the one or more computing applications. The method also comprises storing the digital communication in association with a timestamp in a storage device. The method further comprises receiving a piece of threat intelligence data indicating a security threat from a main controller residing outside the virtual cluster; storing the piece of threat intelligence data in a database; and determining whether the piece of threat intelligence data applies to any of the digital communications in the storage device.Type: ApplicationFiled: March 9, 2021Publication date: July 15, 2021Inventors: Vijay CHANDER, Praveen PATNALA, Vishal JAIN
-
Patent number: 11012475Abstract: A computer-implemented method of managing security services for one or more cloud computing platforms is disclosed.Type: GrantFiled: October 26, 2018Date of Patent: May 18, 2021Assignee: VALTIX, INC.Inventors: Praveen Patnala, Vishal Jain, Vijay Chander
-
Publication number: 20200137125Abstract: A computer-implemented method of managing security services for one or more cloud computing platforms is disclosed.Type: ApplicationFiled: October 26, 2018Publication date: April 30, 2020Inventors: Praveen PATNALA, Vishal JAIN, Vijay CHANDER
-
Publication number: 20200007501Abstract: One or more integrated circuits for implementing a network firewall for a cloud computing platform are disclosed. The one or more integrated circuits comprise: special-purpose hardware, configured to perform: receiving an item in a transport layer from a second hardware portion through a communication bus, the item being derived from original data received by the second hardware portion from a source computer device; and applying processing in increasingly higher communication layers to the item to obtain processed data in an application layer. The applying comprises identifying a payload in the item; determining whether the item includes a security attack based on the payload, the original data, and additional data received from the source computer device before or after the original data was received; and transmitting the processed data, including a result of the determining, to the second hardware portion.Type: ApplicationFiled: June 27, 2018Publication date: January 2, 2020Inventors: Vishal Jain, Vijay Chander, Praveen Patnala
-
Patent number: 10516649Abstract: One or more integrated circuits for implementing a network firewall for a cloud computing platform are disclosed. The one or more integrated circuits comprise: special-purpose hardware, configured to perform: receiving an item in a transport layer from a second hardware portion through a communication bus, the item being derived from original data received by the second hardware portion from a source computer device; and applying processing in increasingly higher communication layers to the item to obtain processed data in an application layer. The applying comprises identifying a payload in the item; determining whether the item includes a security attack based on the payload, the original data, and additional data received from the source computer device before or after the original data was received; and transmitting the processed data, including a result of the determining, to the second hardware portion.Type: GrantFiled: June 27, 2018Date of Patent: December 24, 2019Assignee: VALTIX, INC.Inventors: Vishal Jain, Vijay Chander, Praveen Patnala
-
Patent number: 10148431Abstract: Mechanisms are provided for generating a master key used to secure key objects associated with data blocks in a data center. A cryptographic node creation request is received. It is determined that a master key can not be obtained from another cryptographic node in the data center. A master key is generated. The master key is included in a key hierarchy used to encrypt a data center key object, the data center key object corresponding to a data block maintained in a storage area network (SAN), where the data center key object includes a unique identifier, an encrypted key, and a wrapper unique identifier. The master key is split into N shares, with M shares required to recreate the master key, wherein M is less than N. The N shares are distributed to different entities.Type: GrantFiled: August 28, 2014Date of Patent: December 4, 2018Assignee: CISCO TECHNOLOGY, INC.Inventors: Praveen Patnala, Anand Parthasarathy, Makarand Deshmukh, Jason Mellblom
-
Patent number: 9071589Abstract: An encryption key management system is provided for storage area network devices. A create key request is received at a storage area network switch. The key is created at the storage area network switch and the created key request is transmitted to a key management center. The key object is stored in the key management center and includes a unique identifier, an encrypted key, a wrapper unique identifier, and a key entity. The encrypted key can later be decrypted to generate a decrypted key. The encrypted key is decrypted using keying material accessed using the wrapper unique identifier that identifies another key object.Type: GrantFiled: April 2, 2008Date of Patent: June 30, 2015Assignee: Cisco Technology, Inc.Inventors: Praveen Patnala, Anand Parthasarathy, Makarand Deshmukh
-
Patent number: 8989388Abstract: Efficient mechanisms are provided for transferring key objects associated with disk logical unit numbers and tape cartridges from one data center to another data center. A request is received to transfer a source data center key object from a source data center to a destination data center. The source data center key object corresponds to a data block, such as a disk logical unit number (LUN) or a tape cartridge, maintained in a storage area network (SAN) and includes a unique identifier, an encrypted key, and a wrapper unique identifier. The encrypted key is decrypted using a source data center key hierarchy. Key information is transmitted from the source data center to the destination data center. A destination data center key object is generated using a destination data center key hierarchy.Type: GrantFiled: April 2, 2008Date of Patent: March 24, 2015Assignee: Cisco Technology, Inc.Inventors: Praveen Patnala, Anand Parthasarathy, Makarand Deshmukh, Chandra Sekhar Kondamuri
-
Publication number: 20150019870Abstract: Mechanisms are provided for generating a master key used to secure key objects associated with data blocks in a data center. A cryptographic node creation request is received. It is determined that a master key can not be obtained from another cryptographic node in the data center. A master key is generated. The master key is included in a key hierarchy used to encrypt a data center key object, the data center key object corresponding to a data block maintained in a storage area network (SAN), where the data center key object includes a unique identifier, an encrypted key, and a wrapper unique identifier. The master key is split into N shares, with M shares required to recreate the master key, wherein M is less than N. The N shares are distributed to different entities.Type: ApplicationFiled: August 28, 2014Publication date: January 15, 2015Inventors: Praveen Patnala, Anand Parthasarathy, Makarand Deshmukh, Jason Mellblom
-
Patent number: 8855318Abstract: Mechanisms are provided for generating a master key used to secure key objects associated with data blocks in a data center. A cryptographic node creation request is received. It is determined that a master key can not be obtained from another cryptographic node in the data center. A master key is generated. The master key is included in a key hierarchy used to encrypt a data center key object, the data center key object corresponding to a data block maintained in a storage area network (SAN), where the data center key object includes a unique identifier, an encrypted key, and a wrapper unique identifier. The master key is split into N shares, with M shares required to recreate the master key, wherein M is less than N. The N shares are distributed to different entities.Type: GrantFiled: April 2, 2008Date of Patent: October 7, 2014Assignee: Cisco Technology, Inc.Inventors: Praveen Patnala, Anand Parthasarathy, Makarand Deshmukh, Jason Mellblom
-
Patent number: 7908472Abstract: An acceleration apparatus is adapted to operate in a direct mode and a proxy mode. In the direct mode, the acceleration apparatus decrypts data packets received from a client and forwards the decrypted data packets to a server using a communication session negotiated by the client and the server. In the proxy mode, the acceleration apparatus responds to the client on behalf of the server and forwards the decrypted data packets to the server using a communication session negotiated by the acceleration device and the server. The acceleration apparatus automatically switches from the direct mode to the proxy mode upon detection of a communication error associated with the communication session negotiated by the client and the server.Type: GrantFiled: July 6, 2001Date of Patent: March 15, 2011Assignee: Juniper Networks, Inc.Inventors: Michael Freed, Elango Gannesan, Praveen Patnala
-
Publication number: 20090252330Abstract: Efficient mechanisms are provided for transferring key objects associated with disk logical unit numbers and tape cartridges from one data center to another data center. A request is received to transfer a source data center key object from a source data center to a destination data center. The source data center key object corresponds to a data block, such as a disk logical unit number (LUN) or a tape cartridge, maintained in a storage area network (SAN) and includes a unique identifier, an encrypted key, and a wrapper unique identifier. The encrypted key is decrypted using a source data center key hierarchy. Key information is transmitted from the source data center to the destination data center. A destination data center key object is generated using a destination data center key hierarchy.Type: ApplicationFiled: April 2, 2008Publication date: October 8, 2009Applicant: CISCO TECHNOLOGY, INC.Inventors: Praveen Patnala, Anand Parthasarathy, Makarand Deshmukh, Chandra Sekhar Kondamuri
-
Publication number: 20030014623Abstract: A method for secure communications between a client and a server. The method includes the steps of managing a communications negotiation between the client and the server; receiving encrypted data packets from the client; decrypting each encrypted packet data; forwarding unencrypted data packets to the server; receiving data packets from the server; encrypting the data packets from the server; and forwarding encrypted data packets to the client. In a further embodiment, an apparatus communicating with a client via a public network and communicating with one of a plurality of servers via a secure network is disclosed. The apparatus includes a network communications interface, at least one processor, programmable dynamic memory, and a communications channel coupling the processor, memory and network communications interface.Type: ApplicationFiled: July 6, 2001Publication date: January 16, 2003Inventors: Michael Freed, Elango Gannesen, Praveen Patnala