Patents by Inventor Pravin Tatti
Pravin Tatti has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230133809Abstract: A method of traffic forwarding and disambiguation through the use of local proxies and addresses. The technique leverages DNS to on-ramp traffic to a local proxy. The local proxy runs on the end user's device. According to a first embodiment, DNS is used to remap what would normally be a wide range of IP addresses to localhost based on 127.0.0.0/8 listening sockets, where the system can then listen for connections and data. In a second embodiment, a localhost proxy based on a TUN/TAP interface (or other packet interception method) with a user-defined CIDR range to which the local DNS server drives traffic is used. Requests on that local proxy are annotated (by adding data to the upstream connection).Type: ApplicationFiled: January 3, 2023Publication date: May 4, 2023Applicant: Akamai Technologies, Inc.Inventors: Seetharama Sarma Ayyadevara, Charles E. Gero, Stephan Benny, Pravin Tatti, Manoj Kumar, Seemant Choudhary, Robert Lauro Quiros, Priyatham Phani Srinath Adigopula, Poornima Venkatesha, Sr., Sumeet Gupta
-
Patent number: 11546444Abstract: A method of traffic forwarding and disambiguation through the use of local proxies and addresses. The technique leverages DNS to on-ramp traffic to a local proxy. The local proxy runs on the end user's device. According to a first embodiment, DNS is used to remap what would normally be a wide range of IP addresses to localhost based on 127.0.0.0/8 listening sockets, where the system can then listen for connections and data. In a second embodiment, a localhost proxy based on a TUN/TAP interface (or other packet interception method) with a user-defined CIDR range to which the local DNS server drives traffic is used. Requests on that local proxy are annotated (by adding data to the upstream connection).Type: GrantFiled: March 22, 2019Date of Patent: January 3, 2023Assignee: Akamai Technologies, Inc.Inventors: Seetharama Sarma Ayyadevara, Charles E. Gero, Stephan Benny, Pravin Tatti, Manoj Kumar, Seemant Choudhary, Robert Lauro Quiros, Priyatham Phani Srinath Adigopula, Poornima Venkatesha, Sr., Sumeet Gupta
-
Publication number: 20210176061Abstract: A method of enabling single sign-on (SSO) access to an application executing in an enterprise, wherein authorized, secure access to specific enterprise applications are facilitated via an enterprise-based connector. In response to successful authentication of an end user via a first authentication method, a credential associated with the successful authentication is encrypted to generate an encrypted user token. The encrypted user token is then for storage in a database accessible by the enterprise-based connector. Following a redirect (e.g., from a login server instance) that returns the end user to the enterprise-based connector, the encrypted user token is fetched and decrypted recover the credential. The credential so recovered is then used to attempt to authenticate the user to an application via a second authentication method distinct from the first authentication method.Type: ApplicationFiled: February 21, 2021Publication date: June 10, 2021Applicant: Akamai Technologies, Inc.Inventors: Seetharama Ayyadevara, Seemant Choudhary, Stephan Benny, Pundit Kandoi, Pravin Tatti
-
Patent number: 10931452Abstract: A method of enabling single sign-on (SSO) access to an application executing in an enterprise, wherein authorized, secure access to specific enterprise applications are facilitated via an enterprise-based connector. In response to successful authentication of an end user via a first authentication method, a credential associated with the successful authentication is encrypted to generate an encrypted user token. The encrypted user token is then forwarded for storage in a database accessible by the enterprise-based connector. Following a redirect (e.g., from a login server instance) that returns the end user to the enterprise-based connector, the encrypted user token is fetched and decrypted to recover the credential. The credential so recovered is then used to attempt to authenticate the user to an application via a second authentication method distinct from the first authentication method.Type: GrantFiled: August 22, 2017Date of Patent: February 23, 2021Assignee: Akamai Technologies, Inc.Inventors: Seetharama Ayyadevara, Seemant Choudhary, Stephan Benny, Punit Kandoi, Pravin Tatti
-
Publication number: 20190297161Abstract: A method of traffic forwarding and disambiguation through the use of local proxies and addresses. The technique leverages DNS to on-ramp traffic to a local proxy. The local proxy runs on the end user's device. According to a first embodiment, DNS is used to remap what would normally be a wide range of IP addresses to localhost based on 127.0.0.0/8 listening sockets, where the system can then listen for connections and data. In a second embodiment, a localhost proxy based on a TUN/TAP interface (or other packet interception method) with a user-defined CIDR range to which the local DNS server drives traffic is used. Requests on that local proxy are annotated (by adding data to the upstream connection).Type: ApplicationFiled: March 22, 2019Publication date: September 26, 2019Applicant: Akamai Technologies, Inc.Inventors: Seetharama Sarma Ayyadevara, Charles E. Gero, Stephan Benny, Pravin Tatti, Manoj Kumar, Seemant Choudhary, Robert Lauro Quiros, Priyatham Phani Srinath Adigopula, Poornima Venkatesha, SR., Sumeet Gupta
-
Patent number: 10412067Abstract: A system to deliver an application, hosted by a private application provider, over a network to a user device comprising: an application delivery system that includes, a frontend network interface that includes at least one first traffic director (FTD) instance; a network security interface that includes a plurality of traffic processing server (TPS) instances; a backend network interface that includes at least one backend traffic director (BTD) instance; and at least one agent that is associated with the application and that is disposed within the private application provider system; wherein a federated TLS ticket is used to filter TLS connection requests received by an FTD instance; and wherein a TLS extension is used to filter TLS connection requests received by a BTD instance.Type: GrantFiled: April 18, 2017Date of Patent: September 10, 2019Assignee: Akamai Technologies, Inc.Inventors: Seetharama Sarma Ayyadevara, Seemant Choudhary, Stephan Benny, Pravin Tatti, Punit Kandoi, Rohit Verma, Venukrishna Prasad
-
Publication number: 20180069702Abstract: A method of enabling single sign-on (SSO) access to an application executing in an enterprise, wherein authorized, secure access to specific enterprise applications are facilitated via an enterprise-based connector. In response to successful authentication of an end user via a first authentication method, a credential associated with the successful authentication is encrypted to generate an encrypted user token. The encrypted user token is then for storage in a database accessible by the enterprise-based connector. Following a redirect (e.g., from a login server instance) that returns the end user to the enterprise-based connector, the encrypted user token is fetched and decrypted recover the credential. The credential so recovered is then used to attempt to authenticate the user to an application via a second authentication method distinct from the first authentication method.Type: ApplicationFiled: August 22, 2017Publication date: March 8, 2018Applicant: Akamai Technologies, Inc.Inventors: Seetharama Ayyadevara, Seemant Choudhary, Stephan Benny, Pundit Kandoi, Pravin Tatti
-
Publication number: 20170353437Abstract: A system to deliver an application, hosted by a private application provider, over a network to a user device comprising: an application delivery system that includes, a frontend network interface that includes at least one first traffic director (FTD) instance; a network security interface that includes a plurality of traffic processing server (TPS) instances; a backend network interface that includes at least one backend traffic director (BTD) instance; and at least one agent that is associated with the application and that is disposed within the private application provider system; wherein a federated TLS ticket is used to filter TLS connection requests received by an FTD instance; and wherein a TLS extension is used to filter TLS connection requests received by a BTD instanceType: ApplicationFiled: April 18, 2017Publication date: December 7, 2017Applicant: Akamai Technologies, Inc.Inventors: Seetharama Sarma Ayyadevara, Seemant Choudhary, Stephan Benny, Pravin Tatti, Punit Kandoi, Rohit Verma, Venukrishna Prasad
-
Patent number: 9628455Abstract: A system to deliver an application, hosted by a private application provider, over a network to a user device comprising: an application delivery system that includes, a frontend network interface that includes at least one first traffic director (FTD) instance; a network security interface that includes a plurality of traffic processing server (TPS) instances; a backend network interface that includes at least one backend traffic director (BTD) instance; and at least one agent that is associated with the application and that is disposed within the private application provider system; wherein a federated TLS ticket is used to filter TLS connection requests received by an FTD instance; and wherein a TLS extension is used to filter TLS connection requests received by a BTD instanceType: GrantFiled: September 9, 2015Date of Patent: April 18, 2017Assignee: Akamai Technologies, Inc.Inventors: Seetharama Sarma Ayyadevara, Seemant Choudhary, Stephan Benny, Pravin Tatti, Punit Kandoi, Rohit Verma, Venukrishna Prasad
-
Publication number: 20160359823Abstract: A system to deliver an application, hosted by a private application provider, over a network to a user device comprising: an application delivery system that includes, a frontend network interface that includes at least one first traffic director (FTD) instance; a network security interface that includes a plurality of traffic processing server (TPS) instances; a backend network interface that includes at least one backend traffic director (BTD) instance; and at least one agent that is associated with the application and that is disposed within the private application provider system; wherein a federated TLS ticket is used to filter TLS connection requests received by an FTD instance; and wherein a TLS extension is used to filter TLS connection requests received by a BTD instanceType: ApplicationFiled: September 9, 2015Publication date: December 8, 2016Inventors: Seetharama Sarma Ayyadevara, Seemant Choudhary, Stephan Benny, Pravin Tatti, Punit Kandoi, Rohit Verma, Venukrishna Prasad