Patents by Inventor Pritesh Parekh
Pritesh Parekh has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11962620Abstract: An apparatus comprises a processing device configured to receive, at a user interface of a trust platform configured to manage cloud assets operating in clouds of two or more cloud service providers, a specification of security and compliance policies of a given entity. The processing device is also configured to generate, based at least in part on the specified security and compliance policies of the given entity, security and compliance controls to be implemented for workloads of the given entity running on a subset of the cloud assets operating in the clouds of the two or more cloud service providers. The processing device is further configured to deploy, utilizing application programming interfaces of the trust platform, the generated security and compliance controls on first and second pluralities of monitoring tools operating in tenant and management environments of the clouds of the two or more cloud service providers.Type: GrantFiled: December 30, 2020Date of Patent: April 16, 2024Assignee: Virtustream IP Holding Company LLCInventors: Pritesh Parekh, Nicholas Kathmann, Qintao Zhao
-
Patent number: 11888838Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.Type: GrantFiled: August 2, 2022Date of Patent: January 30, 2024Assignee: Zuora, Inc.Inventors: Oleg Mikheev, Joshy Austin, Pushkala Pattabhiraman, Levon Stepanian, Pritesh Parekh
-
Publication number: 20230171239Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.Type: ApplicationFiled: August 2, 2022Publication date: June 1, 2023Inventors: Oleg Mikheev, Joshy Austin, Pushkala Pattabhiraman, Levon Stepanian, Pritesh Parekh
-
Patent number: 11611591Abstract: An apparatus comprises a processing device configured to receive, at a user interface of a trust platform configured to manage cloud assets operating in clouds of cloud service providers, a request to view security and compliance risk for a given entity running workloads utilizing the cloud assets. The processing device is also configured to obtain, utilizing application programming interfaces of the trust platform, first and second sets of security and compliance telemetry data generated by first and second pluralities of monitoring tools operating in tenant and management environments of the clouds. The processing device is further configured to generate a unified view of security and compliance for the workloads of the given entity utilizing the first and second sets of security telemetry data, and to provide the unified view of security and compliance for the workloads of the given entity at the user interface of the trust platform.Type: GrantFiled: December 30, 2020Date of Patent: March 21, 2023Assignee: Virtustream IP Holding Company LLCInventors: Pritesh Parekh, Nicholas Kathmann, Qintao Zhao
-
Patent number: 11509681Abstract: An apparatus comprises a processing device configured to receive, at a user interface of a trust platform configured to manage cloud assets operating in clouds of two or more cloud service providers, a request to view multi-cloud relative risk information for at least a subset of the cloud assets on which workloads of a given entity run. The processing device is also configured to obtain, utilizing application programming interfaces of the trust platform, first and second sets of cloud asset risk data generated by first and second pluralities of monitoring tools operating in tenant and management environments of the clouds of the two or more cloud service providers. The processing device is further configured to generate and provide, at the user interface of the trust platform, a unified view of the multi-cloud relative risk information utilizing the first and second sets of cloud asset risk data.Type: GrantFiled: March 11, 2021Date of Patent: November 22, 2022Assignee: Virtustream IP Holding Company LLCInventors: Pritesh Parekh, Nicholas Kathmann, Qintao Zhao
-
Patent number: 11503078Abstract: An apparatus comprises a processing device configured to receive, at a user interface of a trust platform configured to manage cloud assets operating in clouds of two or more cloud service providers, a specification of security and compliance controls to be implemented for workloads of a given entity running on a subset of the cloud assets. The processing device is also configured to obtain, utilizing application programming interfaces of the trust platform, information characterizing deployed security and compliance controls for the subset of the plurality of cloud assets from first and second pluralities of monitoring tools operating in tenant and management environments of the clouds.Type: GrantFiled: December 30, 2020Date of Patent: November 15, 2022Assignee: Virtustream IP Holding Company LLCInventors: Pritesh Parekh, Nicholas Kathmann, Qintao Zhao
-
Publication number: 20220294818Abstract: An apparatus comprises a processing device configured to receive, at a trust platform configured to manage cloud assets operating in clouds of two or more cloud service providers, self-reported risk information for at least a subset of the cloud assets on which workloads of a given entity run. The processing device is also configured to obtain, utilizing application programming interfaces of the trust platform, first and second sets of cloud asset risk data generated by first and second pluralities of monitoring tools operating in tenant and management environments of the clouds. The processing device is further configured to determine multi-cloud relative risk information for the subset of cloud assets by adjusting the self-reported risk information utilizing the first and second sets of cloud asset risk data, and to perform risk management for the subset of cloud assets based at least in part on the determined multi-cloud relative risk information.Type: ApplicationFiled: March 11, 2021Publication date: September 15, 2022Inventors: Pritesh Parekh, Nicholas Kathmann, Qintao Zhao
-
Publication number: 20220294817Abstract: An apparatus comprises a processing device configured to receive, at a user interface of a trust platform configured to manage cloud assets operating in clouds of two or more cloud service providers, a request to view multi-cloud relative risk information for at least a subset of the cloud assets on which workloads of a given entity run. The processing device is also configured to obtain, utilizing application programming interfaces of the trust platform, first and second sets of cloud asset risk data generated by first and second pluralities of monitoring tools operating in tenant and management environments of the clouds of the two or more cloud service providers. The processing device is further configured to generate and provide, at the user interface of the trust platform, a unified view of the multi-cloud relative risk information utilizing the first and second sets of cloud asset risk data.Type: ApplicationFiled: March 11, 2021Publication date: September 15, 2022Inventors: Pritesh Parekh, Nicholas Kathmann, Qintao Zhao
-
Patent number: 11431697Abstract: An apparatus comprises a processing device configured to receive, at a user interface of a trust platform configured to manage cloud assets operating in clouds of multiple cloud service providers, a request by a user to access a given cloud asset on which one or more workloads of a given entity run. The processing device is also configured to generate, on the given cloud asset utilizing application programming interfaces of the trust platform, a temporary user account responsive to determining that the requesting user is registered with the trust platform as an authorized user for the given entity and the given asset. The processing device is further configured to provide access credentials for the temporary user account to the requesting user, to monitor use of the temporary user account, and to remove the temporary user account from the given cloud asset based at least in part on the monitored use.Type: GrantFiled: December 30, 2020Date of Patent: August 30, 2022Assignee: Virtustream IP Holding Company LLCInventors: Pritesh Parekh, Nicholas Kathmann, Qintao Zhao
-
Patent number: 11405376Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.Type: GrantFiled: July 7, 2020Date of Patent: August 2, 2022Assignee: Zuora, Inc.Inventors: Oleg Mikheev, Joshy Austin, Pushkala Pattabhiraman, Levon Stepanian, Pritesh Parekh
-
Publication number: 20220210195Abstract: An apparatus comprises a processing device configured to receive, at a user interface of a trust platform configured to manage cloud assets operating in clouds of two or more cloud service providers, a specification of security and compliance controls to be implemented for workloads of a given entity running on a subset of the cloud assets. The processing device is also configured to obtain, utilizing application programming interfaces of the trust platform, information characterizing deployed security and compliance controls for the subset of the plurality of cloud assets from first and second pluralities of monitoring tools operating in tenant and management environments of the clouds.Type: ApplicationFiled: December 30, 2020Publication date: June 30, 2022Inventors: Pritesh Parekh, Nicholas Kathmann, Qintao Zhao
-
Publication number: 20220210196Abstract: An apparatus comprises a processing device configured to receive, at a user interface of a trust platform configured to manage cloud assets operating in clouds of cloud service providers, a request to view security and compliance risk for a given entity running workloads utilizing the cloud assets. The processing device is also configured to obtain, utilizing application programming interfaces of the trust platform, first and second sets of security and compliance telemetry data generated by first and second pluralities of monitoring tools operating in tenant and management environments of the clouds. The processing device is further configured to generate a unified view of security and compliance for the workloads of the given entity utilizing the first and second sets of security telemetry data, and to provide the unified view of security and compliance for the workloads of the given entity at the user interface of the trust platform.Type: ApplicationFiled: December 30, 2020Publication date: June 30, 2022Inventors: Pritesh Parekh, Nicholas Kathmann, Qintao Zhao
-
Publication number: 20220210194Abstract: An apparatus comprises a processing device configured to receive, at a user interface of a trust platform configured to manage cloud assets operating in clouds of two or more cloud service providers, a specification of security and compliance policies of a given entity. The processing device is also configured to generate, based at least in part on the specified security and compliance policies of the given entity, security and compliance controls to be implemented for workloads of the given entity running on a subset of the cloud assets operating in the clouds of the two or more cloud service providers. The processing device is further configured to deploy, utilizing application programming interfaces of the trust platform, the generated security and compliance controls on first and second pluralities of monitoring tools operating in tenant and management environments of the clouds of the two or more cloud service providers.Type: ApplicationFiled: December 30, 2020Publication date: June 30, 2022Inventors: Pritesh Parekh, Nicholas Kathmann, Qintao Zhao
-
Publication number: 20220210141Abstract: An apparatus comprises a processing device configured to receive, at a user interface of a trust platform configured to manage cloud assets operating in clouds of multiple cloud service providers, a request by a user to access a given cloud asset on which one or more workloads of a given entity run. The processing device is also configured to generate, on the given cloud asset utilizing application programming interfaces of the trust platform, a temporary user account responsive to determining that the requesting user is registered with the trust platform as an authorized user for the given entity and the given asset. The processing device is further configured to provide access credentials for the temporary user account to the requesting user, to monitor use of the temporary user account, and to remove the temporary user account from the given cloud asset based at least in part on the monitored use.Type: ApplicationFiled: December 30, 2020Publication date: June 30, 2022Inventors: Pritesh Parekh, Nicholas Kathmann, Qintao Zhao
-
Publication number: 20200336477Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.Type: ApplicationFiled: July 7, 2020Publication date: October 22, 2020Applicant: Zuora, Inc.Inventors: Oleg Mikheev, Joshy Austin, Pushkala Pattabhiraman, Levon Stepanian, Pritesh Parekh
-
Patent number: 10708255Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.Type: GrantFiled: March 5, 2019Date of Patent: July 7, 2020Assignee: Zuora, Inc.Inventors: Oleg Mikheev, Joshy Austin, Pushkala Pattabhiraman, Levon Stepanian, Pritesh Parekh
-
Publication number: 20190199709Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.Type: ApplicationFiled: March 5, 2019Publication date: June 27, 2019Applicant: Zuora, Inc.Inventors: Oleg Mikheev, Joshy Austin, Pushkala Pattabhiraman, Levon Stepanian, Pritesh Parekh
-
Patent number: 10250584Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.Type: GrantFiled: October 15, 2015Date of Patent: April 2, 2019Assignee: Zuora, Inc.Inventors: Oleg Mikheev, Joshy Austin, Pushkala Pattabhiraman, Levon Stepanian, Pritesh Parekh
-
Publication number: 20160134619Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.Type: ApplicationFiled: October 15, 2015Publication date: May 12, 2016Inventors: Oleg Mikheev, Joshy Austin, Pushkala Pattabhiraman, Levon Stepanian, Pritesh Parekh