Patents by Inventor Pruthvithej Ramesh Kumar
Pruthvithej Ramesh Kumar has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11843611Abstract: The present disclosure relates generally to access control, and more particularly, to techniques (e.g., systems, methods, computer program products storing code or instructions executable by one or more processors) for providing for inline enrollment in multi-level and multi-factor authentication of a user allowing login on a restricted website, or on an enterprise network with single sign-on, or on various other service systems with security restrictions.Type: GrantFiled: January 26, 2021Date of Patent: December 12, 2023Assignee: Oracle International CorporationInventors: Nagaraj Pattar, Pruthvithej Ramesh Kumar
-
Patent number: 11750590Abstract: An access management system (AMS) is disclosed that includes SSO capabilities for providing users secure access to protected resources within an enterprise using encryption keys generated by a client application. The AMS receives a request from a client application for a user to access a protected resource. In certain examples, the request comprises a client application identifier, a session identifier and a client public encryption key. The AMS determines if the session identifier points to a valid session and upon determining that the session identifier corresponds to a valid session, transmits information associated with the valid session to the client application. In certain examples, the information associated with the valid session is encrypted using the client public encryption key. Based on information associated with the valid session received from the client application, the AMS determines whether to grant or deny a user access to a protected resource within the enterprise.Type: GrantFiled: February 7, 2022Date of Patent: September 5, 2023Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Nagaraj Pattar, Pruthvithej Ramesh Kumar
-
Patent number: 11651357Abstract: Embodiments implement multifactor authentication without a user footprint. An application programming interface call from a client application can be received that includes a messaging identifier. A transaction identifier can be transmitted to the client application and stored. Using a shared secret, a temporary password can be generated, where the shared secret can be associated with the transaction identifier and can be stored. The temporary password can be transmitted to the messaging identifier. A second application programming interface call can be received that includes a reference transaction identifier and input, where a user provides the input to the client application. The user can be authenticated when the reference transaction identifier matches a transaction identifier stored and the input matches an expected password that is based on a stored shared secret associated with the matching stored transaction identifier.Type: GrantFiled: May 30, 2019Date of Patent: May 16, 2023Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Samanvitha Kumar, Pruthvithej Ramesh Kumar
-
Patent number: 11611548Abstract: Embodiments perform bulk multifactor authentication (MFA) enrollment in an identity cloud management system. An entity can be created in the identity cloud management system, where the entity is issued a credential that includes a permissions scope for communicating with the identity cloud management system. A bulk set of user identities and MFA enrollment information including MFA security factors for the user identities and a status for the user identities can be received in association with the credential, where the MFA security factors include a mix of communication addresses and shared secrets. A subset of the user identities that include a status that indicates MFA enrollment can be enrolled, where the enrolling includes creating an MFA footprint for the subset of user identities within an MFA database, and each created MFA footprint includes a received MFA security factor.Type: GrantFiled: November 22, 2019Date of Patent: March 21, 2023Assignee: Oracle International CorporationInventors: Samanvitha Kumar, Pruthvithej Ramesh Kumar, S. Ashok Kumar
-
Publication number: 20220166765Abstract: An access management system (AMS) is disclosed that includes SSO capabilities for providing users secure access to protected resources within an enterprise using encryption keys generated by a client application. The AMS receives a request from a client application for a user to access a protected resource. In certain examples, the request comprises a client application identifier, a session identifier and a client public encryption key. The AMS determines if the session identifier points to a valid session and upon determining that the session identifier corresponds to a valid session, transmits information associated with the valid session to the client application. In certain examples, the information associated with the valid session is encrypted using the client public encryption key. Based on information associated with the valid session received from the client application, the AMS determines whether to grant or deny a user access to a protected resource within the enterprise.Type: ApplicationFiled: February 7, 2022Publication date: May 26, 2022Applicant: Oracle International CorporationInventors: Nagaraj Pattar, Pruthvithej Ramesh Kumar
-
Patent number: 11283789Abstract: An access management system (AMS) is disclosed that includes SSO capabilities for providing users secure access to protected resources within an enterprise using encryption keys generated by a client application. The AMS receives a request from a client application for a user to access a protected resource. In certain examples, the request comprises a client application identifier, a session identifier and a client public encryption key. The AMS determines if the session identifier points to a valid session and upon determining that the session identifier corresponds to a valid session, transmits information associated with the valid session to the client application. In certain examples, the information associated with the valid session is encrypted using the client public encryption key. Based on information associated with the valid session received from the client application, the AMS determines whether to grant or deny a user access to a protected resource within the enterprise.Type: GrantFiled: February 13, 2020Date of Patent: March 22, 2022Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Nagaraj Pattar, Pruthvithej Ramesh Kumar
-
Patent number: 11134071Abstract: An example system and method facilitates establishment of secure communications between software systems, e.g., a client computing device and one or more servers (e.g., a cloud) using Multi Factor Authentication (MFA) via strategic use of tokens. An example method for overcoming longstanding security loopholes and usability issues with conventional MFA methods includes efficiently securing registration code (e.g., via public key cryptography and tokens) and exchanged data (e.g., message payloads), in part by embedding a signed token (e.g., a JWT token signed by a private key of the server system) in a registration link used by a client system to communicate with one or more servers of a server system.Type: GrantFiled: April 23, 2018Date of Patent: September 28, 2021Assignee: Oracle International CorporationInventors: Pruthvithej Ramesh Kumar, Nagaraj Pattar, Mohamad Raja Gani Mohamad Abdul, Parthipan Kandasamy, Samanvitha Kumar, S Ashok Kumar
-
Publication number: 20210258298Abstract: An access management system (AMS) is disclosed that includes SSO capabilities for providing users secure access to protected resources within an enterprise using encryption keys generated by a client application. The AMS receives a request from a client application for a user to access a protected resource. In certain examples, the request comprises a client application identifier, a session identifier and a client public encryption key. The AMS determines if the session identifier points to a valid session and upon determining that the session identifier corresponds to a valid session, transmits information associated with the valid session to the client application. In certain examples, the information associated with the valid session is encrypted using the client public encryption key. Based on information associated with the valid session received from the client application, the AMS determines whether to grant or deny a user access to a protected resource within the enterprise.Type: ApplicationFiled: February 13, 2020Publication date: August 19, 2021Applicant: Oracle International CorporationInventors: Nagaraj Pattar, Pruthvithej Ramesh Kumar
-
Publication number: 20210226960Abstract: The present disclosure relates generally to access control, and more particularly, to techniques (e.g., systems, methods, computer program products storing code or instructions executable by one or more processors) for providing for inline enrollment in multi-level and multi-factor authentication of a user allowing login on a restricted website, or on an enterprise network with single sign-on, or on various other service systems with security restrictions.Type: ApplicationFiled: January 26, 2021Publication date: July 22, 2021Applicant: Oracle International CorporationInventors: Nagaraj Pattar, Pruthvithej Ramesh Kumar
-
Publication number: 20210160231Abstract: Embodiments perform bulk multifactor authentication (MFA) enrollment in an identity cloud management system. An entity can be created in the identity cloud management system, where the entity is issued a credential that includes a permissions scope for communicating with the identity cloud management system. A bulk set of user identities and MFA enrollment information including MFA security factors for the user identities and a status for the user identities can be received in association with the credential, where the MFA security factors include a mix of communication addresses and shared secrets. A subset of the user identities that include a status that indicates MFA enrollment can be enrolled, where the enrolling includes creating an MFA footprint for the subset of user identities within an MFA database, and each created MFA footprint includes a received MFA security factor.Type: ApplicationFiled: November 22, 2019Publication date: May 27, 2021Inventors: Samanvitha KUMAR, Pruthvithej Ramesh KUMAR, S. Ashok KUMAR
-
Patent number: 10911464Abstract: The present disclosure relates generally to access control, and more particularly, to techniques (e.g., systems, methods, computer program products storing code or instructions executable by one or more processors) for providing for inline enrollment in multi-level and multi-factor authentication of a user allowing login on a restricted website, or on an enterprise network with single sign-on, or on various other service systems with security restrictions.Type: GrantFiled: September 6, 2018Date of Patent: February 2, 2021Assignee: Oracle International CorporationInventors: Nagaraj Pattar, Pruthvithej Ramesh Kumar
-
Patent number: 10841389Abstract: Techniques related to authentication and authorization are disclosed. In some embodiments, an access management system is provided for increasing the reliability of notification-based authentication and/or authorization. Push notifications, for example, may be used as part of multifactor authentication processing or authorization processing. In certain embodiments, in response to an event triggering an authentication or authorization flow for a user, multiple different ways are provided for delivering notifications related to the authentication or authorization flow to the user's device (e.g., a client device registered for push notification-based authentication or authorization). By providing multiple ways for communicating notifications related to the authentication or authorization to the user's device, the chance that an authentication-related or authorization-related notification is missed or not delivered to the user's device is dramatically reduced.Type: GrantFiled: July 31, 2018Date of Patent: November 17, 2020Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Samanvitha Kumar, Nagaraj Pattar, Pruthvithej Ramesh Kumar, Parthipan Kandasamy, Ashok Kumar Subbaiyan
-
Patent number: 10826886Abstract: The present disclosure relates to techniques for authentication of a user on a restricted website, or on an enterprise network with single sign-on, or on various other service systems with security restrictions using push notifications. One technique includes receiving an authorization request for a first application to access a resource, sending a first push notification to a second application, the first push notification requesting authentication of a user of the first application, receiving information indicating a response to the first push notification, sending a second push notification to the first application, the second push notification includes a status of the authorization request based on the response to the first push notification, receiving information indicating an outcome of the authentication request based on the response to the first push notification, and providing the first application access to the resource.Type: GrantFiled: May 30, 2018Date of Patent: November 3, 2020Assignee: Oracle International CorporationInventors: Nagaraj Pattar, Pruthvithej Ramesh Kumar
-
Patent number: 10812473Abstract: Techniques are described for enrolling an authentication device for generating time-based one-time passwords (TOTPs) for use with multi-factor authentication (MFA). A user is prompted to initiate an enrollment procedure after successful authentication based on a first authentication factor in connection with a request for a resource protected by an access management (AM) system. The authentication device contacts the AM system to establish that the authentication device is a trusted device (e.g., through validation of an authentication token contained in a Quick Response (QR) code generated by the AM system). After the authentication device has been established as a trusted device, the AM system sends a shared secret to the authentication device, which uses the shared secret to complete enrollment (e.g., by generating a TOTP for verification by the AM system). A session is then created for the user to enable access to the protected resource.Type: GrantFiled: October 17, 2018Date of Patent: October 20, 2020Assignee: Oracle International CorporationInventors: Pruthvithej Ramesh Kumar, Nagaraj Pattar, Samanvitha Kumar, Parthipan Kandasamy, Ashok Kumar Subbaiyan
-
Publication number: 20200250664Abstract: Embodiments implement multifactor authentication without a user footprint. An application programming interface call from a client application can be received that includes a messaging identifier. A transaction identifier can be transmitted to the client application and stored. Using a shared secret, a temporary password can be generated, where the shared secret can be associated with the transaction identifier and can be stored. The temporary password can be transmitted to the messaging identifier. A second application programming interface call can be received that includes a reference transaction identifier and input, where a user provides the input to the client application. The user can be authenticated when the reference transaction identifier matches a transaction identifier stored and the input matches an expected password that is based on a stored shared secret associated with the matching stored transaction identifier.Type: ApplicationFiled: May 30, 2019Publication date: August 6, 2020Inventors: Samanvitha KUMAR, Pruthvithej Ramesh Kumar
-
Publication number: 20190386981Abstract: Techniques are described for enrolling an authentication device for generating time-based one-time passwords (TOTPs) for use with multi-factor authentication (MFA). A user is prompted to initiate an enrollment procedure after successful authentication based on a first authentication factor in connection with a request for a resource protected by an access management (AM) system. The authentication device contacts the AM system to establish that the authentication device is a trusted device (e.g., through validation of an authentication token contained in a Quick Response (QR) code generated by the AM system). After the authentication device has been established as a trusted device, the AM system sends a shared secret to the authentication device, which uses the shared secret to complete enrollment (e.g., by generating a TOTP for verification by the AM system). A session is then created for the user to enable access to the protected resource.Type: ApplicationFiled: October 17, 2018Publication date: December 19, 2019Applicant: Oracle International CorporationInventors: Pruthvithej Ramesh Kumar, Nagaraj Pattar, Samanvitha Kumar, Parthipan Kandasamy, Ashok Kumar Subbaiyan
-
Publication number: 20190372959Abstract: The present disclosure relates to techniques for authentication of a user on a restricted website, or on an enterprise network with single sign-on, or on various other service systems with security restrictions using push notifications. One technique includes receiving an authorization request for a first application to access a resource, sending a first push notification to a second application, the first push notification requesting authentication of a user of the first application, receiving information indicating a response to the first push notification, sending a second push notification to the first application, the second push notification includes a status of the authorization request based on the response to the first push notification, receiving information indicating an outcome of the authentication request based on the response to the first push notification, and providing the first application access to the resource.Type: ApplicationFiled: May 30, 2018Publication date: December 5, 2019Applicant: Oracle International CorporationInventors: Nagaraj Pattar, Pruthvithej Ramesh Kumar
-
Publication number: 20190334921Abstract: The present disclosure relates generally to access control, and more particularly, to techniques (e.g., systems, methods, computer program products storing code or instructions executable by one or more processors) for providing for inline enrollment in multi-level and multi-factor authentication of a user allowing login on a restricted website, or on an enterprise network with single sign-on, or on various other service systems with security restrictions.Type: ApplicationFiled: September 6, 2018Publication date: October 31, 2019Applicant: Oracle International CorporationInventors: Nagaraj Pattar, Pruthvithej Ramesh Kumar
-
Publication number: 20190327223Abstract: An example system and method facilitates establishment of secure communications between software systems, e.g., a client computing device and one or more servers (e.g., a cloud) using Multi Factor Authentication (MFA) via strategic use of tokens. An example method for overcoming longstanding security loopholes and usability issues with conventional MFA methods includes efficiently securing registration code (e.g., via public key cryptography and tokens) and exchanged data (e.g., message payloads), in part by embedding a signed token (e.g., a JWT token signed by a private key of the server system) in a registration link used by a client system to communicate with one or more servers of a server system.Type: ApplicationFiled: April 23, 2018Publication date: October 24, 2019Applicant: Oracle International CorporationInventors: Pruthvithej Ramesh Kumar, Nagaraj Pattar, Mohamad Raja Gani Mohamad Abdul, Parthipan Kandasamy, Samanvitha Kumar, S Ashok Kumar
-
Publication number: 20190253509Abstract: Techniques related to authentication and authorization are disclosed. In some embodiments, an access management system is provided for increasing the reliability of notification-based authentication and/or authorization. Push notifications, for example, may be used as part of multifactor authentication processing or authorization processing. In certain embodiments, in response to an event triggering an authentication or authorization flow for a user, multiple different ways are provided for delivering notifications related to the authentication or authorization flow to the user's device (e.g., a client device registered for push notification-based authentication or authorization). By providing multiple ways for communicating notifications related to the authentication or authorization to the user's device, the chance that an authentication-related or authorization-related notification is missed or not delivered to the user's device is dramatically reduced.Type: ApplicationFiled: July 31, 2018Publication date: August 15, 2019Applicant: Oracle International CorporationInventors: Samanvitha Kumar, Nagaraj Pattar, Pruthvithej Ramesh Kumar, Parthipan Kandasamy, Ashok Kumar Subbaiyan