Patents by Inventor Ramya Olichandran
Ramya Olichandran has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10999328Abstract: A tag-based policy architecture enforces information technology (IT) policy in a virtualized computing environment using cryptographically-verifiable metadata to authenticate compute resources coupled to a computer network and to authorize access to protected resources of the network. The compute resources are illustratively virtual machine instances (VMIs) provided by a virtual data center (VDC) of the environment, whereas the protected resources are illustratively virtualized storage, network and/or other compute resources of the VDC. Each VMI includes an intermediary manager, e.g., metavisor. The tag-based policy architecture includes an infrastructure having a centralized policy decision end point (e.g., a control plane of the VDC) and distributed policy enforcement endpoints (e.g.Type: GrantFiled: June 3, 2019Date of Patent: May 4, 2021Assignee: VMware, Inc.Inventors: Jason A. Lango, Grant Callaghan, Marcel Moolenaar, Vinay Wagh, Rohan Desai, Matthew Page, Gary Menezes, Antoine Pourchet, Ramya Olichandran
-
Patent number: 10652281Abstract: A technique implements network policy deployed in a tag-based policy architecture of a virtualized computing environment. One or more virtual machine instances (VMIs) may be provided by a virtual data center (VDC) of the environment, wherein each VMI includes an intermediary manager of a computing cell that also includes a guest operating system (OS) and associated applications. The tag-based policy architecture may be configured to enforce the network policy in the virtualized computing environment using cryptographically-verifiable metadata to authenticate compute resources, such as the VMIs, coupled to a computer network and to authorize access to protected resources, such as virtualized network resources of the VDC.Type: GrantFiled: August 31, 2017Date of Patent: May 12, 2020Assignee: VMware, Inc.Inventors: Marcel Moolenaar, Dennis Ramdass, Ramya Olichandran
-
Publication number: 20190306196Abstract: A tag-based policy architecture enforces information technology (IT) policy in a virtualized computing environment using cryptographically-verifiable metadata to authenticate compute resources coupled to a computer network and to authorize access to protected resources of the network. The compute resources are illustratively virtual machine instances (VMIs) provided by a virtual data center (VDC) of the environment, whereas the protected resources are illustratively virtualized storage, network and/or other compute resources of the VDC. Each VMI includes an intermediary manager, e.g., metavisor. The tag-based policy architecture includes an infrastructure having a centralized policy decision end point (e.g., a control plane of the VDC) and distributed policy enforcement endpoints (e.g.Type: ApplicationFiled: June 3, 2019Publication date: October 3, 2019Inventors: Jason A. LANGO, Grant CALLAGHAN, Marcel MOOLENAAR, Vinay WAGH, Rohan DESAI, Matthew PAGE, Gary MENEZES, Antoine POURCHET, Ramya OLICHANDRAN
-
Patent number: 10356128Abstract: A tag-based policy architecture enforces information technology (IT) policy in a virtualized computing environment using cryptographically-verifiable metadata to authenticate compute resources coupled to a computer network and to authorize access to protected resources of the network. The compute resources are illustratively virtual machine instances (VMIs) provided by a virtual data center (VDC) of the environment, whereas the protected resources are illustratively virtualized storage, network and/or other compute resources of the VDC. Each VMI includes an intermediary manager, e.g., metavisor. The tag-based policy architecture includes an infrastructure having a centralized policy decision end point (e.g., a control plane of the VDC) and distributed policy enforcement endpoints (e.g.Type: GrantFiled: July 27, 2017Date of Patent: July 16, 2019Assignee: VMware, Inc.Inventors: Jason A. Lango, Grant Callaghan, Marcel Moolenaar, Vinay Wagh, Rohan Desai, Matthew Page, Gary Menezes, Antoine Pourchet, Ramya Olichandran
-
Patent number: 9846710Abstract: A computer-implemented method for increasing the scalability of software-defined networks may include (1) maintaining a set of databases collectively configured to (i) store a set of flow entries that direct network traffic within a software-defined network and (ii) facilitate searching the set of flow entries based at least in part on at least one key whose size remains substantially constant irrespective of the number of flow entries within the set of flow entries, (2) detecting a request to perform an operation in connection with a flow of data packets within the software-defined network, (3) identifying at least one attribute of the flow of data packets in the request, and then (4) searching, using the attribute of the flow of data packets as a database key, at least one database within the set of databases to facilitate performing the operation. Various other methods, systems, and apparatuses are also disclosed.Type: GrantFiled: May 27, 2016Date of Patent: December 19, 2017Assignee: Juniper Networks, Inc.Inventors: Apoorva Jindal, Rahul S. Kasralikar, Ramya Olichandran, Jainendra Kumar, Sandeep Bajaj
-
Publication number: 20160275113Abstract: A computer-implemented method for increasing the scalability of software-defined networks may include (1) maintaining a set of databases collectively configured to (i) store a set of flow entries that direct network traffic within a software-defined network and (ii) facilitate searching the set of flow entries based at least in part on at least one key whose size remains substantially constant irrespective of the number of flow entries within the set of flow entries, (2) detecting a request to perform an operation in connection with a flow of data packets within the software-defined network, (3) identifying at least one attribute of the flow of data packets in the request, and then (4) searching, using the attribute of the flow of data packets as a database key, at least one database within the set of databases to facilitate performing the operation. Various other methods, systems, and apparatuses are also disclosed.Type: ApplicationFiled: May 27, 2016Publication date: September 22, 2016Inventors: Apoorva Jindal, Rahul S. Kasralikar, Ramya Olichandran, Jainendra Kumar, Sandeep Bajaj
-
Patent number: 9400811Abstract: A computer-implemented method for increasing the scalability of software-defined networks may include (1) maintaining a set of databases collectively configured to (i) store a set of flow entries that direct network traffic within a software-defined network and (ii) facilitate searching the set of flow entries based at least in part on at least one key whose size remains substantially constant irrespective of the number of flow entries within the set of flow entries, (2) detecting a request to perform an operation in connection with a flow of data packets within the software-defined network, (3) identifying at least one attribute of the flow of data packets in the request, and then (4) searching, using the attribute of the flow of data packets as a database key, at least one database within the set of databases to facilitate performing the operation. Various other methods, systems, and apparatuses are also disclosed.Type: GrantFiled: July 5, 2013Date of Patent: July 26, 2016Assignee: Juniper Networks, Inc.Inventors: Apoorva Jindal, Jainendra Kumar, Rahul S. Kasralikar, Sandeep Bajaj, Ramya Olichandran
-
Publication number: 20150012484Abstract: A computer-implemented method for increasing the scalability of software-defined networks may include (1) maintaining a set of databases collectively configured to (i) store a set of flow entries that direct network traffic within a software-defined network and (ii) facilitate searching the set of flow entries based at least in part on at least one key whose size remains substantially constant irrespective of the number of flow entries within the set of flow entries, (2) detecting a request to perform an operation in connection with a flow of data packets within the software-defined network, (3) identifying at least one attribute of the flow of data packets in the request, and then (4) searching, using the attribute of the flow of data packets as a database key, at least one database within the set of databases to facilitate performing the operation. Various other methods, systems, and apparatuses are also disclosed.Type: ApplicationFiled: July 5, 2013Publication date: January 8, 2015Inventors: Apoorva Jindal, Jainendra Kumar, Rahul S. Kasralikar, Sandeep Bajaj, Ramya Olichandran