Patents by Inventor Ranga Ramanujan
Ranga Ramanujan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11729185Abstract: This disclosure is directed to monitoring a crypto-partitioned, or cipher-text, wide-area network (WAN). A first computing device may be situated in a plain-text portion of a first enclave behind a first inline network encryptor (INE). A second device may be positioned in a plain-text portion of a second enclave behind a second INE. The two enclaves may be separated by a cipher-text WAN, over which the two enclaved may communicate. The first computing device may receive a data packet from the second computing device. The first computing device may then determine contents of a header of the data packet. The first computing device may, based at least in part on the contents of the header of the data packet, determine a status of the cipher-text WAN.Type: GrantFiled: May 16, 2022Date of Patent: August 15, 2023Assignee: ARCHITECTURE TECHNOLOGY CORPORATIONInventors: Ranga Ramanujan, Benjamin L. Burnett
-
Patent number: 11599626Abstract: An example method includes receiving an indication of a selection of a first application environment that includes a first virtual environment associated with a first security domain and is configured to isolate execution of software applications within the first application environment, suspending execution of a second application environment that includes a second virtual environment associated with a second security domain different from the first security domain, initiating execution of the first application environment, identifying information associated with the first security domain and provided by the first application environment that is to be sent to an external computing device associated with the first security domain, selecting communication network(s) from one or more communication networks that are each available to the mobile computing device for data communication, encrypting, based on the first security domain and network(s), the information, and sending, to the external computing device viaType: GrantFiled: March 11, 2020Date of Patent: March 7, 2023Assignee: ARCHITECTURE TECHNOLOGY CORPORATIONInventors: Timothy Hartley, Ranga Ramanujan, Jafar Al-Gharaibeh
-
Publication number: 20220294808Abstract: This disclosure is directed to monitoring a crypto-partitioned, or cipher-text, wide-area network (WAN). A first computing device may be situated in a plain-text portion of a first enclave behind a first inline network encryptor (INE). A second device may be positioned in a plain-text portion of a second enclave behind a second INE. The two enclaves may be separated by a cipher-text WAN, over which the two enclaved may communicate. The first computing device may receive a data packet from the second computing device. The first computing device may then determine contents of a header of the data packet. The first computing device may, based at least in part on the contents of the header of the data packet, determine a status of the cipher-text WAN.Type: ApplicationFiled: May 16, 2022Publication date: September 15, 2022Inventors: Ranga Ramanujan, Benjamin L. Burnett
-
Patent number: 11336659Abstract: This disclosure is directed to monitoring a crypto-partitioned, or cipher-text, wide-area network (WAN). A first computing device may be situated in a plain-text portion of a first enclave behind a first inline network encryptor (INE). A second device may be positioned in a plain-text portion of a second enclave behind a second INE. The two enclaves may be separated by a cipher-text WAN, over which the two enclaved may communicate. The first computing device may receive a data packet from the second computing device. The first computing device may then determine contents of a header of the data packet. The first computing device may, based at least in part on the contents of the header of the data packet, determine a status of the cipher-text WAN.Type: GrantFiled: April 23, 2020Date of Patent: May 17, 2022Assignee: Architecture Technology CorporationInventors: Ranga Ramanujan, Benjamin L. Burnett
-
Patent number: 11102200Abstract: In general, the techniques of this disclosure describe a computing device that is configured to verify an identity of a user based on authentication factors received from multiple authentication devices. The computing device, which may be configured to operate as a server device, may receive an authentication factor from at least three authentication devices in a group of three or more authentication devices via a guard device. The computing device may determine a probability that the respective user of each respective authentication device is a particular trusted user based on the received authentication factors. If the probability exceeds a threshold authentication probability, the computing device may send an authentication confirmation to a client device.Type: GrantFiled: January 12, 2018Date of Patent: August 24, 2021Assignee: ARCHITECTURE TECHNOLOGY CORPORATIONInventors: Benjamin L. Burnett, Ranga Ramanujan
-
Patent number: 10999262Abstract: In general, the techniques of this disclosure describe a hub device that is configured to receive data packets from both secured client devices and non-secured client devices. The hub device may send the data packets from the secured client devices to a host device. For the data packets from the non-secured client devices, the hub device may first process the data packets to ensure the integrity of the received non-secure data packets and then send the non-secure data packets to the host device once the hub device determines that the non-secure data packets meet some threshold level of integrity.Type: GrantFiled: April 23, 2018Date of Patent: May 4, 2021Assignee: ARCHITECTURE TECHNOLOGY CORPORATIONInventors: Ranga Ramanujan, Benjamin L. Burnett
-
Patent number: 10846391Abstract: In general, the techniques of this disclosure describe a computing device in a secure domain that is configured to receive, via a guard device, an authentication factor from at least one authentication device of a plurality of authentication devices each in a non-secure domain. The respective authentication factor comprises a respective identifier of a respective user of the respective authentication device. The computing device may then determine whether the respective user of each respective authentication device is a particular trusted user based on the received authentication factors. Responsive to determining that the respective user of each respective authentication device is the particular trusted user, the computing device may enable access to one or more applications on the computing device. Once access is enabled, the computing device may continue to enable access so long as the authentication devices send additional authentication factors that confirm the identity of the user.Type: GrantFiled: January 9, 2018Date of Patent: November 24, 2020Assignee: ARCHITECTURE TECHNOLOGY CORPORATIONInventors: Jordan C. Bonney, Ranga Ramanujan
-
Publication number: 20200366688Abstract: This disclosure is directed to monitoring a crypto-partitioned, or cipher-text, wide-area network (WAN). A first computing device may be situated in a plain-text portion of a first enclave behind a first inline network encryptor (INE). A second device may be positioned in a plain-text portion of a second enclave behind a second INE. The two enclaves may be separated by a cipher-text WAN, over which the two enclaved may communicate. The first computing device may receive a data packet from the second computing device. The first computing device may then determine contents of a header of the data packet. The first computing device may, based at least in part on the contents of the header of the data packet, determine a status of the cipher-text WAN.Type: ApplicationFiled: April 23, 2020Publication date: November 19, 2020Inventors: Ranga Ramanujan, Benjamin L. Burnett
-
Patent number: 10762183Abstract: In general, the techniques of this disclosure describe a computing device in a secure domain that is configured to receive, via a guard device, an authentication factor from a biometric authentication device in a non-secure domain. The biometric authentication device is in a non-secure domain, and the authentication factor comprises an identifier of a prospective user of the biometric authentication device. The computing device may then determine, based on the received authentication factor, whether the prospective user is a trusted user of the computing device based on the authentication factor. Responsive to determining that the prospective user of the biometric authentication device is the trusted user, the computing device may enable access to one or more applications on the computing device.Type: GrantFiled: January 9, 2018Date of Patent: September 1, 2020Assignee: ARCHITECTURE TECHNOLOGY CORPORATIONInventors: Deborah K. Charan, Ranga Ramanujan
-
Patent number: 10659476Abstract: This disclosure is directed to monitoring a crypto-partitioned, or cipher-text, wide-area network (WAN). A first computing device may be situated in a plain-text portion of a first enclave behind a first inline network encryptor (INE). A second device may be positioned in a plain-text portion of a second enclave behind a second INE. The two enclaves may be separated by a cipher-text WAN, over which the two enclaved may communicate. The first computing device may receive a data packet from the second computing device. The first computing device may then determine contents of a header of the data packet. The first computing device may, based at least in part on the contents of the header of the data packet, determine a status of the cipher-text WAN.Type: GrantFiled: September 12, 2016Date of Patent: May 19, 2020Assignee: ARCHITECTURE TECHNOLOGY CORPORATIONInventors: Ranga Ramanujan, Benjamin L. Burnett
-
Patent number: 10609076Abstract: An example method includes receiving an indication of a selection of a first application environment that includes a first virtual environment associated with a first security domain and is configured to isolate execution of software applications within the first application environment, suspending execution of a second application environment that includes a second virtual environment associated with a second security domain different from the first security domain, initiating execution of the first application environment, identifying information associated with the first security domain and provided by the first application environment that is to be sent to an external computing device associated with the first security domain, selecting communication network(s) from one or more communication networks that are each available to the mobile computing device for data communication, encrypting, based on the first security domain and network(s), the information, and sending, to the external computing device viaType: GrantFiled: June 28, 2018Date of Patent: March 31, 2020Assignee: ARCHITECTURE TECHNOLOGY COMPANYInventors: Timothy Hartley, Ranga Ramanujan, Jafar Al-Gharaibeh
-
Patent number: 10454891Abstract: This disclosure describes a context aware scalable dynamic network whereby network information concerning network elements in an untrusted (Black) network are gathered by network sensors, stored at a network sensor collector, and sent to another network sensor collector in a trusted (Red) network through a one-way guard. At the Red network, the network information from the Black network may be combined with network information from one or more Red networks. The combined network information may then be used to visualize a cross-domain network topology of both Red and Black networks, and to implement network management functions.Type: GrantFiled: June 30, 2017Date of Patent: October 22, 2019Assignee: ARCHITECTURE TECHNOLOGY CORPORATIONInventors: Benjamin L. Burnett, Deborah K. Charan, Fabio Pozzo, Ranga Ramanujan
-
Patent number: 10225138Abstract: In one example, in a Dynamic Host Configuration Protocol (DHCP) network comprising one or more configuration computing systems, a method includes receiving one or more augmented DHCP configuration messages. The method also includes determining that each of the one or more augmented DHCP configuration messages includes a message tag indicating that the respective augmented DHCP configuration message contains parameter information that includes a client identifier associated with a respective one of the one or more network devices. The method further includes determining, based on the parameter information included in each of the one or more augmented DHCP configuration messages, configuration data that is usable to configure the one or more network devices. The method also includes configuring, based on the configuration data, the one or more network devices.Type: GrantFiled: February 16, 2016Date of Patent: March 5, 2019Assignee: Architecture Technology CorporationInventors: John Wu, Nathan Bahr, Ranga Ramanujan, Brett Thompson, Steven M. Schneider, Corey Webster
-
Patent number: 10015196Abstract: An example method includes receiving an indication of a selection of a first application environment that includes a first virtual environment associated with a first security domain and is configured to isolate execution of software applications within the first application environment, suspending execution of a second application environment that includes a second virtual environment associated with a second security domain different from the first security domain, initiating execution of the first application environment, identifying information associated with the first security domain and provided by the first application environment that is to be sent to an external computing device associated with the first security domain, selecting communication network(s) from one or more communication networks that are each available to the mobile computing device for data communication, encrypting, based on the first security domain and network(s), the information, and sending, to the external computing device viaType: GrantFiled: June 26, 2017Date of Patent: July 3, 2018Assignee: Architecture Technology CorporationInventors: Timothy Hartley, Ranga Ramanujan, Jafar Al-Gharaibeh
-
Publication number: 20180077171Abstract: This disclosure is directed to monitoring a crypto-partitioned, or cipher-text, wide-area network (WAN). A first computing device may be situated in a plain-text portion of a first enclave behind a first inline network encryptor (INE). A second device may be positioned in a plain-text portion of a second enclave behind a second INE. The two enclaves may be separated by a cipher-text WAN, over which the two enclaved may communicate. The first computing device may receive a data packet from the second computing device. The first computing device may then determine contents of a header of the data packet. The first computing device may, based at least in part on the contents of the header of the data packet, determine a status of the cipher-text WAN.Type: ApplicationFiled: September 12, 2016Publication date: March 15, 2018Inventors: Ranga Ramanujan, Benjamin L. Burnett
-
Patent number: 9887974Abstract: This disclosure is directed to techniques for providing communication between devices in different networks wherein the communication must first pass through an encryption mechanism and the devices do not have the stand-alone capability to encrypt or decrypt the communication. According to these techniques, an adapter may determine certain fields in a data packet that remain unencrypted when the data packet passes through the encryption mechanism. The adapter may then process those fields in such a way that, when the data packets are received by a second adapter, the second adapter may read those fields and obtain information.Type: GrantFiled: November 3, 2015Date of Patent: February 6, 2018Assignee: Architecture Technology CorporationInventors: Deborah K. Charan, Ranga Ramanujan
-
Publication number: 20170310638Abstract: This disclosure describes a context aware scalable dynamic network whereby network information concerning network elements in an untrusted (Black) network are gathered by network sensors, stored at a network sensor collector, and sent to another network sensor collector in a trusted (Red) network through a one-way guard. At the Red network, the network information from the Black network may be combined with network information from one or more Red networks. The combined network information may then be used to visualize a cross-domain network topology of both Red and Black networks, and to implement network management functions.Type: ApplicationFiled: June 30, 2017Publication date: October 26, 2017Inventors: Benjamin L. Burnett, Deborah K. Charan, Fabio Pozzo, Ranga Ramanujan
-
Patent number: 9769131Abstract: An example method includes receiving an indication of a selection of a first application environment that includes a first virtual environment associated with a first security domain and is configured to isolate execution of software applications within the first application environment, suspending execution of a second application environment that includes a second virtual environment associated with a second security domain different from the first security domain, initiating execution of the first application environment, identifying information associated with the first security domain and provided by the first application environment that is to be sent to an external computing device associated with the first security domain, selecting communication network(s) from one or more communication networks that are each available to the mobile computing device for data communication, encrypting, based on the first security domain and network(s), the information, and sending, to the external computing device viaType: GrantFiled: August 2, 2016Date of Patent: September 19, 2017Assignee: Architecture Technology CorporationInventors: Timothy Hartley, Ranga Ramanujan, Jafar Al-Gharaibeh
-
Publication number: 20170237608Abstract: In one example, in a Dynamic Host Configuration Protocol (DHCP) network comprising one or more configuration computing systems, a method includes receiving one or more augmented DHCP configuration messages. The method also includes determining that each of the one or more augmented DHCP configuration messages includes a message tag indicating that the respective augmented DHCP configuration message contains parameter information that includes a client identifier associated with a respective one of the one or more network devices. The method further includes determining, based on the parameter information included in each of the one or more augmented DHCP configuration messages, configuration data that is usable to configure the one or more network devices. The method also includes configuring, based on the configuration data, the one or more network devices.Type: ApplicationFiled: February 16, 2016Publication date: August 17, 2017Inventors: John Wu, Nathan Bahr, Ranga Ramanujan, Brett Thompson, Steven M. Schneider, Corey Webster
-
Patent number: 9736112Abstract: This disclosure describes a context aware scalable dynamic network whereby network information concerning network elements in an untrusted (Black) network are gathered by network sensors, stored at a network sensor collector, and sent to another network sensor collector in a trusted (Red) network through a one-way guard. At the Red network, the network information from the Black network may be combined with network information from one or more Red networks. The combined network information may then be used to visualize a cross-domain network topology of both Red and Black networks, and to implement network management functions.Type: GrantFiled: October 10, 2014Date of Patent: August 15, 2017Assignee: Architecture Technology CorporationInventors: Benjamin L. Burnett, Deborah K. Charan, Fabio Pozzo, Ranga Ramanujan