Patents by Inventor Robert Cannata

Robert Cannata has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20260037660
    Abstract: A computer-implemented method is provided for enforcing data access control policies in a hierarchical structure of a plurality of entities. The method includes receiving a data access request from a client in association with a target entity in the hierarchical structure and generating, by a security gateway, an internal access token comprising a business context that determines an identification of the target entity associated with the client and a data partition in the database corresponding to the target entity. The method also includes verifying, by a data access layer of a microservice module, the data access request against the data access control policies for the hierarchical structure using the internal access token to determine one or more permitted data partitions for access by the client. The method further includes granting the client access to the permitted data partitions if the verifying is successful.
    Type: Application
    Filed: July 31, 2025
    Publication date: February 5, 2026
    Inventors: Robert Cannata, Arun Nadger, John Peter Chinnappan, Gregg Gianopulos
  • Patent number: 12541614
    Abstract: A computer-implemented method is provided for enforcing data access control policies in a hierarchical structure of a plurality of entities. The method includes receiving a data access request from a client in association with a target entity in the hierarchical structure and generating, by a security gateway, an internal access token comprising a business context that determines an identification of the target entity associated with the client and a data partition in the database corresponding to the target entity. The method also includes verifying, by a data access layer of a microservice module, the data access request against the data access control policies for the hierarchical structure using the internal access token to determine one or more permitted data partitions for access by the client. The method further includes granting the client access to the permitted data partitions if the verifying is successful.
    Type: Grant
    Filed: July 31, 2025
    Date of Patent: February 3, 2026
    Assignee: FMR LLC
    Inventors: Robert Cannata, Arun Nadger, John Peter Chinnappan, Gregg Gianopulos
  • Patent number: 12388635
    Abstract: Techniques are provided for generating and using a multi-signature token for electronic message validation according to the one or more embodiments as described herein. Specifically, a multi-signature token may be generated that includes at least two digital signatures and information (e.g., user information). Each of the at least two digital signatures may be generated using a private key of at least two key pairs that are maintained on a plurality of keystores that have at least two different implementations (e.g., security protocols). If the at least two digital signatures are valid, the multi-signature token may be determined to be valid and the client request may optionally be performed. If at least one of the at least two digital signatures is invalid, the client request is optionally not performed.
    Type: Grant
    Filed: March 6, 2024
    Date of Patent: August 12, 2025
    Assignee: FMR LLC
    Inventors: Robert Cannata, Arun Nadger
  • Publication number: 20240421987
    Abstract: Techniques are provided for generating and using a multi-signature token for electronic message validation according to the one or more embodiments as described herein. Specifically, a multi-signature token may be generated that includes at least two digital signatures and information (e.g., user information). Each of the at least two digital signatures may be generated using a private key of at least two key pairs that are maintained on a plurality of keystores that have at least two different implementations (e.g., security protocols). If the at least two digital signatures are valid, the multi-signature token may be determined to be valid and the client request may optionally be performed. If at least one of the at least two digital signatures is invalid, the client request is optionally not performed.
    Type: Application
    Filed: March 6, 2024
    Publication date: December 19, 2024
    Inventors: Robert Cannata, Arun Nadger
  • Patent number: 12007999
    Abstract: Techniques are provided for managing and operating a microservices architecture with ad distributed cache. A data provider microservice may modify a data object stored on a database managed by the data provider microservice. In response, the modified data object may be transmitted to the distributed cache for storage. A data consumer microservice may request a data object. The distributed cache may be searched for the requested object. If the requested object is stored at the distributed cache, the requested object may be provided to the data consumer microservice. If the requested object is not stored at the distributed cache, the data consumer microservice may issue a request for the data object to the data provider microservice that manages the database that stores the data object. The data provider microservice may provide the data object to the distributed cache for storage and provide the data object to the data consumer microservice.
    Type: Grant
    Filed: April 27, 2023
    Date of Patent: June 11, 2024
    Assignee: FMR LLC
    Inventors: Robert Cannata, Arun Nadger, John Peter Chinnappan
  • Patent number: 11962691
    Abstract: Techniques are provided for generating and using a multi-signature token for electronic message validation according to the one or more embodiments as described herein. Specifically, a multi-signature token may be generated that includes at least two digital signatures and information (e.g., user information). Each of the at least two digital signatures may be generated using a private key of at least two key pairs that are maintained on a plurality of keystores that have at least two different implementations (e.g., security protocols). If the at least two digital signatures are valid, the multi-signature token may be determined to be valid and the client request may optionally be performed. If at least one of the at least two digital signatures is invalid, the client request is optionally not performed.
    Type: Grant
    Filed: June 14, 2023
    Date of Patent: April 16, 2024
    Assignee: FMR LLC
    Inventors: Robert Cannata, Arun Nadger
  • Patent number: 11431513
    Abstract: Methods and apparatuses are described for decentralized authorization of user access requests in a distributed service architecture. A gateway node receives a user access request from a remote computing device. The gateway generates a signed and encrypted access token based upon the user access request using an authorization service node and a key management service node. The gateway transmits the access token, the user access request, and a security certificate received from the authorization service to a security proxy node of a microservice container. The security proxy validates the certificate and the access token. The security proxy decrypts the access token using a public key from the certificate, and determines user authorization to access a service endpoint node based upon the decrypted token. The security proxy transmits the user access request to the service endpoint, which provides the remote device with access to services based upon the user access request.
    Type: Grant
    Filed: November 19, 2021
    Date of Patent: August 30, 2022
    Assignee: FMR LLC
    Inventors: Robert Cannata, Daman Dogra, Siddharth Dixit
  • Patent number: 5200623
    Abstract: A dual integration circuit is disclosed for extending the dynamic range of on focal plane signal processor used in a space based infrared detection system. The circuit comprises an input port in connection with a dedicated detector element and first and second integration circuits operative to generate an output signal responsive to a detected infrared image. The first and second integration circuits are provided with associated switching circuitry for generating output signals at different times to facilitate detection of objects having bright and dim infrared images.
    Type: Grant
    Filed: December 4, 1991
    Date of Patent: April 6, 1993
    Assignee: Grumman Aerospace Corp.
    Inventor: Robert Cannata