Patents by Inventor Rohit Koul
Rohit Koul has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11374749Abstract: An example method facilitates enabling Key Encryption Key (KEK) rotation for a running multi-tenant system without requiring system downtime or interruption. The example method facilitates decrypting a set of one or more DEKs using a preexisting KEK; using a new KEK to re-encode the DEKs using the new KEK, all while simultaneously enabling servicing of tenant requests. This is enabled in part, by strategic caching of tenant DEKs in a secure local memory, wherein the cached tenant DEKs are maintained in the clear and are readily accessible to running processes that are using the DEKs to decrypt and access tenant data, irrespective of the state of a background process used to implement the KEK rotation to the new KEK.Type: GrantFiled: September 24, 2020Date of Patent: June 28, 2022Assignee: Oracle International CorporationInventors: Amit Agarwal, Rohit Koul, Srikant Krishnapuram Tirumalai, Jie Wang, Xinnong Wang
-
Patent number: 11120108Abstract: The present disclosure relates generally to managing security artifacts for a software application executing on a software stack. Techniques are described for defining a security configuration such that each layer of the software stack may be associated with one or more datastores, each datastore including one or more security artifacts for a particular layer. The security configuration may specify, for example, an order in which the various datastores are to be accessed when a request is received for a security artifact that is available from multiple datastores. Using the security configuration, access to security artifacts can be handled in connection with requests generated through a particular layer in the stack. A system managing the security artifacts can provide a unified view of the datastores such that, from the end-user's perspective, there is only one logical datastore.Type: GrantFiled: September 28, 2018Date of Patent: September 14, 2021Assignee: Oracle International CorporationInventors: Rohit Koul, Amit Agarwal, Dongguang Zhou, Vineet Garg, Krishnakumar Sriramadhesikan, Supriya Kalyanasundaram, Yulong Cao, Srivatsa Manjunath, Anant D. Kadam, Deepika Damojipurapu
-
Patent number: 10986056Abstract: Techniques, including systems and methods for distributing electronic messages, are disclosed. In an embodiment, information relating to a message thread is maintained. The information includes information identifying one or more members of a distribution list to be excluded from receiving messages in the message thread. When it has been determined to prevent distribution of the electronic message to one or more members of the distribution list, the electronic message is distributed to members of the distribution list excluding the one or more members to whom distribution is to be prevented. The distributed electronic message may identify the distribution list as an intended recipient.Type: GrantFiled: March 22, 2017Date of Patent: April 20, 2021Assignee: Oracle International CorporationInventors: Rohit Koul, Gurudutta Ramanathaiah
-
Publication number: 20210014056Abstract: An example method facilitates enabling Key Encryption Key (KEK) rotation for a running multi-tenant system without requiring system downtime or interruption. The example method facilitates decrypting a set of one or more DEKs using a preexisting KEK; using a new KEK to re-encode the DEKs using the new KEK, all while simultaneously enabling servicing of tenant requests. This is enabled in part, by strategic caching of tenant DEKs in a secure local memory, wherein the cached tenant DEKs are maintained in the clear and are readily accessible to running processes that are using the DEKs to decrypt and access tenant data, irrespective of the state of a background process used to implement the KEK rotation to the new KEK.Type: ApplicationFiled: September 24, 2020Publication date: January 14, 2021Applicant: Oracle International CorporationInventors: Amit Agarwal, Rohit Koul, Srikant Krishnapuram Tirumalai, Jie Wang, Xinnong Wang
-
Patent number: 10819513Abstract: An example method facilitates enabling Key Encryption Key (KEK) rotation for a running multi-tenant system without requiring system downtime or interruption. The example method facilitates decrypting a set of one or more DEKs using a preexisting KEK; using a new KEK to re-encode the DEKs using the new KEK, all while simultaneously enabling servicing of tenant requests. This is enabled in part, by strategic caching of tenant DEKs in a secure local memory, wherein the cached tenant DEKs are maintained in the clear and are readily accessible to running processes that are using the DEKs to decrypt and access tenant data, irrespective of the state of a background process used to implement the KEK rotation to the new KEK.Type: GrantFiled: April 9, 2018Date of Patent: October 27, 2020Assignee: Oracle International CorporationInventors: Amit Agarwal, Rohit Koul, Srikant Krishnapuram Tirumalai, Jie Wang, Xinnong Wang
-
Patent number: 10805350Abstract: In accordance with an embodiment, described herein is a system and method for providing security services using a security configuration template in a multi-tenant environment. The system can load a security configuration template in memory when the multi-tenant environment starts, and can use the security configuration template to create a multi-headed tree to represent tenant-specific security configurations. Each head of the multi-headed tree can represent a root node of either the security configuration template or a tenant-specific security configuration. Each tenant-specific security configuration can reuse one or more nodes in the security configuration template by referencing those nodes, and can include one or more new nodes created from the security configuration template by replacing each placeholder therein with tenant-specific values.Type: GrantFiled: February 15, 2018Date of Patent: October 13, 2020Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Rohit Koul, Vineet Garg, Dongguang Zhou, Amit Agarwal, Yu Long Cao
-
Publication number: 20190253457Abstract: In accordance with an embodiment, described herein is a system and method for providing security services using a security configuration template in a multi-tenant environment. The system can load a security configuration template in memory when the multi-tenant environment starts, and can use the security configuration template to create a multi-headed tree to represent tenant-specific security configurations. Each head of the multi-headed tree can represent a root node of either the security configuration template or a tenant-specific security configuration. Each tenant-specific security configuration can reuse one or more nodes in the security configuration template by referencing those nodes, and can include one or more new nodes created from the security configuration template by replacing each placeholder therein with tenant-specific values.Type: ApplicationFiled: February 15, 2018Publication date: August 15, 2019Inventors: ROHIT KOUL, VINEET GARG, DONGGUANG ZHOU, AMIT AGARWAL, YU LONG CAO
-
Publication number: 20190173674Abstract: An example method facilitates enabling Key Encryption Key (KEK) rotation for a running multi-tenant system without requiring system downtime or interruption. The example method facilitates decrypting a set of one or more DEKs using a preexisting KEK; using a new KEK to re-encode the DEKs using the new KEK, all while simultaneously enabling servicing of tenant requests. This is enabled in part, by strategic caching of tenant DEKs in a secure local memory, wherein the cached tenant DEKs are maintained in the clear and are readily accessible to running processes that are using the DEKs to decrypt and access tenant data, irrespective of the state of a background process used to implement the KEK rotation to the new KEK.Type: ApplicationFiled: April 9, 2018Publication date: June 6, 2019Applicant: Oracle International CorporationInventors: Amit Agarwal, Rohit Koul, Srikant Krishnapuram Tirumalai, Jie Wang, Xinnong Wang
-
Publication number: 20190102526Abstract: The present disclosure relates generally to managing security artifacts for a software application executing on a software stack. Techniques are described for defining a security configuration such that each layer of the software stack may be associated with one or more datastores, each datastore including one or more security artifacts for a particular layer. The security configuration may specify, for example, an order in which the various datastores are to be accessed when a request is received for a security artifact that is available from multiple datastores. Using the security configuration, access to security artifacts can be handled in connection with requests generated through a particular layer in the stack. A system managing the security artifacts can provide a unified view of the datastores such that, from the end-user's perspective, there is only one logical datastore.Type: ApplicationFiled: September 28, 2018Publication date: April 4, 2019Applicant: Oracle International CorporationInventors: Rohit Koul, Amit Agarwal, Dongguang Zhou, Vineet Garg, Krishnakumar Sriramadhesikan, Supriya Kalyanasundaram, Yulong Cao, Srivatsa Manjunath, Anant D. Kadam, Deepika Damojipurapu
-
Publication number: 20170195270Abstract: Techniques, including systems and methods for distributing electronic messages, are disclosed. In an embodiment, information relating to a message thread is maintained. The information includes information identifying one or more members of a distribution list to be excluded from receiving messages in the message thread. When it has been determined to prevent distribution of the electronic message to one or more members of the distribution list, the electronic message is distributed to members of the distribution list excluding the one or more members to whom distribution is to be prevented. The distributed electronic message may identify the distribution list as an intended recipient.Type: ApplicationFiled: March 22, 2017Publication date: July 6, 2017Applicant: Oracle International CorporationInventors: Rohit Koul, Gurudutta Ramanathaiah
-
Patent number: 9660832Abstract: Techniques, including systems and methods for distributing electronic messages, are disclosed. In an embodiment, information relating to a message thread is maintained. The information includes information identifying one or more members of a distribution list to be excluded from receiving messages in the message thread. When it has been determined to prevent distribution of the electronic message to one or more members of the distribution list, the electronic message is distributed to members of the distribution list excluding the one or more members to whom distribution is to be prevented. The distributed electronic message may identify the distribution list as an intended recipient.Type: GrantFiled: August 13, 2010Date of Patent: May 23, 2017Assignee: Oracle International CorporationInventors: Rohit Koul, Gurudutta Ramanathaiah
-
Patent number: 9424541Abstract: Embodiments of the present invention enable policy-based management of a user contacts list. Applications of the present invention are its use in embodiments of Instant Messaging (IM) systems. During an IM session, a session owner may temporarily add a contact to an active contacts list for a duration determined by evaluating constraints from one or more policies associated with the contact. At IM session initialization, a session owner's persistently stored contacts and their associated policies are retrieved, and the policies are evaluated. An active contacts list for use during the IM session is generated from a subset of stored contacts for which all associated policy constraints are satisfied. In embodiments, the active contacts list may be updated during a session by re-evaluating the stored contacts and associated policies. In embodiments, an active contacts list is updated after addition of a new contact determined to have an associated enabled policy satisfied.Type: GrantFiled: June 25, 2009Date of Patent: August 23, 2016Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Rohit Koul, Gurudutta Ramanathaiah, Deepak Ramakrishnan
-
Patent number: 9098834Abstract: A mail server based approach to task management. In an embodiment, a first user sends a task assignment email indicating a task sought to be assigned, a list of assignees and a list of recipients. The mail server forwards the email message to all the recipients, while maintaining information of a current status of the task. The assignees may send status updates and the current status is accordingly updated. The status information on the server can be accessed by various users.Type: GrantFiled: December 23, 2009Date of Patent: August 4, 2015Assignee: Oracle International CorporationInventors: Gurudutta Ramanathaiah, Rohit Koul
-
Patent number: 8761364Abstract: Techniques for managing teleconferences. A plurality of people are associated with a plurality of identifiers such that each person is associated with at least one identifier. For each caller to a teleconference associated with a different identifier, authentication information is solicited from the caller. Authentication information is received from the caller in response to the solicitation and a determination, based on the received authentication information, is made whether the caller is associated with one of the identifiers.Type: GrantFiled: August 5, 2009Date of Patent: June 24, 2014Assignee: Oracle International CorporationInventors: Rohit Koul, Gurudutta Ramanathaiah, Deepak Ramakrishnan
-
Patent number: 8543608Abstract: Information indicating a time of validity of content of a web page is maintained as meta data within the page itself. A content server, in response to receipt of a request for the web page, determines whether web page has expired. If the content is determined not to have expired, the content server forwards the web page to the requesting user without modification. However, if the content is determined to have expired, the content server adds a warning tag in the content section of the page specifying that the content has expired, and then forwards the page to the requesting user, thereby alert the user of the expiry. In addition, the content server may obtain an updated web page, which may then be provided in response to future requests for the web page.Type: GrantFiled: September 10, 2009Date of Patent: September 24, 2013Assignee: Oracle International CorporationInventors: Rohit Koul, Gurudutta Ramanathaiah
-
Patent number: 8468586Abstract: This disclosure describes, generally, methods and systems for implementing policy based trust management. The method includes receiving, at an host server, a trust request from a partner, and identifying, at the host server via a trust policy enforcer, parameters and attributes associated with the partner. The method further includes identifying, at the host server via the trust policy enforcer, parameters and attributes associated with the requested resource, and accessing, by the trust policy enforcer, a policy database. Furthermore, the method includes retrieving, by the trust policy enforcer, one or more trust policies associated with the requested resource, and based on the attributes and parameters of the partner, applying, by the trust policy enforcer, the one or more associated trust policies to the request. Further, the method includes based on conformity with the one or more trust policies, providing the partner with access to the requested resource.Type: GrantFiled: November 3, 2009Date of Patent: June 18, 2013Assignee: Oracle International CorporationInventors: Vipin Koottayi, Rohit Koul, Madhu Martin
-
Publication number: 20120042019Abstract: Techniques, including systems and methods for distributing electronic messages, are disclosed. In an embodiment, information relating to a message thread is maintained. The information includes information identifying one or more members of a distribution list to be excluded from receiving messages in the message thread. When it has been determined to prevent distribution of the electronic message to one or more members of the distribution list, the electronic message is distributed to members of the distribution list excluding the one or more members to whom distribution is to be prevented. The distributed electronic message may identify the distribution list as an intended recipient.Type: ApplicationFiled: August 13, 2010Publication date: February 16, 2012Applicant: Oracle International CorporationInventors: Rohit Koul, Gurudutta Ramanathaiah
-
Publication number: 20110166952Abstract: In an embodiment, a customer sends a set of requirements for a cloud to a cloud complier, which identifies vendors matching the set of requirements. Information on the matching set of vendors is provided to the customer, thereby enabling the customer to select desired vendors for constructing the cloud.Type: ApplicationFiled: January 7, 2010Publication date: July 7, 2011Applicant: Oracle International CorporationInventors: Ranjani Manchikanti, Suresh Srinivasan, Rohit Koul
-
Publication number: 20110154338Abstract: A mail server based approach to task management. In an embodiment, a first user sends a task assignment email indicating a task sought to be assigned, a list of assignees and a list of recipients. The mail server forwards the email message to all the recipients, while maintaining information of a current status of the task. The assignees may send status updates and the current status is accordingly updated. The status information on the server can be accessed by various users.Type: ApplicationFiled: December 23, 2009Publication date: June 23, 2011Applicant: Oracle International CorporationInventors: Gurudutta Ramanathaiah, Rohit Koul
-
Publication number: 20110107089Abstract: This disclosure describes, generally, methods and systems for implementing policy based trust management. The method includes receiving, at an host server, a trust request from a partner, and identifying, at the host server via a trust policy enforcer, parameters and attributes associated with the partner. The method further includes identifying, at the host server via the trust policy enforcer, parameters and attributes associated with the requested resource, and accessing, by the trust policy enforcer, a policy database. Furthermore, the method includes retrieving, by the trust policy enforcer, one or more trust policies associated with the requested resource, and based on the attributes and parameters of the partner, applying, by the trust policy enforcer, the one or more associated trust policies to the request. Further, the method includes based on conformity with the one or more trust policies, providing the partner with access to the requested resource.Type: ApplicationFiled: November 3, 2009Publication date: May 5, 2011Applicant: Oracle International CorporationInventors: Vipin Koottayi, Rohit Koul, Madhu Martin