Patents by Inventor Ron Ben-Natan
Ron Ben-Natan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10373058Abstract: An analytics processing system generates analytics from a collection of unstructured data by identifying trends in the data and deriving associations or correlations between series of values. Each series is generated from a set of field labeled values in the set, and compared to other series in the collection. Identified relationships in the series are scored based on depiction of an illustrative, predictive, or non-random association, and ranked by a scoring metric for analytical value. A visualization of the relationships are ranked and rendered such that the visualization highlights the association in a manner not achievable by simple inspection of the field values. Relationships are graphed by lines, circles, bars (histogram) on labeled axes based on the series. In this manner, a user may generate analytic results from a large data set, and pinpoint significant associations by paging through renderings scored as the most illustrative of notable trends.Type: GrantFiled: April 29, 2014Date of Patent: August 6, 2019Assignee: JSONAR, INC.Inventors: Ron Ben-Natan, Ury Segal
-
Publication number: 20190121721Abstract: Mechanisms are provided for propagating source identification information from an application front-end system in an application layer to a data layer inspection system associated with a back-end system. An incoming user request is received, at the data layer inspection system, from a gateway system associated with the application front-end system. One or more outgoing statements targeting a back-end system are received at the data layer inspection system. The data layer inspection system accesses a mapping data structure based on the one or more outgoing statements to thereby correlate the one or more outgoing statements with the incoming user request. The data layer inspection system retrieves source identification information associated with the incoming user request based on the correlation of the one or more outgoing statements with the incoming user request. The data layer inspection system performs a data layer inspection operation based on the source identification information.Type: ApplicationFiled: December 19, 2018Publication date: April 25, 2019Inventors: Ron Ben-Natan, Leonid Rodniansky
-
Patent number: 10180895Abstract: Mechanisms are provided for propagating source identification information from an application front-end system in an application layer to a data layer inspection system associated with a back-end system. An incoming user request is received, at the data layer inspection system, from a gateway system associated with the application front-end system. One or more outgoing statements targeting a back-end system are received at the data layer inspection system. The data layer inspection system accesses a mapping data structure based on the one or more outgoing statements to thereby correlate the one or more outgoing statements with the incoming user request. The data layer inspection system retrieves source identification information associated with the incoming user request based on the correlation of the one or more outgoing statements with the incoming user request. The data layer inspection system performs a data layer inspection operation based on the source identification information.Type: GrantFiled: April 22, 2016Date of Patent: January 15, 2019Assignee: International Business Machines CorporationInventors: Ron Ben-Natan, Leonid Rodniansky
-
Publication number: 20180260468Abstract: A query server identifies data collections of interest in a cloud store, and categorizes the collections based on an intended usage. Depending on the intended usage, the categorized data may be cataloged, indexed, or undergo a full intake into a column store. In a database of large data collections, some collections may experience sparse or indefinite usage. Cataloging or indexing position the collections for subsequent query access, but defers the computational burden. The full intake performs a columnar shredding of the collection for facilitating eminent and regular query access. Upon invocation of query activity, an instantiation of virtual machines provided by the cloud store vendor implements query logic, such that the VMs launch in conjunction with the cloud store having the collections. Collections therefore incur processing based on their expected usage-full intake for high query traffic collections, and reduced cataloging for maintaining accessibility of collections of indefinite query interest.Type: ApplicationFiled: March 7, 2017Publication date: September 13, 2018Inventor: Ron Ben-Natan
-
Patent number: 9830369Abstract: An analytics processing system generates analytics from a collection of unstructured data by. transforming a received source of input data from an unstructured database into a delimiterless form, and iteratively moving portions of the delimiterlesss input data from a solid-state memory to a shared memory adapted for parallel operations with a plurality of GPU cores. The method stores computational data, such as values for matching, in a high speed memory responsive to operations with the shared memory, in which the high-speed memory remains static for the duration of the iterations. A host CPU invokes the plurality of cores for performing the parallel operations on the computational data and the portions of the delimiterless input data, and stores a result in a general memory accessible from a graphical user interface (GUI). The GPU cores parallelize the matching task of the input data from the unstructured database against the match data.Type: GrantFiled: May 13, 2014Date of Patent: November 28, 2017Assignee: JSONAR, INC.Inventors: Ron Ben-Natan, Ury Segal
-
Patent number: 9760571Abstract: A tabular (relational) DB interface is responsive to SQL commands for accessing unstructured data bases. An application receives a relational data command or query and maps fields from the relational query to fields in an unstructured data store including documents arranged in a hierarchy and unbounded by fixed types or field lengths. The application generates field names by concatenating nested hierarchy field names to define unique “flat file” field names in a tabular form. The application generates a catalog defining the mapping which is used as metadata for accessing the unstructured data to satisfy the relational query. Use of the metadata avoids copying or translating the unstructured data store to a tabular form because the unstructured data collection remains unmodified, and is accessed via the catalog.Type: GrantFiled: July 23, 2014Date of Patent: September 12, 2017Assignee: JSONAR Inc.Inventors: Ron Ben-Natan, Ury Segal
-
Publication number: 20170212955Abstract: A system and method of storing data in an unstructured or semi-structured database, such as a JSON database, includes defining a columnar store, or hybrid column portion having a set of values for each field, such that each set stores a sequence of values from commonly named fields of each document together, and defining a hybrid store, or hybrid row portion having, for each document in the columnar store, a hybrid entry storing fields from the same document together, such that each entry in the hybrid store includes fields of a corresponding document represented in the columnar store. The hybrid arrangement provides that both the columnar store and the hybrid store are derived from the same set of documents, and each of the columnar store and the hybrid store are configured to fulfill a query request for determining whether to access the columnar store or the hybrid store.Type: ApplicationFiled: January 26, 2016Publication date: July 27, 2017Inventor: Ron Ben-Natan
-
Patent number: 9699145Abstract: A method comprising using at least one hardware processor for: receiving input from a user with respect to masking of a data element in one or more documents of a java script object notation (JSON) type, wherein the input comprises: an identifier of the data element, and one or more constraints for masking the data element based on the hierarchy of the one or more documents of the JSON-type; and generating a masking rule for the one or more documents of the JSON-type based on the input.Type: GrantFiled: October 29, 2014Date of Patent: July 4, 2017Assignee: Internationl Business Machines CorporationInventors: Ron Ben-Natan, Tamar Domany, Ariel Farkash, Igor Gorkhman, Abigail Goldsteen, Boris Rozenberg
-
Publication number: 20160239406Abstract: Mechanisms are provided for propagating source identification information from an application front-end system in an application layer to a data layer inspection system associated with a back-end system. An incoming user request is received, at the data layer inspection system, from a gateway system associated with the application front-end system. One or more outgoing statements targeting a back-end system are received at the data layer inspection system. The data layer inspection system accesses a mapping data structure based on the one or more outgoing statements to thereby correlate the one or more outgoing statements with the incoming user request. The data layer inspection system retrieves source identification information associated with the incoming user request based on the correlation of the one or more outgoing statements with the incoming user request. The data layer inspection system performs a data layer inspection operation based on the source identification information.Type: ApplicationFiled: April 22, 2016Publication date: August 18, 2016Inventors: Ron Ben-Natan, Leonid Rodniansky
-
Patent number: 9390083Abstract: Mechanisms are provided for propagating source identification information from an application front-end system in an application layer to a data layer inspection system associated with a back-end system. An incoming user request is received, at the data layer inspection system, from a gateway system associated with the application front-end system. One or more outgoing statements targeting a back-end system are received at the data layer inspection system. The data layer inspection system accesses a mapping data structure based on the one or more outgoing statements to thereby correlate the one or more outgoing statements with the incoming user request. The data layer inspection system retrieves source identification information associated with the incoming user request based on the correlation of the one or more outgoing statements with the incoming user request. The data layer inspection system performs a data layer inspection operation based on the source identification information.Type: GrantFiled: October 21, 2013Date of Patent: July 12, 2016Assignee: International Business Machines CorporationInventors: Ron Ben-Natan, Leonid Rodniansky
-
Publication number: 20160127322Abstract: A method comprising using at least one hardware processor for: receiving input from a user with respect to masking of a data element in one or more documents of a java script object notation (JSON) type, wherein the input comprises: an identifier of the data element, and one or more constraints for masking the data element based on the hierarchy of the one or more documents of the JSON-type; and generating a masking rule for the one or more documents of the JSON-type based on the input.Type: ApplicationFiled: October 29, 2014Publication date: May 5, 2016Inventors: Ron Ben-Natan, Tamar Domany, Ariel Farkash, Igor Gorkhman, Abigail Goldsteen, Boris Rozenberg
-
Patent number: 8898796Abstract: A method, system or computer usable program product for masking communication data using context based rules including intercepting a communication between a server and a client by an intermediary, the communication having a recipient, parsing the communication by the intermediary to determine whether a context based alteration rule should be applied, responsive to an affirmative determination, applying the rule to the communication to produce an altered communication with altered data, and sending the altered communication to the recipient so that the altered data in the communication is utilized in a masked manner.Type: GrantFiled: February 14, 2012Date of Patent: November 25, 2014Assignee: International Business Machines CorporationInventors: Ron Ben-Natan, Tamar Domany, Ariel Farkash, Igor Gokhman, Abigail Goldsteen, Yuval Hager, Ksenya Kveler, Boris Rozenberg, Ury Segal
-
Publication number: 20140283115Abstract: An approach for auditing database access attempts within a computer system. In one implementation, the computer system provides a target server for directing client requests for database access to the target server. In another implementation, the computer system provides a plurality of filtering agents which intercept the client requests and each filtering agent forwards a respective set of client requests which match a respective filter profile to a processing entity.Type: ApplicationFiled: March 15, 2013Publication date: September 18, 2014Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Ron Ben-Natan, Leonid Rodniansky
-
Publication number: 20140222842Abstract: Mechanisms are provided for propagating source identification information from an application front-end system in an application layer to a data layer inspection system associated with a back-end system. An incoming user request is received, at the data layer inspection system, from a gateway system associated with the application front-end system. One or more outgoing statements targeting a back-end system are received at the data layer inspection system. The data layer inspection system accesses a mapping data structure based on the one or more outgoing statements to thereby correlate the one or more outgoing statements with the incoming user request. The data layer inspection system retrieves source identification information associated with the incoming user request based on the correlation of the one or more outgoing statements with the incoming user request. The data layer inspection system performs a data layer inspection operation based on the source identification information.Type: ApplicationFiled: October 21, 2013Publication date: August 7, 2014Applicant: International Business Machines CorporationInventors: Ron Ben-Natan, Leonid Rodniansky
-
Patent number: 8589422Abstract: Mechanisms are provided for propagating source identification information from an application front-end system in an application layer to a data layer inspection system associated with a back-end system. An incoming user request is received, at the data layer inspection system, from a gateway system associated with the application front-end system. One or more outgoing statements targeting a back-end system are received at the data layer inspection system. The data layer inspection system accesses a mapping data structure based on the one or more outgoing statements to thereby correlate the one or more outgoing statements with the incoming user request. The data layer inspection system retrieves source identification information associated with the incoming user request based on the correlation of the one or more outgoing statements with the incoming user request. The data layer inspection system performs a data layer inspection operation based on the source identification information.Type: GrantFiled: February 7, 2013Date of Patent: November 19, 2013Assignee: International Business Machines CorporationInventors: Ron Ben-Natan, Leonid Rodniansky
-
Patent number: 8583666Abstract: Mechanisms are provided for propagating source identification information from an application front-end system in an application layer to a data layer inspection system associated with a back-end system. An incoming user request is received, at the data layer inspection system, from a gateway system associated with the application front-end system. One or more outgoing statements targeting a back-end system are received at the data layer inspection system. The data layer inspection system accesses a mapping data structure based on the one or more outgoing statements to thereby correlate the one or more outgoing statements with the incoming user request. The data layer inspection system retrieves source identification information associated with the incoming user request based on the correlation of the one or more outgoing statements with the incoming user request. The data layer inspection system performs a data layer inspection operation based on the source identification information.Type: GrantFiled: December 8, 2010Date of Patent: November 12, 2013Assignee: International Business Machines CorporationInventors: Ron Ben-Natan, Leonid Rodniansky
-
Publication number: 20130212689Abstract: A method, system or computer usable program product for masking communication data using context based rules including intercepting a communication between a server and a client by an intermediary, the communication having a recipient, parsing the communication by the intermediary to determine whether a context based alteration rule should be applied, responsive to an affirmative determination, applying the rule to the communication to produce an altered communication with altered data, and sending the altered communication to the recipient so that the altered data in the communication is utilized in a masked manner.Type: ApplicationFiled: February 14, 2012Publication date: August 15, 2013Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Ron Ben-Natan, Tamar Domany, Ariel Farkash, Igor Gokhman, Abigail Goldsteen, Yuval Hager, Ksenya Kveler, Boris Rozenberg, Ury Segal
-
Patent number: 8495367Abstract: In a data level security environment, the data level security mechanism operates on plaintext data. Data level security operations identify a point in the information stream where plaintext data is available for interception. Typically this is a point in the processing stream just after the native DBMS decryption functionality has been invoked. A database monitor intercepts and scrutinizes data in transit between an application and a database by identifying a transition point between the encrypted and plaintext data where the cryptographic operations are invoked, and transfers control of the data in transit to a database monitor application subsequent to the availability of the data in plaintext form.Type: GrantFiled: February 22, 2007Date of Patent: July 23, 2013Assignee: International Business Machines CorporationInventor: Ron Ben-Natan
-
Patent number: 8261326Abstract: A database security overlay that identifies each network and local access gateway to a database, and monitors each access path from the identified gateways to analyze each connection to the database and block any connections determined to transport unauthorized or undesirable content. Access gateways that establish connections are identifiable by interprocess communication (IPC) mechanisms employed in accessing the database. An evaluator monitors access attempts, while a tapping mechanism on IPC mechanisms that provide the connections captures access attempts from the access gateways. The tapping mechanism intercepts and forwards access attempts to the evaluator to centralize and focus DB paths amid multiple local and external connections on the DB server. A lightweight check for each local access quickly determines if the access attempt warrants further scrutiny.Type: GrantFiled: April 25, 2008Date of Patent: September 4, 2012Assignee: International Business Machines CorporationInventor: Ron Ben-Natan
-
Publication number: 20120150880Abstract: Mechanisms are provided for propagating source identification information from an application front-end system in an application layer to a data layer inspection system associated with a back-end system. An incoming user request is received, at the data layer inspection system, from a gateway system associated with the application front-end system. One or more outgoing statements targeting a back-end system are received at the data layer inspection system. The data layer inspection system accesses a mapping data structure based on the one or more outgoing statements to thereby correlate the one or more outgoing statements with the incoming user request. The data layer inspection system retrieves source identification information associated with the incoming user request based on the correlation of the one or more outgoing statements with the incoming user request. The data layer inspection system performs a data layer inspection operation based on the source identification information.Type: ApplicationFiled: December 8, 2010Publication date: June 14, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Ron Ben-Natan, Leonid Rodniansky