Patents by Inventor Russell L. Holden
Russell L. Holden has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9942265Abstract: Denial-of-service attacks are prevented or mitigated in a cloud compute environment, such as a multi-tenant, collaborative SaaS system. This is achieved by providing a mechanism by which characterization of “legitimate” behavior is defined for accessor classes, preferably along with actions to be taken in the event an accessor exceeds those limits. A set of accessor “usage profiles” are generated. Typically, a profile comprises information, such as a “request time window,” one or more “constraints,” and one or more “actions.” A request time window defines a time period over which request usage is accumulated and over which constraints are applied. A constraint may be of various types (e.g., number of transactions, defined resource usage limits, etc.) to be applied for the usage monitoring An action defines how the system will respond if a particular constraint is triggered. By applying the constraints to accessor requests, over-utilization of compute resources is enabled.Type: GrantFiled: January 6, 2014Date of Patent: April 10, 2018Assignee: International Business Machines CorporationInventors: Russell L. Holden, John Douglas Curtis, Peter Otto Mierswa
-
Patent number: 9942266Abstract: Denial-of-service attacks are prevented or mitigated in a cloud compute environment, such as a multi-tenant, collaborative SaaS system. This is achieved by providing a mechanism by which characterization of “legitimate” behavior is defined for accessor classes, preferably along with actions to be taken in the event an accessor exceeds those limits. A set of accessor “usage profiles” are generated. Typically, a profile comprises information, such as a “request time window,” one or more “constraints,” and one or more “actions.” A request time window defines a time period over which request usage is accumulated and over which constraints are applied. A constraint may be of various types (e.g., number of transactions, defined resource usage limits, etc.) to be applied for the usage monitoring An action defines how the system will respond if a particular constraint is triggered. By applying the constraints to accessor requests, over-utilization of compute resources is enabled.Type: GrantFiled: August 18, 2015Date of Patent: April 10, 2018Assignee: International Business Machines CorporationInventors: Russell L. Holden, John Douglas Curtis, Peter Otto Mierswa
-
Patent number: 9942289Abstract: Techniques are described above for smoothing peak load in collaborative systems. One embodiment includes, prior to a predicted peak load period, pre-staging user-data associated with one or more users of the collaborative system. During the predicted peak load period, a request from a first one of the users for access to the pre-staged user-data associated with the first user is received. And in response to the request, the pre-staged user-data is provided to the first user.Type: GrantFiled: January 8, 2016Date of Patent: April 10, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventor: Russell L. Holden
-
Publication number: 20170078325Abstract: Denial-of-service attacks are prevented or mitigated in a cloud compute environment, such as a multi-tenant, collaborative SaaS system. This is achieved by providing a mechanism by which characterization of “legitimate” behavior is defined for tenant applications or application classes, preferably along with actions to be taken in the event a request to execute an application is anticipated to exceed defined workflow limits. A set of application profiles are generated. Typically, a profile comprises information, such as a request defined by one or more request variables, one or more “constraints,” one or more “request mappings,” and one or more “actions.” A constraint is a maximum permitted workload for the application. A request mapping maps a request variable to the constraint, either directly or indirectly. The profile information defines how a request is mapped to a workload to determine whether the request is in policy or, if not, what action to take.Type: ApplicationFiled: November 22, 2016Publication date: March 16, 2017Inventors: Mark McGloin, John Douglas Curtis, Peter Otto Mierswa, Russell L. Holden, Olgierd Stanislaw Pieczul
-
Patent number: 9548991Abstract: Denial-of-service attacks are prevented or mitigated in a cloud compute environment, such as a multi-tenant, collaborative SaaS system. This is achieved by providing a mechanism by which characterization of “legitimate” behavior is defined for accessor classes, preferably along with actions to be taken in the event an accessor exceeds those limits. A set of accessor “usage profiles” are generated. Typically, a profile comprises information, such as one or more “constraints,” and one or more “actions.” At least one constraint is generated by applying one or more parameters of a transaction weighting function such that the resulting constraint represents an actual or estimated cost of executing the transaction. An action defines how the system will respond if a particular constraint is triggered. By applying the constraints to accessor requests, the approach prevents over-utilization of compute resources.Type: GrantFiled: December 29, 2015Date of Patent: January 17, 2017Assignee: International Business Machines CorporationInventor: Russell L. Holden
-
Patent number: 9503471Abstract: Denial-of-service attacks are prevented or mitigated in a cloud compute environment, such as a multi-tenant, collaborative SaaS system. This is achieved by providing a mechanism by which characterization of “legitimate” behavior is defined for tenant applications or application classes, preferably along with actions to be taken in the event a request to execute an application is anticipated to exceed defined workflow limits. A set of application profiles are generated. Typically, a profile comprises information, such as a request defined by one or more request variables, one or more “constraints,” one or more “request mappings,” and one or more “actions.” A constraint is a maximum permitted workload for the application. A request mapping maps a request variable to the constraint, either directly or indirectly. The profile information defines how a request is mapped to a workload to determine whether the request is in policy or, if not, what action to take.Type: GrantFiled: August 25, 2015Date of Patent: November 22, 2016Assignee: International Business Machines CorporationInventors: Mark McGloin, John Douglas Curtis, Peter Otto Mierswa, Russell L. Holden, Olgierd Stanislaw Pieczul
-
Patent number: 9444838Abstract: Denial-of-service attacks are prevented or mitigated in a cloud compute environment, such as a multi-tenant, collaborative SaaS system. This is achieved by providing a mechanism by which characterization of “legitimate” behavior is defined for tenant applications or application classes, preferably along with actions to be taken in the event a request to execute an application is anticipated to exceed defined workflow limits. A set of application profiles are generated. Typically, a profile comprises information, such as a request defined by one or more request variables, one or more “constraints,” one or more “request mappings,” and one or more “actions.” A constraint is a maximum permitted workload for the application. A request mapping maps a request variable to the constraint, either directly or indirectly. The profile information defines how a request is mapped to a workload to determine whether the request is in policy or, if not, what action to take.Type: GrantFiled: July 21, 2014Date of Patent: September 13, 2016Assignee: International Business Machines CorporationInventors: Mark McGloin, John Douglas Curtis, Peter Otto Mierswa, Russell L. Holden, Olgierd S. Pieczul
-
Publication number: 20160127431Abstract: Techniques are described above for smoothing peak load in collaborative systems. One embodiment includes, prior to a predicted peak load period, pre-staging user-data associated with one or more users of the collaborative system. During the predicted peak load period, a request from a first one of the users for access to the pre-staged user-data associated with the first user is received. And in response to the request, the pre-staged user-data is provided to the first user.Type: ApplicationFiled: January 8, 2016Publication date: May 5, 2016Inventor: Russell L. HOLDEN
-
Patent number: 9300753Abstract: Techniques are described above for smoothing peak load in collaborative systems. One embodiment includes, prior to a predicted peak load period, pre-staging user-data associated with one or more users of the collaborative system. During the predicted peak load period, a request from a first one of the users for access to the pre-staged user-data associated with the first user is received. And in response to the request, the pre-staged user-data is provided to the first user.Type: GrantFiled: May 6, 2015Date of Patent: March 29, 2016Assignee: International Business Machines CorporationInventor: Russell L. Holden
-
Publication number: 20160021138Abstract: Denial-of-service attacks are prevented or mitigated in a cloud compute environment, such as a multi-tenant, collaborative SaaS system. This is achieved by providing a mechanism by which characterization of “legitimate” behavior is defined for tenant applications or application classes, preferably along with actions to be taken in the event a request to execute an application is anticipated to exceed defined workflow limits. A set of application profiles are generated. Typically, a profile comprises information, such as a request defined by one or more request variables, one or more “constraints,” one or more “request mappings,” and one or more “actions.” A constraint is a maximum permitted workload for the application. A request mapping maps a request variable to the constraint, either directly or indirectly. The profile information defines how a request is mapped to a workload to determine whether the request is in policy or, if not, what action to take.Type: ApplicationFiled: August 25, 2015Publication date: January 21, 2016Inventors: Mark McGloin, John Douglas Curtis, Peter Otto Mierswa, Russell L. Holden, Olgierd Stanislaw Pieczul
-
Publication number: 20160021136Abstract: Denial-of-service attacks are prevented or mitigated in a cloud compute environment, such as a multi-tenant, collaborative SaaS system. This is achieved by providing a mechanism by which characterization of “legitimate” behavior is defined for tenant applications or application classes, preferably along with actions to be taken in the event a request to execute an application is anticipated to exceed defined workflow limits. A set of application profiles are generated. Typically, a profile comprises information, such as a request defined by one or more request variables, one or more “constraints,” one or more “request mappings,” and one or more “actions.” A constraint is a maximum permitted workload for the application. A request mapping maps a request variable to the constraint, either directly or indirectly. The profile information defines how a request is mapped to a workload to determine whether the request is in policy or, if not, what action to take.Type: ApplicationFiled: July 21, 2014Publication date: January 21, 2016Inventors: Mark McGloin, John Douglas Curtis, Peter Otto Mierswa, Russell L. Holden, Olgierd S. Pieczul
-
Publication number: 20150358349Abstract: Denial-of-service attacks are prevented or mitigated in a cloud compute environment, such as a multi-tenant, collaborative SaaS system. This is achieved by providing a mechanism by which characterization of “legitimate” behavior is defined for accessor classes, preferably along with actions to be taken in the event an accessor exceeds those limits. A set of accessor “usage profiles” are generated. Typically, a profile comprises information, such as a “request time window,” one or more “constraints,” and one or more “actions.” A request time window defines a time period over which request usage is accumulated and over which constraints are applied. A constraint may be of various types (e.g., number of transactions, defined resource usage limits, etc.) to be applied for the usage monitoring An action defines how the system will respond if a particular constraint is triggered. By applying the constraints to accessor requests, over-utilization of compute resources is enabled.Type: ApplicationFiled: August 18, 2015Publication date: December 10, 2015Inventors: Russell L. Holden, John Douglas Curtis, Peter Otto Mierswa
-
SMOOTHING PEAK SYSTEM LOAD VIA BEHAVIOR PREDICTION IN COLLABORATIVE SYSTEMS WITH TEMPORAL DATA ACCES
Publication number: 20150237160Abstract: Techniques are described above for smoothing peak load in collaborative systems. One embodiment includes, prior to a predicted peak load period, pre-staging user-data associated with one or more users of the collaborative system. During the predicted peak load period, a request from a first one of the users for access to the pre-staged user-data associated with the first user is received. And in response to the request, the pre-staged user-data is provided to the first user.Type: ApplicationFiled: May 6, 2015Publication date: August 20, 2015Inventor: Russell L. HOLDEN -
Publication number: 20150195303Abstract: Denial-of-service attacks are prevented or mitigated in a cloud compute environment, such as a multi-tenant, collaborative SaaS system. This is achieved by providing a mechanism by which characterization of “legitimate” behavior is defined for accessor classes, preferably along with actions to be taken in the event an accessor exceeds those limits. A set of accessor “usage profiles” are generated. Typically, a profile comprises information, such as a “request time window,” one or more “constraints,” and one or more “actions.” A request time window defines a time period over which request usage is accumulated and over which constraints are applied. A constraint may be of various types (e.g., number of transactions, defined resource usage limits, etc.) to be applied for the usage monitoring An action defines how the system will respond if a particular constraint is triggered. By applying the constraints to accessor requests, over-utilization of compute resources is enabled.Type: ApplicationFiled: January 6, 2014Publication date: July 9, 2015Applicant: International Business Machines CorporationInventors: Russell L. Holden, John Douglas Curtis, Peter Otto Mierswa
-
Patent number: 9075665Abstract: Techniques are described above for smoothing peak load in collaborative systems. One embodiment includes, prior to a predicted peak load period, pre-staging user-data associated with one or more users of the collaborative system. During the predicted peak load period, a request from a first one of the users for access to the pre-staged user-data associated with the first user is received. And in response to the request, the pre-staged user-data is provided to the first user.Type: GrantFiled: June 29, 2010Date of Patent: July 7, 2015Assignee: International Business Machines CorporationInventor: Russell L. Holden
-
Patent number: 9009546Abstract: A request is received by a first computer. The first computer delegates the first request to a second computer. The second computer attempts to process the first request and identifies an imminent fault as a result of the attempt. The second computer sends a message to the first computer indicating an imminent fault as a result of the attempted processing of the first request. The first computer sends a message to a third computer indicating that a second request matching the first request should not be processed.Type: GrantFiled: September 27, 2012Date of Patent: April 14, 2015Assignee: International Business MachinesInventors: Nikolaus K. Brauer, Kenneth E. Brunsen, Daniel C. Gurney, Russell L. Holden, Michael J. Kerrigan, Michael I. Killoran, Peter O. Mierswa, Chester E. Ryder, III, Vinod R. Seraphin
-
Patent number: 8291088Abstract: A system for providing single sign-on (SSO) user names for Web cookies. SSO access to multiple applications is supported in situations where multiple user information directories are deployed, and users may be known by multiple identifiers. Convenient specification is enabled for which of a user's multiple names is to be used in an SSO Web cookie that is passed from application to application to enable SSO operation. The user's SSO Web cookie user name is fully separated conceptually from the user's effective name for any given application within the SSO environment. The SSO Web cookie user name provided by the disclosed system is specified independently from the effective name by which the user is known when operating in the Web application that writes the SSO Web cookie back to the user's computer system. Use of an administratively supplied user name in the SSO Web cookie is facilitated.Type: GrantFiled: September 28, 2008Date of Patent: October 16, 2012Assignee: International Business Machines CorporationInventors: Jane B. Marcus, Scott M. Davidson, Russell L. Holden, Srinivasa R. Kolaparthi, Charles W. Kaufman
-
Publication number: 20110320546Abstract: Techniques are described above for smoothing peak load in collaborative systems. One embodiment includes, prior to a predicted peak load period, pre-staging user-data associated with one or more users of the collaborative system. During the predicted peak load period, a request from a first one of the users for access to the pre-staged user-data associated with the first user is received. And in response to the request, the pre-staged user-data is provided to the first user.Type: ApplicationFiled: June 29, 2010Publication date: December 29, 2011Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventor: RUSSELL L. HOLDEN
-
Patent number: 7925752Abstract: A system for providing single sign-on (SSO) user names for Web cookies in a multiple user information directory environment. SSO access to multiple applications is supported in situations where multiple user information directories are deployed, and users may be known by multiple identifiers. Convenient specification is enabled for which of a user's multiple names is to be used in an SSO Web cookie that is passed from application to application to enable SSO operation. The user's SSO Web cookie user name is fully separated conceptually from the user's effective name for any given application within the SSO environment. The SSO Web cookie user name provided by the disclosed system is specified independently from the effective name by which the user is known when operating in the Web application that writes the SSO Web cookie back to the user's computer system. Use of an administratively supplied user name in the SSO Web cookie is facilitated.Type: GrantFiled: September 28, 2008Date of Patent: April 12, 2011Assignee: International Business Machines CorporationInventors: Jane B. Marcus, Scott M. Davidson, Russell L. Holden, Srinivasa R. Kolaparthi, Charles W. Kaufman
-
Patent number: 7840705Abstract: The present invention provides a method, system and program product for replicating message status changes across messaging systems. Specifically, under the present invention, when a status of a message for a user is changed on a messaging system, the status change is entered into a log associated with the user along with a clock time of the messaging system. The status change is then replicated to a replica messaging system along with the clock time of the original messaging system. Upon receipt, the replica messaging system will ensure that the status change is the most recent activity for the message. If so, the status change will be entered into a log of the replica messaging system along with the clock time of the original messaging system and a clock time of the replica messaging system.Type: GrantFiled: June 25, 2008Date of Patent: November 23, 2010Assignee: International Business Machines CorporationInventors: Russell L. Holden, Damien F. Katz, William A. Spencer