Patents by Inventor Sai Zeng

Sai Zeng has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10754637
    Abstract: Managing performing patches on a workload associated with a computing platform comprising: identify the workload associated with the computing platform, wherein the workload can comprise a first workload portion upon which a first subset of patches can be performed offline and a second workload portion upon which a second subset of patches can be performed online; determine, for the first workload portion, a portion of the first subset of patches that can be performed within a maintenance time window while offline based on vulnerability scores of patches of the first subset of patches, and determine, for the second workload portion, the second subset of patches that can be performed while online; and determine the vulnerability scores of the patches of the first subset of patches based on importance levels of the patches.
    Type: Grant
    Filed: January 28, 2019
    Date of Patent: August 25, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Sai Zeng, Alexei Karve, Ubaid Ullah Hafeez
  • Publication number: 20200249928
    Abstract: Managing performing patches on a workload associated with a computing platform comprising: identify the workload associated with the computing platform, wherein the workload can comprise a first workload portion upon which a first subset of patches can be performed offline and a second workload portion upon which a second subset of patches can be performed online; determine, for the first workload portion, a portion of the first subset of patches that can be performed within a maintenance time window while offline based on vulnerability scores of patches of the first subset of patches, and determine, for the second workload portion, the second subset of patches that can be performed while online; and determine the vulnerability scores of the patches of the first subset of patches based on importance levels of the patches.
    Type: Application
    Filed: January 28, 2019
    Publication date: August 6, 2020
    Inventors: Sai Zeng, Alexei Karve, Ubaid Ullah Hafeez
  • Patent number: 10713097
    Abstract: An aspect includes the automatic generation of blueprints for orchestration engines from discovered workload representations. A computer-implemented method includes receiving, using a processor, a description of a workload executing in a source computing environment. The description of the workload is mapped, using the processor, to one or more resource descriptors located in a repository of resource descriptors describing resources available in a target computing environment. A declarative representation of the workload in the target computing environment is generated, using the processor, based at least in part on the mapping and the description of the workload. The declarative representation includes a specification of resources required by the workload in the target environment.
    Type: Grant
    Filed: October 3, 2018
    Date of Patent: July 14, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Neeraj Asthana, Thomas Chefalas, Alexei Karve, Matthew Staffelbach, Alla Segal, Sai Zeng
  • Patent number: 10708120
    Abstract: One or more embodiments identify server management actions for resolving problems associated with one or more nodes in information technology infrastructure. In one embodiment, a node-ticket record for an information processing node associated with at least one problem ticket is generated. A set of node-ticket clusters is queried based on the node-ticket record. Each of the set of node-ticket clusters maps a set of server management actions to set of historical node-ticket records associated with the node-ticket cluster. The set of server management actions was previously performed to resolve at least one operational problem associated with at least one information processing node. At least one set of server management actions associated with at least one of the set of node-ticket clusters corresponding to the node-ticket record within a given threshold is identified based on the querying.
    Type: Grant
    Filed: March 13, 2017
    Date of Patent: July 7, 2020
    Assignee: International Business Machines Corporation
    Inventors: Nikolaos Anerousis, Anuradha Bhamidipaty, Shang Q. Guo, Suman K. Pathapati, Daniela Rosu, Mitesh H. Vasa, Anubha Verma, Frederick Wu, Sai Zeng
  • Publication number: 20200153851
    Abstract: A method and system of identifying a computing device vulnerability is provided. Social media communication is monitored. Social media threads that are related to a vulnerability, based on the monitored social media communication, are identified, filtered, and categorized into one or more predetermined categories of computing device vulnerabilities. Upon determining that a number of social media posts related to the vulnerability is above a first predetermined threshold, one or more dependable social media threads in a same one or more categories as the vulnerability are searched. One or more possible root causes of the vulnerability are determined from the searched dependable social media threads. A validity score for each of the one or more possible root causes is assigned. A possible root cause from that has a highest validity score that is above a second predetermined threshold is selected to be the root cause of the vulnerability.
    Type: Application
    Filed: January 4, 2020
    Publication date: May 14, 2020
    Inventors: Muhammed Fatih Bulut, Lisa Chavez, Jinho Hwang, Anup Kalia, Virginia Mayo Policarpio, Sai Zeng
  • Patent number: 10649758
    Abstract: Techniques that facilitate group patching recommendation and/or remediation with risk assessment are provided. In one example, a system includes a vertical stack component, a horizontal stack component and a risk classification component. The vertical stack component identifies a first patch profile from a software system associated with a computer system environment. The horizontal stack component identifies a second patch profile from a hardware system associated with network nodes of the computer system environment. The system learns over time to identify repetitive patterns using machine learning techniques. Then, the risk classification component performs a machine learning process to determine a risk classification for the computer system environment based on the first patch profile and the second patch profile.
    Type: Grant
    Filed: November 1, 2017
    Date of Patent: May 12, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Muhammed Fatih Bulut, Lisa M. Chavez, Jinho Hwang, Virginia Mayo, Vugranam C. Sreedhar, Sai Zeng
  • Publication number: 20200110877
    Abstract: Techniques for dynamic server groups that can be patched together using stream clustering algorithms, and learning components in order to reuse the repeatable patterns using machine learning are provided herein. In one example, in response to a first risk associated with a first server device, a risk assessment component patches a server group to mitigate a vulnerability of the first server device and a second server device, wherein the server group is comprised of the first server device and the second server device. Additionally, a monitoring component monitors data associated with a second risk to the server group to mitigate the second risk to the server group.
    Type: Application
    Filed: December 4, 2019
    Publication date: April 9, 2020
    Inventors: Muhammed Fatih Bulut, Jinho Hwang, Vugranam C. Sreedhar, Sai Zeng
  • Publication number: 20200110638
    Abstract: An aspect includes the automatic generation of blueprints for orchestration engines from discovered workload representations. A computer-implemented method includes receiving, using a processor, a description of a workload executing in a source computing environment. The description of the workload is mapped, using the processor, to one or more resource descriptors located in a repository of resource descriptors describing resources available in a target computing environment. A declarative representation of the workload in the target computing environment is generated, using the processor, based at least in part on the mapping and the description of the workload. The declarative representation includes a specification of resources required by the workload in the target environment.
    Type: Application
    Filed: October 3, 2018
    Publication date: April 9, 2020
    Inventors: Neeraj Asthana, Thomas Chefalas, Alexei Karve, Matthew Staffelbach, Alla Segal, Sai Zeng
  • Patent number: 10601857
    Abstract: A method and system of identifying technical experts for an identified vulnerability is provided. One or more technical experts for each of one or more categories of the vulnerability are identified. Questions are sent to and answers are received from the one or more identified technical experts for each of the one or more categories of vulnerabilities, via a chatbot module. Answers to parameters that are missing for a Common Vulnerability Scoring System (CVSS) for the identified vulnerability are determined from the received answers to the parameters. The answers to the parameters are validated and a CVSS score is calculated based on the validated determined answers.
    Type: Grant
    Filed: November 28, 2017
    Date of Patent: March 24, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Muhammed Fatih Bulut, Lisa Chavez, Jinho Hwang, Virginia Mayo, Maja Vukovic, Sai Zeng
  • Patent number: 10587643
    Abstract: A method and system of identifying a computing device vulnerability is provided. Social media communication is monitored. Social media threads that are related to a vulnerability, based on the monitored social media communication, are identified, filtered, and categorized into one or more predetermined categories of computing device vulnerabilities. Upon determining that a number of social media posts related to the vulnerability is above a first predetermined threshold, one or more dependable social media threads in a same one or more categories as the vulnerability are searched. One or more possible root causes of the vulnerability are determined from the searched dependable social media threads. A validity score for each of the one or more possible root causes is assigned. A possible root cause from that has a highest validity score that is above a second predetermined threshold is selected to be the root cause of the vulnerability.
    Type: Grant
    Filed: November 28, 2017
    Date of Patent: March 10, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Muhammed Fatih Bulut, Lisa Chavez, Jinho Hwang, Anup Kalia, Virginia Mayo Policarpio, Sai Zeng
  • Patent number: 10540496
    Abstract: Techniques for dynamic server groups that can be patched together using stream clustering algorithms, and learning components in order to reuse the repeatable patterns using machine learning are provided herein. In one example, in response to a first risk associated with a first server device, a risk assessment component patches a server group to mitigate a vulnerability of the first server device and a second server device, wherein the server group is comprised of the first server device and the second server device. Additionally, a monitoring component monitors data associated with a second risk to the server group to mitigate the second risk to the server group.
    Type: Grant
    Filed: September 29, 2017
    Date of Patent: January 21, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Muhammed Fatih Bulut, Jinho Hwang, Vugranam C. Sreedhar, Sai Zeng
  • Publication number: 20190356561
    Abstract: A self-service experience for a change requester is provided. Authorized endpoint changes are identified along with corresponding change types. Resource attributes are identified and corresponding parameters of the resources are changed according to change window requirements. Where the changes comply with business policies, the changes are executed.
    Type: Application
    Filed: August 2, 2019
    Publication date: November 21, 2019
    Inventors: Constantin M. Adam, Shang Q. Guo, Brian L. Peterson, John J. Rofrano, Frederick Y. Wu, Sai Zeng
  • Patent number: 10452850
    Abstract: On a computer system, a shell is invoked, through which a plurality of commands and/or scripts can be executed. Individual ones of the plurality of commands and/or scripts are validated. Given individual ones of the plurality of commands and/or scripts, for which the validation is successful, are executed via the shell.
    Type: Grant
    Filed: August 18, 2014
    Date of Patent: October 22, 2019
    Assignee: International Business Machines Corporation
    Inventors: Constantin M. Adam, Shang Q. Guo, John J. Rofrano, Yaoping Ruan, Frederick Y. Wu, Sai Zeng
  • Patent number: 10447757
    Abstract: A method is provided to eliminate many of the manual steps in a server change management process, creating a self-service experience for a change requester. The method may automatically retrieve the current state of a server; constrain the requested change to a valid, feasible specification; verify that the requested change is compliant with business policies; implement the changes automatically; and develop a knowledge base of automated change risk that is used to modify the change management business process by identifying safe changes that can be performed outside of change windows and/or during change freezes. The method can be applied to changes to physical servers, virtual servers, and servers in a cloud environment.
    Type: Grant
    Filed: August 20, 2015
    Date of Patent: October 15, 2019
    Assignee: International Business Machines Corporation
    Inventors: Constantin M. Adam, Shang Q. Guo, Brian L. Peterson, John J. Rofrano, Frederick Y. Wu, Sai Zeng
  • Publication number: 20190268366
    Abstract: A system includes a memory that stores computer executable components and neural network data, and a processor executes computer executable components stored in the memory. An assessment component assesses a computer network, and classifies the computer network relative to M network classifications stored in a repository, wherein M is an integer greater than one. A risk component determines risk of vulnerability subject to change impact regarding protection against a computer virus or cyber-attack based on historical information regarding vulnerability exposure and vulnerability remediation changes relative to the classification of the computer network. A recommendation component that generates recommendations and best action to mitigate risk and impact, and remediate the vulnerabilities based on the risk assessment and business priorities.
    Type: Application
    Filed: February 26, 2018
    Publication date: August 29, 2019
    Inventors: Sai Zeng, Vugranam C. Sreedhar, Karin Murthy, Jinho Hwang, Milton H. Hernandez, Lisa M. Chavez, Muhammed Fatih Bulut, Virginia Mayo, Xinli Wang, Cindy Mullen
  • Publication number: 20190268407
    Abstract: Techniques facilitating service management for the infrastructure of blockchain networks are provided. A system comprises a memory and a processor that executes computer executable components stored in the memory. The computer executable components can comprise an allocation component, a grouping component, and an implementation component. The allocation component can assign, within a blockchain network, a first group of nodes of a first node type to a first set of operation slots and a second group of nodes of a second node type, different than the first node type, to a second set of operation slots. The grouping component can aggregate the second group of nodes assigned to the second set of operation slots with the first group of nodes within the first set of operation slots. The implementation component can execute a service management operation. A consensus algorithm can be satisfied during an execution of the service management operation.
    Type: Application
    Filed: February 26, 2018
    Publication date: August 29, 2019
    Inventors: Sai Zeng, Jun Duan, Alexei Karve, Neeraj Asthana, Vugranam C. Sreedhar, Nerla Jean-Louis
  • Patent number: 10361927
    Abstract: It is determined whether a user is authorized to carry out a management operation on a plurality of information technology assets in parallel, based on a role of the user and at least one characteristic of the management operation. A risk level of the management operation, and at least one characteristic of the plurality of information technology assets, are both determined. Based on the risk level and the at least one characteristic of the plurality of information technology assets, an execution pattern for the management operation is specified. In at least some cases, the management operation is carried out on the plurality of information technology assets in parallel, in accordance with the execution pattern.
    Type: Grant
    Filed: September 30, 2014
    Date of Patent: July 23, 2019
    Assignee: International Business Machines Corporation
    Inventors: Constantin M. Adam, Shang Q. Guo, Rajeev Puri, Yaoping Ruan, Cashchakanith Venugopal, Frederick Y. Wu, Sai Zeng
  • Publication number: 20190163463
    Abstract: Techniques facilitating relational patch orchestration based on impact analysis are provided. In one example, a computer-implemented method comprises creating, by a device operatively coupled to a processor, patch execution plans for one or more pending patches associated with a computing environment; quantifying, by the device, impact of respective ones of the patch execution plans based on dependencies associated with the respective ones of the patch execution plans; and optimizing, by the device, a patch execution plan from the patch execution plans based on the impact of the respective ones of the patch execution plans.
    Type: Application
    Filed: November 30, 2017
    Publication date: May 30, 2019
    Inventors: Muhammed Fatih Bulut, Lisa M. Chavez, Jinho Hwang, Virgina Mayo, Sai Zeng
  • Publication number: 20190166151
    Abstract: A method and system of identifying a computing device vulnerability is provided. Social media communication is monitored. Social media threads that are related to a vulnerability, based on the monitored social media communication, are identified, filtered, and categorized into one or more predetermined categories of computing device vulnerabilities. Upon determining that a number of social media posts related to the vulnerability is above a first predetermined threshold, one or more dependable social media threads in a same one or more categories as the vulnerability are searched. One or more possible root causes of the vulnerability are determined from the searched dependable social media threads. A validity score for each of the one or more possible root causes is assigned. A possible root cause from that has a highest validity score that is above a second predetermined threshold is selected to be the root cause of the vulnerability.
    Type: Application
    Filed: November 28, 2017
    Publication date: May 30, 2019
    Inventors: Muhammed Fatih Bulut, Lisa M. Chavez, Jinho Hwang, Anup Kalia, Virginia Mayo, Sai Zeng
  • Publication number: 20190166150
    Abstract: A method and system of identifying technical experts for an identified vulnerability is provided. One or more technical experts for each of one or more categories of the vulnerability are identified. Questions are sent to and answers are received from the one or more identified technical experts for each of the one or more categories of vulnerabilities, via a chatbot module. Answers to parameters that are missing for a Common Vulnerability Scoring System (CVSS) for the identified vulnerability are determined from the received answers to the parameters. The answers to the parameters are validated and a CVSS score is calculated based on the validated determined answers.
    Type: Application
    Filed: November 28, 2017
    Publication date: May 30, 2019
    Inventors: Muhammed Fatih Bulut, Lisa M. Chavez, Jinho Hwang, Virginia Mayo, Maja Vukovic, Sai Zeng