Patents by Inventor Sanjay B. Panchal
Sanjay B. Panchal has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11979393Abstract: An online authentication system allows a user to define their own logic for multistage authentication, which is provided to an online authentication center and stored as encrypted bytecode based on each user's password. Implementation logic can use third party information sources to provide additional authentication options.Type: GrantFiled: June 2, 2021Date of Patent: May 7, 2024Assignee: Green Market Square LimitedInventors: Vinod A. Valecha, Sanjay B. Panchal, Mohit N. Agrawal
-
Patent number: 11838427Abstract: A method, a computer program product, and a system for usage restrictions on digital certificates. The method includes selecting a digital certificate relating to a user and determining a usage restriction policy for the digital certificate based on the user. The method also includes populating an extension field of the digital certificate with the usage restriction policy. The method further includes providing the digital certificate including the usage restriction policy to the user. The method also includes gathering parameters relating to the digital certificate, determining usage patterns based on the parameters, inputting the usage patterns into a machine learning model, outputting a risk assessment, and updating the usage restriction policy based on the risk assessment.Type: GrantFiled: February 4, 2021Date of Patent: December 5, 2023Assignee: International Business Machines CorporationInventors: Rinkesh I. Bansal, Vinod A. Valecha, Sanjay B. Panchal, Chintan Thaker
-
Publication number: 20230222501Abstract: A first access attempt to perform a secure transaction is received, from a first user. The secure transaction is related to an authentication card that has a physical exterior. An authentication card profile related to the authentication card of the first user is retrieved based on the first access attempt. The authentication card profile describes a set of one or more degradation characteristics, each degradation characteristic of the set of degradation characteristics describes a degradation of the physical exterior of the authentication card. A validation status of the authentication card is determined. The determination is based on the first access attempt and on the set of degradation characteristics. A security response related to the first access attempt is performed in response to the validation status.Type: ApplicationFiled: January 10, 2022Publication date: July 13, 2023Inventors: Rinkesh I. Bansal, Vinod A. Valecha, Sanjay B. Panchal, Chintan Thaker
-
Publication number: 20230072072Abstract: An embodiment intercepts an authentication request being sent from a secure web service to a user device associated with a user. The embodiment transmits, responsive to the authentication request, a credential request to a credential storage, wherein the credential request includes a request for a credential associated with the user and the secure web service. The embodiment receives, responsive to the credential request, the credential associated with the user and the secure web service. The embodiment transmits, as a response to the authentication request, the credential associated with the user to the secure web service. The embodiment intercepts, responsive to successful validation of the credential by the secure web service, an authentication response from the secure web service, where the authentication response includes session data required for maintaining an authenticated session with the secure web service. The embodiment forwards the authentication response with the session data to the user device.Type: ApplicationFiled: September 9, 2021Publication date: March 9, 2023Applicant: International Business Machines CorporationInventors: Vinod Anandram Valecha, Rinkesh I. Bansal, Sanjay B. Panchal, Chintan Thaker
-
Patent number: 11454047Abstract: A digital key management system for physical keys is provided. A processor registers a physical lock. A processor generates a digital key based on a physical key structure to be used with the physical lock. A processor configures the physical lock to decode an inserted physical key. A processor verifies the inserted physical key, in response to a digital key for the decoded physical key matching the generated digital key.Type: GrantFiled: June 20, 2019Date of Patent: September 27, 2022Assignee: International Business Machines CorporationInventors: Vinod A. Valecha, Rinkesh I. Bansal, Sanjay B. Panchal, Chintan Thaker
-
Publication number: 20220247575Abstract: A method, a computer program product, and a system for usage restrictions on digital certificates. The method includes selecting a digital certificate relating to a user and determining a usage restriction policy for the digital certificate based on the user. The method also includes populating an extension field of the digital certificate with the usage restriction policy. The method further includes providing the digital certificate including the usage restriction policy to the user. The method also includes gathering parameters relating to the digital certificate, determining usage patterns based on the parameters, inputting the usage patterns into a machine learning model, outputting a risk assessment, and updating the usage restriction policy based on the risk assessment.Type: ApplicationFiled: February 4, 2021Publication date: August 4, 2022Inventors: Rinkesh I. Bansal, Vinod A. Valecha, Sanjay B. Panchal, Chintan Thaker
-
Patent number: 11391591Abstract: Embodiments of the present invention provide systems and methods for personalizing a navigation route. The method includes receiving a request from a user for a navigation route between two or more points. The method further includes accessing navigation data and services, creating a generic navigation route, accessing route history and related data for the user, creating a personalized navigation route for the user, and displaying the personalized navigation route.Type: GrantFiled: August 7, 2019Date of Patent: July 19, 2022Assignee: International Business Machines CorporationInventors: Rinkesh I. Bansal, Sanjay B. Panchal, Chintan Thaker, Vinod A. Valecha
-
Patent number: 11316684Abstract: An enterprise key management server operates in association with a location service that maintains information defining at least one physical boundary of the enterprise. Upon receipt at the key management server of a request that requires release of key material, an additional security check is performed. When the request is received from a GPS-enabled storage device, the key management server queries the location service to determine whether that device is within the boundary. If so, the key material is released. If the requesting device does not provide its location, or if the location service determines that the device is not within the boundary, the key management server fails the request so that the key material is not released. In this manner, the disclosure of the key material to a device that is no longer within the confines of the enterprise, e.g., because it has been stolen, is averted.Type: GrantFiled: May 19, 2020Date of Patent: April 26, 2022Assignee: International Business Machines CorporationInventors: Mohit Niranjan Agrawal, Vinod A. Valecha, Sanjay B. Panchal
-
Patent number: 11190522Abstract: Described herein are techniques for delegating access using an offline token. The techniques including a method comprising receiving, at a server and from a delegate user device, a delegate login package comprising an offline token and delegate credentials. The offline token is generated at an offline user device and transmitted to the delegate user device for enabling the delegate user device to access access-controlled content associated with the offline user device. The techniques further include validating, by the server, the delegate login package by comparing the delegate credentials with delegate information stored in the offline token. The techniques further including establishing a delegated session between the delegate user device and the access-controlled content stored on the server in response to validating the delegate login package. Furthermore, the delegated session is established according to an access policy, delegation rights, and an expiration parameter stored in the offline token.Type: GrantFiled: July 15, 2019Date of Patent: November 30, 2021Assignee: International Business Machines CorporationInventors: Vinod A. Valecha, Nishant Singhai, Sanjay B. Panchal, Vikram Subhash Khopade
-
Publication number: 20210367768Abstract: An enterprise key management server operates in association with a location service that maintains information defining at least one physical boundary of the enterprise. Upon receipt at the key management server of a request that requires release of key material, an additional security check is performed. When the request is received from a GPS-enabled storage device, the key management server queries the location service to determine whether that device is within the boundary. If so, the key material is released. If the requesting device does not provide its location, or if the location service determines that the device is not within the boundary, the key management server fails the request so that the key material is not released. In this manner, the disclosure of the key material to a device that is no longer within the confines of the enterprise, e.g., because it has been stolen, is averted.Type: ApplicationFiled: May 19, 2020Publication date: November 25, 2021Applicant: International Business Machines CorporationInventors: Mohit Niranjan Agrawal, Vinod A. Valecha, Sanjay B. Panchal
-
Publication number: 20210288953Abstract: An online authentication system allows a user to define their own logic for multistage authentication, which is provided to an online authentication center and stored as encrypted bytecode based on each user's password. Implementation logic can use third party information sources to provide additional authentication options.Type: ApplicationFiled: June 2, 2021Publication date: September 16, 2021Inventors: Vinod A. Valecha, Sanjay B. Panchal, Mohit N. Agrawal
-
Publication number: 20210288798Abstract: A computer-implemented method for generating a symmetric key for data encryption includes receiving a first request from an entity to generate a first symmetric key for data encryption. The computer-implemented method further includes retrieving a first secret data element and a second secret data element from one or more secret data servers. The computer-implemented method further includes dividing each of the first secret data element and the second secret data element into a number of secret data element byte strings. The computer-implemented method further includes generating the first symmetric key for data encryption based, at least in part, on combining a first secret data element byte string from the first secret data element and a second secret data element byte string from the second secret data element.Type: ApplicationFiled: March 16, 2020Publication date: September 16, 2021Inventors: Saarthak Vadhera, Rinkesh I. Bansal, Chintan Thaker, Sanjay B. Panchal, Vinod A. Valecha
-
Patent number: 11101997Abstract: Cryptographic key provisioning by determining future cryptographic key demand according to historic key demand and key access requirements, determining cryptographic key provisioning resources for the future cryptographic key demand, and providing cryptographic keys, prior to the determined future cryptographic key demand using the cryptographic key provisioning resources.Type: GrantFiled: July 1, 2019Date of Patent: August 24, 2021Assignee: International Business Machines CorporationInventors: Vinod A. Valecha, Rinkesh I. Bansal, Sanjay B. Panchal, Chintan Thaker
-
Patent number: 11050735Abstract: An online authentication system allows a user to define their own logic for multistage authentication, which is provided to an online authentication center and stored as encrypted bytecode based on each user's password. Implementation logic can use third party information sources to provide additional authentication options.Type: GrantFiled: August 23, 2018Date of Patent: June 29, 2021Assignee: International Business Machines CorporationInventors: Vinod A. Valecha, Sanjay B. Panchal, Mohit N. Agrawal
-
Patent number: 11010480Abstract: The method, computer system, and computer program product for using a key management server to protect visible content. The method, computer program product, and computer system may include a key management server which may receive, from an encryption device, an identification of one or more portions of clear information visible on a physical document. The key management server may receive, from the encryption device, one or more permission parameters. The permission parameters may include a time duration parameter, a location parameter, a start and end time parameter, or a device identification parameter. Further, the key management server may receive, from a decryption device, a request to access a portion of the clear information. The key management server may transmit, to the decryption device, information permitting access to the portion of clear information.Type: GrantFiled: October 25, 2018Date of Patent: May 18, 2021Assignee: International Business Machines CorporationInventors: Rinkesh I. Bansal, Chintan Thaker, Sanjay B. Panchal, Vinod A. Valecha
-
Publication number: 20210021601Abstract: Described herein are techniques for delegating access using an offline token. The techniques including a method comprising receiving, at a server and from a delegate user device, a delegate login package comprising an offline token and delegate credentials. The offline token is generated at an offline user device and transmitted to the delegate user device for enabling the delegate user device to access access-controlled content associated with the offline user device. The techniques further include validating, by the server, the delegate login package by comparing the delegate credentials with delegate information stored in the offline token. The techniques further including establishing a delegated session between the delegate user device and the access-controlled content stored on the server in response to validating the delegate login package. Furthermore, the delegated session is established according to an access policy, delegation rights, and an expiration parameter stored in the offline token.Type: ApplicationFiled: July 15, 2019Publication date: January 21, 2021Inventors: Vinod A. Valecha, Nishant Singhai, Sanjay B. Panchal, Vikram Subhash Khopade
-
Publication number: 20210006401Abstract: Cryptographic key provisioning by determining future cryptographic key demand according to historic key demand and key access requirements, determining cryptographic key provisioning resources for the future cryptographic key demand, and providing cryptographic keys, prior to the determined future cryptographic key demand using the cryptographic key provisioning resources.Type: ApplicationFiled: July 1, 2019Publication date: January 7, 2021Inventors: Vinod A. Valecha, Rinkesh I. Bansal, Sanjay B. Panchal, Chintan Thaker
-
Publication number: 20200399928Abstract: A digital key management system for physical keys is provided. A processor registers a physical lock. A processor generates a digital key based on a physical key structure to be used with the physical lock. A processor configures the physical lock to decode an inserted physical key. A processor verifies the inserted physical key, in response to a digital key for the decoded physical key matching the generated digital key.Type: ApplicationFiled: June 20, 2019Publication date: December 24, 2020Inventors: Vinod A. Valecha, Rinkesh I. Bansal, Sanjay B. Panchal, Chintan Thaker
-
Patent number: 10659441Abstract: A service interface of an SSL application hosted on at least one computer system in a hosted network selecting at least one authorized cipher suite. An SSL socket of the SSL application negotiating with another SSL socket of another SSL application in the hosted network for a mutual cipher from among the at least one authorized cipher suite and a shared key to encrypt information exchanged during a secure session. Responsive to establishing a security connection between the SSL socket and the another SSL socket using the selected mutual cipher, the service interface sends to a centralized service an identifier of the selected mutual cipher. Responsive to the service interface receiving a revoked cipher alert from the centralized service, the service interface revokes one or more sessions of the SSL application using a revoked cipher in the revoked cipher alert matching the selected mutual cipher.Type: GrantFiled: December 10, 2018Date of Patent: May 19, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Rinkesh I. Bansal, Shiv S. Jha, Sanjay B. Panchal, Mahesh S. Paradkar, Chintan Thaker
-
Publication number: 20200134201Abstract: The method, computer system, and computer program product for using a key management server to protect visible content. The method, computer program product, and computer system may include a key management server which may receive, from an encryption device, an identification of one or more portions of clear information visible on a physical document. The key management server may receive, from the encryption device, one or more permission parameters. The permission parameters may include a time duration parameter, a location parameter, a start and end time parameter, or a device identification parameter. Further, the key management server may receive, from a decryption device, a request to access a portion of the clear information. The key management server may transmit, to the decryption device, information permitting access to the portion of clear information.Type: ApplicationFiled: October 25, 2018Publication date: April 30, 2020Inventors: Rinkesh I. Bansal, Chintan Thaker, SANJAY B. PANCHAL, VINOD A. VALECHA