Patents by Inventor Sanjay B. Panchal

Sanjay B. Panchal has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11979393
    Abstract: An online authentication system allows a user to define their own logic for multistage authentication, which is provided to an online authentication center and stored as encrypted bytecode based on each user's password. Implementation logic can use third party information sources to provide additional authentication options.
    Type: Grant
    Filed: June 2, 2021
    Date of Patent: May 7, 2024
    Assignee: Green Market Square Limited
    Inventors: Vinod A. Valecha, Sanjay B. Panchal, Mohit N. Agrawal
  • Patent number: 11838427
    Abstract: A method, a computer program product, and a system for usage restrictions on digital certificates. The method includes selecting a digital certificate relating to a user and determining a usage restriction policy for the digital certificate based on the user. The method also includes populating an extension field of the digital certificate with the usage restriction policy. The method further includes providing the digital certificate including the usage restriction policy to the user. The method also includes gathering parameters relating to the digital certificate, determining usage patterns based on the parameters, inputting the usage patterns into a machine learning model, outputting a risk assessment, and updating the usage restriction policy based on the risk assessment.
    Type: Grant
    Filed: February 4, 2021
    Date of Patent: December 5, 2023
    Assignee: International Business Machines Corporation
    Inventors: Rinkesh I. Bansal, Vinod A. Valecha, Sanjay B. Panchal, Chintan Thaker
  • Publication number: 20230222501
    Abstract: A first access attempt to perform a secure transaction is received, from a first user. The secure transaction is related to an authentication card that has a physical exterior. An authentication card profile related to the authentication card of the first user is retrieved based on the first access attempt. The authentication card profile describes a set of one or more degradation characteristics, each degradation characteristic of the set of degradation characteristics describes a degradation of the physical exterior of the authentication card. A validation status of the authentication card is determined. The determination is based on the first access attempt and on the set of degradation characteristics. A security response related to the first access attempt is performed in response to the validation status.
    Type: Application
    Filed: January 10, 2022
    Publication date: July 13, 2023
    Inventors: Rinkesh I. Bansal, Vinod A. Valecha, Sanjay B. Panchal, Chintan Thaker
  • Publication number: 20230072072
    Abstract: An embodiment intercepts an authentication request being sent from a secure web service to a user device associated with a user. The embodiment transmits, responsive to the authentication request, a credential request to a credential storage, wherein the credential request includes a request for a credential associated with the user and the secure web service. The embodiment receives, responsive to the credential request, the credential associated with the user and the secure web service. The embodiment transmits, as a response to the authentication request, the credential associated with the user to the secure web service. The embodiment intercepts, responsive to successful validation of the credential by the secure web service, an authentication response from the secure web service, where the authentication response includes session data required for maintaining an authenticated session with the secure web service. The embodiment forwards the authentication response with the session data to the user device.
    Type: Application
    Filed: September 9, 2021
    Publication date: March 9, 2023
    Applicant: International Business Machines Corporation
    Inventors: Vinod Anandram Valecha, Rinkesh I. Bansal, Sanjay B. Panchal, Chintan Thaker
  • Patent number: 11454047
    Abstract: A digital key management system for physical keys is provided. A processor registers a physical lock. A processor generates a digital key based on a physical key structure to be used with the physical lock. A processor configures the physical lock to decode an inserted physical key. A processor verifies the inserted physical key, in response to a digital key for the decoded physical key matching the generated digital key.
    Type: Grant
    Filed: June 20, 2019
    Date of Patent: September 27, 2022
    Assignee: International Business Machines Corporation
    Inventors: Vinod A. Valecha, Rinkesh I. Bansal, Sanjay B. Panchal, Chintan Thaker
  • Publication number: 20220247575
    Abstract: A method, a computer program product, and a system for usage restrictions on digital certificates. The method includes selecting a digital certificate relating to a user and determining a usage restriction policy for the digital certificate based on the user. The method also includes populating an extension field of the digital certificate with the usage restriction policy. The method further includes providing the digital certificate including the usage restriction policy to the user. The method also includes gathering parameters relating to the digital certificate, determining usage patterns based on the parameters, inputting the usage patterns into a machine learning model, outputting a risk assessment, and updating the usage restriction policy based on the risk assessment.
    Type: Application
    Filed: February 4, 2021
    Publication date: August 4, 2022
    Inventors: Rinkesh I. Bansal, Vinod A. Valecha, Sanjay B. Panchal, Chintan Thaker
  • Patent number: 11391591
    Abstract: Embodiments of the present invention provide systems and methods for personalizing a navigation route. The method includes receiving a request from a user for a navigation route between two or more points. The method further includes accessing navigation data and services, creating a generic navigation route, accessing route history and related data for the user, creating a personalized navigation route for the user, and displaying the personalized navigation route.
    Type: Grant
    Filed: August 7, 2019
    Date of Patent: July 19, 2022
    Assignee: International Business Machines Corporation
    Inventors: Rinkesh I. Bansal, Sanjay B. Panchal, Chintan Thaker, Vinod A. Valecha
  • Patent number: 11316684
    Abstract: An enterprise key management server operates in association with a location service that maintains information defining at least one physical boundary of the enterprise. Upon receipt at the key management server of a request that requires release of key material, an additional security check is performed. When the request is received from a GPS-enabled storage device, the key management server queries the location service to determine whether that device is within the boundary. If so, the key material is released. If the requesting device does not provide its location, or if the location service determines that the device is not within the boundary, the key management server fails the request so that the key material is not released. In this manner, the disclosure of the key material to a device that is no longer within the confines of the enterprise, e.g., because it has been stolen, is averted.
    Type: Grant
    Filed: May 19, 2020
    Date of Patent: April 26, 2022
    Assignee: International Business Machines Corporation
    Inventors: Mohit Niranjan Agrawal, Vinod A. Valecha, Sanjay B. Panchal
  • Patent number: 11190522
    Abstract: Described herein are techniques for delegating access using an offline token. The techniques including a method comprising receiving, at a server and from a delegate user device, a delegate login package comprising an offline token and delegate credentials. The offline token is generated at an offline user device and transmitted to the delegate user device for enabling the delegate user device to access access-controlled content associated with the offline user device. The techniques further include validating, by the server, the delegate login package by comparing the delegate credentials with delegate information stored in the offline token. The techniques further including establishing a delegated session between the delegate user device and the access-controlled content stored on the server in response to validating the delegate login package. Furthermore, the delegated session is established according to an access policy, delegation rights, and an expiration parameter stored in the offline token.
    Type: Grant
    Filed: July 15, 2019
    Date of Patent: November 30, 2021
    Assignee: International Business Machines Corporation
    Inventors: Vinod A. Valecha, Nishant Singhai, Sanjay B. Panchal, Vikram Subhash Khopade
  • Publication number: 20210367768
    Abstract: An enterprise key management server operates in association with a location service that maintains information defining at least one physical boundary of the enterprise. Upon receipt at the key management server of a request that requires release of key material, an additional security check is performed. When the request is received from a GPS-enabled storage device, the key management server queries the location service to determine whether that device is within the boundary. If so, the key material is released. If the requesting device does not provide its location, or if the location service determines that the device is not within the boundary, the key management server fails the request so that the key material is not released. In this manner, the disclosure of the key material to a device that is no longer within the confines of the enterprise, e.g., because it has been stolen, is averted.
    Type: Application
    Filed: May 19, 2020
    Publication date: November 25, 2021
    Applicant: International Business Machines Corporation
    Inventors: Mohit Niranjan Agrawal, Vinod A. Valecha, Sanjay B. Panchal
  • Publication number: 20210288953
    Abstract: An online authentication system allows a user to define their own logic for multistage authentication, which is provided to an online authentication center and stored as encrypted bytecode based on each user's password. Implementation logic can use third party information sources to provide additional authentication options.
    Type: Application
    Filed: June 2, 2021
    Publication date: September 16, 2021
    Inventors: Vinod A. Valecha, Sanjay B. Panchal, Mohit N. Agrawal
  • Publication number: 20210288798
    Abstract: A computer-implemented method for generating a symmetric key for data encryption includes receiving a first request from an entity to generate a first symmetric key for data encryption. The computer-implemented method further includes retrieving a first secret data element and a second secret data element from one or more secret data servers. The computer-implemented method further includes dividing each of the first secret data element and the second secret data element into a number of secret data element byte strings. The computer-implemented method further includes generating the first symmetric key for data encryption based, at least in part, on combining a first secret data element byte string from the first secret data element and a second secret data element byte string from the second secret data element.
    Type: Application
    Filed: March 16, 2020
    Publication date: September 16, 2021
    Inventors: Saarthak Vadhera, Rinkesh I. Bansal, Chintan Thaker, Sanjay B. Panchal, Vinod A. Valecha
  • Patent number: 11101997
    Abstract: Cryptographic key provisioning by determining future cryptographic key demand according to historic key demand and key access requirements, determining cryptographic key provisioning resources for the future cryptographic key demand, and providing cryptographic keys, prior to the determined future cryptographic key demand using the cryptographic key provisioning resources.
    Type: Grant
    Filed: July 1, 2019
    Date of Patent: August 24, 2021
    Assignee: International Business Machines Corporation
    Inventors: Vinod A. Valecha, Rinkesh I. Bansal, Sanjay B. Panchal, Chintan Thaker
  • Patent number: 11050735
    Abstract: An online authentication system allows a user to define their own logic for multistage authentication, which is provided to an online authentication center and stored as encrypted bytecode based on each user's password. Implementation logic can use third party information sources to provide additional authentication options.
    Type: Grant
    Filed: August 23, 2018
    Date of Patent: June 29, 2021
    Assignee: International Business Machines Corporation
    Inventors: Vinod A. Valecha, Sanjay B. Panchal, Mohit N. Agrawal
  • Patent number: 11010480
    Abstract: The method, computer system, and computer program product for using a key management server to protect visible content. The method, computer program product, and computer system may include a key management server which may receive, from an encryption device, an identification of one or more portions of clear information visible on a physical document. The key management server may receive, from the encryption device, one or more permission parameters. The permission parameters may include a time duration parameter, a location parameter, a start and end time parameter, or a device identification parameter. Further, the key management server may receive, from a decryption device, a request to access a portion of the clear information. The key management server may transmit, to the decryption device, information permitting access to the portion of clear information.
    Type: Grant
    Filed: October 25, 2018
    Date of Patent: May 18, 2021
    Assignee: International Business Machines Corporation
    Inventors: Rinkesh I. Bansal, Chintan Thaker, Sanjay B. Panchal, Vinod A. Valecha
  • Publication number: 20210021601
    Abstract: Described herein are techniques for delegating access using an offline token. The techniques including a method comprising receiving, at a server and from a delegate user device, a delegate login package comprising an offline token and delegate credentials. The offline token is generated at an offline user device and transmitted to the delegate user device for enabling the delegate user device to access access-controlled content associated with the offline user device. The techniques further include validating, by the server, the delegate login package by comparing the delegate credentials with delegate information stored in the offline token. The techniques further including establishing a delegated session between the delegate user device and the access-controlled content stored on the server in response to validating the delegate login package. Furthermore, the delegated session is established according to an access policy, delegation rights, and an expiration parameter stored in the offline token.
    Type: Application
    Filed: July 15, 2019
    Publication date: January 21, 2021
    Inventors: Vinod A. Valecha, Nishant Singhai, Sanjay B. Panchal, Vikram Subhash Khopade
  • Publication number: 20210006401
    Abstract: Cryptographic key provisioning by determining future cryptographic key demand according to historic key demand and key access requirements, determining cryptographic key provisioning resources for the future cryptographic key demand, and providing cryptographic keys, prior to the determined future cryptographic key demand using the cryptographic key provisioning resources.
    Type: Application
    Filed: July 1, 2019
    Publication date: January 7, 2021
    Inventors: Vinod A. Valecha, Rinkesh I. Bansal, Sanjay B. Panchal, Chintan Thaker
  • Publication number: 20200399928
    Abstract: A digital key management system for physical keys is provided. A processor registers a physical lock. A processor generates a digital key based on a physical key structure to be used with the physical lock. A processor configures the physical lock to decode an inserted physical key. A processor verifies the inserted physical key, in response to a digital key for the decoded physical key matching the generated digital key.
    Type: Application
    Filed: June 20, 2019
    Publication date: December 24, 2020
    Inventors: Vinod A. Valecha, Rinkesh I. Bansal, Sanjay B. Panchal, Chintan Thaker
  • Patent number: 10659441
    Abstract: A service interface of an SSL application hosted on at least one computer system in a hosted network selecting at least one authorized cipher suite. An SSL socket of the SSL application negotiating with another SSL socket of another SSL application in the hosted network for a mutual cipher from among the at least one authorized cipher suite and a shared key to encrypt information exchanged during a secure session. Responsive to establishing a security connection between the SSL socket and the another SSL socket using the selected mutual cipher, the service interface sends to a centralized service an identifier of the selected mutual cipher. Responsive to the service interface receiving a revoked cipher alert from the centralized service, the service interface revokes one or more sessions of the SSL application using a revoked cipher in the revoked cipher alert matching the selected mutual cipher.
    Type: Grant
    Filed: December 10, 2018
    Date of Patent: May 19, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Rinkesh I. Bansal, Shiv S. Jha, Sanjay B. Panchal, Mahesh S. Paradkar, Chintan Thaker
  • Publication number: 20200134201
    Abstract: The method, computer system, and computer program product for using a key management server to protect visible content. The method, computer program product, and computer system may include a key management server which may receive, from an encryption device, an identification of one or more portions of clear information visible on a physical document. The key management server may receive, from the encryption device, one or more permission parameters. The permission parameters may include a time duration parameter, a location parameter, a start and end time parameter, or a device identification parameter. Further, the key management server may receive, from a decryption device, a request to access a portion of the clear information. The key management server may transmit, to the decryption device, information permitting access to the portion of clear information.
    Type: Application
    Filed: October 25, 2018
    Publication date: April 30, 2020
    Inventors: Rinkesh I. Bansal, Chintan Thaker, SANJAY B. PANCHAL, VINOD A. VALECHA