Patents by Inventor Sarah K. Inforzato

Sarah K. Inforzato has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10454890
    Abstract: Methods of communicatively connecting first and second endpoints are disclosed. One method includes transmitting from a first endpoint to a second endpoint a connection request, the connection request including an IP address of the second endpoint. The method further includes, based at least in part on the IP address of the second endpoint, selecting IPsec from among a plurality of available security protocols to first attempt to use in forming a tunnel between the first and second endpoints, and forming the tunnel between the first and second endpoints based on the connection request.
    Type: Grant
    Filed: September 30, 2013
    Date of Patent: October 22, 2019
    Assignee: Unisys Corporation
    Inventors: Robert A Johnson, Kathleen Wild, Sarah K Inforzato, Ted Hinaman
  • Patent number: 10454931
    Abstract: Methods and systems for securing communications with an enterprise from a remote computing system are disclosed. One method includes initiating a secured connection with a VPN appliance associated with an enterprise using service credentials maintained in a secure applet installed on a remote computing device, and initiating communication with an authentication server within an enterprise via the secured connection. The method also includes receiving specific credentials from the authentication server, terminating the secured connection with the VPN appliance, and initiating a second secured connection with the VPN appliance using the specific credentials, the specific credentials providing access to one or more computing devices within the enterprise being within a same community of interest as the remote computing device and obfuscating one or more other computing systems within the enterprise excluded from the community of interest.
    Type: Grant
    Filed: January 20, 2016
    Date of Patent: October 22, 2019
    Assignee: UNISYS CORPORATION
    Inventors: Ted Hinaman, Steven J Rajcan, Matthew Mohr, William Gunn, Sarah K Inforzato, Robert A Johnson, Gregory J Small, David S Dodgson
  • Publication number: 20190097968
    Abstract: A method of communicatively connecting first and second endpoints across a NAT and/or PAT router to form an IPSec encrypted tunnel is disclosed. A message is received by the first endpoint from the second endpoint. The message includes an encrypted portion including a source port, a destination port, a source IP address, and a destination IP address. It is determined whether a table entry exists for the message. If Yes, it is determined by the first endpoint whether a NAT router and/or a PAT router is between the first endpoint and the second endpoint based, at least in part, on the table entry and the encrypted portion of the message. If Yes, an IPSec encrypted tunnel is created using IPSec transport mode for further communications between the first and second endpoints. An apparatus and a computer program product are also disclosed.
    Type: Application
    Filed: September 28, 2017
    Publication date: March 28, 2019
    Applicant: Unisys Corporation
    Inventors: Sarah K. Inforzato, Gregory J. Small, Robert A. Johnson, Barry C. Andersen, Kathleen Wild
  • Publication number: 20180212927
    Abstract: Methods of communicatively connecting first and second endpoints are disclosed. One method includes transmitting from a first endpoint to a second endpoint a connection request, the connection request including an IP address of the second endpoint. The method further includes, based at least in part on the IP address of the second endpoint, selecting IPsec from among a plurality of available security protocols to first attempt to use in forming a tunnel between the first and second endpoints, and forming the tunnel between the first and second endpoints based on the connection request.
    Type: Application
    Filed: September 30, 2013
    Publication date: July 26, 2018
    Inventors: Robert A. Johnson, Kathleen Wild, Sarah K. Inforzato, Ted Hinaman
  • Patent number: 9794237
    Abstract: A method of managing secure communications states in an endpoint within a secure network is disclosed. The method includes, in a disconnected state, transmitting from a first endpoint to a second endpoint a first message including an authorization token. The method further includes, in the pending state, receiving from the second endpoint a second message including a second authorization token at the first endpoint. The method includes, based on the receipt of the second message, entering an open state and initializing a tunnel between the first and second endpoints using an IPsec-based secured connection. The method also includes, upon termination of the tunnel due to a termination or timeout message issued by at least one of the first and second endpoints, entering a closed state.
    Type: Grant
    Filed: June 29, 2015
    Date of Patent: October 17, 2017
    Assignee: Unisys Corporation
    Inventors: Robert A Johnson, Sarah K Inforzato
  • Patent number: 9716589
    Abstract: A secure communications arrangement including an endpoint is disclosed. The endpoint includes a computing system. The computing system includes a user level services component and a kernel level callout driver interfaced to the user level services component and configured to establish an IPsec tunnel with a remote endpoint. The computing system also includes a filter engine storing one or more filters defining endpoints authorized to communicate with the endpoint via the IPsec tunnel. The computing system also includes a second kernel level driver configured to establish a secure tunnel using a second security protocol different from IPsec.
    Type: Grant
    Filed: September 30, 2013
    Date of Patent: July 25, 2017
    Assignee: Unisys Corporation
    Inventors: Robert A Johnson, Kathleen Wild, Sarah K Inforzato, Ted Hinaman
  • Publication number: 20170208038
    Abstract: Methods and systems for securing communications with an enterprise from a remote computing system are disclosed. One method includes initiating a secured connection with a VPN appliance associated with an enterprise using service credentials maintained in a secure applet installed on a remote computing device, and initiating communication with an authentication server within an enterprise via the secured connection. The method also includes receiving specific credentials from the authentication server, terminating the secured connection with the VPN appliance, and initiating a second secured connection with the VPN appliance using the specific credentials, the specific credentials providing access to one or more computing devices within the enterprise being within a same community of interest as the remote computing device and obfuscating one or more other computing systems within the enterprise excluded from the community of interest.
    Type: Application
    Filed: January 20, 2016
    Publication date: July 20, 2017
    Applicant: Unisys Corporation
    Inventors: Ted Hinaman, Steven J. Rajcan, Matthew Mohr, William Gunn, Sarah K. Inforzato, Robert A. Johnson, Gregory J. Small, David S. Dodgson
  • Patent number: 9596077
    Abstract: A method and system for establishing secure communications between endpoints includes transmitting a first message including a token having one or more entries each corresponding to a community of interest associated with a user of the first endpoint and including an encryption key and a validation key associated with the first endpoint. The method includes receiving a second message including a second authorization token including one or more entries, each entry corresponding to a community of interest associated with a second user and including an encryption key and a validation key associated with the second endpoint. The method includes, for each community of interest associated with both users, decrypting an associated entry in the second authorization token to obtain the encryption key and validation key associated with the second endpoint.
    Type: Grant
    Filed: September 30, 2013
    Date of Patent: March 14, 2017
    Assignee: Unisys Corporation
    Inventors: Robert A Johnson, Kathleen Wild, Sarah K Inforzato, Ted Hinaman
  • Publication number: 20160380984
    Abstract: A method of managing secure communications states in an endpoint within a secure network is disclosed. The method includes, in a disconnected state, transmitting from a first endpoint to a second endpoint a first message including an authorization token. The method further includes, in the pending state, receiving from the second endpoint a second message including a second authorization token at the first endpoint. The method includes, based on the receipt of the second message, entering an open state and initializing a tunnel between the first and second endpoints using an IPsec-based secured connection. The method also includes, upon termination of the tunnel due to a termination or timeout message issued by at least one of the first and second endpoints, entering a closed state.
    Type: Application
    Filed: June 29, 2015
    Publication date: December 29, 2016
    Applicant: UNISYS CORPORATION
    Inventors: Robert A. Johnson, Sarah K. Inforzato
  • Patent number: 9525666
    Abstract: An endpoint, method, and authorization server are disclosed which can be used to allow concurrent secure and clear text communication. An endpoint includes a computing system including a programmable circuit operatively connected to a memory and a communication interface, the communication interface configured to send and receive data packets via a data communications network. The endpoint also includes a filter defined in the memory of the computing system, the filter configured to define one or more access lists, each access list defining a group of access permissions for a community of interest. The community of interest includes one or more users, and an access list from among the one or more access lists defines a set of clear text access permissions associated with a community of interest. The endpoint also includes a driver executable by the programmable circuit, the driver configured to cooperate with the communication interface to send and receive data packets via the data communications network.
    Type: Grant
    Filed: May 11, 2011
    Date of Patent: December 20, 2016
    Assignee: Unisys Corporation
    Inventors: Sarah K. Inforzato, Ted Hinaman, Robert A. Johnson
  • Publication number: 20160156594
    Abstract: An endpoint, method, and authorization server are disclosed which can be used to allow concurrent secure and clear text communication. An endpoint includes a computing system including a programmable circuit operatively connected to a memory and a communication interface, the communication interface configured to send and receive data packets via a data communications network. The endpoint also includes a filter defined in the memory of the computing system, the filter configured to define one or more access lists, each access list defining a group of access permissions for a community of interest. The community of interest includes one or more users, and an access list from among the one or more access lists defines a set of clear text access permissions associated with a community of interest. The endpoint also includes a driver executable by the programmable circuit, the driver configured to cooperate with the communication interface to send and receive data packets via the data communications network.
    Type: Application
    Filed: May 11, 2011
    Publication date: June 2, 2016
    Inventors: Sarah K. Inforzato, Ted Hinaman, Robert A. Johnson
  • Publication number: 20150381567
    Abstract: A gateway computing system includes a memory storing cleartext gateway software and a programmable circuit communicatively connected to the memory. The programmable circuit is configured to execute computer-executable instructions including the cleartext gateway software. Execution of the cleartext gateway software by the programmable circuit causes the gateway computing system to instantiate at the gateway computing system a virtual device router including a cleartext interface configured to send and receive data packets from a cleartext endpoint and a secured interface configured to exchange data packets with one or more secured endpoints within a secured enterprise network, and load the virtual device router with community of interest material from an authentication server, the community of interest material associated with one or more communities of interest configured to allow access to the cleartext endpoint.
    Type: Application
    Filed: June 29, 2015
    Publication date: December 31, 2015
    Applicant: UNISYS CORPORATION
    Inventors: Robert A. Johnson, Sarah K. Inforzato
  • Publication number: 20150095649
    Abstract: A method and system for establishing secure communications between endpoints includes transmitting a first message including a token having one or more entries each corresponding to a community of interest associated with a user of the first endpoint and including an encryption key and a validation key associated with the first endpoint. The method includes receiving a second message including a second authorization token including one or more entries, each entry corresponding to a community of interest associated with a second user and including an encryption key and a validation key associated with the second endpoint. The method includes, for each community of interest associated with both users, decrypting an associated entry in the second authorization token to obtain the encryption key and validation key associated with the second endpoint.
    Type: Application
    Filed: September 30, 2013
    Publication date: April 2, 2015
    Applicant: Unisys Corporation
    Inventors: Robert A. Johnson, Kathleen Wild, Sarah K. Inforzato, Ted Hinaman
  • Publication number: 20140317405
    Abstract: A secure communications arrangement including an endpoint is disclosed. The endpoint includes a computing system. The computing system includes a user level services component and a kernel level callout driver interfaced to the user level services component and configured to establish an IPsec tunnel with a remote endpoint. The computing system also includes a filter engine storing one or more filters defining endpoints authorized to communicate with the endpoint via the IPsec tunnel. The computing system also includes a second kernel level driver configured to establish a secure tunnel using a second security protocol different from IPsec.
    Type: Application
    Filed: September 30, 2013
    Publication date: October 23, 2014
    Applicant: Unisys Corporation
    Inventors: Robert A. Johnson, Kathleen Wild, Sarah K. Inforzato, Ted Hinaman
  • Publication number: 20140317720
    Abstract: Methods of communicatively connecting first and second endpoints are disclosed. One method includes transmitting from a first endpoint to a second endpoint a connection request, the connection request including an IP address of the second endpoint. The method further includes, based at least in part on the IP address of the second endpoint, selecting IPsec from among a plurality of available security protocols to first attempt to use in forming a tunnel between the first and second endpoints, and forming the tunnel between the first and second endpoints based on the connection request.
    Type: Application
    Filed: September 30, 2013
    Publication date: October 23, 2014
    Inventors: Robert A. Johnson, Kathleen Wild, Sarah K. Inforzato, Ted Hinaman
  • Patent number: 8312117
    Abstract: A distributed computer system comprises an enterprise server and a network server. The distributed computer system utilizes a distributed transmission control protocol (TCP) to establish an off-loaded dialog through the network server. If the off-loaded dialog is interrupted by, e.g., failure of the hosting network server, dialog recovery is performed to move the off-loaded dialog.
    Type: Grant
    Filed: November 15, 2001
    Date of Patent: November 13, 2012
    Assignee: Unisys Corporation
    Inventors: Margaret Ann Magnotta, Anthony Narisi, Lois Bridgham Coyne, Michelle Marie Salvado, Susan Mary Jennion, Sarah K. Inforzato
  • Publication number: 20120084838
    Abstract: An endpoint, method, and authorization server are disclosed which can be used to allow concurrent secure and clear text communication. An endpoint includes a computing system including a programmable circuit operatively connected to a memory and a communication interface, the communication interface configured to send and receive data packets via a data communications network. The endpoint also includes a filter defined in the memory of the computing system, the filter configured to define one or more access lists, each access list defining a group of access permissions for a community of interest. The community of interest includes one or more users, and an access list from among the one or more access lists defines a set of clear text access permissions associated with a community of interest. The endpoint also includes a driver executable by the programmable circuit, the driver configured to cooperate with the communication interface to send and receive data packets via the data communications network.
    Type: Application
    Filed: May 11, 2011
    Publication date: April 5, 2012
    Inventors: Sarah K. Inforzato, Ted Hinaman, Robert A. Johnson
  • Patent number: 7581033
    Abstract: Intelligent NIC optimizations includes system and methods for Token Table Posting, use of a Master Completion Queue, Notification Request Area (NRA) associated with completion queues, preferably in the Network Interface Card (NIC) for providing notification of request completions, and what we call Lazy Memory Deregistration which allows non-critical memory deregistration processing to occur during non-busy times. These intelligent NIC optimizations which can be applied outside the scope of VIA (e.g. iWARP and the like), but also support VIA.
    Type: Grant
    Filed: December 5, 2003
    Date of Patent: August 25, 2009
    Assignee: Unisys Corporation
    Inventors: Dwayne E. Ebersole, Sarah K. Inforzato, Robert A. Johnson, Anthony Narisi, Kathleen Wild
  • Publication number: 20090172301
    Abstract: Intelligent NIC optimizations includes system and methods for Token Table Posting, use of a Master Completion Queue, Notification Request Area (NRA) associated with completion queues, preferably in the Network Interface Card (NIC) for providing notification of request completions, and what we call Lazy Memory Deregistration which allows non-critical memory deregistration processing to occur during non-busy times. These intelligent NIC optimizations which can be applied outside the scope of VIA (e.g. iWARP and the like), but also support VIA.
    Type: Application
    Filed: December 5, 2003
    Publication date: July 2, 2009
    Inventors: Dwayne E. Ebersole, Sarah K. Inforzato, Robert A. Johnson, Anthony Narisi, Kathleen Wild
  • Patent number: 5539736
    Abstract: An interface which enables a LAN connected workstation to concurrently communicate with a plurality of computer platforms having respective network architectures over the same physical connection. The interface receives data from a LAN connection, examines the data and identifies the format being used. Based on the identified format, the interface determines the appropriate destination for the data and sends the data to that destination. Additionally, the interface enables a workstation running XNS software to run terminal emulation programs at the increased speed available from a LAN connection by enhancing the XNS protocol with (1) message segmentation and reassembly, (2) maximum packet size negotiation and (3) LAN address discovery.
    Type: Grant
    Filed: October 4, 1994
    Date of Patent: July 23, 1996
    Assignee: Unisys Corporation
    Inventors: Robert A. Johnson, Sarah K. Inforzato, Jonathan Skilton