Patents by Inventor Seemant Choudhary
Seemant Choudhary has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 12212635Abstract: A method of traffic forwarding and disambiguation through the use of local proxies and addresses. The technique leverages DNS to on-ramp traffic to a local proxy. The local proxy runs on the end user's device. According to a first embodiment, DNS is used to remap what would normally be a wide range of IP addresses to localhost based on 127.0.0.0/8 listening sockets, where the system can then listen for connections and data. In a second embodiment, a localhost proxy based on a TUN/TAP interface (or other packet interception method) with a user-defined CIDR range to which the local DNS server drives traffic is used. Requests on that local proxy are annotated (by adding data to the upstream connection).Type: GrantFiled: January 3, 2023Date of Patent: January 28, 2025Assignee: Akamai Technologies, Inc.Inventors: Seetharama Sarma Ayyadevara, Charles E. Gero, Stephan Benny, Pravin Tatti, Manoj Kumar, Seemant Choudhary, Robert Lauro Quiros, Priyatham Phani Srinath Adigopula, Poornima Venkatesha, Sumeet Gupta
-
Patent number: 12034854Abstract: A method of enabling single sign-on (SSO) access to an application executing in an enterprise, wherein authorized, secure access to specific enterprise applications are facilitated via an enterprise-based connector. In response to successful authentication of an end user via a first authentication method, a credential associated with the successful authentication is encrypted to generate an encrypted user token. The encrypted user token is then forwarded for storage in a database accessible by the enterprise-based connector. Following a redirect (e.g., from a login server instance) that returns the end user to the enterprise-based connector, the encrypted user token is fetched and decrypted to recover the credential. The credential so recovered is then used to attempt to authenticate the user to an application via a second authentication method distinct from the first authentication method.Type: GrantFiled: February 21, 2021Date of Patent: July 9, 2024Assignee: Akamai Technologies, Inc.Inventors: Seetharama Ayyadevara, Seemant Choudhary, Stephan Benny, Punit Kandoi, Pravin Tatti
-
Publication number: 20230133809Abstract: A method of traffic forwarding and disambiguation through the use of local proxies and addresses. The technique leverages DNS to on-ramp traffic to a local proxy. The local proxy runs on the end user's device. According to a first embodiment, DNS is used to remap what would normally be a wide range of IP addresses to localhost based on 127.0.0.0/8 listening sockets, where the system can then listen for connections and data. In a second embodiment, a localhost proxy based on a TUN/TAP interface (or other packet interception method) with a user-defined CIDR range to which the local DNS server drives traffic is used. Requests on that local proxy are annotated (by adding data to the upstream connection).Type: ApplicationFiled: January 3, 2023Publication date: May 4, 2023Applicant: Akamai Technologies, Inc.Inventors: Seetharama Sarma Ayyadevara, Charles E. Gero, Stephan Benny, Pravin Tatti, Manoj Kumar, Seemant Choudhary, Robert Lauro Quiros, Priyatham Phani Srinath Adigopula, Poornima Venkatesha, Sr., Sumeet Gupta
-
Patent number: 11546444Abstract: A method of traffic forwarding and disambiguation through the use of local proxies and addresses. The technique leverages DNS to on-ramp traffic to a local proxy. The local proxy runs on the end user's device. According to a first embodiment, DNS is used to remap what would normally be a wide range of IP addresses to localhost based on 127.0.0.0/8 listening sockets, where the system can then listen for connections and data. In a second embodiment, a localhost proxy based on a TUN/TAP interface (or other packet interception method) with a user-defined CIDR range to which the local DNS server drives traffic is used. Requests on that local proxy are annotated (by adding data to the upstream connection).Type: GrantFiled: March 22, 2019Date of Patent: January 3, 2023Assignee: Akamai Technologies, Inc.Inventors: Seetharama Sarma Ayyadevara, Charles E. Gero, Stephan Benny, Pravin Tatti, Manoj Kumar, Seemant Choudhary, Robert Lauro Quiros, Priyatham Phani Srinath Adigopula, Poornima Venkatesha, Sr., Sumeet Gupta
-
Publication number: 20210176061Abstract: A method of enabling single sign-on (SSO) access to an application executing in an enterprise, wherein authorized, secure access to specific enterprise applications are facilitated via an enterprise-based connector. In response to successful authentication of an end user via a first authentication method, a credential associated with the successful authentication is encrypted to generate an encrypted user token. The encrypted user token is then for storage in a database accessible by the enterprise-based connector. Following a redirect (e.g., from a login server instance) that returns the end user to the enterprise-based connector, the encrypted user token is fetched and decrypted recover the credential. The credential so recovered is then used to attempt to authenticate the user to an application via a second authentication method distinct from the first authentication method.Type: ApplicationFiled: February 21, 2021Publication date: June 10, 2021Applicant: Akamai Technologies, Inc.Inventors: Seetharama Ayyadevara, Seemant Choudhary, Stephan Benny, Pundit Kandoi, Pravin Tatti
-
Patent number: 10931452Abstract: A method of enabling single sign-on (SSO) access to an application executing in an enterprise, wherein authorized, secure access to specific enterprise applications are facilitated via an enterprise-based connector. In response to successful authentication of an end user via a first authentication method, a credential associated with the successful authentication is encrypted to generate an encrypted user token. The encrypted user token is then forwarded for storage in a database accessible by the enterprise-based connector. Following a redirect (e.g., from a login server instance) that returns the end user to the enterprise-based connector, the encrypted user token is fetched and decrypted to recover the credential. The credential so recovered is then used to attempt to authenticate the user to an application via a second authentication method distinct from the first authentication method.Type: GrantFiled: August 22, 2017Date of Patent: February 23, 2021Assignee: Akamai Technologies, Inc.Inventors: Seetharama Ayyadevara, Seemant Choudhary, Stephan Benny, Punit Kandoi, Pravin Tatti
-
Patent number: 10432636Abstract: Methods, systems and computer readable media for securing mDNS in enterprise networks are described. In some implementations, the method can include authorizing one or more service advertisements and validating one or more service advertisements. The method can also include adding one or more information details to a record associated with an advertised service.Type: GrantFiled: December 4, 2013Date of Patent: October 1, 2019Assignee: Extreme Networks, Inc.Inventors: Shashi Hosakere Ankaiah, Vivek L Atreya, Seemant Choudhary, Uday Shankar
-
Publication number: 20190297161Abstract: A method of traffic forwarding and disambiguation through the use of local proxies and addresses. The technique leverages DNS to on-ramp traffic to a local proxy. The local proxy runs on the end user's device. According to a first embodiment, DNS is used to remap what would normally be a wide range of IP addresses to localhost based on 127.0.0.0/8 listening sockets, where the system can then listen for connections and data. In a second embodiment, a localhost proxy based on a TUN/TAP interface (or other packet interception method) with a user-defined CIDR range to which the local DNS server drives traffic is used. Requests on that local proxy are annotated (by adding data to the upstream connection).Type: ApplicationFiled: March 22, 2019Publication date: September 26, 2019Applicant: Akamai Technologies, Inc.Inventors: Seetharama Sarma Ayyadevara, Charles E. Gero, Stephan Benny, Pravin Tatti, Manoj Kumar, Seemant Choudhary, Robert Lauro Quiros, Priyatham Phani Srinath Adigopula, Poornima Venkatesha, SR., Sumeet Gupta
-
Patent number: 10412067Abstract: A system to deliver an application, hosted by a private application provider, over a network to a user device comprising: an application delivery system that includes, a frontend network interface that includes at least one first traffic director (FTD) instance; a network security interface that includes a plurality of traffic processing server (TPS) instances; a backend network interface that includes at least one backend traffic director (BTD) instance; and at least one agent that is associated with the application and that is disposed within the private application provider system; wherein a federated TLS ticket is used to filter TLS connection requests received by an FTD instance; and wherein a TLS extension is used to filter TLS connection requests received by a BTD instance.Type: GrantFiled: April 18, 2017Date of Patent: September 10, 2019Assignee: Akamai Technologies, Inc.Inventors: Seetharama Sarma Ayyadevara, Seemant Choudhary, Stephan Benny, Pravin Tatti, Punit Kandoi, Rohit Verma, Venukrishna Prasad
-
Patent number: 10270622Abstract: Embodiments herein include systems and methods for providing a mechanism to enable smooth, seamless, and reliable connectivity for wireless devices in a unified network. The system supports roaming of mobile units across mobility switches. A given mobile unit can retain its IP address in both intra-subnet and inter-subnet roaming scenarios. The given mobile unit also retains its membership to a mobility VLAN to which it had been assigned, even during roaming scenarios. Embodiments include a framework for wireless switches to advertise VLANs they support to peer wireless switches in the mobility domain, and to advertise their capability to act as VLAN servers for those VLANs. Embodiments support VLAN membership management capabilities that allow access points and peer wireless switches to request wireless switches to add VLANs to the tunnels they share.Type: GrantFiled: May 7, 2010Date of Patent: April 23, 2019Assignee: Avaya Inc.Inventors: Vivek L. Atreya, Shashi H. Ankaiah, Seemant Choudhary, Kumar Das Karunakaran, Udaya N. Shankar
-
Publication number: 20180069702Abstract: A method of enabling single sign-on (SSO) access to an application executing in an enterprise, wherein authorized, secure access to specific enterprise applications are facilitated via an enterprise-based connector. In response to successful authentication of an end user via a first authentication method, a credential associated with the successful authentication is encrypted to generate an encrypted user token. The encrypted user token is then for storage in a database accessible by the enterprise-based connector. Following a redirect (e.g., from a login server instance) that returns the end user to the enterprise-based connector, the encrypted user token is fetched and decrypted recover the credential. The credential so recovered is then used to attempt to authenticate the user to an application via a second authentication method distinct from the first authentication method.Type: ApplicationFiled: August 22, 2017Publication date: March 8, 2018Applicant: Akamai Technologies, Inc.Inventors: Seetharama Ayyadevara, Seemant Choudhary, Stephan Benny, Pundit Kandoi, Pravin Tatti
-
Patent number: 9906896Abstract: One or more implementations can include methods, systems and computer readable media for client location discovery. In some implementations, the method can include receiving, at an access point, a location discovery request message from a client and sending a request from the access point to a location server requesting location information for the client, when a location server is available. The method can also include receiving location information from the location server, when a location server is available and providing the access point location as location information, when a location server is not available. The method can further include sending the location information as a response to the client.Type: GrantFiled: September 21, 2013Date of Patent: February 27, 2018Assignee: Avaya Inc.Inventors: Vivek L. Atreya, Shashi H. Ankaiah, Seung Bong Han, Seemant Choudhary
-
Publication number: 20170353437Abstract: A system to deliver an application, hosted by a private application provider, over a network to a user device comprising: an application delivery system that includes, a frontend network interface that includes at least one first traffic director (FTD) instance; a network security interface that includes a plurality of traffic processing server (TPS) instances; a backend network interface that includes at least one backend traffic director (BTD) instance; and at least one agent that is associated with the application and that is disposed within the private application provider system; wherein a federated TLS ticket is used to filter TLS connection requests received by an FTD instance; and wherein a TLS extension is used to filter TLS connection requests received by a BTD instanceType: ApplicationFiled: April 18, 2017Publication date: December 7, 2017Applicant: Akamai Technologies, Inc.Inventors: Seetharama Sarma Ayyadevara, Seemant Choudhary, Stephan Benny, Pravin Tatti, Punit Kandoi, Rohit Verma, Venukrishna Prasad
-
Patent number: 9755899Abstract: A mobility network architecture includes a control plane and data plane. The control plane supports notification of VLAN configurations. The data plane supports routing of data amongst VLANs. Each VLAN has an associated identifier value as well as a version number. The version number for a respective VLAN can be updated to a new value each time there is a change to the VLAN. Typically, a controller communicates over the control plane to notify each member switch when a version number has changed for a VLAN. If controller notification fails, a member switch can receive a notification from a neighboring switch that the version number for a VLAN has been modified. In response to detecting such a condition, the switch receiving the notification can prevent forwarding of data even though the switch does not receive notification from the controller that the version number for the VLAN has changed.Type: GrantFiled: May 10, 2010Date of Patent: September 5, 2017Assignee: Avaya Inc.Inventors: William Stanislaus, Seemant Choudhary, Vivek L. Atreya, Shashi H. Ankaiah
-
Patent number: 9723493Abstract: Implementations relate to configuring wireless access points in a wireless network. In some implementations, a method includes selecting, from a plurality of wireless access points in a communication network, a configuring subset of wireless access points and a different compensating subset of wireless access points. New settings are applied to the compensating subset of wireless access points to change a physical coverage of wireless communication provided by the compensating subset, thus at least partially compensating for disabled wireless communication of the configuring subset. The method disables wireless communication provided by the configuring subset, and configures the disabled configuring subset of wireless access points.Type: GrantFiled: September 20, 2013Date of Patent: August 1, 2017Assignee: Avaya Inc.Inventors: Vivek L Atreya, Shashi H Ankaiah, Seemant Choudhary
-
Patent number: 9723488Abstract: Methods, systems and computer readable media for rogue access point detection are disclosed. In some implementations, the method can include initiating, at one or more processors of a wireless controller, a rogue access point detection process for a wireless network, and transmitting, from the one or more processors, a signature frame to a mobility agent in a wireless switch. The method can also include receiving, at an authorized access point, the signature frame transmitted via a wireless signal from a rogue access point. The method can further include reporting reception of the signature frame to the wireless controller, and generating, at the one or more processors, a signal to shut down a port associated with the rogue access point.Type: GrantFiled: October 29, 2015Date of Patent: August 1, 2017Assignee: Avaya Inc.Inventors: Vivek L Atreya, Ruth Tsai, Seemant Choudhary, Shashi Hosakere Ankaiah
-
Patent number: 9668270Abstract: A wireless access point employs monitor to scrutinize priority of mobility unit assigned priority values, and replaces invalid or reserved values to prevent rogue or poorly constructed applications (apps) from improper priority specification and subsequent imbalance of priority message transmission for control and other high-priority message traffic. The access point receives an indication of reserved message priorities from a wireless switching point at a remote end of an access tunnel providing backhaul network access to mobility units coupled to the access point. The access point stores the reserved message priorities for comparison with priorities assigned at the mobility units. Messages having invalid priorities are modified to reduce the priority to an allowed value, such as best effort, prior to the message transmission through the access tunnel to the backhaul network.Type: GrantFiled: September 18, 2012Date of Patent: May 30, 2017Assignee: Avaya Inc.Inventors: Prasad Vadassery, Shu Ching Shieh, Seemant Choudhary
-
Patent number: 9628455Abstract: A system to deliver an application, hosted by a private application provider, over a network to a user device comprising: an application delivery system that includes, a frontend network interface that includes at least one first traffic director (FTD) instance; a network security interface that includes a plurality of traffic processing server (TPS) instances; a backend network interface that includes at least one backend traffic director (BTD) instance; and at least one agent that is associated with the application and that is disposed within the private application provider system; wherein a federated TLS ticket is used to filter TLS connection requests received by an FTD instance; and wherein a TLS extension is used to filter TLS connection requests received by a BTD instanceType: GrantFiled: September 9, 2015Date of Patent: April 18, 2017Assignee: Akamai Technologies, Inc.Inventors: Seetharama Sarma Ayyadevara, Seemant Choudhary, Stephan Benny, Pravin Tatti, Punit Kandoi, Rohit Verma, Venukrishna Prasad
-
Publication number: 20160359823Abstract: A system to deliver an application, hosted by a private application provider, over a network to a user device comprising: an application delivery system that includes, a frontend network interface that includes at least one first traffic director (FTD) instance; a network security interface that includes a plurality of traffic processing server (TPS) instances; a backend network interface that includes at least one backend traffic director (BTD) instance; and at least one agent that is associated with the application and that is disposed within the private application provider system; wherein a federated TLS ticket is used to filter TLS connection requests received by an FTD instance; and wherein a TLS extension is used to filter TLS connection requests received by a BTD instanceType: ApplicationFiled: September 9, 2015Publication date: December 8, 2016Inventors: Seetharama Sarma Ayyadevara, Seemant Choudhary, Stephan Benny, Pravin Tatti, Punit Kandoi, Rohit Verma, Venukrishna Prasad
-
Patent number: 9438558Abstract: Some implementations can include a method including reserving a range of multicast addresses for handling link-local multicasts and generating a multicast group within the range for each VLAN. The method can also include subscribing at an access point to a corresponding multicast group for a VLAN when a client associates with the access point, and tunneling link local multicast traffic from the client to a WSP component via an access tunnel. The method can further include forwarding the link local multicast traffic from the WSP component to subscribing access points.Type: GrantFiled: September 21, 2013Date of Patent: September 6, 2016Assignee: Avaya Inc.Inventors: Shashi Hosakere Ankaiah, Vivek L. Atreya, Seemant Choudhary