Patents by Inventor Sudeep Das

Sudeep Das has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10171594
    Abstract: In an example, there is disclosed a system and method for providing a service-oriented architecture, including request/response, over a publish/subscribe framework. In one embodiment, a system is disclosed for adding layers upon a publish/subscribe messaging framework for sophisticated messaging such as point-to-point (request/response) and the ability to query for available services, in a reliable, scalable manner.
    Type: Grant
    Filed: December 20, 2013
    Date of Patent: January 1, 2019
    Assignee: McAfee, LLC
    Inventors: Christopher Smith, Sudeep Das
  • Patent number: 10135845
    Abstract: In an example, a context-aware network is disclosed, including threat intelligence services provided over a data exchange layer (DXL). The data exchange layer may be provided on an enterprise service bus, and may include services for classifying objects as malware or not malware. One or more DXL brokers may provide messaging services including, for example, publish-subscribe messaging and request-response messaging. Advantageously, DXL endpoint devices must make very few assumptions about other DXL endpoint devices.
    Type: Grant
    Filed: December 19, 2013
    Date of Patent: November 20, 2018
    Assignee: McAfee, LLC
    Inventors: Hemang Nadkarni, Sudeep Das
  • Patent number: 10114952
    Abstract: In one embodiment, a system includes: a processor; a security processor to execute in a trusted executed environment (TEE), the security processor to execute memory reference code (MRC) stored in a secure storage of the TEE to train a memory coupled to the processor; and the memory coupled to the processor. Other embodiments are described and claimed.
    Type: Grant
    Filed: March 30, 2016
    Date of Patent: October 30, 2018
    Assignee: MCAFEE, LLC
    Inventors: Atul A. Khare, Karunakara Kotary, Rajesh Poornachandran, Vincent J. Zimmer, Sudeep Das
  • Publication number: 20180191780
    Abstract: Technologies for privacy-safe security policy evaluation include a cloud analytics server, a trusted data access mediator (TDAM) device, and one or more client devices. The cloud analytics server curries a security policy function to generate a privacy-safe curried function set. The cloud analytics server requests parameter data from the TDAM device, which collects the parameter data, identifies sensitive parameter data, encrypts the sensitive parameter data, and transmits the encrypted sensitive parameter data to the cloud analytics server. The cloud analytics server evaluates one or more curried functions using non-sensitive parameters to generate one or more sensitive functions that each take a sensitive parameter. The cloud analytics server transmits the sensitive functions and the encrypted sensitive parameters to a client computing device, which decrypts the encrypted sensitive parameters and evaluates the sensitive functions with the sensitive parameters to return a security policy.
    Type: Application
    Filed: December 29, 2016
    Publication date: July 5, 2018
    Inventors: Sudeep Das, Rajesh Poornachandran, Ned M. Smith, Vincent J. Zimmer, Pramod Sharma, Arthur Zeigler, Sumant Vashisth, Simon Hunt
  • Publication number: 20170286679
    Abstract: In one embodiment, a system includes: a processor; a security processor to execute in a trusted executed environment (TEE), the security processor to execute memory reference code (MRC) stored in a secure storage of the TEE to train a memory coupled to the processor; and the memory coupled to the processor. Other embodiments are described and claimed.
    Type: Application
    Filed: March 30, 2016
    Publication date: October 5, 2017
    Inventors: Atul A. Khare, Karunakara Kotary, Rajesh Poornachandran, Vincent J. Zimmer, Sudeep Das
  • Patent number: 9596257
    Abstract: A combination of shim and back-end server applications may be used to identify and block the installation of malicious applications on mobile devices. In practice, a shim application registers with a mobile device's operating system to intercept application installation operations. Upon intercepting an attempted installation operation, the shim application identifies the application seeking to be installed, generates a key uniquely identifying the application, and transmits the key over a network connection to a back-end server. The back-end server may be configured to crawl the Internet to identify malicious applications and compile and maintain a database of such applications. Upon receiving a key from the shim application, the back-end server can search its database to locate a matching application and, if found, respond to the mobile device with the application's status (e.g., malicious or not). The shim application can utilize this information to allow or block installation of the application.
    Type: Grant
    Filed: September 11, 2015
    Date of Patent: March 14, 2017
    Assignee: McAfee, Inc.
    Inventors: Sudeep Das, Jayasankar Divakarla, Pramod Sharma
  • Patent number: 9536057
    Abstract: Premise-based policies can be applied in the management of mobile devices and other computing devices within a system. A computing device is detected using close proximity wireless communication and location information is sent to the computing device using close proximity wireless communication. Policies applied to the computing device can be based at least in part on the location information.
    Type: Grant
    Filed: October 18, 2013
    Date of Patent: January 3, 2017
    Assignee: McAfee, Inc.
    Inventors: Sudeep Das, Pramod Sharma, Sumant Vashisth
  • Publication number: 20160219063
    Abstract: In an example, a context-aware network is disclosed, including threat intelligence services provided over a data exchange layer (DXL). The data exchange layer may be provided on an enterprise service bus, and may include services for classifying objects as malware or not malware. One or more DXL brokers may provide messaging services including, for example, publish-subscribe messaging and request-response messaging. Advantageously, DXL endpoint devices must make very few assumptions about other DXL endpoint devices.
    Type: Application
    Filed: December 19, 2013
    Publication date: July 28, 2016
    Applicant: McAfee, Inc.
    Inventors: Hemang NADKARNI, Sudeep DAS
  • Publication number: 20160212225
    Abstract: In an example, there is disclosed a system and method for providing a service-oriented architecture, including request/response, over a publish/subscribe framework. In one embodiment, a system is disclosed for adding layers upon a publish/subscribe messaging framework for sophisticated messaging such as point-to-point (request/response) and the ability to query for available services, in a reliable, scalable manner.
    Type: Application
    Filed: December 20, 2013
    Publication date: July 21, 2016
    Applicant: McAfee, Inc.
    Inventors: Christopher Smith, Sudeep Das
  • Publication number: 20160212239
    Abstract: In an example, there is disclosed a method or system for merging multiple system trees of different resources based in multiple locations over a data exchange layer. In one embodiment, there is disclosed a system for merging assets of different types within one or more tree-based locations. For example, an end node may be represented in a single location, a single message broker may provide services for and be represented in multiple locations. The asset to asset relationships within merged trees may be used to ensure availability of services and visualization of the system for management purposes.
    Type: Application
    Filed: December 19, 2013
    Publication date: July 21, 2016
    Applicant: McAfee, Inc.
    Inventors: Sudeep Das, Don R. Hanson, II
  • Publication number: 20160006757
    Abstract: A combination of shim and back-end server applications may be used to identify and block the installation of malicious applications on mobile devices. In practice, a shim application registers with a mobile device's operating system to intercept application installation operations. Upon intercepting an attempted installation operation, the shim application identifies the application seeking to be installed, generates a key uniquely identifying the application, and transmits the key over a network connection to a back-end server. The back-end server may be configured to crawl the Internet to identify malicious applications and compile and maintain a database of such applications. Upon receiving a key from the shim application, the back-end server can search its database to locate a matching application and, if found, respond to the mobile device with the application's status (e.g., malicious or not). The shim application can utilize this information to allow or block installation of the application.
    Type: Application
    Filed: September 11, 2015
    Publication date: January 7, 2016
    Applicant: McAfee, Inc.
    Inventors: Sudeep Das, Jayasankar Divakarla, Pramod Sharma
  • Publication number: 20150381658
    Abstract: A tracking station detects a mobile data processing system (DPS) within communication range of a short range wireless module of the tracking station. In response to detecting the mobile DPS, the tracking station obtains identification data for the mobile DPS from a security module of the mobile DPS. The tracking station uses the identification data to obtain credentials to access secure storage on the mobile DPS. The tracking station automatically generates security configuration data for the mobile DPS, based on multiple factors pertaining to the mobile DPS, such as identity of the mobile DPS, a location of the mobile DPS, capabilities of the mobile DPS, etc. The tracking station uses the credentials to write the security configuration data to the secure storage of the mobile DPS. The security configuration data calls for the mobile DPS to automatically disable or enable at least one component. Other embodiments are described and claimed.
    Type: Application
    Filed: December 4, 2014
    Publication date: December 31, 2015
    Applicant: McAfee, Inc.
    Inventors: Rajesh Poornachandran, Shahrokh Shahidzadeh, Sudeep Das, Vincent J. Zimmer, Sumant Vashisth, Pramod Sharma
  • Publication number: 20150381610
    Abstract: In an example, a system and method are disclosed for location-based security for devices such as portable devices. A portable device may be provided with a short-range transceiver (such as RIFD) that is detectable when a user enters or exits an area. The device may also include an encrypted storage divided into a plurality of discrete units. Upon entering an area, the devices identity and location are provided to a policy server. In response, the policy server may wirelessly provide security tokens to the portable device that enable decryption of specific storage units authorized for access in that area. When a user passes back through a portal to the area, the security tokens are revoked, so that access to secured units of the storage is restricted.
    Type: Application
    Filed: June 30, 2014
    Publication date: December 31, 2015
    Inventors: Rajesh Poornachandran, Vincent J. Zimmer, Shahrokh Shahidzadeh, Georgios Vassilakes, Gopinatth Selvaraje, Sudeep Das, Roy Hopkins, Christopher S. Gough
  • Patent number: 9152784
    Abstract: A combination of shim and back-end server applications may be used to identify and block the installation of malicious applications on mobile devices. In practice, a shim application registers with a mobile device's operating system to intercept application installation operations. Upon intercepting an attempted installation operation, the shim application identifies the application seeking to be installed, generates a key uniquely identifying the application, and transmits the key over a network connection to a back-end server. The back-end server may be configured to crawl the Internet to identify malicious applications and compile and maintain a database of such applications. Upon receiving a key from the shim application, the back-end server can search its database to locate a matching application and, if found, respond to the mobile device with the application's status (e.g., malicious or not). The shim application can utilize this information to allow or block installation of the application.
    Type: Grant
    Filed: April 18, 2012
    Date of Patent: October 6, 2015
    Assignee: McAfee, Inc.
    Inventors: Sudeep Das, Jayasankar Divakarla, Pramod Sharma
  • Publication number: 20150180908
    Abstract: A query from a particular mobile device is identified that indicates an attempt, by the particular mobile device, to access a particular application. It is determined whether the particular application has been assessed for inclusion in one or more of the plurality of whitelists and, based on the determination, an assessment of the particular application can be performed, which can include accessing a copy of the particular application and assessing the copy of the particular application to identify one or more attributes of the particular application. For each of a plurality of whitelists, a determination is made whether the particular application should be included in the whitelist based on the attributes. Each whitelist can be associated with a respective one of a plurality of entities and based on a policy corresponding to the respective entity, each entity is associated with a respective plurality of mobile devices.
    Type: Application
    Filed: December 23, 2014
    Publication date: June 25, 2015
    Inventors: Amit Dang, Sudeep Das, Jayasankar Divakarla, Praneet Khare, Alok Shukla
  • Publication number: 20140351881
    Abstract: Premise-based policies can be applied in the management of mobile devices and other computing devices within a system. A computing device is detected using close proximity wireless communication and location information is sent to the computing device using close proximity wireless communication. Policies applied to the computing device can be based at least in part on the location information.
    Type: Application
    Filed: October 18, 2013
    Publication date: November 27, 2014
    Inventors: Sudeep Das, Pramod Sharma, Sumat Vashisth
  • Patent number: 8862752
    Abstract: A system, method, and computer program product are provided for conditionally preventing the transfer of data. In use, a request to transfer data is identified. In addition, a location of the data is determined. Further, the transfer of the data is conditionally prevented based on the location.
    Type: Grant
    Filed: April 11, 2007
    Date of Patent: October 14, 2014
    Assignee: McAfee, Inc.
    Inventors: Sudeep Das, Sameer Shashikant Paranjape, Pramod Sharma
  • Publication number: 20130283377
    Abstract: A combination of shim and back-end server applications may be used to identify and block the installation of malicious applications on mobile devices. In practice, a shim application registers with a mobile device's operating system to intercept application installation operations. Upon intercepting an attempted installation operation, the shim application identifies the application seeking to be installed, generates a key uniquely identifying the application, and transmits the key over a network connection to a back-end server. The back-end server may be configured to crawl the Internet to identify malicious applications and compile and maintain a database of such applications. Upon receiving a key from the shim application, the back-end server can search its database to locate a matching application and, if found, respond to the mobile device with the application's status (e.g., malicious or not). The shim application can utilize this information to allow or block installation of the application.
    Type: Application
    Filed: April 18, 2012
    Publication date: October 24, 2013
    Inventors: Sudeep Das, Jayasankar Divakarla, Pramod Sharma
  • Publication number: 20130246557
    Abstract: A system, method, and computer program product are provided for conditionally preventing the transfer of data. In use, a request to transfer data is identified. In addition, a location of the data is determined. Further, the transfer of the data is conditionally prevented based on the location.
    Type: Application
    Filed: April 11, 2007
    Publication date: September 19, 2013
    Inventors: Sudeep Das, Sameer Shashikant Paranjape, Pramod Sharma
  • Publication number: 20130097660
    Abstract: An application is identified as installed on a particular mobile device. An action involving the application is identified, the action to be performed using the particular mobile device. It is determined whether the action is an approved action based on at least one policy associated with the particular mobile device. A determination that the action is unapproved can results in an attempt to prevent the action. Further, in certain instances, a whitelist or blacklist can be generated based on determinations of whether identified application actions conform to one or more policies associated with the particular mobile device.
    Type: Application
    Filed: October 17, 2011
    Publication date: April 18, 2013
    Inventors: Sudeep Das, Jayasankar Divakarla, Amit Dang, Praneet Khare, Alok Shukla