Patents by Inventor Sudhir Kumar Srinivasan
Sudhir Kumar Srinivasan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11669321Abstract: Embodiments include a multi-tenant cloud-based identity management system for a plurality of tenants. Embodiments include a global database providing a first set of resources to the plurality of tenants and a plurality of tenant databases, each tenant database providing a second set of resources to one of the plurality of tenants. Embodiments further include a plurality of resources accessible by the tenants and an automated upgrade framework for upgrading the global database and the tenant databases in response to an upgrade of a first release of the system to a second release of the system. For the automated upgrade framework, embodiments determine resource changes between the first release and the second release, generate an upgrade patch based on the resource changes and apply the upgrade patch to the global database.Type: GrantFiled: August 26, 2019Date of Patent: June 6, 2023Assignee: Oracle International CorporationInventors: Sudhir Kumar Srinivasan, Venkateswara Reddy Medam, Gregg Wilson, Raghavendra Saravanamurthy
-
Patent number: 11652685Abstract: Embodiments operate a multi-tenant cloud system. At a first data center, embodiments authenticate a first client corresponding to a first tenant ID and store resources that correspond to the first client, the first data center in communication with a second data center that is configured to authenticate the first client and replicate the resources. The first data center receives an Application Programming Interface (“API”) request for the first client corresponding to a change to the resources, and generates a change log and corresponding change event message in response to the API request. Embodiments compute a first hash corresponding to the first tenant ID of the change log to determine a first partition of a first queue at the first data center. The first data center pushes the change event message to the second data center via an API call.Type: GrantFiled: September 27, 2021Date of Patent: May 16, 2023Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Venkateswara Reddy Medam, Fannie Ho, Kuang-Yu Shih, Balakumar Balu, Sudhir Kumar Srinivasan
-
Patent number: 11321343Abstract: Embodiments operate a multi-tenant cloud system. At a first data center, embodiments authenticate a first client and store resources that correspond to the first client, the first data center in communication with a second data center that is configured to authenticate the first client. Embodiments divide the resources into base data and regular data, where the base data is a minimum data needed to allow the resources to be available to the first client at the second data center. Embodiments store the base data on a cloud storage in a base data export file and store the regular data on the cloud storage in a regular data export file. Embodiments export the base data export file to the second data center and when the exporting the base data export file has completed, exports the regular data export file to the second data center.Type: GrantFiled: August 29, 2019Date of Patent: May 3, 2022Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Sudhir Kumar Srinivasan, Balakumar Balu, Venkateswara Reddy Medam, Kuang-Yu Shih, Fannie Ho
-
Patent number: 11308132Abstract: A system stores and uses object relationships in a multi-tenant cloud-based identity and access management (IAM) system by: defining a schema for storing related objects, where the schema includes reference attributes indicative of relationships between the related objects in a database, and the schema defines a relationship type and a persistence scope for each reference attribute; constructing an in-memory representation of the related objects and their relationships based on the schema, where the in-memory representation indicates the relationship type and the persistence scope for each reference attribute; and using the in-memory representation of the related objects to perform an IAM service for a client of the multi-tenant cloud-based IAM system.Type: GrantFiled: May 29, 2018Date of Patent: April 19, 2022Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Sudhir Kumar Srinivasan, Shruthi Chikkanna, Nikhil Yograj Vaishnavi, Xiaoxiao Xu, Gregg Wilson, Venkateswara Reddy Medam
-
Publication number: 20220014421Abstract: Embodiments operate a multi-tenant cloud system. At a first data center, embodiments authenticate a first client corresponding to a first tenant ID and store resources that correspond to the first client, the first data center in communication with a second data center that is configured to authenticate the first client and replicate the resources. The first data center receives an Application Programming Interface (“API”) request for the first client corresponding to a change to the resources, and generates a change log and corresponding change event message in response to the API request. Embodiments compute a first hash corresponding to the first tenant ID of the change log to determine a first partition of a first queue at the first data center. The first data center pushes the change event message to the second data center via an API call.Type: ApplicationFiled: September 27, 2021Publication date: January 13, 2022Inventors: Venkateswara Reddy MEDAM, Fannie HO, Kuang-Yu SHIH, Balakumar BALU, Sudhir Kumar SRINIVASAN
-
Patent number: 11165634Abstract: Embodiments include a multi-tenant cloud system with a first data center and a second remote data center. The first data center authenticates a first client and stores resources that correspond to the first client, and is in communication with the second data center. The second data center authenticates the first client and replicates the resources. The first data center receives a write request for the first client, writes the write request and generates change event messages in a first order. The first data center pushes the change event messages to the second data center via REST API calls. In response to receiving the change event messages, the second data center is configured to write the change event messages in the first order to its local database.Type: GrantFiled: August 22, 2018Date of Patent: November 2, 2021Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Venkateswara Reddy Medam, Fannie Ho, Kuang-Yu Shih, Balakumar Balu, Sudhir Kumar Srinivasan
-
Patent number: 11061929Abstract: Embodiments operate a multi-tenant cloud system with a first data center. At the first data center, embodiments authenticate a first client and store resources that correspond to the first client, the first data center in communication with a second data center that is configured to authenticate the first client and replicate the resources. In response to upgrading global resources at the first data center to a new version, embodiments generate a manifest file including a listing of global resource types and schemas that are modified or added in response to the upgrading. Embodiments further upgrade global resources based on the manifest file and write the upgraded global resources to a first global database and generate change event messages corresponding to the upgraded global resources.Type: GrantFiled: June 27, 2019Date of Patent: July 13, 2021Assignee: Oracle International CorporationInventors: Xiaoxiao Xu, Venkateswara Reddy Medam, Kuang-Yu Shih, Sudhir Kumar Srinivasan
-
Patent number: 10831789Abstract: A system performs reference attribute query processing in a multi-tenant cloud-based identity and access management (IAM) system by: receiving a request from a client of the multi-tenant cloud-based IAM system, where the request indicates one or more reference attributes associated with a resource that is persisted in a database of the multi-tenant cloud-based IAM system, and the request indicates one or more filter conditions configured to be applied on the one or more reference attributes; building a query based on the one or more reference attributes and the one or more filter conditions; retrieving resource data by executing the query on a database of the multi-tenant cloud-based IAM system, where the retrieved resource data is associated with the one or more reference attributes and satisfies the one or more filter conditions; and returning the retrieved data to the client of the multi-tenant cloud-based IAM system.Type: GrantFiled: May 29, 2018Date of Patent: November 10, 2020Assignee: Oracle International CorporationInventors: Sudhir Kumar Srinivasan, Shruthi Chikkanna, Nikhil Yograj Vaishnavi, Xiaoxiao Xu, Gregg Wilson, Venkateswara R. Medam
-
Patent number: 10798165Abstract: Embodiments replicate resources in a multi-tenant cloud system. Embodiments receive a master resource, associated with a master account of the cloud system to be replicated, where the master resource includes a master JavaScript Object Notation (“JSON”) object and includes a plurality of master attributes. Embodiments generate a master resource metadata JSON by calculating hash values for each of the master attributes to generate master attribute level hashes and by calculating an aggregate of all of the hash values to generate a master resource level hash. Embodiments store each master attribute of the master JSON object in a separate column of a master database table associated with the master account and store the master resource metadata JSON is in a separate hash column of the master database table. Embodiments replicate the master JSON object to create a replicated JSON object including a plurality of replicated attributes.Type: GrantFiled: October 30, 2018Date of Patent: October 6, 2020Assignee: Oracle International CorporationInventors: Sudhir Kumar Srinivasan, Balakumar Balu, Venkateswara Reddy Medam, Kuang-Yu Shih
-
Publication number: 20200265062Abstract: Embodiments operate a multi-tenant cloud system. At a first data center, embodiments authenticate a first client and store resources that correspond to the first client, the first data center in communication with a second data center that is configured to authenticate the first client. Embodiments divide the resources into base data and regular data, where the base data is a minimum data needed to allow the resources to be available to the first client at the second data center. Embodiments store the base data on a cloud storage in a base data export file and store the regular data on the cloud storage in a regular data export file. Embodiments export the base data export file to the second data center and when the exporting the base data export file has completed, exports the regular data export file to the second data center.Type: ApplicationFiled: August 29, 2019Publication date: August 20, 2020Inventors: Sudhir Kumar SRINIVASAN, Balakumar BALU, Venkateswara Reddy MEDAM, Kuang-Yu SHIH, Fannie HO
-
Publication number: 20200264860Abstract: Embodiments include a multi-tenant cloud-based identity management system for a plurality of tenants. Embodiments include a global database providing a first set of resources to the plurality of tenants and a plurality of tenant databases, each tenant database providing a second set of resources to one of the plurality of tenants. Embodiments further include a plurality of resources accessible by the tenants and an automated upgrade framework for upgrading the global database and the tenant databases in response to an upgrade of a first release of the system to a second release of the system. For the automated upgrade framework, embodiments determine resource changes between the first release and the second release, generate an upgrade patch based on the resource changes and apply the upgrade patch to the global database.Type: ApplicationFiled: August 26, 2019Publication date: August 20, 2020Inventors: Sudhir Kumar SRINIVASAN, Venkateswara Reddy MEDAM, Gregg WILSON, Raghavendra SARAVANAMURTHY
-
Publication number: 20200257700Abstract: Embodiments operate a multi-tenant cloud system with a first data center. At the first data center, embodiments authenticate a first client and store resources that correspond to the first client, the first data center in communication with a second data center that is configured to authenticate the first client and replicate the resources. In response to upgrading global resources at the first data center to a new version, embodiments generate a manifest file including a listing of global resource types and schemas that are modified or added in response to the upgrading. Embodiments further upgrade global resources based on the manifest file and write the upgraded global resources to a first global database and generate change event messages corresponding to the upgraded global resources.Type: ApplicationFiled: June 27, 2019Publication date: August 13, 2020Inventors: Xiaoxiao XU, Venkateswara Reddy MEDAM, Kuang-Yu SHIH, Sudhir Kumar SRINIVASAN
-
Patent number: 10530790Abstract: A privileged account manager is provided for monitoring privileged sessions on target systems of an enterprise. In an embodiment, the privileged account manager is configured to capture metadata related to a privileged session and generate a first activity pattern for the privileged session based on the captured metadata. The first activity pattern may include a sequence of one or more activities performed by a first user during the privileged session. The privileged account manager may be configured to identify a second activity pattern that comprises at least a subset of the one or more activities performed by the first user during the privileged session and determine an appropriate action to be performed for the first activity pattern based on the identification of the second activity pattern. In some embodiments, the privileged account manager may be configured to transmit the action to a second user on a client device.Type: GrantFiled: September 23, 2015Date of Patent: January 7, 2020Assignee: Oracle International CorporationInventors: Kuang-Yu Shih, Himanshu Sharma, Fannie Ho, Zhuoxing Mao, Sudhir Kumar Srinivasan
-
Publication number: 20190306010Abstract: Embodiments include a multi-tenant cloud system with a first data center and a second remote data center. The first data center authenticates a first client and stores resources that correspond to the first client, and is in communication with the second data center. The second data center authenticates the first client and replicates the resources. The first data center receives a write request for the first client, writes the write request and generates change event messages in a first order. The first data center pushes the change event messages to the second data center via REST API calls. In response to receiving the change event messages, the second data center is configured to write the change event messages in the first order to its local database.Type: ApplicationFiled: August 22, 2018Publication date: October 3, 2019Inventors: Venkateswara Reddy MEDAM, Fannie HO, Kuang-Yu SHIH, Balakumar BALU, Sudhir Kumar SRINIVASAN
-
Publication number: 20190306237Abstract: Embodiments replicate resources in a multi-tenant cloud system. Embodiments receive a master resource, associated with a master account of the cloud system to be replicated, where the master resource includes a master JavaScript Object Notation (“JSON”) object and includes a plurality of master attributes. Embodiments generate a master resource metadata JSON by calculating hash values for each of the master attributes to generate master attribute level hashes and by calculating an aggregate of all of the hash values to generate a master resource level hash. Embodiments store each master attribute of the master JSON object in a separate column of a master database table associated with the master account and store the master resource metadata JSON is in a separate hash column of the master database table. Embodiments replicate the master JSON object to create a replicated JSON object including a plurality of replicated attributes.Type: ApplicationFiled: October 30, 2018Publication date: October 3, 2019Inventors: Sudhir Kumar SRINIVASAN, Balakumar BALU, Venkateswara Reddy MEDAM, Kuang-Yu SHIH
-
Publication number: 20190095498Abstract: A system performs reference attribute query processing in a multi-tenant cloud-based identity and access management (IAM) system by: receiving a request from a client of the multi-tenant cloud-based IAM system, where the request indicates one or more reference attributes associated with a resource that is persisted in a database of the multi-tenant cloud-based IAM system, and the request indicates one or more filter conditions configured to be applied on the one or more reference attributes; building a query based on the one or more reference attributes and the one or more filter conditions; retrieving resource data by executing the query on a database of the multi-tenant cloud-based IAM system, where the retrieved resource data is associated with the one or more reference attributes and satisfies the one or more filter conditions; and returning the retrieved data to the client of the multi-tenant cloud-based IAM system.Type: ApplicationFiled: May 29, 2018Publication date: March 28, 2019Inventors: Sudhir Kumar SRINIVASAN, Shruthi CHIKKANNA, Nikhil Yograj VAISHNAVI, Xiaoxiao XU, Gregg WILSON, Venkateswara R. Medam
-
Publication number: 20190095516Abstract: A system stores and uses object relationships in a multi-tenant cloud-based identity and access management (IAM) system by: defining a schema for storing related objects, where the schema includes reference attributes indicative of relationships between the related objects in a database, and the schema defines a relationship type and a persistence scope for each reference attribute; constructing an in-memory representation of the related objects and their relationships based on the schema, where the in-memory representation indicates the relationship type and the persistence scope for each reference attribute; and using the in-memory representation of the related objects to perform an IAM service for a client of the multi-tenant cloud-based IAM system.Type: ApplicationFiled: May 29, 2018Publication date: March 28, 2019Inventors: Sudhir Kumar SRINIVASAN, Shruthi CHIKKANNA, Nikhil Yograj VAISHNAVI, Xiaoxiao XU, Gregg WILSON, Venkateswara Reddy MEDAM
-
Patent number: 9900359Abstract: A system and method can support user account management in a computing environment. The computing environment can include a video encoding pool to support load balancing and a managing server, such as a privileged account manager server. The video encoding pool includes a set of nodes that are able to perform one or more video processing tasks for another node. Furthermore, the managing server can receive a request from a managed node in the computing environment for delegating a video processing task, and can select one or more nodes from the video encoding pool to load balance and to perform the video processing task.Type: GrantFiled: March 2, 2015Date of Patent: February 20, 2018Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Himanshu Sharma, Sudhir Kumar Srinivasan, Ramaprakash Sathyanarayan, Arun Theebaprakasam, Buddhika Kottahachchi
-
Publication number: 20160094577Abstract: A privileged account manager is provided for monitoring privileged sessions on target systems of an enterprise. In an embodiment, the privileged account manager is configured to capture metadata related to a privileged session and generate a first activity pattern for the privileged session based on the captured metadata. The first activity pattern may include a sequence of one or more activities performed by a first user during the privileged session. The privileged account manager may be configured to identify a second activity pattern that comprises at least a subset of the one or more activities performed by the first user during the privileged session and determine an appropriate action to be performed for the first activity pattern based on the identification of the second activity pattern. In some embodiments, the privileged account manager may be configured to transmit the action to a second user on a client device.Type: ApplicationFiled: September 23, 2015Publication date: March 31, 2016Inventors: Kuang-Yu Shih, Himanshu Sharma, Fannie Ho, Zhuoxing Mao, Sudhir Kumar Srinivasan
-
Publication number: 20160088045Abstract: A system and method can support user account management in a computing environment. The computing environment can include a video encoding pool to support load balancing and a managing server, such as a privileged account manager server. The video encoding pool includes a set of nodes that are able to perform one or more video processing tasks for another node. Furthermore, the managing server can receive a request from a managed node in the computing environment for delegating a video processing task, and can select one or more nodes from the video encoding pool to load babalance and to perform the video processing task.Type: ApplicationFiled: March 2, 2015Publication date: March 24, 2016Inventors: Himanshu Sharma, Sudhir Kumar Srinivasan, Ramaprakash Sathyanarayan, Arun Theebaprakasam, Buddhika Kottahachchi