Patents by Inventor Thomas Durr
Thomas Durr has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240098115Abstract: Mechanisms are provided for dispatching requests to service instances based on data storage boundaries. A request specifying an identity is received and dispatched to a service instance of a data storage boundary, where each data storage boundary is defined by a regulation or policy restricting data storage of specific types of data to computing devices within a specified boundary. A feedback response, specifying a target location, is received from the service instance in response to determining that the service instance cannot access the data because the data is associated with a different data storage boundary. A dynamic dispatch rule specifying the identity and the target location is generated and a subsequent request specifying the identity is processed by executing this dynamic dispatch rule to dispatch the subsequent request directly to a service instance associated with the target location.Type: ApplicationFiled: September 16, 2022Publication date: March 21, 2024Inventors: Thomas Dürr, Martin Smolny, Michael Beck, Daniel Pittner
-
Patent number: 11716325Abstract: Access token scope limiting is provided. An access token of a client containing a list of scopes is presented to an authorization application programming interface of the computer. Each scope in the list of scopes defines a permission to access a particular protected resource hosted by a resource server. A new access token is returned to the client containing a decreased number of scopes using a scope alias in response to the authorization application programming interface requesting a decrease in a number of scopes in the list of scopes. The scope alias representing a plurality of specific scopes from the list of scopes contained in the presented access token.Type: GrantFiled: January 20, 2021Date of Patent: August 1, 2023Assignee: International Business Machines CorporationInventors: Martin Smolny, Thomas Dürr, Michael Beck
-
Patent number: 11606351Abstract: In an approach for authentication of a username, a processor maintains a mapping of usernames and realms. A processor receives a username and a time-based one-time password code (TOTP code) for the username based on an authentication application. A processor, upon receiving the TOTP code: determines a realm from the mapping based on the received username and the received TOTP; and requests an entry of a credential relating to the username in the realm. A processor, upon receiving of the requested credential, authenticates the username by determining that the received credential matches an expected credential for the realm.Type: GrantFiled: December 15, 2020Date of Patent: March 14, 2023Assignee: International Business Machines CorporationInventors: Thomas Dürr, Michael Baessler, Holger Koenig, Oliver Koeth, Thomas Schwarz
-
Patent number: 11443037Abstract: Aspects of the present invention disclose a method for handling incoming microservice requests at an application server. The method includes one or more processors identifying a microservice request of a user at an application server. The method further includes querying a database associated with the application server for a feedback history corresponding to the microservice request. The method further includes collecting a response corresponding to the microservice request of the user. The method further includes generating a rule corresponding to the microservice request based at least in part on the response corresponding to the microservice request.Type: GrantFiled: July 9, 2020Date of Patent: September 13, 2022Assignee: International Business Machines CorporationInventors: Thomas Dürr, Martin Smolny, Michael Beck, Sandra Rapp
-
Publication number: 20220232003Abstract: Access token scope limiting is provided. An access token of a client containing a list of scopes is presented to an authorization application programming interface of the computer. Each scope in the list of scopes defines a permission to access a particular protected resource hosted by a resource server. A new access token is returned to the client containing a decreased number of scopes using a scope alias in response to the authorization application programming interface requesting a decrease in a number of scopes in the list of scopes. The scope alias representing a plurality of specific scopes from the list of scopes contained in the presented access token.Type: ApplicationFiled: January 20, 2021Publication date: July 21, 2022Inventors: Martin Smolny, Thomas Dürr, Michael Beck
-
Publication number: 20220191192Abstract: In an approach for authentication of a username, a processor maintains a mapping of usernames and realms. A processor receives a username and a time-based one-time password code (TOTP code) for the username based on an authentication application. A processor, upon receiving the TOTP code: determines a realm from the mapping based on the received username and the received TOTP; and requests an entry of a credential relating to the username in the realm. A processor, upon receiving of the requested credential, authenticates the username by determining that the received credential matches an expected credential for the realm.Type: ApplicationFiled: December 15, 2020Publication date: June 16, 2022Inventors: Thomas Dürr, Michael Baessler, Holger Koenig, Oliver Koeth, Thomas Schwarz
-
Patent number: 11277267Abstract: A computer-implemented method for a token-based authorization in a data processing environment may be provided. The data processing environment comprises at least a user system, an application, an authentication server and an access control server. The method comprises accessing the application via a user system request, redirecting the user access request to an authentication server, authenticating the user, wherein authentication credentials comprise a request for a restricted entitlement, wherein the restricted entitlement represents a subset of existing entitlements managed by the access control server for a resource. The method comprises also sending an access token from the authentication server to the application, requesting execution of an operation comprising invoking the operation by the application providing the access token comprising restricted entitlements, invoking the access control server, and providing the scope of the token comprising the subset of the existing entitlements.Type: GrantFiled: March 6, 2020Date of Patent: March 15, 2022Assignee: International Business Machines CorporationInventors: Martin Smolny, Thomas Dürr, Michael Beck, Juergen Schaeck
-
Publication number: 20220012332Abstract: Aspects of the present invention disclose a method for handling incoming microservice requests at an application server. The method includes one or more processors identifying a microservice request of a user at an application server. The method further includes querying a database associated with the application server for a feedback history corresponding to the microservice request. The method further includes collecting a response corresponding to the microservice request of the user. The method further includes generating a rule corresponding to the microservice request based at least in part on the response corresponding to the microservice request.Type: ApplicationFiled: July 9, 2020Publication date: January 13, 2022Inventors: Thomas Dürr, Martin Smolny, Michael Beck, Sandra Rapp
-
Patent number: 11184444Abstract: A computer-implemented method for reducing cookie traffic in browser communication is provided. The method sends, by a browser to a domain, a first request resulting in a returned cookie. The returned cookie includes a category tag. The method adds the returned cookie to a set of cookies for the browser. The category tag of the returned cookie is added to a related category tag in a browser tag list. The method sends, by the browser to a server of the domain, a second request resulting in a returned list of required category tags. The method sends a selected cookie with a category tag relating to at least one required category tag of the list of required category tags for the server. The selected cookie is selected from the set of cookies and the category tag for the selected cookie occurs within the browser tag list.Type: GrantFiled: July 27, 2020Date of Patent: November 23, 2021Assignee: International Business Machines CorporationInventors: Thomas Dürr, Martin Smolny, Georg Ochs, Gregor Möhler, Klaus Rindtorff
-
Publication number: 20210288790Abstract: A method, a computer program product, and a system for distributing a private signature key between authorization instances. The method includes registering a plurality of authorization instances in a configuration file and generating host instance key pairs by each of the authorization instances. The method also includes storing the public host keys in the shared database and electing one of the authorization instances to be a signature key leader instance. The method includes generating, by the signature key leader instance, a signature key pair. The signature key pair includes a public signature key and a private signature key. The method also includes storing the public signature key in the shared database and transmitting an encrypted private signature key to a requesting authorization instance of the authorization instances. The method further includes decrypting the encrypted private signature key using the private host key generated by the requesting authorization instance.Type: ApplicationFiled: March 13, 2020Publication date: September 16, 2021Inventors: Michael Beck, Martin Smolny, Thomas Dürr, Georg Ochs, Gerald Francis McBrearty, Stephen SooHoo
-
Patent number: 11121864Abstract: A method, a computer program product, and a system for distributing a private signature key between authorization instances. The method includes registering a plurality of authorization instances in a configuration file and generating host instance key pairs by each of the authorization instances. The method also includes storing the public host keys in the shared database and electing one of the authorization instances to be a signature key leader instance. The method includes generating, by the signature key leader instance, a signature key pair. The signature key pair includes a public signature key and a private signature key. The method also includes storing the public signature key in the shared database and transmitting an encrypted private signature key to a requesting authorization instance of the authorization instances. The method further includes decrypting the encrypted private signature key using the private host key generated by the requesting authorization instance.Type: GrantFiled: March 13, 2020Date of Patent: September 14, 2021Assignee: International Business Machines CorporationInventors: Michael Beck, Martin Smolny, Thomas Dürr, Georg Ochs, Gerald Francis McBrearty, Stephen SooHoo
-
Publication number: 20200358615Abstract: A computer-implemented method for a token-based authorization in a data processing environment may be provided. The data processing environment comprises at least a user system, an application, an authentication server and an access control server. The method comprises accessing the application via a user system request, redirecting the user access request to an authentication server, authenticating the user, wherein authentication credentials comprise a request for a restricted entitlement, wherein the restricted entitlement represents a subset of existing entitlements managed by the access control server for a resource. The method comprises also sending an access token from the authentication server to the application, requesting execution of an operation comprising invoking the operation by the application providing the access token comprising restricted entitlements, invoking the access control server, and providing the scope of the token comprising the subset of the existing entitlements.Type: ApplicationFiled: March 6, 2020Publication date: November 12, 2020Inventors: Martin Smolny, Thomas Dürr, Michael Beck, Juergen Schaeck
-
Publication number: 20200153814Abstract: The present disclosure relates to a method for authentication with identity providers via a federating authorization server, wherein the federating authorization server has at least one interface to at least one identity provider. Each identity provider is configured to validate user identities using a respective validation method. The method comprises: receiving login data via a webpage, the login data indicating at least an identity provider and a user. The validation method of the indicated identity provider may be determined using the login data. An update of the content of the webpage may be caused for enabling the determined validation method. Identity information of the user may be provided via the updated webpage and verifying the identity information using the determined validation method.Type: ApplicationFiled: September 19, 2019Publication date: May 14, 2020Inventors: Martin Smolny, Thomas Dürr, Michael Beck, Georg Ochs
-
Patent number: 8700189Abstract: A method for maintaining a technical plant including several components is provided. The method provides a system for planning the use of an enterprise resources system and a control system, with the enterprise resource system connected to the control system and structures of the technical plant are automatically set up in the enterprise resource system.Type: GrantFiled: February 25, 2010Date of Patent: April 15, 2014Assignee: Siemens AktiengesellschaftInventors: Thomas Dürr, Paul Herrmann, Wilfried Sicking, Michael Unkelbach
-
Publication number: 20120101650Abstract: A method for power plant usage planning of a power plant fleet having a plurality of power plants is provided. The current control technology values are supplied to models for lifespan calculations, maintenance information is derived from the lifespan calculations and the maintenance information is taken into consideration in a calculation for power plant usage planning.Type: ApplicationFiled: February 19, 2010Publication date: April 26, 2012Inventors: Thomas Dürr, Paul Hermann, Wilfried Sicking, Michael Unkelbach
-
Publication number: 20100223087Abstract: A method for maintaining a technical plant including several components is provided. The method provides a system for planning the use of an enterprise resources system and a control system, with the enterprise resource system connected to the control system and structures of the technical plant are automatically set up in the enterprise resource system.Type: ApplicationFiled: February 25, 2010Publication date: September 2, 2010Inventors: Thomas Dürr, Paul Herrmann, Wilfried Sicking, Michael Unkelbach
-
Patent number: 7530768Abstract: A powder transfer pump to convey a powder, in particular in a powder coating station. The powder transfer pump comprises a transfer chamber with a transfer chamber wall, an inlet opening into the transfer chamber to supply the powder to the transfer chamber, an outlet opening out of the transfer chamber to convey the powder from the transfer chamber, a negative pressure connection opening into the transfer chamber to generate negative pressure in the transfer chamber in order to suck the powder into the transfer chamber, and a positive pressure connection opening into the transfer chamber to discharge the powder that is present in the transfer chamber through the outlet. The transfer chamber wall is essentially gas-tight.Type: GrantFiled: February 6, 2006Date of Patent: May 12, 2009Assignee: Durr Systems, Inc.Inventors: Thomas Dürr, Hans-Georg Fritz, Frank Herre
-
Patent number: 7465130Abstract: An operating system for a power feed pump and a power feed pump having a transfer chamber with an inlet and an outlet. The outlet of the transfer chamber is closed, the inlet of the transfer chamber is opened, and a negative pressure is generated in the transfer chamber to suck a powder in through the inlet to the transfer chamber. The inlet of the transfer chamber is closed, the outlet of the transfer chamber is opened, and the powder in the transfer chamber is delivered through the outlet. The negative pressure in the transfer chamber is built up at least partially before the inlet of the transfer chamber is opened.Type: GrantFiled: September 23, 2004Date of Patent: December 16, 2008Assignee: Durr Systems, Inc.Inventors: Frank Herre, Hans-Georg Fritz, Thomas Dürr
-
Publication number: 20060185586Abstract: A powder transfer pump to convey a powder, in particular in a powder coating station. The powder transfer pump comprises a transfer chamber with a transfer chamber wall, an inlet opening into the transfer chamber to supply the powder to the transfer chamber, an outlet opening out of the transfer chamber to convey the powder from the transfer chamber, a negative pressure connection opening into the transfer chamber to generate negative pressure in the transfer chamber in order to suck the powder into the transfer chamber, and a positive pressure connection opening into the transfer chamber to discharge the powder that is present in the transfer chamber through the outlet. The transfer chamber wall is essentially gas-tight.Type: ApplicationFiled: February 6, 2006Publication date: August 24, 2006Applicant: Durr Systems, Inc.Inventors: Thomas Durr, Hans-Georg Fritz, Frank Herre
-
Publication number: 20060185671Abstract: A powder conveying pump, in particular for a powder coating device. The pump comprises a working chamber with a variable working chamber volume, a powder inlet opening into the working chamber to suck powder into the working chamber, a powder outlet opening out of the working chamber to expel the powder present in the working chamber and a moveable piston that forms one boundary surface of the working chamber and sucks the powder into the working chamber through the powder inlet during an upward movement. The piston is driven directly by pneumatic means.Type: ApplicationFiled: February 6, 2006Publication date: August 24, 2006Applicant: Durr Systems, Inc.Inventors: Thomas Durr, Hans-Georg Fritz, Frank Herre