Patents by Inventor Travis Walton
Travis Walton has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9934000Abstract: An apparatus for balancing consumption of random data, comprising an entropy manager operable to: responsive to receipt of a request for random data, monitor one or more events associated with a plurality of entities and access one or more rules; determine whether a higher level of entropy associated with the random data is required by analyzing the one or more events in accordance with the one or more rules; responsive to a determination that a higher level of entropy is not required, set an entropy state associated with the entropy to a lower level of entropy and obtain random data from an entropy source having a lower level of entropy; and responsive to a determination that a higher level of entropy is required, switch an entropy state associated with the entropy to a higher level of entropy and obtain random data from an entropy source having a higher level of entropy.Type: GrantFiled: May 30, 2013Date of Patent: April 3, 2018Assignee: International Business Machines CorporationInventors: David Sherwood, James William Walker, Travis Walton
-
Patent number: 9898609Abstract: A method, system and program product for performing a trusted boot of a virtual machine comprises the steps of executing, in turn, a series of components of the trusted boot, performing a function on each component prior to the execution of the respective component, storing the output of the functions in a virtual trusted platform module, detecting that the virtual trusted platform module has not responded to the storing of the output of a function in the virtual trusted platform module, and generating a request that the virtual trusted platform module be disabled.Type: GrantFiled: September 28, 2015Date of Patent: February 20, 2018Assignee: International Business Machines CorporationInventors: David Sherwood, James W. Walker, Travis Walton
-
Patent number: 9721103Abstract: A method, system and program product for performing a trusted boot of a virtual machine comprises the steps of executing, in turn, a series of components of the trusted boot, performing a function on each component prior to the execution of the respective component, storing the output of the functions in a virtual trusted platform module, detecting that the virtual trusted platform module has not responded to the storing of the output of a function in the virtual trusted platform module, and generating a request that the virtual trusted platform module be disabled.Type: GrantFiled: June 27, 2013Date of Patent: August 1, 2017Assignee: International Business Machines CorporationInventors: David Sherwood, James W. Walker, Travis Walton
-
Publication number: 20170004316Abstract: Systems and methods are described for clipboard intercession of secure applications. Techniques include a method for clipboard intercession comprising: for a first application, the application having a first library that includes a function referencing a first memory location for at least one clipboard command associated with the application, modifying the application such that a second, different memory location is referenced when the function is called for the at least one clipboard command; in response to the first application receiving a copy command, copying first text to the second memory location and not the first memory location; and, in response to a second application receiving a paste command after the first application receives the copy command, referencing the first memory location and not the second memory location such that the first text is not accessed by the second application.Type: ApplicationFiled: July 2, 2015Publication date: January 5, 2017Inventor: Travis WALTON
-
Patent number: 9460296Abstract: Systems, methods and media are provided for selective decryption of files. One method includes monitoring a secure file storage area including at least one file using a selective decryption process associated with the secure file storage area. Content of each of the at least one file is protected with an encryption. The method also includes detecting a request by an application program for one of the at least one file. The method further includes determining whether the application program needs to access the content of the requested file. The method also includes, when it is determined that the application program does not need to access the content of the requested file, allowing the application program to access the file content without decrypting the encryption.Type: GrantFiled: July 19, 2013Date of Patent: October 4, 2016Assignee: APPSENSE LIMITEDInventors: Travis Walton, Paul Delivett
-
Patent number: 9355261Abstract: The disclosed subject matter includes a method. The method includes determining, by a module running on a computer platform in communication with non-transitory computer readable medium having a plurality of security zones, whether an application instance is in a foreground of a user interface for the computer platform. The method further includes determining, by the module, an alert level associated with the application instance in the foreground of the user interface, wherein the alert level includes at least one of a restriction level and an access level. The method also includes providing the alert level to a user of the computer platform using a visual cue displayed on the user interface.Type: GrantFiled: March 14, 2013Date of Patent: May 31, 2016Assignee: APPSENSE LIMITEDInventors: Travis Walton, Richard James Somerfield, Paul Delivett
-
Publication number: 20160019393Abstract: A method, system and program product for performing a trusted boot of a virtual machine comprises the steps of executing, in turn, a series of components of the trusted boot, performing a function on each component prior to the execution of the respective component, storing the output of the functions in a virtual trusted platform module, detecting that the virtual trusted platform module has not responded to the storing of the output of a function in the virtual trusted platform module, and generating a request that the virtual trusted platform module be disabled.Type: ApplicationFiled: September 28, 2015Publication date: January 21, 2016Inventors: David Sherwood, James W. Walker, Travis Walton
-
Patent number: 9042552Abstract: A method and apparatus is disclosed for managing encryption keys in a computer system in which in response to the change of a system key the old key and new key are both maintained for subsequent use.Type: GrantFiled: March 14, 2013Date of Patent: May 26, 2015Assignee: International Business Machines CorporationInventors: David Sherwood, James William Walker, Travis Walton
-
Patent number: 8959657Abstract: The disclosed subject matter includes a method. The method includes identifying an attempt to access, by an application instance running in a user space of an operating system, a first security zone of a computer readable medium, where the first security zone is associated with a first security level. The method further includes determining whether a restriction level associated with the application instance is higher than the first security level, where the restriction level is a function of previous security zones that have been accessed by the application instance. When the restriction level associated with the application instance is higher than the first security level, the method would prevent the application instance from writing to the first security zone. When the restriction level associated with the application instance is not higher than the first security level, the method would authorize the application instance to access the first security zone.Type: GrantFiled: March 14, 2013Date of Patent: February 17, 2015Assignee: AppSense LimitedInventors: Travis Walton, Paul Delivett, Richard James Somerfield
-
Publication number: 20150026460Abstract: Systems, methods and media are provided for selective decryption of files. One method includes monitoring a secure file storage area including at least one file using a selective decryption process associated with the secure file storage area. Content of each of the at least one file is protected with an encryption. The method also includes detecting a request by an application program for one of the at least one file. The method further includes determining whether the application program needs to access the content of the requested file. The method also includes, when it is determined that the application program does not need to access the content of the requested file, allowing the application program to access the file content without decrypting the encryption.Type: ApplicationFiled: July 19, 2013Publication date: January 22, 2015Applicant: AppSense LimitedInventors: Travis WALTON, Paul DELIVETT
-
Publication number: 20140282820Abstract: The disclosed subject matter includes a method. The method includes determining, by a module running on a computer platform in communication with non-transitory computer readable medium having a plurality of security zones, whether an application instance is in a foreground of a user interface for the computer platform. The method further includes determining, by the module, an alert level associated with the application instance in the foreground of the user interface, wherein the alert level includes at least one of a restriction level and an access level. The method also includes providing the alert level to a user of the computer platform using a visual cue displayed on the user interface.Type: ApplicationFiled: March 14, 2013Publication date: September 18, 2014Applicant: APPSENSE LIMITEDInventors: Travis WALTON, Richard James SOMERFIELD, Paul DELIVETT
-
Publication number: 20140283107Abstract: The disclosed subject matter includes a method. The method includes identifying an attempt to access, by an application instance running in a user space of an operating system, a first security zone of a computer readable medium, where the first security zone is associated with a first security level. The method further includes determining whether a restriction level associated with the application instance is higher than the first security level, where the restriction level is a function of previous security zones that have been accessed by the application instance. When the restriction level associated with the application instance is higher than the first security level, the method would prevent the application instance from writing to the first security zone. When the restriction level associated with the application instance is not higher than the first security level, the method would authorize the application instance to access the first security zone.Type: ApplicationFiled: March 14, 2013Publication date: September 18, 2014Applicant: APPSENSE LIMITEDInventors: Travis WALTON, Paul DELIVETT, Richard James SOMERFIELD
-
Publication number: 20140013327Abstract: A method, system and program product for performing a trusted boot of a virtual machine comprises the steps of executing, in turn, a series of components of the trusted boot, performing a function on each component prior to the execution of the respective component, storing the output of the functions in a virtual trusted platform module, detecting that the virtual trusted platform module has not responded to the storing of the output of a function in the virtual trusted platform module, and generating a request that the virtual trusted platform module be disabled.Type: ApplicationFiled: June 27, 2013Publication date: January 9, 2014Inventors: David Sherwood, James W. Walker, Travis Walton
-
Publication number: 20130325918Abstract: An apparatus for balancing consumption of random data, comprising an entropy manager operable to: responsive to receipt of a request for random data, monitor one or more events associated with a plurality of entities and access one or more rules; determine whether a higher level of entropy associated with the random data is required by analysing the one or more events in accordance with the one or more rules; responsive to a determination that a higher level of entropy is not required, set an entropy state associated with the entropy to a lower level of entropy and obtain random data from an entropy source having a lower level of entropy; and responsive to a determination that a higher level of entropy is required, switch an entropy state associated with the entropy to a higher level of entropy and obtain random data from an entropy source having a higher level of entropy.Type: ApplicationFiled: May 30, 2013Publication date: December 5, 2013Inventors: David Sherwood, James William Walker, Travis Walton
-
Publication number: 20130243197Abstract: A method and apparatus is disclosed for managing encryption keys in a computer system in which in response to the change of a system key the old key and new key are both maintained for subsequent use.Type: ApplicationFiled: March 14, 2013Publication date: September 19, 2013Applicant: International Business Machines CorporationInventors: David Sherwood, James William Walker, Travis Walton