Patents by Inventor Vamsi Motukuru
Vamsi Motukuru has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230336536Abstract: Techniques are described for providing session management functionalities using an access token (e.g., an Open Authorization (OAuth) access token). Upon successful user authentication, a session (e.g., a single sign-on session) is created for the user along with a user identity token that includes information identifying the session. The user identity token is presentable in an access token request sent to an access token issuer authority (e.g., an OAuth server). Upon receiving the access token request, the user identity token is parsed to identify and validate the session against information stored for the session. The validation can include various session management-related checks. If the validation is successful, the token issuer authority generates the access token. In this manner, the access token that is generated is linked to the session. The access token can then be used by an application to gain access to a protected resource.Type: ApplicationFiled: June 28, 2023Publication date: October 19, 2023Inventors: Mayank Maria, Aarathi Balakrishnan, Dharmvir Singh, Madhu Martin, Vikas Pooven Chathoth, Vamsi Motukuru
-
Patent number: 11736469Abstract: Techniques are described for providing session management functionalities using an access token (e.g., an Open Authorization (OAuth) access token). Upon successful user authentication, a session (e.g., a single sign-on session) is created for the user along with a user identity token that includes information identifying the session. The user identity token is presentable in an access token request sent to an access token issuer authority (e.g., an OAuth server). Upon receiving the access token request, the user identity token is parsed to identify and validate the session against information stored for the session. The validation can include various session management-related checks. If the validation is successful, the token issuer authority generates the access token. In this manner, the access token that is generated is linked to the session. The access token can then be used by an application to gain access to a protected resource.Type: GrantFiled: March 2, 2022Date of Patent: August 22, 2023Assignee: Oracle International CorporationInventors: Mayank Maria, Aarathi Balakrishnan, Dharmvir Singh, Madhu Martin, Vikas Pooven Chathoth, Vamsi Motukuru
-
Publication number: 20220191188Abstract: Techniques are described for providing session management functionalities using an access token (e.g., an Open Authorization (OAuth) access token). Upon successful user authentication, a session (e.g., a single sign-on session) is created for the user along with a user identity token that includes information identifying the session. The user identity token is presentable in an access token request sent to an access token issuer authority (e.g., an OAuth server). Upon receiving the access token request, the user identity token is parsed to identify and validate the session against information stored for the session. The validation can include various session management-related checks. If the validation is successful, the token issuer authority generates the access token. In this manner, the access token that is generated is linked to the session. The access token can then be used by an application to gain access to a protected resource.Type: ApplicationFiled: March 2, 2022Publication date: June 16, 2022Applicant: Oracle International CorporationInventors: Mayank Maria, Aarathi Balakrishnan, Dharmvir Singh, Madhu Martin, Vikas Pooven Chathoth, Vamsi Motukuru
-
Patent number: 11303627Abstract: Techniques are described for providing session management functionalities using an access token (e.g., an Open Authorization (OAuth) access token). Upon successful user authentication, a session (e.g., a single sign-on session) is created for the user along with a user identity token that includes information identifying the session. The user identity token is presentable in an access token request sent to an access token issuer authority (e.g., an OAuth server). Upon receiving the access token request, the user identity token is parsed to identify and validate the session against information stored for the session. The validation can include various session management-related checks. If the validation is successful, the token issuer authority generates the access token. In this manner, the access token that is generated is linked to the session. The access token can then be used by an application to gain access to a protected resource.Type: GrantFiled: October 18, 2018Date of Patent: April 12, 2022Assignee: Oracle International CorporationInventors: Mayank Maria, Aarathi Balakrishnan, Dharmvir Singh, Madhu Martin, Vikas Pooven Chathoth, Vamsi Motukuru
-
Patent number: 11019103Abstract: The present disclosure relates generally to techniques for controlling access to resources accessible in a distributed environment. One of the techniques includes connecting a security agent to a policy server through a default port using a default protocol. The security agent is configured to intercept requests for access to a resource in a distributed environment, and work with the policy server to control access to the resource based on policies stored on the policy server. The technique further includes obtaining a configuration file from the policy server such that the security agent can initialize and determine the distributed environment in which the security agent resides, analyzing ports of communication within the distributed environment to identify a preferred port that is available for connection to the policy server, and connecting to the policy server through the preferred port to access the policies for controlling the access to the resource.Type: GrantFiled: November 6, 2019Date of Patent: May 25, 2021Assignee: Oracle International CorporationInventors: Vamsi Motukuru, Ashish Kolli
-
Patent number: 10735196Abstract: An access management system is disclosed that can provide access to resources by password-less authentication. The access management system can provide multiple layers of security for authentication taking into account risk factors (e.g., device, location, etc.) to ensure authentication without compromising access. Contextual details of a user based on a mobile device can be used for authentication based on possession of a device. Password-less authentication of a user may be enabled by registration of devices and/or a location (e.g., a geo-graphic location) as trusted. Security data embedded with encrypted data can be sent to a first device for password-less authentication of a user at the device. A second device registered with the user can obtain the security data from the first device. The second device can decrypts the data and send the decrypted data to the access management system for verification to enable password-less authentication at the first device.Type: GrantFiled: November 7, 2018Date of Patent: August 4, 2020Assignee: Oracle International CorporationInventors: Venugopal Padmanabhan Shastri, Sreenivasa R. Chitturi, Vamsi Motukuru, Mandar Bhatkhande, Sunil Kumar Joshi
-
Patent number: 10693864Abstract: Techniques are disclosed for a single sign-on (SSO) enterprise system with multiple data centers that can use a lightweight cookie on a user's client device. The lightweight cookie can include a reference to a data center in which the user is already authenticated, and a new data center can contact the old data center for creating a session for the user on the new data center. If the old data center is unavailable, then the new data center may fall back to accessing a local security store, a backup of keys, security tokens, and/or other security data, in order to create a local session for the user on the new data center.Type: GrantFiled: September 24, 2018Date of Patent: June 23, 2020Assignee: Oracle International CorporationInventors: Stephen Mathew, Vamsi Motukuru, Madhu Martin, Vikas Pooven Chathoth
-
Publication number: 20200076860Abstract: The present disclosure relates generally to techniques for controlling access to resources accessible in a distributed environment. One of the techniques includes connecting a security agent to a policy server through a default port using a default protocol. The security agent is configured to intercept requests for access to a resource in a distributed environment, and work with the policy server to control access to the resource based on policies stored on the policy server. The technique further includes obtaining a configuration file from the policy server such that the security agent can initialize and determine the distributed environment in which the security agent resides, analyzing ports of communication within the distributed environment to identify a preferred port that is available for connection to the policy server, and connecting to the policy server through the preferred port to access the policies for controlling the access to the resource.Type: ApplicationFiled: November 6, 2019Publication date: March 5, 2020Applicant: Oracle International CorporationInventors: Vamsi Motukuru, Ashish Kolli
-
Patent number: 10505982Abstract: The present disclosure relates generally to techniques for controlling access to resources accessible in a distributed environment. One of the techniques includes connecting a security agent to a policy server through a default port using a default protocol. The security agent is configured to intercept requests for access to a resource in a distributed environment, and work with the policy server to control access to the resource based on policies stored on the policy server. The technique further includes obtaining a configuration file from the policy server such that the security agent can initialize and determine the distributed environment in which the security agent resides, analyzing ports of communication within the distributed environment to identify a preferred port that is available for connection to the policy server, and connecting to the policy server through the preferred port to access the policies for controlling the access to the resource.Type: GrantFiled: October 21, 2016Date of Patent: December 10, 2019Assignee: Oracle International CorporationInventors: Vamsi Motukuru, Ashish Kolli
-
Publication number: 20190372962Abstract: Techniques are described for providing session management functionalities using an access token (e.g., an Open Authorization (OAuth) access token). Upon successful user authentication, a session (e.g., a single sign-on session) is created for the user along with a user identity token that includes information identifying the session. The user identity token is presentable in an access token request sent to an access token issuer authority (e.g., an OAuth server). Upon receiving the access token request, the user identity token is parsed to identify and validate the session against information stored for the session. The validation can include various session management-related checks. If the validation is successful, the token issuer authority generates the access token. In this manner, the access token that is generated is linked to the session. The access token can then be used by an application to gain access to a protected resource.Type: ApplicationFiled: October 18, 2018Publication date: December 5, 2019Applicant: Oracle International CorporationInventors: Mayank Maria, Aarathi Balakrishnan, Dharmvir Singh, Madhu Martin, Vikas Pooven Chathoth, Vamsi Motukuru
-
Publication number: 20190074972Abstract: An access management system is disclosed that can provide access to resources by password-less authentication. The access management system can provide multiple layers of security for authentication taking into account risk factors (e.g., device, location, etc.) to ensure authentication without compromising access. Contextual details of a user based on a mobile device can be used for authentication based on possession of a device. Password-less authentication of a user may be enabled by registration of devices and/or a location (e.g., a geo-graphic location) as trusted. Security data embedded with encrypted data can be sent to a first device for password-less authentication of a user at the device. A second device registered with the user can obtain the security data from the first device. The second device can decrypts the data and send the decrypted data to the access management system for verification to enable password-less authentication at the first device.Type: ApplicationFiled: November 7, 2018Publication date: March 7, 2019Applicant: Oracle International CorporationInventors: Venugopal Padmanabhan Shastri, Sreenivasa R. Chitturi, Vamsi Motukuru, Mandar Bhatkhande, Sunil Kumar Joshi
-
Publication number: 20190036907Abstract: Techniques are disclosed for a single sign-on (SSO) enterprise system with multiple data centers that can use a lightweight cookie on a user's client device. The lightweight cookie can include a reference to a data center in which the user is already authenticated, and a new data center can contact the old data center for creating a session for the user on the new data center. If the old data center is unavailable, then the new data center may fall back to accessing a local security store, a backup of keys, security tokens, and/or other security data, in order to create a local session for the user on the new data center.Type: ApplicationFiled: September 24, 2018Publication date: January 31, 2019Applicant: Oracle International CorporationInventors: Stephen Mathew, Vamsi Motukuru, Madhu Martin, Vikas Pooven Chathoth
-
Patent number: 10158489Abstract: An access management system is disclosed that can provide access to resources by password-less authentication. The access management system can provide multiple layers of security for authentication taking into account risk factors (e.g., device, location, etc.) to ensure authentication without compromising access. Contextual details of a user based on a mobile device can be used for authentication based on possession of a device. Password-less authentication of a user may be enabled by registration of devices and/or a location (e.g., a geographic location) as trusted. Security data embedded with encrypted data can be sent to a first device for password-less authentication of a user at the device. A second device registered with the user can obtain the security data from the first device. The second device can decrypts the data and send the decrypted data to the access management system for verification to enable password-less authentication at the first device.Type: GrantFiled: October 21, 2016Date of Patent: December 18, 2018Assignee: Oracle International CorporationInventors: Venugopal Padmanabhan Shastri, Sreenivasa R. Chitturi, Vamsi Motukuru, Mandar Bhatkhande, Sunil Kumar Joshi
-
Patent number: 10084769Abstract: Techniques are disclosed for a single sign-on (SSO) enterprise system with multiple data centers that can use a lightweight cookie on a user's client device. The lightweight cookie can include a reference to a data center in which the user is already authenticated, and a new data center can contact the old data center for creating a session for the user on the new data center. If the old data center is unavailable, then the new data center may fall back to accessing a local security store, a backup of keys, security tokens, and/or other security data, in order to create a local session for the user on the new data center.Type: GrantFiled: April 29, 2016Date of Patent: September 25, 2018Assignee: Oracle International CorporationInventors: Stephen Mathew, Vamsi Motukuru, Madhu Martin, Vikas Pooven Chathoth
-
Patent number: 9887981Abstract: Systems and methods are disclosed for a single sign-on (SSO) enterprise system with multiple data centers that use a lightweight cookie on a user's client device. The lightweight cookie includes a reference to a data center in which the user is already authenticated, and a new data center contacts the old data center for creating a session for the user on the new data center. If the old data center is unavailable, then the new data center may fall back to accessing a local security store, a backup of keys, security tokens, and/or other security data, in order to create a local session for the user on the new data center.Type: GrantFiled: January 25, 2016Date of Patent: February 6, 2018Assignee: Oracle International CorporationInventors: Stephen Mathew, Vamsi Motukuru, Madhu Martin, Vikas Pooven Chathoth
-
Patent number: 9866640Abstract: An enterprise software system access manager saves cookies for users' sessions on client devices but creates server-side sessions on the fly when needed for the users to access certain features, when there is a constraint on the client device, or due to application policies. The server-side session objects can have references to the client-side cookies and can have key-value pairs added to them instead of the associated cookie.Type: GrantFiled: September 19, 2014Date of Patent: January 9, 2018Assignee: Oracle International CorporationInventors: Vamsi Motukuru, Vikas Pooven Chathoth, Vipin Anaparakkal Koottayi
-
Publication number: 20170118025Abstract: An access management system is disclosed that can provide access to resources by password-less authentication. The access management system can provide multiple layers of security for authentication taking into account risk factors (e.g., device, location, etc.) to ensure authentication without compromising access. Contextual details of a user based on a mobile device can be used for authentication based on possession of a device. Password-less authentication of a user may be enabled by registration of devices and/or a location (e.g., a geographic location) as trusted. Security data embedded with encrypted data can be sent to a first device for password-less authentication of a user at the device. A second device registered with the user can obtain the security data from the first device. The second device can decrypts the data and send the decrypted data to the access management system for verification to enable password-less authentication at the first device.Type: ApplicationFiled: October 21, 2016Publication date: April 27, 2017Applicant: Oracle International CorporationInventors: Venugopal Padmanabhan Shastri, Sreenivasa R. Chitturi, Vamsi Motukuru, Mandar Bhatkhande, Sunil Kumar Joshi
-
Publication number: 20170118249Abstract: The present disclosure relates generally to techniques for controlling access to resources accessible in a distributed environment. One of the techniques includes connecting a security agent to a policy server through a default port using a default protocol. The security agent is configured to intercept requests for access to a resource in a distributed environment, and work with the policy server to control access to the resource based on policies stored on the policy server. The technique further includes obtaining a configuration file from the policy server such that the security agent can initialize and determine the distributed environment in which the security agent resides, analyzing ports of communication within the distributed environment to identify a preferred port that is available for connection to the policy server, and connecting to the policy server through the preferred port to access the policies for controlling the access to the resource.Type: ApplicationFiled: October 21, 2016Publication date: April 27, 2017Applicant: Oracle International CorporationInventors: Vamsi Motukuru, Ashish Kolli
-
Publication number: 20160248758Abstract: Techniques are disclosed for a single sign-on (SSO) enterprise system with multiple data centers that can use a lightweight cookie on a user's client device. The lightweight cookie can include a reference to a data center in which the user is already authenticated, and a new data center can contact the old data center for creating a session for the user on the new data center. If the old data center is unavailable, then the new data center may fall back to accessing a local security store, a backup of keys, security tokens, and/or other security data, in order to create a local session for the user on the new data center.Type: ApplicationFiled: April 29, 2016Publication date: August 25, 2016Applicant: Oracle International CorporationInventors: Stephen Mathew, Vamsi Motukuru, Madhu Martin, Vikas Pooven Chathoth
-
Publication number: 20160219040Abstract: Systems and methods are disclosed for a single sign-on (SSO) enterprise system with multiple data centers that use a lightweight cookie on a user's client device. The lightweight cookie includes a reference to a data center in which the user is already authenticated, and a new data center contacts the old data center for creating a session for the user on the new data center. If the old data center is unavailable, then the new data center may fall back to accessing a local security store, a backup of keys, security tokens, and/or other security data, in order to create a local session for the user on the new data center.Type: ApplicationFiled: January 25, 2016Publication date: July 28, 2016Applicant: Oracle International CorporationInventors: Stephen Mathew, Vamsi Motukuru, Madhu Martin, Vikas Pooven Chathoth