Patents by Inventor Varun Malhotra

Varun Malhotra has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20200220780
    Abstract: The disclosed technology relates to intent driven network management. A system is configured to maintain an inventory store comprising records for a set of network entities in a network, wherein each network entity in the set of network entities is associated with a record in the inventory store. The system receives a user intent statement comprising an action and a flow filter representing network data flows on which the action is to be applied and queries, based on the flow filter, the inventory store to identify a plurality of network entities in the set of network entities to which the user intent statement applies. The system generates a plurality of network policies that implement the user intent statement based on the plurality of network entities and the action and enforces the plurality network policies.
    Type: Application
    Filed: March 16, 2020
    Publication date: July 9, 2020
    Inventors: Rohit Prasad, Shashi Gandham, Hoang Nguyen, Abhishek Singh, Shih-Chun Chang, Navindra Yadav, Ali Parandehgheibi, Paul Mach, Rachita Agasthy, Ravi Prasad, Varun Malhotra, Michael Watts, Sunil Gupta
  • Publication number: 20200145291
    Abstract: The disclosed technology relates to a network agent for generating platform specific network policies. A network agent is configured to receive a platform independent network policy from a network policy system, determine implementation characteristics of the network entity, generate platform specific policies from the platform independent network policy based on the implementation characteristics of the network entity, and implement the platform specific policies on the network entity.
    Type: Application
    Filed: December 30, 2019
    Publication date: May 7, 2020
    Inventors: Rohit Prasad, Hai Vu, Shih-Chun Chang, Hoang Nguyen, Shashi Gandham, Navindra Yadav, Praneeth Vallem, Sunil Gupta, Ravi Prasad, Varun Malhotra
  • Patent number: 10594560
    Abstract: The disclosed technology relates to intent driven network management. A system is configured to maintain an inventory store comprising records for a set of network entities in a network, wherein each network entity in the set of network entities is associated with a record in the inventory store. The system receives a user intent statement comprising an action and a flow filter representing network data flows on which the action is to be applied and queries, based on the flow filter, the inventory store to identify a plurality of network entities in the set of network entities to which the user intent statement applies. The system generates a plurality of network policies that implement the user intent statement based on the plurality of network entities and the action and enforces the plurality network policies.
    Type: Grant
    Filed: March 27, 2017
    Date of Patent: March 17, 2020
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Rohit Prasad, Shashi Gandham, Hoang Nguyen, Abhishek Singh, Shih-Chun Chang, Navindra Yadav, Ali Parandehgheibi, Paul Mach, Rachita Agasthy, Ravi Prasad, Varun Malhotra, Michael Watts, Sunil Gupta
  • Patent number: 10523512
    Abstract: The disclosed technology relates to a network agent for generating platform specific network policies. A network agent is configured to receive a platform independent network policy from a network policy system, determine implementation characteristics of the network entity, generate platform specific policies from the platform independent network policy based on the implementation characteristics of the network entity, and implement the platform specific policies on the network entity.
    Type: Grant
    Filed: March 24, 2017
    Date of Patent: December 31, 2019
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Rohit Prasad, Hai Vu, Shih-Chun Chang, Hoang Nguyen, Shashi Gandham, Navindra Yadav, Praneeth Vallem, Sunil Gupta, Ravi Prasad, Varun Malhotra
  • Patent number: 10250446
    Abstract: The disclosed technology relates to a distributed policy store. A system is configured to locate, in an index, an entry for a network entity, determine, based on the entry, a file identifier for a file containing a record for the network entity and an offset indicating a location of the record in the file. The system is further configured to locate the file in a distributed file system using the file identifier, locate the record in the file using the offset, and retrieve the record.
    Type: Grant
    Filed: March 27, 2017
    Date of Patent: April 2, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Rohit Prasad, Shashi Gandham, Hai Vu, Varun Malhotra, Sunil Gupta, Abhishek Singh, Navindra Yadav, Ali Parandehgheibi, Ravi Prasad, Praneeth Vallem, Paul Lesiak, Hoang Nguyen
  • Publication number: 20180278478
    Abstract: The disclosed technology relates to a network agent for generating platform specific network policies. A network agent is configured to receive a platform independent network policy from a network policy system, determine implementation characteristics of the network entity, generate platform specific policies from the platform independent network policy based on the implementation characteristics of the network entity, and implement the platform specific policies on the network entity.
    Type: Application
    Filed: March 24, 2017
    Publication date: September 27, 2018
    Inventors: Rohit Prasad, Hai Vu, Shih-Chun Chang, Hoang Nguyen, Shashi Gandham, Navindra Yadav, Praneeth Vallem, Sunil Gupta, Ravi Prasad, Varun Malhotra
  • Publication number: 20180278481
    Abstract: The disclosed technology relates to a distributed policy store. A system is configured to locate, in an index, an entry for a network entity, determine, based on the entry, a file identifier for a file containing a record for the network entity and an offset indicating a location of the record in the file. The system is further configured to locate the file in a distributed file system using the file identifier, locate the record in the file using the offset, and retrieve the record.
    Type: Application
    Filed: March 27, 2017
    Publication date: September 27, 2018
    Inventors: Rohit Prasad, Shashi Gandham, Hai Vu, Varun Malhotra, Sunil Gupta, Abhishek Singh, Navindra Yadav, Ali Parandehgheibi, Ravi Prasad, Praneeth Vallem, Paul Lesiak, Hoang Nguyen
  • Publication number: 20180278479
    Abstract: The disclosed technology relates to a network agent for reporting to a network policy system. A network agent includes an agent enforcer and an agent controller. The agent enforcer is configured to implementing network policies on the system, access data associated with the implementation of the network policies on the system, and transmit, via an interprocess communication, the data to the agent controller. The agent controller is configured to generate a report including the data and transmit the report to a network policy system.
    Type: Application
    Filed: March 27, 2017
    Publication date: September 27, 2018
    Inventors: Hai Vu, Shih-Chun Chang, Varun Malhotra, Shashi Gandham, Navindra Yadav, Allen Chen, Praneeth Vallem, Rohit Prasad
  • Publication number: 20180278480
    Abstract: The disclosed technology relates to intent driven network management. A system is configured to maintain an inventory store comprising records for a set of network entities in a network, wherein each network entity in the set of network entities is associated with a record in the inventory store. The system receives a user intent statement comprising an action and a flow filter representing network data flows on which the action is to be applied and queries, based on the flow filter, the inventory store to identify a plurality of network entities in the set of network entities to which the user intent statement applies. The system generates a plurality of network policies that implement the user intent statement based on the plurality of network entities and the action and enforces the plurality network policies.
    Type: Application
    Filed: March 27, 2017
    Publication date: September 27, 2018
    Inventors: Rohit Prasad, Shashi Gandham, Hoang Nguyen, Abhishek Singh, Shih-Chun Chang, Navindra Yadav, Ali Parandehgheibi, Paul Mach, Rachita Agasthy, Ravi Prasad, Varun Malhotra, Michael Watts, Sunil Gupta
  • Patent number: 8892905
    Abstract: One embodiment of the present invention provides a system for performing selective encryption/decryption in a data storage system. During operation, the system receives a data block from a storage medium at an input/output layer, wherein the input/output layer serves as an interface between the storage medium and a buffer cache. Next, the system determines whether the data block is an encrypted data block. If not, the system stores the data block in the buffer cache. Otherwise, if the data block is an encrypted data block, the system retrieves a storage-key, wherein the storage-key is associated with a subset of storage, which is associated with the encrypted data block. Using the storage-key, the system then decrypts the encrypted data block to produce a decrypted data block. Finally, the system stores the decrypted data block in the buffer cache, wherein the data block remains encrypted in the storage medium.
    Type: Grant
    Filed: March 21, 2007
    Date of Patent: November 18, 2014
    Assignee: Oracle International Corporation
    Inventors: Adam Y. Lee, Varun Malhotra, Daniel ManHung Wong, Tirthankar Lahiri, Kiran Goyal, Juan R. Loaiza, Paul Youn
  • Patent number: 8224813
    Abstract: A method, system, and computer program product for cost based analysis for data access in a database management system. In one approach, the method, system, and computer program product identifies data to access. A first cost for direct I/O storage access and a second cost for cache access are then determined for accessing the data. A comparison between the first cost and the second cost is then performed. Finally, a first portion of identified data is accessed based at least in part upon the comparison.
    Type: Grant
    Filed: October 20, 2006
    Date of Patent: July 17, 2012
    Assignee: Oracle International Corporation
    Inventors: Sanjay Kaluskar, Varun Malhotra, Tirthankar Lahiri, Juan Loaiza, Sumanta Chatterjee, Dmitry Potapov, Margaret Susairaj, Hakan Jakobsson
  • Patent number: 7991775
    Abstract: Described herein are techniques for generating a global checkpoint system change number and computing a snapshot query using the global checkpoint system change number without a need to acquire global locks. In many cases, the need to acquire global locks is eliminated, thereby saving the overhead attendant to processing global locks.
    Type: Grant
    Filed: October 2, 2008
    Date of Patent: August 2, 2011
    Assignee: Oracle International Corporation
    Inventors: Neil MacNaughton, Tirthankar Lahiri, Varun Malhotra
  • Publication number: 20100036843
    Abstract: Described herein are techniques for generating a global checkpoint system change number and computing a snapshot query using the global checkpoint system change number without a need to acquire global locks. In many cases, the need to acquire global locks is eliminated, thereby saving the overhead attendant to processing global locks.
    Type: Application
    Filed: October 2, 2008
    Publication date: February 11, 2010
    Applicant: ORACLE INTERNATIONAL CORPORATION
    Inventors: Neil MacNaughton, Tirthankar Lahiri, Varun Malhotra
  • Publication number: 20080232592
    Abstract: One embodiment of the present invention provides a system for performing selective encryption/decryption in a data storage system. During operation, the system receives a data block from a storage medium at an input/output layer, wherein the input/output layer serves as an interface between the storage medium and a buffer cache. Next, the system determines whether the data block is an encrypted data block. If not, the system stores the data block in the buffer cache. Otherwise, if the data block is an encrypted data block, the system retrieves a storage-key, wherein the storage-key is associated with a subset of storage, which is associated with the encrypted data block. Using the storage-key, the system then decrypts the encrypted data block to produce a decrypted data block. Finally, the system stores the decrypted data block in the buffer cache, wherein the data block remains encrypted in the storage medium.
    Type: Application
    Filed: March 21, 2007
    Publication date: September 25, 2008
    Inventors: Adam Y. Lee, Varun Malhotra, Daniel ManHung Wong, Tirthankar Lahiri, Kiran Goyal, Juan R. Loaiza, Paul Youn
  • Publication number: 20080098169
    Abstract: A method, system, and computer program product forcost based analysis for data access in a database management system. In one approach, the method, system, and computer program productperforms identifying data to access, determining a first cost for direct I/O storage access and a second cost for cache access, performing a comparison between the first cost and the second cost, and accessing a first portion of identified data based upon the comparison.
    Type: Application
    Filed: October 20, 2006
    Publication date: April 24, 2008
    Applicant: ORACLE INTERNATIONAL CORPORATION
    Inventors: Sanjay Kaluskar, Varun Malhotra, Tirthankar Lahiri, Juan Loaiza, Sumanta Chatterjee, Dmitry Potapov, Margaret Susairaj, Hakan Jakobsson