Patents by Inventor Wan-Yen Hsu
Wan-Yen Hsu has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 12135826Abstract: Examples described herein relate to a security management system to secure a container ecosystem. In some examples, the security management system may protect one or more entities such as container management applications, container images, containers, and/or executable applications within the containers. The security management system may make use of digital cryptography to generate digital signatures corresponding to one or more of these entities and verify them during the execution so that any compromised entities can be blocked from execution and the container ecosystem may be safeguarded from any malicious network attacks.Type: GrantFiled: September 6, 2022Date of Patent: November 5, 2024Assignee: Hewlett Packard Enterprise Development LPInventors: Wan-Yen Hsu, Chih-Hao Chang, Lin-Chan Hsiao
-
Patent number: 12124617Abstract: Examples described herein relate to a security management system to secure a container ecosystem. In some examples, the security management system may protect one or more entities such as container management applications, container images, containers, and/or executable applications within the containers. The security management system may make use of digital cryptography to generate digital signatures corresponding to one or more of these entities and verify them during the execution so that any compromised entities can be blocked from execution and the container ecosystem may be safeguarded from any malicious network attacks.Type: GrantFiled: September 7, 2022Date of Patent: October 22, 2024Assignee: Hewlett Packard Enterprise Development LPInventors: Wan-Yen Hsu, Chih-Hao Chang, Lin-Chan Hsiao
-
Publication number: 20240078342Abstract: Examples described herein relate to a security management system to secure a container ecosystem. In some examples, the security management system may protect one or more entities such as container management applications, container images, containers, and/or executable applications within the containers. The security management system may make use of digital cryptography to generate digital signatures corresponding to one or more of these entities and verify them during the execution so that any compromised entities can be blocked from execution and the container ecosystem may be safeguarded from any malicious network attacks.Type: ApplicationFiled: September 7, 2022Publication date: March 7, 2024Inventors: Wan-Yen Hsu, Chih-Hao Chang, Lin-Chan Hsiao
-
Publication number: 20240078344Abstract: Examples described herein relate to a security management system to secure a container ecosystem. In some examples, the security management system may protect one or more entities such as container management applications, container images, containers, and/or executable applications within the containers. The security management system may make use of digital cryptography to generate digital signatures corresponding to one or more of these entities and verify them during the execution so that any compromised entities can be blocked from execution and the container ecosystem may be safeguarded from any malicious network attacks.Type: ApplicationFiled: September 6, 2022Publication date: March 7, 2024Inventors: Wan-Yen Hsu, Chih-Hao Chang, Lin-Chan Hsiao
-
Publication number: 20240078341Abstract: Examples described herein relate to a security management system to secure a container ecosystem. In some examples, the security management system may protect one or more entities such as container management applications, container images, containers, and/or executable applications within the containers. The security management system may make use of digital cryptography to generate digital signatures corresponding to one or more of these entities and verify them during the execution so that any compromised entities can be blocked from execution and the container ecosystem may be safeguarded from any malicious network attacks.Type: ApplicationFiled: September 7, 2022Publication date: March 7, 2024Inventors: Wan-Yen Hsu, Chih-Hao Chang, Lin-Chan Hsiao
-
Patent number: 10567397Abstract: Examples disclosed herein relate to a security-based container scheduling system for allocating a container to a node. A discovery engine discovers a node in a cluster of nodes and a node security attribute associated with the node. A translation engine generates a node selector from a container security attribute specified in metadata associated with the container.Type: GrantFiled: January 31, 2017Date of Patent: February 18, 2020Assignee: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LPInventors: Wan-Yen Hsu, Hui-Zhi Zhao, Ligong Duan
-
Publication number: 20180219877Abstract: Examples disclosed herein relate to a security-based container scheduling system for allocating a container to a node. A discovery engine discovers a node in a cluster of nodes and a node security attribute associated with the node. A translation engine generates a node selector from a container security attribute specified in metadata associated with the container.Type: ApplicationFiled: January 31, 2017Publication date: August 2, 2018Inventors: Wan-Yen Hsu, Hui-Zhi Zhao, Ligong Duan
-
Patent number: 9594590Abstract: Methods and systems of migrating applications (105-1 to 105-3) with dynamic operating system containers (205-1, 205-2) are disclosed, in which a number of applications (105-1 to 105-3) currently executed within a first operating system environment are identified for migration to a second operating system environment; a new operating system container (205-1, 205-2) is created within the first operating system environment; the number of identified applications (105-1 to 105-3) are transferred into the operating system container (205-1, 205-2); and the operating system container (205-1, 205-2) is migrated to the second operating system environment.Type: GrantFiled: June 29, 2011Date of Patent: March 14, 2017Assignee: Hewlett Packard Enterprise Development LPInventor: Wan-Yen Hsu
-
Patent number: 8739288Abstract: An embodiment of the invention provides an apparatus and method for automatic detection of a vulnerability exploit. The apparatus and method are configured to post a security vulnerability warning indicating a vulnerability of software; provide an exploit detector; and use the exploit detector to detect an attempted exploit that targets the vulnerability.Type: GrantFiled: July 31, 2007Date of Patent: May 27, 2014Assignee: Hewlett-Packard Development Company, L.P.Inventors: John R. Diamant, Wan-Yen Hsu, David Hsing Lin, Eric C. Scoredos
-
Publication number: 20140137125Abstract: Methods and systems of migrating applications (105-1 to 105-3) with dynamic operating system containers (205-1, 205-2) are disclosed, in which a number of applications (105-1 to 105-3) currently executed within a first operating system environment are identified for migration to a second operating system environment; a new operating system container (205-1, 205-2) is created within the first operating system environment; the number of identified applications (105-1 to 105-3) are transferred into the operating system container (205-1, 205-2); and the operating system container (205-1, 205-2) is migrated to the second operating system environment.Type: ApplicationFiled: June 29, 2011Publication date: May 15, 2014Inventor: Wan-Yen Hsu
-
Publication number: 20090038015Abstract: An embodiment of the invention provides an apparatus and method for automatic detection of a vulnerability exploit. The apparatus and method are configured to post a security vulnerability warning indicating a vulnerability of software; provide an exploit detector; and use the exploit detector to detect an attempted exploit that targets the vulnerability.Type: ApplicationFiled: July 31, 2007Publication date: February 5, 2009Inventors: John R. Diamant, Wan-Yen Hsu, David Hsing Lin, Eric C. Scoredos
-
Publication number: 20080082658Abstract: Various embodiments of spam control systems and methods are disclosed. One method embodiment, among others, comprises identifying an IP address as a spam source, and monitoring the activity of the IP address to determine if the IP address is re-assigned to another source.Type: ApplicationFiled: September 29, 2006Publication date: April 3, 2008Inventors: Wan-Yen Hsu, Eric C. Scoredos
-
Patent number: 7254562Abstract: A rule-based selection, storage and access method and system for processing packets from network traffic. First, packet intercepted from network traffic are selected based on at least one rule. Second, the selected packets are stored in an in-kernel storage buffer, which can be tuned to a size that is appropriate to the number packets being captured and the ability of a packet usage application (e.g., a billing program) to process the packets. Third, an access mechanism is provided to a packet usage application for accessing the stored packets. The intercepted network traffic is provided to a receiving application.Type: GrantFiled: July 11, 2002Date of Patent: August 7, 2007Assignee: Hewlett-Packard Development Company, L.P.Inventors: Wan-Yen Hsu, Eric C. Scoredos, Nobuhisa Takahashi
-
Publication number: 20050283529Abstract: A connection from a client to a primary server is monitored and state information pertaining to a protocol stack used in the primary server is conveyed to a standby server. When the primary server becomes unhealthy, a crossover message is sent by the standby server to a client according to the conveyed state information.Type: ApplicationFiled: June 22, 2004Publication date: December 22, 2005Inventors: Wan-Yen Hsu, Isaac Wong
-
Publication number: 20040098511Abstract: Packet routing method and system that routes packets to one of at least two processes based on at least one routing rule for processing packets from network traffic. First, at least one routing rule is received. The routing rule specifies one or more packet criteria (e.g., network card through which the packet is received or a predetermined source address of the packet). The routing rule also specifies a predetermined route or path for packets that meet the criteria described previously. Second, packets are received from a source (e.g., network traffic). Third, the routing rule is applied to the received packets. When the packet matches the criteria, the packet is routed to a predetermined process (e.g., a first application) through a corresponding route or path. The predetermined process then performs further packet processing on the routed packet. Otherwise, the packet is routed to a predetermined process (e.g., a second application) through a predetermined route.Type: ApplicationFiled: November 16, 2002Publication date: May 20, 2004Inventors: David H. Lin, Wan-Yen Hsu
-
Publication number: 20040010473Abstract: A rule-based selection, storage and access method and system for processing packets from network traffic. First, packet intercepted from network traffic are selected based on at least one rule. Second, the selected packets are stored in an in-kernel storage buffer, which can be tuned to a size that is appropriate to the number packets being captured and the ability of a packet usage application (e.g., a billing program) to process the packets. Third, an access mechanism is provided to a packet usage application for accessing the stored packets. The intercepted network traffic is provided to a receiving application.Type: ApplicationFiled: July 11, 2002Publication date: January 15, 2004Inventors: Wan-Yen Hsu, Eric C. Scoredos, Nobuhisa Takahashi