Patents by Inventor Yoni Lavi
Yoni Lavi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9578030Abstract: There are provided a rule-set analyzer and a method of analyzing an ordered security rule-set comprising a plurality of rules and characterized by at least one extrinsic field. The method comprises: upon specifying atomic elements constituting an extrinsic space corresponding to the at least one extrinsic field, partitioning, by a processor, the extrinsic space into two or more equivalence classes, wherein each atomic element in the extrinsic space belongs to one and only one equivalence class; mapping, by the processor, said equivalence classes over the rule-set; and analyzing, by the processor, the security rule-set using the results of mapping said equivalence classes over the rule-set.Type: GrantFiled: July 10, 2014Date of Patent: February 21, 2017Assignee: TUFIN SOFTWARE TECHNOLOGIES LTD.Inventor: Yoni Lavi
-
Patent number: 9021549Abstract: There are provided a method of generation of a security rule-set and a system thereof. The method includes: obtaining a group of log records of communication events resulting from traffic related to the security gateway; generating a preliminary rule-set of permissive rules, said set covering the obtained group of log records; generating, with the help of mapping the generated preliminary rule-set to the obtained group of log records, a rule-set of non-overlapping rules covering the group of log records; and generating an operational rule-set by processing the generated rule-set of non-overlapping rules, said processing including mapping the generated rule-set of non-overlapping rule to the obtained group of log records.Type: GrantFiled: January 2, 2014Date of Patent: April 28, 2015Assignee: Tufin Software Technologies Ltd.Inventors: Yoram Gronich, Haggai Schechtman, Yoni Lavi
-
Publication number: 20140325590Abstract: There are provided a rule-set analyzer and a method of analyzing an ordered security rule-set comprising a plurality of rules and characterized by at least one extrinsic field. The method comprises: upon specifying atomic elements constituting an extrinsic space corresponding to the at least one extrinsic field, partitioning, by a processor, the extrinsic space into two or more equivalence classes, wherein each atomic element in the extrinsic space belongs to one and only one equivalence class; mapping, by the processor, said equivalence classes over the rule-set; and analyzing, by the processor, the security rule-set using the results of mapping said equivalence classes over the rule-set.Type: ApplicationFiled: July 10, 2014Publication date: October 30, 2014Inventor: Yoni LAVI
-
Patent number: 8806569Abstract: There are provided a rule-set analyzer and a method of analyzing an ordered security rule-set comprising a plurality of rules comprising N?1 extrinsic rule-fields. The method comprised: upon specifying an extrinsic space constituted by atomic elements corresponding to the values characterizing an extrinsic rule-field, partitioning said specified extrinsic space into two or more equivalence classes, wherein each atomic element in said extrinsic space belongs to one and only one equivalence class; mapping said equivalence classes over the rule-set; and generating a logically equivalent security rule-set, wherein respective rules comprise N?1 extrinsic rule-fields.Type: GrantFiled: February 7, 2012Date of Patent: August 12, 2014Assignee: Tufin Software Technologies Ltd.Inventor: Yoni Lavi
-
Publication number: 20140123216Abstract: There are provided a method of generation of a security rule-set and a system thereof. The method includes: obtaining a group of log records of communication events resulting from traffic related to the security gateway; generating a preliminary rule-set of permissive rules, said set covering the obtained group of log records; generating, with the help of mapping the generated preliminary rule-set to the obtained group of log records, a rule-set of non-overlapping rules covering the group of log records; and generating an operational rule-set by processing the generated rule-set of non-overlapping rules, said processing including mapping the generated rule-set of non-overlapping rule to the obtained group of log records.Type: ApplicationFiled: January 2, 2014Publication date: May 1, 2014Applicant: Tufin Software Technologies Ltd.Inventors: Yoram GRONICH, Haggai SCHECHTMAN, Yoni LAVI
-
Patent number: 8646031Abstract: There are provided a method of automated generation of a security rule-set and a system thereof. The method comprises: obtaining a group of log records of communication events resulting from traffic related to the security gateway; generating a preliminary rule-set of permissive rules, said set covering the obtained group of log records; generating, with the help of mapping the generated preliminary rule-set to the obtained group of log records, a rule-set of non-overlapping rules covering the group of log records; and generating an operational rule-set by processing the generated rule-set of non-overlapping rules, said processing including mapping the generated rule-set of non-overlapping rule to the obtained group of log records.Type: GrantFiled: December 15, 2011Date of Patent: February 4, 2014Assignee: Tufin Software Technologies LtdInventors: Yoram Gronich, Haggai Schechtman, Yoni Lavi
-
Publication number: 20120204220Abstract: There are provided a rule-set analyzer and a method of analyzing an ordered security rule-set comprising a plurality of rules comprising N?1 extrinsic rule-fields. The method comprised: upon specifying an extrinsic space constituted by atomic elements corresponding to the values characterizing an extrinsic rule-field, partitioning said specified extrinsic space into two or more equivalence classes, wherein each atomic element in said extrinsic space belongs to one and only one equivalence class; mapping said equivalence classes over the rule-set; and generating a logically equivalent security rule-set, wherein respective rules comprise N?1 extrinsic rule-fields.Type: ApplicationFiled: February 7, 2012Publication date: August 9, 2012Applicant: Tufin Software Technologies Ltd.Inventor: Yoni LAVI
-
Publication number: 20120180104Abstract: There are provided a method of automated generation of a security rule-set and a system thereof. The method comprises: obtaining a group of log records of communication events resulting from traffic related to the security gateway; generating a preliminary rule-set of permissive rules, said set covering the obtained group of log records; generating, with the help of mapping the generated preliminary rule-set to the obtained group of log records, a rule-set of non-overlapping rules covering the group of log records; and generating an operational rule-set by processing the generated rule-set of non-overlapping rules, said processing including mapping the generated rule-set of non-overlapping rule to the obtained group of log records.Type: ApplicationFiled: December 15, 2011Publication date: July 12, 2012Applicant: Tufin Software Technologies Ltd.Inventors: Yoram GRONICH, Haggai Schechtman, Yoni Lavi
-
Patent number: 7908343Abstract: Large-scale images are retrieved over network communications channels for display on a client device by selecting an update image parcel relative to an operator controlled image viewpoint to display via the client device. A request is prepared for the update image parcel and associated with a request queue for subsequent issuance over a communications channel. The update image parcel is received from the communications channel and displayed as a discrete portion of the predetermined image. The update image parcel optimally has a fixed pixel array size, is received in a single and or plurality of network data packets, and is constrained to a resolution less than or equal to the resolution of the client device display.Type: GrantFiled: November 16, 2009Date of Patent: March 15, 2011Assignee: Inovo LimitedInventors: Isaac Levanon, Yoni Lavi
-
Publication number: 20100064002Abstract: Large-scale images are retrieved over network communications channels for display on a client device by selecting an update image parcel relative to an operator controlled image viewpoint to display via the client device. A request is prepared for the update image parcel and associated with a request queue for subsequent issuance over a communications channel. The update image parcel is received from the communications channel and displayed as a discrete portion of the predetermined image. The update image parcel optimally has a fixed pixel array size, is received in a single and or plurality of network data packets, and is constrained to a resolution less than or equal to the resolution of the client device display.Type: ApplicationFiled: November 16, 2009Publication date: March 11, 2010Inventors: Isaac Levanon, Yoni Lavi
-
Patent number: 7644131Abstract: Large-scale images are retrieved over network communications channels for display on a client device by selecting an update image parcel relative to an operator controlled image viewpoint to display via the client device. A request is prepared for the update image parcel and associated with a request queue for subsequent issuance over a communications channel. The update image parcel is received from the communications channel and displayed as a discrete portion of the predetermined image. The update image parcel optimally has a fixed pixel array size, is received in a single network data packet, and is constrained to a resolution less than or equal to the resolution of the client device display.Type: GrantFiled: December 24, 2001Date of Patent: January 5, 2010Assignee: Inovo LimitedInventors: Isaac Levanon, Yoni Lavi
-
Patent number: 7139794Abstract: Dynamic visualization of image data provided through a network communications channel is performed by a client system including a parcel request subsystem and a parcel rendering subsystem. The parcel request subsystem includes a parcel request queue and is operative to request discrete image data parcels in a priority order and to store received image data parcels in a parcel data store. The parcel request subsystem is responsive to an image parcel request of assigned priority to place the image parcel request in the parcel request queue ordered in correspondence with the assigned priority. The parcel rendering subsystem is coupled to the parcel data store to selectively retrieve and render received image data parcels to a display memory. The parcel rendering system provides the parcel request subsystem with the image parcel request of the assigned priority.Type: GrantFiled: December 24, 2001Date of Patent: November 21, 2006Assignee: 3-D-V-U Israel (2000) Ltd.Inventors: Isaac Levanon, Yoni Lavi
-
Patent number: 6850235Abstract: Defects are removed from a tessellated polygonal mesh provided for the rendering of polygon corresponding image parcels through a process that first determines, for a predetermined segment of a first edge of a first polygon within the polygonal mesh, a difference in tessellation level between the first polygon and a second polygon disposed adjacent the predetermined edge of the first polygon, subject to the occurrence of a defect in the polygonal mesh between the first and second polygons. A terminus of the predetermined segment is then computed based on the difference in the tessellation levels and a new vertex, corresponding to the terminus, is added to a first set of vertices that define the first polygon. An image parcel can then be rendered based on the set of vertices, including the added vertex, such that the first image parcel as rendered covers the defect in the polygonal mesh between the first and second polygons.Type: GrantFiled: December 24, 2001Date of Patent: February 1, 2005Assignee: Fly Over Technologies Inc.Inventors: Isaac Levanon, Yoni Lavi
-
Publication number: 20020145606Abstract: Defects are removed from a tessellated polygonal mesh provided for the rendering of polygon corresponding image parcels through a process that first determines, for a predetermined segment of a first edge of a first polygon within the polygonal mesh, a difference in tessellation level between the first polygon and a second polygon disposed adjacent the predetermined edge of the first polygon, subject to the occurrence of a defect in the polygonal mesh between the first and second polygons. A terminus of the predetermined segment is then computed based on the difference in the tessellation levels and a new vertex, corresponding to the terminus, is added to a first set of vertices that define the first polygon. An image parcel can then be rendered based on the set of vertices, including the added vertex, such that the first image parcel as rendered covers the defect in the polygonal mesh between the first and second polygons.Type: ApplicationFiled: December 24, 2001Publication date: October 10, 2002Inventors: Isaac Levanon, Yoni Lavi
-
Publication number: 20020118224Abstract: Dynamic visualization of image data provided through a network communications channel is performed by a client system including a parcel request subsystem and a parcel rendering subsystem. The parcel request subsystem includes a parcel request queue and is operative to request discrete image data parcels in a priority order and to store received image data parcels in a parcel data store. The parcel request subsystem is responsive to an image parcel request of assigned priority to place the image parcel request in the parcel request queue ordered in correspondence with the assigned priority. The parcel rendering subsystem is coupled to the parcel data store to selectively retrieve and render received image data parcels to a display memory. The parcel rendering system provides the parcel request subsystem with the image parcel request of the assigned priority.Type: ApplicationFiled: December 24, 2001Publication date: August 29, 2002Inventors: Isaac Levanon, Yoni Lavi
-
Publication number: 20020120753Abstract: Large-scale images are retrieved over network communications channels for display on a client device by selecting an update image parcel relative to an operator controlled image viewpoint to display via the client device. A request is prepared for the update image parcel and associated with a request queue for subsequent issuance over a communications channel. The update image parcel is received from the communications channel and displayed as a discrete portion of the predetermined image. The update image parcel optimally has a fixed pixel array size, is received in a single network data packet, and is constrained to a resolution less than or equal to the resolution of the client device display.Type: ApplicationFiled: December 24, 2001Publication date: August 29, 2002Inventors: Isaac Levanon, Yoni Lavi