公开(公告)号：US10430595B2

公开(公告)日：2019-10-01

申请号：US15273020

申请日：2016-09-22

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Ramamohan Chennamsetty ,  Charles K. Davis, III ,  Christopher R. Dotson ,  Charles S. Lingafelt

IPC: H04L9/00 ,  G06F21/62 ,  G06F21/51

Abstract: Embodiments for rendering content by a processor are provided. A request to render content is received. A rendering browser to render the content on a computing device is selected from a plurality of rendering browsers. The selecting of the rendering browser is based on security information associated with at least one of the content and the plurality of rendering browsers.

公开(公告)号：US20160092185A1

公开(公告)日：2016-03-31

申请号：US14502293

申请日：2014-09-30

Applicant: International Business Machines Corporation

Inventor： Derek W. Botti ,  Ramamohan Chennamsetty ,  Anji D. Greene ,  Charles S. Lingafelt ,  William H. Tworek

IPC: G06F9/445 ,  H04L29/06 ,  G06F9/44

CPC classification number: G06F8/60 ,  G06F8/71 ,  G06F11/008 ,  G06F11/3668 ,  G06F21/577 ,  G06Q10/06311 ,  G06Q10/0635 ,  H04L63/1433

Abstract: A system and method for deploying a software application to a hosting environment that considers the development environment, and bases any decision on data about the development environment to make a selection of hosting environment and/or operational attributes. The system and methods determines and attaches metadata describing the development environment to an application, then uses that metadata to select a deployment model, and to select an operational model. The method assigns a security risk score to a developed application which may be hosted in a virtual hosting environment or a physical hosting environment. The system and method considers security issues in its scoring and focuses on the security risk associated with an application that would be deployed. The method steps convey the application attributes, such as complexity, robustness, likelihood of operational issued, likelihood of compromise, etc. to the deployment and operating entities.

Abstract translation: 一种用于将软件应用程序部署到考虑开发环境的托管环境的系统和方法，并且基于关于开发环境的数据的任何决策来选择主机环境和/或操作属性。 系统和方法将描述开发环境的元数据确定并附加到应用程序，然后使用该元数据来选择部署模型，并选择操作模型。 该方法为可能托管在虚拟主机环境或物理主机环境中的开发应用分配安全风险分数。 系统和方法在其评分中考虑安全问题，并重点关注将部署的应用程序相关的安全风险。 方法步骤将部署和操作实体等应用程序的属性传达给应用程序的属性，例如复杂性，鲁棒性，操作发布的可能性，妥协的可能性等。

公开(公告)号：US20150363419A1

公开(公告)日：2015-12-17

申请号：US14307395

申请日：2014-06-17

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Ramamohan Chennamsetty ,  Blaine H. Dolph ,  Sandeep R. Patil ,  Riyazahamad M. Shiraguppi

IPC: G06F17/30

CPC classification number: G06F17/30156

Abstract: A file division and erasure code application executing in a controlling computational device generates data fragments and parity fragments of a file. Each of the generated data fragments and parity fragments are distributed in a different distributed computational device of a plurality of distributed computational devices, where distributing of a generated data fragment comprises determining whether any distributed computational device already stores a duplicate copy of the generated data fragment, and if any distributed computational device already stores the duplicate copy of the generated data fragment, placing the generated data fragment in the distributed computational device if no other data or parity fragment of the file has already been placed in the distributed computational device.

Abstract translation: 在控制计算设备中执行的文件分割和擦除代码应用产生文件的数据片段和奇偶片段。 生成的数据片段和奇偶校验片段中的每一个分布在多个分布式计算设备的不同的分布式计算设备中，其中生成的数据片段的分布包括确定任何分布式计算设备是否已经存储所生成的数据片段的副本， 并且如果任何分布式计算设备已经存储所生成的数据片段的副本，则如果没有文件的其他数据或奇偶片段已经被放置在分布式计算设备中，则将生成的数据片段放置在分布式计算设备中。

公开(公告)号：US20210288950A1

公开(公告)日：2021-09-16

申请号：US16818987

申请日：2020-03-13

Applicant: International Business Machines Corporation

Inventor： Cesar Augusto Rodriguez Bravo ,  Kevin Jimenez Mendez ,  Ramamohan Chennamsetty ,  Mauro Marzorati

IPC: H04L29/06

Abstract: Techniques are described with respect to facilitating password creation via a secure device in a defined corporate environment. An associated method includes receiving an authentication request associated with an authorized client of a client system in the defined corporate environment and initializing the secure device with respect to the client system responsive to validating the authentication request. The method further includes creating a password for the client system in compliance with policy criteria associated with the defined corporate environment, encrypting the password, and distributing the password via at least one predetermined technique. In an embodiment, the method further includes creating access control credentials for the client system in compliance with the policy criteria associated with the defined corporate environment.

公开(公告)号：US20170149834A1

公开(公告)日：2017-05-25

申请号：US15343420

申请日：2016-11-04

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Derek Botti ,  Ramamohan Chennamsetty ,  Anji Greene ,  Charles S. Lingafelt ,  William H. Tworek

IPC: H04L29/06

CPC classification number: H04L63/20 ,  H04L63/08 ,  H04L63/10 ,  H04L63/105 ,  H04L63/1433

Abstract: A computer establishes normal activity levels of a factor associated with an application, system, network, or computing environment. The computer receives rules prescribing the trust levels assigned to users or devices during normal and abnormal activity levels exhibited by the factor. The computer monitors the activity level exhibited by the factor and determines whether the activity is normal or abnormal. If the computer determines that the factor is exhibiting abnormal activity, the computer modifies the trust level of associated users and devices according to the rules. The computer continues to monitor the activity of the factor until the computer determines that normal activity levels of the factor have returned, at which point the computer modifies the trust level of associated users or devices according to the rules.

公开(公告)号：US09565196B1

公开(公告)日：2017-02-07

申请号：US15210969

申请日：2016-07-15

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Derek Botti ,  Ramamohan Chennamsetty ,  Anji Greene ,  Charles S. Lingafelt ,  William H. Tworek

IPC: H04L29/06

CPC classification number: H04L63/20 ,  H04L63/08 ,  H04L63/10 ,  H04L63/105 ,  H04L63/1433

Abstract: A computer establishes normal activity levels of a factor associated with an application, system, network, or computing environment. The computer receives rules prescribing the trust levels assigned to users or devices during normal and abnormal activity levels exhibited by the factor. The computer monitors the activity level exhibited by the factor and determines whether the activity is normal or abnormal. If the computer determines that the factor is exhibiting abnormal activity, the computer modifies the trust level of associated users and devices according to the rules. The computer continues to monitor the activity of the factor until the computer determines that normal activity levels of the factor have returned, at which point the computer modifies the trust level of associated users or devices according to the rules.

Abstract translation: 计算机建立与应用程序，系统，网络或计算环境相关联的因素的正常活动级别。 计算机接收规则，规定在因子所表现的正常和异常活动水平期间分配给用户或设备的信任级别。 计算机监控因子所表现的活动水平，并确定活动是否正常或异常。 如果计算机确定该因素表现出异常活动，则计算机根据规则修改关联用户和设备的信任级别。 计算机继续监视该因素的活动，直到计算机确定该因子的正常活动级别已返回为止，此时计算机根据规则修改关联用户或设备的信任级别。

公开(公告)号：US09426023B2

公开(公告)日：2016-08-23

申请号：US14454750

申请日：2014-08-08

Applicant: International Business Machines Corporation

Inventor： Ramamohan Chennamsetty ,  Vinit Jain ,  Nataraj Nagaratnam ,  Sandeep R. Patil ,  Riyazahamad M. Shiraguppi

IPC: H04L12/46 ,  H04L12/24 ,  H04L12/939 ,  H04L12/931 ,  H04L12/703

CPC classification number: H04L41/0672 ,  H04L12/4641 ,  H04L41/0668 ,  H04L41/0886 ,  H04L45/28 ,  H04L49/354 ,  H04L49/557 ,  H04L49/65 ,  H04L69/40

Abstract: According to one exemplary embodiment, a method for automatic network reconfiguration associated with a failover event is provided. The method may include instructing a file system to capture a plurality of attributes associated with a plurality of data following the failover event, whereby the plurality of attributes comprises a fileset identifier, a first gateway node identifier, and a second gateway node identifier. The method may include determining, based on the captured fileset identifier, a virtual local area network associated with the fileset, whereby the determined virtual area network includes at least one software defined network switch. The method may include reconfiguring the at least one software defined network switch to stop sending a plurality of network traffic to the first gateway node and to start sending the plurality of network traffic to the second gateway node, whereby the plurality of network traffic is associated with the fileset.

Abstract translation: 根据一个示例性实施例，提供了与故障转移事件相关联的用于自动网络重新配置的方法。 该方法可以包括指示文件系统在故障切换事件之后捕获与多个数据相关联的多个属性，由此多个属性包括文件集标识符，第一网关节点标识符和第二网关节点标识符。 该方法可以包括基于所捕获的文件集标识符来确定与文件集相关联的虚拟局域网，由此所确定的虚拟区域网络包括至少一个软件定义的网络交换机。 该方法可以包括重新配置至少一个软件定义的网络交换机以停止向第一网关节点发送多个网络业务，并且开始向第二网关节点发送多个网络业务，由此多个网络流量与 文件集。

公开(公告)号：US20160043894A1

公开(公告)日：2016-02-11

申请号：US14454750

申请日：2014-08-08

Applicant: International Business Machines Corporation

Inventor： Ramamohan Chennamsetty ,  Vinit Jain ,  Nataraj Nagaratnam ,  Sandeep R. Patil ,  Riyazahamad M. Shiraguppi

IPC: H04L12/24 ,  H04L12/703 ,  H04L12/939 ,  H04L12/46

CPC classification number: H04L41/0672 ,  H04L12/4641 ,  H04L41/0668 ,  H04L41/0886 ,  H04L45/28 ,  H04L49/354 ,  H04L49/557 ,  H04L49/65 ,  H04L69/40

Abstract: According to one exemplary embodiment, a method for automatic network reconfiguration associated with a failover event is provided. The method may include instructing a file system to capture a plurality of attributes associated with a plurality of data following the failover event, whereby the plurality of attributes comprises a fileset identifier, a first gateway node identifier, and a second gateway node identifier. The method may include determining, based on the captured fileset identifier, a virtual local area network associated with the fileset, whereby the determined virtual area network includes at least one software defined network switch. The method may include reconfiguring the at least one software defined network switch to stop sending a plurality of network traffic to the first gateway node and to start sending the plurality of network traffic to the second gateway node, whereby the plurality of network traffic is associated with the fileset.

Abstract translation: 根据一个示例性实施例，提供了与故障转移事件相关联的用于自动网络重新配置的方法。 该方法可以包括指示文件系统在故障切换事件之后捕获与多个数据相关联的多个属性，由此多个属性包括文件集标识符，第一网关节点标识符和第二网关节点标识符。 该方法可以包括基于所捕获的文件集标识符来确定与文件集相关联的虚拟局域网，由此所确定的虚拟区域网络包括至少一个软件定义的网络交换机。 该方法可以包括重新配置至少一个软件定义的网络交换机以停止向第一网关节点发送多个网络业务，并且开始向第二网关节点发送多个网络业务，由此多个网络流量与 文件集。

公开(公告)号：US20140201242A1

公开(公告)日：2014-07-17

申请号：US13741772

申请日：2013-01-15

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Senthil K. Bakthavachalam ,  Edward B. Boden ,  Ramamohan Chennamsetty

IPC: G06F17/30

CPC classification number: G06F21/604 ,  G06F17/3028 ,  G06F2221/2141

Abstract: A computer-implemented method for generating role-based authorizations includes collecting, by a processor, a plurality of permissions from an access control list, creating, by the processor, a plurality of content space specification files that includes the plurality of permissions from an access control list, processing, by the processor, the plurality of content space specification files to generate a plurality of access control list roles and outputting, by the processor, the plurality of access control list roles.

Abstract translation: 用于生成基于角色的授权的计算机实现的方法包括由处理器从访问控制列表收集多个许可，由处理器创建多个内容空间规范文件，所述多个内容空间规范文件包括来自访问的多个许可 控制列表，由处理器处理多个内容空间规范文件，以生成多个访问控制列表角色，并由处理器输出多个访问控制列表角色。

公开(公告)号：US10963580B2

公开(公告)日：2021-03-30

申请号：US16534951

申请日：2019-08-07

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Ramamohan Chennamsetty ,  Charles K. Davis, III ,  Christopher R. Dotson ,  Charles S. Lingafelt

IPC: H04L9/00 ,  G06F21/62 ,  G06F21/51

Abstract: Embodiments for rendering content by a processor are provided. A request to render content is received. A score is assigned to each of a plurality of rendering browsers based on a plurality of factors associated with the content and the plurality of rendering browsers, the score used in determining a selection of the rendering browser and weighted according to each of the plurality of factors which include: a security risk of the content, and language support, performance characteristics and a user preference of the plurality of rendering browsers. The selected rendering browser is automatically instantiated and the content is rendered by the selected rendering browser on the computing device.