Garry J Sullivan

US Patent:

8261328, Sep 4, 2012

Filed:

Aug 14, 2008

Appl. No.:

12/191509

Inventors:

David Christopher Hinkemeyer - Clear Lake MN, US
Daniel P Kolz - Rochester MN, US
Taylor L Schreck - Rochester MN, US
Garry J Sullivan - Rochester MN, US
Rainieri Ventura - Rochester MN, US

Assignee:

International Business Machines Corporation - Armonk NY

International Classification:

H04L 29/06

US Classification:

726 4, 726 3, 726 21, 726 22, 726 25

Abstract:

A method for using shared vulnerability to provide trusted communication services between systems is disclosed. For example, a server may deny access to a service which renders it vulnerable to an untrusted client unless access to a useful vulnerability is received from the client. That is, the server may trust the client because any misuse by the client may result in the server exploiting the shared vulnerability. A system may request access to a service on another system to perform some transaction. Upon receiving this request, the server may determine a vulnerability of the client useful in deterring or stopping unwanted actions. The server may request access to this vulnerability. Once this vulnerability has been granted to the server, the server may then grant access to the requested service to the client.

US Patent:

8582778, Nov 12, 2013

Filed:

Jun 1, 2011

Appl. No.:

13/150420

Inventors:

Edward W. Chencinski - Poughkeepsie NY, US
James R. Coon - Rochester MN, US
John C. Dayka - New Paltz NY, US
Steven G. Glassen - Wallkill NY, US
Richard J. Gusefski - Endicott NY, US
Michael J. Jordan - Woodstock NY, US
Marco Kraemer - Sindelfingen, DE
Thomas B. Mathias - Vestal NY, US
Peter K. Szwed - Rhinebeck NY, US
Garry J. Sullivan - Rochester MN, US
Klaus Werner - Moetzingen, DE

Assignee:

International Business Machines Corporation - Armonk NY

International Classification:

G06F 21/00

US Classification:

380278, 726 9, 713284

Abstract:

A computer program product for integrated key serving is provided. The computer program product includes a tangible storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for performing a method. The method includes using a smart card of two or more smart cards with a support element of two or more support elements to create an encryption key and storing the encryption key in an encrypted file that can only be decrypted by the smart card and the support element used to create the encryption key.

US Patent:

20080034402, Feb 7, 2008

Filed:

Aug 7, 2006

Appl. No.:

11/462796

Inventors:

Patrick S. Botz - Rochester MN, US
Daniel P. Kolz - Rochester MN, US
Garry J. Sullivan - Rochester MN, US

Assignee:

INTERNATIONAL BUSINESS MACHINES CORPORATION - Armonk NY

International Classification:

H04L 9/00

US Classification:

726 1

Abstract:

A method, system, and computer program product for implementing policy-based security control functions is provided. The method includes constructing an organizational domain specifying business assets to be secured and the actors in specific roles requiring access to the business assets. The method also includes constructing a control policy domain including system setting attributes and access control policies for a computer system, the access control policies specifying permissions-based access to specified types of data based upon actor and purpose of use criteria. The method further includes mapping user identifiers to corresponding actors and mapping system artifacts in the computer system or subsystem to business assets defined in the organizational domain to which an access control policy is to be applied. The method also includes applying the access control policies to the system.

US Patent:

20080111677, May 15, 2008

Filed:

Nov 9, 2006

Appl. No.:

11/558001

Inventors:

Daniel Paul Kolz - Rochester MN, US
Garry Joseph Sullivan - Rochester MN, US

International Classification:

G08B 1/08

US Classification:

34053911

Abstract:

An alarm system for certain hearing impaired individuals having implanted hearing assistive devices contains a device for detecting an alarm condition, and a transmitter which is tuned to a resonant frequency of an implanted passive energy portion of a cochlear implant or similar device. Upon detection of an alarm condition, the transmitter transmits an alarm signal at the resonant frequency, causing the implanted device to resonate even in the absence of the externally worn hearing assistive portion. Resonance is perceived by the hearing impaired individual as a buzzing or other abnormal noise, alerting the individual to the alarm condition.

US Patent:

20080172720, Jul 17, 2008

Filed:

Jan 15, 2007

Appl. No.:

11/623194

Inventors:

Patrick S. Botz - Rochester MN, US
Daniel P. Kolz - Rochester MN, US
Garry J. Sullivan - Rochester MN, US

International Classification:

G06F 21/20

US Classification:

726 3

Abstract:

Methods, apparatus, and products for administering access permissions for computer resources that include: establishing, for active access permissions for a computer resource for a user, proposed alternative access permissions for the computer resource for the user; receiving, in an access control module of an operating system from the user, a request for access to the resource; determining, by the access control module, whether to grant access to the resource for the request in accordance with the active access permissions for the computer resource for the user; determining, by the access control module, whether access would have been granted for the request in accordance with the proposed alternative access permissions for the resource for the user; and recording, by the access control module, the result of the determination whether access would have been granted.

US Patent:

20230081068, Mar 16, 2023

Filed:

Sep 10, 2021

Appl. No.:

17/447315

Inventors:

- Armonk NY, US
Marco Pavone - Ehningen, DE
Clifford Lee Hansen - Rochester MN, US
Garry Joseph Sullivan - Rochester MN, US
Ross Martin Heninger - Selma NC, US

International Classification:

H04L 9/08
H04L 9/30
H04L 9/32

Abstract:

An approach is provided for distributing a root key to a hardware security module (HSM) of an HSM cluster. A signed first command is transmitted to a source HSM to create a master key. A fingerprint of the master key is received in a response signed by the source HSM using a module signing key hardcoded into the source HSM at manufacturing time. A second command is transmitted to a first HSM to generate an importer key pair. A request is transmitted to the source HSM to create and export a wrapped master key. The master key wrapped with a transport key is received. The wrapped master key is transmitted to the first HSM. The master key is activated in the first HSM.

US Patent:

20200177374, Jun 4, 2020

Filed:

Feb 6, 2020

Appl. No.:

16/783279

Inventors:

- Armonk NY, US
Michael J. Miele - Concord NC, US
Garry J. Sullivan - Rochester MN, US

International Classification:

H04L 9/08
H04L 29/06

Abstract:

The solutions disclosed enable security credentials to be shared between two entities. Embodiments of the present invention can be used to facilitate the transfer security credentials associated with a first level of permission of a first entity to a second entity that does not have the security credentials associated with the first level of permission in response to receiving a request to share security credentials between two entities.

US Patent:

20180152292, May 31, 2018

Filed:

Feb 19, 2018

Appl. No.:

15/898955

Inventors:

- Armonk NY, US
Michael J. Miele - Concord NC, US
Garry J. Sullivan - Rochester MN, US

International Classification:

H04L 9/08
H04L 9/14
H04L 29/06

Abstract:

The solutions disclosed enable security credentials to be shared between two entities. Embodiments of the present invention can be used to facilitate the transfer security credentials associated with a first level of permission of a first entity to a second entity that does not have the security credentials associated with the first level of permission in response to receiving a request to share security credentials between two entities.