1
Pau Chen Cheng, Shyh Wei Luan: System and method for policy-based inter-realm authentication within a distributed processing system. International Business Machines Corporation, Richard M Jenkens & Gilchrist P C Ludwin, August 6, 1996: US05544322 (303 worldwide citation)

A system and method for defining a platform-independent policy framework for authentication of principals to servers in another realm, within a distributed data processing system. The present invention may be implemented on top of the Kerberos protocol, or any trusted third party network authenticat ...


2
Pau Chen Cheng, Ajit Clarence D&apos Sa, Jian Hua Feng, Denise Marie Genty, Jacqueline Hegedus Wilson: Virtual private network with multiple tunnels associated with one group name. International Business Machines Corporation, Robert A Voigt Jr, Mark S Walker, Winstead Sechrest & Minick P C, November 23, 2004: US06823462 (61 worldwide citation)

A method, network system and computer program product for establishing a server node in a virtual private network with a single tunnel definition and a single security policy for a plurality of tunnels associated with a group name. In one embodiment, a method comprises the step of configuring a grou ...


3
Pau Chen Cheng, William Alton Fiveash, Vachaspathi Peter Kompella, Christiaan Blake Wenzel, Jacqueline Hegedus Wilson: Method and apparatus for automatic configuration for internet protocol security tunnels in a distributed data processing system. International Business Machines Corporation, Duke W Yee, Volel Emile, Stephen J Walder Jr, May 18, 2004: US06738909 (27 worldwide citation)

A method and apparatus for use in data processing system for selecting rules to filter data for a tunnel. A request is received to create a tunnel to another data processing system. A granularity of information about the data processing system is identified to form an identified granularity. The ide ...


4
Pau Chen Cheng, Shai Halevi, Trent Ray Jaeger, Paul Ashley Karger, Ronald Perez, Pankaj Rohatgi, Angela Marie Schuett, Michael Steiner, Grant M Wagner: System and method for fuzzy multi-level security. International Business Machines Corporation, Keusey Tutunjian & Bitetto P C, Joseph Jones, May 5, 2009: US07530110 (10 worldwide citation)

An access control system and method includes a risk index module which computes a risk index for a dimension contributing to risk. A boundary range defined for a parameter representing each risk index such that the parameter above the range is unacceptable, below the range is acceptable and in the r ...


5
Pau Chen Cheng, Shai Halevi, Trent Ray Jaeger, Paul Ashley Karger, Ronald Perez, Pankaj Rohatgi, Angela Marie Schuett, Michael Steiner, Grant M Wagner: Fuzzy multi-level security. International Business Machines Corporation, Tutunjian & Bitetto P C, Preston J Young Esq, December 27, 2011: US08087090 (6 worldwide citation)

An access control system and method includes a risk index module which computes a risk index for a dimension contributing to risk. A boundary range defined for a parameter representing each risk index such that the parameter above the range is unacceptable, below the range is acceptable and in the r ...


6
Suresh N Chari, Pau Chen Cheng, Kang Won Lee, Sambit Sahu, Anees A Shaikh: Method and apparatus for improving the resilience of content distribution networks to distributed denial of service attacks. International Business Machines Corporation, F Chau & Associates, November 16, 2010: US07836295 (4 worldwide citation)

Several deterrence mechanisms suitable for content distribution networks (CDN) are provided. These include a hash-based request routing scheme and a site allocation scheme. The hash-based request routing scheme provides a way to distinguish legitimate requests from bogus requests. Using this mechani ...


7
Suresh N Chari, Pau Chen Cheng, Lawrence Koved, Ian M Molloy, Youngja Park: Correlating cognitive biometrics for continuous identify verification. INTERNATIONAL BUSINESS MACHINES CORPORATION, Cantor Colburn, David Quinn, June 20, 2017: US09686275 (3 worldwide citation)

A technique is provided for continuous user authentication through real-time fusion and correlation of multiple factors. Monitored data is continuously obtained from a computer. The monitored data is related to user actions on the computer of a user. A server analyzes the monitored data of the compu ...


8
Kay Schwendimann Anderson, Pau Chen Cheng, Trenton Ray Jaeger, Zhen Liu, Anton Viktorovich Riabov, Pankaj Rohatgi, Angela Schuett Reninger, Grant Wagner: System and method for security planning with soft security constraints. International Business Machines Corporation, William J Stock, F Chau & Associates, March 6, 2012: US08132259 (3 worldwide citation)

A method for security planning with soft security constraints, include: receiving security-related requirements of a workflow to be developed using system inputs and processing components; and generating at least one proposed workflow according to the security-related requirements, wherein the at le ...


9
Kay Schwendimann Anderson, Pau Chen Cheng, Genady Ya Grabarnik, Paul Ashley Karger, Marc Lelarge, Zhen Liu, Anton Viktorovich Riabov, Pankaj Rohatgi, Angela Marie Schuett, Grant Wagner: System and method for security planning with hard security constraints. International Business Machines Corporation, F Chau & Associates, September 25, 2012: US08276192 (2 worldwide citation)

A method for security planning with hard security constraints includes: receiving security-related requirements of a network to be developed using system inputs and processing components; and generating the network according to the security-related requirements, wherein the network satisfies hard se ...


10
Kay S Anderson, Pau Chen Cheng, Mark D Feblowitz, Genady Grabarnik, Shai Halevi, Nagui Halim, Trent R Jaeger, Paul Ashley Karger, Zhen Liu, Ronald Perez, Anton V Riabov, Pankaj Rohatgi, Angela Marie Schuett, Michael Steiner, Grant M Wagner: Method of managing and mitigating security risks through planning. International Business Machines Corporation, Chau & Associates, November 9, 2010: US07832007 (2 worldwide citation)

An exemplary method is provided for managing and mitigating security risks through planning. A first security-related information of a requested product is received. A second security-related information of resources that are available for producing the requested product is received. A multi-stage p ...