Robert Eugene Carroll

Address:

4665 Temple Ct, Waldorf, MD 20602

VIN:

1FTRX12W77NA27607

Make:

FORD

Model:

F-150

Year:

2007

US Patent:

6839843, Jan 4, 2005

Filed:

Dec 10, 1999

Appl. No.:

09/459239

Inventors:

Hanid Bacha - Great Falls VA, US
Robert Bruce Carroll - Mount Kisco NY, US
Lev Nirlas - Thornhill, CA
Sung Wei Tchao - Toronto, CA

Assignee:

International Business Machines Corporation - Armonk NY

International Classification:

H04L 900

US Classification:

713176, 380258

Abstract:

When an electronic document is made available for review by other entities, it is often convenient to store the document in a repository or database managed by a third party. A system is provided in which the originator of the document is able to ensure the integrity and security of its document filed with a third party repository without having to trust the administrator of the repository. Both the document originator and the repository administrator have vault environments which are secure extensions of their respective work spaces. The vault of the document originator encrypts a document that it receives from the originator, prior to forwarding it on to the vault of the repository. On receipt of the encrypted document, the repository's vault signs the encrypted document itself before storing the document in the electronic repository and returns to the originator's vault proof of deposit of the encrypted document in the form of a copy of the signed encrypted document. An access control list identifying access ownership privileges for the document are also stored in the repository. Updates to the access control list are under the control of document originator, or another computer designated by the document originator.

US Patent:

6950943, Sep 27, 2005

Filed:

Dec 10, 1999

Appl. No.:

09/459240

Inventors:

Hamid Bacha - Great Falls VA, US
Robert Bruce Carroll - Mount Kisco NY, US
Lev Mirlas - Thornhill, CA
Sung Wei Tchao - Toronto, CA

Assignee:

International Business Machines Corporation - Armonk NY

International Classification:

H04L009/00
H04L009/32

US Classification:

713200, 713164, 713165, 713166, 713201

Abstract:

When an electronic document is made available for review by other entities, it is often convenient to store the document in a repository or database managed by a third party. A system is provided in which the originator of the document is able to ensure the integrity and security of its document filed with a third party repository without having to trust the administrator of the repository. Both the document originator and the repository administrator have vault environments which are secure extensions of their respective work spaces. The vault of the document originator encrypts a document that it receives from the originator, prior to forwarding it on to the vault of the repository. On receipt of the encrypted document, the repository's vault signs the encrypted document itself before storing the document in the electronic repository and returning to the originator's vault proof of deposit of the encrypted document. When a request is made to view the document, it is made from the vault of the requesting party (a secure extension of the requesting party's work space) to the repository's vault. The repository's vault retrieves a copy of the encrypted document which it forwards, along with the requestor's identity to the originator's vault.

US Patent:

20040193885, Sep 30, 2004

Filed:

Feb 3, 2004

Appl. No.:

10/771107

Inventors:

Mark Fisk - North Potomac MD, US
Robert Carroll - Mount Kisco NY, US
Hiroshi Maruyama - Tokyo, JP
Hatem Ghafir - Olney MD, US

Assignee:

International Business Machines Corporation - Armonk NY

International Classification:

H04L009/00

US Classification:

713/175000

Abstract:

A context manager supports creation, storage and retrieval of data to implement state maintenance in a vault process using “scoping” of multiple levels of storage. A user request is initiated by invoking an URL with embedded Application Domain and Instance Context. The URL request is processed by a Vault Supervisor to obtain a user ID and password to initiate a vault process running in a secure vault for the user. On vault process start up, access to the vault encryption/decryption keys are made available to the request. A global context file stored on disk is decrypted and read in to memory. If the global context file does not exist, a new global context file is created on disk. For each Application Domain, the application context is decrypted and read in to memory. If an application context file does not exist, a new application context file on disk is created based on the request. All Instance Context files are scanned to determine if they have expired. If they have expired, they are deleted from the disk. At this point, the vault process is in a steady state ready to process the user request. A dispatcher running in the vault responds to a user request after all posted data as well as CGI variables are available. The dispatcher parses the URL and determines the Application Domain as well as the Instance Context. If no previous Instance Context exists, the dispatcher generates a new random value for the new instance context. If the Instance Context does exist, the vault process will then attempt to load a “local variable pool” from memory or from disk. All CGI and post-data are stored in the local variable pool for the given Instance Context and Application domain. Any previous values will be overwritten so that any CGI or post-data needed across requests are stored in specific user variables. The dispatcher will then find an idle vault process thread to service the request. This thread will be instantiated with the Application Domain and the Instance Context. The context manager will process the thread and import the application function from disk after decryption. The local instance function will be imported from disk after decryption and loaded into the application function running in the vault process. After processing, a return code is generated by the application indicating whether the local instance should be retained for the next user request.