Search

Glenn T Faden

from Berkeley, CA
Age ~76
Get Report
Also known as:
Glenn Terry Faden, Glenn I Faden, Faden Glenn
Related to:
Joseph R Hernandez, 41Lucia CastroJohanna C Castro, 45Pablo CastroMagaly Castro, 62Melissa Castro, 42
Connected to:
Israel E Faden, 62Mary J Faden, 71Ryan Faden, 43Stephen S Faden, 84Gail R Fadenrecht, 68Brian A Fader, 66Bruce E Fader, 78Charles A Fader, 68Christopher M Fader, 35Craig L Fader, 77

Glenn Faden Phones & Addresses

  • Berkeley, CA
  • Emeryville, CA
  • 60 Las Casas Dr, San Rafael, CA 94901 (415) 456-2946 (415) 505-0281 (415) 883-9416
  • 4 Miramar Ave, San Rafael, CA 94901 (415) 456-2946
  • 203 Blithedale Ave, Mill Valley, CA 94941 (415) 456-2946
  • 203 E Blithedale Ave #D, Mill Valley, CA 94941 (415) 456-2946
  • 7872 Sailboat Key Blvd, Saint Petersburg, FL 33707 (727) 360-1251
  • South Pasadena, FL
  • Fremont, CA
  • Marina, CA
  • Novato, CA
  • Pittsford, NY
  • 60 Las Casas Dr, San Rafael, CA 94901 (415) 456-2946

Work

Position: Professional/Technical

Education

Degree: Graduate or professional degree

Emails

h***[email protected]

Public records

Vehicle Records

Glenn Faden

View page
Address:
60 Las Casas Dr, San Rafael, CA 94901
Phone:
(415) 456-2946
VIN:
JTHBF5C22C5173090
Make:
LEXUS
Model:
IS 250
Year:
2012

Resumes

Resumes

Glenn Faden Photo 1

Glenn Faden

View page
Location:
San Francisco Bay Area
Industry:
Computer Software

Publications

Us Patents

Mechanism For Implementing File Access Control Across A Network Using Labeled Containers

View page
US Patent:
7882227, Feb 1, 2011
Filed:
Mar 14, 2006
Appl. No.:
11/376691
Inventors:
Glenn T. Faden - San Rafael CA, US
Assignee:
Oracle America, Inc. - Redwood City CA
International Classification:
G06F 15/16
G06F 15/167
G06F 15/177
G06F 21/00
G06F 11/30
G06F 7/04
H04L 9/32
US Classification:
709225, 709201, 709203, 709213, 709220, 713182, 713176, 713193, 726 21
Abstract:
A mechanism is disclosed for enabling labeled containers on different host machines to share file system portions. Before a process in a first container on a first host machine is allowed to access a file in a file system contained within a second container on a second host machine, a check is performed to determine whether a first sensitivity label associated with the first container is either identical to or dominates a second sensitivity label associated with the second container. If either is true, access to the file is granted. If the first sensitivity label is neither identical to nor dominates the second sensitivity label, access to the file is denied. By controlling access in this way, it is ensured that only containers with identical or higher sensitivity labels will be allowed to access the file. This in turn allows files to be shared by multiple containers without compromising security.

Mechanism For Implementing File Access Control Using Labeled Containers

View page
US Patent:
7885975, Feb 8, 2011
Filed:
Feb 23, 2006
Appl. No.:
11/361437
Inventors:
Glenn T. Faden - San Rafael CA, US
Assignee:
Oracle America, Inc. - Redwood City CA
International Classification:
G06F 7/00
G06F 17/30
US Classification:
707786
Abstract:
A mechanism is disclosed for implementing file access control using labeled containers. With this mechanism, it is possible to implement file access control without storing a sensitivity label with each file, and without checking a sensitivity label each time a file is accessed. Rather, by virtue of the manner in which the containers are labeled, and the manner in which a portion of the file system of one container is incorporated into the file system of another container, file access is effectively controlled. Thus, with this mechanism, it is possible to implement file access control simply and efficiently.

Mechanism For Enabling A Network Address To Be Shared By Multiple Labeled Containers

View page
US Patent:
20070208873, Sep 6, 2007
Filed:
Mar 2, 2006
Appl. No.:
11/367875
Inventors:
Jarrett Lu - San Jose CA, US
James Carlson - North Andover MA, US
Glenn Faden - San Rafael CA, US
International Classification:
G06F 15/173
US Classification:
709238000
Abstract:
A mechanism is disclosed for enabling a network address to be shared by multiple containers. By allowing multiple containers to share a network address, a limit on network addresses does not limit the number of containers that can be implemented. Despite the fact that the network address is shared by multiple containers, the uniqueness and isolation of each container is still maintained. In one implementation, this is achieved by associating a unique label with each container. With this unique label, it is possible to forward a packet destined for the shared network address to a specific container despite the fact that multiple containers share the same network address. Thus, with this mechanism, it is possible to achieve container isolation and uniqueness without limiting container scalability.

Secure Windowing For Labeled Containers

View page
US Patent:
20070245030, Oct 18, 2007
Filed:
Feb 23, 2006
Appl. No.:
11/361141
Inventors:
Lokanath Das - San Jose CA, US
Glenn Faden - San Rafael CA, US
International Classification:
H04L 9/32
G06F 15/16
US Classification:
709229000
Abstract:
A secure windowing service is disclosed. When the windowing service receives an indication that a second client (executing in a second container) wishes to be given access to a set of windowing information provided by a first client (executing in a first container), the windowing service determines, based upon sensitivity labels associated with the first and second containers, whether the second client should be given access to the windowing information provided by the first client. By making this determination, the windowing service in effect implements information access control. This information access control helps to ensure that windowing information is not improperly passed from container to container.

Method And System For Implementing A Multilevel File System In A Virtualized Environment

View page
US Patent:
20140046986, Feb 13, 2014
Filed:
Aug 9, 2012
Appl. No.:
13/570825
Inventors:
Richard E. Aleshire - San Jose CA, US
Glenn T. Faden - San Rafael CA, US
Assignee:
ORACLE INTERNATIONAL CORPORATION - Redwood Shores CA
International Classification:
G06F 17/30
US Classification:
707822, 707E1701
Abstract:
A global zone executing on a host OS that includes a multilevel filesystem (MLFS) associated with a label range, where the MLFS includes files and directories, where each of the files is associated with its own label and where each of the directories is associated with its own label. The global zone further includes a first non-global zone, where the MLFS is mounted in the first non-global zone as a first loopback file system. The host OS is configured to receive, from a process executing on the host OS, a request to access a first file in the MLFS, make a first determination that a process label dominates a first file label, based on the first determination, make a second determination that the first file label is equal to the process label, and in response to the second determination, provide read and write access to the first file.

Method And System For Implementing Primary And Secondary Zones In A Virtualized Environment

View page
US Patent:
20140047225, Feb 13, 2014
Filed:
Aug 9, 2012
Appl. No.:
13/570900
Inventors:
Glenn T. Faden - San Rafael CA, US
Assignee:
ORACLE INTERNATIONAL CORPORATION - Redwood Shores CA
International Classification:
G06F 9/00
US Classification:
713 1
Abstract:
A system including a processor and a host operating system (OS) executing on the processor. The Host OS including a global zone, a first primary non-global (NG) zone associated with a first label and a first internet protocol (IP) address, where the first primary NG zone is accessible by a desktop layer of the system. The Host OS further including a second primary NG zone associated with a second label and the first IP address, wherein the second primary NG zone is accessible by the desktop layer of system. The global zone is configured to receive a first request to create a secondary NG zone with the first label, and in response to the first request, create the secondary NG zone associated with the first label and a second IP address, where the secondary NG zone is not accessible by the desktop layer of the system.

Policy Abstraction Mechanism

View page
US Patent:
7185210, Feb 27, 2007
Filed:
Jun 24, 1996
Appl. No.:
08/668892
Inventors:
Glenn Faden - Novato CA, US
Assignee:
Sun Microsystems, Inc. - Santa Clara CA
International Classification:
G06F 9/44
US Classification:
713200, 713201, 713202, 718100
Abstract:
A secure operating system is disclosed in which all code implementing security functionality resides in a security module separate from the operating system code. Calls involving security functions are made using a format or interface which is standardized for all systems. Such a call identifies, inter alia the response and the access mode which are used to identify a call in a two dimensional table which contains a pointer to the needed security functions. In the way security functions are separately compilable and security solving changes can be made by linking in a new security module. Maintenance of security code is separated from maintenance of the underlying operating system.

Operating-System-Level Isolation Of Multi-Tenant Applications

View page
US Patent:
20170111365, Apr 20, 2017
Filed:
Feb 2, 2016
Appl. No.:
15/013268
Inventors:
- Redwood Shores CA, US
Yixiao Shen - San Ramon CA, US
Glenn Faden - San Rafael CA, US
International Classification:
H04L 29/06
G06F 17/30
Abstract:
Implementations of PDB Sandboxing in layers and mapping to different operating systems are described. In exemplary implementations, one or more pluggable databases (PDBs) are encapsulated on common container databases to form one or more PDB sandboxes. Encapsulating PDBs forms an isolation boundary layer configured to dynamically regulate security and isolation of the PDB sandboxes. Access by processes and resources to and from the PDBs inside respective PDB sandboxes through the isolation boundary layer, and access within PDB sandboxes, is regulated using dynamic access processes that dynamically vary access to resources and process disposed within and external to the PDB sandboxes.
Control profile
Glenn T Faden from Berkeley, CA, age ~76 Get Report