Ilya A Beyer

8286171, Oct 9, 2012

Jul 21, 2008

12/177043

Scott More - Tokyo, JP
Ilya Beyer - San Mateo CA, US

Workshare Technology, Inc. - San Francisco CA

G06F 9/46

718102, 718103, 707706

The present invention provides methods and systems to enable fast, efficient, and scalable means for fingerprinting textual information using word runs. The present system receives textual information and provides algorithms to convert the information into representative fingerprints. In one embodiment, the fingerprints are recorded in a repository to maintain a database of an organization's secure data. In another embodiment, textual information entered by a user is verified against the repository of fingerprints to prevent unauthorized disclosure of secure data. This invention provides approaches to allow derivative works (e. g. , different ordering of words, substitution of words with synonyms, etc. ) of the original information to be detected at the sentence level or even at the paragraph level. This invention also provides means for enhancing storage and resource efficiencies by providing approaches to optimize the number of fingerprints generated for the textual information.

8555080, Oct 8, 2013

Sep 11, 2008

12/209082

Scott More - Tokyo, JP
Ilya Beyer - San Mateo CA, US
Daniel Christopher John Sweeting - Hornchurch, GB

Workshare Technology, Inc. - San Francisco CA

G06F 21/00

713186, 726 30

The present invention provides methods and systems to protect an organization's secure information from unauthorized disclosure. The present system uses protect agents installed across various egress points (e. g. , email server, user's computer, etc. ) to monitor information disclosed by a user. The present system also provides the use of lightweight fingerprint databases (LFD) to maintain a database of fingerprints associated with the organization's secure data. In one embodiment, the LFD is stored locally at the site of each protect agent such that the organization's secure information can be protected even when a protect agent is disconnected from the network. Methods and systems to compress fingerprints to achieve the lightweight fingerprint databases are also provided. In one embodiment, a combined approach, utilizing both the local lightweight fingerprint database and a remote fingerprint server comprising registered fingerprints is used to achieve overall protection of the organization's secure information.

20100064372, Mar 11, 2010

Sep 11, 2008

12/209096

Scott More - Tokyo, JP
Ilya Beyer - San Mateo CA, US
Daniel Christopher John Sweeting - Hornchurch, GB

Workshare Technology, Inc. - San Francisco CA

G06F 21/24

726 26

The present invention provides methods and systems to protect an organization's secure information from unauthorized disclosure. The present system uses protect agents installed across various egress points (e.g., email server, user's computer, etc.) to monitor information disclosed by a user. The present system also provides the use of fingerprint servers to remotely maintain a database of fingerprints associated with the organization's secure data. In one embodiment, the protect agents transmit fingerprints associated with the user's information to the fingerprint server utilizing a local network or the public internet. The protect agents then receive a comparison analysis from the fingerprint servers and execute appropriate security action based on the analysis. In one embodiment, a combination of the local network and public internet is utilized to achieve remote agent lookups.

20100299727, Nov 25, 2010

Nov 18, 2009

12/621429

Scott More - Tokyo, JP
Ilya Beyer - San Mateo CA, US

Workshare Technology, Inc. - San Francisco CA

G06F 21/00
H04L 9/32

726 5, 726 30

A technique for efficiently preventing exact data words (“entities”) from unauthorized disclosure is disclosed. Protect agents installed at various egress points identify candidate entities from digital information desired to be disclosed by a user. The candidate entities are compared against registered entities stored in a lightweight entity database (LWED). If a candidate entity matches against a registered entity in the LWED, the protect agent initiates a security action. Alternately, the protect agent transmits the matching candidate entity to a global entity database (GED) server to receive additional confirmation on whether the candidate entity matches a registered entity. In some instances, the protect agent also receives (from the GED server) metadata information associated with the matching candidate entity. The protect agent utilizes the metadata information to initiate suitable security actions.

20130074198, Mar 21, 2013

Sep 14, 2012

13/620364

Scott MORE - San Francisco CA, US
Ilya Beyer - San Mateo CA, US

G06F 21/00

726 30

The present invention provides methods and systems to enable fast, efficient, and scalable means for fingerprinting textual information using word runs. The present system receives textual information and provides algorithms to convert the information into representative fingerprints. In one embodiment, the fingerprints are recorded in a repository to maintain a database of an organization's secure data. In another embodiment, textual information entered by a user is verified against the repository of fingerprints to prevent unauthorized disclosure of secure data. This invention provides approaches to allow derivative works (e.g., different ordering of words, substitution of words with synonyms, etc.) of the original information to be detected at the sentence level or even at the paragraph level. This invention also provides methods and systems for enhancing storage and resource efficiencies by providing approaches to optimize the number of fingerprints generated for the textual information.

20210400051, Dec 23, 2021

Sep 2, 2021

17/446751

- Mountain View CA, US
Choudhury Sarada Prasanna Nanda - Fremont CA, US
Ilya Beyer - Mill Valley CA, US
Maurilio Cometto - Redwood CIty CA, US

Google LLC - Mountain View CA

H04L 29/06
G06F 11/34
G06F 21/62

In one embodiment, a system includes a computing device providing a computing environment including a number of user accounts, where each of the user accounts is assigned specified privileges to execute particular commands or programs, receiving a request to temporarily escalate privileges for one of the user accounts during a specified duration, where the request includes an identifier of the user account, requested privileges, and the specified duration, granting the requested privileges for the specified duration in conjunction with specific restrictions on one or more prohibited activities that are normally permitted for user accounts with the requested privileges, monitoring, during the specified duration, for any indication that the user account has attempted a prohibited activity, detecting an indication that the user account attempted one of the prohibited activities, and initiating an automated remediation corresponding to the indication.

20210258208, Aug 19, 2021

Apr 14, 2021

17/230920

- Mountain View CA, US
Choudhury Sarada Prasanna Nanda - Fremont CA, US
Gururaj Pangal - Pleasanton CA, US
Maurilio Cornetta - Redwood City CA, US
Ilya Beyer - Mill Valley CA, US

Google LLC - Mountain View CA

H04L 12/24
G06F 9/50
G06F 21/62
G06F 9/455
H04L 29/06
G06F 8/61

In one embodiment, a system includes a computing device providing a computing environment including a number of user accounts, where each of the user accounts is assigned specified privileges to execute particular commands or programs, receiving a request to temporarily escalate privileges for one of the user accounts during a specified duration, where the request includes an identifier of the user account, requested privileges, and the specified duration, granting the requested privileges for the specified duration in conjunction with specific restrictions on one or more prohibited activities that are normally permitted for user accounts with the requested privileges, monitoring, 1 0 during the specified duration, for any indication that the user account has attempted a prohibited activity, detecting an indication that the user account attempted one of the prohibited activities, and initiating an automated remediation corresponding to the indication.

20200092166, Mar 19, 2020

Sep 19, 2018

16/135188

- Santa Clara CA, US
Choudhury Sarada Prasanna Nanda - Fremont CA, US
Ilya Beyer - Mill Valley CA, US
Gururaj Pangal - Pleasanton CA, US
Maurilio Cometto - Redwood City CA, US

H04L 12/24
G06F 9/50
G06F 21/62
G06F 9/455
H04L 29/06
G06F 8/61

In one embodiment, a method includes a method for provisioning private-cloud server nodes by receiving a request to provision a specified number of server nodes for a private cloud, wherein the request is associated with a user, identifying a plurality of server nodes including (a) the specified number of hypervisor server nodes from a first pool that comprises prepared hypervisor server nodes, each of which comprises a previously-installed hypervisor, and (b) a management server node from a second pool that comprises prepared management server nodes, each of which comprises a previously-installed hypervisor and one or more previously-installed management components, configuring the identified server nodes to use a network associated with the user, creating a private cloud that includes the identified server nodes, and providing, to the user, permission to access the identified server nodes.