Search

Robert J Sussland

from San Francisco, CA
Age ~51
Get Report
Also known as:
Robert Jan Sussland
Phone and address:
919 Sutter St APT 9, San Francisco, CA 94109
Related to:
Zdenek SusslandKarolina Vera Sussland, 53Marie Sussland, 76
Connected to:
Eugene Sussli, 84Abby J Sussman, 94Adelle A Sussmann, 42Amy Sussman, 42Audrey J Sussman, 103Beverly Sussman, 86Carole M Sussman, 75Caroline Sussman, 104David E Sussmann, 39Jamey F Sussman, 48

Robert Sussland Phones & Addresses

  • 919 Sutter St APT 9, San Francisco, CA 94109
  • 365 29Th St, San Francisco, CA 94101 (415) 648-4165
  • Oakland, CA
  • Mountain View, CA
  • Phoenix, AZ
  • Palo Alto, CA
  • 365 29Th St APT 1, San Francisco, CA 94131

Work

Position: Clerical/White Collar

Education

Degree: Associate degree or higher

Resumes

Resumes

Robert Sussland Photo 1

Principal Product Security Engineer

View page
Location:
919 Sutter St, San Francisco, CA 94109
Industry:
Information Technology And Services
Work:
Salesforce
Principal Product Security Engineer
Netapp Jun 2005 - Feb 2009
Senior Engineer
Decru Aug 2002 - Jun 2005
Security Analyst
Decru Aug 2001 - Aug 2002
Intern
Education:
Stanford University 1997 - 2000
Arizona State University
Bachelors, Bachelor of Science, Mathematics
Skills:
Data Security
Cryptography
Computer Security
Encryption
Security
Web Application Security
Security Audits
System Architecture
Security Policy
Linux
Saas
Disaster Recovery
Cloud Computing
Unix
Perl
Network Security
Penetration Testing
Product Management
Embedded Systems
Strategy
Software Engineering
Shell Scripting
Vulnerability Assessment
Tcp/Ip
Software Documentation
Freebsd
Storage
Interests:
Mathematics
Physics
Dynamic Macro Economic Modelling
Chess
Photography
Hiking
History
Languages:
English
Robert Sussland Photo 2

Security Engineer, With Focus On Cryptography, Key Management, Web Security

View page
Position:
Product Security Engineer at Salesforce.com
Location:
San Francisco Bay Area
Industry:
Information Technology and Services
Work:
Salesforce.com - San Francisco since 2011
Product Security Engineer
NetApp/Decru Jun 2005 - Feb 2009
Senior Engineer
Decru Aug 2002 - Jun 2005
Security Analyst
Decru Aug 2001 - Aug 2002
Intern
self-employed, algorithms Jun 2000 - Aug 2001
consultant
Education:
Stanford University 1997 - 2000
Arizona State University
Skills:
Web Application Security
Cryptography
Data Security
Interests:
physics, mathematics, dynamic macro-economic modelling, history, chess, hiking, photography
Honor & Awards:
While at NetApp, authored or co-authored 14 patents, 12 of which are pending.

Publications

Us Patents

System And Method For Establishing A Shared Secret Among Nodes Of A Security Appliance

View page
US Patent:
7958356, Jun 7, 2011
Filed:
Sep 29, 2006
Appl. No.:
11/540441
Inventors:
Ananthan Subramanian - Menlo Park CA, US
Robert Jan Sussland - San Francisco CA, US
Lawrence Wen-Hao Chang - San Francisco CA, US
Assignee:
NetApp, Inc. - Sunnyvale CA
International Classification:
H04L 9/32
H04L 9/00
H04L 9/08
H04L 9/12
US Classification:
713171, 713150, 713162, 713163, 713168, 713181, 713182, 380229, 380 28, 380 30, 380227, 380278, 380282
Abstract:
A system and method securely establishes a shared secret among nodes of a security appliance. The shared secret is established by distributing private keys among the nodes in accordance with a node ring protocol that uses a predetermined encryption algorithm to generate messages containing the keys. Briefly, each node is initially notified as to the number of nodes participating in the shared secret establishment. Each node generates a public-private key-pair, as well as a first message that includes the generated public key and an indication of the source of the generated public key (hereinafter “source generated public key”). The node then sends the first message to an adjacent node of the appliance. Upon receiving the first message, each node extracts the source generated public key from the message and stores the extracted information into a data structure of “partner” public keys. The protocol then continues with each node generating additional messages equal to the number of participating nodes minus one.

Method And Apparatus For Offline Cryptographic Key Establishment

View page
US Patent:
7971234, Jun 28, 2011
Filed:
Sep 15, 2006
Appl. No.:
11/532468
Inventors:
Robert Sussland - Redwood City CA, US
Lawrence Chang - Redwood City CA, US
Ananthan Subramanian - Redwood City CA, US
Joshua Silberman - Redwood City CA, US
Assignee:
NetApp, Inc. - Sunnyvale CA
International Classification:
G06F 15/16
US Classification:
726 5, 726 7, 713168
Abstract:
The invention provides an authentication scheme that allows networked devices to establish trust in connection with the exchange of keys pursuant to an asymmetrical cryptographic technique, such as Diffie-Hellman. The invention provides a technique, referred to as offline key establishment, that establishes a trust relationship between two networked devices that use Diffie-Helman. Offline key sharing provides for the exchange of authentication information using a separate channel which, in the preferred embodiment does not constitute an IP connection. Thus, while communications between networked devices may ultimately proceed via a network connection, trust between the networked devices is established via a separate, offline channel, such as a telephone call or email message. The use of offline key establishment allows for such features as one way key sharing; and addresses situations where one party to the exchange does not want to share all of his keys, but just one or two keys.

System And Method For Securely Initializing And Booting A Security Appliance

View page
US Patent:
8116455, Feb 14, 2012
Filed:
Sep 29, 2006
Appl. No.:
11/540300
Inventors:
Robert Jan Sussland - San Francisco CA, US
Ananthan Subramanian - Menlo Park CA, US
Lawrence Wen-Hao Chang - San Francisco CA, US
Assignee:
NetApp, Inc. - Sunnyvale CA
International Classification:
H04L 9/00
H04L 9/08
H04L 9/14
H04L 29/06
US Classification:
380277, 380 45, 380 44, 380278, 380282, 713171, 713168, 726 2, 726 16, 726 17, 726 20, 726 34
Abstract:
A system and method provides for secure initialization and booting of a security appliance. The security appliance cooperates with a “smart” system card to provide cryptographic information needed to boot the security appliance in accordance with a secure boot procedure. The initialization procedure commences once the security appliance detects the presence of the smart card. The smart card and an encryption processor perform an authentication and key exchange procedure to establish a secure communication channel between them. The system card then loads a twice wrapped master key from a configuration database and decrypts the master key using a key associated with the system card. The wrapped master key is then forwarded via the secure communication channel to the encryption processor, which decrypts the wrapped key using a key associated therewith and enters an operating state using the decrypted master key.

Distributed Management Of Crypto Module White Lists

View page
US Patent:
8196182, Jun 5, 2012
Filed:
Aug 21, 2008
Appl. No.:
12/195507
Inventors:
Robert J. Sussland - San Francisco CA, US
Joshua Oran Silberman - Sunnyvale CA, US
Ananthan Subramanian - Menlo Park CA, US
Lawrence Wen-Hao Chang - San Francisco CA, US
Assignee:
NetApp, Inc. - Sunnyvale CA
International Classification:
G06F 7/04
G06F 15/16
G06F 17/30
H04L 29/06
US Classification:
726 3, 380 44, 380283, 380286, 713155, 713157, 713161, 713168, 726 4, 726 18, 726 21, 726 27, 455518, 709223, 709224
Abstract:
An apparatus and method for managing the distribution and expansion of public keys held by a group or array of systems in white lists. The addition of a new system to the array entails a manual input to authorize the introduction of the new system to one trusted system in the array. After the introduction the new system is trusted by the one member and the white list of the one member is loaded into the white list of the new system. The new system then requests joining each of the other systems in the array. For each system in the array asked by the new system, the systems in the array ask if any other systems in the array already trust the new member. In response, a system of the array that trusts the new system responds by sending its white list (containing the public key of the new system) to the requesting system. Eventually the public key of the new system is in the white lists of all the systems in the array. In practice this trusts expansion occurs in the background with respect to running applications.

Method For Managing Cryptographic Information

View page
US Patent:
8213620, Jul 3, 2012
Filed:
Nov 17, 2008
Appl. No.:
12/272162
Inventors:
Robert J. Sussland - San Francisco CA, US
Ravi Kavuri - Inver Grove Heights MN, US
Gaurav Agarwal - Menlo Park CA, US
Assignee:
Netapp, Inc. - Sunnyvale CA
International Classification:
H04L 9/08
US Classification:
380278, 713160, 713193, 726 26
Abstract:
Method for distributing encryption keys stored by a centralized key manager, operationally coupled to a first encryption device and the second encryption device is provided. The first encryption device and the second encryption device may request the CKM to provide the stored encryption keys in different formats and each encryption device may use a different encryption format to encrypt information. If the encryption devices are authorized to receive the stored encryption keys, then the CKM prepares the requested keys in different formats and provides them to the encryption devices.

System And Method For Establishing A Shared Secret Among Nodes Of A Security Appliance

View page
US Patent:
8285993, Oct 9, 2012
Filed:
Apr 22, 2011
Appl. No.:
13/092371
Inventors:
Ananthan Subramanian - Menlo Park CA, US
Robert Jan Sussland - San Francisco CA, US
Lawrence Wen-Hao Chang - San Francisco CA, US
Assignee:
NetApp, Inc. - Sunnyvale CA
International Classification:
H04L 29/06
US Classification:
713171, 713150, 713162, 713163, 713168, 713181, 713182, 380229, 380 28, 380 30, 380277, 380278, 380282, 709223, 709224, 709225
Abstract:
A method for distributing a shared secret key among a plurality of nodes is described. Each node establishes a secret key, the number of nodes being more than two nodes. A node distributes by a ring protocol executing over computer network connections an encrypted version of the secret key of each node to other nodes of the plurality of nodes. Each node decrypts the secret keys of other nodes so that each node has the secret key of other nodes. Each node combines the secret keys of other nodes to form a shared secret key available to other nodes.

System And Method For Efficiently Deleting A File From Secure Storage Served By A Storage System

View page
US Patent:
8397083, Mar 12, 2013
Filed:
Aug 23, 2006
Appl. No.:
11/508430
Inventors:
Robert Jan Sussland - San Francisco CA, US
Lawrence Wen-Hao Chang - San Francisco CA, US
Ananthan Subramanian - Menlo Park CA, US
Assignee:
NetApp, Inc. - Sunnyvale CA
International Classification:
H04L 29/06
US Classification:
713193, 713189, 713190, 713191, 713192, 713194, 713160, 713161, 713162, 713163, 713164, 713165, 713166, 713167, 380277, 380278, 380279, 380280, 380282, 380283, 380284, 380285, 380286, 380 45, 380281, 726 2, 726 11, 726 12, 726 13, 726 14, 726 15
Abstract:
A system and method efficiently deletes a file from secure storage, i. e. , a cryptainer, served by a storage system. The cryptainer is configured to store a plurality of files, each of which stores an associated file key within a special metadata portion of the file. Notably, special metadata is created by a security appliance coupled to the storage system and attached to each file to thereby create two portions of the file: the special metadata portion and the main, “file data” portion. The security appliance then stores the file key within the specially-created metadata portion of the file. A cryptainer key is associated with the cryptainer. Each file key is used to encrypt the file data portion within its associated file and the cryptainer key is used to encrypt the part of the special metadata portion of each file. To delete the file from the cryptainer, the file key of the file is deleted and the special metadata portions of all other files stored in the cryptainer are re-keyed using a new cryptainer key. Thereafter, the “old” cryptainer key is deleted.

System And Method For Securely Replicating A Configuration Database Of A Security Appliance

View page
US Patent:
7865741, Jan 4, 2011
Filed:
Aug 23, 2006
Appl. No.:
11/508431
Inventors:
Robert Paul Wood - San Mateo CA, US
Robert Jan Sussland - San Francisco CA, US
Assignee:
NetApp, Inc. - Sunnyvale CA
International Classification:
G06F 11/30
US Classification:
713193, 380277, 380278, 380279, 380280, 380281, 380282, 380283, 380284, 380285, 380286, 380 44, 380 45, 380 46, 380 47, 713153, 713154, 726 2, 726 11, 726 12, 726 13, 726 14, 726 15, 709246, 709247, 709249
Abstract:
A system and method securely replicates a configuration database of a security appliance. Keys stored on an original configuration database of an original security appliance are organized as a novel key hierarchy. A replica or clone of the original security appliance may be constructed in accordance with a cloning technique of the invention. Construction of the cloned security appliance illustratively involves sharing of data between the appliances, as well as substantially replicating the key hierarchy on a cloned configuration database of the cloned appliance.
Control profile
Robert J Sussland from San Francisco, CA, age ~51 Get Report