Search

Shekhar S Kshirsagar

from San Jose, CA
Age ~52
Get Report
Also known as:
Shekhar J Kshirsagar, Sujata S Kshirsagar, Shekhar S Kahirsagar, Shekhar S Shirsagar, Shekhar S Kshirsaga, Shek Kshirsagar, She Kshirsagar, Shekhar Kshirsager, Shekhar S, Sujata Kajale
Phone and address:
1038 Alamitos Creek Dr, San Jose, CA 95120
(408) 268-1177
Related to:
Swagat Kajale, 42Sujata Kajale, 52Sanyukta Kajale, 47Swagat Kajale
Connected to:
Avinash S Kshirsagar, 72Nitin Kshirsagar, 44Todd M Kshonz, 51Jeanne A Ksiazak, 53Agnieszka Ksiazek, 38Katelyn R Ksiazek, 35Steven J Ksiazek, 66Jeffrey M Ksiazka, 50Susan C Ksicinski, 76David J Ksiezopolski, 66

Shekhar Kshirsagar Phones & Addresses

  • 1038 Alamitos Creek Dr, San Jose, CA 95120 (408) 268-1177
  • 4 Westgate Dr, Woburn, MA 01801 (781) 938-7229
  • 19608 Pruneridge Ave, Cupertino, CA 95014 (408) 517-0674
  • 36 Ivan St, Lexington, MA 02420 (781) 652-8354
  • 1001 Westford St, Lowell, MA 01851 (978) 459-8627
  • North Billerica, MA

Industries

Computer & Network Security

Resumes

Resumes

Shekhar Kshirsagar Photo 1

Shekhar Kshirsagar

View page
Location:
San Jose, CA
Industry:
Computer & Network Security

Publications

Us Patents

Concurrent Lock-Free Access To A Record By Write And Read Processes

View page
US Patent:
7315862, Jan 1, 2008
Filed:
Dec 20, 2002
Appl. No.:
10/327587
Inventors:
Richard Crump - Boston MA, US
Shekhar Kshirsagar - Lexington MA, US
Assignee:
Nortel Networks Limited - St. Laurent, Quebec
International Classification:
G06F 17/30
US Classification:
707100, 707 1, 707 3, 707 6, 707 8
Abstract:
Described are a system and method of providing simultaneous lock-free access by a write process and at least one read process to records. The records are organized according to a first search data structure and according to a second search data structure. When searching for a particular record, the search occurs along a search path determined by the first search data structure until a record is accessed that indicates that the first search data structure is in an intermediate state. The searching for the particular record then continues along a search path determined by the second search data structure in response to the record that indicates that the first search data structure is in an intermediate state.

Secure Creation And Management Of Device Ownership Keys

View page
US Patent:
8041960, Oct 18, 2011
Filed:
Apr 24, 2008
Appl. No.:
12/109273
Inventors:
Scott G. Kelly - Santa Clara CA, US
Shekhar Kshirsagar - San Jose CA, US
Assignee:
Aruba Networks, Inc. - Sunnyvale CA
International Classification:
H04L 9/32
US Classification:
713193
Abstract:
Secure creation and management of device ownership keys. TPM ownership keys are generated by cryptographically combining manufacturer information with device specific information. Ownership keys are established in the TPM containing device. The manufacturer retains necessary information to reconstruct the ownership key if needed.

Application-Specific Network-Layer Virtual Private Network Connections

View page
US Patent:
8095786, Jan 10, 2012
Filed:
Nov 9, 2006
Appl. No.:
11/558293
Inventors:
Shekhar Kshirsagar - San Jose CA, US
Christopher N. Thomas - Watsonville CA, US
Assignee:
Juniper Networks, Inc. - Sunnyvale CA
International Classification:
H04L 29/06
G06F 9/00
US Classification:
713152, 713151, 726 15
Abstract:
Techniques are described for providing secure communication of network traffic from specific applications operating on a client device to a server device using a network-layer virtual private network (VPN). For example, a module on a client device may intercept network traffic from an application executing on the client device. The module may then determine whether to send the application-layer data through a network-layer VPN tunnel from the client device to a gateway device. This network-layer VPN tunnel may be defined by a network address of a physical adapter of the client device and a network address of the VPN gateway. In other words, there may be no need for the interposition of a VPN proxy on the client device. The module makes this determination on an application-by-application basis. The client device then forwards the application-layer data through the VPN tunnel based on the determination.

Adaptive Transition Between Layer Three And Layer Four Network Tunnels

View page
US Patent:
8316226, Nov 20, 2012
Filed:
Sep 14, 2005
Appl. No.:
11/226501
Inventors:
Shekhar Kshirsagar - San Jose CA, US
James Wood - San Jose CA, US
David W. Young - San Francisco CA, US
Vamsi K. Anne - San Jose CA, US
Vadim Egorov - Palo Alto CA, US
Christopher N. Thomas - Watsonville CA, US
Assignee:
Juniper Networks, Inc. - Sunnyvale CA
International Classification:
H04L 29/06
G06F 15/16
US Classification:
713150, 713151, 726 3, 726 15
Abstract:
Adaptive failover occurs between a Layer Three (L3) based network tunnel and a Layer Four (L4) based network tunnel. An example of a L4 based network tunnel is a Secure Sockets Layer (SSL) tunnel and an example of a L3 based network tunnel is an Internet Protocol Security (IPSec) tunnel. SSL tunnels work through most firewalls and proxies, but may introduce latency and other performance problems. IPSec tunnels provide a more efficient performance, but may not work through some firewalls and proxies. The techniques include dynamically selecting a tunneling protocol in order to achieve a more efficient network tunnel performance when possible while maintaining consistent L3 connectivity from a variety of remote network environments.

Authorizing Remote Access Points

View page
US Patent:
8627423, Jan 7, 2014
Filed:
Apr 9, 2010
Appl. No.:
12/757771
Inventors:
Santashil PalChaudhuri - Mountain View CA, US
Anupam Wadhawan - Bangalore, IN
Shekhar Kshirsagar - San Jose CA, US
Manish Mehta - Santa Clara CA, US
Assignee:
Aruba Networks, Inc. - Sunnyvale CA
International Classification:
H04L 29/06
US Classification:
726 6, 713153
Abstract:
Authorizing remote access points for use in a network: After the remote access point is provisioned to communicate securely to a controller using its TCP/IP address provided by a user, the remote access point is put into an un-authorized state by the controller pending further authorization. The user is presented with a secure captive portal page authenticating the end-user. User's authentication credentials are verified by the controller. After the remote access point has been authorized, the controller marks it verified as a fully functional node, and saves this state. The remote access point is provisioned with the current provisioning parameters for the remote access point as configured by the IT administrator for the end user, so that each remote access point can have unique per-user configuration applied.

Secure Boot Rom Emulation

View page
US Patent:
20100131694, May 27, 2010
Filed:
Nov 26, 2008
Appl. No.:
12/324651
Inventors:
Scott G. Kelly - Santa Clara CA, US
Shekhar Kshirsagar - San Jose CA, US
Giridhara S. Gopalan - Los Gatos CA, US
International Classification:
G06F 12/00
G06F 13/00
US Classification:
711102, 711E12001, 711E12091
Abstract:
Secure boot ROM emulation with locking storage device. A locking storage device is provided by combining a nonvolatile memory device such as flash or EEPROM with one-shot locking logic which write enables at least a portion of the nonvolatile memory device upon power cycling of the overall digital device. This write enable is cleared during the stage 1 bootloader process, thus providing a protected update interval for updating a stage 2 bootloader once per power cycle.

Provisioning Remote Access Points

View page
US Patent:
20100313262, Dec 9, 2010
Filed:
Jun 3, 2009
Appl. No.:
12/477774
Inventors:
Manish Mehta - Santa Clara CA, US
Shekhar Kshirsagar - San Jose CA, US
Assignee:
ARUBA NETWORKS, INC. - Sunnyvale CA
International Classification:
G06F 21/20
H04W 84/02
H04L 9/00
G06F 1/24
G06F 9/44
H04L 9/32
US Classification:
726 12, 370338, 380255, 713100, 717171, 713176
Abstract:
Provisioning remote access points for use in a telecommunication network. A remote access point contains identity information established during manufacturing; this identity information may be in the nature of a digital certificate. The identity information is stored in the remote access point, and may be stored in a Trusted Platform Module if present. When the remote access node is powered up in unprovisioned state, outside the manufacturing environment, it attempts to establish an internet connection via a first wired interface, and queries a user for information representing the TCP/IP address of its controller via a second wired interface. Once an internet connection is present, and a TCP/IP address has been provided, the remote access point attempts to connect to the controller at that address. The controller may filter connection requests through a whitelist of approved remote access points. Once a connection is established, controller and access point exchange and verify each other's identities. This may be done through the exchange and verification of digital certificates. Provisioning information is downloaded from controller to remote access point and installed. This may be done via a tunnel such as an encrypted tunnel. Software updates may be applied. The provisioned remote access point is placed in operation.

Enrollment Agent For Automated Certificate Enrollment

View page
US Patent:
20110029771, Feb 3, 2011
Filed:
Jul 28, 2009
Appl. No.:
12/510725
Inventors:
Manish Mehta - Santa Clara CA, US
Shekhar Kshirsagar - San Jose CA, US
Assignee:
ARUBA NETWORKS, INC. - Sunnyvale CA
International Classification:
H04L 9/00
US Classification:
713156
Abstract:
Automated generation of certificates from a Certificate Authority through the use of an Enrollment Agent. Devices needing certificates generate the necessary keys and package public key information with other identifying information about the device and send this information to an Enrollment Agent. The Enrollment Agent takes this information and submits it on behalf of the device to a Certificate Authority, managing the interaction with the Certificate Authority on behalf of the device. The Certificate Authority signs the request, returning a certificate to the Enrollment Agent. The Enrollment Agent packages the certificate along with the other certificates needed to establish a chain of trust and returns these to the device. Certificates may be stored in the device in flash memory. The process is secure as long as the communications path between the devices and the Enrollment Agent is secure; a secure VPN or HTTPS: connection allows the devices and the Enrollment Agent to be in separate locations.
Control profile
Shekhar S Kshirsagar from San Jose, CA, age ~52 Get Report