Tatu Ylonen - Patents

Over the years I've been an inventor in a number of patents. Many of the covered technologies are used in devices most of us use every day, including smartphones, laptops, Internet telephony, etc. Some of these patents have resulted in multi-million dollar licensing deals for the companies that own them.

Artificial intelligence, language understanding, and knowledge representation

• US 8,712,759: Specializing disambiguation of a natural language expression
• US 8,666,923: Semantic network clustering influenced by index omissions
• US 8,660,974: Inference over semantic network with some links omitted from indexes
• US 8,504,355: Joint disambiguation of syntactic and semantic ambiguity
• US 8,285,664: Semantic network with selective indexing
• US 8,244,682: Saving snapshot of a knowledge base without blocking

Programming Languages/Runtimes for AI applications

• US 8,527,559: Garbage collector with concurrent flipping without read barrier and without verifying copying
• US 8,396,904: Utilizing information from garbage collector in serialization of large cyclic data structures
• US 8,280,866: Monitoring writes using thread-local write barrier buffers and soft synchronization
• US 7,987,214: Determining the address range of a subtree of a linearized tree
• US 7,952,500: Serialization of shared and cyclic data structures using compressed object encodings
• US 7,937,419: Garbage collection via multiobjects
• US 7,796,059: Fast approximate dynamic Huffman coding with periodic regeneration and precomputing

Cybersecurity (esp. SSH key management and VPNs)

• US 11,138,324: Secure communications between virtual computing instances
• US 10,880,314: Trust relationships in a computerized system
• US 10,880,295: Access control in a computer system
• US 10,812,530: Extracting information in a computer system
• US 10,708,307: Notifications in a computer system
• US 10,693,916: Restrictions on use of a key
• US 10,681,023: Self-service portal for provisioning passwordless access
• US 10,616,237: Trust relationships in a computerized system
• US 10,530,814: Managing authenticators in a computer system
• US 10,523,674: Access relationship in a computer system
• US 10,469,533: Controlling and auditing SFTP file transfers
• US 10,347,286: Displaying session audit logs
• US 10,227,632: Automated access, key, certificate, and credential management
• US 10,187,426: Provisioning systems for installing credentials
• US 10,171,508: Provisioning new virtual machine with credentials
• US 10,116,700: Installing configuration information on a host
• US 10,102,232: Storing structured information
• US 10,091,239: Auditing and policy control at SSH endpoints
• US 10,009,354: Trust relationships in a computerized system
• US 10,003,458: User key management for the secure shell (SSH)
• US 9,998,497: Managing relationships in a computer system
• US 9,832,177: Managing credentials in a computer system
• US 9,722,987: Access relationships in a computer system
• US 9,602,478: Trust relationships in a computerized system
• US 9,515,999: Automated access, key, certificate, and credential management
• US 9,319,396: Trust relationships in a computerized system
• US 8,566,920: Application gateway system and method for maintaining security in a packet-switched information network
• US 8,544,079: Method and arrangement for providing security through network address translations using tunneling and compensations
• US 8,365,273: Method and arrangement for providing security through network address translations using tunneling and compensations
• US 8,245,288: Method and arrangement for providing security through network address translations using tunneling and compensations
• US 8,127,348: Method and arrangement for providing security through network address translations using tunneling and compensations
• US 7,302,487: Security system for a data communications network
• US 6,957,346: Method and arrangement for providing security through network address translations using tunneling and compensations
• US 6,795,917: Method for packet authentication in the presence of network address translations and protocol conversions
• US 6,782,474: Network connectable device and method for its installation and configuration
• US 6,678,734: Method for intercepting network packets in a computing device
• US 6,438,612: Method and arrangement for secure tunneling of data between virtual routers
• US 6,253,321: Method and arrangement for implementing IPSEC policy management using filter code

Reliable UDP session maintenance (used in Telephony, 3G/4G networks, VPN, Windows, Facetime, Skype, etc.)

• US 9,071,578: Maintaining network address translations
• US 8,973,127: Communications across a network address translator
• US 8,973,126: Determining occurrence of a network address translation
• US 8,918,858: Communications across a network address translator
• US 8,914,873: Revealing address information in systems where network address translations occur
• US 8,914,872: Revealing occurrence of network address translations

Miscellaneous (spacecraft propulsion)

• US 8,550,404: Electric sail with voltage multipliers in tethers