Brian Bowman

Brian Bowman

Raleigh-Durham-Chapel Hill Area
3K followers 500+ connections

About

Veteran I/O, Storage, Distributed Systems and Database Engineer. Retired after 40 years…

Contributions

Activity

Experience

  • BbowJazz

    United States

  • -

    Raleigh-Durham-Chapel Hill Area

  • -

    Cary, North Carolina, United States

  • -

    Raleigh-Durham, North Carolina Area

  • -

    Raleigh-Durham, North Carolina Area

  • -

    Raleigh-Durham, North Carolina Area

  • -

    Raleigh-Durham, North Carolina Area

  • -

    Greater St. Louis Area

  • -

    Greater St. Louis Area

Education

  • Washington University in St. Louis Graphic

    Washington University in St. Louis

    -

    Took evening classes at the University College and also professional seminars at the Center for the Study of Systems and Data Processing

    Studied IBM mainframe operating systems (MVS), machine architecture and internals, advanced IBM assembly language, database theory and architectures, and computer performance modeling.

  • -

    Activities and Societies: Jazz Band

    Studied fundamentals of computer programming and systems in BASIC, COBOL, SAS, and Assembler language. Learned operating system and database fundamentals. Programmed solutions to problems in operations research, modeling and queuing system simulations. Final project summarized the results of my database analytic modeling project while a coop student at Monsanto. Additional courses in accounting, economics, statistics, and operations research. Elective science courses in geology, ecology…

    Studied fundamentals of computer programming and systems in BASIC, COBOL, SAS, and Assembler language. Learned operating system and database fundamentals. Programmed solutions to problems in operations research, modeling and queuing system simulations. Final project summarized the results of my database analytic modeling project while a coop student at Monsanto. Additional courses in accounting, economics, statistics, and operations research. Elective science courses in geology, ecology, and cartography.

Licenses & Certifications

Volunteer Experience

  • Goodnight Scholars Program Graphic

    Professional Mentor

    Goodnight Scholars Program

    - 1 year

    Science and Technology

    Professional mentor for Computer Science undergraduate Goodnight Scholar at NCSU.

Publications

  • Supercharging Data Subsets in SAS® Viya® 3.3

    SAS Institute Inc.

    SAS Architecture paper describing the Cloud Analytic Services (CAS) Distributed Indexing facility which shipped with the SAS Viya 3.3 software release in late 2017.

    Brian Bowman is the primary designer and programmer of CAS Distributed Table Indexing.

    See publication
  • The Version 6 SAS® Data Library Architecture

    SAS Institute

    The MVS Data Library has been completely redesigned to support the I/O
    access features of the Version 6 SAS System and to improve the Host
    interface to MVS Data Management facilities. I/O device independence,
    multivolume Library support, and improved DASD space utilization and I/O
    performance are all provided by this architecture. The new Library
    structure is designed to be consistent with IBM's direction in System
    Managed Storage as well as providing a platform for future MVS…

    The MVS Data Library has been completely redesigned to support the I/O
    access features of the Version 6 SAS System and to improve the Host
    interface to MVS Data Management facilities. I/O device independence,
    multivolume Library support, and improved DASD space utilization and I/O
    performance are all provided by this architecture. The new Library
    structure is designed to be consistent with IBM's direction in System
    Managed Storage as well as providing a platform for future MVS SAS data
    management features.

    This paper will discuss the new architecture and provide examples of how it
    overcomes limitations in the existing MVS SAS Data Library implementation.

    See publication
  • Relative Track Addressing

    Technical Support Magzine

    An explanation of the assembly language math required to support disk geometry calculations on IBM's newly-released 3380 Storage Device.

    In 1989, this technical article received a "President's Award" from the publisher for "Outstanding Editorial Contribution".

Patents

  • Distributed columnar data set retrieval

    Issued 11347686

    An apparatus includes a processor to: instantiate data buffers of a queue, reading threads, and provision threads; within each reading thread, use an identifier provided in a data buffer of the queue to retrieve the corresponding data set part and part metadata from storage device(s), and store both within the data buffer; operate the queue as a (FIFO) buffer; within each provision thread, retrieve a row group from among multiple row groups and corresponding metadata from within the data…

    An apparatus includes a processor to: instantiate data buffers of a queue, reading threads, and provision threads; within each reading thread, use an identifier provided in a data buffer of the queue to retrieve the corresponding data set part and part metadata from storage device(s), and store both within the data buffer; operate the queue as a (FIFO) buffer; within each provision thread, retrieve a row group from among multiple row groups and corresponding metadata from within the data buffer, use information in the metadata to decompress at least one column, and provide the data values of the row group to the requesting device or an application routine; and in response to each instance of storage of a data set part within a data buffer of the queue, analyze the availability of storage space and/or of processing resources to determine whether to dynamically adjust the quantity of reading threads.

    Other inventors
    See patent
  • Distributed columnar data set subset retrieval

    Issued 11263175

    An apparatus includes a processor to: within each reading thread, retrieve a data set part and corresponding part metadata from storage device(s), analyze row group metadata for each row group within the data set part to identify candidate row group(s) meeting specified criteria, and store the candidate row group(s) and corresponding row group metadata within a data buffer of a queue; operate the queue as a FIFO buffer; within each provision thread, retrieve one of multiple row groups and…

    An apparatus includes a processor to: within each reading thread, retrieve a data set part and corresponding part metadata from storage device(s), analyze row group metadata for each row group within the data set part to identify candidate row group(s) meeting specified criteria, and store the candidate row group(s) and corresponding row group metadata within a data buffer of a queue; operate the queue as a FIFO buffer; within each provision thread, retrieve one of multiple row groups and corresponding metadata from within the data buffer, use information in the metadata to identify rows meeting the criteria, and provide those rows to the requesting device or an application; and in response to each instance of storage of a data set part within a data buffer of the queue, analyze the availability of storage space and/or of processing resources to determine whether to dynamically adjust the quantity of reading threads.

    Other inventors
    See patent
  • Distributed columnar data set and metadata storage

    Issued 10,990,564

    An apparatus includes a processor to: within each collection thread, assemble a row group from stored rows, generate row group metadata corresponding to the row group, and store the row group and row group metadata within a data buffer of a queue; operate the queue as a FIFO buffer; within each aggregation thread, retrieve multiple row groups and corresponding row group metadata from multiple data buffers of the queue, assemble a data set part from the multiple row groups, generate part…

    An apparatus includes a processor to: within each collection thread, assemble a row group from stored rows, generate row group metadata corresponding to the row group, and store the row group and row group metadata within a data buffer of a queue; operate the queue as a FIFO buffer; within each aggregation thread, retrieve multiple row groups and corresponding row group metadata from multiple data buffers of the queue, assemble a data set part from the multiple row groups, generate part metadata that includes the row group metadata, and transmit, to storage device(s) and/or a requesting device, the data set part and/or the part metadata; and in response to each retrieval of at least a row group from a data buffer of the queue for an aggregation thread, analyze availability of storage space within the node device to determine whether to dynamically adjust the quantity of data buffers.

    See patent
  • Distributed columnar data set storage

    Issued 10983957

    An apparatus includes a processor to: instantiate collection threads, data buffers of a queue, and aggregation threads; within each collection thread, assemble a row group from a subset of the multiple rows, reorganize the data values row-wise to columnar organization, and store the row group within a data buffer of the queue; operate the buffer queue as a FIFO buffer; within each aggregation thread, retrieve multiple row groups from multiple data buffers of the queue, assemble a data set part…

    An apparatus includes a processor to: instantiate collection threads, data buffers of a queue, and aggregation threads; within each collection thread, assemble a row group from a subset of the multiple rows, reorganize the data values row-wise to columnar organization, and store the row group within a data buffer of the queue; operate the buffer queue as a FIFO buffer; within each aggregation thread, retrieve multiple row groups from multiple data buffers of the queue, assemble a data set part from the multiple row groups, transmit, to storage device(s) via a network, the data set part; and in response to each instance of retrieval of a row group from a data buffer of the buffer queue for use within an aggregation thread, analyze a level of availability of at least storage space within the node device to determine whether to dynamically adjust the quantity of data buffers of the buffer queue.

    See patent
  • Distributed data storage grouping

    Issued 10789207

    An apparatus includes a processor component to: transmit node device identifiers to multiple node devices to define an ordering thereamong; following block exchanges redistributing the subsets among a reduced number of node devices, receive sizes of blocks or sub-blocks of data within each subset from the reduced number of node devices; based on the received sizes, generate map data organized to define an ordering among the blocks stemming from the ordering among the multiple node devices;…

    An apparatus includes a processor component to: transmit node device identifiers to multiple node devices to define an ordering thereamong; following block exchanges redistributing the subsets among a reduced number of node devices, receive sizes of blocks or sub-blocks of data within each subset from the reduced number of node devices; based on the received sizes, generate map data organized to define an ordering among the blocks stemming from the ordering among the multiple node devices; determine whether the total size of the map data and metadata, together, exceeds a minimum size for data transmissions to storage device(s); and in response to the total size exceeding the minimum size, form the map data and metadata into segment(s) that each fit the minimum size and a maximum size, and transmit the segment(s) at least partially in parallel with other segments of the blocks transmitted by the reduced number of node devices.

    Other inventors
    See patent
  • Distributed data set storage and retrieval (Sweden)

    Issued SE SE 541999

    Other inventors
    See patent
  • DISTRIBUTED DATA SET ENCRYPTION AND DECRYPTION (China)

    Issued CN 110710153A

    An apparatus includes a processor component of a first node device caused to receive data block encryption data and an indication of size of an encrypted data block distributed to the first node device for decryption, and in response to the data set being of encrypted data: receive an indication of the quantity of sub-blocks within the encrypted data block, and a hashed identifier for each data sub-block; use the data block encryption data to decrypt the encrypted data block to regenerate data…

    An apparatus includes a processor component of a first node device caused to receive data block encryption data and an indication of size of an encrypted data block distributed to the first node device for decryption, and in response to the data set being of encrypted data: receive an indication of the quantity of sub-blocks within the encrypted data block, and a hashed identifier for each data sub-block; use the data block encryption data to decrypt the encrypted data block to regenerate data set portions from the data sub-blocks; analyze the hashed identifier of each data sub-block to determine whether all data set portions are distributed to the first node device for processing; and in response to a determination that at least one data set portion is to be distributed to a second node device for processing, transmit the at least one data set portion to the second node device.

    See patent
  • Distributed Data Set Indexing (Europe)

    Issued US EP3449355A4

    An apparatus including a processor to receive search criteria including a data value for a search within a data field; in response to the receipt of the query instructions, and for each data cell within a super cell, perform the specified search by comparing the data value to ranges of values indicated in a corresponding cell index to determine whether the data cell includes a data record meeting the search criteria, and in response to a determination that the data cell includes such a data…

    An apparatus including a processor to receive search criteria including a data value for a search within a data field; in response to the receipt of the query instructions, and for each data cell within a super cell, perform the specified search by comparing the data value to ranges of values indicated in a corresponding cell index to determine whether the data cell includes a data record meeting the search criteria, and in response to a determination that the data cell includes such a data record, use a unique values index in the cell index to search the data records of the data cell to identify one or more data records meeting the search criteria; and in response to identifying at least one data record meeting the search criteria, provide an indication that at least the data cell includes at least one data record meeting the search criteria.

    Other inventors
    See patent
  • Distributed Data Storage Grouping

    Issued US 10,402,372

    Abstract
    An apparatus includes a processor component to receive a node device identifier defining an ordering among multiple node devices and among multiple blocks of data distributed among the multiple node devices, and transmit a size of a first subset of the multiple blocks stored within the node device to a control device. In response to receiving instructions to receive a second subset from another node device, perform operations including: receive and store the second subset; group the…

    Abstract
    An apparatus includes a processor component to receive a node device identifier defining an ordering among multiple node devices and among multiple blocks of data distributed among the multiple node devices, and transmit a size of a first subset of the multiple blocks stored within the node device to a control device. In response to receiving instructions to receive a second subset from another node device, perform operations including: receive and store the second subset; group the blocks of data of the first and second subsets into multiple segments in an order that corresponds to the ordering among the multiple blocks, wherein each segment is sized to fit minimum and maximum sizes for transmission to storage device(s); transmit the multiple segments to the storage device(s); and relay multiple segment identifiers from the storage device(s) to the control device in an order corresponding to the ordering among the multiple segments.

    Other inventors
    See patent
  • DISTRIBUTED DATA SET INDEXING (Canada)

    Issued CA CA 3040729

  • DISTRIBUTED DATA SET STORAGE AND RETRIEVAL (Canada)

    Issued CA CA 2981521

    Other inventors
    See patent
  • DISTRIBUTED DATA SET INDEXING (Canada)

    Issued CA CA 3026034

    Other inventors
    See patent
  • Distributed Data Storage Grouping

    Issued US 10311023

    An apparatus of includes a processor component to: transmit node device identifiers to multiple node devices to define an ordering thereamong and among subsets of multiple blocks of data distributed thereamong; receive sizes of the subsets from the multiple node devices; derive block exchanges among the multiple node device based on the sizes and a minimum size imposed on data transmissions to storage device(s); and transmit a block exchange vector that describes the block exchanges to the…

    An apparatus of includes a processor component to: transmit node device identifiers to multiple node devices to define an ordering thereamong and among subsets of multiple blocks of data distributed thereamong; receive sizes of the subsets from the multiple node devices; derive block exchanges among the multiple node device based on the sizes and a minimum size imposed on data transmissions to storage device(s); and transmit a block exchange vector that describes the block exchanges to the multiple node devices, wherein: the subsets remain distributed among a reduced number of the multiple node devices following the block exchanges; at least all node devices of the reduced number but one stores an amount of the blocks of data exceeding the minimum size; and the block exchanges are all lower-order to higher-order node device transfers, or all higher-order to lower-order node device transfers.

    Other inventors
    See patent
  • Distributed Data Set Indexing

    Issued US 10,303,670

    An apparatus including a processor to index data records within a data cell, wherein for each data record, the processor retrieves data values from first and second data fields; determines whether the first and second data fields store unique data values; in response to the first data field storing a unique data value, adds an identifier of the data record to a first unique values index, in response to the second data field storing a unique data value, adds the identifier to a second unique…

    An apparatus including a processor to index data records within a data cell, wherein for each data record, the processor retrieves data values from first and second data fields; determines whether the first and second data fields store unique data values; in response to the first data field storing a unique data value, adds an identifier of the data record to a first unique values index, in response to the second data field storing a unique data value, adds the identifier to a second unique values index, wherein identifiers of data records within the unique values indexes are ordered based on corresponding unique data values; and generates an indication of ranges of data values of the first and second data fields to enable a determination of whether a data value specified in search criteria is present within at least the data cell.

    See patent
  • DISTRIBUTED DATA SET INDEXING (China)

    Issued CN 109564568A

    An apparatus including a processor to receive search criteria including a data value for a search within a data field; in response to the receipt of the query instructions, and for each data cell within a super cell, perform the specified search by comparing the data value to ranges of values indicated in a corresponding cell index to determine whether the data cell includes a data record meetingthe search criteria, and in response to a determination that the data cell includes such a data…

    An apparatus including a processor to receive search criteria including a data value for a search within a data field; in response to the receipt of the query instructions, and for each data cell within a super cell, perform the specified search by comparing the data value to ranges of values indicated in a corresponding cell index to determine whether the data cell includes a data record meetingthe search criteria, and in response to a determination that the data cell includes such a data record, use a unique values index in the cell index to search the data records of the data cell to identify one or more data records meeting the search criteria; and in response to identifying at least one data record meeting the search criteria, provide an indication that at least the data cell includes at least one data record meeting the search criteria.

    Other inventors
    See patent
  • Distributed data set encryption and decryption

    Issued US 10,185,722

    An apparatus may include a processor component caused to: generate map entries in map data descriptive of encrypted data blocks within a data file; use first map block encryption data to encrypt a first map extension of the map data; transmit the encrypted first map extension for storage within the data file; store the first map block encryption data within the second map extension; use second map block encryption data to encrypt a second map extension of the map data after storage of the first…

    An apparatus may include a processor component caused to: generate map entries in map data descriptive of encrypted data blocks within a data file; use first map block encryption data to encrypt a first map extension of the map data; transmit the encrypted first map extension for storage within the data file; store the first map block encryption data within the second map extension; use second map block encryption data to encrypt a second map extension of the map data after storage of the first map block encryption data therein; transmit encrypted second map extension for storage within the data file; store the second map block encryption data within the map base; use third map block encryption data to encrypt a map base of the map data after storage of the second map block encryption data therein; and transmit the encrypted map base for storage within the data file.

    See patent
  • Distributed data set Storage and Retrieval

    Issued US 10,185,721

    An apparatus includes a processor component caused to: retrieve metadata of organization of data within a data set, and map data of organization of data blocks within a data file; receive indications of which node devices are available to perform a processing task with a data set portion; and in response to the data set including partitioned data, compare the quantities of available node devices and of the node devices last involved in storing the data set. In response to a match, for each map…

    An apparatus includes a processor component caused to: retrieve metadata of organization of data within a data set, and map data of organization of data blocks within a data file; receive indications of which node devices are available to perform a processing task with a data set portion; and in response to the data set including partitioned data, compare the quantities of available node devices and of the node devices last involved in storing the data set. In response to a match, for each map data map entry: retrieve a hashed identifier for a data sub-block, and a size for each of the data sub-blocks within the corresponding data block; divide the hashed identifier by the quantity of available node devices; compare the modulo value to a designation assigned to each of the available node devices; and provide a pointer to the available node device assigned the matching designation.

    See patent
  • Distributed data set storage and retrieval (Sweden)

    Issued SE SE 540909

    Other inventors
    See patent
  • DISTRIBUTED DATA SET STORAGE AND RETRIEVAL (China)

    Issued CN 108701076A

    An apparatus includes a processor component caused to: retrieve metadata of organization of data within a data set, and map data of organization of data blocks within a data file; receive indicationsof which node devices are available to perform a processing task with a data set portion; and in response to the data set including partitioned data, compare the quantities of available node devices and of the node devices last involved in storing the data set. In response to a match, for cacti map…

    An apparatus includes a processor component caused to: retrieve metadata of organization of data within a data set, and map data of organization of data blocks within a data file; receive indicationsof which node devices are available to perform a processing task with a data set portion; and in response to the data set including partitioned data, compare the quantities of available node devices and of the node devices last involved in storing the data set. In response to a match, for cacti map data map entry: retrieve a hashed identifier for a data sub-block, and a size for each of the data sub-blocks within the corresponding data block; divide the hashed identifier by the quantity of available node devices; compare the modulo value to a designation assigned to each of the available nodedevices; and provide a pointer to the available node device assigned the matching designation.

    See patent
  • Distributed data set indexing

    Issued US 10,013,441

    An apparatus including a processor to: index multiple data records within a data cell by first and second data fields in a single read pass through the data cell; wherein for each data record within the first data cell, the processor is to retrieve data values from the first and second data fields, search a first binary tree to determine whether the data value from the first data field comprises a unique value, and add the data value to the first binary tree if it is unique, and search a second…

    An apparatus including a processor to: index multiple data records within a data cell by first and second data fields in a single read pass through the data cell; wherein for each data record within the first data cell, the processor is to retrieve data values from the first and second data fields, search a first binary tree to determine whether the data value from the first data field comprises a unique value, and add the data value to the first binary tree if it is unique, and search a second binary tree to determine whether the data value from the second data field comprises a unique value, and add the data value to the second binary tree if it is unique; and generate a first and second unique values indexes of identifiers of the data records associated with the unique data values within the first and second binary trees.

    See patent
  • Distributed data set indexing

    Issued US 10,002,146

    An apparatus including a processor to receive search criteria including a data value for a search within a data field; in response to the receipt of the query instructions, and for each data cell within a super cell, perform the specified search by comparing the data value to ranges of values indicated in a corresponding cell index to determine whether the data cell includes a data record meeting the search criteria, and in response to a determination that the data cell includes such a data…

    An apparatus including a processor to receive search criteria including a data value for a search within a data field; in response to the receipt of the query instructions, and for each data cell within a super cell, perform the specified search by comparing the data value to ranges of values indicated in a corresponding cell index to determine whether the data cell includes a data record meeting the search criteria, and in response to a determination that the data cell includes such a data record, use a unique values index in the cell index to search the data records of the data cell to identify one or more data records meeting the search criteria; and in response to identifying at least one data record meeting the search criteria, provide an indication that at least the data cell includes at least one data record meeting the search criteria.

    See patent
  • Distributed data set encryption and decryption

    Issued US 9,990,367

    An apparatus including a processor caused to: receive sizes and data block encryption data for multiple encrypted data blocks from multiple node devices, wherein data block encryption data is separately generated and used by each node device to encrypt a portion of a data set to generate one of the multiple encrypted data blocks; for each encrypted data block, generate a corresponding map entry within map data to include size and data block encryption data; and in response to receiving size and…

    An apparatus including a processor caused to: receive sizes and data block encryption data for multiple encrypted data blocks from multiple node devices, wherein data block encryption data is separately generated and used by each node device to encrypt a portion of a data set to generate one of the multiple encrypted data blocks; for each encrypted data block, generate a corresponding map entry within map data to include size and data block encryption data; and in response to receiving size and data block encryption data for all encrypted data blocks, encrypt a portion of the map data to generate an encrypted map base, wherein the portion of map data includes at least a subset of the multiple map entries, and transmit the encrypted map base to one or more storage devices to be stored within a data file along with the multiple encrypted data blocks.

    See patent
  • Distributed data set indexing

    Issued US 9,977,805

  • Distributed data set indexing

    Issued US 9,977,807

  • Distributed data set encryption and decryption

    Issued US 9,946,718

    Other inventors
    • Mark Gass
    See patent
  • Distributed data set storage and retrieval

    Issued US US 20170031599 A1

    An apparatus includes processor component caused to: retrieve metadata of organization of data within a data set, and map data of organization of data blocks within a data file; receive indications of which node devices are available to perform a processing task with a data set portion; and in response to the data set including partitioned data, compare the quantities of available node devices and of the node devices last involved in storing the data set. In response to a match, for each map…

    An apparatus includes processor component caused to: retrieve metadata of organization of data within a data set, and map data of organization of data blocks within a data file; receive indications of which node devices are available to perform a processing task with a data set portion; and in response to the data set including partitioned data, compare the quantities of available node devices and of the node devices last involved in storing the data set. In response to a match, for each map data map entry: retrieve a hashed identifier for a data sub-block, and a size for each of the data sub-blocks within the corresponding data block; divide the hashed identifier by the quantity of available node devices; compare the modulo value to a designation assigned to each of the available node devices; and provide a pointer to the available node device assigned the matching designation.

    See patent
  • Authorization caching in a multithreaded object server

    Issued US US9059983 B2

    Division of US8555378 B2 with a new claim set representing cache synchronization

    Other inventors
    • John Forrest Boozer
    See patent
  • Techniques to explain authorization origins for protected resource objects in a resource object domain

    Issued US US8689324 B2

    Techniques to explain authorization origins for protected objects in an object domain are disclosed. In one embodiment, for example, an apparatus may comprise a processor circuit, a request processor component operative on the processor circuit to receive and process a request for an authorization origin of a resource object, the authorization origin comprising an access control with a permission arranged to control access to the resource object based on an identity, and a resource origin…

    Techniques to explain authorization origins for protected objects in an object domain are disclosed. In one embodiment, for example, an apparatus may comprise a processor circuit, a request processor component operative on the processor circuit to receive and process a request for an authorization origin of a resource object, the authorization origin comprising an access control with a permission arranged to control access to the resource object based on an identity, and a resource origin component operative on the processor circuit to identify the authorization origin of the resource object from a set of interrelated resource objects and associated access controls, retrieve authorization origin information for the authorization origin, and present the authorization origin information in a user interface view. Other embodiments are described and claimed.

    Other inventors
    See patent
  • Authorization caching in a multithreaded object server

    Issued US US8555378 B2

    Systems and methods are included for accessing resource objects in a multi-threaded environment. A request is received from a requester to perform an operation with respect to a resource object, where the requested resource object has multiple associations with other objects. A determination as to whether an authorization cache entry corresponding to the requested resource object contains sufficient permission data for granting or denying the request for access to the requested resource object…

    Systems and methods are included for accessing resource objects in a multi-threaded environment. A request is received from a requester to perform an operation with respect to a resource object, where the requested resource object has multiple associations with other objects. A determination as to whether an authorization cache entry corresponding to the requested resource object contains sufficient permission data for granting or denying the request for access to the requested resource object is made. A grant or deny of access to the requested resource object is returned when the authorization cache entry corresponding to the requested resource object contains sufficient permission data.

    Other inventors
    • John Forrest Boozer
    See patent
  • Computer-implemented authorization systems and methods using association

    Issued US US7644086 B2

    Computer-implemented systems and methods for determining whether to authorize one or more operations with respect to resource objects. A system and method can include receiving a request that would involve an operation with respect to a resource object. The requested resource object may have multiple associations with other objects. One or more data stores are used to store interrelationships among resource objects, authorization-related objects, and access permission information. A comparison…

    Computer-implemented systems and methods for determining whether to authorize one or more operations with respect to resource objects. A system and method can include receiving a request that would involve an operation with respect to a resource object. The requested resource object may have multiple associations with other objects. One or more data stores are used to store interrelationships among resource objects, authorization-related objects, and access permission information. A comparison is performed using permissions and the requester's access credential information. The comparison is used to determine whether to permit the operation with respect to the resource object.

    Other inventors
    • John Forrest Boozer
    See patent

Courses

  • Agile Development Methodologies

    -

  • Java

    -

  • Kala Persistence (MIT Extension)

    -

  • Object-Oriented Design (Semaphore)

    -

  • SAS/SQL

    -

  • Writing Secure Code (SANS)

    -

Projects

  • SAS Viya -- SingleStore Deep Integration

    -

    Architect and Tech Lead for advanced R&D integration of SAS Viya's massively parallel compute capabilities with the SIngleStore (formerly MemSQL) distributed relational database.

    See project
  • SAS Viya/CAS Distributed Table Indexing

    -

    Designer/Programmer of the distributed indexing facility for Cloud Analytic Services (CAS) data tables.

    See project
  • SAS Viya/Cloud Analytic Services native integration with Apache Parquet

    -

    Primary designer/programmer of Apache Parquet native integration with SAS Viya Cloud Analytic Services (CAS). This work provides Parquet dataset distribution among CAS MPP worker nodes and processes Parquet columnar data natively on concurrent threads for CAS SMP and MPP configurations. Coding in C/C++. Massively parallel I/O is supported for POSIX and AWS S3 storage types. Interaction with the Apache Parquet PMC.

  • SAS Viya/CAS data storage integration with Amazon S3

    -

    Provides parallel Amazon S3 storage and retrieval of SAS Cloud Analytic Services (CAS) Distributed Tables. Uses the SASDNFS format which allows independent transfer of .sashdat files between various storage providers and S3 without requiring a running CAS server. This project implements innovative techniques to achieve distributed data storage in parallel to Amazon S3 including massively parallel threaded I/O between CAS and S3.

  • SAS Viya/CAS Distributed Network File System (DNFS)

    -

    Primary designer/programmer of the CAS Distributed Network File System (DNFS). DNFS has two major components:

    1. An extensible file format to manage and secure data in an elastic computing environment
    2. A distributed acess method to optimally direct I/O operations across separate devices connected by a network.

    See project
  • SAS Viya/CAS client-server varying-length type support

    -

    Designed and programmed varying-length character (VARCHAR) and binary (VARBINARY) type support in the CAS client-server interface. This allows Python, Java, R and Lua client programs to send these types to the CAS server. It Involves intricate client-server communications while managing a varying number of variable-length buffers. Also implemented related support for distributing varying-length values between the CAS Controller and Worker nodes.

  • SAS Metadata Server Clustering Project

    -

    One of three SAS R&D Principal Software Developers responsible for redesigning and programming the SAS Metadata Server in a clustered multi-machine implementation to support failover, load-balancing and scalability.

    See project
  • SAS Metadata Sever Authorization

    -

    Primary contributor to the design and implementation of the SAS Metadata Sever Authorization model from its very beginning in 2001 until early 2014. This included programming 1000's of lines of complex multi-threaded systems-level code in C Language using the SAS Metadata Object model.

    See project
  • SAS Metadata Server Testing Framework

    -

    Designed and programmed a new testing framework for the SAS Metadata Server based on parameterized test classes provided in JUnit 4.11. This simplified the testing process and reduced the elapsed time required to run a massive set of JUnit tests by ~60%. These results were achieved by scoping JVM launches to one per test suite category. The tests are steamed to the SAS Metadata Server with minimal testware overhead.

    This project also involved developing a custom parser for test…

    Designed and programmed a new testing framework for the SAS Metadata Server based on parameterized test classes provided in JUnit 4.11. This simplified the testing process and reduced the elapsed time required to run a massive set of JUnit tests by ~60%. These results were achieved by scoping JVM launches to one per test suite category. The tests are steamed to the SAS Metadata Server with minimal testware overhead.

    This project also involved developing a custom parser for test results using Java regular expression classes.

  • SAS Metadata Server Distributed Authorization Caching

    -

    Within the SAS Metadata Server ... designed and programmed distributed authorization caching mechanism based on a complex network (graph) of objects. Two related US Patents issued.

    See project
  • SAS Metadata Sever Access Control Admin Facility

    -

    SAS Metadata Sever facility for stateful access control administration. This allows client applications to "model" the impact of making permission changes within a complex inheritance hierarchy through a remote API on the Metadata Server Project addressed scalability and performance demands that drove innovative techniques for changing multiple objects and their relationships with minimal impact on already persisted objects.

    See project
  • SAS Metadata Server Authorization Lineage/Explain

    -

    Co-architect and lead developer of APIs and implementation in the SAS Java mid-tier to explain per-identity access control and permission lineage based on a complex network of objects.

    See project
  • SAS R&D loadComp utility

    -

    Developed IBM 370 assembly language utility to navigate the internal data structures of two executable load modules and compare them byte-for-byte. As of 2018 this load module comparator utility is still in use by SAS release engineering.

  • SAS Data Library

    -

    Complete redesign of the SAS Data Library architecture for the IBM Mainframe. This technology is a filesystem Implemented within a dynamically formatted physical OS file.

    It features a custom dynamic device driver that optimally generates the correct device specific primitives for various I/O operations.

    Other layers manage disk space within the library and mapping of individual stored objects. Library data structures were designed extensibly to accommodate future needs. The…

    Complete redesign of the SAS Data Library architecture for the IBM Mainframe. This technology is a filesystem Implemented within a dynamically formatted physical OS file.

    It features a custom dynamic device driver that optimally generates the correct device specific primitives for various I/O operations.

    Other layers manage disk space within the library and mapping of individual stored objects. Library data structures were designed extensibly to accommodate future needs. The entire structure is device independent and may span multiple physical disk volumes.

    This architecture and its initial implementation were completed in late 1989 and remains in service as of 2018 without ever requiring format conversion.

    Languages: C and IBM Assembly

Organizations

  • Association For Computing Machinery

    -

    - Present

    I've read the ACM Journals for years on our library. Time to join!

Recommendations received

10 people have recommended Brian

Join now to view

View Brian’s full profile

  • See who you know in common
  • Get introduced
  • Contact Brian directly
Join to view full profile

Other similar profiles

Explore collaborative articles

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Explore More

Others named Brian Bowman in United States

Add new skills with these courses