Patents by Inventor Dinarte Morais
Dinarte Morais has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 7801952Abstract: A condition on a client that is communicating with a server is determined by issuing a challenge to the client, causing the client to produce a response indicative of the condition. The server compares the response to an expected response to determine if the condition is as expected, and if not, takes appropriate action, such as terminating the connection with the client. The challenge preferably includes parameters and a code segment that causes the client to produce the response by executing the code segment. The code segment could perform a one-way hashing algorithm of a portion of memory indicated in the parameters. The server can thus determine if the client is using a modified basic input output system, modified software, pirated software, or whether other conditions exist on the client. The challenge can be changed to prevent the client from returning a false, predetermined response to the challenge.Type: GrantFiled: October 22, 2007Date of Patent: September 21, 2010Assignee: Microsoft CorporationInventors: Ling Tony Chen, Michael Courage, Dinarte Morais
-
Patent number: 7676840Abstract: Machine instructions comprising a bootstrap code are buried within a critical component of an electronic game console where they cannot readily be accessed or modified. A preloader portion in a read only memory (ROM) is hashed by the bootstrap code and the result is compared to an expected hash value maintained in the bootstrap code. Further verification of the boot-up process is carried out by the preloader, which hashes the code in ROM to obtain a hash value for the code. The result is verified against a digital signature value that defines an expected value for this hash. Failure to obtain any expected result terminates the boot-up process. Since the bootstrap code confirms the preloader, and the preloader confirms the remainder of the code in ROM, this technique is useful for ensuring that the code used for booting up the device has not been modified or replaced.Type: GrantFiled: January 7, 2005Date of Patent: March 9, 2010Assignee: Microsoft CorporationInventors: Dinarte Morais, Jon Lange, Daniel R. Simon, Ling Tony Chen, Josh D. Benaloh
-
Publication number: 20080039209Abstract: A condition on a client that is communicating with a server is determined by issuing a challenge to the client, causing the client to produce a response indicative of the condition. The server compares the response to an expected response to determine if the condition is as expected, and if not, takes appropriate action, such as terminating the connection with the client. The challenge preferably includes parameters and a code segment that causes the client to produce the response by executing the code segment. The code segment could perform a one-way hashing algorithm of a portion of memory indicated in the parameters. The server can thus determine if the client is using a modified basic input output system, modified software, pirated software, or whether other conditions exist on the client. The challenge can be changed to prevent the client from returning a false, predetermined response to the challenge.Type: ApplicationFiled: October 22, 2007Publication date: February 14, 2008Applicant: MICROSOFT CORPORATIONInventors: Ling Chen, Michael Courage, Dinarte Morais
-
Patent number: 7287052Abstract: A condition on a client that is communicating with a server is determined by issuing a challenge to the client, causing the client to produce a response indicative of the condition. The server compares the response to an expected response to determine if the condition is as expected, and if not, takes appropriate action, such as terminating the connection with the client. The challenge preferably includes parameters and a code segment that causes the client to produce the response by executing the code segment. The code segment could perform a one-way hashing algorithm of a portion of memory indicated in the parameters. The server can thus determine if the client is using a modified basic input output system, modified software, pirated software, or whether other conditions exist on the client. The challenge can be changed to prevent the client from returning a false, predetermined response to the challenge.Type: GrantFiled: November 9, 2002Date of Patent: October 23, 2007Assignee: Microsoft CorporationInventors: Ling Tony Chen, Michael Courage, Dinarte Morais
-
Publication number: 20060259292Abstract: Attempts by drivers of a virtualized legacy computer game to communicate with nonexistent legacy game system hardware are converted into calls to actual hardware of the host computer game system. An access control list (ACL) restricting and/or reducing page permissions is used to explicitly forbid the drivers of the legacy computer game operating on the virtualized legacy computer game platform from writing to the MMIO addresses of the legacy computer game system. When the operating system of the virtualized legacy computer game platform attempts to touch its driver memory by writing to the MMIO addresses, the operating system of the host computer game system perceives a memory access violation, suspends the virtual machine implementing the virtualized computer game platform, and passes the intended write to an exception handler of the host operating system.Type: ApplicationFiled: May 12, 2005Publication date: November 16, 2006Applicant: Microsoft CorporationInventors: Andrew Solomon, Dinarte Morais
-
Publication number: 20060059553Abstract: A computing environment maintains the confidentiality of data stored in system memory. The computing environment has an encryption circuit in communication with a CPU. The system memory is also in communication with the encryption circuit. An address bus having a plurality of address lines forms part of the system and a value of at least one of the address lines determines a key selected from a plurality of keys to use in the encryption circuit to encrypt data being transferred by the CPU to the memory.Type: ApplicationFiled: August 27, 2004Publication date: March 16, 2006Applicant: Microsoft CorporationInventors: Dinarte Morais, Jeffrey Andrews
-
Publication number: 20060048221Abstract: A integrity control system uses the address bits to enable encryption and/or protection of data stored in a system memory. The encryption and protection mechanisms are coupled to the CPU by way of a data bus and to the memory by way of a data bus. An address bus that determines the location of data to be stored or retrieved from system memory has a plurality of address lines. At least one of the address lines enabling the encryption mechanism to encrypt data before storage in the memory and to decrypt data after retrieval from memory. Another address line enables the protection mechanism to generate a hash of the data. The hash is stored and used to determine whether data has been altered while stored in system memory.Type: ApplicationFiled: August 27, 2004Publication date: March 2, 2006Applicant: Microsoft CorporationInventors: Dinarte Morais, Jeffrey Andrews
-
Publication number: 20060047936Abstract: A computing environment maintains the integrity of data stored in system memory. The system has a memory management unit that maintains a plurality of real page numbers. The system also comprises an address bus in communication with the memory management unit. The address bus comprises a plurality of address lines, wherein a value of at least one address line is set by a real page number from the memory management unit. The system has an operating system that controls memory usage by controlling the real page numbers stored in said page table that is accessed by the memory management unit. At least one security feature such as data encryption is selectively applied to data stored in a page of said memory as enabled by a value of said address line set by said real page number.Type: ApplicationFiled: August 27, 2004Publication date: March 2, 2006Applicant: Microsoft CorporationInventors: Dinarte Morais, Jeffrey Andrews
-
Publication number: 20060047972Abstract: A computing environment maintains the integrity of data stored in system memory. The system has an address bus that comprises a plurality of address lines. The value of at least a portion of the address line is determined by a real page number stored in a page table. The system also comprises an encryption circuit that converts data from plaintext to ciphertext as a function of a key value. A circuit derives the key value as a function of at least a portion of the address line that is set by the real page number.Type: ApplicationFiled: August 27, 2004Publication date: March 2, 2006Applicant: Microsoft CorporationInventor: Dinarte Morais
-
Publication number: 20060047958Abstract: A system comprises a memory and a processor that supports different privilege levels. Only program code executing at a certain privilege level is permitted to map memory and to assign access permission to the mapped memory, such as read-only, writable, and executable. Control code executing on the processor at that privilege level, in response to a request from other code executing at a different privilege level, maps a portion of memory for loading an executable file. After the executable file has been loaded into the mapped memory, the control code then verifies a signature associated with the executable file. If the signature is verified, the control code permits the executable file to be executed by the processor at a privilege level other than the one at which the control code executes. Otherwise, the control code prevents the executable file from being executed on the processor.Type: ApplicationFiled: August 25, 2004Publication date: March 2, 2006Applicant: Microsoft CorporationInventor: Dinarte Morais
-
Publication number: 20060047933Abstract: A integrity control system uses the address bits to enable protection of data stored in a system memory. An address bus that determines the location of data to be stored or retrieved from system memory has a plurality of address lines. A subset of the address lines enables the protection mechanism to generate an integrity control value representative of the data and determine where the integrity check value is stored in a secure memory.Type: ApplicationFiled: August 27, 2004Publication date: March 2, 2006Applicant: Microsoft CorporationInventors: Dinarte Morais, Jeffrey Andrews
-
Publication number: 20060047959Abstract: A secure execution environment is established in a computer system comprising a memory and a processor that supports the execution of different program code at different privilege levels, wherein one privilege level enables program code executing at that privilege level to map portions of memory and to assign access permissions to the mapped portions of memory, at least one of the access permissions for designating mapped memory as writable and another of the access permissions for designating mapped memory as executable. The secure executing environment is established by first program code executing at the one privilege level. The first program code, by virtue of its executing at the one privilege level, has the exclusive ability to map a portion of memory for use by other program code executing at a different privilege level and to assign access permissions to the mapped portion of memory.Type: ApplicationFiled: August 25, 2004Publication date: March 2, 2006Applicant: Microsoft CorporationInventor: Dinarte Morais
-
Publication number: 20050138270Abstract: Machine instructions comprising a bootstrap code are buried within a critical component of an electronic game console where they cannot readily be accessed or modified. A preloader portion in a read only memory (ROM) is hashed by the bootstrap code and the result is compared to an expected hash value maintained in the bootstrap code. Further verification of the boot-up process is carried out by the preloader, which hashes the code in ROM to obtain a hash value for the code. The result is verified against a digital signature value that defines an expected value for this hash. Failure to obtain any expected result terminates the boot-up process. Since the bootstrap code confirms the preloader, and the preloader confirms the remainder of the code in ROM, this technique is useful for ensuring that the code used for booting up the device has not been modified or replaced.Type: ApplicationFiled: January 7, 2005Publication date: June 23, 2005Applicant: Microsoft CorporationInventors: Dinarte Morais, Jon Lange, Daniel Simon, Ling Chen, Josh Benaloh
-
Patent number: 6907522Abstract: Machine instructions comprising a bootstrap code are buried within a critical component of an electronic game console where they cannot readily be accessed or modified. A preloader portion in a read only memory (ROM) is hashed by the bootstrap code and the result is compared to an expected hash value maintained in the bootstrap code. Further verification of the boot-up process is carried out by the preloader, which hashes the code in ROM to obtain a hash value for the code. The result is verified against a digital signature value that defines an expected value for this hash. Failure to obtain any expected result terminates the boot-up process. Since the bootstrap code confirms the preloader, and the preloader confirms the remainder of the code in ROM, this technique is useful for ensuring that the code used for booting up the device has not been modified or replaced.Type: GrantFiled: June 7, 2002Date of Patent: June 14, 2005Assignee: Microsoft CorporationInventors: Dinarte Morais, Jon Lange, Daniel R. Simon, Ling Tony Chen, Josh D. Benaloh
-
Publication number: 20050015644Abstract: Subject matter includes a network connection agent and troubleshooter that automatically connects a device to a network service in multiple stages, displays real-time status reports of connection progress with respect to each stage, and displays troubleshooting help and instructions with respect to a stage if the stage is not successful.Type: ApplicationFiled: June 30, 2003Publication date: January 20, 2005Applicant: MICROSOFT CORPORATIONInventors: Ya-Bing Chu, Dinarte Morais, Nataly Pogrebinsky
-
Publication number: 20040093372Abstract: A condition on a client that is communicating with a server is determined by issuing a challenge to the client, causing the client to produce a response indicative of the condition. The server compares the response to an expected response to determine if the condition is as expected, and if not, takes appropriate action, such as terminating the connection with the client. The challenge preferably includes parameters and a code segment that causes the client to produce the response by executing the code segment. The code segment could perform a one-way hashing algorithm of a portion of memory indicated in the parameters. The server can thus determine if the client is using a modified basic input output system, modified software, pirated software, or whether other conditions exist on the client. The challenge can be changed to prevent the client from returning a false, predetermined response to the challenge.Type: ApplicationFiled: November 9, 2002Publication date: May 13, 2004Applicant: Microsoft CorporationInventors: Ling Tony Chen, Michael Courage, Dinarte Morais
-
Publication number: 20030229777Abstract: Machine instructions comprising a bootstrap code are buried within a critical component of an electronic game console where they cannot readily be accessed or modified. A preloader portion in a read only memory (ROM) is hashed by the bootstrap code and the result is compared to an expected hash value maintained in the bootstrap code. Further verification of the boot-up process is carried out by the preloader, which hashes the code in ROM to obtain a hash value for the code. The result is verified against a digital signature value that defines an expected value for this hash. Failure to obtain any expected result terminates the boot-up process. Since the bootstrap code confirms the preloader, and the preloader confirms the remainder of the code in ROM, this technique is useful for ensuring that the code used for booting up the device has not been modified or replaced.Type: ApplicationFiled: June 7, 2002Publication date: December 11, 2003Inventors: Dinarte Morais, Jon Lange, Daniel R. Simon, Ling Tony Chen, Josh D. Benaloh
-
Patent number: 6202085Abstract: A system and method for incremental change synchronization among multiple copies of data is disclosed. To achieve the synchronization a genera synchronization model is used. The synchronization model establishes a one-way data flow path to allow incremental changes to be transferred from a copy of data that incorporates the incremental changes to a copy of data that does not yet incorporate the incremental changes. To achieve this one-way data flow path, the synchronization model uses an agent, a data collector, and a data synchronizer. The data collector collects incremental changes transferred to it and applies the incremental changes to a copy of data. A data synchronizer transfers incremental changes to a data collector. An agent controls the synchronization process by making a connection between a data collector and a data synchronizer and then directing the data synchronizer to transfer data to the data collector.Type: GrantFiled: December 6, 1996Date of Patent: March 13, 2001Assignee: Microsoft CorportionInventors: Max L. Benson, Dinarte Morais, Scott Norin, William P. Champion, Thomas F. Fakes, Milind M. Joshi
-
Patent number: 5793970Abstract: In an electronic mail system comprising a local computer that can be connected to a message server over a data link, mechanisms are provided to convert large identification codes used by the message server to store and access messages and folders into shorter identification codes used by the local computer to access locally stored copies of the messages or folders. The large server identification codes, including a 46-byte folder codes and 70-byte message codes, are converted using a conversion technique that operates in one of two modes, depending on whether the data link to a master conversion map on the message server is available and operative. In the first mode, to convert the codes to 8-byte codes, the technique uses a local cache that retains mapping information produced in conversions using the master conversion map. In the second mode, three types of local maps are implemented as B-trees are used to convert the codes first to the 8-byte codes and then to 4-byte codes.Type: GrantFiled: July 11, 1996Date of Patent: August 11, 1998Assignee: Microsoft CorporationInventors: Thomas F. Fakes, Dinarte Morais, Max L. Benson