Patents by Inventor Gregory Kostal
Gregory Kostal has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20090158384Abstract: One embodiment includes a method which may be practiced in a computing environment where resources are distributed. The method includes acts for obtaining policy information defining restrictions on resources distributed in the computing environment. The method includes sending a request to a server for metadata about one or more resource protection policies at the server. In response to the request, metadata about one or more resource protection polices at the server is received from the server. The metadata from the server is analyzed. Based on analyzing the metadata, one or more resource protection policies stored at the client are updated.Type: ApplicationFiled: December 18, 2007Publication date: June 18, 2009Applicant: MICROSOFT CORPORATIONInventors: Abhijat A. Kanade, Rushmi U. Malaviarachchi, Peter D. Waxman, Yuhui Zhong, Gregory Kostal, Scott C. Cottrille, Syed A. Mehdi, Patricia Priest, Kumar B. Parambir, Li Ren
-
Patent number: 7509489Abstract: An improved certificate issuing system may comprise a certificate translation engine for translating incoming certificates and certificate requests from a first format into a second format. A certificate issuing engine may then operate on incoming requests in the common format. The issuing engine can issue certificates to clients according to its certificate issuing policy. The policy may be expressed as data in a policy expression language that can be consumed at runtime, which provides for flexible and efficient changing of issuing policy. Issued certificates can be translated back into a format that is consumed by the requesting client. Such translation can be performed by the translation engine prior to delivery of certificates to requesting clients.Type: GrantFiled: March 11, 2005Date of Patent: March 24, 2009Assignee: Microsoft CorporationInventors: Gregory Kostal, Muthukrishnan Paramasivam, Ravindra Nath Pandya, Scott C. Cottrille, Vasantha K Ravula, Vladimir Yarmolenko, Charles F. Rose, III, Yuhui Zhong
-
Patent number: 7500097Abstract: An improved certificate issuing system may comprise a novel arrangement for expressing certificate issuing policy. The policy may be expressed in a human-readable policy expression language and stored for example in a file that is consumed by a certificate issuing system at runtime. The policy may thus be easily changed by altering the digital file. Certain techniques are also provided for extending the capabilities of the certificate issuing system so it may apply and enforce new policies.Type: GrantFiled: February 28, 2005Date of Patent: March 3, 2009Assignee: Microsoft CorporationInventors: Gregory Kostal, Muthukrishnan Paramasivam, Ravindra Nath Pandya, Scott C. Cottrille, Vasantha K Ravula, Vladimir Yarmolenko, Charles F. Rose, III, Yuhui Zhong
-
Patent number: 7443985Abstract: A key management interface that allows for different key protection schemes to be plugged into a digital rights management system is disclosed. The interface exposes the functionality of signing data, decrypting data encrypted using a public key, and re-encrypting data encrypted using the public key exported by the interface to a different authenticated principal (i.e., a different public key). Thus, a secure interface can be provided such that the data does not enter or leave the interface in the clear. Such an interface exports private key operations of signing and decryption, and provides security and authentication for the digital asset server in licensing and publishing. During publishing, a client can encrypt asset keys such that only a specified entity can decrypt it, using a plug-in, for example, that implements the aforementioned interface.Type: GrantFiled: August 23, 2006Date of Patent: October 28, 2008Assignee: Microsoft CorporationInventors: Vinay Krishnaswamy, Attila Narin, Gregory Kostal, Vladimir Yarmolenko, Scott C. Cottrille
-
Publication number: 20080196091Abstract: A Digital Rights Management (DRM) system has a plurality of DRM servers performing DRM functionality and an entering DRM-E server is enrolled into the system by an enrolling DRM-R server such that the entering DRM-E server is to be trusted within the system. The DRM-E server sends an enrollment request to the DRM-R server including a proffering identification and a public key (PU-E). The DRM-R server validates the proffering identification, and, if the request is to be honored, generates a digital enrollment certificate with (PU-E) for the DRM-E server to enroll such DRM-E server into the DRM system. The now-enrolled DRM-E server with the generated enrollment certificate is able to employ same to issue DRM documents within the DRM system.Type: ApplicationFiled: December 6, 2007Publication date: August 14, 2008Applicant: Microsoft CorporationInventors: Gregory Kostal, Steve Bourne, Vinay Krishnaswamy
-
Patent number: 7308573Abstract: A Digital Rights Management (DRM) system has a plurality of DRM servers performing DRM functionality and an entering DRM-E server is enrolled into the system by an enrolling DRM-R server such that the entering DRM-E server is to be trusted within the system. The DRM-E server sends an enrollment request to the DRM-R server including a proffering identification and a public key (PU-E). The DRM-R server validates the proffering identification, and, if the request is to be honored, generates a digital enrollment certificate with (PU-E) for the DRM-E server to enroll such DRM-E server into the DRM system. The now-enrolled DRM-E server with the generated enrollment certificate is able to employ same to issue DRM documents within the DRM system.Type: GrantFiled: February 25, 2003Date of Patent: December 11, 2007Assignee: Microsoft CorporationInventors: Gregory Kostal, Steve Bourne, Vinay Krishnaswamy
-
Patent number: 7174021Abstract: A key management interface that allows for different key protection schemes to be plugged into a digital rights management system is disclosed. The interface exposes the functionality of signing data, decrypting data encrypted using a public key, and re-encrypting data encrypted using the public key exported by the interface to a different authenticated principal (i.e., a different public key). Thus, a secure interface can be provided such that the data does not enter or leave the interface in the clear. Such an interface exports private key operations of signing and decryption, and provides security and authentication for the digital asset server in licensing and publishing. During publishing, a client can encrypt asset keys such that only a specified entity can decrypt it, using a plug-in, for example, that implements the aforementioned interface.Type: GrantFiled: June 28, 2002Date of Patent: February 6, 2007Assignee: Microsoft CorporationInventors: Vinay Krishnaswamy, Attila Narin, Gregory Kostal, Vladimir Yarmolenko, Scott C. Cottrille
-
Publication number: 20060280309Abstract: A key management interface that allows for different key protection schemes to be plugged into a digital rights management system is disclosed. The interface exposes the functionality of signing data, decrypting data encrypted using a public key, and re-encrypting data encrypted using the public key exported by the interface to a different authenticated principal (i.e., a different public key). Thus, a secure interface can be provided such that the data does not enter or leave the interface in the clear. Such an interface exports private key operations of signing and decryption, and provides security and authentication for the digital asset server in licensing and publishing. During publishing, a client can encrypt asset keys such that only a specified entity can decrypt it, using a plug-in, for example, that implements the aforementioned interface.Type: ApplicationFiled: August 23, 2006Publication date: December 14, 2006Inventors: Vinay Krishnaswamy, Attila Narin, Gregory Kostal, Vladimir Yarmolenko, Scott Cottrille
-
Publication number: 20060206707Abstract: An improved certificate issuing system may comprise a certificate translation engine for translating incoming certificates and certificate requests from a first format into a second format. A certificate issuing engine may then operate on incoming requests in the common format. The issuing engine can issue certificates to clients according to its certificate issuing policy. The policy may be expressed as data in a policy expression language that can be consumed at runtime, which provides for flexible and efficient changing of issuing policy. Issued certificates can be translated back into a format that is consumed by the requesting client. Such translation can be performed by the translation engine prior to delivery of certificates to requesting clients.Type: ApplicationFiled: March 11, 2005Publication date: September 14, 2006Applicant: Microsoft CorporationInventors: Gregory Kostal, Muthukrishnan Paramasivam, Ravindra Pandya, Scott Cottrille, Vasantha Ravula, Vladimir Yarmolenko, Charles Rose, Yuhui Zhong
-
Publication number: 20060195690Abstract: An improved certificate issuing system may comprise a novel arrangement for expressing certificate issuing policy. The policy may be expressed in a human-readable policy expression language and stored for example in a file that is consumed by a certificate issuing system at runtime. The policy may thus be easily changed by altering the digital file. Certain techniques are also provided for extending the capabilities of the certificate issuing system so it may apply and enforce new policies.Type: ApplicationFiled: February 28, 2005Publication date: August 31, 2006Applicant: Microsoft CorporationInventors: Gregory Kostal, Muthukrishnan Paramasivam, Ravindra Pandya, Scott Cottrille, Vasantha Ravula, Vladimir Yarmolenko, Charles Rose, Yuhui Zhong
-
Publication number: 20040168061Abstract: A Digital Rights Management (DRM) system has a plurality of DRM servers performing DRM functionality and an entering DRM-E server is enrolled into the system by an enrolling DRM-R server such that the entering DRM-E server is to be trusted within the system. The DRM-E server sends an enrollment request to the DRM-R server including a proffering identification and a public key (PU-E). The DRM-R server validates the proffering identification, and, if the request is to be honored, generates a digital enrollment certificate with (PU-E) for the DRM-E server to enroll such DRM-E server into the DRM system. The now-enrolled DRM-E server with the generated enrollment certificate is able to employ same to issue DRM documents within the DRM system.Type: ApplicationFiled: February 25, 2003Publication date: August 26, 2004Applicant: Microsoft CorporationInventors: Gregory Kostal, Steve Bourne, Vinay Krishnaswamy
-
Publication number: 20040003139Abstract: Systems and methods for providing digital rights management services are disclosed. Such a system includes a service program that provides a processing framework for performing a digital rights management service, such as publishing or licensing rights managed digital content. A plurality of plug-in components are provided, each of which performs a respective task associated with the digital rights management service. The plug-in components are integrated into the processing framework according to predefined sets of interface rules.Type: ApplicationFiled: June 28, 2002Publication date: January 1, 2004Applicant: Microsoft CorporationInventors: Scott C. Cottrille, Peter David Waxman, Vinay Krishnaswamy, Chandramouli Venkatesh, Attilla Narin, Gregory Kostal, Prashant Malik, Vladimir Yarmolenko, Frank Byrum, Thomas K. Lindeman
-
Publication number: 20040001594Abstract: A key management interface that allows for different key protection schemes to be plugged into a digital rights management system is disclosed. The interface exposes the functionality of signing data, decrypting data encrypted using a public key, and re-encrypting data encrypted using the public key exported by the interface to a different authenticated principal (i.e., a different public key). Thus, a secure interface can be provided such that the data does not enter or leave the interface in the clear. Such an interface exports private key operations of signing and decryption, and provides security and authentication for the digital asset server in licensing and publishing. During publishing, a client can encrypt asset keys such that only a specified entity can decrypt it, using a plug-in, for example, that implements the aforementioned interface.Type: ApplicationFiled: June 28, 2002Publication date: January 1, 2004Applicant: Microsoft CorporationInventors: Vinay Krishnaswamy, Attila Narin, Gregory Kostal, Vladimir Yarmolenko, Scott C. Cottrille