Patents by Inventor Nicholas Stamos
Nicholas Stamos has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9659184Abstract: In the approaches described herein, a data file storage service may control access to file system objects using corresponding “personal” or organization-related “work” identity information which may include encryption keys or passwords. To assist the user with identifying respective file system objects, the user is presented with a corresponding graphical user interface (GUI) which displays a corresponding personal or work identity icon next to a visual rendering of the file system objects. Keys that control access to work identity files and folders are purged from a local key store as soon as user authorization changes are detected. In this way, even a user who originated a data file will not be able to decrypt files stored in a folder shared using a work identity once that identity is canceled by the organization, while at the same time, the user's access to their personal files may continue.Type: GrantFiled: April 17, 2015Date of Patent: May 23, 2017Assignee: nCrypted Cloud LLCInventors: Igor Odnovorov, Nicholas Stamos
-
Publication number: 20150278541Abstract: In the approaches described herein, a data file storage service may control access to file system objects using corresponding “personal” or organization-related “work” identity information which may include encryption keys or passwords. To assist the user with identifying respective file system objects, the user is presented with a corresponding graphical user interface (GUI) which displays a corresponding personal or work identity icon next to a visual rendering of the file system objects. Keys that control access to work identity files and folders are purged from a local key store as soon as user authorization changes are detected. In this way, even a user who originated a data file will not be able to decrypt files stored in a folder shared using a work identity once that identity is canceled by the organization, while at the same time, the user's access to their personal files may continue.Type: ApplicationFiled: April 17, 2015Publication date: October 1, 2015Inventors: Igor Odnovorov, Nicholas Stamos
-
Patent number: 9053342Abstract: Techniques for controlling access to shared data files such as stored in a collaborative file sharing service. Organizations want to have access to data originated by their employees and want that access to continue even when the employees leave the company. Also, organizations do not want former employees to have access to the company's files. A file storage service uses an Organization's recovery key while creating a recovery record for a file (which may be stored in a folder), and protected using a Work identity. The individual person who originally creates a file and/or shares a folder securely with others is considered the folder's owner as long as he is part of the same Organization. User's identities are validated upon access. The keys are also purged from a local key store as soon as identity changes are detected. In this way, the folder owner will not be able to decrypt files stored in a folder shared using a Work identity if the identity is canceled by the Organization.Type: GrantFiled: June 9, 2014Date of Patent: June 9, 2015Assignee: nCrypted Cloud, LLCInventors: Igor Odnovorov, Nicholas Stamos
-
Patent number: 9053341Abstract: Techniques for controlling access to shared data files such as stored in a collaborative file sharing service. Organizations want to have access to data originated by their employees and want that access to continue even when the employees leave the company. Also, organizations do not want former employees to have access to the company's files. A file storage service uses an Organization's recovery key while creating a recovery record for a file (which may be stored in a folder), and protected using a Work identity. The individual person who originally creates a file and/or shares a folder securely with others is considered the folder's owner as long as he is part of the same Organization. User's identities are validated upon access. The keys are also purged from a local key store as soon as identity changes are detected. In this way, the folder owner will not be able to decrypt files stored in a folder shared using a Work identity if the identity is canceled by the Organization.Type: GrantFiled: March 13, 2014Date of Patent: June 9, 2015Assignee: nCrypted Cloud LLCInventors: Igor Odnovorov, Nicholas Stamos
-
Patent number: 9015858Abstract: Seamless, secure, private, collaborative file synchronization across trust boundaries, typically as a companion to a store and sync file service. Information needed to recover a file is stored within the file itself, without giving away secret data. User specific personal keys are preferably only stored on the users' device(s). A unique ID is also created for each protected file; a password is generated that depends on (a) a key value that can either be (i) the user's personal key in the case of a file that is to be private or (ii) a shared key in the case of a file that is to be shared with other users, and (b) the unique file ID. The password is then encrypted using a recovery key and also stored in the file itself. The file is secured using a format that supports password-based content encryption.Type: GrantFiled: September 16, 2013Date of Patent: April 21, 2015Assignee: nCrypted Cloud LLCInventors: Nicholas Stamos, Igor Odnovorov
-
Publication number: 20140317145Abstract: Techniques for controlling access to shared data files such as stored in a collaborative file sharing service. Organizations want to have access to data originated by their employees and want that access to continue even when the employees leave the company. Also, organizations do not want former employees to have access to the company's files. A file storage service uses an Organization's recovery key while creating a recovery record for a file (which may be stored in a folder), and protected using a Work identity. The individual person who originally creates a file and/or shares a folder securely with others is considered the folder's owner as long as he is part of the same Organization. User's identities are validated upon access. The keys are also purged from a local key store as soon as identity changes are detected. In this way, the folder owner will not be able to decrypt files stored in a folder shared using a Work identity if the identity is canceled by the Organization.Type: ApplicationFiled: June 9, 2014Publication date: October 23, 2014Inventors: Igor Odnovorov, Nicholas Stamos
-
Publication number: 20140304835Abstract: Techniques for controlling access to shared data files such as stored in a collaborative file sharing service. Organizations want to have access to data originated by their employees and want that access to continue even when the employees leave the company. Also, organizations do not want former employees to have access to the company's files. A file storage service uses an Organization's recovery key while creating a recovery record for a file (which may be stored in a folder), and protected using a Work identity. The individual person who originally creates a file and/or shares a folder securely with others is considered the folder's owner as long as he is part of the same Organization. User's identities are validated upon access. The keys are also purged from a local key store as soon as identity changes are detected. In this way, the folder owner will not be able to decrypt files stored in a folder shared using a Work identity if the identity is canceled by the Organization.Type: ApplicationFiled: March 13, 2014Publication date: October 9, 2014Applicant: nCrypted Cloud LLCInventors: Igor Odnovorov, Nicholas Stamos
-
Publication number: 20140157435Abstract: Seamless, secure, private, collaborative file synchronization across trust boundaries, typically as a companion to a store and sync file service. Information needed to recover a file is stored within the file itself, without giving away secret data. User specific personal keys are preferably only stored on the users' device(s). A unique ID is also created for each protected file; a password is generated that depends on (a) a key value that can either be (i) the user's personal key in the case of a file that is to be private or (ii) a shared key in the case of a file that is to be shared with other users, and (b) the unique file ID. The password is then encrypted using a recovery key and also stored in the file itself. The file is secured using a format that supports password-based content encryption.Type: ApplicationFiled: September 16, 2013Publication date: June 5, 2014Applicant: nCrypted Cloud LLCInventors: Nicholas Stamos, Igor Odnovorov
-
Patent number: 8572757Abstract: Seamless, secure, private, collaborative file synchronization across trust boundaries, typically as a companion to a store and sync file service. Information needed to recover a file is stored within the file itself, without giving away secret data. User specific personal keys are preferably only stored on the users' device(s). A unique ID is also created for each protected file; a password is generated that depends on (a) a key value that can either be (i) the user's personal key in the case of a file that is to be private or (ii) a shared key in the case of a file that is to be shared with other users, and (b) the unique file ID. The password is then encrypted using a recovery key and also stored in the file itself. The file is secured using a format that supports password-based content encryption.Type: GrantFiled: January 16, 2013Date of Patent: October 29, 2013Assignee: nCrypted Cloud LLCInventors: Nicholas Stamos, Igor Odnovorov
-
Patent number: 7934091Abstract: A technique for establishing a perimeter of accountability for usage of digital assets such as data files. The accountability model not only tracks authorized users' access to files, but monitors passage of such files to uncontrollable removable storage media or through network connections and the like which may indicate possible abuse of access. In accordance with a preferred embodiment, an autonomous independent agent process running at a point of use, such as in the background of a client operating system kernel, interrupts requests for access to resources. The agent process senses low level system events, filters, aggregates them, and makes reports to a journaling server. The journaling server analyzes sequences of low level events to detect when aggregate events of interest occur, such as “FileEdit”, network file transfers and the like. Reports can be generated to provide an understanding of how digital assets have been accessed, used or communicated by individuals in an enterprise.Type: GrantFiled: December 9, 2008Date of Patent: April 26, 2011Assignee: Verdasys, Inc.Inventors: Nicholas Stamos, Seth N. Birnbaum, Tomas Revesz, Jr., Donato Buccella, Keith A. MacDonald, Dwayne A. Carson, William E. Fletcher
-
Patent number: 7825630Abstract: The technology described herein provides a stand-alone intelligent battery charger and intelligent conditioner for use with a high-voltage battery, such as those used in hybrid automotive vehicles. Additionally, in various exemplary embodiments, this technology provides a system and method for validating the capacity of a high voltage battery. Other comparable uses are also contemplated herein, as will be obvious to those of ordinary skill in the art.Type: GrantFiled: May 10, 2010Date of Patent: November 2, 2010Assignees: Chrysler Group LLC, Daimler AGInventors: Euthemios Nicholas Stamos, Tobias Glossmann, Christopher Richard Koziara
-
Patent number: 7814021Abstract: A technique for establishing usage control over digital assets such as computer files. The system model not only tracks authorized users' access to files, but monitors passage of such files to uncontrollable removable storage media or through network connections and the like which may indicate possible abuse of access rights. In accordance with a preferred embodiment, an autonomous independent agent process running at a point of use, such a background process in a client operating system kernel, interrupts requests for access to resources. The agent process senses low level system events, filters, and aggregates them. A policy engine analyzes sequences of aggregate events to determine when policy violations occur.Type: GrantFiled: November 12, 2003Date of Patent: October 12, 2010Assignee: Verdasys, Inc.Inventors: Nicholas Stamos, Seth N. Birnbaum, Tomas Revesz, Jr., Donato Buccella, Keith A. MacDonald, Dwayne A. Carson, William E. Fletcher
-
Publication number: 20100214108Abstract: The technology described herein provides a stand-alone intelligent battery charger and intelligent conditioner for use with a high-voltage battery, such as those used in hybrid automotive vehicles. Additionally, in various exemplary embodiments, this technology provides a system and method for validating the capacity of a high voltage battery. Other comparable uses are also contemplated herein, as will be obvious to those of ordinary skill in the art.Type: ApplicationFiled: May 10, 2010Publication date: August 26, 2010Inventors: Euthemios Nicholas Stamos, Tobias Glossmann, Christopher Richard Koziara
-
Patent number: 7714541Abstract: The technology described herein provides a stand-alone intelligent battery charger and intelligent conditioner for use with a high-voltage battery, such as those used in hybrid automotive vehicles. Additionally, in various exemplary embodiments, this technology provides a system and method for validating the capacity of a high voltage battery. Other comparable uses are also contemplated herein, as will be obvious to those of ordinary skill in the art.Type: GrantFiled: June 28, 2007Date of Patent: May 11, 2010Assignees: Chrysler Group LLC, Daimler AGInventors: Euthemios Nicholas Stamos, Tobias Glossmann, Christopher Richard Koziara
-
Publication number: 20090198765Abstract: A technique for establishing a perimeter of accountability for usage of digital assets such as data files. The accountability model not only tracks authorized users' access to files, but monitors passage of such files to uncontrollable removable storage media or through network connections and the like which may indicate possible abuse of access. In accordance with a preferred embodiment, an autonomous independent agent process running at a point of use, such as in the background of a client operating system kernel, interrupts requests for access to resources. The agent process senses low level system events, filters, aggregates them, and makes reports to a journaling server. The journaling server analyzes sequences of low level events to detect when aggregate events of interest occur, such as “FileEdit”, network file transfers and the like. Reports can be generated to provide an understanding of how digital assets have been accessed, used or communicated by individuals in an enterprise.Type: ApplicationFiled: December 9, 2008Publication date: August 6, 2009Applicant: Verdasys, Inc.Inventors: Nicholas Stamos, Seth N. Birnbaum, Tomas Revesz, JR., Donato Buccella, Keith A. MacDonald, Dwayne A. Carson, William E. Fletcher
-
Patent number: 7496575Abstract: A data processing application logging, recording, and reporting process and infrastructure. Compliance with regulatory directives such as HIPAA, internal organizational and corporate, personal information privacy, and other security policies can thus be enforced without the need to recode legacy application software. In one preferred embodiment, a core agent process provides “listener” functionality that captures user input events, such as keyboard and mouse interactions, between a user and a legacy application of interest. The agent obtains instructions for how to deal with such events, accessing information that describes the application's behavior as already captured by an application profiler tool. Keyboard and mouse data entry sequences, screen controls and fields of interest are tagged during application profiling process. This data is stored in application profile developed for each mode of a legacy application.Type: GrantFiled: November 22, 2004Date of Patent: February 24, 2009Assignee: Verdasys, Inc.Inventors: Donato Buccella, Seth N. Birnbaum, Nicholas Stamos, Leonard F. Halio, Dwayne Carson, Luis M. Fernandes
-
Publication number: 20090001927Abstract: The technology described herein provides a stand-alone intelligent battery charger and intelligent conditioner for use with a high-voltage battery, such as those used in hybrid automotive vehicles. Additionally, in various exemplary embodiments, this technology provides a system and method for validating the capacity of a high voltage battery. Other comparable uses are also contemplated herein, as will be obvious to those of ordinary skill in the art.Type: ApplicationFiled: June 28, 2007Publication date: January 1, 2009Inventors: Euthemios Nicholas Stamos, Tobias Glossmann, Christopher Richard Koziara
-
Patent number: 7472272Abstract: A technique for establishing a perimeter of accountability for usage of digital assets such as data files. The accountability model not only tracks authorized users' access to files, but monitors passage of such files to uncontrollable removable storage media or through network connections and the like which may indicate possible abuse of access. In accordance with a preferred embodiment, an autonomous independent agent process running at a point of use, such as in the background of a client operating system kernel, interrupts requests for access to resources. The agent process senses low level system events, filters, aggregates them, and makes reports to a journaling server. The journaling server analyzes sequences of low level events to detect when aggregate events of interest occur, such as “FileEdit”, network file transfers and the like. Reports can be generated to provide an understanding of how digital assets have been accessed, used or communicated by individuals in an enterprise.Type: GrantFiled: November 18, 2003Date of Patent: December 30, 2008Assignee: Verdasys, Inc.Inventors: Nicholas Stamos, Seth N. Birnbaum, Tomas Revesz, Jr., Donato Buccella, Keith A. MacDonald, Dwayne A. Carson, William E. Fletcher
-
Patent number: 7409547Abstract: A technique for adaptive encryption of digital assets such as computer files. The system model monitors passage of files to uncontrollable removable storage media or through network connections and the like which may indicate possible abuse of access rights. In accordance with a preferred embodiment, an autonomous independent agent process running at a point of use, such a background process in a client operating system kernel, interrupts requests for access to resources. The agent process senses low level system events, filters, and aggregates them. A policy engine analyzes sequences of aggregate events to determine when to apply encryption.Type: GrantFiled: August 28, 2006Date of Patent: August 5, 2008Assignee: Verdasys, Inc.Inventors: Nicholas Stamos, Donato Buccella, Dwayne A. Carson
-
Publication number: 20080184358Abstract: A trusted transaction architecture that provides security from a client side input device to a merchant server by installing a secure custom browser process on the client side computer via an ActiveX control or the equivalent. This Secure Browser Process (SBP) may then be inspected to ensure that no external codes exist in its application space, that no subsequently loaded Dynamic Link Library (DLL), or equivalent, has been tampered with or modified, that no Application Programming Interface (API) has been overwritten or redirected, and that no input device driver has been hooked by a digital signature. The SBP then creates a secure channel to the input device(s) that are used to enter data into the browser application, and creates a secure channel to the merchant's destination server to ensure that data cannot be intercepted, even on the client side computer.Type: ApplicationFiled: January 25, 2008Publication date: July 31, 2008Inventors: Nicholas Stamos, Dwayne A. Carson, John Paglierani