Patents by Inventor Niels T. Ferguson
Niels T. Ferguson has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10956321Abstract: A virtual secure mode is enabled for a virtual machine operating in a computing environment that is associated with a plurality of different trust levels. First, a virtual secure mode image is loaded into one or more memory pages of a virtual memory space of the virtual machine. Then, the one or more memory pages of the virtual memory space are made inaccessible to one or more trust levels having a relatively lower trust level than a launching trust level that is used by a virtual secure mode loader to load the virtual secure mode image. A target virtual trust level is also enabled on a launching virtual processor for the virtual machine that is higher than the launching trust level.Type: GrantFiled: January 6, 2019Date of Patent: March 23, 2021Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Niels T. Ferguson, Yevgeniy Anatolievich Samsonov, Kinshumann, Samartha Chandrashekar, John Anthony Messec, Mark Fishel Novak, Christopher McCarron, Amitabh Prakash Tamhane, Qiang Wang, David Matthew Kruse, Nir Ben-Zvi, Anders Bertil Vinberg
-
Patent number: 10615967Abstract: A computing device uses a data encryption and decryption system that includes a trusted runtime and an inline cryptographic processor. The trusted runtime provides a trusted execution environment, and the inline cryptographic processor provides decryption and encryption of data in-line with storage device read and write operations. When a portion (e.g., partition) of a storage device is defined, the trusted runtime generates an encryption key and provides the encryption key to the inline cryptographic processor, which uses the encryption key to encrypt data written to the portion and decrypt data read from the portion. Access to the portion can be subsequently protected by associating the key with authentication credentials of a user or other entity. The trusted runtime protects the encryption key based on an authentication key associated with the authentication credentials, allowing subsequent access to the encryption key only in response to the proper authentication credentials being provided.Type: GrantFiled: March 20, 2014Date of Patent: April 7, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Innokentiy Basmov, Magnus Bo Gustaf Nyström, Niels T. Ferguson, Alex M. Semenko
-
Patent number: 10419216Abstract: A keying infrastructure may generate and/or manage cryptographic keys. The cryptographic keys may include identity keys, encryption keys, and a variety of other types of keys. The cryptographic keys may be derived or created with a key derivation function (KDF) or other one-way function. The cryptographic keys may include keys that are accessible to a boot loader, keys that are accessible to particular components of a Trusted Execution Environment (TrEE), and so on. In some examples, a key may be derived from a preceding key in a sequence of keys. The preceding key may be deleted when the key is derived.Type: GrantFiled: March 14, 2017Date of Patent: September 17, 2019Assignee: Microsoft Technology Licensing, LLCInventors: Niels T. Ferguson, Magnus Bo Gustaf Nystrom, Dave M. McPherson, Paul England, Mark Fishel Novak
-
Publication number: 20190155728Abstract: A virtual secure mode is enabled for a virtual machine operating in a computing environment that is associated with a plurality of different trust levels. First, a virtual secure mode image is loaded into one or more memory pages of a virtual memory space of the virtual machine. Then, the one or more memory pages of the virtual memory space are made inaccessible to one or more trust levels having a relatively lower trust level than a launching trust level that is used by a virtual secure mode loader to load the virtual secure mode image. A target virtual trust level is also enabled on a launching virtual processor for the virtual machine that is higher than the launching trust level.Type: ApplicationFiled: January 6, 2019Publication date: May 23, 2019Inventors: Niels T. Ferguson, Yevgeniy Anatolievich Samsonov, Kinshumann, Samartha Chandrashekar, John Anthony Messec, Mark Fishel Novak, Christopher McCarron, Amitabh Prakash Tamhane, Qiang Wang, David Matthew Kruse, Nir Ben-Zvi, Anders Bertil Vinberg
-
Patent number: 10176095Abstract: A virtual secure mode is enabled for a virtual machine operating in a computing environment that is associated with a plurality of different trust levels. First, a virtual secure mode image is loaded into one or more memory pages of a virtual memory space of the virtual machine. Then, the one or more memory pages of the virtual memory space are made inaccessible to one or more trust levels having a relatively lower trust level than a launching trust level that is used by a virtual secure mode loader to load the virtual secure mode image. A target virtual trust level is also enabled on a launching virtual processor for the virtual machine that is higher than the launching trust level.Type: GrantFiled: August 22, 2016Date of Patent: January 8, 2019Assignee: Microsoft Technology Licensing, LLCInventors: Niels T. Ferguson, Yevgeniy Anatolievich Samsonov, Kinshumann, Samartha Chandrashekar, John Anthony Messec, Mark Fishel Novak, Christopher McCarron, Amitabh Prakash Tamhane, Qiang Wang, David Matthew Kruse, Nir Ben-Zvi, Anders Bertil Vinberg
-
Publication number: 20170187526Abstract: A keying infrastructure may generate and/or manage cryptographic keys. The cryptographic keys may include identity keys, encryption keys, and a variety of other types of keys. The cryptographic keys may be derived or created with a key derivation function (KDF) or other one-way function. The cryptographic keys may include keys that are accessible to a boot loader, keys that are accessible to particular components of a Trusted Execution Environment (TrEE), and so on. In some examples, a key may be derived from a preceding key in a sequence of keys. The preceding key may be deleted when the key is derived.Type: ApplicationFiled: March 14, 2017Publication date: June 29, 2017Inventors: Niels T. Ferguson, Magnus Bo Gustaf Nystrom, Dave M. McPherson, Paul England, Mark Fishel Novak
-
Patent number: 9652631Abstract: Managing encrypted datasets is illustrated. A method includes obtaining a first decryption key. The first decryption key is configured to be used to decrypt an encrypted dataset that has been encrypted using a first encryption mechanism. The first encryption mechanism is associated with the first decryption key that can be used to decrypt the dataset. The method further includes encrypting the first decryption key with a second encryption mechanism. The method further includes encrypting the first decryption key with a third encryption mechanism. The method further includes creating a package including at least the first decryption key encrypted with the second encryption method and the first decryption key encrypted with the third encryption method. The method further includes signing the package with a guardian signature and signing the package with a signature created from the first decryption key.Type: GrantFiled: September 9, 2014Date of Patent: May 16, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Mark Fishel Novak, Nir Ben-Zvi, Niels T. Ferguson
-
Patent number: 9633210Abstract: A keying infrastructure may generate and/or manage cryptographic keys. The cryptographic keys may include identity keys, encryption keys, and a variety of other types of keys. The cryptographic keys may be derived or created with a key derivation function (KDF) or other one-way function. The cryptographic keys may include keys that are accessible to a boot loader, keys that are accessible to particular components of a Trusted Execution Environment (TrEE), and so on. In some examples, a key may be derived from a preceding key in a sequence of keys. The preceding key may be deleted when the key is derived.Type: GrantFiled: March 31, 2014Date of Patent: April 25, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Niels T. Ferguson, Magnus Bo Gustaf Nystrom, Dave M. McPherson, Paul England, Mark Fishel Novak
-
Patent number: 9584317Abstract: During booting of a computing device, multiple security boundaries are generated. A security boundary refers to a manner of operation of a computing device or a portion of the computing device, with a program executing in one security boundary being prohibited from accessing data and programs in another security boundary. As part of booting the computing device measurements of (e.g., hash values or other identifications of) various modules loaded and executed as part of booting the computing device are maintained by a boot measurement system of the computing device. Additionally, as part of booting the computing device, a public/private key pair of one of the security boundaries is generated or otherwise obtained. The private key of the public/private key pair is provided to the one security boundary, and the public key of the public/private key pair is provided to the boot measurement system.Type: GrantFiled: February 4, 2015Date of Patent: February 28, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Kinshuman Kinshumann, Yevgeniy A. Samsonov, Niels T. Ferguson, Mark Fishel Novak
-
Patent number: 9578017Abstract: Deploying an encrypted entity on a trusted entity is illustrated herein. A method includes, at a trusted entity, wherein the trusted entity is trusted by an authority as a result of providing a verifiable indication of certain characteristics of the trusted entity meeting certain requirements, receiving an encrypted entity from an untrusted entity. The untrusted entity is not trusted by the authority. At the trusted entity, a trust credential from the authority is used to obtain a key from a key distribution service. The key distribution service is trusted by the authority. The key is used to decrypt the encrypted entity to allow the encrypted entity to be deployed at the trusted entity.Type: GrantFiled: October 1, 2014Date of Patent: February 21, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Niels T. Ferguson, Yevgeniy Anatolievich Samsonov, Kinshuman Kinshumann, Samartha Chandrashekar, John Anthony Messec, Mark Fishel Novak, Christopher McCarron, Amitabh Prakash Tamhane, Qiang Wang, David Matthew Kruse, Nir Ben-Zvi, Anders Bertil Vinberg
-
Publication number: 20160357988Abstract: A virtual secure mode is enabled for a virtual machine operating in a computing environment that is associated with a plurality of different trust levels. First, a virtual secure mode image is loaded into one or more memory pages of a virtual memory space of the virtual machine. Then, the one or more memory pages of the virtual memory space are made inaccessible to one or more trust levels having a relatively lower trust level than a launching trust level that is used by a virtual secure mode loader to load the virtual secure mode image. A target virtual trust level is also enabled on a launching virtual processor for the virtual machine that is higher than the launching trust level.Type: ApplicationFiled: August 22, 2016Publication date: December 8, 2016Inventors: Niels T. Ferguson, Yevgeniy Anatolievich Samsonov, Kinshuman Kinshumann, Samartha Chandrashekar, John Anthony Messec, Mark Fishel Novak, Christopher McCarron, Amitabh Prakash Tamhane, Qiang Wang, David Matthew Kruse, Nir Ben-Zvi, Anders Bertil Vinberg
-
Publication number: 20160105280Abstract: During booting of a computing device, multiple security boundaries are generated. A security boundary refers to a manner of operation of a computing device or a portion of the computing device, with a program executing in one security boundary being prohibited from accessing data and programs in another security boundary. As part of booting the computing device measurements of (e.g., hash values or other identifications of) various modules loaded and executed as part of booting the computing device are maintained by a boot measurement system of the computing device. Additionally, as part of booting the computing device, a public/private key pair of one of the security boundaries is generated or otherwise obtained. The private key of the public/private key pair is provided to the one security boundary, and the public key of the public/private key pair is provided to the boot measurement system.Type: ApplicationFiled: February 4, 2015Publication date: April 14, 2016Inventors: Kinshuman Kinshumann, Yevgeniy A. Samsonov, Niels T. Ferguson, Mark Fishel Novak
-
Publication number: 20150318986Abstract: Managing encrypted datasets is illustrated. A method includes obtaining a first decryption key. The first decryption key is configured to be used to decrypt an encrypted dataset that has been encrypted using a first encryption mechanism. The first encryption mechanism is associated with the first decryption key that can be used to decrypt the dataset. The method further includes encrypting the first decryption key with a second encryption mechanism. The method further includes encrypting the first decryption key with a third encryption mechanism. The method further includes creating a package including at least the first decryption key encrypted with the second encryption method and the first decryption key encrypted with the third encryption method. The method further includes signing the package with a guardian signature and signing the package with a signature created from the first decryption key.Type: ApplicationFiled: September 9, 2014Publication date: November 5, 2015Inventors: Mark Fishel Novak, Nir Ben-Zvi, Niels T. Ferguson
-
Publication number: 20150319160Abstract: Deploying an encrypted entity on a trusted entity is illustrated herein. A method includes, at a trusted entity, wherein the trusted entity is trusted by an authority as a result of providing a verifiable indication of certain characteristics of the trusted entity meeting certain requirements, receiving an encrypted entity from an untrusted entity. The untrusted entity is not trusted by the authority. At the trusted entity, a trust credential from the authority is used to obtain a key from a key distribution service. The key distribution service is trusted by the authority. The key is used to decrypt the encrypted entity to allow the encrypted entity to be deployed at the trusted entity.Type: ApplicationFiled: October 1, 2014Publication date: November 5, 2015Inventors: Niels T. Ferguson, Yevgeniy Anatolievich Samsonov, Kinshuman Kinshumann, Samartha Chandrashekar, John Anthony Messec, Mark Fishel Novak, Christopher McCarron, Amitabh Prakash Tamhane, Qiang Wang, David Matthew Kruse, Nir Ben-Zvi, Anders Bertil Vinberg
-
Publication number: 20150270956Abstract: A computing device uses a data encryption and decryption system that includes a trusted runtime and an inline cryptographic processor. The trusted runtime provides a trusted execution environment, and the inline cryptographic processor provides decryption and encryption of data in-line with storage device read and write operations. When a portion (e.g., partition) of a storage device is defined, the trusted runtime generates an encryption key and provides the encryption key to the inline cryptographic processor, which uses the encryption key to encrypt data written to the portion and decrypt data read from the portion. Access to the portion can be subsequently protected by associating the key with authentication credentials of a user or other entity. The trusted runtime protects the encryption key based on an authentication key associated with the authentication credentials, allowing subsequent access to the encryption key only in response to the proper authentication credentials being provided.Type: ApplicationFiled: March 20, 2014Publication date: September 24, 2015Applicant: Microsoft CorporationInventors: Innokentiy Basmov, Magnus Bo Gustaf Nyström, Niels T. Ferguson, Alex M. Semenko
-
Patent number: 9058497Abstract: Cryptographic key management techniques are described. In one or more implementations, an access control rule is read that includes a Boolean expression having a plurality of atoms. The cryptographic keys that corresponds each of the plurality of atoms in the access control rule are requested. One or more cryptographic operations are then performed on data using one or more of the cryptographic keys.Type: GrantFiled: December 23, 2010Date of Patent: June 16, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Vijay G. Bharadwaj, Niels T Ferguson, Carl M. Ellison, Magnus Bo Gustaf Nyström, Dayi Zhou, Denis Issoupov, Octavian T. Ureche, Peter J. Novotney, Cristian M. Ilac
-
Publication number: 20150078550Abstract: A security processing unit is configured to manage cryptographic keys. In some instances, the security processing unit may comprise a co-processing unit that includes memory, one or more processors, and other components to perform operations in a secure environment. A component that is external to the security processing unit may communicate with the security processing unit to generate a cryptographic key, manage access to a cryptographic key, encrypt/decrypt data with a cryptographic key, or otherwise utilize a cryptographic key. The external component may comprise a central processing unit, an application, and/or any other hardware or software component that is located outside the security processing unit.Type: ApplicationFiled: March 31, 2014Publication date: March 19, 2015Applicant: Microsoft CorporationInventors: Niels T. Ferguson, Dave M. McPherson, Mark Fishel Novak, Paul England
-
Publication number: 20150082048Abstract: A keying infrastructure may generate and/or manage cryptographic keys. The cryptographic keys may include identity keys, encryption keys, and a variety of other types of keys. The cryptographic keys may be derived or created with a key derivation function (KDF) or other one-way function. The cryptographic keys may include keys that are accessible to a boot loader, keys that are accessible to particular components of a Trusted Execution Environment (TrEE), and so on. In some examples, a key may be derived from a preceding key in a sequence of keys. The preceding key may be deleted when the key is derived.Type: ApplicationFiled: March 31, 2014Publication date: March 19, 2015Applicant: MICROSOFT CORPORATIONInventors: Niels T. Ferguson, Magnus Bo Gustaf Nystrom, Dave M. McPherson, Paul England, Mark Fishel Novak
-
Patent number: 8885833Abstract: A key recovery request for a device is received at a key recovery service and a particular one-time recovery credential in a sequence of multiple one-time recovery credentials is identified. In the sequence of multiple one-time recovery credentials, previous one-time recovery credentials in the sequence are indeterminable given subsequent one-time recovery credentials in the sequence. A recovery key associated with the device is also identified. The particular one-time recovery credential in the sequence is generated based on the recovery key, and is returned in response to the key recovery request. The particular one-time recovery credential can then be used by the device to decrypt encrypted data stored on a storage media of the device.Type: GrantFiled: April 11, 2011Date of Patent: November 11, 2014Assignee: Microsoft CorporationInventors: Benjamin E. Nick, Magnus Bo Gustaf Nyström, Cristian M. Ilac, Niels T. Ferguson, Nils Dussart
-
Patent number: 8875258Abstract: This document describes tools that constrain a login to a subset of access rights. In one embodiment, the tools generate a constrained password by executing a cryptographic algorithm on a user ID, general password, and one or more desired constraints. The constrained password is used in place of the general password to gain access rights that are a subset of the access rights that would be granted if the general password were used instead.Type: GrantFiled: February 18, 2013Date of Patent: October 28, 2014Assignee: Microsoft CorporationInventors: John R. Michener, Niels T. Ferguson, Carl M. Ellison, Josh D. Benaloh, Brian A. LaMacchia