Patents by Inventor Roberto A Franco
Roberto A Franco has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20100211773Abstract: Described herein is a technique of protecting users against certain types of Internet attacks. The technique involves obtaining certificates from visited web sites and qualifying communications with those web sites based on the content of the certificates.Type: ApplicationFiled: May 3, 2010Publication date: August 19, 2010Applicant: Microsoft CorporationInventors: Eric M. Lawrence, Roberto A. Franco, Venkatraman V. Kudallur, Marc A. Silbey
-
Patent number: 7725930Abstract: Described herein is a technique of protecting users against certain types of Internet attacks. The technique involves obtaining certificates from visited web sites and qualifying communications with those web sites based on the content of the certificates.Type: GrantFiled: March 30, 2005Date of Patent: May 25, 2010Assignee: Microsoft CorporationInventors: Eric M Lawrence, Roberto A. Franco, Venkatraman V Kudallur, Marc A Silbey
-
Publication number: 20100107251Abstract: A model restricts un-trusted data/objects from running on a user's machine without permission. The data is received by a protocol layer that reports a MIME type associated with the DATA, and caches the data and related cache file name (CFN). A MIME sniffer is arranged to identify a sniffed MIME type based on the cached data, the CFN, and the reported MIME type. Reconciliation logic evaluates the sniffed MIME type and the CFN to determine a reconciled MIME type, and to update the CFN. A class ID sniffer evaluates the updated CFN, the cached data, and the reconciled MIME type to determine an appropriate class ID. Security logic evaluates the updated CFN, the reported class ID, and other related system parameters to build a security matrix. Parameters from the security matrix are used to intercept data/objects before an un-trusted data/object can create a security breach on the machine.Type: ApplicationFiled: January 11, 2010Publication date: April 29, 2010Inventors: Venkatraman V. Kudallur, Shankar Ganesh, Roberto A. Franco, Vishu Gupta, John G. Bedworth
-
Publication number: 20100037303Abstract: In one implementation, form field(s) of a form of a website or application are populated with data obtained using a digital identity, and the populated form field(s) are submitted to the website or application. A form field specification specifying information about the form fields of the form is obtained. A user selects or creates a digital identity. Data is obtained using the digital identity, and the data is used to provide values to the form. The data is submitted to the website or application. In another implementation, a username and password are automatically generated. The username and password that are generated meet parameters that may be specified by the website or application. The username and password are submitted to the website or application for a purpose such as registration or authentication, and stored away for future authentication.Type: ApplicationFiled: August 8, 2008Publication date: February 11, 2010Applicant: Microsoft CorporationInventors: Tariq Sharif, Arun K. Nanda, Roberto A. Franco, Richard Randall
-
Patent number: 7660999Abstract: A model restricts un-trusted data/objects from running on a user's machine without permission. The data is received by a protocol layer that reports a MIME type associated with the DATA, and caches the data and related cache file name (CFN). A MIME sniffer is arranged to identify a sniffed MIME type based on the cached data, the CFN, and the reported MIME type. Reconciliation logic evaluates the sniffed MIME type and the CFN to determine a reconciled MIME type, and to update the CFN. A class ID sniffer evaluates the updated CFN, the cached data, and the reconciled MIME type to determine an appropriate class ID. Security logic evaluates the updated CFN, the reported class ID, and other related system parameters to build a security matrix. Parameters from the security matrix are used to intercept data/objects before an un-trusted data/object can create a security breach on the machine.Type: GrantFiled: June 22, 2004Date of Patent: February 9, 2010Assignee: Microsoft CorporationInventors: Venkatraman V. Kudallur, Shankar Ganesh, Roberto A. Franco, Vishu Gupta, John G. Bedworth
-
Patent number: 7571459Abstract: A method and system for determining whether to allow a network browser action when a transition occurs between security zones as a result of the action is provided. Gaining access to a local machine zone may be a goal for unauthorized entities attempting to improperly access a user's content. The present invention therefore may be initiated to block transitions from the security zones with stricter security restrictions to zones with less security restrictions. In addition, a selected alternative may be commenced depending on the relative weight of the security zones involved the zone transition. Depending on the relative weight of security zones, the transition between zones may be allowed, prevented, or the user may be prompted to decide whether to allow or prevent the action that results in the zone transition.Type: GrantFiled: April 30, 2004Date of Patent: August 4, 2009Assignee: Microsoft CorporationInventors: Shankar Ganesh, Roberto A. Franco, Kurt James Schmucker
-
Publication number: 20080235536Abstract: The present invention improves the stability of a Web browser by identifying plug-in modules that cause failures. Data in memory at the time of a failure is analyzed, and a failure signature is generated. The failure signature is compared to a database of known failure signatures so that the source of the failure may be identified. If a plug-in module to a Web browser is identified as the source of a failure, options are presented to the user who may update the plug-in module with code that does not produce a failure or disable the plug-in module altogether.Type: ApplicationFiled: June 4, 2008Publication date: September 25, 2008Applicant: MICROSOFT CORPORATIONInventors: Joseph E. Benedek, Roberto A. Franco, Quji Guo, J. Craig Hally, Reid T. Holmes, Roman Pamucci, Edward J. Praitis, Christopher T. Sager, Brian D. Wentz
-
Patent number: 7398433Abstract: The present invention improves the stability of a Web browser by identifying plug-in modules that cause failures. Data in memory at the time of a failure is analyzed and a failure signature is generated. The failure signature is compared to a database of known failure signatures so that the source of the failure may be identified. If a plug-in module to a Web browser is identified as the source of a failure, options are presented to the user who may update the plug-in module with code that does not produce a failure or disable the plug-in module altogether.Type: GrantFiled: March 31, 2004Date of Patent: July 8, 2008Assignee: Microsoft CorporationInventors: Joseph E Benedek, Roberto A Franco, Quji Guo, J Craig Hally, Reid T Holmes, Roman Pamucci, Edward J Praitis, Christopher T Sager, Brian D Wentz
-
Patent number: 7373505Abstract: The present invention provides a method and system for providing a security element that is directed at inhibiting malicious activity by displaying a browser window in such a way that the user can trust and know the source of the window. Additional information and ornamentation is displayed on the window to help ensure that an end user is not confused or misled (“spoofed”) into believing that the window originates from a trusted source. When a call is made to open a browser window, the status bar is displayed by default. The status bar provides additional information, such as the security zone, to the user to help the user in determining the source of the content. The security zone informs the user the location from where the content is originating. This additional information helps to ensure that the user has the necessary information on whether or not to trust the source.Type: GrantFiled: April 15, 2004Date of Patent: May 13, 2008Assignee: Microsoft CorporationInventors: Ann Seltzer, Steve Dirickson, Roland Tokumi, Roberto A. Franco
-
Patent number: 7321988Abstract: The present invention is generally directed to improving the stability of computing devices by identifying plug-in modules and other programs that cause failures. More specifically, the present invention provides a method that traces program execution from an instruction that ultimately generated a failure to a code library that caused the failure generating instruction to be executed. The method traces execution of the computing device by obtaining the contents of memory at the time of the failure and traversing the stack data structure that stores data items necessary to execute function calls.Type: GrantFiled: June 30, 2004Date of Patent: January 22, 2008Assignee: Microsoft CorporationInventors: Quji Guo, Roberto A Franco, Edward J Praitis, Li-Hsin Huang, Jingyang Xu, Brian D Wentz, Julian Jiggins, Venkatavaradhan Panchapagesan
-
Publication number: 20070294256Abstract: An integrated program lookup browser provides an integrated system with an online program lookup web service that assists the user in finding these unrecognized files, protocols and web page objects by allowing the user to perform a program lookup on a web service that can search one or more databases and return the URL to download the appropriate application or protocol or return the actual program or protocol.Type: ApplicationFiled: June 16, 2006Publication date: December 20, 2007Applicant: Microsoft CorporationInventors: Linda W. Averett, Tariq Sharif, Roberto A. Franco, Anthony T. Chor, Vishu Gupta, Venkatraman V. Kudallur, Joseph T. Farro
-
Publication number: 20070131865Abstract: Security identifiers are analyzed to mitigate the use of misleading characters. In some embodiments, a language-based character set determination is utilized and looks for characters that are different from those that a user and/or the user's system would expect to see.Type: ApplicationFiled: November 21, 2005Publication date: June 14, 2007Applicant: Microsoft CorporationInventors: Eric Lawrence, Venkatraman Kudallur, Roberto Franco, Anthony Chor, Michel Suignard, James Fox, Vishu Gupta
-
Publication number: 20070107054Abstract: Various embodiments provide protection against web resources associated with one or more undesirable activities. In at least some embodiments, a method detects and responds to a user-initiated activity on a computing device. Responding can include, by way of example and not limitation, checking locally, on the computing device, whether a web resource that is associated with the user-initiated activity has been identified as being associated with a safe site. Furthermore, in at least some embodiments, the method checks remotely, away from the computing device, whether the web resource is identified as being at least possibly associated with one or more undesirable activities.Type: ApplicationFiled: November 10, 2005Publication date: May 10, 2007Applicant: Microsoft CorporationInventors: Aaron Averbuch, Manav Mishra, Roberto Franco, Tariq Sharif
-
Publication number: 20070016954Abstract: Tools are described that notify a user of a security risk in a network browser. The tools can determine that a security setting of a network browser poses a security risk and notify the user of this risk. In some situations the tools also enable a user to reduce the security risk with a single user action. This single user action can alter one or multiple security settings responsible for the security risk.Type: ApplicationFiled: July 7, 2005Publication date: January 18, 2007Applicant: Microsoft CorporationInventors: Wayne Choi, Sean Lyndersay, Roberto Franco
-
Publication number: 20060277218Abstract: In various embodiments, applications that are configured to interact with the Internet in some way are executed in a restricted process with a reduced privilege level that can prohibit the application from accessing portions of an associated computing device. For example, in some embodiments, the restricted process can prohibit applications from read and write access to portions of a system's computer-readable media, such as the hard disk, that contains administrative data and settings information and user data and settings. In these embodiments, a special portion of the disk, termed a “containment zone”, is designated and used by applications in this restricted process.Type: ApplicationFiled: June 3, 2005Publication date: December 7, 2006Applicant: Microsoft CorporationInventors: Roberto Franco, Anantha Ganjam, John Bedworth, Peter Brundrett, Roland Tokumi
-
Publication number: 20060277311Abstract: In various embodiments, applications that are configured to interact with the Internet in some way are executed in a restricted process with a reduced privilege level that can prohibit the application from accessing portions of an associated computing device. For example, in some embodiments, the restricted process can prohibit applications from read and write access to portions of a system's computer-readable media, such as the hard disk, that contains administrative data and settings information and user data and settings. In these embodiments, a special portion of the disk, termed a “containment zone”, is designated and used by applications in this restricted process.Type: ApplicationFiled: October 28, 2005Publication date: December 7, 2006Applicant: Microsoft CorporationInventors: Roberto Franco, Anantha Ganjam, John Bedworth, Peter Brundrett, Roland Tokumi, Jeremiah Epling, Daniel Sie, Jianrong Gu, Marc Sibley, Vidya Nallathimmayyagari, Bogdan Tepordei
-
Publication number: 20060230272Abstract: Described herein is a technique of protecting users against certain types of Internet attacks. The technique involves obtaining certificates from visited web sites and qualifying communications with those web sites based on the content of the certificates.Type: ApplicationFiled: March 30, 2005Publication date: October 12, 2006Applicant: Microsoft CorporationInventors: Eric Lawrence, Roberto Franco, Venkatraman Kudallur, Marc Silbey
-
Publication number: 20060070008Abstract: A method and system for preservation of browser window integrity is disclosed. The position and size of script-created windows is adjusted as necessary to preserve critical data on the computer screen prior to rendering those windows. Popup windows are similarly adjusted so that window integrity is preserved. Popup window size is adjusted to be smaller than the vertical size of the popup's parent window. Popup window position is modified so that popups do not extend above the top, or below the bottom, of their parent window. Finally, the popup position in the z dimension is adjusted so that the popup appears immediately above its parent window.Type: ApplicationFiled: September 29, 2004Publication date: March 30, 2006Applicant: Microsoft CorporationInventors: Aaron Sauve, Ann Seltzer, Robert Dirickson, Roberto Franco, Jeff Davis, Roland Tokumi, John Bedworth
-
Publication number: 20060010241Abstract: A model restricts un-trusted data/objects from running on a user's machine without permission. The data is received by a protocol layer that reports a MIME type associated with the DATA, and caches the data and related cache file name (CFN). A MIME sniffer is arranged to identify a sniffed MIME type based on the cached data, the CFN, and the reported MIME type. Reconciliation logic evaluates the sniffed MIME type and the CFN to determine a reconciled MIME type, and to update the CFN. A class ID sniffer evaluates the updated CFN, the cached data, and the reconciled MIME type to determine an appropriate class ID. Security logic evaluates the updated CFN, the reported class ID, and other related system parameters to build a security matrix. Parameters from the security matrix are used to intercept data/objects before an un-trusted data/object can create a security breach on the machine.Type: ApplicationFiled: June 22, 2004Publication date: January 12, 2006Applicant: Microsoft CorporationInventors: Venkatraman Kudallur, Shankar Ganesh, Roberto Franco, Vishu Gupta, John Bedworth
-
Publication number: 20060005078Abstract: The present invention is generally directed to improving the stability of computing devices by identifying plug-in modules and other programs that cause failures. More specifically, the present invention provides a method that traces program execution from an instruction that ultimately generated a failure to a code library that caused the failure generating instruction to be executed. The method traces execution of the computing device by obtaining the contents of memory at the time of the failure and traversing the stack data structure that stores data items necessary to execute function calls.Type: ApplicationFiled: June 30, 2004Publication date: January 5, 2006Applicant: Microsoft CorporationInventors: Quji Guo, Roberto Franco, Edward Praitis, Li-Hsin Huang, Jingyang Xu, Brian Wentz, Julian Jiggins, Venkatavaradhan Panchapagesan