Patents by Inventor Todd L. Carpenter
Todd L. Carpenter has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11057218Abstract: A token or other storage device uses Internet identities to set file access attribute rights. Subsequently, requests to access a file can be controlled by confirming the Internet identity of the requestor by either validating the request with a known public key or retrieving the public key from an Internet identity provider. Files may be stored encrypted and may be re-encrypted with the public key associated with Internet identity making the request.Type: GrantFiled: April 3, 2019Date of Patent: July 6, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Todd L. Carpenter, David Steeves, David Abzarian
-
Publication number: 20190312865Abstract: Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.Type: ApplicationFiled: June 20, 2019Publication date: October 10, 2019Inventors: David J. STEEVES, Kim CAMERON, Todd L. CARPENTER, David FOSTER, Quentin S. MILLER
-
Patent number: 10389712Abstract: Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.Type: GrantFiled: March 29, 2017Date of Patent: August 20, 2019Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller
-
Publication number: 20190238341Abstract: A token or other storage device uses Internet identities to set file access attribute rights. Subsequently, requests to access a file can be controlled by confirming the Internet identity of the requestor by either validating the request with a known public key or retrieving the public key from an Internet identity provider. Files may be stored encrypted and may be re-encrypted with the public key associated with Internet identity making the request.Type: ApplicationFiled: April 3, 2019Publication date: August 1, 2019Inventors: Todd L. CARPENTER, David Steeves, David Abzarian
-
Patent number: 9904912Abstract: Technology is described for protecting transactions. The technology may include a switching component that a user can employ to switch an associated mobile device into a secure mode so that a user can confirm the transaction. After initiating a transaction request, the user can confirm the transaction request by activating the switching component, which can cause the mobile device to switch into a secure mode. In the secure mode, the mobile device may prevent the mobile device from conducting various normal activities, such as executing applications, receiving input, providing output, and so forth. The switching component may disable other processing temporarily. Upon receiving the confirmation from the user, the switching component may send a confirmation communication to complete the transaction.Type: GrantFiled: June 3, 2015Date of Patent: February 27, 2018Assignee: Microsoft Technology Licensing, LLCInventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller, Gregory D. Hartrell
-
Publication number: 20170208061Abstract: Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.Type: ApplicationFiled: March 29, 2017Publication date: July 20, 2017Inventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller
-
Patent number: 9641502Abstract: Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.Type: GrantFiled: September 25, 2014Date of Patent: May 2, 2017Assignee: Microsoft Technology Licensing, LLCInventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller
-
Patent number: 9542337Abstract: Described is a technology by which a transient storage device or secure execution environment-based (e.g., including an embedded processor) device validates a host computer system. The device compares hashes of host system data against valid hashes maintained in protected storage of the device. The host data may be a file, data block, and/or memory contents. The device takes action when the host system data does not match the information in protected storage, such as to log information about the mismatch and/or provide an indication of validation failure, e.g., via an LED and/or display screen output. Further, the comparison may be part of a boot process validation, and the action may prevent the boot process from continuing, or replace an invalid file. Alternatively, the validation may take place at anytime.Type: GrantFiled: August 12, 2014Date of Patent: January 10, 2017Assignee: Microsoft Technology Licensing, LLCInventors: David Abzarian, Todd L. Carpenter, Harish S. Kulkarni, Salahuddin J. Khan
-
Publication number: 20160204946Abstract: A token or other storage device uses Internet identities to set file access attribute rights. Subsequently, requests to access a file can be controlled by confirming the Internet identity of the requestor by either validating the request with a known public key or retrieving the public key from an Internet identity provider. Files may be stored encrypted and may be re-encrypted with the public key associated with Internet identity making the request.Type: ApplicationFiled: March 22, 2016Publication date: July 14, 2016Inventors: Todd L. Carpenter, David Steeves, David Abzarian
-
Patent number: 9325705Abstract: A token or other storage device uses Internet identities to set file access attribute rights. Subsequently, requests to access a file can be controlled by confirming the Internet identity of the requestor by either validating the request with a known public key or retrieving the public key from an Internet identity provider. Files may be stored encrypted and may be re-encrypted with the public key associated with Internet identity making the request.Type: GrantFiled: October 27, 2014Date of Patent: April 26, 2016Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Todd L. Carpenter, David Steeves, David Abzarian
-
Publication number: 20150281200Abstract: Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.Type: ApplicationFiled: September 25, 2014Publication date: October 1, 2015Inventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller
-
Publication number: 20150269537Abstract: Technology is described for protecting transactions. The technology may include a switching component that a user can employ to switch an associated mobile device into a secure mode so that a user can confirm the transaction. After initiating a transaction request, the user can confirm the transaction request by activating the switching component, which can cause the mobile device to switch into a secure mode. In the secure mode, the mobile device may prevent the mobile device from conducting various normal activities, such as executing applications, receiving input, providing output, and so forth. The switching component may disable other processing temporarily. Upon receiving the confirmation from the user, the switching component may send a confirmation communication to complete the transaction.Type: ApplicationFiled: June 3, 2015Publication date: September 24, 2015Inventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller, Gregory D. Hartrell
-
Patent number: 9065812Abstract: Technology is described for protecting transactions. The technology may include a switching component that a user can employ to switch an associated mobile device into a secure mode so that a user can confirm the transaction. After initiating a transaction request, the user can confirm the transaction request by activating the switching component, which can cause the mobile device to switch into a secure mode. In the secure mode, the mobile device may prevent the mobile device from conducting various normal activities, such as executing applications, receiving input, providing output, and so forth. The switching component may disable other processing temporarily. Upon receiving the confirmation from the user, the switching component may send a confirmation communication to complete the transaction.Type: GrantFiled: January 23, 2009Date of Patent: June 23, 2015Assignee: Microsoft Technology Licensing, LLCInventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller, Gregory D. Hartrell
-
Publication number: 20150106908Abstract: A token or other storage device uses Internet identities to set file access attribute rights. Subsequently, requests to access a file can be controlled by confirming the Internet identity of the requestor by either validating the request with a known public key or retrieving the public key from an Internet identity provider. Files may be stored encrypted and may be re-encrypted with the public key associated with Internet identity making the request.Type: ApplicationFiled: October 27, 2014Publication date: April 16, 2015Inventors: Todd L. Carpenter, David Steeves, David Abzarian
-
Patent number: 8949407Abstract: The described implementations relate to capturing a computing experience. In one case, a user session capture tool can launch a remote user session where a user-interface and user inputs are gathered from a single computing device. Remote user session data produced by the remote user session can be analyzed to determine user activity.Type: GrantFiled: June 17, 2009Date of Patent: February 3, 2015Assignee: Microsoft CorporationInventors: Todd L. Carpenter, David Abzarian, Seshagiri Panchapagesan, Harish S. Kulkarni
-
Patent number: 8914901Abstract: A storage token has a display and a keyboard, or other input device, that allows a user to view a request to access a memory location and enter a response to the request. The display allows presentation of details of the request, such as a pathname to a requested memory location, metadata describing a cryptographic key for use in a transaction confirmation, and/or transaction details which are awaiting verification by a credential stored on the token. The storage token may also include a cryptographic engine and a secure memory allowing signing data returned in response to the request.Type: GrantFiled: January 11, 2008Date of Patent: December 16, 2014Assignee: Microsoft CorporationInventors: David Steeves, Todd L. Carpenter, David Abzarian, Gregory Hartrell, Mark Myers
-
Publication number: 20140351544Abstract: Described is a technology by which a transient storage device or secure execution environment-based (e.g., including an embedded processor) device validates a host computer system. The device compares hashes of host system data against valid hashes maintained in protected storage of the device. The host data may be a file, data block, and/or memory contents. The device takes action when the host system data does not match the information in protected storage, such as to log information about the mismatch and/or provide an indication of validation failure, e.g., via an LED and/or display screen output. Further, the comparison may be part of a boot process validation, and the action may prevent the boot process from continuing, or replace an invalid file. Alternatively, the validation may take place at anytime.Type: ApplicationFiled: August 12, 2014Publication date: November 27, 2014Applicant: MICROSOFT CORPORATIONInventors: David Abzarian, Todd L. Carpenter, Harish S. Kulkarni, Salahuddin J. Khan
-
Patent number: 8898755Abstract: A token or other storage device uses Internet identities to set file access attribute rights. Subsequently, requests to access a file can be controlled by confirming the Internet identity of the requestor by either validating the request with a known public key or retrieving the public key from an Internet identity provider. Files may be stored encrypted and may be re-encrypted with the public key associated with Internet identity making the request.Type: GrantFiled: November 20, 2012Date of Patent: November 25, 2014Assignee: Microsoft CorporationInventors: Todd L. Carpenter, David Steeves, David Abzarian
-
Patent number: 8898460Abstract: Described is a technology by which files that are hardware protected on a storage device, such as a USB flash drive, are managed on a host, including by integration with an existing file system. Each file maintained on a storage device is associated with a protection attribute that corresponds to that file's device hardware protection level. Requests directed towards accessing metadata or actual file data are processed based upon the protection attribute and a state of authentication, e.g., to allow or deny access, show file icons along with their level of protection, change levels, and so forth. Also described is splitting a file system file table into multiple file tables, one file table for each level of protection. Entries in the split file tables are maintained based on each file's current level; space allocation tracking entries are also maintained to track the space used by other split tables.Type: GrantFiled: February 3, 2009Date of Patent: November 25, 2014Assignee: Microsoft CorporationInventors: David Abzarian, Harish S. Kulkarni, Todd L. Carpenter, Cinthya R. Urasaki
-
Patent number: 8898758Abstract: Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.Type: GrantFiled: November 22, 2013Date of Patent: November 25, 2014Assignee: Microsoft CorporationInventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller