Patents by Inventor Victor W. Heller
Victor W. Heller has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9705879Abstract: A computing device, or a security component of a computing device, implements delayed attestation by initially providing first credentials to a remote access device to establish a first level of trust. The first credentials may be provided before or while the computing device or the security component is obtaining security information from a remote security device. The security information is used to generate second credentials that are subsequently provided to the remote access device to establish a second level of trust. The first credentials may comprise an encryption key that can be generated by the security component without having to retrieve information via a network, and the second credentials may comprise an attestation statement that is more trustworthy than the encryption key and that is generated based on a certificate retrieved from a remote security device (e.g., a certificate authority server).Type: GrantFiled: February 24, 2015Date of Patent: July 11, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Anoosh Saboori, Victor W. Heller, Xiaohong Su, Dayi Zhou, Kinshuman Kinshumann, James Hugh Morgan, Stefan Thom
-
Patent number: 9401911Abstract: Embodiments are directed to providing a certificate extension to an authentication certificate, to validating an authentication certificate request and to implementing authentication certificates that include certificate extensions. In an embodiment, a computer system accesses an authentication certificate request that is to be sent to a validation server for validation and to a certificate authority for issuance of an authentication certificate. The computer system appends an extension to the authentication certificate request. The extension includes origination information about the authentication certificate. The computer system then sends the authentication certificate request with the appended extension to the validation server for validation.Type: GrantFiled: February 10, 2011Date of Patent: July 26, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Ghila Castelnuovo, Ziv Ayalon, Anat Bar-Anan, Ben Bernstein, Philip Derbeko, Victor W. Heller, Aleksandr Radutskiy, Uzi Tuvian
-
Publication number: 20160080379Abstract: A computing device, or a security component of a computing device, implements delayed attestation by initially providing first credentials to a remote access device to establish a first level of trust. The first credentials may be provided before or while the computing device or the security component is obtaining security information from a remote security device. The security information is used to generate second credentials that are subsequently provided to the remote access device to establish a second level of trust. The first credentials may comprise an encryption key that can be generated by the security component without having to retrieve information via a network, and the second credentials may comprise an attestation statement that is more trustworthy than the encryption key and that is generated based on a certificate retrieved from a remote security device (e.g., a certificate authority server).Type: ApplicationFiled: February 24, 2015Publication date: March 17, 2016Inventors: Anoosh Saboori, Victor W. Heller, Xiaohong Su, Dayi Zhou, Kinshuman Kinshumann, James Hugh Morgan, Stefan Thom
-
Publication number: 20120210123Abstract: Embodiments are directed to providing a certificate extension to an authentication certificate, to validating an authentication certificate request and to implementing authentication certificates that include certificate extensions. In an embodiment, a computer system accesses an authentication certificate request that is to be sent to a validation server for validation and to a certificate authority for issuance of an authentication certificate. The computer system appends an extension to the authentication certificate request. The extension includes origination information about the authentication certificate. The computer system then sends the authentication certificate request with the appended extension to the validation server for validation.Type: ApplicationFiled: February 10, 2011Publication date: August 16, 2012Applicant: MICROSOFT CORPORATIONInventors: Ghila Castelnuovo, Ziv Ayalon, Anat Bar-Anan, Ben Bernstein, Philip Derbeko, Victor W. Heller, Aleksandr Radutskiy, Uzi Tuvian
-
Patent number: 7350073Abstract: A virtual private network (VPN) enrollment protocol gateway is described herein. The protocol gateway is implemented as a registration authority that operates as an intermediary between routers and a certificate authority, allowing routers operating in accordance with one protocol to obtain and maintain certificates for a VPN from a certificate authority operating in accordance with another protocol. In accordance with one aspect, the gateway protocol supports various requests from the router, including router enrollment requests, get certificate revocation list request, get certificate requests, get certificate authority certificate requests, and password requests.Type: GrantFiled: March 30, 2006Date of Patent: March 25, 2008Assignee: Microsoft CorporationInventors: Rudolph Balaz, Victor W. Heller, Xiaohong Su, Keith R. Vogel
-
Patent number: 7171556Abstract: A virtual private network (VPN) enrollment protocol gateway is described herein. The protocol gateway is implemented as a registration authority that operates as an intermediary between routers and a certificate authority, allowing routers operating in accordance with one protocol to obtain and maintain certificates for a VPN from a certificate authority operating in accordance with another protocol. In accordance with one aspect, the gateway protocol supports various requests from the router, including router enrollment requests, get certificate revocation list request, get certificate requests, get certificate authority certificate requests, and password requests.Type: GrantFiled: May 20, 2005Date of Patent: January 30, 2007Assignee: Microsoft CorporationInventors: Rudolph Balaz, Victor W. Heller, Xiaohong Su, Keith R. Vogel
-
Patent number: 7100046Abstract: A virtual private network (VPN) enrollment protocol gateway is described herein. The protocol gateway is implemented as a registration authority that operates as an intermediary between routers and a certificate authority, allowing routers operating in accordance with one protocol to obtain and maintain certificates for a VPN from a certificate authority operating in accordance with another protocol. In accordance with one aspect, the gateway protocol supports various requests from the router, including router enrollment requests, get certificate revocation list request, get certificate requests, get certificate authority certificate requests, and password requests.Type: GrantFiled: March 15, 2004Date of Patent: August 29, 2006Assignee: Microsoft CorporationInventors: Rudolph Balaz, Victor W. Heller, Xiaohong Su, Keith R. Vogel
-
Patent number: 7069441Abstract: A virtual private network (VPN) enrollment protocol gateway is described herein. The protocol gateway is implemented as a registration authority that operates as an intermediary between routers and a certificate authority, allowing routers operating in accordance with one protocol to obtain and maintain certificates for a VPN from a certificate authority operating in accordance with another protocol. In accordance with one aspect, the gateway protocol supports various requests from the router, including router enrollment requests, get certificate revocation list request, get certificate requests, get certificate authority certificate requests, and password requests.Type: GrantFiled: September 21, 2004Date of Patent: June 27, 2006Assignee: Microsoft CorporationInventors: Rudolph Balaz, Victor W. Heller, Xiaohong Su, Keith R. Vogel
-
Patent number: 6978364Abstract: A virtual private network (VPN) enrollment protocol gateway is described herein. The protocol gateway is implemented as a registration authority that operates as an intermediary between routers and a certificate authority, allowing routers operating in accordance with one protocol to obtain and maintain certificates for a VPN from a certificate authority operating in accordance with another protocol. In accordance with one aspect, the gateway protocol supports various requests from the router, including router enrollment requests, get certificate revocation list request, get certificate requests, get certificate authority certificate requests, and password requests.Type: GrantFiled: April 12, 2000Date of Patent: December 20, 2005Assignee: Microsoft CorporationInventors: Rudolph Balaz, Victor W. Heller, Xiaohong Su, Keith R. Vogel
-
Publication number: 20040177281Abstract: A virtual private network (VPN) enrollment protocol gateway is described herein. The protocol gateway is implemented as a registration authority that operates as an intermediary between routers and a certificate authority, allowing routers operating in accordance with one protocol to obtain and maintain certificates for a VPN from a certificate authority operating in accordance with another protocol. In accordance with one aspect, the gateway protocol supports various requests from the router, including router enrollment requests, get certificate revocation list request, get certificate requests, get certificate authority certificate requests, and password requests.Type: ApplicationFiled: March 15, 2004Publication date: September 9, 2004Inventors: Rudolph Balaz, Victor W. Heller, Xiaohong Su, Keith R. Vogel
-
Publication number: 20040177246Abstract: A virtual private network (VPN) enrollment protocol gateway is described herein. The protocol gateway is implemented as a registration authority that operates as an intermediary between routers and a certificate authority, allowing routers operating in accordance with one protocol to obtain and maintain certificates for a VPN from a certificate authority operating in accordance with another protocol. In accordance with one aspect, the gateway protocol supports various requests from the router, including router enrollment requests, get certificate revocation list request, get certificate requests, get certificate authority certificate requests, and password requests.Type: ApplicationFiled: March 15, 2004Publication date: September 9, 2004Inventors: Rudolph Balaz, Victor W. Heller, Xiaohong Su, Keith R. Vogel