Patents by Inventor Viswesh Narayanan

Viswesh Narayanan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Protecting an entire system disk by encrypting data stored in a portion of the system disk
    Patent number: 11928216
    Abstract: A method for protecting an OS disk of a computing device without block encrypting the OS disk. The method identifies one or more files that store configuration data associated with OS binaries executed on the computing device. The method encrypts the configuration data stored in the one or more files using an encryption key and seals the encryption key to a TPM of the computing device. The method then boots the computing device by attempting to unseal the encryption key by authenticating one or more of the OS binaries with the TPM. When authenticating the one or more of the OS binaries is successful, the method completes boot of the computing device by decrypting the configuration data using the encryption key. If authentication of the one or more of the OS binaries is not successful, however, the method aborts boot of the computing device.
    Type: Grant
    Filed: December 18, 2020
    Date of Patent: March 12, 2024
    Assignee: VMware, Inc.
    Inventors: Samyuktha Subramanian, Jesse Pool, Petr Vandrovec, Viswesh Narayanan
  • PROTECTING AN ENTIRE SYSTEM DISK BY ENCRYPTING DATA STORED IN A PORTION OF THE SYSTEM DISK
    Publication number: 20220198021
    Abstract: A method for protecting an OS disk of a computing device without block encrypting the OS disk. The method identifies one or more files that store configuration data associated with OS binaries executed on the computing device. The method encrypts the configuration data stored in the one or more files using an encryption key and seals the encryption key to a TPM of the computing device. The method then boots the computing device by attempting to unseal the encryption key by authenticating one or more of the OS binaries with the TPM. When authenticating the one or more of the OS binaries is successful, the method completes boot of the computing device by decrypting the configuration data using the encryption key. If authentication of the one or more of the OS binaries is not successful, however, the method aborts boot of the computing device.
    Type: Application
    Filed: December 18, 2020
    Publication date: June 23, 2022
    Inventors: Samyuktha SUBRAMANIAN, Jesse POOL, Petr VANDROVEC, Viswesh NARAYANAN
  • IN-PLACE GUEST-AGNOSTIC ENCRYPTION OF A RUNNING VIRTUAL MACHINE
    Publication number: 20200349260
    Abstract: Systems and methods are described for encrypting the virtual disk in a virtual machine (VM). The virtual disk can be encrypted by a background process executing on the host machine that hosts the VM. Input/output operations (I/Os) to the virtual disk issued by a guest operating system (OS) executing on the VM can be intercepted on the hypervisor of the host machine and processed during the background encryption. Processing of the I/Os occurs independently and separately of background encryption of the virtual disk. Processing an I/O can include decrypting or encrypting data involved in the I/O depending on the location on the virtual disk targeted by the I/O.
    Type: Application
    Filed: May 3, 2019
    Publication date: November 5, 2020
    Inventors: Nick M. Ryan, Viswesh Narayanan, Mohammed Junaid Ahmed