Patents by Inventor Xiaohong Su
Xiaohong Su has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240148894Abstract: Provided is use of an antibody-drug conjugate targeting Her2 in the preparation of a medicine for treating breast cancer patients with liver metastasis or breast cancer patients without lung metastasis. Compared with a control drug group (lapatinib+capecitabine), the application of the antibody-drug conjugate provided in the treatment of breast cancer patients with liver metastasis and in the treatment of breast cancer patients without lung metastasis can significantly improve the survival time of the patients.Type: ApplicationFiled: August 16, 2023Publication date: May 9, 2024Inventors: Jianmin FANG, Xiaohong SU, Xuguang GUO, Ruyi HE
-
Patent number: 11973337Abstract: This invention relates to the technical field of harmonic elimination for ferromagnetic resonance for a voltage transformer (abbreviated as PT), in particular, to a harmonic elimination method for ferromagnetic resonance for an active resistance-matching voltage transformer based on PID-adjustment, including compiling a resistance matching algorithm; designing and building a harmonic elimination control system based on the PID control strategy; presetting an active resistance-matching strategy; designing an engineering scheme for placing resistors.Type: GrantFiled: August 17, 2023Date of Patent: April 30, 2024Assignee: Qujing Power Supply Bureau of Yunnan Power Grid Co., LtdInventors: Xiaohong Zhu, Lianjing Yang, Fei Mao, Rong Zhang, Yang Yang, Jiangyun Su, Wenfei Feng, Zhe Li, Pengjin Qiu, Jianbin Li, Zhikun Hong, Weirong Yang, Changjiu Zhou, Yingqiong Zhang, Rui Xu, Guibing Duan
-
Publication number: 20240072531Abstract: This invention relates to the technical field of harmonic elimination for ferromagnetic resonance for a voltage transformer (abbreviated as PT), in particular, to a harmonic elimination method for ferromagnetic resonance for an active resistance-matching voltage transformer based on PID-adjustment, including compiling a resistance matching algorithm; designing and building a harmonic elimination control system based on the PID control strategy; presetting an active resistance-matching strategy; designing an engineering scheme for placing resistors.Type: ApplicationFiled: August 17, 2023Publication date: February 29, 2024Inventors: Xiaohong ZHU, Lianjing YANG, Fei MAO, Rong ZHANG, Yang YANG, Jiangyun SU, Wenfei FENG, Zhe LI, Pengjin QIU, Jianbin LI, Zhikun HONG, Weirong YANG, Changjiu ZHOU, Yingqiong ZHANG, Rui XU, Guibing DUAN
-
Patent number: 10142107Abstract: Binding a security token to a client token binder, such as a trusted platform module, is provided. A bound security token can only be used on the client on which it was obtained. A secret binding key (kbind) is established between the client and an STS. The client derives a key (kmac) from kbind, signs a security token request with kmac, and instructs the STS to bind the requested security token to kbind. The STS validates the request by deriving kmac using a client-provided nonce and kbind to MAC the message and compare the MAC values. If the request is validated, the STS generates a response comprising the requested security token, derives two keys from kbind: one to sign the response and one to encrypt the response, and sends the response to the client. Only a device comprising kbind is enabled to use the bound security token, providing increased security.Type: GrantFiled: December 31, 2015Date of Patent: November 27, 2018Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Adrian Frei, Tarek B. Kamel, Guruprasad B. Aphale, Sankara Narayanan Venkataraman, Xiaohong Su, Yordan Rouskov, Vijay G. Bharadwaj
-
Patent number: 9705879Abstract: A computing device, or a security component of a computing device, implements delayed attestation by initially providing first credentials to a remote access device to establish a first level of trust. The first credentials may be provided before or while the computing device or the security component is obtaining security information from a remote security device. The security information is used to generate second credentials that are subsequently provided to the remote access device to establish a second level of trust. The first credentials may comprise an encryption key that can be generated by the security component without having to retrieve information via a network, and the second credentials may comprise an attestation statement that is more trustworthy than the encryption key and that is generated based on a certificate retrieved from a remote security device (e.g., a certificate authority server).Type: GrantFiled: February 24, 2015Date of Patent: July 11, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Anoosh Saboori, Victor W. Heller, Xiaohong Su, Dayi Zhou, Kinshuman Kinshumann, James Hugh Morgan, Stefan Thom
-
Publication number: 20170195121Abstract: Binding a security token to a client token binder, such as a trusted platform module, is provided. A bound security token can only be used on the client on which it was obtained. A secret binding key (kbind) is established between the client and an STS. The client derives a key (kmac) from kbind, signs a security token request with kmac, and instructs the STS to bind the requested security token to kbind. The STS validates the request by deriving kmac using a client-provided nonce and kbind to MAC the message and compare the MAC values. If the request is validated, the STS generates a response comprising the requested security token, derives two keys from kbind: one to sign the response and one to encrypt the response, and sends the response to the client. Only a device comprising kbind is enabled to use the bound security token, providing increased security.Type: ApplicationFiled: December 31, 2015Publication date: July 6, 2017Applicant: Microsoft Technology Licensing, LLC.Inventors: Adrian Frei, Tarek B. Kamel, Guruprasad B. Aphale, Sankara Narayanan Venkataraman, Xiaohong Su, Yordan Rouskov, Vijay G. Bharadwaj
-
Patent number: 9660817Abstract: In many information security scenarios, a certificate issued by a certificate authority may be presented to a client in order to assert a trust level of a certificated item, such as a message or a web page. However, due to a decentralized structure and incomplete coordination among certificate authorities, the presence and exploitation of security vulnerabilities to issue untrustworthy certificates may be difficult to determine, particularly for an individual client. Presented herein are techniques for advising clients of the reputations of respective certificate authorities by evaluating the certificates issued by such certificate authorities, such as the number and types of domains certified by the certificate; the number and pattern of certificates issued for the domain; and the certification techniques used to issue the certificates. Such evaluation enables a determination of a certificate authority trust level that may be distributed to the clients in a certificate authority trust set.Type: GrantFiled: August 1, 2014Date of Patent: May 23, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Anooshiravan Saboori, Muhammad Umar Janjua, Nelly Porter, Philip Hallin, Haitao Li, Xiaohong Su, Kelvin Yiu, Anthony Paul Penta, Vassil Dimitrov Bakalov, Bryston Mitsuo Nitta
-
Patent number: 9553730Abstract: In many information security scenarios, a certificate issued by a certificating authority may be presented to a client in order to assert a trust level of a certificated item, such as a message or a web page. However, due to a decentralized structure and incomplete coordination among certificating authorities, the presence and exploitation of security vulnerabilities to issue untrustworthy certificates may be difficult to determine, particularly for an individual client. Presented herein are techniques for providing a certificating authority trust service that collects and evaluates certificates submitted to clients by certificating authorities, and advises the clients of a certificating authority trust level for respective certificating authorities (e.g., determined as a consensus of the evaluated certificates issued by the certificating authority).Type: GrantFiled: September 6, 2013Date of Patent: January 24, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Anooshiravan Saboor, Muhammad Umar Janjua, Nelly Porter, Philip Hallin, Haitao Li, Xiaohong Su, Kelvin Yiu, Anthony Paul Penta
-
Patent number: 9553732Abstract: In many information security scenarios, a certificate issued by a certificate authority on behalf of a domain is presented to a client in order to verify the identity of the domain. However, due to a decentralized structure and incomplete coordination among certificate authorities, the presence and exploitation of security vulnerabilities to issue untrustworthy certificates may be difficult for an individual client to determine. Presented herein are techniques for advising clients of the trustworthiness of respective certificate authorities by evaluating the certificates issued by such certificate authorities for suspicious indicators, such as hashcode collisions with other certificates and public key re-use.Type: GrantFiled: August 1, 2014Date of Patent: January 24, 2017Assignee: Microsoft Technology Licensing LLCInventors: Anooshiravan Saboori, Muhammad Umar Janjua, Nelly Porter, Philip Hallin, Haitao Li, Xiaohong Su, Kelvin Yiu, Anthony Paul Penta
-
Publication number: 20160080379Abstract: A computing device, or a security component of a computing device, implements delayed attestation by initially providing first credentials to a remote access device to establish a first level of trust. The first credentials may be provided before or while the computing device or the security component is obtaining security information from a remote security device. The security information is used to generate second credentials that are subsequently provided to the remote access device to establish a second level of trust. The first credentials may comprise an encryption key that can be generated by the security component without having to retrieve information via a network, and the second credentials may comprise an attestation statement that is more trustworthy than the encryption key and that is generated based on a certificate retrieved from a remote security device (e.g., a certificate authority server).Type: ApplicationFiled: February 24, 2015Publication date: March 17, 2016Inventors: Anoosh Saboori, Victor W. Heller, Xiaohong Su, Dayi Zhou, Kinshuman Kinshumann, James Hugh Morgan, Stefan Thom
-
Publication number: 20160036593Abstract: In many information security scenarios, a certificate issued by a certificate authority may be presented to a client in order to assert a trust level of a certificated item, such as a message or a web page. However, due to a decentralized structure and incomplete coordination among certificate authorities, the presence and exploitation of security vulnerabilities to issue untrustworthy certificates may be difficult to determine, particularly for an individual client. Presented herein are techniques for advising clients of the reputations of respective certificate authorities by evaluating the certificates issued by such certificate authorities, such as the number and types of domains certified by the certificate; the number and pattern of certificates issued for the domain; and the certification techniques used to issue the certificates. Such evaluation enables a determination of a certificate authority trust level that may be distributed to the clients in a certificate authority trust set.Type: ApplicationFiled: August 1, 2014Publication date: February 4, 2016Inventors: Anooshiravan Saboori, Muhammad Umar Janjua, Nelly Porter, Philip Hallin, Haitao Li, Xiaohong Su, Kelvin Yiu, Anthony Paul Penta, Vassil Dimitrov Bakalov, Bryston Mitsuo Nitta
-
Publication number: 20140359280Abstract: In many information security scenarios, a certificate issued by a certificating authority may be presented to a client in order to assert a trust level of a certificated item, such as a message or a web page. However, due to a decentralized structure and incomplete coordination among certificating authorities, the presence and exploitation of security vulnerabilities to issue untrustworthy certificates may be difficult to determine, particularly for an individual client. Presented herein are techniques for providing a certificating authority trust service that collects and evaluates certificates submitted to clients by certificating authorities, and advises the clients of a certificating authority trust level for respective certificating authorities (e.g., determined as a consensus of the evaluated certificates issued by the certificating authority).Type: ApplicationFiled: September 6, 2013Publication date: December 4, 2014Inventors: Anooshiravan Saboor, Muhammad Umar Janjua, Nelly Porter, Philip Hallin, Haitao Li, Xiaohong Su, Kelvin Yiu, Anthony Paul Penta
-
Publication number: 20140359281Abstract: In many information security scenarios, a certificate issued by a certificate authority on behalf of a domain is presented to a client in order to verify the identity of the domain. However, due to a decentralized structure and incomplete coordination among certificate authorities, the presence and exploitation of security vulnerabilities to issue untrustworthy certificates may be difficult for an individual client to determine. Presented herein are techniques for advising clients of the trustworthiness of respective certificate authorities by evaluating the certificates issued by such certificate authorities for suspicious indicators, such as hashcode collisions with other certificates and public key re-use.Type: ApplicationFiled: August 1, 2014Publication date: December 4, 2014Inventors: Anooshiravan Saboori, Muhammad Umar Janjua, Nelly Porter, Philip Hallin, Haitao Li, Xiaohong Su, Kelvin Yiu, Anthony Paul Penta
-
Patent number: 8607321Abstract: Techniques for identifying a smart card in a plug and play system. The technique requires identifying a unique code identifier and loading a smart card minidriver according to the unique code identifier.Type: GrantFiled: June 27, 2008Date of Patent: December 10, 2013Assignee: Microsoft CorporationInventors: Eirik Herskedal, Pieter Retief Kasselman, Salvatore Francomacaro, Xiaohong Su
-
Patent number: 7984488Abstract: An exemplary system enabling credential roaming among a plurality of different computing devices may include an event handler to receive event notifications such as, e.g., a client logon. The event handler may invoke a management service in response to receiving an event notification. The management service may include a synchronizing module to synchronize a user's credentials with a remote directory service, such as, e.g., Active Directory, so that the user's credentials are available from any of a number of different computing devices.Type: GrantFiled: April 9, 2004Date of Patent: July 19, 2011Assignee: Microsoft CorporationInventors: David B. Cross, Xiaohong Su, Hao Zhuang, Philip J. Hallin
-
Publication number: 20090328179Abstract: Techniques for identifying a smart card in a plug and play system. The technique requires identifying a unique code identifier and loading a smart card minidriver according to the unique code identifier.Type: ApplicationFiled: June 27, 2008Publication date: December 31, 2009Applicant: Microsoft CorporationInventors: Eirik Herskedal, Pieter Retief Kasselman, Salvatore Francomacaro, Xiaohong Su
-
Patent number: 7350073Abstract: A virtual private network (VPN) enrollment protocol gateway is described herein. The protocol gateway is implemented as a registration authority that operates as an intermediary between routers and a certificate authority, allowing routers operating in accordance with one protocol to obtain and maintain certificates for a VPN from a certificate authority operating in accordance with another protocol. In accordance with one aspect, the gateway protocol supports various requests from the router, including router enrollment requests, get certificate revocation list request, get certificate requests, get certificate authority certificate requests, and password requests.Type: GrantFiled: March 30, 2006Date of Patent: March 25, 2008Assignee: Microsoft CorporationInventors: Rudolph Balaz, Victor W. Heller, Xiaohong Su, Keith R. Vogel
-
Patent number: 7171556Abstract: A virtual private network (VPN) enrollment protocol gateway is described herein. The protocol gateway is implemented as a registration authority that operates as an intermediary between routers and a certificate authority, allowing routers operating in accordance with one protocol to obtain and maintain certificates for a VPN from a certificate authority operating in accordance with another protocol. In accordance with one aspect, the gateway protocol supports various requests from the router, including router enrollment requests, get certificate revocation list request, get certificate requests, get certificate authority certificate requests, and password requests.Type: GrantFiled: May 20, 2005Date of Patent: January 30, 2007Assignee: Microsoft CorporationInventors: Rudolph Balaz, Victor W. Heller, Xiaohong Su, Keith R. Vogel
-
Patent number: 7100046Abstract: A virtual private network (VPN) enrollment protocol gateway is described herein. The protocol gateway is implemented as a registration authority that operates as an intermediary between routers and a certificate authority, allowing routers operating in accordance with one protocol to obtain and maintain certificates for a VPN from a certificate authority operating in accordance with another protocol. In accordance with one aspect, the gateway protocol supports various requests from the router, including router enrollment requests, get certificate revocation list request, get certificate requests, get certificate authority certificate requests, and password requests.Type: GrantFiled: March 15, 2004Date of Patent: August 29, 2006Assignee: Microsoft CorporationInventors: Rudolph Balaz, Victor W. Heller, Xiaohong Su, Keith R. Vogel
-
Publication number: 20060179298Abstract: A virtual private network (VPN) enrollment protocol gateway is described herein. The protocol gateway is implemented as a registration authority that operates as an intermediary between routers and a certificate authority, allowing routers operating in accordance with one protocol to obtain and maintain certificates for a VPN from a certificate authority operating in accordance with another protocol. In accordance with one aspect, the gateway protocol supports various requests from the router, including router enrollment requests, get certificate revocation list request, get certificate requests, get certificate authority certificate requests, and password requests.Type: ApplicationFiled: March 30, 2006Publication date: August 10, 2006Applicant: Microsoft CorporationInventors: Rudolph Balaz, Victor Heller, Xiaohong Su, Keith Vogel