Patents by Inventor Ahmad Bilal
Ahmad Bilal has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11669337Abstract: Examples described herein include systems and methods for bare metal management of computing devices. Firmware of the computing device can be configured to contact a network location as part of an HTTP boot and download a boot agent. The boot agent can be prioritized to execute before a primary OS boot loader. The boot agent can download an OS configuration including a package that is inserted into the primary OS. The primary OS, as configured, can then boot. The boot agent can also attest to OS health and device compliance on subsequent boots. For example, the boot agent can cause the firmware to track how many boots have occurred since compliance verification. If a threshold number of boots occur without verification, the boot agent can initiate restoration. Alternatively, if a decommission flag is set, the boot agent can cause the computing device to boot into its original configuration.Type: GrantFiled: March 4, 2022Date of Patent: June 6, 2023Assignee: VMware, Inc.Inventors: Ahmad Bilal, Alexey Polyakov, Tomas Vetrovsky
-
Publication number: 20230119675Abstract: Disclosed are various approaches for remotely deploying provisioned packages. An installer for an application is stored in a cache location of the client device. A hash of the installer is then written to a registry of the client device. The installer is then executed to install the application on the client device. Then, the client device is registered with a management service. Subsequently, a registration confirmation is received from the management service. The hash of the installer is then confirmed and the installed application is identified to the management service as a managed application installed on the client device.Type: ApplicationFiled: December 19, 2022Publication date: April 20, 2023Inventors: Mohamed Elsherif, Kishore Krishnakumar, Ian Drennan, Ondrej Stastny, Brooks Peppin, Jason Roszak, Ahmad Bilal
-
Patent number: 11630660Abstract: Disclosed are various examples for enforcing firmware profiles. First, it is determined that a device record associated with a client device fails to specify a firmware profile. A firmware profile is then generated for the client device. Subsequently, a command is generated that causes a firmware of the client device to be configured based at least in part on the firmware profile. The firmware profile is then stored in the device record.Type: GrantFiled: October 12, 2020Date of Patent: April 18, 2023Assignee: VMware, Inc.Inventors: Ahmad Bilal, Thanhy Mather, Tomas Vetrovsky, Pavel Zeman
-
Patent number: 11531532Abstract: Disclosed are various approaches for remotely deploying provisioned packages. An installer for an application is stored in a cache location of the client device. A hash of the installer is then written to a registry of the client device. The installer is then executed to install the application on the client device. Then, the client device is registered with a management service. Subsequently, a registration confirmation is received from the management service. The hash of the installer is then confirmed and the installed application is identified to the management service as a managed application installed on the client device.Type: GrantFiled: January 16, 2019Date of Patent: December 20, 2022Assignee: VMware, Inc.Inventors: Mohamed Elsherif, Kishore Krishnakumar, Ian Drennan, Ondrej Stastny, Brooks Peppin, Jason Roszak, Ahmad Bilal
-
Publication number: 20220318023Abstract: Examples described herein include systems and methods for bare metal management of computing devices. Firmware of the computing device can be configured to contact a network location as part of an HTTP boot and download a boot agent. The boot agent can be prioritized to execute before a primary OS boot loader. The boot agent can download an OS configuration including a package that is inserted into the primary OS. The primary OS, as configured, can then boot. The boot agent can also attest to OS health and device compliance on subsequent boots. For example, the boot agent can cause the firmware to track how many boots have occurred since compliance verification. If a threshold number of boots occur without verification, the boot agent can initiate restoration. Alternatively, if a decommission flag is set, the boot agent can cause the computing device to boot into its original configuration.Type: ApplicationFiled: March 4, 2022Publication date: October 6, 2022Inventors: Ahmad Bilal, Alexey Polyakov, Tomas Vetrovsky
-
Patent number: 11269655Abstract: Examples described herein include systems and methods for bare metal management of computing devices. Firmware of the computing device can be configured to contact a network location as part of an HTTP boot and download a boot agent. The boot agent can be prioritized to execute before a primary OS boot loader. The boot agent can download an OS configuration including a package that is inserted into the primary OS. The primary OS, as configured, can then boot. The boot agent can also attest to OS health and device compliance on subsequent boots. For example, the boot agent can cause the firmware to track how many boots have occurred since compliance verification. If a threshold number of boots occur without verification, the boot agent can initiate restoration. Alternatively, if a decommission flag is set, the boot agent can cause the computing device to boot into its original configuration.Type: GrantFiled: November 11, 2020Date of Patent: March 8, 2022Assignee: VMware, Inc.Inventors: Ahmad Bilal, Alexey Polyakov, Tomas Vetrovsky
-
Publication number: 20210303694Abstract: Disclosed are various examples for dynamic application deployment in trusted code environments. In some embodiments, an application is identified for installation on a client device. The client device includes a security process that limits the client device to execute trusted code based on a trusted code policy. Characteristics of a file are identified from an installation package for a client application. A management agent is instructed to update the trusted code policy to whitelist the file by providing the characteristics of the executable file to the security process. A command to install the application is transmitted to the management agent, where the management agent is a trusted installer for the client device.Type: ApplicationFiled: June 14, 2021Publication date: September 30, 2021Inventors: Alexey Polyakov, Ondrej Stastny, David Field, Tomas Vetrovsky, Ahmad Bilal
-
Patent number: 11036862Abstract: Disclosed are various examples for dynamic application deployment in trusted code environments. In some embodiments, an application is identified for installation on a client device. The client device includes a security process that limits the client device to execute trusted code based on a trusted code policy. Characteristics of a file are identified from an installation package for a client application. A management agent is instructed to update the trusted code policy to whitelist the file by providing the characteristics of the executable file to the security process. A command to install the application is transmitted to the management agent, where the management agent is a trusted installer for the client device.Type: GrantFiled: November 26, 2018Date of Patent: June 15, 2021Assignee: VMware, Inc.Inventors: Alexey Polyakov, Ondrej Stastny, David Field, Tomas Vetrovsky, Ahmad Bilal
-
Publication number: 20210064385Abstract: Examples described herein include systems and methods for bare metal management of computing devices. Firmware of the computing device can be configured to contact a network location as part of an HTTP boot and download a boot agent. The boot agent can be prioritized to execute before a primary OS boot loader. The boot agent can download an OS configuration including a package that is inserted into the primary OS. The primary OS, as configured, can then boot. The boot agent can also attest to OS health and device compliance on subsequent boots. For example, the boot agent can cause the firmware to track how many boots have occurred since compliance verification. If a threshold number of boots occur without verification, the boot agent can initiate restoration. Alternatively, if a decommission flag is set, the boot agent can cause the computing device to boot into its original configuration.Type: ApplicationFiled: November 11, 2020Publication date: March 4, 2021Inventors: Ahmad Bilal, Alexey Polyakov, Tomas Vetrovsky
-
Publication number: 20210042109Abstract: Disclosed are various examples for enforcing firmware profiles. First, it is determined that a device record associated with a client device fails to specify a firmware profile. A firmware profile is then generated for the client device. Subsequently, a command is generated that causes a firmware of the client device to be configured based at least in part on the firmware profile. The firmware profile is then stored in the device record.Type: ApplicationFiled: October 12, 2020Publication date: February 11, 2021Inventors: Ahmad Bilal, Thanhy Mather, Tomas Vetrovsky, Pavel Zeman
-
Patent number: 10838736Abstract: Examples described herein include systems and methods for bare metal management of computing devices. Firmware of the computing device can be configured to contact a network location as part of an HTTP boot and download a boot agent. The boot agent can be prioritized to execute before a primary OS boot loader. The boot agent can download an OS configuration including a package that is inserted into the primary OS. The primary OS, as configured, can then boot. The boot agent can also attest to OS health and device compliance on subsequent boots. For example, the boot agent can cause the firmware to track how many boots have occurred since compliance verification. If a threshold number of boots occur without verification, the boot agent can initiate restoration. Alternatively, if a decommission flag is set, the boot agent can cause the computing device to boot into its original configuration.Type: GrantFiled: July 26, 2018Date of Patent: November 17, 2020Assignee: VMware, Inc.Inventors: Ahmad Bilal, Alexey Polyakov, Tomas Vetrovsky
-
Patent number: 10802821Abstract: Disclosed are various examples for enforcing firmware profiles. First, it is determined that a device record associated with a client device fails to specify a firmware profile. A firmware profile is then generated for the client device. Subsequently, a command is generated that causes a firmware of the client device to be configured based at least in part on the firmware profile. The firmware profile is then stored in the device record.Type: GrantFiled: July 24, 2018Date of Patent: October 13, 2020Assignee: VMware, Inc.Inventors: Ahmad Bilal, Thanhy Mather, Tomas Vetrovsky, Pavel Zeman
-
Publication number: 20200225929Abstract: Disclosed are various approaches for remotely deploying provisioned packages. An installer for an application is stored in a cache location of the client device. A hash of the installer is then written to a registry of the client device. The installer is then executed to install the application on the client device. Then, the client device is registered with a management service. Subsequently, a registration confirmation is received from the management service. The hash of the installer is then confirmed and the installed application is identified to the management service as a managed application installed on the client device.Type: ApplicationFiled: January 16, 2019Publication date: July 16, 2020Inventors: Mohamed Elsherif, Kishore Krishnakumar, Ian Drennan, Ondrej Stastny, Brooks Peppin, Jason Roszak, Ahmad Bilal
-
Patent number: 10686932Abstract: Apparatus and methods are disclosed for allowing smart phone users to “capture the moment” by allowing easy access to a camera application when a mobile device is in an above-lock (or locked) mode, while also preventing unauthorized access to other smart phone functionality. According to one embodiment of the disclosed technology, a method of operating a mobile device having an above-lock state and a below-lock state comprises receiving input data requesting invocation of an camera application when the mobile device is in the above-lock state and invoking the requested camera application on the device, where one or more functions of the requested application are unavailable as a result of the mobile device being in the above-lock state.Type: GrantFiled: November 18, 2016Date of Patent: June 16, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Shamik Bandyopadhyay, Donald A. Barnett, Vikram Kapoor, Veronica Y. Law, Kathryn C. Lemson, Tirthankar Sengupta, Divya Tyamagundlu, Ahmad Bilal
-
Publication number: 20200167473Abstract: Disclosed are various examples for dynamic application deployment in trusted code environments. In some embodiments, an application is identified for installation on a client device. The client device includes a security process that limits the client device to execute trusted code based on a trusted code policy. Characteristics of a file are identified from an installation package for a client application. A management agent is instructed to update the trusted code policy to whitelist the file by providing the characteristics of the executable file to the security process. A command to install the application is transmitted to the management agent, where the management agent is a trusted installer for the client device.Type: ApplicationFiled: November 26, 2018Publication date: May 28, 2020Inventors: Alexey Polyakov, Ondrej Stastny, David Field, Tomas Vetrovsky, Ahmad Bilal
-
Patent number: 10599300Abstract: A method and apparatus is provided for operating a mobile device having stored thereon a plurality of applications (“apps”) that are each configured to capture an image. The method includes receiving first user input data requesting invocation of a given one of the applications. The given application is launched by the user. After launching the given application a user interface is presented which serves as an entry point through which all of the image capture applications stored on the mobile device are made available to the user.Type: GrantFiled: August 9, 2016Date of Patent: March 24, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Aaron Sauve, Shamik Bandyopadhyay, Kathryn C. Lemson, Jannes Paul Peters, Eric Bennett, Ahmad Bilal
-
Publication number: 20200034155Abstract: Examples described herein include systems and methods for bare metal management of computing devices. Firmware of the computing device can be configured to contact a network location as part of an HTTP boot and download a boot agent. The boot agent can be prioritized to execute before a primary OS boot loader. The boot agent can download an OS configuration including a package that is inserted into the primary OS. The primary OS, as configured, can then boot. The boot agent can also attest to OS health and device compliance on subsequent boots. For example, the boot agent can cause the firmware to track how many boots have occurred since compliance verification. If a threshold number of boots occur without verification, the boot agent can initiate restoration. Alternatively, if a decommission flag is set, the boot agent can cause the computing device to boot into its original configuration.Type: ApplicationFiled: July 26, 2018Publication date: January 30, 2020Inventors: Ahmad Bilal, Alexey Polyakov, Tomas Vetrovsky
-
Publication number: 20200034141Abstract: Disclosed are various examples for enforcing firmware profiles. First, it is determined that a device record associated with a client device fails to specify a firmware profile. A firmware profile is then generated for the client device. Subsequently, a command is generated that causes a firmware of the client device to be configured based at least in part on the firmware profile. The firmware profile is then stored in the device record.Type: ApplicationFiled: July 24, 2018Publication date: January 30, 2020Inventors: Ahmad Bilal, Thanhy Mather, Tomas Vetrovsky, Pavel Zeman
-
Publication number: 20170070606Abstract: Apparatus and methods are disclosed for allowing smart phone users to “capture the moment” by allowing easy access to a camera application when a mobile device is in an above-lock (or locked) mode, while also preventing unauthorized access to other smart phone functionality. According to one embodiment of the disclosed technology, a method of operating a mobile device having an above-lock state and a below-lock state comprises receiving input data requesting invocation of an camera application when the mobile device is in the above-lock state and invoking the requested camera application on the device, where one or more functions of the requested application are unavailable as a result of the mobile device being in the above-lock state.Type: ApplicationFiled: November 18, 2016Publication date: March 9, 2017Applicant: Microsoft Technology Licensing, LLCInventors: Shamik Bandyopadhyay, Donald A. Barnett, Vikram Kapoor, Veronica Y. Law, Kathryn C. Lemson, Tirthankar Sengupta, Divya Tyamagundlu, Ahmad Bilal
-
Publication number: 20170017367Abstract: A method and apparatus is provided for operating a mobile device having stored thereon a plurality of applications (“apps”) that are each configured to capture an image. The method includes receiving first user input data requesting invocation of a given one of the applications. The given application is launched by the user. After launching the given application a user interface is presented which serves as an entry point through which all of the image capture applications stored on the mobile device are made available to the user.Type: ApplicationFiled: August 9, 2016Publication date: January 19, 2017Inventors: Aaron Sauve, Shamik Bandyopadhyay, Kathryn C. Lemson, Jannes Paul Peters, Eric Bennett, Ahmad Bilal