Patents by Inventor Ahmed Saruhan Karademir
Ahmed Saruhan Karademir has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11966461Abstract: Environment type validation can provide a tamper-resistant validation of the computing environment within which the environment type validation is being performed. Such information can then be utilized to perform policy management, which can include omitting verifications in order to facilitate the sharing of policy, such as application licenses, from a host computing environment into a container virtual computing environment. The environment type validation can perform multiple checks, including verification of the encryption infrastructure of the computing environment, verification of code integrity mechanisms of that computing environment, checks for the presence of functionality evidencing a hypervisor, checks for the presence or absence of predetermined system drivers, or other like operating system components or functionality, checks for the activation or deactivation of resource management stacks, and checks for the presence or absence of predetermined values in firmware.Type: GrantFiled: May 11, 2022Date of Patent: April 23, 2024Assignee: Microsoft Technology Licensing, LLCInventors: Tushar Suresh Sugandhi, Amber Tianqi Guo, Balaji Balasubramanyan, Abhijat Singh, Ahmed Saruhan Karademir, Benjamin M. Schultz, Hari R. Pulapaka, Gupta Shubham, Chase Thomas, Carlos Ernesto Peza Ramirez
-
Publication number: 20220405382Abstract: Environment type validation can provide a tamper-resistant validation of the computing environment within which the environment type validation is being performed. Such information can then be utilized to perform policy management, which can include omitting verifications in order to facilitate the sharing of policy, such as application licenses, from a host computing environment into a container virtual computing environment. The environment type validation can perform multiple checks, including verification of the encryption infrastructure of the computing environment, verification of code integrity mechanisms of that computing environment, checks for the presence of functionality evidencing a hypervisor, checks for the presence or absence of predetermined system drivers, or other like operating system components or functionality, checks for the activation or deactivation of resource management stacks, and checks for the presence or absence of predetermined values in firmware.Type: ApplicationFiled: May 11, 2022Publication date: December 22, 2022Applicant: Microsoft Technology Licensing, LLCInventors: Tushar Suresh SUGANDHI, Amber Tianqi GUO, Balaji BALASUBRAMANYAN, Abhijat SINGH, Ahmed Saruhan KARADEMIR, Benjamin M. SCHULTZ, Hari R. PULAPAKA, Gupta SHUBHAM, Chase THOMAS, Carlos Ernesto Peza RAMIREZ
-
Patent number: 11354402Abstract: Environment type validation can provide a tamper-resistant validation of the computing environment within which the environment type validation is being performed. Such information can then be utilized to perform policy management, which can include omitting verifications in order to facilitate the sharing of policy, such as application licenses, from a host computing environment into a container virtual computing environment. The environment type validation can perform multiple checks, including verification of the encryption infrastructure of the computing environment, verification of code integrity mechanisms of that computing environment, checks for the presence of functionality evidencing a hypervisor, checks for the presence or absence of predetermined system drivers, or other like operating system components or functionality, checks for the activation or deactivation of resource management stacks, and checks for the presence or absence of predetermined values in firmware.Type: GrantFiled: November 1, 2019Date of Patent: June 7, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Tushar Suresh Sugandhi, Amber Tianqi Guo, Balaji Balasubramanyan, Abhijat Singh, Ahmed Saruhan Karademir, Benjamin M. Schultz, Hari R. Pulapaka, Gupta Shubham, Chase Thomas, Carlos Ernesto Peza Ramirez
-
Patent number: 11200300Abstract: Techniques for secure sharing of data in computing systems are disclosed herein. In one embodiment, a method includes when exchanging data between the host operating system and the guest operating system, encrypting, at a trusted platform module (TPM) of the host, data to be exchanged with a first key to generate encrypted data. The method also includes transmitting the encrypted data from the host operating system to the guest operating system and decrypting, at the guest operating system, the transmitted encrypted data using a second key previously exchanged between the TPM of the host and a virtual TPM of the guest operating system.Type: GrantFiled: June 20, 2018Date of Patent: December 14, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Giridhar Viswanathan, Sudeep Kumar Ghosh, Ankit Srivastava, Michael Trevor Pashniak, Benjamin M Schultz, Balaji Balasubramanyan, Hari R Pulapaka, Tushar Suresh Sugandhi, Matthew David Kurjanowicz, Ahmed Saruhan Karademir
-
Publication number: 20210133312Abstract: Environment type validation can provide a tamper-resistant validation of the computing environment within which the environment type validation is being performed. Such information can then be utilized to perform policy management, which can include omitting verifications in order to facilitate the sharing of policy, such as application licenses, from a host computing environment into a container virtual computing environment. The environment type validation can perform multiple checks, including verification of the encryption infrastructure of the computing environment, verification of code integrity mechanisms of that computing environment, checks for the presence of functionality evidencing a hypervisor, checks for the presence or absence of predetermined system drivers, or other like operating system components or functionality, checks for the activation or deactivation of resource management stacks, and checks for the presence or absence of predetermined values in firmware.Type: ApplicationFiled: November 1, 2019Publication date: May 6, 2021Inventors: Tushar Suresh SUGANDHI, Amber Tianqi GUO, Balaji BALASUBRAMANYAN, Abhijat SINGH, Ahmed Saruhan KARADEMIR, Benjamin M. SCHULTZ, Hari R. PULAPAKA, Gupta SHUBHAM, Chase THOMAS, Carlos Ernesto Peza RAMIREZ
-
Patent number: 10929167Abstract: Communicating a low-latency event across a virtual machine boundary. Based on an event signaling request by a first process running at a first virtual machine, the first virtual machine updates a shared register that is accessible by a second virtual machine. Updating the shared register includes updating a signal stored in the shared register. The first virtual machine sends an event signal message, which includes a register identifier, through a virtualization fabric to the second virtual machine. The second virtual machine receives the event signaling message and identifies the register identifier from the message. Based on the register identifier, the second virtual machine reads the shared register, identifying a value of the signal stored in the shared register. Based at least on the value of the signal comprising a first value, the second virtual machine signals a second process running at the second virtual machine.Type: GrantFiled: January 9, 2019Date of Patent: February 23, 2021Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Jason Lin, Gregory John Colombo, Mehmet Iyigun, Yevgeniy Bak, Christopher Peter Kleynhans, Stephen Louis-Essman Hufnagel, Michael Ebersol, Ahmed Saruhan Karademir, Shawn Michael Denbow, Kevin Broas, Wen Jia Liu
-
Patent number: 10795974Abstract: Techniques for memory assignment for guest operating systems are disclosed herein. In one embodiment, a method includes generating a license blob containing data representing a product key copied from a record of license information in the host storage upon receiving a user request to launch an application in the guest operating system. The method also includes storing the generated license blob in a random memory location accessible by the guest operating system. The guest operating system can then query the license blob for permission to launch the application and launching the application in the guest operating system without having a separate product key for the guest operating system.Type: GrantFiled: May 31, 2018Date of Patent: October 6, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Ahmed Saruhan Karademir, Sudeep Kumar Ghosh, Ankit Srivastava, Michael Trevor Pashniak, Benjamin M. Schultz, Balaji Balasubramanyan, Hari R. Pulapaka, Tushar Suresh Sugandhi, Matthew David Kurjanowicz, Giridhar Viswanathan
-
Publication number: 20200218560Abstract: Communicating a low-latency event across a virtual machine boundary. Based on an event signaling request by a first process running at a first virtual machine, the first virtual machine updates a shared register that is accessible by a second virtual machine. Updating the shared register includes updating a signal stored in the shared register. The first virtual machine sends an event signal message, which includes a register identifier, through a virtualization fabric to the second virtual machine. The second virtual machine receives the event signaling message and identifies the register identifier from the message. Based on the register identifier, the second virtual machine reads the shared register, identifying a value of the signal stored in the shared register. Based at least on the value of the signal comprising a first value, the second virtual machine signals a second process running at the second virtual machine.Type: ApplicationFiled: January 9, 2019Publication date: July 9, 2020Inventors: Jason LIN, Gregory John COLOMBO, Mehmet IYIGUN, Yevgeniy BAK, Christopher Peter KLEYNHANS, Stephen Louis-Essman HUFNAGEL, Michael EBERSOL, Ahmed Saruhan KARADEMIR, Shawn Michael DENBOW, Kevin BROAS, Wen Jia LIU
-
Publication number: 20190392117Abstract: Techniques for secure sharing of data in computing systems are disclosed herein. In one embodiment, a method includes when exchanging data between the host operating system and the guest operating system, encrypting, at a trusted platform module (TPM) of the host, data to be exchanged with a first key to generate encrypted data. The method also includes transmitting the encrypted data from the host operating system to the guest operating system and decrypting, at the guest operating system, the transmitted encrypted data using a second key previously exchanged between the TPM of the host and a virtual TPM of the guest operating system.Type: ApplicationFiled: June 20, 2018Publication date: December 26, 2019Inventors: Giridhar Viswanathan, Sudeep Kumar Ghosh, Ankit Srivastava, Michael Trevor Pashniak, Benjamin M. Schultz, Balaji Balasubramanyan, Hari R. Pulapaka, Tushar Suresh Sugandhi, Matthew David Kurjanowicz, Ahmed Saruhan Karademir
-
Publication number: 20190370436Abstract: Techniques for memory assignment for guest operating systems are disclosed herein. In one embodiment, a method includes generating a license blob containing data representing a product key copied from a record of license information in the host storage upon receiving a user request to launch an application in the guest operating system. The method also includes storing the generated license blob in a random memory location accessible by the guest operating system. The guest operating system can then query the license blob for permission to launch the application and launching the application in the guest operating system without having a separate product key for the guest operating system.Type: ApplicationFiled: May 31, 2018Publication date: December 5, 2019Inventors: Ahmed Saruhan Karademir, Sudeep Kumar Ghosh, Ankit Srivastava, Michael Trevor Pashniak, Benjamin M. Schultz, Balaji Balasubramanyan, Hari R. Pulapaka, Tushar Suresh Sugandhi, Matthew David Kurjanowicz, Giridhar Viswanathan
-
Publication number: 20190347420Abstract: Securely storing, installing, or launching applications. A method includes determining a trust characteristic or a license characteristic assigned to an application. When the trust characteristic or the license characteristic meets or exceeds a predetermined trust condition or a predetermined license condition, then the method includes at least one of storing, installing or launching the application in a first, more secure operating system while preventing the application from, being at least one of stored, installed or launched in a second, less secure operating system. When the trust characteristic or the license characteristic does not meet or exceed the predetermined trust condition or the predetermined license condition, then the method includes at least one of storing, installing or launching the application in the second less secure operating system while preventing the application from being at least one of stored, installed or launched in the first, more secure operating system.Type: ApplicationFiled: May 11, 2018Publication date: November 14, 2019Inventors: Benjamin M. Schultz, Matthew David Kurjanowicz, Ankit Srivastava, Ahmed Saruhan Karademir, Sudeep Kumar Ghosh, Michael Trevor Pashniak, Hari R. Pulapaka, Balaji Balasubramanyan, Tushar Suresh Sugandhi, Giridhar Viswanathan