Patents by Inventor Amritanshu Johri
Amritanshu Johri has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11531759Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform including a processor and a memory; and instructions encoded within the memory to instruct the processor to: provide a permission list; allocate an executable, the executable to have permissions according to the permission list; designate a child object of the executable; allocate a certificate for the child object; and after a system reboot, grant the child object permissions of the executable after validating the certificate.Type: GrantFiled: February 22, 2021Date of Patent: December 20, 2022Assignee: McAfee, LLCInventors: Preet Mohinder, Ratnesh Pandey, Jaskaran Singh Khurana, Amritanshu Johri
-
Publication number: 20210173933Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform including a processor and a memory; and instructions encoded within the memory to instruct the processor to: provide a permission list; allocate an executable, the executable to have permissions according to the permission list; designate a child object of the executable; allocate a certificate for the child object; and after a system reboot, grant the child object permissions of the executable after validating the certificate.Type: ApplicationFiled: February 22, 2021Publication date: June 10, 2021Applicant: McAfee, LLCInventors: Preet Mohinder, Ratnesh Pandey, Jaskaran Singh Khurana, Amritanshu Johri
-
Patent number: 10929540Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform including a processor and a memory; a whitelist; an updater, the updater being an executable object authorized to modify files within the whitelist and to launch one or more child processes; and instructions encoded within the memory to provide a system management agent to: maintain a chain of trust between the one or more child processes and the updater, wherein the one or more child processes inherit whitelist permissions associated with the updater; and track the chain of trust across a system reboot, including granting a child process the chain of trust after a reboot only if the child process has associated with it a valid certificate.Type: GrantFiled: September 10, 2019Date of Patent: February 23, 2021Assignee: McAfee, LLCInventors: Preet Mohinder, Ratnesh Pandey, Jaskaran Singh Khurana, Amritanshu Johri
-
Publication number: 20200004966Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform including a processor and a memory; a whitelist; an updater, the updater being an executable object authorized to modify files within the whitelist and to launch one or more child processes; and instructions encoded within the memory to provide a system management agent to: maintain a chain of trust between the one or more child processes and the updater, wherein the one or more child processes inherit whitelist permissions associated with the updater; and track the chain of trust across a system reboot, including granting a child process the chain of trust after a reboot only if the child process has associated with it a valid certificate.Type: ApplicationFiled: September 10, 2019Publication date: January 2, 2020Applicant: McAfee, LLCInventors: Preet Mohinder, Ratnesh Pandey, Jaskaran Singh Khurana, Amritanshu Johri
-
Patent number: 10409989Abstract: In an example, a system and method are described for providing trusted updaters and trusted processes. An updater may be subject to a whitelist of files that it, and any child processes, are allowed to modify. But trust inheritance may break across reboots and over interprocess communication. Thus, it is desirable to provide a system and method to maintain trust across such events. In the case of a trusted installer, inheritance may be maintained by cross referencing a digital certificate to a workflow grid. In the case of updater processes, trust may be maintained by using a combination of digital certificates that are part of a trust chain and a unique identifier for each trust chain workflow.Type: GrantFiled: December 11, 2015Date of Patent: September 10, 2019Assignee: McAfee, LLCInventors: Preet Mohinder, Ratnesh Pandey, Jaskaran Singh Khurana, Amritanshu Johri
-
Patent number: 10050993Abstract: In an example, there is disclosed a security architecture for enhanced, non-invasive whitelisting of executable objects. When an executable object tries to perform an action, a security engine seamlessly intercepts the action and determines whether the action is whitelisted, blacklisted, or graylisted, assigning the action a corresponding security score. Whitelisted actions may be allowed, blacklisted actions may be disallowed, and graylisted actions may require additional verification from a user. Because the score is assigned to the combination of the executable object and the action, false positives may be avoided, such as those that may occur when an executable object is prefetched but has not yet tried to perform any useful work.Type: GrantFiled: September 24, 2014Date of Patent: August 14, 2018Assignee: McAfee, LLCInventors: Amritanshu Johri, Balbir Singh, Jaskaran Khurana, Ratnesh Pandey
-
Publication number: 20170351862Abstract: In an example, a system and method are described for providing trusted updaters and trusted processes. An updater may be subject to a whitelist of files that it, and any child processes, are allowed to modify. But trust inheritance may break across reboots and over interprocess communication. Thus, it is desirable to provide a system and method to maintain trust across such events. In the case of a trusted installer, inheritance may be maintained by cross referencing a digital certificate to a workflow grid. In the case of updater processes, trust may be maintained by using a combination of digital certificates that are part of a trust chain and a unique identifier for each trust chain workflow.Type: ApplicationFiled: December 11, 2015Publication date: December 7, 2017Inventors: Preet Mohinder, Ratnesh Pandey, Jaskaran Singh Khurana, Amritanshu Johri
-
Publication number: 20160088011Abstract: In an example, there is disclosed a security architecture for enhanced, non-invasive whitelisting of executable objects. When an executable object tries to perform an action, a security engine seamlessly intercepts the action and determines whether the action is whitelisted, blacklisted, or graylisted, assigning the action a corresponding security score. Whitelisted actions may be allowed, blacklisted actions may be disallowed, and graylisted actions may require additional verification from a user. Because the score is assigned to the combination of the executable object and the action, false positives may be avoided, such as those that may occur when an executable object is prefetched but has not yet tried to perform any useful work.Type: ApplicationFiled: September 24, 2014Publication date: March 24, 2016Inventors: Amritanshu Johri, Balbir Singh, Jaskaran Khurana, Ratnesh Pandey