Patents by Inventor Anatoly Koretsky
Anatoly Koretsky has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11196892Abstract: Disclosed are embodiments to manage modifications to a document such that the document conforms to requirements of a label. In some aspects, input assigning a label to a document is received. The label indicates requirements for the document. For example, the label marks the document as confidential, and requires the document to be encrypted when leaving a secure environment. The label may include additional requirements, such as particular watermarking or other content modifications to the document based on the confidential label. A device may be capable of modifying the document such that it satisfies only a subset of the label's requirements. The device then generates a message indicating a gap between the label's requirements and the state of the document, and sends the message to a network service. The network service is configured to augment the document as specified by the additional requirements indicated in the message.Type: GrantFiled: November 26, 2019Date of Patent: December 7, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Jinghua Chen, Devesh Srivastava, Mashuri R Libman, Anatoly Koretsky
-
Publication number: 20200382677Abstract: Disclosed are embodiments to manage modifications to a document such that the document conforms to requirements of a label. In some aspects, input assigning a label to a document is received. The label indicates requirements for the document. For example, the label marks the document as confidential, and requires the document to be encrypted when leaving a secure environment. The label may include additional requirements, such as particular watermarking or other content modifications to the document based on the confidential label. A device may be capable of modifying the document such that it satisfies only a subset of the label's requirements. The device then generates a message indicating a gap between the label's requirements and the state of the document, and sends the message to a network service. The network service is configured to augment the document as specified by the additional requirements indicated in the message.Type: ApplicationFiled: November 26, 2019Publication date: December 3, 2020Inventors: Jinghua Chen, Devesh Srivastava, Mashuri R. Libman, Anatoly Koretsky
-
Publication number: 20190354691Abstract: Systems and/or methods for deploying and implementing data loss prevention (DLP) policy definition that may encapsulate the requirements, control objectives and directives, and/or the definitions of sensitive data types as stipulated directly or indirectly by the regulatory policy are disclosed. In one embodiment, DLP policies may be identified by an organization to run on top of a set of electronic file systems (e.g., email systems, file systems, web servers and the like). Organizations and their administrators may implement a set of DLP policy instance which are derived from DLP policy templates. DLP policy templates may comprise both structure and meaning—and may acquire a given DLP policy by the replacement of parameterized expressions with desired parameter values. In another embodiment, the state of the DLP policy instance may change according to the lifecycle of the policy instance deployment.Type: ApplicationFiled: June 19, 2019Publication date: November 21, 2019Inventors: Lynn AYRES, Jack KABAT, Raja Charu Vikram KAKUMANI, Mashuri LIBMAN, Benjamin STULL, Anatoly KORETSKY, Andrey SHUR, Joseph SCHULMAN
-
Patent number: 10372916Abstract: Systems and/or methods for deploying and implementing data loss prevention (DLP) policy definition that may encapsulate the requirements, control objectives and directives, and/or the definitions of sensitive data types as stipulated directly or indirectly by the regulatory policy are disclosed. In one embodiment, DLP policies may be identified by an organization to run on top of a set of electronic file systems (e.g., email systems, file systems, web servers and the like). Organizations and their administrators may implement a set of DLP policy instance which are derived from DLP policy templates. DLP policy templates may comprise both structure and meaning—and may acquire a given DLP policy by the replacement of parameterized expressions with desired parameter values. In another embodiment, the state of the DLP policy instance may change according to the lifecycle of the policy instance deployment.Type: GrantFiled: March 9, 2016Date of Patent: August 6, 2019Assignee: Microsoft Technology Licensing, LLCInventors: Lynn Ayres, Jack Kabat, Raja Charu Vikram Kakumani, Mashuri Libman, Benjamin Stull, Anatoly Koretsky, Andrey Shur, Joseph Schulman
-
Patent number: 9832231Abstract: User input mechanisms are displayed for defining a compliance policy update. A unified compliance policy update is generated according to a unified schema that is consistent across different workloads. The unified compliance policy update is sent to a workload where it is deployed.Type: GrantFiled: May 26, 2016Date of Patent: November 28, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Hao Zhang, Anatoly Koretsky, Lucy Chao, Mashuri Libman, Neelamadhaba Mahapatro, Krishna Kumar Parthasarathy, Sowmy Srinivasan, Sridharan Ramanathan, Jack Kabat
-
Patent number: 9674227Abstract: A set of compliance policy updates are received. The compliance policy updates are sent to workloads for application. A status of the application of the compliance policies to the workloads is received from the workloads and output.Type: GrantFiled: July 20, 2016Date of Patent: June 6, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Hao Zhang, Krishna Kumar Parthasarathy, Lucy Chao, Mashuri Libman, Anatoly Koretsky, Liphi Gao, Yongjun Xie, David Alexander Blyth
-
Publication number: 20160330248Abstract: A set of compliance policy updates are received. The compliance policy updates are sent to workloads for application. A status of the application of the compliance policies to the workloads is received from the workloads and output.Type: ApplicationFiled: July 20, 2016Publication date: November 10, 2016Inventors: Hao Zhang, Krishna Kumar Parthasarathy, Lucy Chao, Mashuri Libman, Anatoly Koretsky, Liphi Gao, Yongjun Xie, David Alexander Blyth
-
Publication number: 20160277449Abstract: User input mechanisms are displayed for defining a compliance policy update. A unified compliance policy update is generated according to a unified schema that is consistent across different workloads. The unified compliance policy update is sent to a workload where it is deployed.Type: ApplicationFiled: May 26, 2016Publication date: September 22, 2016Inventors: Hao Zhang, Anatoly Koretsky, Lucy Chao, Mashuri Libman, Neelamadhaba Mahapatro, Krishna Kumar Parthasarathy, Sowmy Srinivasan, Sridharan Ramanathan, Jack Kabat
-
Patent number: 9438547Abstract: System and methods for the implementation and/or enforcement of an email policy for an organization's email system are presented. A Data Loss Prevention (DLP) policy may be implemented on top of the email system. In one embodiment, the DLP policy may comprise modules and/or processing that tests emails for such sensitive data within emails. If an email comprises such sensitive data, then the DLP policy directives may specify processing to be applied as part of each stage of mail processing, from authoring to mail processing on the server and delivery. A single policy may be authored and managed that will apply the policy directives uniformly across all aspects of the message lifecycle. Each of the message policy enforcement systems may evaluate the single policy definition and apply the policy directives in a manner consistent with the contextual evaluation of the policy.Type: GrantFiled: July 10, 2012Date of Patent: September 6, 2016Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Lynn Ayres, Jack Kabat, Vikram Kakumani, Mashuri Libman, Benjamin Stull, Anatoly Koretsky, Vidyaraman Sankaranarayanan
-
Patent number: 9432405Abstract: A set of compliance policy updates are received. The compliance policy updates are sent to workloads for application. A status of the application of the compliance policies to the workloads is received from the workloads and output.Type: GrantFiled: July 10, 2014Date of Patent: August 30, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Hao Zhang, Krishna Kumar Parthasarathy, Lucy Chao, Mashuri Libman, Anatoly Koretsky, Liphi Gao, Yongjun Xie, David Alexander Blyth
-
Publication number: 20160203321Abstract: Systems and/or methods for deploying and implementing data loss prevention (DLP) policy definition that may encapsulate the requirements, control objectives and directives, and/or the definitions of sensitive data types as stipulated directly or indirectly by the regulatory policy are disclosed. In one embodiment, DLP policies may be identified by an organization to run on top of a set of electronic file systems (e.g., email systems, file systems, web servers and the like). Organizations and their administrators may implement a set of DLP policy instance which are derived from DLP policy templates. DLP policy templates may comprise both structure and meaning—and may acquire a given DLP policy by the replacement of parameterized expressions with desired parameter values. In another embodiment, the state of the DLP policy instance may change according to the lifecycle of the policy instance deployment.Type: ApplicationFiled: March 9, 2016Publication date: July 14, 2016Inventors: Lynn Ayres, Jack Kabat, Vikram Kakumani, Mashuri Libman, Benjamin Stull, Anatoly Koretsky, Andrey Shur, Joseph Schulman
-
Patent number: 9380074Abstract: User input mechanisms are displayed for defining a compliance policy update. A unified compliance policy update is generated according to a unified schema that is consistent across different workloads. The unified compliance policy update is sent to a workload where it is deployed.Type: GrantFiled: July 24, 2014Date of Patent: June 28, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Hao Zhang, Anatoly Koretsky, Lucy Chao, Mashuri Libman, Neelamadhaba Mahapatro, Krishna Kumar Parthasarathy, Sowmy Srinivasan, Sridharan Ramanathan, Jack Kabat
-
Patent number: 9317696Abstract: Systems and/or methods for deploying and implementing data loss prevention (DLP) policy definition that may encapsulate the requirements, control objectives and directives, and/or the definitions of sensitive data types as stipulated directly or indirectly by the regulatory policy are disclosed. In one embodiment, DLP policies may be identified by an organization to run on top of a set of electronic file systems (e.g., email systems, file systems, web servers and the like). Organizations and their administrators may implement a set of DLP policy instance which are derived from DLP policy templates. DLP policy templates may comprise both structure and meaning—and may acquire a given DLP policy by the replacement of parameterized expressions with desired parameter values. In another embodiment, the state of the DLP policy instance may change according to the lifecycle of the policy instance deployment.Type: GrantFiled: July 10, 2012Date of Patent: April 19, 2016Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Lynn Ayres, Jack Kabat, Vikram Kakumani, Mashuri Libman, Benjamin Stull, Anatoly Koretsky, Andrey Shur
-
Publication number: 20150249681Abstract: A set of compliance policy updates are received. The compliance policy updates are sent to workloads for application. A status of the application of the compliance policies to the workloads is received from the workloads and output.Type: ApplicationFiled: July 10, 2014Publication date: September 3, 2015Inventors: Hao Zhang, Krishna Kumar Parthasarathy, Lucy Chao, Mashuri Libman, Anatoly Koretsky, Liphi Gao, Yongjun Xie, David Alexander Blyth
-
Publication number: 20150249684Abstract: User input mechanisms are displayed for defining a compliance policy update. A unified compliance policy update is generated according to a unified schema that is consistent across different workloads. The unified compliance policy update is sent to a workload where it is deployed.Type: ApplicationFiled: July 24, 2014Publication date: September 3, 2015Inventors: Hao Zhang, Anatoly Koretsky, Lucy Chao, Mashuri Libman, Neelamadhaba Mahapatro, Krishna Kumar Parthasarathy, Sowmy Srinivasan, Sridharan Ramanathan, Jack Kabat
-
Patent number: 8646038Abstract: Systems, methods, and/or techniques (“tools”) that relate to an automated service for blocking malware hosts are described herein. In different implementations, the tools receive network addresses identifying hosts that are discovered to contain malware. The tools also provide the network addresses to a collection and storage service. Other components provided by the tools receive the network addresses from, for example, a plurality of reporting clients. These components may aggregate the network addresses across the reporting clients, and store instances of the malware and associated malware addresses.Type: GrantFiled: September 15, 2006Date of Patent: February 4, 2014Assignee: Microsoft CorporationInventors: Anthony Blumfield, Ronald Franczyk, Andrew Newman, Anatoly Koretsky
-
Publication number: 20140020045Abstract: Systems and/or methods for deploying and implementing data loss prevention (DLP) policy definition that may encapsulate the requirements, control objectives and directives, and/or the definitions of sensitive data types as stipulated directly or indirectly by the regulatory policy are disclosed. In one embodiment, DLP policies may be identified by an organization to run on top of a set of electronic file systems (e.g., email systems, file systems, web servers and the like). Organizations and their administrators may implement a set of DLP policy instance which are derived from DLP policy templates. DLP policy templates may comprise both structure and meaning—and may acquire a given DLP policy by the replacement of parameterized expressions with desired parameter values. In another embodiment, the state of the DLP policy instance may change according to the lifecycle of the policy instance deployment.Type: ApplicationFiled: July 10, 2012Publication date: January 16, 2014Applicant: MICROSOFT CORPORATIONInventors: Lynn Ayres, Jack Kabat, Vikram Kakumani, Mashuri Libman, Benjamin Stull, Anatoly Koretsky, Andrey Shur, Joseph Schulman
-
Publication number: 20140020044Abstract: System and methods for the implementation and/or enforcement of an email policy for an organization's email system are presented. A Data Loss Prevention (DLP) policy may be implemented on top of the email system. In one embodiment, the DLP policy may comprise modules and/or processing that tests emails for such sensitive data within emails. If an email comprises such sensitive data, then the DLP policy directives may specify processing to be applied as part of each stage of mail processing, from authoring to mail processing on the server and delivery. A single policy may be authored and managed that will apply the policy directives uniformly across all aspects of the message lifecycle. Each of the message policy enforcement systems may evaluate the single policy definition and apply the policy directives in a manner consistent with the contextual evaluation of the policy.Type: ApplicationFiled: July 10, 2012Publication date: January 16, 2014Applicant: MICROSOFT CORPORATIONInventors: Lynn Ayres, Jack Kabat, Vikram Kakumani, Mashuri Libman, Benjamin Stull, Anatoly Koretsky, Vidyaraman Sankaranarayanan
-
Publication number: 20080127306Abstract: Systems, methods, and/or techniques (“tools”) that relate to an automated service for blocking malware hosts are described herein. In different implementations, the tools receive network addresses identifying hosts that are discovered to contain malware. The tools also provide the network addresses to a collection and storage service. Other components provided by the tools receive the network addresses from, for example, a plurality of reporting clients. These components may aggregate the network addresses across the reporting clients, and store instances of the malware and associated malware addresses.Type: ApplicationFiled: September 15, 2006Publication date: May 29, 2008Applicant: Microsoft CorporationInventors: Anthony Blumfield, Ronald Franczyk, Andrew Newman, Anatoly Koretsky