Patents by Inventor Andrew Fregly

Andrew Fregly has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11533161
    Abstract: One embodiment of the present application sets forth a computer-implemented method for establishing trust for handles used to identify digital objects in a digital object architecture (DOA) by associating a first attester identifier with a first attester from a trusted public key infrastructure (PKI), identifying a first digital object public key for a first digital object, generating, by the first attester, a first digital object identity attestation that associates the first digital object public key with a handle identifier for the first digital object, wherein the handle identifier is external to the trusted PKI, and generating a first attester identity attestation attesting that the first attester is authentic, where the first attester identity attestation includes the first attester identifier.
    Type: Grant
    Filed: November 18, 2020
    Date of Patent: December 20, 2022
    Assignee: VeriSign, Inc.
    Inventors: Andrew Fregly, Najmehalsadat Miramirkhani, Swapneel Sheth
  • Patent number: 11488589
    Abstract: Techniques for processing a voice initiated request by a web server are presented. The techniques may include receiving, by a web server, request data representing a voice command to a user device, the request data including an identification of a requested webpage; determining, by the web server, that a response to the request data will continue a voice interaction; and providing, by the web server and to the user device, data for a voice enabled webpage associated with the requested webpage, where the data for the voice enabled webpage is configured to invoke a voice interface for the user device.
    Type: Grant
    Filed: December 21, 2018
    Date of Patent: November 1, 2022
    Assignee: VeriSign, Inc.
    Inventors: Andrew Fregly, Andrew Kaizer, Burton S. Kaliski, Jr., Patrick Kane, Swapneel Sheth, Hari Sola, Paul Tidwell, Pedro Vasquez
  • Publication number: 20220255910
    Abstract: Provided herein is a method for registering an IoT device with a DNS registry. The method can include obtaining, at a DNS server, an identifier, IP address, and a public key of an asymmetric key pair associated with the IoT device from a network gateway device that is in communication with the IoT device, wherein the asymmetric key pair is provisioned onto the IoT device and an associated private key stored within a memory of the IoT device at a time that IoT device is manufactured or during a predetermined time window after manufacturing; creating at least one DNS record for the IoT device; assigning a domain name associated with the internet protocol (“IP”) address to the IoT device; storing the identifier, IP address, the domain name, and the public key in the at least one DNS record; and providing confirmation of the registration to the IoT device.
    Type: Application
    Filed: April 26, 2022
    Publication date: August 11, 2022
    Applicant: VeriSign, Inc.
    Inventors: Stephen Daniel JAMES, Daniel SCHONFELD, Andrew FREGLY, Eric OSTERWEIL
  • Patent number: 11392662
    Abstract: For digital objects registered via the DOA infrastructure, attribute inheritance is enabled between related objects using naming conventions for the handle IDs or data models for handle data. Each child object of a parent object may automatically inherit at least one predetermined attribute of the parent object. When a retriever machine (local handle registry or client machine) obtains a handle ID for a digital object, the retriever machine may determine that the digital object is a child object of a parent object, determine a handle ID for the parent object, obtain the author attribute from the handle data of the parent object, and associate the author attribute of the parent object with the child object. The retriever machine may determine that the digital object is a child object of the parent object via naming conventions for handle IDs or via data models for the handle data.
    Type: Grant
    Filed: July 20, 2018
    Date of Patent: July 19, 2022
    Assignee: VeriSign, Inc.
    Inventors: Andrew Fregly, Swapneel Sheth, Najmehalsadat Miramirkhani
  • Publication number: 20220182245
    Abstract: A method and a computer system is provided for executing the method for providing a registration data directory service (RDDS). The method includes obtaining, at a RDDS, a RDDS query comprising a location assertion from a RDDS client from a RDDS client; providing, by the RDDS, a request for personally identifying information (PII) for the RDDS query from a privacy provider, wherein the request comprises the location assertion; obtaining, by the RDDS, the PII for the RDDS query; and providing, by the RDDS, a response to the RDDS query to the RDDS client, wherein the response comprises PII.
    Type: Application
    Filed: February 28, 2022
    Publication date: June 9, 2022
    Applicant: VeriSign, Inc.
    Inventors: Andrew Fregly, Swapneel Sheth
  • Patent number: 11323422
    Abstract: Provided herein is a method for registering an IoT device with a DNS registry. The method can include obtaining, at a DNS server, an identifier, IP address, and a public key of an asymmetric key pair associated with the IoT device from a network gateway device that is in communication with the IoT device, wherein the asymmetric key pair is provisioned onto the IoT device and an associated private key stored within a memory of the IoT device at a time that IoT device is manufactured or during a predetermined time window after manufacturing; creating at least one DNS record for the IoT device; assigning a domain name associated with the internet protocol (“IP”) address to the IoT device; storing the identifier, IP address, the domain name, and the public key in the at least one DNS record; and providing confirmation of the registration to the IoT device.
    Type: Grant
    Filed: September 11, 2017
    Date of Patent: May 3, 2022
    Assignee: VeriSign, Inc.
    Inventors: Stephen Daniel James, Daniel Schonfeld, Andrew Fregly, Eric Osterweil
  • Patent number: 11321420
    Abstract: Techniques for providing a cross-ecosystem website for applications are presented. The techniques can include storing, by a webserver, multiple website templates in association with a plurality of respective web widgets and a respective Application Program Interface (API), where a plurality of respective back-end services correspond to the plurality of respective web widgets; receiving, from a website developer, a website template selection and a web widget selection; implementing a respective API for the cross-ecosystem website; storing in association with the cross-ecosystem website a manifest indicating services available on the cross-ecosystem website; and interfacing with a plurality of applications in a plurality of application ecosystems, using the API for the cross-ecosystem website.
    Type: Grant
    Filed: December 21, 2018
    Date of Patent: May 3, 2022
    Assignee: VeriSign, Inc.
    Inventors: Andrew Fregly, Paul Tidwell
  • Patent number: 11283624
    Abstract: A method and a computer system is provided for executing the method for providing a registration data directory service (RDDS). The method includes obtaining, at a RDDS, a RDDS query comprising a location assertion from a RDDS client from a RDDS client; providing, by the RDDS, a request for personally identifying information (PII) for the RDDS query from a privacy provider, wherein the request comprises the location assertion; obtaining, by the RDDS, the PII for the RDDS query; and providing, by the RDDS, a response to the RDDS query to the RDDS client, wherein the response comprises PII.
    Type: Grant
    Filed: July 31, 2017
    Date of Patent: March 22, 2022
    Assignee: VeriSign, Inc.
    Inventors: Andrew Fregly, Swapneel Sheth
  • Patent number: 11190397
    Abstract: In one embodiment, a delegation engine automatically provisions a device connected to a network to securely identify and interact with external services. As a device boots in a deployment environment, the delegation engine generates a search domain name based on a manufacturer-supplied domain name and a domain name associated with the deployment environment. The delegation engine then searches a Domain Name System (DNS) to retrieve a delegation record stored at the search domain name. After verifying a manufacturer signature associated with the delegation record, the delegation engine configures the device based on service discovery information included in the delegation record. Because the delegation engine automates the provisioning process, the time required to provision devices is acceptable irrespective of the number of the devices. Further, because the delegation engine verifies the delegation record, the delegation engine does not expose the device to security risks during the provisioning process.
    Type: Grant
    Filed: May 6, 2016
    Date of Patent: November 30, 2021
    Assignee: VeriSign, Inc.
    Inventors: Andrew Cathrow, Andrew Fregly, Stephen D. James
  • Patent number: 10979384
    Abstract: Provided is a method of provisioning a named resource in a domain name system (“DNS”) with a registrar while preserving privacy of a registrant. The method includes obtaining, by a server of the registrar over a network, a request, from the registrant, to provision the named resource; determining, by at least one hardware processor of the server of the registrar, that the request requires additional handling by a privacy provider based on information in the request or information from the registrar; determining, by at least one hardware processor of the server of the registrar, a privacy provider from one or more privacy providers located in different geographic locations to service the request based on a location of the registrant; forwarding the request to the privacy provider; obtaining a cloaked identifier from the privacy provider; and provisioning the named resource in a database of a DNS registry using the cloaked identifier.
    Type: Grant
    Filed: March 25, 2016
    Date of Patent: April 13, 2021
    Assignee: VERISIGN, INC.
    Inventor: Andrew Fregly
  • Patent number: 10909222
    Abstract: A technique for verifying an origin of a digital object in a digital object architecture is described. The technique includes the steps of receiving, from a handle registry, handle information for a digital object that includes an attestation that references the handle identification value for the handle and origin identification information; verifying the authenticity of the attestation; after verifying the authenticity of the attestation, using the origin information in determining authorizations applicable to the digital object.
    Type: Grant
    Filed: July 20, 2018
    Date of Patent: February 2, 2021
    Assignee: VERISIGN, INC.
    Inventors: Andrew Fregly, Najmehalsadat Miramirkhani, Swapneel Sheth
  • Publication number: 20210021598
    Abstract: Provided is a method for providing Registration Data Access Protocol (“RDAP”) responses. The method includes obtaining, at a RDAP client over a network, a RDAP query for RDAP data from a user; providing, by the RDAP client, the RDAP query and a cryptographic credential to a RDAP server, wherein the RDAP server communicates with one or more thick RDAP servers to provide respective thick RDAP answers to the RDAP query, wherein at least one the respective thick RDAP answers are encrypted using a symmetric or asymmetric cryptographic key associated with the cryptographic credential of the RDAP client; obtaining a consolidated thick RDAP answer to the RDAP query from the RDAP server; decrypting the consolidated thick RDAP answer using a symmetric or asymmetric cryptographic key associated with the cryptographic credential; and providing the thick RDAP answer that is decrypted to the user.
    Type: Application
    Filed: October 5, 2020
    Publication date: January 21, 2021
    Inventors: Burton S. Kaliski, JR., Swapneel Sheth, Scott Hollenbeck, Andrew Fregly
  • Patent number: 10867129
    Abstract: In one embodiment, a domain-name based framework implemented in a digital assistant ecosystem uses domain names as unique identifiers for request types, requesting entities, responders, and target entities embedded in a natural language request. Further, the framework enables interpreting natural language requests according to domain ontologies associated with different responders. A domain ontology operates as a keyword dictionary for a given responder and defines the keywords and corresponding allowable values to be used for request types and request parameters. The domain-name based framework thus enables the digital assistant to interact with any responder that supports a domain ontology to generate precise and complete responses to natural language based requests.
    Type: Grant
    Filed: December 12, 2017
    Date of Patent: December 15, 2020
    Assignee: VERISIGN, INC.
    Inventors: Andrew Fregly, Burton S. Kaliski, Jr., Swapneel Sheth
  • Patent number: 10848301
    Abstract: One embodiment of the present application sets forth a computer-implemented method for establishing trust for handles used to identify digital objects in a digital object architecture (DOA) by associating a first attester identifier with a first attester from a trusted public key infrastructure (PKI), identifying a first digital object public key for a first digital object, generating, by the first attester, a first digital object identity attestation that associates the first digital object public key with a handle identifier for the first digital object, wherein the handle identifier is external to the trusted PKI, and generating a first attester identity attestation attesting that the first attester is authentic, where the first attester identity attestation includes the first attester identifier.
    Type: Grant
    Filed: July 20, 2018
    Date of Patent: November 24, 2020
    Assignee: VERISIGN, INC.
    Inventors: Andrew Fregly, Najmehalsadat Miramirkhani, Swapneel Sheth
  • Patent number: 10798093
    Abstract: Provided is a method for providing Registration Data Access Protocol (“RDAP”) responses. The method includes obtaining, at a RDAP client over a network, a RDAP query for RDAP data from a user; providing, by the RDAP client, the RDAP query and a cryptographic credential to a RDAP server, wherein the RDAP server communicates with one or more thick RDAP servers to provide respective thick RDAP answers to the RDAP query, wherein at least one the respective thick RDAP answers are encrypted using a symmetric or asymmetric cryptographic key associated with the cryptographic credential of the RDAP client; obtaining a consolidated thick RDAP answer to the RDAP query from the RDAP server; decrypting the consolidated thick RDAP answer using a symmetric or asymmetric cryptographic key associated with the cryptographic credential; and providing the thick RDAP answer that is decrypted to the user.
    Type: Grant
    Filed: March 8, 2017
    Date of Patent: October 6, 2020
    Assignee: VERISIGN, INC.
    Inventors: Burton S. Kaliski, Jr., Swapneel Sheth, Scott Hollenbeck, Andrew Fregly
  • Publication number: 20200258507
    Abstract: In one embodiment, a domain-name based framework implemented in a digital assistant ecosystem uses domain names as unique identifiers for request types, requesting entities, responders, and target entities embedded in a natural language request. Further, the framework enables interpreting natural language requests according to domain ontologies associated with different responders. A domain ontology operates as a keyword dictionary for a given responder and defines the keywords and corresponding allowable values to be used for request types and request parameters. The domain-name based framework thus enables the digital assistant to interact with any responder that supports a domain ontology to generate precise and complete responses to natural language based requests.
    Type: Application
    Filed: April 28, 2020
    Publication date: August 13, 2020
    Inventors: Andrew FREGLY, Burton S. KALISKI, JR., Swapneel SHETH
  • Patent number: 10715502
    Abstract: Systems and methods for automating client-side synchronization and discovery of public keys and certificates of external contacts include a key synchronizer at a client device. The key synchronizer obtains, from the client device, an external contact associated with an external domain outside of a local domain of the client device and then identifies, based on the external domain, a public key registry outside of the local domain. The key synchronizer obtains, from the public key registry, a registry-supplied public key or digital certificate for the external contact and then stores the registry-supplied key as a locally-stored key in the local key store such that the client device can obtain and apply the locally-stored key to secure an email targeting the external contact as a recipient of the email.
    Type: Grant
    Filed: December 31, 2015
    Date of Patent: July 14, 2020
    Assignee: VERISIGN, INC.
    Inventors: Stephen Daniel James, Andrew Fregly, Andrew Cathrow
  • Patent number: 10665230
    Abstract: In one embodiment, a domain-name based framework implemented in a digital assistant ecosystem uses domain names as unique identifiers for request types, requesting entities, responders, and target entities embedded in a natural language request. Further, the framework enables interpreting natural language requests according to domain ontologies associated with different responders. A domain ontology operates as a keyword dictionary for a given responder and defines the keywords and corresponding allowable values to be used for request types and request parameters. The domain-name based framework thus enables the digital assistant to interact with any responder that supports a domain ontology to generate precise and complete responses to natural language based requests.
    Type: Grant
    Filed: December 12, 2017
    Date of Patent: May 26, 2020
    Assignee: VERISIGN, INC.
    Inventors: Andrew Fregly, Burton S. Kaliski, Jr., Swapneel Sheth
  • Patent number: 10642969
    Abstract: In one embodiment, a security provisioning service automatically establishes trust in a device. Upon receiving a provisioning request, a security provisioning service identifies a verification item that is associated with the provisioning request. The security provisioning service performs one or more verification operations based on the provisioning request to determine whether the provisioning request is authorized. If the provisioning request is authorized, then the provisioning service establishes a verifiable identification for the device that is assured by the secure provisioning service and then executes the provisioning request. By automatically performing the verification operations to establish trust in the device, the provisioning service eliminates manual identification assurance operations that are performed as part of a conventional security provisioning process.
    Type: Grant
    Filed: September 5, 2018
    Date of Patent: May 5, 2020
    Assignee: VERISIGN, INC.
    Inventors: Stephen D. James, Andrew Fregly, Andrew Cathrow
  • Patent number: 10599725
    Abstract: Improved RDAP systems, RDAP services, and RDAP methods identify users and clients and keep track of their RDAP activities. The RDAP systems, services, and methods analyze the activities of a user (or a client) and detect or determine whether or not the user is engaging in undesirable, malicious, or otherwise abnormal activities. If so, the RDAP systems, services, and methods take action to reduce, eliminate, or otherwise mitigate the undesirable, malicious, or abnormal activities of the user.
    Type: Grant
    Filed: December 28, 2016
    Date of Patent: March 24, 2020
    Assignee: VERISIGN, INC.
    Inventors: Matthew Ward, Andrew Fregly, Swapneel Sheth