Patents by Inventor Arjmand Samuel
Arjmand Samuel has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11514158Abstract: The disclosed technology is generally directed to device security in an IoT environment. For example, such technology is usable in IoT security. In one example of the technology, a set of security rules that is associated with an expected condition of at least one IoT device is stored. IoT data associated with the at least one IoT device is received. The IoT data may be aggregated data that includes at least two different types of data. A determination is made, based on the IoT data, as to whether the set of security rules has been violated. An alert is selectively sent based on the determination.Type: GrantFiled: December 3, 2019Date of Patent: November 29, 2022Assignee: Microsoft Technology Licensing, LLCInventor: Arjmand Samuel
-
Patent number: 11468163Abstract: The disclosed technology is generally directed to device security in an IoT environment. For example, such technology is usable in IoT security. In one example of the technology, a set of security rules that is associated with an expected condition of at least one IoT device is stored. IoT data associated with the at least one IoT device is received. The IoT data may be aggregated data that includes at least two different types of data. A determination is made, based on the IoT data, as to whether the set of security rules has been violated. An alert is selectively sent based on the determination.Type: GrantFiled: December 3, 2019Date of Patent: October 11, 2022Assignee: Microsoft Technology Licensing, LLCInventor: Arjmand Samuel
-
Patent number: 11354175Abstract: The disclosed technology is generally directed to IoT technology. In one example of the technology, the following actions are performed for each module of a plurality of modules on a first edge device. An identification message that includes information associated with identification of the module is received. The validity of the module is then verified. After the module is verified, based at least in part on the identification message, an IoT support service is selected from a plurality of IoT support services. The module is then caused to be registered with the selected IoT support service. The plurality of modules are compositable together into an application for the first edge device. The modules of the plurality of modules are capable of being used interoperably with other modules without altering the other modules.Type: GrantFiled: August 27, 2020Date of Patent: June 7, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Elio Damaggio, Chipalo Street, Eustace Ngwa Asanghanwa, Angelo Roncalli de Novaes Pires Ribeiro, Damon Luke Barry, Arjmand Samuel, Michael R. Yagley
-
Patent number: 11030280Abstract: Creating a certificate for a software module. A method includes obtaining a public key for a software module. The method includes obtaining a public key for a software module implemented on a hardware device. The method further includes creating a certificate using the public key by signing the public key using a hardware protected key and hardware protected compute elements. The hardware protected key is protected by a protected portion of the hardware device, and not accessible outside of the protected portion of the hardware device.Type: GrantFiled: August 1, 2018Date of Patent: June 8, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Eustace Ngwa Asanghanwa, Arjmand Samuel
-
Patent number: 10979508Abstract: Metadata associated with IoT devices is stored. The metadata may include categories associated with the IoT devices. At least a first category may be hierarchical such that the first category includes at least two hierarchical levels, with each hierarchical level including at least two categories, and such that each category in a hierarchical level that is below another hierarchical level is a subset of one of the categories in the hierarchical levels above that hierarchical level. User information associated with users is stored. A request associated with one of the users and further associated with access to at least one of the IoT devices is received. Responsive to the request, the access is selectively granted to the at least one of the IoT devices based upon the stored user information and the stored metadata.Type: GrantFiled: June 10, 2019Date of Patent: April 13, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Arjmand Samuel, Juan Perez
-
Patent number: 10970138Abstract: The disclosed technology is generally directed to IoT technology. In one example of the technology, the following actions are performed for each module of a plurality of modules on a first edge device. An identification message that includes information associated with identification of the module is received. The validity of the module is then verified. After the module is verified, based at least in part on the identification message, an IoT support service is selected from a plurality of IoT support services. The module is then caused to be registered with the selected IoT support service. The plurality of modules are compositable together into an application for the first edge device. The modules of the plurality of modules are capable of being used interoperably with other modules without altering the other modules.Type: GrantFiled: June 30, 2017Date of Patent: April 6, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Elio Damaggio, Chipalo Street, Eustace Ngwa Asanghanwa, Angelo Roncalli de Novaes Pires Ribeiro, Damon Luke Barry, Arjmand Samuel, Michael R. Yagley
-
Patent number: 10972456Abstract: The disclosed technology is generally directed to device authentication in an IoT environment. For example, such technology is usable in authenticating IoT devices to an IoT Hub. In one example of the technology, data field targets are received for an IoT device. The data field targets may include at least one device identity data field target and at least one telemetry data field target. Data field entries are received from the IoT device at a first time. The data field entries may include at least one device identity data field entry and at least one telemetry data field entry. A determination is made as to whether the data field entries match the corresponding data field targets for the IoT device. The IoT device is selectively allowed to connect to the IoT hub based on the determination.Type: GrantFiled: November 4, 2016Date of Patent: April 6, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Clemens Vasters, Arjmand Samuel
-
Patent number: 10911444Abstract: The disclosed technology is generally directed to device authentication in an IoT environment. For example, such technology is usable in authenticating IoT devices to an IoT Hub. In one example of the technology, data field targets are received for an IoT device. The data field targets may include at least one device identity data field target and at least one telemetry data field target. Data field entries are received from the IoT device at a first time. The data field entries may include at least one device identity data field entry and at least one telemetry data field entry. A determination is made as to whether the data field entries match the corresponding data field targets for the IoT device. The IoT device is selectively allowed to connect to the IoT hub based on the determination.Type: GrantFiled: November 4, 2016Date of Patent: February 2, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Clemens Vasters, Arjmand Samuel
-
Publication number: 20200394087Abstract: The disclosed technology is generally directed to IoT technology. In one example of the technology, the following actions are performed for each module of a plurality of modules on a first edge device. An identification message that includes information associated with identification of the module is received. The validity of the module is then verified. After the module is verified, based at least in part on the identification message, an IoT support service is selected from a plurality of IoT support services. The module is then caused to be registered with the selected IoT support service. The plurality of modules are compositable together into an application for the first edge device. The modules of the plurality of modules are capable of being used interoperably with other modules without altering the other modules.Type: ApplicationFiled: August 27, 2020Publication date: December 17, 2020Inventors: Elio DAMAGGIO, Chipalo STREET, Eustace Ngwa ASANGHANWA, Angelo Roncalli de Novaes Pires RIBEIRO, Damon Luke BARRY, Arjmand SAMUEL, Michael R. YAGLEY
-
Patent number: 10841298Abstract: The disclosed technology is generally directed to device authentication in an IoT environment. For example, such technology is usable in authenticating IoT devices to an IoT Hub. In one example of the technology, data field targets are received for an IoT device. The data field targets may include at least one device identity data field target and at least one telemetry data field target. Data field entries are received from the IoT device at a first time. The data field entries may include at least one device identity data field entry and at least one telemetry data field entry. A determination is made as to whether the data field entries match the corresponding data field targets for the IoT device. The IoT device is selectively allowed to connect to the IoT hub based on the determination.Type: GrantFiled: November 4, 2016Date of Patent: November 17, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Clemens Vasters, Arjmand Samuel
-
Patent number: 10812284Abstract: The disclosed technology is generally directed to device provisioning in an IoT environment. For example, such technology is usable in provisioning IoT devices to an IoT Hub. In one example of the technology, an identification message that includes information associated with identification of a first IoT device is received. The validity of the first IoT device is then verified. After the first IoT device is verified, based at least in part on the identification message, an IoT hub is selected from a plurality of IoT hubs. The first IoT device is then caused to be registered with the selected IoT hub.Type: GrantFiled: September 10, 2019Date of Patent: October 20, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Nicole Berdy, Konstantin Dotchkoff, Arjmand Samuel, Affan Dar
-
Patent number: 10798216Abstract: The disclosed technology is generally directed to IoT communications. For example, such technology is usable in provisioning IoT devices in an automatic manner with no manual steps. In one example of the technology, upon initial boot, identification information is automatically sent to a provisioning service endpoint stored in the IoT device. The identification information includes an identification (ID) of the first IoT device. Cryptographic information is received from the provisioning service. The cryptographic information is associated with an IoT hub selected from a plurality of IoT hubs based, in part, on the ID of the first IoT device. A message is automatically sent to the IoT hub in response to receiving the cryptographic information. A new configuration file and a firmware update are received from the IoT hub without requiring a user association. The new configuration file and the firmware update are automatically installed.Type: GrantFiled: October 15, 2016Date of Patent: October 6, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Nicole Berdy, Konstantin Dotchkoff, Arjmand Samuel, Affan Dar
-
Publication number: 20200104484Abstract: The disclosed technology is generally directed to device security in an IoT environment. For example, such technology is usable in IoT security. In one example of the technology, a set of security rules that is associated with an expected condition of at least one IoT device is stored. IoT data associated with the at least one IoT device is received. The IoT data may be aggregated data that includes at least two different types of data. A determination is made, based on the IoT data, as to whether the set of security rules has been violated. An alert is selectively sent based on the determination.Type: ApplicationFiled: December 3, 2019Publication date: April 2, 2020Inventor: Arjmand Samuel
-
Publication number: 20200067726Abstract: The disclosed technology is generally directed to device provisioning in an IoT environment. For example, such technology is usable in provisioning IoT devices to an IoT Hub. In one example of the technology, an identification message that includes information associated with identification of a first IoT device is received. The validity of the first IoT device is then verified. After the first IoT device is verified, based at least in part on the identification message, an IoT hub is selected from a plurality of IoT hubs. The first IoT device is then caused to be registered with the selected IoT hub.Type: ApplicationFiled: September 10, 2019Publication date: February 27, 2020Inventors: Nicole Berdy, Konstantin Dotchkoff, Arjmand Samuel, Affan Dar
-
Publication number: 20200042675Abstract: Creating a certificate for a software module. A method includes obtaining a public key for a software module. The method includes obtaining a public key for a software module implemented on a hardware device. The method further includes creating a certificate using the public key by signing the public key using a hardware protected key and hardware protected compute elements. The hardware protected key is protected by a protected portion of the hardware device, and not accessible outside of the protected portion of the hardware device.Type: ApplicationFiled: August 1, 2018Publication date: February 6, 2020Inventors: Eustace Ngwa Asanghanwa, Arjmand Samuel
-
Patent number: 10528725Abstract: The disclosed technology is generally directed to device security in an IoT environment. For example, such technology is usable in IoT security. In one example of the technology, a set of security rules that is associated with an expected condition of at least one IoT device is stored. IoT data associated with the at least one IoT device is received. The IoT data may be aggregated data that includes at least two different types of data. A determination is made, based on the IoT data, as to whether the set of security rules has been violated. An alert is selectively sent based on the determination.Type: GrantFiled: November 4, 2016Date of Patent: January 7, 2020Assignee: Microsoft Technology Licensing, LLCInventor: Arjmand Samuel
-
Publication number: 20190297082Abstract: Metadata associated with IoT devices is stored. The metadata may include categories associated with the IoT devices. At least a first category may be hierarchical such that the first category includes at least two hierarchical levels, with each hierarchical level including at least two categories, and such that each category in a hierarchical level that is below another hierarchical level is a subset of one of the categories in the hierarchical levels above that hierarchical level. User information associated with users is stored. A request associated with one of the users and further associated with access to at least one of the IoT devices is received. Responsive to the request, the access is selectively granted to the at least one of the IoT devices based upon the stored user information and the stored metadata.Type: ApplicationFiled: June 10, 2019Publication date: September 26, 2019Inventors: Arjmand Samuel, Juan Perez
-
Patent number: 10425242Abstract: The disclosed technology is generally directed to device provisioning in an IoT environment. For example, such technology is usable in provisioning IoT devices to an IoT Hub. In one example of the technology, an identification message that includes information associated with identification of a first IoT device is received. The validity of the first IoT device is then verified. After the first IoT device is verified, based at least in part on the identification message, an IoT hub is selected from a plurality of IoT hubs. The first IoT device is then caused to be registered with the selected IoT hub.Type: GrantFiled: October 14, 2016Date of Patent: September 24, 2019Assignee: Microsoft Technology Licensing, LLCInventors: Nicole Berdy, Konstantin Dotchkoff, Arjmand Samuel, Affan Dar
-
Patent number: 10320795Abstract: Metadata associated with IoT devices is stored. The metadata may include categories associated with the IoT devices. At least a first category may be hierarchical such that the first category includes at least two hierarchical levels, with each hierarchical level including at least two categories, and such that each category in a hierarchical level that is below another hierarchical level is a subset of one of the categories in the hierarchical levels above that hierarchical level. User information associated with users is stored. A request associated with one of the users and further associated with access to at least one of the IoT devices is received. Responsive to the request, the access is selectively granted to the at least one of the IoT devices based upon the stored user information and the stored metadata.Type: GrantFiled: February 17, 2017Date of Patent: June 11, 2019Assignee: Microsoft Technology Licensing, LLCInventors: Arjmand Samuel, Juan Perez
-
Publication number: 20180331916Abstract: The disclosed technology is generally directed to IoT technology. In one example of the technology, the following actions are performed for each module of a plurality of modules on a first edge device. An identification message that includes information associated with identification of the module is received. The validity of the module is then verified. After the module is verified, based at least in part on the identification message, an IoT support service is selected from a plurality of IoT support services. The module is then caused to be registered with the selected IoT support service. The plurality of modules are compositable together into an application for the first edge device. The modules of the plurality of modules are capable of being used interoperably with other modules without altering the other modules.Type: ApplicationFiled: June 30, 2017Publication date: November 15, 2018Inventors: Elio DAMAGGIO, Chipalo STREET, Eustace Ngwa ASANGHANWA, Angelo Roncalli de Novaes Pires RIBEIRO, Damon Luke BARRY, Arjmand SAMUEL, Michael R. YAGLEY