Patents by Inventor Brian LaMacchia

Brian LaMacchia has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Revocation of a certificate and exclusion of other principals in a digital rights management (DRM) system based on a revocation list from a delegated revocation authority
    Publication number: 20040168056
    Abstract: A digital certificate identifies an entity as having authority over the certificate to revoke same as delegated by the issuer. The certificate also has at least one revocation condition relating to possible revocation of the certificate. To authenticate the certificate, the identification of the delegated revocation authority, a location from which a revocation list is to be obtained, and any freshness requirement to be applied to the revocation list are determined from the certificate. It is then ensured that the revocation list from the location is present and that the present revocation list satisfies the freshness requirement, that the revocation list is promulgated by the delegated revocation authority identified in the certificate, and that the certificate is not identified in the revocation list as being revoked.
    Type: Application
    Filed: February 26, 2003
    Publication date: August 26, 2004
    Applicant: Microsoft Corporation
    Inventors: Blair Brewster Dillaway, Philip Lafornara, Brian A. LaMacchia, Rushmi U. Malaviarachchi, John L. Manferdelli, Charles F. Rose
  • Digital licenses including patterns
    Publication number: 20040098346
    Abstract: A computer-implemented mechanism for granting rights to a resource is described. A license identifies one or more principals, resources, rights and conditions. At least one of the license elements is expressed as a pattern. The pattern encompasses a set of elements by describing common attributes. When determining whether to grant rights to a principal to access a resource, an access control module may determine whether a list of desired bindings is consistent with the pattern.
    Type: Application
    Filed: November 18, 2002
    Publication date: May 20, 2004
    Applicant: Microsoft Corporation
    Inventors: Bob Atkinson, John DeTreville, Brian A. LaMacchia
  • Licenses that include fields identifying properties
    Publication number: 20040098277
    Abstract: A computer-implemented mechanism for granting rights to a resource is described. Trusted issuers and other entities may define properties and criteria for determining whether an entity possesses a property. A license may be used to assert that a principal possesses the property. A trusted issuer may then issue a second license that authorizes any entity that possesses the property the right to utilize a resource.
    Type: Application
    Filed: November 18, 2002
    Publication date: May 20, 2004
    Applicant: Microsoft Corporation
    Inventors: Bob Atkinson, Brian A. LaMacchia, John DeTreville
  • Substitution groups/inheritance for extensibility in authorization policy
    Publication number: 20040098347
    Abstract: A computer-implemented mechanism for granting rights is described. A license may be used to identify one or more principals, resources, rights and conditions. The license also identifies a license format scheme and a license format modification scheme. An access control module or other entity may interpret the license in accordance with the license format scheme and license format modification scheme.
    Type: Application
    Filed: November 18, 2002
    Publication date: May 20, 2004
    Applicant: Microsoft Corporation
    Inventors: Bob Atkinson, John DeTreville, Brian A. LaMacchia
  • Prerequisite rights
    Publication number: 20040098602
    Abstract: A computer-implemented mechanism for granting rights to a resource is described. A license identifies one or more principals, resources, rights and conditions. The license also conditions a right to be granted on the existence of one or more prerequisite rights. Before allowing an entity to exercise the right to be granted, a resource or other entity checks to determine whether the prerequisite rights exist.
    Type: Application
    Filed: November 18, 2002
    Publication date: May 20, 2004
    Applicant: Microsoft Corporation
    Inventors: John DeTreville, Bob Atkinson, Brian A. LaMacchia, M. Paramasivam
  • Digital licenses that include universally quantified variables
    Publication number: 20040098492
    Abstract: A computer-implemented mechanism for granting rights to a resource is described. A license identifies one or more principals, resources, rights and conditions in fields of the license. The license fields include one or more instances of one or more variables. The variables are universally quantified so that each variable may be any one of a set of values. All instances of any given variable are bound to the same value.
    Type: Application
    Filed: November 18, 2002
    Publication date: May 20, 2004
    Applicant: Microsoft Corporation
    Inventors: Bob Atkinson, Brian A. LaMacchia, John DeTreville, M. Paramasivam, Xin Wang, Thomas DeMartini
  • Cryptographic audit
    Publication number: 20030229781
    Abstract: Method, system, and computer program products for identifying potentially fraudulent receivers of digital content. A receiver authenticates to an auditing service with data that should be unique to the receiver. The auditing service detects when multiple receivers attempt to authenticate with the same data, suggesting that a receiver has been cloned or duplicated. The audit service also detects when a receiver authenticates improperly, suggesting an unsuccessful and unauthorized attempt to duplicate an authorized receiver. Individual receivers may be networked together. To help protect a receiver's authentication data from tampering, at least a portion of the data may be digitally signed with a private key. The audit service may then verify the digital signature with a corresponding public key. Varying the order in which data is signed or where the data is stored from one receiver or group of receivers to another may provide an additional level of security.
    Type: Application
    Filed: June 5, 2002
    Publication date: December 11, 2003
    Inventors: Barbara Lynch Fox, David G. Conroy, Brian A. LaMacchia
  • Application program interface for network software platform
    Publication number: 20030167356
    Abstract: An application program interface (API) provides a set of functions, including a set of base classes and types that are used in substantially all applications accessing the API, for application developers who build Web applications on Microsoft Corporation's .NET™ platform.
    Type: Application
    Filed: July 10, 2001
    Publication date: September 4, 2003
    Inventors: Adam W. Smith, Anthony J. Moore, Brian A. LaMacchia, Anders Hejlsberg, Brian M. Grunkemeyer, Caleb L. Doise, Christopher W. Brumme, Christopher L. Anderson, Corina E. Feuerstein, Craig T. Sinclair, Daniel Takacs, David S. Ebbo, David O. Driver, David S. Mortenson, Erik B. Christensen, Erik B. Olson, Fabio A. Yeon, Gopala Krishna R. Kakivaya, Gregory D. Fee, Hany E. Ramadan, Henry L. Sanders, Jayanth V. Rajan, Jeffrey M. Cooperstein, Jonathan C. Hawkins, James H. Hogg, Joe D. Long, John I. McConnell, Jesus Ruiz-Scougall, James S. Miller, Julie D. Bennett, Krzysztof J. Cwalina, Lance E. Olson, Loren M. Kohnfelder, Michael M. Magruder, Manish S. Prabhu, Radu Rares Palanca, Raja Krishnaswamy, Shawn P. Burke, Sean E. Trowbridge, Seth M. Demsey, Shajan Dasan, Stefan H. Pharies, Suzanne M. Cook, Tarun Anand, Travis J. Muhlestein, Yann E. Christensen, Yung-shin Lin, Ramasamy Krishnaswamy, Joseph Roxe, Alan Boshier, David Bau
  • Application program interface for network software platform
    Publication number: 20030028685
    Abstract: An application program interface (API) provides a set of functions for application developers who build Web applications on Microsoft Corporation's .NET™ platform.
    Type: Application
    Filed: February 28, 2002
    Publication date: February 6, 2003
    Inventors: Adam W. Smith, Anthony J. Moore, Anders Hejlsberg, Brian A. LaMacchia, Blaine J. Dockter, Brian M. Grunkemeyer, Brian K. Pepin, Caleb L. Doise, Christopher W. Brumme, Chad W. Royal, Christopher L. Anderson, Corina E. Feuerstein, Craig T. Sinclair, Daniel Dedu-Constantin, Daniel Takacs, David S. Ebbo, David S. Mortenson, Erik B. Christensen, Erik B. Olson, Fabio A. Yeon, Giovanni M. Della-Libera, Gopala Krishna R. Kakivaya, Gregory D. Fee, Hany E. Ramadan, Jayanth V. Rajan, Jeffrey M. Cooperstein, Jonathan C. Hawkins, James H. Hogg, Joe D. Long, John I. McConnell, Jesus Ruiz-Scougall, James S. Miller, Julie D. Bennett, Jun Fang, Krzysztof J. Cwalina, Keith W. Ballinger, Lance E. Olson, Loren M. Kohnfelder, Luca Bolognese, Manu Vasandani, Mark T. Anders, Mark P. Ashton, Mark A. Boulter, Mark W. Fussell, Michael M. Magruder, Manish S. Prabhu, Neetu Rajpal, Nikhil Kothari, Nithyalakshmi Sampathkumar, Nicholas M. Kramer, Omri Gazitt, Radu Rares Palanca, Raja Krishnaswamy, Robert M. Howard, Ramasamy Krishnaswamy, Shawn P. Burke, Scott D. Guthrie, Sean E. Trowbridge, Seth M. Demsey, Shajan Dasan, Subhag P. Oak, Sreeram Nivarthi, Stefan H. Pharies, Suzanne M. Cook, Susan M. Warren, Tarun Anand, Travis J. Muhlestein, William A. Adams, Yan Leshinsky, Yann E. Christensen, Yung-shin Lin, Stephen J. Miller, Joseph Roxe, Alan Boshier, Henry L. Sanders, David Bau
  • GUMP: GRAND UNIFIED META-PROTOCOL FOR SIMPLE STANDARDS-BASED ELECTRONIC COMMERCE TRANSACTIONS
    Publication number: 20020069174
    Abstract: A method for facilitating two-party electronic commerce transactions between trading partners on an unsecure network, such as the Internet. In one example, a client makes application for registration by a financial institution in which the client has one or more accounts. The client submits satisfactory proof of identity and a public key portion for a digital signature to the financial institution. The financial institution may provide the client a one time secret by a secure route, such as conventional mail, which can then be used by the client to show proof of its identity. The financial institution authenticates the one time secret and combines it with the client's public key in a GUMP Relationship Certificate (GRC), which it issues to the client over the network. Once issued, the GRC can be used by the client to authenticate its right to access its account(s) or other products or services at the financial institution and when conducting other electronic transactions over the network.
    Type: Application
    Filed: February 27, 1998
    Publication date: June 6, 2002
    Applicant: Microsoft Corporation
    Inventors: BARBARA L. FOX, BRIAN A. LAMACCHIA, BRIAN C. BECKMAN
  • INTELLIGENT TRUST MANAGEMENT METHOD AND SYSTEM
    Publication number: 20020002684
    Abstract: Intelligent Trust Management provides a centralized security facility that gives system components a flexible mechanism for implementing security policies. System components such as applications create a request describing an action that needs to be checked against an appropriate security policy. The request is given to a trust system that determines which policy object applies to the request, and may pass request arguments to the policy. The policy objects include executable code that uses any arguments along with dynamically obtained variable information to make a decision. The decision is returned to the system component, which then operates accordingly. Policy objects may maintain state and interface with the user independent of the system component in order to obtain information to make their decisions. Policy objects may call other policy objects and/or mathematically combine the results of other policy objects to make a decision.
    Type: Application
    Filed: May 1, 1998
    Publication date: January 3, 2002
    Inventors: BARBARA L. FOX, BRIAN A. LAMACCHIA