Patents by Inventor Carl M. Windsor
Carl M. Windsor has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11451959Abstract: Systems and methods for authenticating client devices accessing a wireless communication network through an access point communicatively coupled with an authentication server are provided. The authentication server receives an authentication request, including a first message integrity code (MIC) of a client-specific pre-shared key, from the access point or a wireless local area network (LAN) controller that manages the access point, to establish an encrypted communication channel between a client and the access point. In response to receipt of the authentication request, the authentication server validates the first MIC by receiving various attributes from the access point or the wireless LAN controller and determining a second MIC based on the client-specific pre-shared key of the client known to the authentication server and the received attributes so that the client-specific pre-shared key is validated to be authentic when the first MIC matches with the second MIC.Type: GrantFiled: September 30, 2019Date of Patent: September 20, 2022Assignee: Fortinet, Inc.Inventors: Carl M. Windsor, Ruben S. Wilson, Yannick Dubuc
-
Publication number: 20210099873Abstract: Systems and methods for authenticating client devices accessing a wireless communication network through an access point communicatively coupled with an authentication server are provided. The authentication server receives an authentication request, including a first message integrity code (MIC) of a client-specific pre-shared key, from the access point or a wireless local area network (LAN) controller that manages the access point, to establish an encrypted communication channel between a client and the access point. In response to receipt of the authentication request, the authentication server validates the first MIC by receiving various attributes from the access point or the wireless LAN controller and determining a second MIC based on the client-specific pre-shared key of the client known to the authentication server and the received attributes so that the client-specific pre-shared key is validated to be authentic when the first MIC matches with the second MIC.Type: ApplicationFiled: September 30, 2019Publication date: April 1, 2021Applicant: Fortinet, Inc.Inventors: Carl M. Windsor, Ruben S. Wilson, Yannick Dubuc
-
Patent number: 9521114Abstract: Methods and systems are provided for securing email communications. According to one embodiment, a network device receives an outbound email originated by a computing device of an internal network and directed to a target recipient. It is determined whether a domain name of the target recipient is present in a global doppelganger database. When the domain name is determined to be present in the global doppelganger database, transmission of the outbound email to the target recipient is prevented if the domain name is an unacceptable domain name and transmission of the the outbound email to the target recipient is permitted if the domain name is an acceptable domain name.Type: GrantFiled: May 13, 2016Date of Patent: December 13, 2016Assignee: Fortinet, Inc.Inventors: Carl M. Windsor, Jiandong Cheng
-
Publication number: 20160255049Abstract: Methods and systems are provided for securing email communications. According to one embodiment, a network device receives an outbound email originated by a computing device of an internal network and directed to a target recipient. It is determined whether a domain name of the target recipient is present in a global doppelganger database. When the domain name is determined to be present in the global doppelganger database, transmission of the outbound email to the target recipient is prevented if the domain name is an unacceptable domain name and transmission of the the outbound email to the target recipient is permitted if the domain name is an acceptable domain name.Type: ApplicationFiled: May 13, 2016Publication date: September 1, 2016Applicant: Fortinet, Inc.Inventors: Carl M. Windsor, Jiandong Cheng
-
Patent number: 9413716Abstract: Methods and systems are provided for securing email communications. According to one embodiment, a network device receives an outbound email originated by a computing device of an internal network and directed to a target recipient. It is determined whether a domain name of the target recipient is present in a global doppelganger database. When the domain name is determined to be present in the global doppelganger database, transmission of the outbound email to the target recipient is prevented if the domain name is an unacceptable domain name and transmission of the the outbound email to the target recipient is permitted if the domain name is an acceptable domain name.Type: GrantFiled: June 20, 2015Date of Patent: August 9, 2016Assignee: Fortinet, Inc.Inventors: Carl M. Windsor, Jiandong Cheng
-
Publication number: 20150312214Abstract: Methods and systems are provided for securing email communications. According to one embodiment, a network device receives an outbound email originated by a computing device of an internal network and directed to a target recipient. It is determined whether a domain name of the target recipient is present in a global doppelganger database. When the domain name is determined to be present in the global doppelganger database, transmission of the outbound email to the target recipient is prevented if the domain name is an unacceptable domain name and transmission of the the outbound email to the target recipient is permitted if the domain name is an acceptable domain name.Type: ApplicationFiled: June 20, 2015Publication date: October 29, 2015Applicant: FORTINET, INC.Inventors: Carl M. Windsor, Jiandong Cheng
-
Patent number: 9130989Abstract: Methods and systems are provided for securing email communications. According to one embodiment, a network device receives an outbound email originated by a computing device of an internal network and directed to a target recipient. It is determined whether a domain name of the target recipient is present in a global doppelganger database. When the domain name is determined to be present in the global doppelganger database, transmission of the outbound email to the target recipient is prevented if the domain name is an unacceptable domain name and transmission of the outbound email to the target recipient is permitted if the domain name is an acceptable domain name.Type: GrantFiled: December 3, 2014Date of Patent: September 8, 2015Assignee: Fortinet, Inc.Inventors: Carl M. Windsor, Jiandong Cheng
-
Publication number: 20150089627Abstract: Methods and systems are provided for securing email communications. According to one embodiment, a network device receives an outbound email originated by a computing device of an internal network and directed to a target recipient. It is determined whether a domain name of the target recipient is present in a global doppelganger database. When the domain name is determined to be present in the global doppelganger database, transmission of the outbound email to the target recipient is prevented if the domain name is an unacceptable domain name and transmission of the outbound email to the target recipient is permitted if the domain name is an acceptable domain name.Type: ApplicationFiled: December 3, 2014Publication date: March 26, 2015Applicant: Fortinet, Inc.Inventors: Carl M. Windsor, Jiandong Cheng
-
Patent number: 8914883Abstract: Methods and systems are provided for securing email communications. According to one embodiment, a network device evaluates whether a domain name of a target recipient of an outbound email is present in a local white list or a local black list. If it is found in the local white list, the email is transmitted to the target recipient. If it is found in the local black list, transmission of the email to the target recipient is prevented. When the domain name is not present in the local black list and the local whitelist, a global doppelganger database is checked. If it is found in the global doppelganger database, the email is handled according to a corresponding acceptability flag; otherwise, the validity of the domain name is dynamically verified and handled according to the verification result.Type: GrantFiled: May 3, 2013Date of Patent: December 16, 2014Assignee: Fortinet, Inc.Inventors: Carl M. Windsor, Jiandong Cheng
-
Publication number: 20140331318Abstract: Methods and systems are provided for securing email communications. According to one embodiment, a network device evaluates whether a domain name of a target recipient of an outbound email is present in a local white list or a local black list. If it is found in the local white list, the email is transmitted to the target recipient. If it is found in the local black list, transmission of the email to the target recipient is prevented. When the domain name is not present in the local black list and the local whitelist, a global doppelganger database is checked. If it is found in the global doppelganger database, the email is handled according to a corresponding acceptability flag; otherwise, the validity of the domain name is dynamically verified and handled according to the verification result.Type: ApplicationFiled: May 3, 2013Publication date: November 6, 2014Applicant: Fortinet, Inc.Inventors: Carl M. Windsor, Jiandong Cheng