Patents by Inventor Cedric Fournet
Cedric Fournet has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10068097Abstract: A data center has a plurality of secure processing units; a plurality of data stores holding encrypted data records; and a network connecting the secure processing units and the data stores. The secure processing units comprise computing functionality configured to execute a data processing operation in parallel on the secure processing units by being configured to read encrypted records from the stores, process one or more of the encrypted records within the secure processing units, send one or more of the encrypted records to the stores. The data center is configured to carry out a secret shuffle of the data records to protect the privacy of data processed in the data center from an observer observing any one or more of: the reading of the records, the sending of the records, the writing of the records; the secret shuffle comprising a random permutation of the records hidden from the observer.Type: GrantFiled: August 12, 2015Date of Patent: September 4, 2018Assignee: Microsoft Technology Licensing, LLCInventors: Olga Ohrimenko, Manuel Costa, Cedric Fournet, Christos Gkantsidis, Markulf Kohlweiss, Divya Sharma
-
Patent number: 9917822Abstract: A processing system for distributed multi-tier applications is provided. The system includes a server component that executes a replica of a client-side application, where a client component executes the client-side application. The client component captures events from the client-side application and transmits the events to the replica to validate the computational integrity security of the application.Type: GrantFiled: April 8, 2014Date of Patent: March 13, 2018Assignee: Microsoft Technology Licensing, LLCInventors: Benjamin Livshits, Henricus Johannes Maria Meijer, Cedric Fournet, Jeffrey Van Gogh, Danny van Velzen, Abhishek Prateek, Krishnaprasad Vikram
-
Patent number: 9792427Abstract: Methods for enforcing confidentiality and integrity of code and data while running the code over the data in a distributed computing system are described. In an embodiment each machine which processes data within the system provides a secure sub-system which is protected from other parts of the machine and which receives encrypted data and encrypted code, processes the data using the received code and outputs encrypted data. When establishing the secure sub-systems, keys are exchanged between the client and secure sub-systems and the secure sub-systems provide an attestation confirming the identity of the code running in the secure sub-systems and confirming that the code is running on genuine secure sub-systems. In another embodiment a data-flow computation system is described in which chunks of input data, each comprising an identifier, are authenticated/encrypted. The identifiers are used within the system to confirm that each chunk is processed exactly once.Type: GrantFiled: February 7, 2014Date of Patent: October 17, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Manuel Costa, Felix Schuster, Cedric Fournet, Christos Gkantsidis, Marcus Peinado, Antony Ian Taylor Rowstron
-
Publication number: 20170046520Abstract: A data center has a plurality of secure processing units; a plurality of data stores holding encrypted data records; and a network connecting the secure processing units and the data stores. The secure processing units comprise computing functionality configured to execute a data processing operation in parallel on the secure processing units by being configured to read encrypted records from the stores, process one or more of the encrypted records within the secure processing units, send one or more of the encrypted records to the stores. The data center is configured to carry out a secret shuffle of the data records to protect the privacy of data processed in the data center from an observer observing any one or more of: the reading of the records, the sending of the records, the writing of the records; the secret shuffle comprising a random permutation of the records hidden from the observer.Type: ApplicationFiled: August 12, 2015Publication date: February 16, 2017Inventors: Olga Ohrimenko, Manuel Costa, Cedric Fournet, Christos Gkantsidis, Markulf Kohlweiss, Divya Sharma
-
Patent number: 9282121Abstract: Security language constructs may be translated into logic language constructs and vice versa. Logic resolution may be effected using, for example, the logic language constructs. In an example implementation, translation of a security language assertion into at least one logic language rule is described. In another example implementation, translation of a proof graph reflecting a logic language into a proof graph reflecting a security language is described. In yet another example implementation, evaluation of a logic language program using a deterministic algorithm is described.Type: GrantFiled: February 13, 2014Date of Patent: March 8, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Moritz Y. Becker, Blair B. Dillaway, Cedric Fournet, Andrew D. Gordon, Jason F. Mackay
-
Publication number: 20150229619Abstract: Methods for enforcing confidentiality and integrity of code and data while running the code over the data in a distributed computing system are described. In an embodiment each machine which processes data within the system provides a secure sub-system which is protected from other parts of the machine and which receives encrypted data and encrypted code, processes the data using the received code and outputs encrypted data. When establishing the secure sub-systems, keys are exchanged between the client and secure sub-systems and the secure sub-systems provide an attestation confirming the identity of the code running in the secure sub-systems and confirming that the code is running on genuine secure sub-systems. In another embodiment a data-flow computation system is described in which chunks of input data, each comprising an identifier, are authenticated/encrypted. The identifiers are used within the system to confirm that each chunk is processed exactly once.Type: ApplicationFiled: February 7, 2014Publication date: August 13, 2015Inventors: Manuel Costa, Felix Schuster, Cedric Fournet, Christos Gkantsidis, Marcus Peinado, Antony Ian Taylor Rowstron
-
Patent number: 8938783Abstract: A security language expresses assertions and authorization queries in a manner that facilitates logic resolution. In an example implementation, assertion syntax and authorization query syntax are described. In another example implementation, checks on the safety of assertions and authorization queries are described. In yet another example implementation, semantics rules are described.Type: GrantFiled: September 11, 2006Date of Patent: January 20, 2015Assignee: Microsoft CorporationInventors: Moritz Y. Becker, Blair B. Dillaway, Cedric Fournet, Andrew D. Gordon
-
Publication number: 20140282879Abstract: A processing system for distributed multi-tier applications is provided. The system includes a server component that executes a replica of a client-side application, where a client component executes the client-side application. The client component captures events from the client-side application and transmits the events to the replica to validate the computational integrity security of the application.Type: ApplicationFiled: April 8, 2014Publication date: September 18, 2014Applicant: MICROSOFT CORPORATIONInventors: Benjamin Livshits, Henricus Johannes Maria Meijer, Cedric Fournet, Jeffrey Van Gogh, Danny van Velzen, Abhishek Prateek, Krishnaprasad Vikram
-
Publication number: 20140165139Abstract: Security language constructs may be translated into logic language constructs and vice versa. Logic resolution may be effected using, for example, the logic language constructs. In an example implementation, translation of a security language assertion into at least one logic language rule is described. In another example implementation, translation of a proof graph reflecting a logic language into a proof graph reflecting a security language is described. In yet another example implementation, evaluation of a logic language program using a deterministic algorithm is described.Type: ApplicationFiled: February 13, 2014Publication date: June 12, 2014Applicant: Microsoft CorporationInventors: Moritz Y. Becker, Blair B. Dillaway, Cedric Fournet, Andrew D. Gordon, Jason F. Mackay
-
Patent number: 8724512Abstract: A system and method for discovering network topology by various switch training and probing methods. Segments are discovered by having computers enter a promiscuous mode and determining from packets sent to a selected computer which computers see which other computers in the network. From the segments, various switch interconnections are determined, by having different computers train switches as to a training address and seeing which computers receive probe packets sent to that training address from another computer. Various training and probing methods are described that locate intermediate segments, deep switches, switch interconnections, and edge and singleton cases. In one implementation, a master computer coordinates the other computers (and devices) in the network to send the training and probing packets, and report on received packets, in order to determine the network topology.Type: GrantFiled: June 4, 2009Date of Patent: May 13, 2014Assignee: Microsoft CorporationInventors: Richard Black, Austin Donnelly, Cedric Fournet
-
Patent number: 8677141Abstract: A client-side enforcement mechanism may allow application security policies to be specified at a server in a programmatic manner. Servers may specify security policies as JavaScript functions included in a page returned by the server and run before other scripts. At runtime, and during initial loading, the functions are invoked by the client on each page modification to ensure the page conforms to the security policy. As such, before a mutation takes effect, the policy may transform that mutation and the code and data of the page. Replicated code execution may take place at both the client and the server where the server runs its own shadow copy of a client-side application in a trusted execution environment so that the server may check that the method calls coming from the client correspond to a correct execution of the client-side application The redundant execution at the client can be untrusted, but serves to improve the responsiveness and performance of the Web application.Type: GrantFiled: November 23, 2007Date of Patent: March 18, 2014Assignee: Microsoft CorporationInventors: Ulfar Erlingsson, Yinglian Xie, Ben Livshits, Cedric Fournet
-
Patent number: 8656503Abstract: Security language constructs may be translated into logic language constructs and vise versa. Logic resolution may be effected using, for example, the logic language constructs. In an example implementation, translation of a security language assertion into at least one logic language rule is described. In another example implementation, translation of a proof graph reflecting a logic language into a proof graph reflecting a security language is described. In yet another example implementation, evaluation of a logic language program using a deterministic algorithm is described.Type: GrantFiled: September 11, 2006Date of Patent: February 18, 2014Assignee: Microsoft CorporationInventors: Moritz Y. Becker, Blair B. Dillaway, Cedric Fournet, Andrew D. Gordon, Jason F. Mackay
-
Patent number: 8584230Abstract: In an example implementation, a bifurcated security scheme has a first level that does not allow usage of negations and a second level that does permit usage of negations. In another example implementation, an authorization query table maps respective resource-specific operations to respective associated authorization queries. In yet another example implementation, authorization queries are permitted to have negations, but individual assertions are not.Type: GrantFiled: September 27, 2011Date of Patent: November 12, 2013Assignee: Microsoft CorporationInventors: Blair B. Dillaway, Moritz Y. Becker, Andrew D. Gordon, Cedric Fournet
-
Patent number: 8201215Abstract: The delegation of rights may be controlled in a number of manners. In an example implementation, a delegation authority assertion is formulated with a delegator principle, a delegatee principal, a verb phrase, a resource, and a delagation-directive verb. In another example implementation, a delegation mechanism involving an assertor, a first principal, and a second principal enables a delegation to be specifically controlled. In yet another example implementation, a chained delegation mechanism enables explicit control of a permitted transitive chaining depth.Type: GrantFiled: September 8, 2006Date of Patent: June 12, 2012Assignee: Microsoft CorporationInventors: Blair B. Dillaway, Moritz Y. Becker, Andrew D. Gordon, Cedric Fournet
-
Publication number: 20120017263Abstract: In an example implementation, a bifurcated security scheme has a first level that does not allow usage of negations and a second level that does permit usage of negations. In another example implementation, an authorization query table maps respective resource-specific operations to respective associated authorization queries. In yet another example implementation, authorization queries are permitted to have negations, but individual assertions are not.Type: ApplicationFiled: September 27, 2011Publication date: January 19, 2012Applicant: MICROSOFT CORPORATIONInventors: Blair B. Dillaway, Moritz Y. Becker, Andrew D. Gordon, Cedric Fournet
-
Patent number: 8095969Abstract: Security assertion revocation enables a revocation granularity in a security scheme down to the level of individual assertions. In an example implementation, a security token includes multiple respective assertions that are associated with multiple respective assertion identifiers. More specifically, each individual assertion is associated with at least one individual assertion identifier.Type: GrantFiled: September 8, 2006Date of Patent: January 10, 2012Assignee: Microsoft CorporationInventors: Blair B. Dillaway, Moritz Y. Becker, Andrew D. Gordon, Cedric Fournet, Brian A. LaMacchia
-
Patent number: 8060931Abstract: In an example implementation, a bifurcated security scheme has a first level that does not allow usage of negations and a second level that does permit usage of negations. In another example implementation, an authorization query table maps respective resource-specific operations to respective associated authorization queries. In yet another example implementation, authorization queries are permitted to have negations, but individual assertions are not.Type: GrantFiled: September 8, 2006Date of Patent: November 15, 2011Assignee: Microsoft CorporationInventors: Blair B. Dillaway, Moritz Y. Becker, Andrew D. Gordon, Cedric Fournet
-
Patent number: 7797669Abstract: A distributed software system of communicating software components can be tested for undesirable behavior. A specification of a component can be substituted in place of the component when testing a model of the distributed software system. Thus, the system can be checked to see if it exhibits undesirable behavior without having code for all components of the system. Also, a component can be checked to see if it is in conformance with its specification. If models built with respective components and substituted specifications indicate that the system does not exhibit undesirable behavior, and the components conform to their specifications, then a system assembled from the components will not exhibit the undesirable behavior. Thus, collaborative testing can be achieved, even if no one entity has access to code for the entire distributed system.Type: GrantFiled: February 13, 2004Date of Patent: September 14, 2010Assignee: Microsoft CorporationInventors: Niels Jakob Rehof, Anthony D. Andrews, Sriram K. Rajamani, Charles Antony Richard Hoare, Cédric Fournet
-
Publication number: 20100106767Abstract: A processing system for distributed multi-tier applications is provided. The system includes a server component that executes a replica of a client-side application, where a client component executes the client-side application. The client component captures events from the client-side application and transmits the events to the replica to validate the computational integrity security of the application.Type: ApplicationFiled: October 24, 2008Publication date: April 29, 2010Applicant: MICROSOFT CORPORATIONInventors: Benjamin Livshits, Henricus Johannes Maria Meijer, Cedric Fournet, Jeffrey Van Gogh, Danny Van Velzen, Krishnaprasad Vikram, Abhishek Prateek
-
Publication number: 20090285127Abstract: A system and method for discovering network topology by various switch training and probing methods. Segments are discovered by having computers enter a promiscuous mode and determining from packets sent to a selected computer which computers see which other computers in the network. From the segments, various switch interconnections are determined, by having different computers train switches as to a training address and seeing which computers receive probe packets sent to that training address from another computer. Various training and probing methods are described that locate intermediate segments, deep switches, switch interconnections, and edge and singleton cases. In one implementation, a master computer coordinates the other computers (and devices) in the network to send the training and probing packets, and report on received packets, in order to determine the network topology.Type: ApplicationFiled: June 4, 2009Publication date: November 19, 2009Applicant: MICROSOFT CORPORATIONInventors: Richard Black, Austin Donnelly, Cedric Fournet