Patents by Inventor Christopher J. Engdahl
Christopher J. Engdahl has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11216514Abstract: A secure DNS query may be made by establishing a secure connection with a specific DNS server to determine an address for a hostname. A client device may have a database that may contain a record of a secure DNS server for one or more hostnames. When a DNS request contains one of the specified hostnames, an authenticated session may be created with the designated secure DNS server and a network address for the hostname is returned using the session. The authenticated session may authenticate a client device to the server as well as authenticate the server to the client. In some embodiments, the secure DNS server may accept connections from authenticated clients and may disregard connection requests from non authenticated clients.Type: GrantFiled: July 28, 2017Date of Patent: January 4, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Jeromy S. Statia, Christopher J. Engdahl, Lee Walker, William Dixon
-
Publication number: 20170329850Abstract: A secure DNS query may be made by establishing a secure connection with a specific DNS server to determine an address for a hostname. A client device may have a database that may contain a record of a secure DNS server for one or more hostnames. When a DNS request contains one of the specified hostnames, an authenticated session may be created with the designated secure DNS server and a network address for the hostname is returned using the session. The authenticated session may authenticate a client device to the server as well as authenticate the server to the client. In some embodiments, the secure DNS server may accept connections from authenticated clients and may disregard connection requests from non authenticated clients.Type: ApplicationFiled: July 28, 2017Publication date: November 16, 2017Inventors: Jeromy S. Statia, Christopher J. Engdahl, Lee Walker, William Dixon
-
Patent number: 9740781Abstract: A secure DNS query may be made by establishing a secure connection with a specific DNS server to determine an address for a hostname. A client device may have a database that may contain a record of a secure DNS server for one or more hostnames. When a DNS request contains one of the specified hostnames, an authenticated session may be created with the designated secure DNS server and a network address for the hostname is returned using the session. The authenticated session may authenticate a client device to the server as well as authenticate the server to the client. In some embodiments, the secure DNS server may accept connections from authenticated clients and may disregard connection requests from non authenticated clients.Type: GrantFiled: January 12, 2015Date of Patent: August 22, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Jeromy S. Statia, Christopher J. Engdahl, Lee Walker, William Dixon
-
Publication number: 20150199430Abstract: A secure DNS query may be made by establishing a secure connection with a specific DNS server to determine an address for a hostname. A client device may have a database that may contain a record of a secure DNS server for one or more hostnames. When a DNS request contains one of the specified hostnames, an authenticated session may be created with the designated secure DNS server and a network address for the hostname is returned using the session. The authenticated session may authenticate a client device to the server as well as authenticate the server to the client. In some embodiments, the secure DNS server may accept connections from authenticated clients and may disregard connection requests from non authenticated clients.Type: ApplicationFiled: January 12, 2015Publication date: July 16, 2015Inventors: Jeromy S. Statia, Christopher J. Engdahl, Lee Walker, William Dixon
-
Patent number: 8935748Abstract: A secure DNS query may be made by establishing a secure connection with a specific DNS server to determine an address for a hostname. A client device may have a database that may contain a record of a secure DNS server for one or more hostnames. When a DNS request contains one of the specified hostnames, an authenticated session may be created with the designated secure DNS server and a network address for the hostname is returned using the session. The authenticated session may authenticate a client device to the server as well as authenticate the server to the client. In some embodiments, the secure DNS server may accept connections from authenticated clients and may disregard connection requests from non authenticated clients.Type: GrantFiled: October 31, 2007Date of Patent: January 13, 2015Assignee: Microsoft CorporationInventors: Jeromy S. Statia, Christopher J. Engdahl, Lee Walker, William Dixon
-
Patent number: 8875237Abstract: A connection to a private network may use an IPv6 tunneling client to connect to a corresponding IPv6 tunneling router at the edge of the private network. The client may be configured to automatically establish a tunneling connection and may have a routing table for routing IPv6 addresses for hosts within the private network through the tunneling connection. The client may be connected to an IPv4 or IPv6 connection outside the private network. The connection between the IPv6 tunneling client and IPv6 tunneling router may be an authenticated and secure connection.Type: GrantFiled: October 31, 2007Date of Patent: October 28, 2014Assignee: Microsoft CorporationInventors: Christopher J. Engdahl, Jeromy Statia
-
Patent number: 8060927Abstract: A network firewall may apply policies to packets based on a security classification. Packets with an authenticated and established security connection may be handled at a high throughput while packets with unauthenticated connections may be handed at a low throughput or even discarded. In some embodiments, three or more levels of security classifications may be used to process packets at different speeds or priorities. In some embodiments, one device may classify and tag each packet, while another device within the network may process the packets according to the tags.Type: GrantFiled: October 31, 2007Date of Patent: November 15, 2011Assignee: Microsoft CorporationInventors: Christopher J. Engdahl, Brian Swander, Lee Walker
-
Patent number: 7895319Abstract: An address resolver such as a DNS service may use the identity of a requesting client device to determine a response of a network address for a hostname in a request. A requesting client device may transmit a hardware or user identifier to an address resolving server in order to authenticate the client. The server may determine if the requesting client is authorized to have access to the requested hostname, and respond with the network address when the client is authorized. The address resolver may be used to limit access for users to various devices or hosts across a network and in some cases may track which users are accessing which hosts.Type: GrantFiled: October 31, 2007Date of Patent: February 22, 2011Assignee: Microsoft CorporationInventors: Jeromy S. Statia, Christopher J. Engdahl
-
Publication number: 20090109857Abstract: A connection monitor utility may monitor the availability of various resources, display a status, and provide various optimization functions for each resource. Performance data may be collected and displayed, and the performance data may be used to optimize, troubleshoot, and notify administrators or users for each connection. Some embodiments may store optimized parameters for connections from different locations. In one use model, the monitor utility may be used with a secure connection to a private network to provide visual feedback of connectivity to various resources and simple optimization of the connections.Type: ApplicationFiled: October 31, 2007Publication date: April 30, 2009Applicant: Microsoft CorporationInventors: Jeromy S. Statia, Christopher J. Engdahl
-
Publication number: 20090112814Abstract: A secure DNS query may be made by establishing a secure connection with a specific DNS server to determine an address for a hostname. A client device may have a database that may contain a record of a secure DNS server for one or more hostnames. When a DNS request contains one of the specified hostnames, an authenticated session may be created with the designated secure DNS server and a network address for the hostname is returned using the session. The authenticated session may authenticate a client device to the server as well as authenticate the server to the client. In some embodiments, the secure DNS server may accept connections from authenticated clients and may disregard connection requests from non authenticated clients.Type: ApplicationFiled: October 31, 2007Publication date: April 30, 2009Applicant: Microsoft CorporationInventors: Jeromy S. Statia, Christopher J. Engdahl, Lee Walker, William Dixon
-
Publication number: 20090113517Abstract: A network firewall may apply policies to packets based on a security classification. Packets with an authenticated and established security connection may be handled at a high throughput while packets with unauthenticated connections may be handed at a low throughput or even discarded. In some embodiments, three or more levels of security classifications may be used to process packets at different speeds or priorities. In some embodiments, one device may classify and tag each packet, while another device within the network may process the packets according to the tags.Type: ApplicationFiled: October 31, 2007Publication date: April 30, 2009Applicant: Microsoft CorporationInventors: Christopher J. Engdahl, Brian Swander, Lee Walker
-
Publication number: 20090113521Abstract: A connection to a private network may use an IPv6 tunneling client to connect to a corresponding IPv6 tunneling router at the edge of the private network. The client may be configured to automatically establish a tunneling connection and may have a routing table for routing IPv6 addresses for hosts within the private network through the tunneling connection. The client may be connected to an IPv4 or IPv6 connection outside the private network. The connection between the IPv6 tunneling client and IPv6 tunneling router may be an authenticated and secure connection.Type: ApplicationFiled: October 31, 2007Publication date: April 30, 2009Applicant: Microsoft CorporationInventors: Christopher J. Engdahl, Jeromy Statia
-
Publication number: 20090113074Abstract: An address resolver such as a DNS service may use the identity of a requesting client device to determine a response of a network address for a hostname in a request. A requesting client device may transmit a hardware or user identifier to an address resolving server in order to authenticate the client. The server may determine if the requesting client is authorized to have access to the requested hostname, and respond with the network address when the client is authorized. The address resolver may be used to limit access for users to various devices or hosts across a network and in some cases may track which users are accessing which hosts.Type: ApplicationFiled: October 31, 2007Publication date: April 30, 2009Applicant: Microsoft CorporationInventors: Jeromy S. Statia, Christopher J. Engdahl