Patents by Inventor Christopher W. McCarron
Christopher W. McCarron has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220329425Abstract: Methods, media, and systems for secure provisioning of servers within a cloud computing environment are provided for herein. In some embodiments, a management service can delegate provisioning of a server of the cloud computing environment to an imaging service. In response, the imaging service can generate an operating system image for the server and can utilize disk encryption to protect to operating system image. In embodiments, a volume encryption key of the disk encryption can be encrypted utilizing a public key of a trusted platform manager of the server, to produce an encrypted volume encryption key that is protected by the trusted platform module of the server. The encrypted operating system image and the encrypted volume encryption key can then be transmitted to the server to cause the server to be provisioned with the operating system image. Other embodiments may be described and/or claimed herein.Type: ApplicationFiled: July 1, 2022Publication date: October 13, 2022Inventors: Ulrich Mueller, Aleksandr Mikhailovich Gershaft, Christopher W. McCarron, Marwan E. Jubran
-
Patent number: 11394548Abstract: Methods, media, and systems for secure provisioning of servers within a cloud computing environment are provided for herein. In some embodiments, a management service can delegate provisioning of a server of the cloud computing environment to an imaging service. In response, the imaging service can generate an operating system image for the server and can utilize disk encryption to protect to operating system image. In embodiments, a volume encryption key of the disk encryption can be encrypted utilizing a public key of a trusted platform manager of the server, to produce an encrypted volume encryption key that is protected by the trusted platform module of the server. The encrypted operating system image and the encrypted volume encryption key can then be transmitted to the server to cause the server to be provisioned with the operating system image. Other embodiments may be described and/or claimed herein.Type: GrantFiled: September 9, 2019Date of Patent: July 19, 2022Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Ulrich Mueller, Aleksandr Mikhailovich Gershaft, Christopher W. McCarron, Marwan E. Jubran
-
Publication number: 20200112435Abstract: Methods, media, and systems for secure provisioning of servers within a cloud computing environment are provided for herein. In some embodiments, a management service can delegate provisioning of a server of the cloud computing environment to an imaging service. In response, the imaging service can generate an operating system image for the server and can utilize disk encryption to protect to operating system image. In embodiments, a volume encryption key of the disk encryption can be encrypted utilizing a public key of a trusted platform manager of the server, to produce an encrypted volume encryption key that is protected by the trusted platform module of the server. The encrypted operating system image and the encrypted volume encryption key can then be transmitted to the server to cause the server to be provisioned with the operating system image. Other embodiments may be described and/or claimed herein.Type: ApplicationFiled: September 9, 2019Publication date: April 9, 2020Inventors: Ulrich Mueller, Aleksandr Mikhailovich Gershaft, Christopher W. McCarron, Marwan E. Jubran
-
Patent number: 10425229Abstract: Methods, media, and systems for secure provisioning of servers within a cloud computing environment are provided for herein. In some embodiments, a management service can delegate provisioning of a server of the cloud computing environment to an imaging service. In response, the imaging service can generate an operating system image for the server and can utilize disk encryption to protect to operating system image. In embodiments, a volume encryption key of the disk encryption can be encrypted utilizing a public key of a trusted platform manager of the server, to produce an encrypted volume encryption key that is protected by the trusted platform module of the server. The encrypted operating system image and the encrypted volume encryption key can then be transmitted to the server to cause the server to be provisioned with the operating system image. Other embodiments may be described and/or claimed herein.Type: GrantFiled: February 12, 2016Date of Patent: September 24, 2019Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Ulrich Mueller, Aleksandr Mikhailovich Gershaft, Christopher W. McCarron, Marwan E. Jubran
-
Publication number: 20170237560Abstract: Methods, media, and systems for secure provisioning of servers within a cloud computing environment are provided for herein. In some embodiments, a management service can delegate provisioning of a server of the cloud computing environment to an imaging service. In response, the imaging service can generate an operating system image for the server and can utilize disk encryption to protect to operating system image. In embodiments, a volume encryption key of the disk encryption can be encrypted utilizing a public key of a trusted platform manager of the server, to produce an encrypted volume encryption key that is protected by the trusted platform module of the server. The encrypted operating system image and the encrypted volume encryption key can then be transmitted to the server to cause the server to be provisioned with the operating system image. Other embodiments may be described and/or claimed herein.Type: ApplicationFiled: February 12, 2016Publication date: August 17, 2017Inventors: Ulrich Mueller, Aleksandr Mikhailovich Gershaft, Christopher W. McCarron, Marwan E. Jubran
-
Patent number: 9424144Abstract: Methods and apparatus are provided for controlling live migration of a virtual machine from a first host to a second host in a data center. A virtual machine manager may distribute to at least one host in a virtual network an updated mapping policy that maps a customer address of the virtual machine to a provider address of the migrated virtual machine. The updated mapping policy enables hosts in the virtual network to communicate with the migrated virtual machine. The updated mapping policy can be a shadow policy. The shadow policy is transmitted to hosts in the virtual network by the virtual machine manager before live migration of the virtual machine completes and is maintained by recipient hosts in an inactive state until triggered. The virtual machine manager notifies hosts in the virtual network to activate the shadow policy when live migration completes.Type: GrantFiled: July 27, 2011Date of Patent: August 23, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Murari Sridharan, Narasimhan A. Venkataramaiah, Yu-Shun Wang, Christopher W. McCarron
-
Publication number: 20130031544Abstract: Methods and apparatus are provided for controlling live migration of a virtual machine from a first host to a second host in a data center. A virtual machine manager may distribute to at least one host in a virtual network an updated mapping policy that maps a customer address of the virtual machine to a provider address of the migrated virtual machine. The updated mapping policy enables hosts in the virtual network to communicate with the migrated virtual machine. The updated mapping policy can be a shadow policy. The shadow policy is transmitted to hosts in the virtual network by the virtual machine manager before live migration of the virtual machine completes and is maintained by recipient hosts in an inactive state until triggered. The virtual machine manager notifies hosts in the virtual network to activate the shadow policy when live migration completes.Type: ApplicationFiled: July 27, 2011Publication date: January 31, 2013Applicant: Microsoft CorporationInventors: Murari Sridharan, Narasimhan A. Venkataramaiah, Yu-Shun Wang, Christopher W. McCarron
-
Patent number: 8302165Abstract: An offline trust system establishes a trust relationship between a trust authority computer system and a target computer system without relying on an active network connection between the computer systems. The offline trust system separates the trust establishment operation into a provisioning phase and a configuration phase. The provisioning phase can be performed entirely on the trust authority, while the configuration phase can be performed entirely on the target computer system requesting trust. The two phases can be performed at different times and do not assume any connection between the two computer systems. An administrator may perform the provisioning phase for many target computer systems at the same time. Thus, the offline trust system provides a way to establish trust between computer systems that is more reliable and less prone to failure.Type: GrantFiled: November 3, 2009Date of Patent: October 30, 2012Assignee: Microsoft CorporationInventors: Siddharth Bhai, Zhe (Jessie) Li, William S. Jack, III, Christopher W. McCarron, James J. Simmons, Qi Cao
-
Publication number: 20110107401Abstract: An offline trust system establishes a trust relationship between a trust authority computer system and a target computer system without relying on an active network connection between the computer systems. The offline trust system separates the trust establishment operation into a provisioning phase and a configuration phase. The provisioning phase can be performed entirely on the trust authority, while the configuration phase can be performed entirely on the target computer system requesting trust. The two phases can be performed at different times and do not assume any connection between the two computer systems. An administrator may perform the provisioning phase for many target computer systems at the same time. Thus, the offline trust system provides a way to establish trust between computer systems that is more reliable and less prone to failure.Type: ApplicationFiled: November 3, 2009Publication date: May 5, 2011Applicant: Microsoft CorporationInventors: Siddharth Bhai, Zhe (Jessie) Li, William S. Jack, III, Christopher W. McCarron, James J. Simmons, Qi Cao