Patents by Inventor Daniel Schaffner

Daniel Schaffner has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10949528
    Abstract: A method for verifying a set of policy instructions to be used by a policy decision point (PDP) in adjudicating access requests to protected resources. The policy instructions are in the form of Horn clauses or conditional tag-expressions that are validated against a known test policy or desired outcome. The policy instructions are then compiled into aggregate form. When a plurality of policy instructions creates a conflict, the policy instructions are hierarchically organized to resolve said conflict.
    Type: Grant
    Filed: September 19, 2018
    Date of Patent: March 16, 2021
    Assignee: Sequitur Labs, Inc.
    Inventors: Philip Attfield, Paul Chenard, Simon Curry, Vincent Ting, Michael Thomas Hendrick, Julia Narvaez, Mark Reed, Daniel Schaffner, Robert Komar
  • Patent number: 10885182
    Abstract: A system for controlling file access on a mobile computing device. Policy conditions are held at a policy decision point (PDP) and can be dynamically modified at run-time. Access requests to a file or set of files are intercepted by an agent that subsequently brokers the adjudication of said request via a secure, encrypted and hidden back-channel where the requestor is never allowed access to or knowledge of either the adjudication process or the parameters associated with adjudication. The PDP then returns either an access approval or denial based on said policy conditions.
    Type: Grant
    Filed: September 19, 2018
    Date of Patent: January 5, 2021
    Assignee: Sequitur Labs, Inc.
    Inventors: Philip Attfield, Paul Chenard, Simon Curry, Vincent Ting, Michael Thomas Hendrick, Julia Narvaez, Mark Reed, Daniel Schaffner, Robert Komar
  • Patent number: 10795985
    Abstract: Systems and methods are described for utilizing a secure environment on a mobile computing device for applying policy-based decision management in response to access requests from untrusted areas. A policy decision processor (PDP) within the secure environment provides a policy decision in response to an access query. A decision cache within the secure environment can be used to store policy decisions for faster resolution of access requests. Policy enforcement points (PEPs) are placed between external devices that are trying to access the device and the secured environment, where the PEPs are used to enforce the policy-based decision, and can be located either inside or outside the secure environment. Decision certificates can be formulated using validity information and timestamps, and used for validation policy certificates. Memory in non-secure areas can also be marked (colored) for use in performing trusted operations in order to optimize system resource usage.
    Type: Grant
    Filed: April 24, 2015
    Date of Patent: October 6, 2020
    Assignee: Sequitur Labs Inc.
    Inventors: Philip Attfield, Daniel Schaffner, Michael Thomas Hendrick
  • Patent number: 10581852
    Abstract: A system and method for hardware implementations of policy-based secure computing environments for Internet enabled devices. The present invention facilitates a secure computing environment for any Internet enabled device where policy rules can be described as hardware components that allow or deny access to resources on the device. A compiler produces a hardware description language (HDL) of the hardware components based on given policy rules for that component. The system may be partially or completely implemented in hardware to address inherent limitations of a software only solution. The invention provides greater flexibility to the overall system in terms of performance, security, and expressiveness of the policy rules that must be executed.
    Type: Grant
    Filed: May 13, 2015
    Date of Patent: March 3, 2020
    Assignee: Sequitur Labs, Inc.
    Inventors: Daniel Schaffner, Simon Curry, Paul Chenard, Philip Attfield
  • Patent number: 10462185
    Abstract: A system for policy-managed secure code execution and messaging for computing devices where each trusted application is managed independently of others and is not visible to unauthorized inspection or execution. If a file bundle received by the system contains metadata concerning the context of the file or its execution, the metadata is decrypted if necessary. If the file bundle containing the executable code is encrypted, its key is stored in a policy server to await adjudication of the request to execute. If the policy server allows execution of the executable code, the key stored in the policy server is used to decrypt the file bundle and the resulting executable code is stored as a trusted application in secure memory. Future requests to execute the trusted application are adjudicated by the policy server and enforced by the exclusive policy execution point associated with that trusted application in secure memory.
    Type: Grant
    Filed: September 4, 2015
    Date of Patent: October 29, 2019
    Assignee: Sequitur Labs, Inc.
    Inventors: Philip Attfield, Daniel Schaffner, Michael Thomas Hendrick
  • Patent number: 10169571
    Abstract: Systems and methods for secure, policy-based, access control and management of mobile computing devices, including policy decision enforcement mechanisms, device and private network presence testing, aspects of file system controls, policy set sanity checking algorithms, performance optimizations.
    Type: Grant
    Filed: July 18, 2013
    Date of Patent: January 1, 2019
    Assignee: Sequitur Labs, Inc.
    Inventors: Philip Attfield, Paul Chenard, Simon Curry, Vincent Ting, Michael Thomas Hendrick, Julia Narvaez, Mark Reed, Daniel Schaffner, Robert Komar
  • Patent number: 9894101
    Abstract: An autonomous and adaptive method and system for secure, policy-based control of remote and locally controlled computing devices. The invention uses a policy-based access control mechanism to achieve adaptive and dynamic behavior modification based on the context of the local operating environment of the computing device. The modification system assesses the desirability of actions or outcomes as determined by the policy rules and modifies them accordingly, thus altering the behavior of the computing device. The system can utilize a machine learning technique, pattern matching and heuristic evaluation. When applied to the control of robotic and autonomous devices, the system allows the robot to offload adjudication to a remote system and also facilitates cooperative behaviors between robots operating in dynamic environments.
    Type: Grant
    Filed: June 2, 2015
    Date of Patent: February 13, 2018
    Assignee: Sequitur Labs, Inc.
    Inventors: Michael Thomas Hendrick, Julia Narvaez, Daniel Schaffner, Abhijeet Rane, Simon Curry, Paul Chenard, Vincent Ting, Philip Attfield
  • Publication number: 20170244759
    Abstract: A system for policy-managed secure code execution and messaging for computing devices where each trusted application is managed independently of others and is not visible to unauthorized inspection or execution. If a file bundle received by the system contains metadata concerning the context of the file or its execution, the metadata is decrypted if necessary. If the file bundle containing the executable code is encrypted, its key is stored in a policy server to await adjudication of the request to execute. If the policy server allows execution of the executable code, the key stored in the policy server is used to decrypt the file bundle and the resulting executable code is stored as a trusted application in secure memory. Future requests to execute the trusted application are adjudicated by the policy server and enforced by the exclusive policy execution point associated with that trusted application in secure memory.
    Type: Application
    Filed: September 5, 2014
    Publication date: August 24, 2017
    Inventors: Philip Attfield, Daniel Schaffner, Michael Thomas Hendrick
  • Patent number: 9699214
    Abstract: The invention pertains to a system and method to display contextual information, including data and messaging, based on a secure, policy-managed set of instructions for selecting, distributing, and presenting information on a device. The system accepts one or more streams of contextual information in any digital form from one or more data sources. The contextual information is assessed via a set of policy instructions that may include time, location, hierarchy of ownership, type of contextual information, assessed importance of the contextual information, and display availability. Only approved contextual information is transmitted to the device for display.
    Type: Grant
    Filed: February 6, 2015
    Date of Patent: July 4, 2017
    Assignee: Sequitur Labs Inc.
    Inventors: Abhijeet Rane, Daniel Schaffner, Philip Attfield
  • Publication number: 20170048714
    Abstract: Systems and methods are described for utilizing a secure environment on a mobile computing device for applying policy-based decision management in response to access requests from untrusted areas. A policy decision processor (PDP) within the secure environment provides a policy decision in response to an access query. A decision cache within the secure environment can be used to store policy decisions for faster resolution of access requests. Policy enforcement points (PEPs) are placed between external devices that are trying to access the device and the secured environment, where the PEPs are used to enforce the policy-based decision, and can be located either inside or outside the secure environment. Decision certificates can be formulated using validity information and timestamps, and used for validation policy certificates. Memory in non-secure areas can also be marked (colored) for use in performing trusted operations in order to optimize system resource usage.
    Type: Application
    Filed: April 24, 2015
    Publication date: February 16, 2017
    Inventors: Philip Attfield, Daniel Schaffner, Michael Thomas Hendrick
  • Publication number: 20160012216
    Abstract: A system for policy-managed, secure authentication and authorization for transactions. The present invention links identification and verification methods and apparatus to a policy-managed system that can control how such devices are utilized under specific scenarios as defined by the policy maker. The system then approves or denies the transaction and may also direct further action if specified in the policy rules. The user identification device and the policy-manager need not be collocated. The resulting system is advantageous because of its increased flexibility in providing secure authorizations where greater control is desired. Also, the processing of these transactions facilitates detailed records that are useful in tracking transactions or to advertisers and merchants wishing to target specific markets for their products.
    Type: Application
    Filed: March 31, 2015
    Publication date: January 14, 2016
    Inventors: Philip Attfield, Daniel Schaffner
  • Publication number: 20150350254
    Abstract: An autonomous and adaptive method and system for secure, policy-based control of remote and locally controlled computing devices. The invention uses a policy-based access control mechanism to achieve adaptive and dynamic behavior modification based on the context of the local operating environment of the computing device. The modification system assesses the desirability of actions or outcomes as determined by the policy rules and modifies them accordingly, thus altering the behavior of the computing device. The system can utilize a machine learning technique, pattern matching and heuristic evaluation. When applied to the control of robotic and autonomous devices, the system allows the robot to offload adjudication to a remote system and also facilitates cooperative behaviors between robots operating in dynamic environments.
    Type: Application
    Filed: June 2, 2015
    Publication date: December 3, 2015
    Inventors: Michael Thomas Hendrick, Julia Narvaez, Daniel Schaffner, Abhijeet Rane, Simon Curry, Paul Chenard, Vincent Ting, Philip Attfield
  • Publication number: 20150334133
    Abstract: A system and method for hardware implementations of policy-based secure computing environments for Internet enabled devices. The present invention facilitates a secure computing environment for any Internet enabled device where policy rules can be described as hardware components that allow or deny access to resources on the device. A compiler produces a hardware description language (HDL) of the hardware components based on given policy rules for that component. The system may be partially or completely implemented in hardware to address inherent limitations of a software only solution. The invention provides greater flexibility to the overall system in terms of performance, security, and expressiveness of the policy rules that must be executed.
    Type: Application
    Filed: May 13, 2015
    Publication date: November 19, 2015
    Inventors: Daniel Schaffner, Simon Curry, Paul Chenard, Philip Attfield
  • Publication number: 20150324787
    Abstract: A system for policy-based control and augmentation of cryptocurrency security including policy rules that govern transactions that are embedded in the cryptocurrency transmission. The transactions are then adjudicated using the policy-based control system at the endpoint. The invention first secures the private key to the cryptocurrency in a secure hardware module to ensure that ownership is maintained. Then, the system uses a policy-based control subsystem to embed policy information within the cryptocurrency transmission. On receipt, the transmission is decoupled such that the policy information can be implemented resulting in a decision to approve or disapprove the transaction. The system can be used for multiple signatories on a single transaction as well as any other policy requirement desired.
    Type: Application
    Filed: April 20, 2015
    Publication date: November 12, 2015
    Inventor: Daniel Schaffner
  • Publication number: 20150312277
    Abstract: The invention pertains to a system and method to display content, including data and messaging, based on a secure, policy-managed set of instructions for selecting, distributing, and presenting information on a device. The system accepts one or more streams of data in any digital form from one or more data sources. The content is assessed via a set of policy instructions that may include time, location, hierarchy of ownership, type of content, assessed importance of content, and display availability. Only approved content is transmitted to the device for display.
    Type: Application
    Filed: February 6, 2015
    Publication date: October 29, 2015
    Inventors: Abhijeet Rane, Daniel Schaffner, Philip Attfield