Patents by Inventor David J. Steeves
David J. Steeves has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20190312865Abstract: Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.Type: ApplicationFiled: June 20, 2019Publication date: October 10, 2019Inventors: David J. STEEVES, Kim CAMERON, Todd L. CARPENTER, David FOSTER, Quentin S. MILLER
-
Patent number: 10389712Abstract: Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.Type: GrantFiled: March 29, 2017Date of Patent: August 20, 2019Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller
-
Patent number: 9910981Abstract: A malware analysis system for automating cause and effect analysis of malware infections is provided. The malware analysis system monitors and records computer system activities. Upon being informed of a suspected malware infection, the malware analysis system creates a time-bounded snapshot of the monitored activities that were conducted within a time frame prior to the notification of the suspected malware infection. The malware analysis system may also create a time-bounded snapshot of the monitored activities that are conducted within a time frame subsequent to the notification of the suspected malware infection. The malware analysis system provides the created snapshot or snapshots for further analysis.Type: GrantFiled: September 9, 2014Date of Patent: March 6, 2018Assignee: Microsoft Technology Licensing, LLCInventors: Gregory D. Hartrell, David J. Steeves, Efim Hudis
-
Patent number: 9904912Abstract: Technology is described for protecting transactions. The technology may include a switching component that a user can employ to switch an associated mobile device into a secure mode so that a user can confirm the transaction. After initiating a transaction request, the user can confirm the transaction request by activating the switching component, which can cause the mobile device to switch into a secure mode. In the secure mode, the mobile device may prevent the mobile device from conducting various normal activities, such as executing applications, receiving input, providing output, and so forth. The switching component may disable other processing temporarily. Upon receiving the confirmation from the user, the switching component may send a confirmation communication to complete the transaction.Type: GrantFiled: June 3, 2015Date of Patent: February 27, 2018Assignee: Microsoft Technology Licensing, LLCInventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller, Gregory D. Hartrell
-
Patent number: 9886578Abstract: A malware analysis system for automating cause and effect analysis of malware infections is provided. The malware analysis system monitors and records computer system activities. Upon being informed of a suspected malware infection, the malware analysis system creates a time-bounded snapshot of the monitored activities that were conducted within a time frame prior to the notification of the suspected malware infection. The malware analysis system may also create a time-bounded snapshot of the monitored activities that are conducted within a time frame subsequent to the notification of the suspected malware infection. The malware analysis system provides the created snapshot or snapshots for further analysis.Type: GrantFiled: September 9, 2014Date of Patent: February 6, 2018Assignee: Microsoft Technology Licensing, LLCInventors: Gregory D. Hartrell, David J. Steeves, Efim Hudis
-
Patent number: 9779236Abstract: One or more techniques and/or systems are provided for risk assessment. Historical authentication data and/or compromised user account data may be evaluated to identify a set of authentication context properties associated with user authentication sessions and/or a set of malicious account context properties associated with compromised user accounts (e.g., properties indicative of whether a user recently visited a malicious site, created a fake social network profile, logged in from unknown locations, etc.). The set of authentication context properties and/or the set of malicious account context properties may be annotated to create an annotated context property training set that may be used to train a risk assessment machine learning model to generate a risk assessment model. The risk assessment model may be used to evaluate user context properties of a user account event to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe.Type: GrantFiled: June 21, 2016Date of Patent: October 3, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Luke Abrams, David J. Steeves, Robert Alexander Sim, Pui-Yin Winfred Wong, Harry Simon Katz, Aaron Small, Dana Scott Kaufman, Adrian Kreuziger, Mark A. Nikiel, Laurentiu Bogdan Cristofor, Alexa Lynn Keizur, Collin Tibbetts, Charles Hayden
-
Publication number: 20170208061Abstract: Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.Type: ApplicationFiled: March 29, 2017Publication date: July 20, 2017Inventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller
-
Patent number: 9641502Abstract: Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.Type: GrantFiled: September 25, 2014Date of Patent: May 2, 2017Assignee: Microsoft Technology Licensing, LLCInventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller
-
Publication number: 20160300059Abstract: One or more techniques and/or systems are provided for risk assessment. Historical authentication data and/or compromised user account data may be evaluated to identify a set of authentication context properties associated with user authentication sessions and/or a set of malicious account context properties associated with compromised user accounts (e.g., properties indicative of whether a user recently visited a malicious site, created a fake social network profile, logged in from unknown locations, etc.). The set of authentication context properties and/or the set of malicious account context properties may be annotated to create an annotated context property training set that may be used to train a risk assessment machine learning model to generate a risk assessment model. The risk assessment model may be used to evaluate user context properties of a user account event to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe.Type: ApplicationFiled: June 21, 2016Publication date: October 13, 2016Inventors: Luke Abrams, David J. Steeves, Robert Alexander Sim, Pui-Yin Winfred Wong, Harry Simon Katz, Aaron Small, Dana Scott Kaufman, Adrian Kreuziger, Mark A. Nikiel, Laurentiu Bogdan Cristofor, Alexa Lynn Keizur, Collin Tibbetts, Charles Hayden
-
Patent number: 9396332Abstract: One or more techniques and/or systems are provided for risk assessment. Historical authentication data and/or compromised user account data may be evaluated to identify a set of authentication context properties associated with user authentication sessions and/or a set of malicious account context properties associated with compromised user accounts (e.g., properties indicative of whether a user recently visited a malicious site, created a fake social network profile, logged in from unknown locations, etc.). The set of authentication context properties and/or the set of malicious account context properties may be annotated to create an annotated context property training set that may be used to train a risk assessment machine learning model to generate a risk assessment model. The risk assessment model may be used to evaluate user context properties of a user account event to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe.Type: GrantFiled: May 21, 2014Date of Patent: July 19, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Luke Abrams, David J. Steeves, Robert Alexander Sim, Pui-Yin Winfred Wong, Harry Simon Katz, Aaron Small, Dana Scott Kaufman, Adrian Kreuziger, Mark A. Nikiel, Laurentiu Bogdan Cristofor, Alexa Lynn Keizur, Collin Tibbetts, Charles Hayden
-
Publication number: 20160063491Abstract: Techniques for conducting secure online transactions are provided. Some techniques utilize a trusted, secure device that is distributed to a human user, and which only the user can access, a device reader, and a one-time secret valid only to authenticate a single transaction to improve on the traditional transaction model by isolating elements of the transaction with the user on the user's trusted, secure device. Isolating elements of the transaction on the trusted, secure device facilitates a secure transaction on an untrusted machine and over an untrusted network.Type: ApplicationFiled: November 5, 2015Publication date: March 3, 2016Inventor: David J. Steeves
-
Patent number: 9246894Abstract: When a user account is in an alternate (fault) state, communication or sync between an application provider and a device or client application typically is interrupted. When parties do not support rich fault messaging, communication of the reason for the interruption and remediation steps has been impossible. An application server provides rich fault messaging using applications that do not provide explicit error messaging and protocols that do not provide explicit error messaging without changing either the application or the protocol by additional interactions between an identity provider and the application server. The application server uses authentication state information provided by the identity server to generate a notification sync event that appears to the application and the protocol to be a normal sync event. The notification sync event is used to provide the user with information needed to determine what the problem with the account is and how to fix it.Type: GrantFiled: October 30, 2012Date of Patent: January 26, 2016Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC.Inventors: Ariel N. Gordon, David J. Steeves, Luke T. Abrams, Pui-Yin Wong, Krishna C. Vitaldevara
-
Patent number: 9213992Abstract: Techniques for conducting secure online transactions are provided. Some techniques utilize a trusted, secure device that is distributed to a human user, and which only the user can access, a device reader, and a one-time secret valid only to authenticate a single transaction to improve on the traditional transaction model by isolating elements of the transaction with the user on the user's trusted, secure device. Isolating elements of the transaction on the trusted, secure device facilitates a secure transaction on an untrusted machine and over an untrusted network.Type: GrantFiled: July 8, 2005Date of Patent: December 15, 2015Assignee: Microsoft Technology Licensing, LLCInventor: David J. Steeves
-
Publication number: 20150339477Abstract: One or more techniques and/or systems are provided for risk assessment. Historical authentication data and/or compromised user account data may be evaluated to identify a set of authentication context properties associated with user authentication sessions and/or a set of malicious account context properties associated with compromised user accounts (e.g., properties indicative of whether a user recently visited a malicious site, created a fake social network profile, logged in from unknown locations, etc.). The set of authentication context properties and/or the set of malicious account context properties may be annotated to create an annotated context property training set that may be used to train a risk assessment machine learning model to generate a risk assessment model. The risk assessment model may be used to evaluate user context properties of a user account event to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe.Type: ApplicationFiled: May 21, 2014Publication date: November 26, 2015Inventors: Luke Abrams, David J. Steeves, Robert Alexander Sim, Pui-Yin Winfred Wong, Harry Simon Katz, Aaron Small, Dana Scott Kaufman, Adrian Kreuziger, Mark A. Nikiel, Laurentiu Bogdan Cristofor, Alexa Lynn Keizur, Collin Tibbetts, Charles Hayden
-
Publication number: 20150281200Abstract: Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.Type: ApplicationFiled: September 25, 2014Publication date: October 1, 2015Inventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller
-
Publication number: 20150269537Abstract: Technology is described for protecting transactions. The technology may include a switching component that a user can employ to switch an associated mobile device into a secure mode so that a user can confirm the transaction. After initiating a transaction request, the user can confirm the transaction request by activating the switching component, which can cause the mobile device to switch into a secure mode. In the secure mode, the mobile device may prevent the mobile device from conducting various normal activities, such as executing applications, receiving input, providing output, and so forth. The switching component may disable other processing temporarily. Upon receiving the confirmation from the user, the switching component may send a confirmation communication to complete the transaction.Type: ApplicationFiled: June 3, 2015Publication date: September 24, 2015Inventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller, Gregory D. Hartrell
-
Patent number: 9065812Abstract: Technology is described for protecting transactions. The technology may include a switching component that a user can employ to switch an associated mobile device into a secure mode so that a user can confirm the transaction. After initiating a transaction request, the user can confirm the transaction request by activating the switching component, which can cause the mobile device to switch into a secure mode. In the secure mode, the mobile device may prevent the mobile device from conducting various normal activities, such as executing applications, receiving input, providing output, and so forth. The switching component may disable other processing temporarily. Upon receiving the confirmation from the user, the switching component may send a confirmation communication to complete the transaction.Type: GrantFiled: January 23, 2009Date of Patent: June 23, 2015Assignee: Microsoft Technology Licensing, LLCInventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller, Gregory D. Hartrell
-
Publication number: 20150101010Abstract: A malware analysis system for automating cause and effect analysis of malware infections is provided. The malware analysis system monitors and records computer system activities. Upon being informed of a suspected malware infection, the malware analysis system creates a time-bounded snapshot of the monitored activities that were conducted within a time frame prior to the notification of the suspected malware infection. The malware analysis system may also create a time-bounded snapshot of the monitored activities that are conducted within a time frame subsequent to the notification of the suspected malware infection. The malware analysis system provides the created snapshot or snapshots for further analysis.Type: ApplicationFiled: September 9, 2014Publication date: April 9, 2015Inventors: Gregory D. Hartrell, David J. Steeves, Efim Hudis
-
Patent number: 8955134Abstract: A malware analysis system for automating cause and effect analysis of malware infections is provided. The malware analysis system monitors and records computer system activities. Upon being informed of a suspected malware infection, the malware analysis system creates a time-bounded snapshot of the monitored activities that were conducted within a time frame prior to the notification of the suspected malware infection. The malware analysis system may also create a time-bounded snapshot of the monitored activities that are conducted within a time frame subsequent to the notification of the suspected malware infection. The malware analysis system provides the created snapshot or snapshots for further analysis.Type: GrantFiled: February 8, 2012Date of Patent: February 10, 2015Assignee: Microsoft CorporationInventors: Gregory D. Hartrell, David J. Steeves, Efim Hudis
-
Patent number: 8955135Abstract: A malware analysis system for automating cause and effect analysis of malware infections is provided. The malware analysis system monitors and records computer system activities. Upon being informed of a suspected malware infection, the malware analysis system creates a time-bounded snapshot of the monitored activities that were conducted within a time frame prior to the notification of the suspected malware infection. The malware analysis system may also create a time-bounded snapshot of the monitored activities that are conducted within a time frame subsequent to the notification of the suspected malware infection. The malware analysis system provides the created snapshot or snapshots for further analysis.Type: GrantFiled: February 8, 2012Date of Patent: February 10, 2015Assignee: Microsoft CorporationInventors: Gregory D. Hartrell, David J. Steeves, Efim Hudis