Patents by Inventor David J. Steeves
David J. Steeves has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20150013007Abstract: A malware analysis system for automating cause and effect analysis of malware infections is provided. The malware analysis system monitors and records computer system activities. Upon being informed of a suspected malware infection, the malware analysis system creates a time-bounded snapshot of the monitored activities that were conducted within a time frame prior to the notification of the suspected malware infection. The malware analysis system may also create a time-bounded snapshot of the monitored activities that are conducted within a time frame subsequent to the notification of the suspected malware infection. The malware analysis system provides the created snapshot or snapshots for further analysis.Type: ApplicationFiled: September 9, 2014Publication date: January 8, 2015Inventors: Gregory D. Hartrell, David J. Steeves, Efim Hudis
-
Patent number: 8898758Abstract: Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.Type: GrantFiled: November 22, 2013Date of Patent: November 25, 2014Assignee: Microsoft CorporationInventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller
-
Publication number: 20140223522Abstract: Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.Type: ApplicationFiled: November 22, 2013Publication date: August 7, 2014Applicant: MICROSOFT CORPORATIONInventors: David J. Steeves, Kim Cameron, Bradley Carpenter, David Foster, Quentin S. Miller
-
Patent number: 8782425Abstract: A facility for performing a local human verification ceremony to obtain user verification is provided. Upon determining that user verification is needed to perform an action on a computer system, the facility presents a CAPTCHA challenge requesting verification that the user wants the action performed on the computer system. Upon receiving a response, the facility compares the received response to an expected correct response. If the received response is the correct response, the facility authorizes the action to be performed.Type: GrantFiled: March 7, 2012Date of Patent: July 15, 2014Assignee: Microsoft CorporationInventor: David J. Steeves
-
Patent number: 8732451Abstract: As provided herein, when using an untrusted network connection, a secure online environment can be created for a remote machine by connecting to a trusted computer with a trusted network connection. A proxy server is installed on a first computing device and shared encryption keys are generated for the first device and a portable storage device. A connection is initiated between a second computing device (e.g., remote device), connected to an untrusted network, and the first computing device, comprising initiating a proxy server protocol from the portable storage device (e.g., attached to the second device), using the second computing device. A secure connection between the first and second devices is created using the encryption keys.Type: GrantFiled: May 20, 2009Date of Patent: May 20, 2014Assignee: Microsoft CorporationInventors: Rajesh Viswanathan, David J. Steeves
-
Publication number: 20140123257Abstract: When a user account is in an alternate (fault) state, communication or sync between an application provider and a device or client application typically is interrupted. When parties do not support rich fault messaging, communication of the reason for the interruption and remediation steps has been impossible. An application server provides rich fault messaging using applications that do not provide explicit error messaging and protocols that do not provide explicit error messaging without changing either the application or the protocol by additional interactions between an identity provider and the application server. The application server uses authentication state information provided by the identity server to generate a notification sync event that appears to the application and the protocol to be a normal sync event. The notification sync event is used to provide the user with information needed to determine what the problem with the account is and how to fix it.Type: ApplicationFiled: October 30, 2012Publication date: May 1, 2014Applicant: Microsoft CorporationInventors: Ariel N. Gordon, David J. Steeves, Luke T. Abrams, Pui-Yin Wong, Krishna C. Vitaldevara
-
Patent number: 8667581Abstract: A method and system for detecting and stopping malware propagation using false resource entries is provided. A detection system uses trap door entries that are intentionally inserted into resource location stores to detect resource misuse. A “trap door” is a false resource that can be monitored by the detection system. The detection system monitors trapdoor entries that have been intentionally inserted into resource location stores, and looks for signs of use. The detection system can then determine whether a detected use of a trap door entry is a misuse of the trap door entry, and upon declaring a misuse of the trap door entry, the detection system can appropriately respond to the misuse.Type: GrantFiled: June 8, 2006Date of Patent: March 4, 2014Assignee: Microsoft CorporationInventors: David J. Steeves, Gregory D. Hartrell
-
Patent number: 8590021Abstract: Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.Type: GrantFiled: January 23, 2009Date of Patent: November 19, 2013Assignee: Microsoft CorporationInventors: David J. Steeves, Kim Cameron, Todd L. Carpenter, David Foster, Quentin S. Miller
-
Patent number: 8490201Abstract: One or more strong proofs are maintained as associated with an account of a user. In response to a request to change a security setting of the account, an attempt is made to confirm the request by using one of the one or more strong proofs to notify the user. The change is permitted if the request is confirmed via one or more of the strong proofs, and otherwise the change to the security setting of the account is kept unchanged.Type: GrantFiled: March 26, 2010Date of Patent: July 16, 2013Assignee: Microsoft CorporationInventors: Tarek Bahaa El-Din Mahmoud Kamel, Yordan I. Rouskov, David J. Steeves, Rammohan Nagasubramani, Pui-Yin Winfred Wong, WeiQiang Michael Guo, Vikas Rajvanshy, Orville C. McDonald, Sean Christian Wohlgemuth, Vikrant Minhas
-
Publication number: 20120174215Abstract: A facility for performing a local human verification ceremony to obtain user verification is provided. Upon determining that user verification is needed to perform an action on a computer system, the facility presents a CAPTCHA challenge requesting verification that the user wants the action performed on the computer system. Upon receiving a response, the facility compares the received response to an expected correct response. If the received response is the correct response, the facility authorizes the action to be performed.Type: ApplicationFiled: March 7, 2012Publication date: July 5, 2012Applicant: Microsoft CorporationInventor: David J. Steeves
-
Patent number: 8209469Abstract: Described is a technology by which a single physical storage device such as a USB flash memory device is able to boot different computing devices via corresponding different operating systems. The storage device includes a selection mechanism that determines which virtual disk (corresponding to a LUN) is seen by the host as the currently active LUN having sector 0, and therefore is the boot disk. The selection mechanism also may select which (if any) other LUNs are visible to the host. The selection mechanism and accompanying indicator may be operated when the storage device is disconnected, e.g., via manual switches and/or LEDs, buttons and/or a display (e.g., via internal power). Also described is allowing each LUN to have a user-friendly name.Type: GrantFiled: March 10, 2009Date of Patent: June 26, 2012Assignee: Microsoft CorporationInventors: Todd L. Carpenter, David Abzarian, Mark Myers, David J. Steeves, Jr.
-
Publication number: 20120144490Abstract: A malware analysis system for automating cause and effect analysis of malware infections is provided. The malware analysis system monitors and records computer system activities. Upon being informed of a suspected malware infection, the malware analysis system creates a time-bounded snapshot of the monitored activities that were conducted within a time frame prior to the notification of the suspected malware infection. The malware analysis system may also create a time-bounded snapshot of the monitored activities that are conducted within a time frame subsequent to the notification of the suspected malware infection. The malware analysis system provides the created snapshot or snapshots for further analysis.Type: ApplicationFiled: February 8, 2012Publication date: June 7, 2012Applicant: Microsoft CorporationInventors: Gregory D. Hartrell, David J. Steeves, Efim Hudis
-
Publication number: 20120137342Abstract: A malware analysis system for automating cause and effect analysis of malware infections is provided. The malware analysis system monitors and records computer system activities. Upon being informed of a suspected malware infection, the malware analysis system creates a time-bounded snapshot of the monitored activities that were conducted within a time frame prior to the notification of the suspected malware infection. The malware analysis system may also create a time-bounded snapshot of the monitored activities that are conducted within a time frame subsequent to the notification of the suspected malware infection. The malware analysis system provides the created snapshot or snapshots for further analysis.Type: ApplicationFiled: February 8, 2012Publication date: May 31, 2012Applicant: Microsoft CorporationInventors: Gregory D. Hartrell, David J. Steeves, Efim Hudis
-
Patent number: 8145914Abstract: A facility for performing a local human verification ceremony to obtain user verification is provided. Upon determining that user verification is needed to perform an action on a computer system, the facility presents a CAPTCHA challenge requesting verification that the user wants the action performed on the computer system. Upon receiving a response, the facility compares the received response to an expected correct response. If the received response is the correct response, the facility authorizes the action to be performed.Type: GrantFiled: December 15, 2005Date of Patent: March 27, 2012Assignee: Microsoft CorporationInventor: David J. Steeves
-
Patent number: 8117659Abstract: A malware analysis system for automating cause and effect analysis of malware infections is provided. The malware analysis system monitors and records computer system activities. Upon being informed of a suspected malware infection, the malware analysis system creates a time-bounded snapshot of the monitored activities that were conducted within a time frame prior to the notification of the suspected malware infection. The malware analysis system may also create a time-bounded snapshot of the monitored activities that are conducted within a time frame subsequent to the notification of the suspected malware infection. The malware analysis system provides the created snapshot or snapshots for further analysis.Type: GrantFiled: December 28, 2005Date of Patent: February 14, 2012Assignee: Microsoft CorporationInventors: Gregory D. Hartrell, David J. Steeves, Efim Hudis
-
Patent number: 8091115Abstract: Inline pattern matching and policy enforcement may be implemented by a memory storage device. In an example embodiment, a device-implemented method includes acts of receiving, intercepting, and performing and conditional acts of invoking or permitting. A request from a host to perform a memory access operation is received at a memory storage device. Data flowing between an I/O channel and physical storage of the memory storage device is intercepted. A pattern matching procedure is performed on the data with reference to multiple target patterns in real-time while the data is being intercepted. If a pattern match is detected between the data and a target pattern, a policy enforcement mechanism is invoked. If a pattern match is not detected between the data and the multiple target patterns, the request from the host to perform the memory access operation is permitted.Type: GrantFiled: October 3, 2008Date of Patent: January 3, 2012Assignee: Microsoft CorporationInventors: David Abzarian, Todd L. Carpenter, Harish S. Kulkarni, Mark A. Myers, David J. Steeves
-
Publication number: 20110214173Abstract: One or more strong proofs are maintained as associated with an account of a user. In response to a request to change a security setting of the account, an attempt is made to confirm the request by using one of the one or more strong proofs to notify the user. The change is permitted if the request is confirmed via one or more of the strong proofs, and otherwise the change to the security setting of the account is kept unchanged.Type: ApplicationFiled: March 26, 2010Publication date: September 1, 2011Applicant: Microsoft CorporationInventors: Tarek Bahaa El-Din Mahmoud Kamel, Yordan I. Rouskov, David J. Steeves, Rammohan Nagasubramani, Pui-Yin Winfred Wong, WeiQiang Michael Guo, Vikas Rajvanshy, Orville C. McDonald, Sean Christian Wohlgemuth
-
Patent number: 7933413Abstract: Key exchanges between peer-to-peer devices can be vulnerable to man in the middle attacks. Verification of the key exchanges can be made on a channel, network and/or device different from the channel, network and/or device used for the key exchange to determine whether the key exchange was secure. Verification of the key exchange can also be made through an established and trusted device and/or entity. If the key exchange was secure, the parties to a communication utilizing the key(s) exchanged can be notified, if desired. If the key exchange was not secure, the parties can be notified and the communication can be selectively disconnected.Type: GrantFiled: February 2, 2007Date of Patent: April 26, 2011Assignee: Microsoft CorporationInventors: David J. Steeves, Gregory D. Hartrell, Ryan M. Burkhardt, Jason L. Cohen
-
Patent number: 7913292Abstract: A unique system and method that facilitates visually identifying authentic UI objects, bundles, or windows is provided. A detection component can detect when user-based input has activated a verification mode with respect to one or more trusted UI objects rendered on-screen. A verification component can verify at least one of a source and identity associated with one or more UI objects in order to ensure the integrity related therewith. A verification rendering engine can re-render the one or more trusted UI objects in a manner that is based at least upon whether the one or more trusted UI objects are verified, thus improving visual recognition of verified trusted UI objects over non-verified UI objects.Type: GrantFiled: October 18, 2006Date of Patent: March 22, 2011Assignee: Microsoft CorporationInventors: Gregory D. Hartrell, David J. Steeves
-
Publication number: 20100299518Abstract: As provided herein, when using an untrusted network connection, a secure online environment can be created for a remote machine by connecting to a trusted computer with a trusted network connection. A proxy server is installed on a first computing device and shared encryption keys are generated for the first device and a portable storage device. A connection is initiated between a second computing device (e.g., remote device), connected to an untrusted network, and the first computing device, comprising initiating a proxy server protocol from the portable storage device (e.g., attached to the second device), using the second computing device. A secure connection between the first and second devices is created using the encryption keys.Type: ApplicationFiled: May 20, 2009Publication date: November 25, 2010Applicant: Microsoft CorporationInventors: Rajesh Viswanathan, David J. Steeves