Patents by Inventor David Steven Gross
David Steven Gross has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 12284185Abstract: In one embodiment, a method includes receiving, by a WebAuthn proxy, login prompt information from a browser. The WebAuthn proxy and the browser are installed on a device. The method also includes generating, by the WebAuthn proxy, a WebAuthn credential request based on the login prompt information and communicating, by the WebAuthn proxy, the WebAuthn credential request to a WebAuthn authenticator. The method further includes receiving, by the WebAuthn proxy, a WebAuthn response from the WebAuthn authenticator and communicating, by the WebAuthn proxy, the WebAuthn response to the browser.Type: GrantFiled: April 23, 2024Date of Patent: April 22, 2025Assignee: CISCO TECHNOLOGY, INC.Inventors: Oliver Robert Stocker, Jeremy Lee Erickson, David Steven Gross
-
Publication number: 20240275786Abstract: In one embodiment, a method includes receiving, by a WebAuthn proxy, login prompt information from a browser. The WebAuthn proxy and the browser are installed on a device. The method also includes generating, by the WebAuthn proxy, a WebAuthn credential request based on the login prompt information and communicating, by the WebAuthn proxy, the WebAuthn credential request to a WebAuthn authenticator. The method further includes receiving, by the WebAuthn proxy, a WebAuthn response from the WebAuthn authenticator and communicating, by the WebAuthn proxy, the WebAuthn response to the browser.Type: ApplicationFiled: April 23, 2024Publication date: August 15, 2024Inventors: Oliver Robert Stocker, Jeremy Lee Erickson, David Steven Gross
-
Publication number: 20240275794Abstract: According to an embodiment, a system comprises one or more processors and one or more computer-readable non-transitory storage media comprising instructions that, when executed by the one or more processors, cause one or more components of the system to perform operations. The operations comprise determining that an endpoint device has requested to discover a location of a protected resource that is protected by a gateway, determining whether the endpoint device has provided a token that is valid, and permitting the endpoint device to discover the location of the protected resource based on determining that the endpoint device has provided the token that is valid. The token indicates that the endpoint device successfully completed a first multi-factor authentication procedure in connection with accessing an authentication enforcement resource.Type: ApplicationFiled: April 25, 2024Publication date: August 15, 2024Inventors: Sharif Mufid-Sharif Anani, Omar Abduljaber, Christopher Carl Cassell, Marc Neuberger, David Steven Gross, Luis Daniel Mendez
-
Patent number: 12003512Abstract: According to an embodiment, a system comprises one or more processors and one or more computer-readable non-transitory storage media comprising instructions that, when executed by the one or more processors, cause one or more components of the system to perform operations. The operations comprise determining that an endpoint device has requested to discover a location of a protected resource that is protected by a gateway, determining whether the endpoint device has provided a token that is valid, and permitting the endpoint device to discover the location of the protected resource based on determining that the endpoint device has provided the token that is valid. The token indicates that the endpoint device successfully completed a first multi-factor authentication procedure in connection with accessing an authentication enforcement resource.Type: GrantFiled: October 21, 2021Date of Patent: June 4, 2024Assignee: CISCO TECHNOLOGY, INC.Inventors: Sharif Mufid-Sharif Anani, Omar Abduljaber, Christopher Carl Cassell, Marc Neuberger, David Steven Gross, Luis Daniel Mendez
-
Patent number: 11997090Abstract: In one embodiment, a method includes receiving, by a WebAuthn proxy, login prompt information from a browser. The WebAuthn proxy and the browser are installed on a device. The method also includes generating, by the WebAuthn proxy, a WebAuthn credential request based on the login prompt information and communicating, by the WebAuthn proxy, the WebAuthn credential request to a WebAuthn authenticator. The method further includes receiving, by the WebAuthn proxy, a WebAuthn response from the WebAuthn authenticator and communicating, by the WebAuthn proxy, the WebAuthn response to the browser.Type: GrantFiled: November 29, 2021Date of Patent: May 28, 2024Assignee: CISCO TECHNOLOGY, INC.Inventors: Oliver Robert Stocker, Jeremy Lee Erickson, David Steven Gross
-
Publication number: 20240031365Abstract: This disclosure describes techniques for identifying an application (e.g., accessing application) that is attempting to access a resource. In some examples, access may be managed by an authentication service. When an access request is received at the authentication service from an application on a client device, the authentication service may ask the application to communicate with an identification agent on the client device. The identification agent may perform one or more tests to discover the identity of the application. In some cases, the identification agent may send the identity of the application to the authentication service. The authentication service may then allow or deny access by the accessing application to the resource based at least in part on the discovered identity.Type: ApplicationFiled: September 28, 2023Publication date: January 25, 2024Inventors: David Steven Gross, Jennifer Lee Bammel, David William Matteson, Christopher Carl Cassell, Kyle David Mills
-
Patent number: 11799856Abstract: This disclosure describes techniques for identifying an application (e.g., accessing application) that is attempting to access a resource. In some examples, access may be managed by an authentication service. When an access request is received at the authentication service from an application on a client device, the authentication service may ask the application to communicate with an identification agent on the client device. The identification agent may perform one or more tests to discover the identity of the application. In some cases, the identification agent may send the identity of the application to the authentication service. The authentication service may then allow or deny access by the accessing application to the resource based at least in part on the discovered identity.Type: GrantFiled: March 5, 2021Date of Patent: October 24, 2023Assignee: Cisco Technology, Inc.Inventors: David Steven Gross, Jennifer Lee Bammel, David William Matteson, Christopher Carl Cassell, Kyle David Mills
-
Publication number: 20230171252Abstract: In one embodiment, a method includes receiving, by a WebAuthn proxy, login prompt information from a browser. The WebAuthn proxy and the browser are installed on a device. The method also includes generating, by the WebAuthn proxy, a WebAuthn credential request based on the login prompt information and communicating, by the WebAuthn proxy, the WebAuthn credential request to a WebAuthn authenticator. The method further includes receiving, by the WebAuthn proxy, a WebAuthn response from the WebAuthn authenticator and communicating, by the WebAuthn proxy, the WebAuthn response to the browser.Type: ApplicationFiled: November 29, 2021Publication date: June 1, 2023Inventors: Oliver Robert Stocker, Jeremy Lee Erickson, David Steven Gross
-
Publication number: 20230126355Abstract: According to an embodiment, a system comprises one or more processors and one or more computer-readable non-transitory storage media comprising instructions that, when executed by the one or more processors, cause one or more components of the system to perform operations. The operations comprise determining that an endpoint device has requested to discover a location of a protected resource that is protected by a gateway, determining whether the endpoint device has provided a token that is valid, and permitting the endpoint device to discover the location of the protected resource based on determining that the endpoint device has provided the token that is valid. The token indicates that the endpoint device successfully completed a first multi-factor authentication procedure in connection with accessing an authentication enforcement resource.Type: ApplicationFiled: October 21, 2021Publication date: April 27, 2023Inventors: Sharif Mufid-Sharif Anani, Omar Abduljaber, Christopher Carl Cassell, Marc Neuberger, David Steven Gross, Luis Daniel Mendez
-
Publication number: 20220286455Abstract: This disclosure describes techniques for identifying an application (e.g., accessing application) that is attempting to access a resource. In some examples, access may be managed by an authentication service. When an access request is received at the authentication service from an application on a client device, the authentication service may ask the application to communicate with an identification agent on the client device. The identification agent may perform one or more tests to discover the identity of the application. In some cases, the identification agent may send the identity of the application to the authentication service. The authentication service may then allow or deny access by the accessing application to the resource based at least in part on the discovered identity.Type: ApplicationFiled: March 5, 2021Publication date: September 8, 2022Inventors: David Steven Gross, Jennifer Lee Bammel, David William Matteson, Christopher Carl Cassell, Kyle David Mills