Patents by Inventor Dmitry Denisov
Dmitry Denisov has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10860569Abstract: A method for processing events comprising time series data may include inferring different schema associated with the events. The method may also include storing property definitions corresponding to the events. Each property definition may include a name and a data type. The method may also include storing schema definitions corresponding to the different schema that are inferred. Each schema definition may include a set of one or more properties. The method may also include updating at least one data structure for storing information about the events based on the different schema that are inferred.Type: GrantFiled: October 17, 2017Date of Patent: December 8, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Alexandre Igorevich Mineev, Venkatasubramanian Jayaraman, Dmitry Denisov, Matthew Robert Darsney, Om Prakash Ravi
-
Publication number: 20190114338Abstract: A method for processing events comprising time series data may include inferring different schema associated with the events. The method may also include storing property definitions corresponding to the events. Each property definition may include a name and a data type. The method may also include storing schema definitions corresponding to the different schema that are inferred. Each schema definition may include a set of one or more properties. The method may also include updating at least one data structure for storing information about the events based on the different schema that are inferred.Type: ApplicationFiled: October 17, 2017Publication date: April 18, 2019Inventors: Alexandre Igorevich MINEEV, Venkatasubramanian JAYARAMAN, Dmitry DENISOV, Matthew Robert DARSNEY, Om Prakash RAVI
-
Publication number: 20190114351Abstract: A method for improving readability of a heatmap representing time series data may include obtaining a set of time series. Each time series may be associated with a key property and may include a set of values. The set of values in a time series may include results of performing an aggregate function with respect to a measure property in events that are associated with the key property, and at time intervals having an interval size. For each time series, an average value may be determined for the set of values within the time series. A heatmap may be rendered based on the set of time series. The set of time series may be ordered vertically in the heatmap based on the set of average values that are determined for the set of time series.Type: ApplicationFiled: October 12, 2017Publication date: April 18, 2019Inventors: Alexandre Igorevich MINEEV, Matthew Robert DARSNEY, Dmitry DENISOV, Om Prakash RAVI
-
Publication number: 20190114339Abstract: A method for facilitating access to information contained within stored events may include receiving a request to provide information about a set of events. The set of events may correspond to time series data from a plurality of devices. The method may also include identifying patterns within the set of events in response to the request. Identifying the patterns within the set of events may include performing basket analysis. The method may also include selecting a subset of the patterns based at least partially on percentage of occurrence within the set of events and pattern similarity.Type: ApplicationFiled: October 17, 2017Publication date: April 18, 2019Inventors: Alexandre Igorevich MINEEV, Dmitry DENISOV, Om Prakash RAVI, Karthik SUBRAMANIAN
-
Patent number: 9894040Abstract: Embodiments are directed to securing data in the cloud, securely encrypting data that is to be stored in the cloud and to securely decrypting data accessed from the cloud. In one scenario, an instantiated trust service receives information indicating that a trust server is to be instantiated. The trust service instantiates the trust server, which is configured to store key references and encrypted keys. The trust service receives the public key portion of a digital certificate for each publisher and subscriber that is to have access to various specified portions of encrypted data. A data access policy is then defined that specifies which encrypted data portions can be accessed by which subscribers.Type: GrantFiled: September 11, 2012Date of Patent: February 13, 2018Assignee: Microsoft Technology Licensing, LLCInventors: Irina Gorbach, Venkatesh Krishnan, Andrey Shur, Dmitry Denisov, Lars Kuhtz, Sumalatha Adabala, Roy Peter D'Souza, Michael Entin, Michael Ray Clark, Gitika Aggarwal Saubhasik
-
Patent number: 9647837Abstract: Embodiments include method, systems, and computer program products for filtering trust services records. Embodiments include receiving a trust services record that includes a plurality of security components and that is usable to secure data that is stored in an untrusted location. It is determined whether the trust services record has been tampered with, including verifying each of the plurality of security components of the trust services record. The trust services record is filtered based on the determination of whether the trust services record has been tampered with. The filtering includes, when the trust services record is determined to have not been tampered with, allowing performance of at least one task with respect to the secured data; and, when the trust services record is determined to have been tampered with, disallowing performance of any task with respect to the secured data.Type: GrantFiled: January 29, 2015Date of Patent: May 9, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Irina Gorbach, Venkatesh Krishnan, Andrey Shur, Dmitry Denisov, Lars Kuhtz, Sumant Mehta, Marina Galata
-
Patent number: 9189648Abstract: Embodiments are directed to mapping encryption policies to data stored in a database using a policy identifier, and to accessing data stored in a database using a policy identifier. In one scenario, a computer system receives an indication that identifies which type of encryption is to be applied when encrypting a specified portion of data stored in a database. The database has a database schema identified by a database schema identifier, where the database schema defines relationships for data stored in the database. The computer system then accesses a namespace that identifies a set of databases in which the specified portion of data is accessed in the same manner. The computer system also generates a policy identifier, which contains information including the namespace and the database schema identifier.Type: GrantFiled: August 13, 2014Date of Patent: November 17, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Michael Entin, Dmitry Denisov, Lars Kuhtz, Irina Gorbach, Venkatesh Krishnan, Andrey Shur
-
Publication number: 20150143127Abstract: Embodiments include method, systems, and computer program products for filtering trust services records. Embodiments include receiving a trust services record that includes a plurality of security components and that is usable to secure data that is stored in an untrusted location. It is determined whether the trust services record has been tampered with, including verifying each of the plurality of security components of the trust services record. The trust services record is filtered based on the determination of whether the trust services record has been tampered with. The filtering includes, when the trust services record is determined to have not been tampered with, allowing performance of at least one task with respect to the secured data; and, when the trust services record is determined to have been tampered with, disallowing performance of any task with respect to the secured data.Type: ApplicationFiled: January 29, 2015Publication date: May 21, 2015Inventors: Irina Gorbach, Venkatesh Krishnan, Andrey Shur, Dmitry Denisov, Lars Kuhtz, Sumant Mehta, Marina Galata
-
Patent number: 8959351Abstract: Embodiments are directed to securely filtering trust services records. In one scenario, a client computer system receives at least one of the following trust services records: a trust services certificate, a principal certificate, a group certificate and a trust services policy. The client computer system performs a time validity check to validate the trust services record's timestamp, performs an integrity check to validate the integrity of the trust services record and performs a signature validity check to ensure that the entity claiming to have created the trust services record is the actual creator of the trust services record. The client computer system then, based on the time validity check, the integrity check and the signature validity check, determines that the trust services record is valid and allows a client computer system user to perform a specified task using the validated trust services record.Type: GrantFiled: September 13, 2012Date of Patent: February 17, 2015Assignee: Microsoft CorporationInventors: Irina Gorbach, Venkatesh Krishnan, Andrey Shur, Dmitry Denisov, Lars Kuhtz, Sumant Mehta, Marina Galata
-
Publication number: 20140351884Abstract: Embodiments are directed to mapping encryption policies to data stored in a database using a policy identifier, and to accessing data stored in a database using a policy identifier. In one scenario, a computer system receives an indication that identifies which type of encryption is to be applied when encrypting a specified portion of data stored in a database. The database has a database schema identified by a database schema identifier, where the database schema defines relationships for data stored in the database. The computer system then accesses a namespace that identifies a set of databases in which the specified portion of data is accessed in the same manner. The computer system also generates a policy identifier, which contains information including the namespace and the database schema identifier.Type: ApplicationFiled: August 13, 2014Publication date: November 27, 2014Inventors: Michael Entin, Dmitry Denisov, Lars Kuhtz, Irina Gorbach, Venkatesh Krishnan, Andrey Shur
-
Patent number: 8819770Abstract: Embodiments are directed to mapping encryption policies to user data stored in a database using a policy column uniform resource identifier (URI). In one scenario, a computer system receives the following: a database schema name that identifies the name of a specified schema within a relational database in which user data is stored, a table name that identifies a specified table within the relational database, a column name that identifies a specified column in the specified table and a namespace identifier that identifies a set of relational databases. The computer system also receives an indication that identifies which type of encryption is to be applied when encrypting the column of data specified by the column name. The computer system then generates a policy column URI that includes a hierarchical string comprising the namespace identifier, the database schema name, the table name and the column name.Type: GrantFiled: October 4, 2012Date of Patent: August 26, 2014Assignee: Microsoft CorporationInventors: Michael Entin, Dmitry Denisov, Lars Kuhtz, Irina Gorbach, Venkatesh Krishnan, Andrey Shur
-
Publication number: 20140115327Abstract: In one scenario, a computer system accesses a first principal's public key to generate a group private key that is encrypted using the first principal's public key. The generated group private key provides access to data keys that are used to encrypt data resources. The computer system accesses a second principal's public key to encrypt the generated group private key using the second principal's public key and encrypts at least one of the data keys using a group public key, where the data key allows access to encrypted data resources. The first principal then decrypts the group private key using the first principal's private key, decrypts the data key using the decrypted group private key and accesses the data resource using the decrypted data key. The second principal also performs these functions with their private key to access the data resource.Type: ApplicationFiled: October 22, 2012Publication date: April 24, 2014Applicant: Microsoft CorporationInventors: Irina Gorbach, Venkatesh Krishnan, Rafayel Bezirganyan, Andrey Shur, Dmitry Denisov, Lars Kuhtz
-
Publication number: 20140101713Abstract: Embodiments are directed to mapping encryption policies to user data stored in a database using a policy column uniform resource identifier (URI). In one scenario, a computer system receives the following: a database schema name that identifies the name of a specified schema within a relational database in which user data is stored, a table name that identifies a specified table within the relational database, a column name that identifies a specified column in the specified table and a namespace identifier that identifies a set of relational databases. The computer system also receives an indication that identifies which type of encryption is to be applied when encrypting the column of data specified by the column name. The computer system then generates a policy column URI that includes a hierarchical string comprising the namespace identifier, the database schema name, the table name and the column name.Type: ApplicationFiled: October 4, 2012Publication date: April 10, 2014Applicant: MICROSOFT CORPORATIONInventors: Michael Entin, Dmitry Denisov, Lars Kuhtz, Irina Gorbach, Venkatesh Krishnan, Andrey Shur
-
Publication number: 20140075184Abstract: Embodiments are directed to securing data in the cloud, securely encrypting data that is to be stored in the cloud and to securely decrypting data accessed from the cloud. In one scenario, an instantiated trust service receives information indicating that a trust server is to be instantiated. The trust service instantiates the trust server, which is configured to store key references and encrypted keys. The trust service receives the public key portion of a digital certificate for each publisher and subscriber that is to have access to various specified portions of encrypted data. A data access policy is then defined that specifies which encrypted data portions can be accessed by which subscribers.Type: ApplicationFiled: September 11, 2012Publication date: March 13, 2014Applicant: MICROSOFT CORPORATIONInventors: Irina Gorbach, Venkatesh Krishnan, Andrey Shur, Dmitry Denisov, Lars Kuhtz, Sumalatha Adabala, Roy Peter D'Souza, Michael Entin, Michael Ray Clark, Gitika Aggarwal Saubhasik
-
Publication number: 20140075196Abstract: Embodiments are directed to securely filtering trust services records. In one scenario, a client computer system receives at least one of the following trust services records: a trust services certificate, a principal certificate, a group certificate and a trust services policy. The client computer system performs a time validity check to validate the trust services record's timestamp, performs an integrity check to validate the integrity of the trust services record and performs a signature validity check to ensure that the entity claiming to have created the trust services record is the actual creator of the trust services record. The client computer system then, based on the time validity check, the integrity check and the signature validity check, determines that the trust services record is valid and allows a client computer system user to perform a specified task using the validated trust services record.Type: ApplicationFiled: September 13, 2012Publication date: March 13, 2014Applicant: MICROSOFT CORPORATIONInventors: Irina Gorbach, Venkatesh Krishnan, Andrey Shur, Dmitry Denisov, Lars Kuhtz, Sumant Mehta, Marina Galata
-
Publication number: 20030206100Abstract: A computer implemented communications method and protocol is provided which utilizes an XML based communications protocol for security monitoring purposes. The XML based communications protocol consists of numerous modules which receive and convert data messages from varying security devices and sensors, standardize and send converted messages, and encrypt and decrypt said data messages as necessary. With a security system core application (SCA) running on various integrated checkpoint, base station and headquarter based computers and/or other data processing units, the data messages are filtered and transmitted from checkpoint computers to base station computers, then received by a headquarters data processing unit. The SCA running on base station and/or headquarters computers analyzes, reports and logs environmental as well as security events within one or more subject sites.Type: ApplicationFiled: June 20, 2002Publication date: November 6, 2003Inventors: Lawrence Richman, Anca Vacaru, Olga A. Zatusevschi, Andrey Germanovich Belyshev, Martin J. B. Oostendorp, Dmitry Denisov, Konstantin Alexeev