Patents by Inventor Drew Dean

Drew Dean has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20180124018
    Abstract: Aspects may relate to a server comprising: an interface to receive a service request; and a processor coupled to the interface to receive the service request, the processor configured to: implement a firewall appliance for the service request; operate a first micro-security application to generate an anomaly alert for the service request; and operate a second micro-security application to receive the anomaly alert from the first micro-security application or from another server's micro-security application and to determine whether the service request corresponds to a non-benign behavior.
    Type: Application
    Filed: December 22, 2016
    Publication date: May 3, 2018
    Inventors: Gheorghe Cascaval, Hui Chao, Mihai Christodorescu, Drew Dean, Dinakar Khurjati, Shuhua Ge, Hilmi Gunes Kayacik, Arun Raman, Ahmet Salih Buyukkayhan, Yuanwei Fang
  • Patent number: 8584248
    Abstract: A method for transforming untrusted applications into trusted executables through static previrtualization is disclosed. For example, the method receives an untrusted application and extracts a system call from the untrusted application. The method then determines if the system call is privileged or non-privileged. If the system call is privileged, the method replaces the system call with a hypercall. If the system call is non-privileged, it is replaced with a library call. The method repeats this process for additional system calls in the untrusted application to create a trusted executable. The method then forwards the trusted executable.
    Type: Grant
    Filed: October 26, 2011
    Date of Patent: November 12, 2013
    Assignee: SRI International
    Inventors: Natarajan Shankar, Richard Drews Dean
  • Publication number: 20130111593
    Abstract: A method for transforming untrusted applications into trusted executables through static previrtualization is disclosed. For example, the method receives an untrusted application and extracts a system call from the untrusted application. The method then determines if the system call is privileged or non-privileged. If the system call is privileged, the method replaces the system call with a hypercall. If the system call is non-privileged, it is replaced with a library call. The method repeats this process for additional system calls in the untrusted application to create a trusted executable. The method then forwards the trusted executable.
    Type: Application
    Filed: October 26, 2011
    Publication date: May 2, 2013
    Inventors: Natarajan Shankar, Richard Drews Dean
  • Patent number: 8108555
    Abstract: The present invention is directed towards systems and methods for transmitting a DNS beacon for storage. A method according to one embodiment comprises generating one or more data items for logging and transmitting a DNS request to an authoritative DNS server for a logging domain, with the host name of the DNS request comprising the one or more data items for logging. The DNS request, which comprises the data items for logging, is stored on a storage device.
    Type: Grant
    Filed: November 9, 2010
    Date of Patent: January 31, 2012
    Assignee: Yahoo! Inc.
    Inventors: Amr Awadallah, Richard Drews Dean
  • Publication number: 20110055349
    Abstract: The present invention is directed towards systems and methods for transmitting a DNS beacon for storage. A method according to one embodiment comprises generating one or more data items for logging and transmitting a DNS request to an authoritative DNS server for a logging domain, with the host name of the DNS request comprising the one or more data items for logging. The DNS request, which comprises the data items for logging, is stored on a storage device.
    Type: Application
    Filed: November 9, 2010
    Publication date: March 3, 2011
    Applicant: YAHOO! INC.
    Inventors: Amr Awadallah, Richard Drews Dean
  • Patent number: 7853721
    Abstract: The present invention is directed towards systems and methods for transmitting a DNS beacon for storage. A method according to one embodiment comprises generating one or more data items for logging and transmitting a DNS request to an authoritative DNS server for a logging domain, with the host name of the DNS request comprising the one or more data items for logging. The DNS request, which comprises the data items for logging, is stored on a storage device.
    Type: Grant
    Filed: November 9, 2006
    Date of Patent: December 14, 2010
    Assignee: Yahoo! Inc.
    Inventors: Amr Awadallah, Richard Drews Dean
  • Patent number: 7421583
    Abstract: A system, method and article of manufacture are provided for pricing a cryptographic service. A request for a cryptographic service is received. An identification is made of one or more of a computational burden required to perform the cryptographic service, a privacy level of the cryptographic service, and/or a speed of performing the cryptographic service. A price of the cryptographic service is determined based on the computational burden, privacy level, and/or speed. A method is also provided for pricing a cryptographic service based on a compactness of a cryptographic message. A request for encrypting a message is received. The message is encrypted and is also compressed during the encryption. An amount of compression of the message is determined. A price of the encryption is determined based on the amount of compression.
    Type: Grant
    Filed: June 19, 2000
    Date of Patent: September 2, 2008
    Inventors: Thomas A Berson, R Drews Dean, Matthew K Franklin, Teresa F Lunt, Diana K Smetters
  • Publication number: 20080114897
    Abstract: The present invention is directed towards systems and methods for transmitting a DNS beacon for storage. A method according to one embodiment comprises generating one or more data items for logging and transmitting a DNS request to an authoritative DNS server for a logging domain, with the host name of the DNS request comprising the one or more data items for logging. The DNS request, which comprises the data items for logging, is stored on a storage device.
    Type: Application
    Filed: November 9, 2006
    Publication date: May 15, 2008
    Applicant: Yahoo! Inc.
    Inventors: Amr Awadallah, Richard Drews Dean
  • Patent number: 7051199
    Abstract: A system, method and article of manufacture are provided for affording a cryptographic service utilizing a server on a network. Initially, a client is identified utilizing the network. A first key is established, and a tunnel is generated on the network. Thereafter, information is received at the server from the client utilizing the tunnel. Such information is encrypted by the client using the first key. At the server, cryptographic work is performed using the first key.
    Type: Grant
    Filed: June 19, 2000
    Date of Patent: May 23, 2006
    Assignee: Xerox Corporation
    Inventors: Thomas A. Berson, R. Drews Dean, Matthew K. Franklin, Diana K. Smetters
  • Patent number: 6990468
    Abstract: A system, method, and article of manufacture are provided for pricing a cryptographic service on a network utilizing one or more cryptoservers. A request for a cryptographic service is received from a user utilizing a network. The request is received by a cryptographic service provider. A contract is generated based on a variable pricing scheme in response to the request. The contract is sent from the cryptographic service provider to the user utilizing the network. A method is also provided for auditing a security provision on a network utilizing a cryptoserver. A cryptographic key is obtained such as by obtaining it from a trusted source or generating the key. A plurality of users are allowed to request that a cryptoserver use the cryptographic key to sign a message in violation of a security provision. It is determined whether the cryptoserver signed the message in response to the request.
    Type: Grant
    Filed: June 19, 2000
    Date of Patent: January 24, 2006
    Assignee: Xerox Corporation
    Inventors: Thomas A. Berson, R. Drews Dean, Matthew K. Franklin, Teresa F Lunt, Diana K. Smetters
  • Patent number: 6970259
    Abstract: A print management system includes a policy that determines a protection level for a document to be printed. The document is printed using forgery detection and deterrence technologies, such as fragile and robust watermarks, glyphs, and digital signatures, that are appropriate to the level of protection determined by the policy. A plurality of printers are managed by a print management system. Each printer can provide a range of protection technologies. The policy determines the protection technologies for the document to be printed. The print management system routes the print job to a printer that can apply the appropriate protections and sets the appropriate parameters in the printer. Copy evidence that can establish that a document is a forgery and/or tracing information that identifies the custodian of the document and restrictions on copying of the document and use of the information in the document are included in the watermark that is printed on the document.
    Type: Grant
    Filed: November 28, 2000
    Date of Patent: November 29, 2005
    Assignee: Xerox Corporation
    Inventors: Teresa F. Lunt, Matthew K. Franklin, David L. Hecht, Thomas A. Berson, Mark J. Stefik, R. Drew Dean, Alan G. Bell, Thomas M. Breuel, Todd A. Cass, Douglas N. Curry, Daniel H. Greene, Robert T. Krivacic
  • Patent number: 6938154
    Abstract: A system, method and article of manufacture are provided for secure operation of a network device. A digital certificate is assigned to a network user. A command for operation of a network device and the digital certificate are received from the network user. A cryptographic key stored in the network device is utilized to authenticate the digital certificate of the network user. Operation of the network device is enabled if the digital certificate of the network user is authenticated. According to another aspect of the present invention, a system, method and article of manufacture are provided for secure identification of a network device. A digital certificate is assigned to a network device. A command for operation of the network device is received from a network user. The digital certificate is sent to the network user. The network user utilizes a cryptographic key to authenticate the digital certificate of the network device.
    Type: Grant
    Filed: June 19, 2000
    Date of Patent: August 30, 2005
    Assignee: Xerox Corporation
    Inventors: Thomas A. Berson, R. Drews Dean, Matthew K. Franklin, Teresa F. Lunt, Diana K. Smetters
  • Patent number: 6802000
    Abstract: A system for controlling access to online content referenced in a hardcopy document. A user requesting access to online content available on a server responds to an authentication challenge from the server using a password mechanism printed in the hardcopy document. The password mechanism allows the user to identify a password for responding to an authentication request by the server. After authenticating the user, the server initiates a state change to enable subsequent access to the online content by the user with a different password that is also identified with the password mechanism.
    Type: Grant
    Filed: October 28, 1999
    Date of Patent: October 5, 2004
    Assignee: Xerox Corporation
    Inventors: Daniel H. Greene, R. Drews Dean, Thomas A. Berson
  • Patent number: 6754821
    Abstract: A system, method and article of manufacture are provided for transition state-based cryptography in an application including at least one state having a state key associated with it. A request for access is sent to a server utilizing a network upon reaching a state in the application. The request includes a state key associated with the state. A reply is received from the server in response to the request. The reply includes an access key for providing the access if the state key is valid. According to another embodiment of the present invention, a method is provided for transition state-based cryptography in an application including at least one state having a state key associated with it. A request for access is received from a client to a server utilizing a network. The state key is verified at the server. A reply is sent from the server in response to the request. The reply includes an access key for providing the access if the state key is verified.
    Type: Grant
    Filed: June 19, 2000
    Date of Patent: June 22, 2004
    Assignee: Xerox Corporation
    Inventors: Thomas A. Berson, R. Drews Dean, Matthew K. Franklin, Teresa F. Lunt, Diana K. Smetters
  • Patent number: 6728376
    Abstract: A symmetric key encryption system includes a printer or copier for performing decryption in two passes. During a first pass an encrypted image is decrypted to define a first partially decrypted image and during a second pass a complement of the encrypted image is decrypted to define a second partially decrypted image. The first partially decrypted image is formed when the encrypted image is rendered onto a first recording medium through a stencil. The stencil, which is a random arrangement of holes, is overlaid on the first recording medium to permit only selected portions of the encrypted image to be rendered on the recording medium. During the second pass, the complement of the encrypted image is rendered on a second recording medium through a complement of the stencil to yield the second partially decrypted image. Overlaying and aligning the first partially decrypted image and the second partially decrypted image finally decrypts the encrypted image.
    Type: Grant
    Filed: December 22, 1999
    Date of Patent: April 27, 2004
    Assignee: Xerox Corporation
    Inventors: R. Drews Dean, Matthew K. Franklin