Patents by Inventor E. John Sebes

E. John Sebes has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10360382
    Abstract: A method is described to maintain (including generate) an inventory of a system of a plurality of containers accessible by a computer system. At least one container is considered to determine whether the container is executable in at least one of a plurality of execution environments characterizing the computer system. Each execution environment is in the group comprising a native binary execution environment configured to execute native machine language instructions and a non-native execution environment configured to execute at least one program to process non-native machine language instructions to yield native machine language instructions. The inventory is maintained based on a result of the considering step. The inventory may be used to exercise control over what executables are allowed to execute on the computer system.
    Type: Grant
    Filed: January 27, 2017
    Date of Patent: July 23, 2019
    Assignee: McAfee, LLC
    Inventors: Rishi Bhargava, E. John Sebes
  • Publication number: 20170140168
    Abstract: A method is described to maintain (including generate) an inventory of a system of a plurality of containers accessible by a computer system. At least one container is considered to determine whether the container is executable in at least one of a plurality of execution environments characterizing the computer system. Each execution environment is in the group comprising a native binary execution environment configured to execute native machine language instructions and a non-native execution environment configured to execute at least one program to process non-native machine language instructions to yield native machine language instructions. The inventory is maintained based on a result of the considering step. The inventory may be used to exercise control over what executables are allowed to execute on the computer system.
    Type: Application
    Filed: January 27, 2017
    Publication date: May 18, 2017
    Applicant: McAfee, Inc.
    Inventors: Rishi Bhargava, E. John Sebes
  • Patent number: 9602515
    Abstract: On a host, host content change requests are intercepted in real-time. In a tracking mode, the change requests are logged and allowed to take effect on the host. In an enforcement mode, the change requests are logged and additionally compared against authorized change policies and a determination is made whether to allow the change to take effect or to block the changes, thereby enforcing the authorized change policies on the host. Tracking and enforcement can be done in real-time. In either mode and at any time, the logged changes can be reconciled against a set of approved change orders in order to identify classes of changes, including changes that were deployed but not approved and changes that were approved but not deployed.
    Type: Grant
    Filed: September 9, 2015
    Date of Patent: March 21, 2017
    Assignee: McAfee, Inc.
    Inventors: Rahul Roy-Chowdhury, E. John Sebes, Jay Vaishnav
  • Patent number: 9576142
    Abstract: A method is described to maintain (including generate) an inventory of a system of a plurality of containers accessible by a computer system. At least one container is considered to determine whether the container is executable in at least one of a plurality of execution environments characterizing the computer system. Each execution environment is in the group comprising a native binary execution environment configured to execute native machine language instructions and a non-native execution environment configured to execute at least one program to process non-native machine language instructions to yield native machine language instructions. The inventory is maintained based on a result of the considering step. The inventory may be used to exercise control over what executables are allowed to execute on the computer system.
    Type: Grant
    Filed: October 3, 2013
    Date of Patent: February 21, 2017
    Assignee: McAfee, Inc.
    Inventors: Rishi Bhargava, E. John Sebes
  • Publication number: 20160105444
    Abstract: On a host, host content change requests are intercepted in real-time. In a tracking mode, the change requests are logged and allowed to take effect on the host. In an enforcement mode, the change requests are logged and additionally compared against authorized change policies and a determination is made whether to allow the change to take effect or to block the changes, thereby enforcing the authorized change policies on the host. Tracking and enforcement can be done in real-time. In either mode and at any time, the logged changes can be reconciled against a set of approved change orders in order to identify classes of changes, including changes that were deployed but not approved and changes that were approved but not deployed.
    Type: Application
    Filed: September 9, 2015
    Publication date: April 14, 2016
    Applicant: MCAFEE, INC.
    Inventors: Rahul Roy-Chowdhury, E. John Sebes, Jay Vaishnav
  • Patent number: 9134998
    Abstract: On a host, host content change requests are intercepted in real-time. In a tracking mode, the change requests are logged and allowed to take effect on the host. In an enforcement mode, the change requests are logged and additionally compared against authorized change policies and a determination is made whether to allow the change to take effect or to block the changes, thereby enforcing the authorized change policies on the host. Tracking and enforcement can be done in real-time. In either mode and at any time, the logged changes can be reconciled against a set of approved change orders in order to identify classes of changes, including changes that were deployed but not approved and changes that were approved but not deployed.
    Type: Grant
    Filed: April 21, 2014
    Date of Patent: September 15, 2015
    Assignee: McAfee, Inc.
    Inventors: Rahul Roy-Chowdhury, E. John Sebes, Jay Vaishnav
  • Publication number: 20140317592
    Abstract: On a host, host content change requests are intercepted in real-time. In a tracking mode, the change requests are logged and allowed to take effect on the host. In an enforcement mode, the change requests are logged and additionally compared against authorized change policies and a determination is made whether to allow the change to take effect or to block the changes, thereby enforcing the authorized change policies on the host. Tracking and enforcement can be done in real-time. In either mode and at any time, the logged changes can be reconciled against a set of approved change orders in order to identify classes of changes, including changes that were deployed but not approved and changes that were approved but not deployed.
    Type: Application
    Filed: April 21, 2014
    Publication date: October 23, 2014
    Inventors: Rahul Roy-Chowdhury, E. John Sebes, Jay Vaishnav
  • Patent number: 8762928
    Abstract: Client software is modified by a translator to use unique variant of linguistic interface of a service. An interceptor pre-processes subsequent client service requests from translated unique linguistic interface to standard linguistic interface implemented by service. Usage of linguistic interfaces of service is contained, rendering service incapable of executing arbitrary input, even if such input is crafted specifically for the service interface.
    Type: Grant
    Filed: November 15, 2010
    Date of Patent: June 24, 2014
    Assignee: McAfee, Inc.
    Inventors: Rosen Sharma, Bakul Shah, E. John Sebes
  • Patent number: 8763118
    Abstract: A method and system for the classification of software in networked systems, includes: determining a software received by a sensor is attempting to execute on a computer system of the sensor; classifying the software as authorized or unauthorized to execute, and gathering information on the software by the sensor if the software is classified as unauthorized to execute. The sensor sends the information on the software to one or more actuators, which determine whether or not to act on one or more targets based on the information. If so, then the actuator sends a directive to the target(s). The target(s) updates its responses according to the directive. The classification of the software is definitive and is not based on heuristics or rules or policies and without any need to rely on any a priori information about the software.
    Type: Grant
    Filed: September 28, 2012
    Date of Patent: June 24, 2014
    Assignee: McAfee, Inc.
    Inventors: E. John Sebes, Rishi Bhargava
  • Patent number: 8707446
    Abstract: On a host, host content change requests are intercepted in real-time. In a tracking mode, the change requests are logged and allowed to take effect on the host. In an enforcement mode, the change requests are logged and additionally compared against authorized change policies and a determination is made whether to allow the change to take effect or to block the changes, thereby enforcing the authorized change policies on the host. Tracking and enforcement can be done in real-time. In either mode and at any time, the logged changes can be reconciled against a set of approved change orders in order to identify classes of changes, including changes that were deployed but not approved and changes that were approved but not deployed.
    Type: Grant
    Filed: July 2, 2012
    Date of Patent: April 22, 2014
    Assignee: McAfee, Inc.
    Inventors: Rahul Roy-Chowdhury, E. John Sebes, Jay Vaishnav
  • Publication number: 20140101783
    Abstract: A method is described to maintain (including generate) an inventory of a system of a plurality of containers accessible by a computer system. At least one container is considered to determine whether the container is executable in at least one of a plurality of execution environments characterizing the computer system. Each execution environment is in the group comprising a native binary execution environment configured to execute native machine language instructions and a non-native execution environment configured to execute at least one program to process non-native machine language instructions to yield native machine language instructions. The inventory is maintained based on a result of the considering step. The inventory may be used to exercise control over what executables are allowed to execute on the computer system.
    Type: Application
    Filed: October 3, 2013
    Publication date: April 10, 2014
    Inventors: Rishi Bhargava, E. John Sebes
  • Patent number: 8561082
    Abstract: Client software is modified by a translator to use unique variant of linguistic interface of a service. An interceptor pre-processes subsequent client service requests from translated unique linguistic interface to standard linguistic interface implemented by service. Usage of linguistic interfaces of service is contained, rendering service incapable of executing arbitrary input, even if such input is crafted specifically for the service interface.
    Type: Grant
    Filed: October 13, 2010
    Date of Patent: October 15, 2013
    Assignee: McAfee, Inc.
    Inventors: Rosen Sharma, Bakul Shah, E. John Sebes
  • Patent number: 8561051
    Abstract: System and method for solidifying (or “freezing”) the set of software and configuration data available for execution on a computer. Any additional software installed on the computer after the solidification process will not execute, regardless of whether the installation is initiated or otherwise performed by a person with administrative privilege. The ability to allow new or modified software to execute on the computer rests with an integrity server separate from and outside of the solidified computer. The solidification of software and configuration data proceeds on a level of granularity selectable by the integrity server and any operators thereof.
    Type: Grant
    Filed: December 22, 2010
    Date of Patent: October 15, 2013
    Assignee: McAfee, Inc.
    Inventor: E. John Sebes
  • Patent number: 8555404
    Abstract: Techniques which allow definition and enforcement of connectivity-based action and execution authorization policies. On a computer, an action or execution attempt is intercepted in real-time. The connectivity state of the computer, the subject process, the program file of the subject process, the attempted action and the object of the attempted action are determined. An authorization policy considering the connectivity state indicates whether the attempted action is authorized or not. In a tracking mode, the attempted action and its authorization are logged and the attempted action is allowed to proceed. In an enforcement mode, unauthorized attempts are blocked and logged, thereby enforcing the authorization policy.
    Type: Grant
    Filed: May 18, 2006
    Date of Patent: October 8, 2013
    Assignee: McAfee, Inc.
    Inventors: E. John Sebes, Rishi Bhargava, David P. Reese
  • Patent number: 8549546
    Abstract: Client software is modified by a translator to use unique variant of linguistic interface of a service. An interceptor pre-processes subsequent client service requests from translated unique linguistic interface to standard linguistic interface implemented by service. Usage of linguistic interfaces of service is contained, rendering service incapable of executing arbitrary input, even if such input is crafted specifically for the service interface.
    Type: Grant
    Filed: November 15, 2010
    Date of Patent: October 1, 2013
    Assignee: McAfee, Inc.
    Inventors: Rosen Sharma, Bakul Shah, E. John Sebes
  • Publication number: 20130247016
    Abstract: Client software is modified by a translator to use unique variant of linguistic interface of a service. An interceptor pre-processes subsequent client service requests from translated unique linguistic interface to standard linguistic interface implemented by service. Usage of linguistic interfaces of service is contained, rendering service incapable of executing arbitrary input, even if such input is crafted specifically for the service interface.
    Type: Application
    Filed: November 15, 2010
    Publication date: September 19, 2013
    Inventors: Rosen Sharma, Bakul Shah, E. John Sebes
  • Publication number: 20130247226
    Abstract: Techniques which allow definition and enforcement of connectivity-based action and execution authorization policies. On a computer, an action or execution attempt is intercepted in real-time. The connectivity state of the computer, the subject process, the program file of the subject process, the attempted action and the object of the attempted action are determined. An authorization policy considering the connectivity state indicates whether the attempted action is authorized or not. In a tracking mode, the attempted action and its authorization are logged and the attempted action is allowed to proceed. In an enforcement mode, unauthorized attempts are blocked and logged, thereby enforcing the authorization policy.
    Type: Application
    Filed: May 18, 2006
    Publication date: September 19, 2013
    Applicant: SolidCore Systems, Inc.
    Inventors: E. John Sebes, Rishi Bhargava, David P. Reese
  • Publication number: 20130247027
    Abstract: Techniques relating to the distribution and installation of solidified (or “frozen”) software on a computer are disclosed. Any additional software installed on the computer after the solidification process will not execute, regardless of whether the installation is initiated or otherwise performed by a person with administrative privilege. The installation of the solidified software can be carried out by installing pre-solidified software, by solidifying the software at the source code level and by solidifying the software by the compiler. The solidification can also be performed when software distributions are manufactured, for example on CDs, or as part of an installation procedure that can run and/or install differently each time. A business process for billing customers for the transfer or usage of solidified software is also disclosed.
    Type: Application
    Filed: February 16, 2005
    Publication date: September 19, 2013
    Applicant: SolidCore Systems, Inc.
    Inventors: Bakul Shah, Rishi Bhargava, E. John Sebes
  • Publication number: 20130246517
    Abstract: Method and system for containing networked application client software in order to perform specified transactions only given explicit consent of a legitimate user. In one embodiment, a confirmation interceptor intercepts a service request message, queries the user of the request for a confirmation, and then either passes the service request message onto server application software or drops the request, depending on the user's confirmation response. In soliciting and processing the confirmation response, query is formulated so that the required response cannot be automatically generated by software that attempts to automate and simulate the user's actions.
    Type: Application
    Filed: August 29, 2003
    Publication date: September 19, 2013
    Applicant: SolidCore Systems, Inc.
    Inventors: Rosen Sharma, Bakul Shah, E. John Sebes
  • Publication number: 20130246044
    Abstract: Client software is modified by a translator to use unique variant of linguistic interface of a service. An interceptor pre-processes subsequent client service requests from translated unique linguistic interface to standard linguistic interface implemented by service. Usage of linguistic interfaces of service is contained, rendering service incapable of executing arbitrary input, even if such input is crafted specifically for the service interface.
    Type: Application
    Filed: October 13, 2010
    Publication date: September 19, 2013
    Inventors: Rosen Sharma, Bakul Shah, E. John Sebes