Patents by Inventor E. John Sebes
E. John Sebes has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8539063Abstract: Method and system for containing networked application client software in order to perform specified transactions only given explicit consent of a legitimate user. In one embodiment, a confirmation interceptor intercepts a service request message, queries the user of the request for a confirmation, and then either passes the service request message onto server application software or drops the request, depending on the user's confirmation response. In soliciting and processing the confirmation response, query is formulated so that the required response cannot be automatically generated by software that attempts to automate and simulate the user's actions.Type: GrantFiled: August 29, 2003Date of Patent: September 17, 2013Assignee: McAfee, Inc.Inventors: Rosen Sharma, Bakul Shah, E. John Sebes
-
Publication number: 20130024934Abstract: A method and system for the classification of software in networked systems, includes: determining a software received by a sensor is attempting to execute on a computer system of the sensor; classifying the software as authorized or unauthorized to execute, and gathering information on the software by the sensor if the software is classified as unauthorized to execute. The sensor sends the information on the software to one or more actuators, which determine whether or not to act on one or more targets based on the information. If so, then the actuator sends a directive to the target(s). The target(s) updates its responses according to the directive. The classification of the software is definitive and is not based on heuristics or rules or policies and without any need to rely on any a priori information about the software.Type: ApplicationFiled: September 28, 2012Publication date: January 24, 2013Inventors: E. John Sebes, Rishi Bhargava
-
Patent number: 8352930Abstract: A method is employed to group computers to facilitate application of a software modification to the computers. The method includes identifying a global set of computers to which it is desired to apply the software modification. Based on characteristics of software configurations of the computers of the identified global set, the computers of the identified global set are grouped into a plurality of clusters. Grouping the computers into a plurality of clusters includes processing syntactic information about the computers to identify the plurality of clusters and applying the software modification to the computers of the clusters. The software modification is applied with an adjustment for each cluster in an attempt to avoid software breakage of the computers of that cluster.Type: GrantFiled: April 24, 2006Date of Patent: January 8, 2013Assignee: McAfee, Inc.Inventors: E. John Sebes, Jay Vaishnav
-
Patent number: 8321932Abstract: Techniques which allow definition and enforcement of program-based action authorization policies. On a computer, an action or execution attempt is intercepted in real-time. The subject process, the program file of the subject process, the attempted action and the object of the attempted action are determined. An authorization policy considering the program file indicates whether the attempted action is authorized or not. In a tracking mode, the attempted action and its authorization are logged and the attempted action is allowed to proceed. In an enforcement mode, unauthorized attempts are blocked and logged, thereby enforcing the authorization policy.Type: GrantFiled: December 22, 2010Date of Patent: November 27, 2012Assignee: McAfee, Inc.Inventors: Rishi Bhargava, E. John Sebes
-
Patent number: 8307437Abstract: A method and system for the classification of software in networked systems, includes: determining a software received by a sensor is attempting to execute on a computer system of the sensor; classifying the software as authorized or unauthorized to execute, and gathering information on the software by the sensor if the software is classified as unauthorized to execute. The sensor sends the information on the software to one or more actuators, which determine whether or not to act on one or more targets based on the information. If so, then the actuator sends a directive to the target(s). The target(s) updates its responses according to the directive. The classification of the software is definitive and is not based on heuristics or rules or policies and without any need to rely on any a priori information about the software.Type: GrantFiled: November 11, 2010Date of Patent: November 6, 2012Assignee: McAfee, Inc.Inventors: E. John Sebes, Rishi Bhargava
-
Publication number: 20120278853Abstract: On a host, host content change requests are intercepted in real-time. In a tracking mode, the change requests are logged and allowed to take effect on the host. In an enforcement mode, the change requests are logged and additionally compared against authorized change policies and a determination is made whether to allow the change to take effect or to block the changes, thereby enforcing the authorized change policies on the host. Tracking and enforcement can be done in real-time. In either mode and at any time, the logged changes can be reconciled against a set of approved change orders in order to identify classes of changes, including changes that were deployed but not approved and changes that were approved but not deployed.Type: ApplicationFiled: July 2, 2012Publication date: November 1, 2012Inventors: Rahul Roy-Chowdhury, E. John Sebes, Jay Vaishnav
-
Patent number: 8234713Abstract: On a host, host content change requests are intercepted in real-time. In a tracking mode, the change requests are logged and allowed to take effect on the host. In an enforcement mode, the change requests are logged and additionally compared against authorized change policies and a determination is made whether to allow the change to take effect or to block the changes, thereby enforcing the authorized change policies on the host. Tracking and enforcement can be done in real-time. In either mode and at any time, the logged changes can be reconciled against a set of approved change orders in order to identify classes of changes, including changes that were deployed but not approved and changes that were approved but not deployed.Type: GrantFiled: December 17, 2009Date of Patent: July 31, 2012Assignee: McAfee, Inc.Inventors: Rahul Roy-Chowdhury, E. John Sebes, Jay Vaishnav
-
Patent number: 8028340Abstract: A method for providing solidified software in a computing environment includes creating a new reference for a function in a function table; copying an address of the function and associating the address with the new reference; replacing the address associated with an old reference of the function with a dummy address; and substituting each old reference in normal code with the new reference, where injected code is not able to execute in the computing environment. The function table entries can be further randomized by reordering the entries, introducing intermediate mappings, or providing non-operative entries. Alternatively, all or part of the code of the function can be copied and moved to a different storage location and associated with the new reference. The copied code can be further randomized by the insertion of dummy code, utilizing reverse peephole techniques, varying the size of the copied portion, or interleaving non-operative code.Type: GrantFiled: September 1, 2009Date of Patent: September 27, 2011Assignee: McAfee, Inc.Inventors: E. John Sebes, Rishi Bhargava, Dilip Naik
-
Patent number: 7987230Abstract: Invention selectively enables usage of services and communication conduits in a computer network, wherein the enablement is contingent on usage conditions, resulting in containment of the spread of unauthorized activity within a networked computer system and limiting the scope of results when an element becomes part of a hostile execution environment. Instead of protecting individual networked elements from a potentially hostile execution environment, the elements' usage of the networked environment is restricted to the extent of selectively allowing usage of needed resources explicitly authorized for use by such elements.Type: GrantFiled: July 20, 2010Date of Patent: July 26, 2011Assignee: McAfee, Inc.Inventors: E. John Sebes, Bakul Shah, Rosen Sharma
-
Publication number: 20110138461Abstract: A method is described to maintain (including generate) an inventory of a system of a plurality of containers accessible by a computer system. At least one container is considered to determine whether the container is executable in at least one of a plurality of execution environments characterizing the computer system. Each execution environment is in the group comprising a native binary execution environment configured to execute native machine language instructions and a non-native execution environment configured to execute at least one program to process non-native machine language instructions to yield native machine language instructions. The inventory is maintained based on a result of the considering step. The inventory may be used to exercise control over what executables are allowed to execute on the computer system.Type: ApplicationFiled: February 7, 2011Publication date: June 9, 2011Inventors: Rishi Bhargava, E. John Sebes
-
Publication number: 20110119760Abstract: A method and system for the classification of software in networked systems, includes: determining a software received by a sensor is attempting to execute on a computer system of the sensor; classifying the software as authorized or unauthorized to execute, and gathering information on the software by the sensor if the software is classified as unauthorized to execute. The sensor sends the information on the software to one or more actuators, which determine whether or not to act on one or more targets based on the information. If so, then the actuator sends a directive to the target(s). The target(s) updates its responses according to the directive. The classification of the software is definitive and is not based on heuristics or rules or policies and without any need to rely on any a priori information about the software.Type: ApplicationFiled: November 11, 2010Publication date: May 19, 2011Inventors: E. John SEBES, Rishi BHARGAVA
-
Publication number: 20110093842Abstract: System and method for solidifying (or “freezing”) the set of software and configuration data available for execution on a computer. Any additional software installed on the computer after the solidification process will not execute, regardless of whether the installation is initiated or otherwise performed by a person with administrative privilege. The ability to allow new or modified software to execute on the computer rests with an integrity server separate from and outside of the solidified computer. The solidification of software and configuration data proceeds on a level of granularity selectable by the integrity server and any operators thereof.Type: ApplicationFiled: December 22, 2010Publication date: April 21, 2011Inventor: E. John Sebes
-
Publication number: 20110093950Abstract: Techniques which allow definition and enforcement of program-based action authorization policies. On a computer, an action or execution attempt is intercepted in real-time. The subject process, the program file of the subject process, the attempted action and the object of the attempted action are determined. An authorization policy considering the program file indicates whether the attempted action is authorized or not. In a tracking mode, the attempted action and its authorization are logged and the attempted action is allowed to proceed. In an enforcement mode, unauthorized attempts are blocked and logged, thereby enforcing the authorization policy.Type: ApplicationFiled: December 22, 2010Publication date: April 21, 2011Inventors: Rishi Bhargava, E. John Sebes
-
Publication number: 20110077948Abstract: Client software is modified by a translator to use unique variant of linguistic interface of a service. An interceptor pre-processes subsequent client service requests from translated unique linguistic interface to standard linguistic interface implemented by service. Usage of linguistic interfaces of service is contained, rendering service incapable of executing arbitrary input, even if such input is crafted specifically for the service interface.Type: ApplicationFiled: November 15, 2010Publication date: March 31, 2011Inventors: Rosen Sharma, Bakul Shah, E. John Sebes
-
Patent number: 7895573Abstract: A method is described to maintain (including generate) an inventory of a system of a plurality of containers accessible by a computer system. At least one container is considered to determine whether the container is executable in at least one of a plurality of execution environments characterizing the computer system. Each execution environment is in the group comprising a native binary execution environment configured to execute native machine language instructions and a non-native execution environment configured to execute at least one program to process non-native machine language instructions to yield native machine language instructions. The inventory is maintained based on a result of the considering step. The inventory may be used to exercise control over what executables are allowed to execute on the computer system.Type: GrantFiled: March 27, 2006Date of Patent: February 22, 2011Assignee: McAfee, Inc.Inventors: Rishi Bhargava, E. John Sebes
-
Patent number: 7873955Abstract: System and method for solidifying (or “freezing”) the set of software and configuration data available for execution on a computer. Any additional software installed on the computer after the solidification process will not execute, regardless of whether the installation is initiated or otherwise performed by a person with administrative privilege. The ability to allow new or modified software to execute on the computer rests with an integrity server separate from and outside of the solidified computer. The solidification of software and configuration data proceeds on a level of granularity selectable by the integrity server and any operators thereof.Type: GrantFiled: September 7, 2004Date of Patent: January 18, 2011Assignee: McAfee, Inc.Inventor: E. John Sebes
-
Patent number: 7870387Abstract: Techniques which allow definition and enforcement of program-based action authorization policies. On a computer, an action or execution attempt is intercepted in real-time. The subject process, the program file of the subject process, the attempted action and the object of the attempted action are determined. An authorization policy considering the program file indicates whether the attempted action is authorized or not. In a tracking mode, the attempted action and its authorization are logged and the attempted action is allowed to proceed. In an enforcement mode, unauthorized attempts are blocked and logged, thereby enforcing the authorization policy.Type: GrantFiled: April 7, 2006Date of Patent: January 11, 2011Assignee: McAfee, Inc.Inventors: Rishi Bhargava, E. John Sebes
-
Patent number: 7856661Abstract: A method and system for the classification of software in networked systems, includes: determining a software received by a sensor is attempting to execute on a computer system of the sensor; classifying the software as authorized or unauthorized to execute, and gathering information on the software by the sensor if the software is classified as unauthorized to execute. The sensor sends the information on the software to one or more actuators, which determine whether or not to act on one or more targets based on the information. If so, then the actuator sends a directive to the target(s). The target(s) updates its responses according to the directive. The classification of the software is definitive and is not based on heuristics or rules or policies and without any need to rely on any a priori information about the software.Type: GrantFiled: July 14, 2005Date of Patent: December 21, 2010Assignee: McAfee, Inc.Inventors: E. John Sebes, Rishi Bhargava
-
Patent number: 7840968Abstract: Client software is modified by a translator to use unique variant of linguistic interface of a service. An interceptor pre-processes subsequent client service requests from translated unique linguistic interface to standard linguistic interface implemented by service. Usage of linguistic interfaces of service is contained, rendering service incapable of executing arbitrary input, even if such input is crafted specifically for the service interface.Type: GrantFiled: December 17, 2003Date of Patent: November 23, 2010Assignee: McAfee, Inc.Inventors: Rosen Sharma, Bakul Shah, E. John Sebes
-
Publication number: 20100293225Abstract: Invention selectively enables usage of services and communication conduits in a computer network, wherein the enablement is contingent on usage conditions, resulting in containment of the spread of unauthorized activity within a networked computer system and limiting the scope of results when an element becomes part of a hostile execution environment. Instead of protecting individual networked elements from a potentially hostile execution environment, the elements' usage of the networked environment is restricted to the extent of selectively allowing usage of needed resources explicitly authorized for use by such elements.Type: ApplicationFiled: July 20, 2010Publication date: November 18, 2010Inventors: E. John Sebes, Bakul Shah, Rosen Sharma