Patents by Inventor Felix Schuster

Felix Schuster has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20200226248
    Abstract: In various examples there is a computing device in communication with at least one other computing device via a communications network. The computing device has a memory and a central processing unit having a trusted execution environment comprising trusted regions of the memory. The computing device has an operating system configured to create a memory mapping between a virtual address space of the memory and a memory of the at least one other computing device and to provide details of the memory mapping to the trusted execution environment. The trusted execution environment is configured to execute an application which is able to communicate with the other computing device directly using the memory mapping provided by the operating system.
    Type: Application
    Filed: January 11, 2019
    Publication date: July 16, 2020
    Inventors: Alexander SHAMIS, Sylvan Wesley CLEBSCH, Felix SCHUSTER
  • Patent number: 10565129
    Abstract: In various examples a compute node is described. The compute node has a central processing unit which implements a hardware transactional memory using at least one cache of the central processing unit. The compute node has a memory in communication with the central processing unit, the memory storing information comprising at least one of: code and data. The compute node has a processor which loads at least part of the information, from the memory into the cache. The processor executes transactions using the hardware transactional memory and at least the loaded information, such that the processor ensures that the loaded information remains in the cache until completion of the execution.
    Type: Grant
    Filed: June 29, 2017
    Date of Patent: February 18, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Felix Schuster, Olga Ohrimenko, Istvan Haller, Manuel Silverio da Silva Costa, Daniel Gruss, Julian Lettner
  • Publication number: 20180341600
    Abstract: In various examples a compute node is described. The compute node has a central processing unit which implements a hardware transactional memory using at least one cache of the central processing unit. The compute node has a memory in communication with the central processing unit, the memory storing information comprising at least one of: code and data. The compute node has a processor which loads at least part of the information, from the memory into the cache. The processor executes transactions using the hardware transactional memory and at least the loaded information, such that the processor ensures that the loaded information remains in the cache until completion of the execution.
    Type: Application
    Filed: June 29, 2017
    Publication date: November 29, 2018
    Inventors: Felix Schuster, Olga Ohrimenko, Istvan Haller, Manuel Silverio da Silva Costa, Daniel Gruss, Julian Lettner
  • Publication number: 20170372226
    Abstract: A multi-party privacy-preserving machine learning system is described which has a trusted execution environment comprising at least one protected memory region. An code loader at the system loads machine learning code, received from at least one of the parties, into the protected memory region. A data uploader uploads confidential data, received from at least one of the parties, to the protected memory region. The trusted execution environment executes the machine learning code using at least one data-oblivious procedure to process the confidential data and returns the result to at least one of the parties, where a data-oblivious procedure is a process where any patterns of memory accesses, patterns of disk accesses and patterns of network accesses are such that the confidential data cannot be predicted from the patterns.
    Type: Application
    Filed: August 23, 2016
    Publication date: December 28, 2017
    Inventors: Manuel Silverio da Silva Costa, C├ędric Alain Marie Christophe Fournet, Aastha Mehta, Sebastian Nowozin, Olga Ohrimenko, Felix Schuster, Kapil Vaswani
  • Patent number: 9792427
    Abstract: Methods for enforcing confidentiality and integrity of code and data while running the code over the data in a distributed computing system are described. In an embodiment each machine which processes data within the system provides a secure sub-system which is protected from other parts of the machine and which receives encrypted data and encrypted code, processes the data using the received code and outputs encrypted data. When establishing the secure sub-systems, keys are exchanged between the client and secure sub-systems and the secure sub-systems provide an attestation confirming the identity of the code running in the secure sub-systems and confirming that the code is running on genuine secure sub-systems. In another embodiment a data-flow computation system is described in which chunks of input data, each comprising an identifier, are authenticated/encrypted. The identifiers are used within the system to confirm that each chunk is processed exactly once.
    Type: Grant
    Filed: February 7, 2014
    Date of Patent: October 17, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Manuel Costa, Felix Schuster, Cedric Fournet, Christos Gkantsidis, Marcus Peinado, Antony Ian Taylor Rowstron
  • Publication number: 20150229619
    Abstract: Methods for enforcing confidentiality and integrity of code and data while running the code over the data in a distributed computing system are described. In an embodiment each machine which processes data within the system provides a secure sub-system which is protected from other parts of the machine and which receives encrypted data and encrypted code, processes the data using the received code and outputs encrypted data. When establishing the secure sub-systems, keys are exchanged between the client and secure sub-systems and the secure sub-systems provide an attestation confirming the identity of the code running in the secure sub-systems and confirming that the code is running on genuine secure sub-systems. In another embodiment a data-flow computation system is described in which chunks of input data, each comprising an identifier, are authenticated/encrypted. The identifiers are used within the system to confirm that each chunk is processed exactly once.
    Type: Application
    Filed: February 7, 2014
    Publication date: August 13, 2015
    Inventors: Manuel Costa, Felix Schuster, Cedric Fournet, Christos Gkantsidis, Marcus Peinado, Antony Ian Taylor Rowstron