Patents by Inventor Frank D. Byrum
Frank D. Byrum has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8448228Abstract: The present invention extends to methods, systems, and computer program products for separating authorization identity from policy enforcement identity. Embodiments of the invention extend the consumption phase for protected information. Two identities, an authorization identity and a policy enforcement identity, are used for acquiring, issuing and enforcing usage license instead of one identity certificate. The authorization identity is used to evaluate against usage policy. The authorization identity is similar to identification information in an identity certificate. The policy enforcement identity is used to ensure the confidentiality of granted permissions and content key. The policy enforcement identity enforces a usage license on an authorization principal's (e.g., recipient's) machine. The policy enforcement identity's enforcement of a usage license is similar use of a cryptographic key in an identity certificate.Type: GrantFiled: September 29, 2010Date of Patent: May 21, 2013Assignee: Microsoft CorporationInventors: Yuhui Zhong, Gregory Kostal, Tejas D. Patel, Scott C. Cottrille, Vladimir Yarmolenko, Pankaj Mohan Kamat, Sunitha Samuel, Frank D. Byrum, Mayank Mehta, Chandresh Kumar Jain, Edward Banti
-
Patent number: 8447976Abstract: Business to business secure mail may be provided. Consistent with embodiments of the invention, a protected message may be received. The recipient may request a token from a trust broker, submit the token to an authorization server associated with the sender, receive a user license from the authorization server; and decrypt the protected message using the user license. The protected message may restrict actions that may be taken by the recipient, such as forwarding to other users.Type: GrantFiled: June 1, 2009Date of Patent: May 21, 2013Assignee: Microsoft CorporationInventors: Chandresh K. Jain, Mayank Mehta, Frank D. Byrum, Edward Banti, Ayse Yesim Koman, James R. Knibb, Michael A. Nelte, Christopher Barnes, Hao Zhang, Victor Boctor, Tejas D. Patel, Yuhui Zhong, Gregory Kostal, Vladimir Yarmolenko, Pankaj M. Kamat, Amit K. Fulay, Krassimir E. Karamfilov
-
Publication number: 20120079268Abstract: The present invention extends to methods, systems, and computer program products for separating authorization identity from policy enforcement identity. Embodiments of the invention extend the consumption phase for protected information. Two identities, an authorization identity and a policy enforcement identity, are used for acquiring, issuing and enforcing usage license instead of one identity certificate. The authorization identity is used to evaluate against usage policy. The authorization identity is similar to identification information in an identity certificate. The policy enforcement identity is used to ensure the confidentiality of granted permissions and content key. The policy enforcement identity enforces a usage license on an authorization principal's (e.g., recipient's) machine. The policy enforcement identity's enforcement of a usage license is similar use of a cryptographic key in an identity certificate.Type: ApplicationFiled: September 29, 2010Publication date: March 29, 2012Applicant: Microsoft CorporationInventors: Yuhui Zhong, Gregory Kostal, Tejas D. Patel, Scott C. Cottrille, Vladimir Yarmolenko, Pankaj Mohan Kamat, Sunitha Samuel, Frank D. Byrum, Mayank Mehta, Chandresh Kumar Jain, Edward Banti
-
Patent number: 8073122Abstract: Email messages are recalled in accordance with restrictions attached to the message. Use of the message is limited per the restrictions. Example restrictions include printing restrictions, forwarding restrictions, exporting restrictions, copying restrictions, reading restrictions, and a expiration time of the message.Type: GrantFiled: June 20, 2007Date of Patent: December 6, 2011Assignee: Microsoft CorporationInventors: Jeffrey B. Kay, Frank D. Byrum, Steven Michael Clagg, Sara L. Manning
-
Patent number: 7891007Abstract: A method for managing rights in digital content includes generating rights data for a piece of digital content and forming a piece of rights managed digital content by associating the rights data with the piece of digital content. The rights data includes parameters that govern the terms on which the content may be licensed, and may include a list of entities to which the content may be licensed, a respective set of one or more rights that each such entity has in the digital content, and any conditions that may be placed on those rights. A method for licensing rights managed digital content includes receiving a license request for a license to use the piece of rights managed digital content, where the license request includes such a signed rights label. The digital signature on the signed rights label is validated to determine whether a trusted entity issued the signed rights label.Type: GrantFiled: June 28, 2002Date of Patent: February 15, 2011Assignee: Microsoft CorporationInventors: Peter David Waxman, Attila Narin, Scott Cottrille, Vinay Krishnaswamy, Marco A. DeMello, Chandramouli Venkatesh, Frank D. Byrum, Steve Bourne
-
Publication number: 20100313276Abstract: A web-based client for creating and accessing protected content may be provided. Consistent with embodiments of the invention, a webmail client may be provided allowing a user to apply a restriction template to a document. The webmail client may be further operative to decrypt and display the document and enforce the restriction against a recipient.Type: ApplicationFiled: June 5, 2009Publication date: December 9, 2010Applicant: Microsoft CorporationInventors: Edward T. Banti, Steven O. Hubbell, Mayerber L. Carvalho Neto, Chandresh K. Jain, Mayank Mehta, Durlabh Malik, Christopher Barnes, Michael A. Nelte, Frank D. Byrum, Tejas D. Patel, Yuhui Zhong, Amit K. Fulay, Gregory Kostal, Pankaj M. Kamat, Vladimir Yarmolenko
-
Publication number: 20100313016Abstract: Transport pipeline decryption may be provided. Consistent with embodiments of the invention, a protected message may be received and decrypted. The decrypted message may be provided to pipeline agents, such as anti-virus, anti-spam, journaling, and/or policy enforcement agents. The message may then be re-encrypted and delivered.Type: ApplicationFiled: June 4, 2009Publication date: December 9, 2010Applicant: Microsoft CorporationInventors: Hao Zhang, Danny Tin-Van Chow, Ayse Yesim Koman, Frank D. Byrum, Mayank Mehta, Chandresh K. Jain, Victor Boctor, Charlie R. Chung, Tejas D. Patel, Yuhui Zhong, Amit K. Fulay, Gregory Kostal, Pankaj M. Kamat, Vladimir Yarmolenko, Krassimir E. Karamfilov
-
Publication number: 20100306535Abstract: Business to business secure mail may be provided. Consistent with embodiments of the invention, a protected message may be received. The recipient may request a token from a trust broker, submit the token to an authorization server associated with the sender, receive a user license from the authorization server; and decrypt the protected message using the user license. The protected message may restrict actions that may be taken by the recipient, such as forwarding to other users.Type: ApplicationFiled: June 1, 2009Publication date: December 2, 2010Applicant: Microsoft CorporationInventors: Chandresh K. Jain, Mayank Mehta, Frank D. Byrum, Edward Banti, Ayse Yesim Koman, James R. Knibb, Michael A. Nelte, Christopher Barnes, Hao Zhang, Victor Boctor, Tejas D. Patel, Yuhui Zhong, Gregory Kostal, Vladimir Yarmolenko, Pankaj M. Kamat, Amit K. Fulay, Krassimir E. Karamfilov
-
Patent number: 7823208Abstract: A server architecture for a digital rights management system that distributes and protects rights in content. The server architecture includes a retail site which sells content items to consumers, a fulfillment site which provides to consumers the content items sold by the retail site, and an activation site which enables consumer reading devices to use content items having an enhanced level of copy protection. Each retail site is equipped with a URL encryption object, which encrypts, according to a secret symmetric key shared between the retail site and the fulfillment site, information that is needed by the fulfillment site to process an order for content sold by the retail site. Upon selling a content item, the retail site transmits to the purchaser a web page having a link to a URL comprising the address of the fulfillment site and a parameter having the encrypted information.Type: GrantFiled: June 18, 2004Date of Patent: October 26, 2010Assignee: Microsoft CorporationInventors: Marco A. DeMello, Leroy B. Keely, Frank D. Byrum, Yoram Yaacovi, Kathryn E. Hughes
-
Patent number: 7577999Abstract: A licensor receives a request from a requestor including an identifier identifying the requestor and rights data associated with digital content, where the rights data lists at least one identifier and rights associated therewith. The licensor thereafter locates the identifier of the requestor in a directory, and locates in the directory based thereon an identifier of each group which the requestor is a member of. Each of the located requestor identifier and each located group identifier is compared to each identifier listed in the rights data to find a match, and a digital license to render the content is issued to the requestor with the rights associated with the matching identifier.Type: GrantFiled: February 11, 2003Date of Patent: August 18, 2009Assignee: Microsoft CorporationInventors: Attila Narin, Chandramouli Venkatesh, Frank D. Byrum, Marco A. DeMello, Peter David Waxman, Prashant Malik, Rushmi U. Malaviarachchi, Steve Bourne, Vinay Krishnaswamy, Yevgeniy (Eugene) Rozenfeld
-
Publication number: 20080317228Abstract: Email messages are recalled in accordance with restrictions attached to the message. Use of the message is limited per the restrictions. Example restrictions include printing restrictions, forwarding restrictions, exporting restrictions, copying restrictions, reading restrictions, and a expiration time of the message.Type: ApplicationFiled: June 20, 2007Publication date: December 25, 2008Applicant: Microsoft CorporationInventors: Jeffrey B. Kay, Frank D. Byrum, Steven Michael Clagg, Sara L. Manning
-
Patent number: 7430542Abstract: A digital rights management system for the distribution, protection and use of electronic content. The system includes a client architecture which receives content, where the content is preferably protected by encryption and may include a license and individualization features. Content is protected at several levels, including: no protection; source-sealed; individually-sealed (or “inscribed”); source-signed; and fully-individualized (or “owner exclusive”). The client also includes and/or receives components which permit the access and protection of the encrypted content, as well as components that allow content to be provided to the client in a form that is individualized for the client. In some cases, access to the content will be governed by a rights construct defined in the license bound to the content.Type: GrantFiled: November 10, 2004Date of Patent: September 30, 2008Assignee: Microsoft CorporationInventors: Marco A. DeMello, Attila Narin, Venkateshaiah Setty, Pavel Zeman, Vinay Krishnaswamy, John L. Manferdelli, Frank D. Byrum, Leroy Bertrand Keely, Yoram Yaacovi, Jeffrey A. Alger
-
Patent number: 7171692Abstract: A server architecture for a digital rights management system that distributes and protects rights in content. The server architecture includes a retail site which sells content items to consumers, a fulfillment site which provides to consumers the content items sold by the retail site. The fulfillment site includes an asynchronous fulfillment pipeline which logs information about processed transactions using a store-and-forward messaging service. The fulfillment site may be implemented as several server devices, each having a cache which stores frequently downloaded content items, in which case the asynchronous fulfillment pipeline may also be used to invalidate the cache if a change is made at one server that affects the cached content items.Type: GrantFiled: June 27, 2000Date of Patent: January 30, 2007Assignee: Microsoft CorporationInventors: Marco A. DeMello, Pavel Zeman, Vinay Krishnaswamy, Prashant Malik, Kathryn E. Hughes, Frank D. Byrum
-
Patent number: 7158953Abstract: A server architecture for a digital rights management system that distributes and protects rights in content. The server architecture includes a retail site which sells content items to consumers, a fulfillment site which provides to consumers the content items sold by the retail site, and an activation site which enables consumer reading devices to use content items having an enhanced level of copy protection. An activation site provides an activation certificate and a secure repository executable to consumer content-rendering devices which enables those content rendering devices to render content having an enhanced level of copy-resistance. The activation site “activates” client-reading devices in a way that binds them to a persona, and limits the number of devices that may be activated for a particular persona, or the rate at which such devices may be activated for a particular persona.Type: GrantFiled: June 27, 2000Date of Patent: January 2, 2007Assignee: Microsoft CorporationInventors: Marco A. DeMello, Yoram Yaacovi, Pavel Zeman, Kathryn E. Hughes, Frank D. Byrum
-
Patent number: 7047411Abstract: A server architecture for a digital rights management system that distributes and protects rights in content. The server architecture includes a retail site which sells content items to consumers, a fulfillment site which provides to consumers the content items sold by the retail site, and an activation site which enables consumer reading devices to use content items having an enhanced level of copy protection. Each retail site is equipped with a URL encryption object, which encrypts, according to a secret symmetric key shared between the retail site and the fulfillment site, information that is needed by the fulfillment site to process an order for content sold by the retail site. Upon selling a content items, the retail site transmits to the purchase a web page having a link to a URL comprising the address of the fulfillment site and a parameter having the encrypted information.Type: GrantFiled: June 27, 2000Date of Patent: May 16, 2006Assignee: Microsoft CorporationInventors: Marco A. DeMello, Pavel Zeman, Vinay Krishnaswamy, Frank D. Byrum
-
Patent number: 7017189Abstract: A digital rights management system for the distribution, protection and use of electronic content. The system includes a client architecture which receives content, where the content is preferably protected by encryption and may include a license and individualization features. Content is protected at several levels, including: no protection; source-sealed; individually-sealed (or “inscribed”); source-signed; and filly-individualized (or “owner exclusive”). The client also includes and/or receives components which permit the access and protection of the encrypted content, as well as components that allow content to be provided to the client in a form that is individualized for the client. In some cases, access to the content will be governed by a rights construct defined in the license bound to the content.Type: GrantFiled: June 27, 2000Date of Patent: March 21, 2006Assignee: Microsoft CorporationInventors: Marco A. DeMello, Attila Narin, Venkateshaiah Setty, Pavel Zeman, Vinay Krishnaswamy, John L. Manferdelli, Frank D. Byrum, Leroy B. Keely, Yoram Yaacovi, Jeffrey H. Alger
-
Patent number: 6970849Abstract: A server architecture for a digital rights management system that distributes and protects rights in content. The server architecture includes a retail site which sells content items to consumers, a fulfillment site which provides to consumers the content items sold by the retail site, and an activation site which enables consumer reading devices to use content items having an enhanced level of copy protection. Each retail site is equipped with a URL encryption object, which encrypts, according to a secret symmetric key shared between the retail site and the fulfillment site, information that is needed by the fulfillment site to process an order for content sold by the retail site. Upon selling a content item, the retail site transmits to the purchaser a web page having a link to a URL comprising the address of the fulfillment site and a parameter having the encrypted information.Type: GrantFiled: June 27, 2000Date of Patent: November 29, 2005Assignee: Microsoft CorporationInventors: Marco A. DeMello, Pavel Zeman, Vinay Krishnaswamy, Frank D. Byrum
-
Patent number: 6891953Abstract: A server architecture for a digital rights management system that distributes and protects rights in content. The server architecture includes a retail site which sells content items to consumers, a fulfillment site which provides to consumers the content items sold by the retail site, and an activation site which enables consumer reading devices to use content items having an enhanced level of copy protection. Each retail site is equipped with a URL encryption object, which encrypts, according to a secret symmetric key shared between the retail site and the fulfillment site, information that is needed by the fulfillment site to process an order for content sold by the retail site. Upon selling a content item, the retail site transmits to the purchaser a web page having a link to a URL comprising the address of the fulfillment site and a parameter having the encrypted information.Type: GrantFiled: June 27, 2000Date of Patent: May 10, 2005Assignee: Microsoft CorporationInventors: Marco A. DeMello, Leroy B. Keely, Frank D. Byrum, Yoram Yaacovi, Kathryn E. Hughes
-
Publication number: 20040255115Abstract: A server architecture for a digital rights management system that distributes and protects rights in content. The server architecture includes a retail site which sells content items to consumers, a fulfillment site which provides to consumers the content items sold by the retail site, and an activation site which enables consumer reading devices to use content items having an enhanced level of copy protection. Each retail site is equipped with a URL encryption object, which encrypts, according to a secret symmetric key shared between the retail site and the fulfillment site, information that is needed by the fulfillment site to process an order for content sold by the retail site. Upon selling a content item, the retail site transmits to the purchaser a web page having a link to a URL comprising the address of the fulfillment site and a parameter having the encrypted information.Type: ApplicationFiled: June 18, 2004Publication date: December 16, 2004Applicant: Microsoft CorporationInventors: Marco A. DeMello, Leroy B. Keely, Frank D. Byrum, Yoram Yaacovi, Kathryn E. Hughes
-
Publication number: 20040158709Abstract: A licensor receives a request from a requestor including an identifier identifying the requestor and rights data associated with digital content, where the rights data lists at least one identifier and rights associated therewith. The licensor thereafter locates the identifier of the requestor in a directory, and locates in the directory based thereon an identifier of each group which the requestor is a member of. Each of the located requestor identifier and each located group identifier is compared to each identifier listed in the rights data to find a match, and a digital license to render the content is issued to the requestor with the rights associated with the matching identifier.Type: ApplicationFiled: February 11, 2003Publication date: August 12, 2004Applicant: Microsoft CorporationInventors: Attila Narin, Chandramouli Venkatesh, Frank D. Byrum, Marco A. DeMello, Peter David Waxman, Prashant Malik, Rushmi U. Malaviarachchi, Steve Bourne, Vinay Krishnaswamy, Yevgeniy (Eugene) Rozenfeld