Patents by Inventor Frederick Justus Smith

Frederick Justus Smith has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20260120229
    Abstract: A method executed by a computer system with a processor system involves analyzing read profiling data associated with a first filesystem image to determine the sequence in which a guest context accessed multiple files during its startup. Subsequently, a second filesystem image is created based on this profiling data, comprising various data block sets, each set representing files accessed by the guest context. The data block sets are arranged in the second filesystem image according to the order in which the guest context accessed the corresponding files, ensuring a sequential writing process. This innovative approach optimizes filesystem organization and retrieval efficiency based on actual usage patterns during system initialization.
    Type: Application
    Filed: October 31, 2024
    Publication date: April 30, 2026
    Inventors: Frederick Justus SMITH, Shaheed Gulamabbas Chagani, Paul McAlpin Bozzay, Xuhao HE, Aparajita Dutta
  • Patent number: 12225050
    Abstract: Distribution and management of services in virtual environments is described herein. In one or more implementations, a service distribution and management model is implemented in which system services and applications are seamlessly distributed across multiple containers which each implement a different runtime environment. In one or more implementations, a system for distributing access to services in a host operating system of a computing device includes a host operating system configured to implement a host runtime environment, and one or more services implemented by the host operating system. The system further includes a service control manager configured to enable communication between a client stub of a service implemented in a client runtime environment and a service provider of the service that is implemented in a service runtime environment that is separate from the first client runtime environment.
    Type: Grant
    Filed: March 28, 2022
    Date of Patent: February 11, 2025
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Hari R. Pulapaka, Margarit Simeonov Chenchev, Benjamin M. Schultz, Jonathan David Wiswall, Frederick Justus Smith, John A. Starks, Richard O. Wolcott, Michael Bishop Ebersol
  • Patent number: 11762964
    Abstract: Memory is partitioned and isolated in container-based memory enclaves. The container-based memory enclaves have attestable security guarantees. During provisioning of the container-based memory enclaves from a container image, a purported link in the container to a memory address of the enclave is modified to verifiably link to an actual memory address of the host, such as partitioned memory enclave. In some instances, enclave attestation reports can be validated without transmitting corresponding attestation requests to remote attestation services, based on previous attestation of one or more previous container attestation reports from a similar container and without requiring end-to-end attestation between the container and remote attestation service for each new attestation request.
    Type: Grant
    Filed: January 20, 2022
    Date of Patent: September 19, 2023
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Maxwell Christopher Renke, Taylor James Stark, Benjamin M. Schultz, Giridhar Viswanathan, Frederick Justus Smith, Deepu Chandy Thomas, Hari R. Pulapaka, Amber Tianqi Guo
  • Publication number: 20230244516
    Abstract: Computing systems, devices, and methods of dynamic image composition for container deployment are disclosed herein. One example technique includes receiving a request for accessing a file from a container process. In response to receiving the request, the technique includes querying a mapping table corresponding to the container process to locate an entry corresponding to a file identifier of the requested file. The entry also includes data identifying a file location on the storage device from which the requested file is accessible. The technique further includes retrieving a copy of the requested file according to the file location identified by the data in the located entry in the mapping table and providing the retrieved copy of the requested file to the container process, thereby allowing the container process to access the requested file.
    Type: Application
    Filed: January 13, 2023
    Publication date: August 3, 2023
    Applicant: Microsoft Technology Licensing, LLC
    Inventors: Jonathan De Marco, Benjamin M. Schultz, Frederick Justus Smith, Hari R. Pulapaka, Mehmet Iyigun, Amber Tianqi Guo
  • Publication number: 20220224726
    Abstract: Distribution and management of services in virtual environments is described herein. In one or more implementations, a service distribution and management model is implemented in which system services and applications are seamlessly distributed across multiple containers which each implement a different runtime environment. In one or more implementations, a system for distributing access to services in a host operating system of a computing device includes a host operating system configured to implement a host runtime environment, and one or more services implemented by the host operating system. The system further includes a service control manager configured to enable communication between a client stub of a service implemented in a client runtime environment and a service provider of the service that is implemented in a service runtime environment that is separate from the first client runtime environment.
    Type: Application
    Filed: March 28, 2022
    Publication date: July 14, 2022
    Inventors: Hari R. Pulapaka, Margarit Simeonov Chenchev, Benjamin M. Schultz, Jonathan David Wiswall, Frederick Justus Smith, John A. Starks, Richard O. Wolcott, Michael Bishop Ebersol
  • Patent number: 11363067
    Abstract: Distribution and management of services in virtual environments is described herein. In one or more implementations, a service distribution and management model is implemented in which system services and applications are seamlessly distributed across multiple containers which each implement a different runtime environment. In one or more implementations, a system for distributing access to services in a host operating system of a computing device includes a host operating system configured to implement a host runtime environment, and one or more services implemented by the host operating system. The system further includes a service control manager configured to enable communication between a client stub of a service implemented in a client runtime environment and a service provider of the service that is implemented in a service runtime environment that is separate from the first client runtime environment.
    Type: Grant
    Filed: June 12, 2019
    Date of Patent: June 14, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Hari R. Pulapaka, Margarit Simeonov Chenchev, Benjamin M. Schultz, Jonathan David Wiswall, Frederick Justus Smith, John A. Starks, Richard O. Wolcott, Michael Bishop Ebersol
  • Publication number: 20220147465
    Abstract: Memory is partitioned and isolated in container-based memory enclaves. The container-based memory enclaves have attestable security guarantees. During provisioning of the container-based memory enclaves from a container image, a purported link in the container to a memory address of the enclave is modified to verifiably link to an actual memory address of the host, such as partitioned memory enclave. In some instances, enclave attestation reports can be validated without transmitting corresponding attestation requests to remote attestation services, based on previous attestation of one or more previous container attestation reports from a similar container and without requiring end-to-end attestation between the container and remote attestation service for each new attestation request.
    Type: Application
    Filed: January 20, 2022
    Publication date: May 12, 2022
    Inventors: Maxwell Christopher Renke, Taylor James Stark, Benjamin M. Schultz, Giridhar Viswanathan, Frederick Justus Smith, Deepu Chandy Thomas, Hari R. Pulapaka, Amber Tianqi Guo
  • Patent number: 11290488
    Abstract: Distribution and management of services in virtual environments is described herein. In one or more implementations, a service distribution and management model is implemented in which system services and applications are seamlessly distributed across multiple containers which each implement a different runtime environment. In one or more implementations, a system for distributing access to services in a host operating system of a computing device includes a host operating system configured to implement a host runtime environment, and one or more services implemented by the host operating system. The system further includes a service control manager configured to enable communication between a client stub of a service implemented in a client runtime environment and a service provider of the service that is implemented in a service runtime environment that is separate from the first client runtime environment.
    Type: Grant
    Filed: February 15, 2019
    Date of Patent: March 29, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Hari R. Pulapaka, Margarit Simeonov Chenchev, Benjamin M. Schultz, Jonathan David Wiswall, Frederick Justus Smith, John A. Starks, Richard O. Wolcott, Michael Bishop Ebersol
  • Patent number: 11256785
    Abstract: Memory is partitioned and isolated in container-based memory enclaves. The container-based memory enclaves have attestable security guarantees. During provisioning of the container-based memory enclaves from a container image, a purported link in the container to a memory address of the enclave is modified to verifiably link to an actual memory address of the host, such as partitioned memory enclave. In some instances, enclave attestation reports can be validated without transmitting corresponding attestation requests to remote attestation services, based on previous attestation of one or more previous container attestation reports from a similar container and without requiring end-to-end attestation between the container and remote attestation service for each new attestation request.
    Type: Grant
    Filed: September 9, 2019
    Date of Patent: February 22, 2022
    Assignee: MICROSOFT TECHNOLOGLY LICENSING, LLC
    Inventors: Maxwell Christopher Renke, Taylor James Stark, Benjamin M. Schultz, Giridhar Viswanathan, Frederick Justus Smith, Deepu Chandy Thomas, Hari R. Pulapaka, Amber Tianqi Guo
  • Patent number: 11100243
    Abstract: Technologies are described for selective persistence of data utilized by software containers. A configuration policy is defined that includes data that specifies one or more data stores for which data is not to be persisted following accesses to a software container and one or more data stores for which data is to be persisted following accesses to the software container. When the software container is first accessed, the data stores identified in the configuration policy are attached to the software container. Upon a subsequent access to the container, such as at the conclusion of a user session or upon destruction of the container, the data in the attached data stores is persisted or deleted based upon the configuration policy. When the software container is once again accessed, the data store containing the persisted data can be re-attached to the software container.
    Type: Grant
    Filed: January 15, 2018
    Date of Patent: August 24, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Margarit Simeonov Chenchev, Benjamin M. Schultz, Giridhar Viswanathan, Balaji Balasubramanyan, Yanan Zhang, Frederick Justus Smith, Hari R. Pulapaka, David Weston
  • Patent number: 11074323
    Abstract: Securely performing file operations. A method includes determining a licensing characteristic assigned to a file. When the licensing characteristic assigned to the file meets or exceeds a predetermined licensing condition, then the method includes performing a file operation on the file in a host operating system while preventing the file operation from being performed in the guest operating system. When the licensing characteristic assigned to the file does not meet or exceed the predetermined licensing condition, then the method includes performing the file operation on the file in the guest operating system while preventing the file operation from being performed directly in the host operating system.
    Type: Grant
    Filed: June 21, 2018
    Date of Patent: July 27, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Benjamin M. Schultz, Balaji Balasubramanyan, Giridhar Viswanathan, Ankit Srivastava, Margarit Simeonov Chenchev, Hari R. Pulapaka, Nived Kalappuraikal Sivadas, Raphael Gianotti Serrano dos Santo, Narasimhan Ramasubramanian, Frederick Justus Smith, Matthew David Kurjanowicz, Prakhar Srivastava, Jonathan Schwartz
  • Publication number: 20210011984
    Abstract: Memory is partitioned and isolated in container-based memory enclaves. The container-based memory enclaves have attestable security guarantees. During provisioning of the container-based memory enclaves from a container image, a purported link in the container to a memory address of the enclave is modified to verifiably link to an actual memory address of the host, such as partitioned memory enclave. In some instances, enclave attestation reports can be validated without transmitting corresponding attestation requests to remote attestation services, based on previous attestation of one or more previous container attestation reports from a similar container and without requiring end-to-end attestation between the container and remote attestation service for each new attestation request.
    Type: Application
    Filed: September 9, 2019
    Publication date: January 14, 2021
    Inventors: Maxwell Christopher Renke, Taylor James Stark, Benjamin M. Schultz, Giridhar Viswanathan, Frederick Justus Smith, Deepu Chandy Thomas, Hari R. Pulapaka, Amber Tianqi Guo
  • Patent number: 10885189
    Abstract: A host operating system running on a computing device monitors resource access by an application running in a container that is isolated from the host operating system. In response to detecting resource access by the application, a security event is generated describing malicious activity that occurs from the accessing the resource. This security event is analyzed to determine a threat level of the malicious activity. If the threat level does not satisfy a threat level threshold, the host operating system allows the application to continue accessing resources and continues to monitor resource access. When the threat level satisfies the threat level threshold, the operating system takes corrective action to prevent the malicious activity from spreading beyond the isolated container. Through the use of security events, the host operating system is protected from even kernel-level attacks without using resources required to run anti-virus software in the isolated container.
    Type: Grant
    Filed: May 22, 2017
    Date of Patent: January 5, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Charles G. Jeffries, Benjamin M. Schultz, Giridhar Viswanathan, Frederick Justus Smith, David Guy Weston, Ankit Srivastava, Ling Tony Chen, Hari R. Pulapaka
  • Patent number: 10885193
    Abstract: Securely performing file operations. A method includes determining a trust characteristic assigned to a file. When the trust characteristic assigned to the file meets or exceeds a predetermined trust condition, then the method includes performing a file operation on the file in a host operating system while preventing the file operation from being performed in the container operating system. When the trust characteristic assigned to the file does not meet or exceed the predetermined trust condition, then the method includes performing the file operation on the file in the container operating system while preventing the file operation from being performed directly in the host operating system.
    Type: Grant
    Filed: February 12, 2018
    Date of Patent: January 5, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Bryan R. Born, Giridhar Viswanathan, Peteris Ledins, Balaji Balasubramanyan, Margarit Simeonov Chenchev, Benjamin M. Schultz, Hari R. Pulapaka, Frederick Justus Smith, Narasimhan Ramasubramanian, Raphael Gianotti Serrano Dos Santo, Nived Kalappuraikal Sivadas, Ravinder Thind, Matthew David Kurjanowicz
  • Publication number: 20190297116
    Abstract: Distribution and management of services in virtual environments is described herein. In one or more implementations, a service distribution and management model is implemented in which system services and applications are seamlessly distributed across multiple containers which each implement a different runtime environment. In one or more implementations, a system for distributing access to services in a host operating system of a computing device includes a host operating system configured to implement a host runtime environment, and one or more services implemented by the host operating system. The system further includes a service control manager configured to enable communication between a client stub of a service implemented in a client runtime environment and a service provider of the service that is implemented in a service runtime environment that is separate from the first client runtime environment.
    Type: Application
    Filed: June 12, 2019
    Publication date: September 26, 2019
    Applicant: Microsoft Technology Licensing, LLC
    Inventors: Hari R. Pulapaka, Margarit Simeonov Chenchev, Benjamin M. Schultz, Jonathan David Wiswall, Frederick Justus Smith, John A. Starks, Richard O. Wolcott, Michael Bishop Ebersol
  • Patent number: 10380081
    Abstract: A container for one or more scheduled meeting is pre-built for the meeting prior to the meeting occurring. The container can be built in a variety of manners, including using both static and dynamic techniques. Dynamic techniques for building a container allows a pre-build system to include more pertinent data in the container whereas static techniques reduce computing workload and allow for pre-building containers for unscheduled meetings. A combination of static and dynamic building techniques can be applied using a layer repository. Alternately, a static base layer can be used and customized for scheduled meetings.
    Type: Grant
    Filed: March 31, 2017
    Date of Patent: August 13, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Kyle Thomas Brady, John C. Gordon, Benjamin M. Schultz, Ali Hajy, Morakinyo Korede Olugbade, Hari R. Pulapaka, Paul McAlpin Bozzay, Frederick Justus Smith, Mehmet Iyigun
  • Patent number: 10375111
    Abstract: Anonymous containers are discussed herein. An operating system running on a computing device, also referred to herein as a host operating system running on a host device, prevents an application from accessing personal information (e.g., user information or corporate information) by activating an anonymous container that is isolated from the host operating system. In order to create and activate the anonymous container, a container manager anonymizes the configuration and settings data of the host operating system, and injects the anonymous configuration and settings data into the anonymous container. Such anonymous configuration and settings data may include, by way of example and not limitation, application data, machine configuration data, and user settings data. The host operating system then allows the application to run in the anonymous container.
    Type: Grant
    Filed: February 10, 2017
    Date of Patent: August 6, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Benjamin M. Schultz, Frederick Justus Smith, Daniel Vasquez Lopez, Abhinav Mishra, Ian James McCarty, John A. Starks, Joshua David Ebersol, Ankit Srivastava, Hari R. Pulapaka, Mehmet Iyigun, Stephen E. Bensley, Giridhar Viswanathan
  • Patent number: 10333985
    Abstract: Distribution and management of services in virtual environments is described herein. In one or more implementations, a service distribution and management model is implemented in which system services and applications are seamlessly distributed across multiple containers which each implement a different runtime environment. In one or more implementations, a system for distributing access to services in a host operating system of a computing device includes a host operating system configured to implement a host runtime environment, and one or more services implemented by the host operating system. The system further includes a service control manager configured to enable communication between a client stub of a service implemented in a client runtime environment and a service provider of the service that is implemented in a service runtime environment that is separate from the first client runtime environment.
    Type: Grant
    Filed: March 16, 2017
    Date of Patent: June 25, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Hari R. Pulapaka, Margarit Simeonov Chenchev, Benjamin M. Schultz, Jonathan David Wiswall, Frederick Justus Smith, John A. Starks, Richard O. Wolcott, Michael Bishop Ebersol
  • Publication number: 20190180003
    Abstract: Securely performing file operations. A method includes determining a licensing characteristic assigned to a file. When the licensing characteristic assigned to the file meets or exceeds a predetermined licensing condition, then the method includes performing a file operation on the file in a host operating system while preventing the file operation from being performed in the guest operating system. When the licensing characteristic assigned to the file does not meet or exceed the predetermined licensing condition, then the method includes performing the file operation on the file in the guest operating system while preventing the file operation from being performed directly in the host operating system.
    Type: Application
    Filed: June 21, 2018
    Publication date: June 13, 2019
    Inventors: Benjamin M. Schultz, Balaji Balasubramanyan, Giridhar Viswanathan, Ankit Srivastava, Margarit Simeonov Chenchev, Hari R. Pulapaka, Nived Kalappuraikal Sivadas, Raphael Gianotti Serrano dos Santo, Narasimhan Ramasubramanian, Frederick Justus Smith, Matthew David Kurjanowicz, Prakhar Srivastava, Jonathan Schwartz
  • Publication number: 20190180033
    Abstract: Securely performing file operations. A method includes determining a trust characteristic assigned to a file. When the trust characteristic assigned to the file meets or exceeds a predetermined trust condition, then the method includes performing a file operation on the file in a host operating system while preventing the file operation from being performed in the container operating system. When the trust characteristic assigned to the file does not meet or exceed the predetermined trust condition, then the method includes performing the file operation on the file in the container operating system while preventing the file operation from being performed directly in the host operating system.
    Type: Application
    Filed: February 12, 2018
    Publication date: June 13, 2019
    Inventors: Bryan R. BORN, Giridhar VISWANATHAN, Peteris LEDINS, Balaji BALASUBRAMANYAN, Margarit Simeonov CHENCHEV, Benjamin M. SCHULTZ, Hari R. PULAPAKA, Frederick Justus SMITH, Narasimhan RAMASUBRAMANIAN, Raphael GIANOTTI SERRANO DOS SANTO, Nived KALAPPURAIKAL SIVADAS, Ravinder THIND, Matthew David KURJANOWICZ