Patents by Inventor Gennady Medvinsky
Gennady Medvinsky has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230198751Abstract: A client communications device and method for generating a user message comprising an assertion for verification by a remote server device is described. Payload data for the user message as generated by a secure application resident on the communications device is received. Biometric authentication of the user is performed as a first level security mechanism. If biometric authentication of the user is successful, a digital signature is generated based on the message payload as a second level security mechanism. The digital signature is generated using a private signature key stored in a secure element of the client device. A third level security mechanism is applied by authenticating the user message using a secure application-specific key. In implementations, the digital signature is generated in a secure environment of the client device which has sole access to the secure element after successful biometric authentication.Type: ApplicationFiled: April 20, 2021Publication date: June 22, 2023Inventors: Gennady MEDVINSKY, Surya Anil LINGAMALLU, Hardik Bipinbhai DOSHI, Prasanna KANAGASABAI
-
Publication number: 20230075741Abstract: A communications server apparatus for managing authentication of a user based on one or more authentication events in a session is provided, to, in one or more data records, generate, for each authentication event, data indicative of a trust score corresponding to the authentication event; and generate, data indicative of a security score based on the trust scores corresponding to the one or more authentication events in the session, and, in response to receiving request data indicative of an authentication request associated with the user corresponding to a transaction in the session, the transaction having a value indicator, authenticate the user if the security score satisfies a condition for authentication corresponding to the transaction according to the value indicator, wherein security scores for satisfying the condition are variable according to value indicators of transactions.Type: ApplicationFiled: March 11, 2020Publication date: March 9, 2023Inventors: Gennady MEDVINSKY, Surya Anil LINGAMALLU, Alexander YUKHANOV
-
Publication number: 20230046380Abstract: A communications device for managing an authentication event is provided, which is configured to generate location data indicative of a geolocation associated with the communications device, retrieve, from a key that is obfuscated and stored in the communications device, the key, sign the location data with the retrieved key, and transmit request data to a communications server apparatus for requesting the authentication event, the request data comprising the signed location data. A method and a communications system for managing an authentication event are also provided.Type: ApplicationFiled: February 11, 2020Publication date: February 16, 2023Inventors: Gennady MEDVINSKY, Surya Anil LINGAMALLU, Alexander YUKHANOV
-
Patent number: 9461989Abstract: Example embodiments are provided for integrating operating systems with content offered by internet based entities.Type: GrantFiled: April 30, 2015Date of Patent: October 4, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Girish Chander, Tanmoy Dutta, Cristian Ilac, Bronislav Kavsan, Ziquian Li, Andreas K. Luther, Gennady Medvinsky, Liquiang Zhu
-
Patent number: 9270700Abstract: Security protocols for mobile operator networks are described. In embodiments, mobile communication link is established between a mobile phone and a media content provider via a communication service provider with which the mobile phone is registered for mobile communications, and via at least one roaming node network with which the communication service provider has a roaming service agreement. The media content provider receives a security policy request from the mobile phone to establish a security policy for end-to-end security of the mobile communication link between the media content provider and the mobile phone for data communication security. The media content provider then communicates a security policy response to the mobile phone to establish the security policy for the end-to-end security of the mobile communication link that is adaptable to security restrictions of the roaming node network.Type: GrantFiled: June 18, 2009Date of Patent: February 23, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Gennady Medvinsky, David E W Mercer
-
Patent number: 9195810Abstract: Various embodiments are disclosed that relate to the automated identification of one or more computer program functions for potentially placing on a remote computing device in a split-computational computing environment. For example, one disclosed embodiment provides, on a computing device, a method of determining a factorable portion of code to locate remotely from other portions of the code of a program to hinder unauthorized use and/or distribution of the program. The method includes, on a computing device, receiving an input of a representation of the code of the program, performing analysis on the representation of the code, the analysis comprising one or more of static analysis and dynamic analysis, and based upon the analysis of the code, outputting a list of one or more functions determined from the analysis to be candidates for locating remotely.Type: GrantFiled: December 28, 2010Date of Patent: November 24, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Darko Kirovski, Benjamin Livshits, Gennady Medvinsky, Vijay Gajjala, Kenneth Ray, Jesper Lind
-
Publication number: 20150264036Abstract: Example embodiments are provided for integrating operating systems with content offered by internet based entities.Type: ApplicationFiled: April 30, 2015Publication date: September 17, 2015Applicant: Microsoft Technology Licensing, LLCInventors: Girish Chander, Tanmoy Dutta, Cristian Ilac, Bronislav Kavsan, Ziquian Li, Andreas K. Luther, Gennady Medvinsky, Liquiang Zhu
-
Patent number: 9055107Abstract: The method of delegating authentication, within a chain of entities, relies upon a recording of at least a portion of a TLS handshake between a gateway device and user, in which the user needs access to a desired server. The method then relies upon re-verification of cryptographic evidence in the recorded portion of the TLS handshake, which is forwarded either (1) to the server to which access is desired, in which case the server re-verifies the recorded portion to confirm authentication, or, (2) to a third party entity, in which case the third party entity confirms authentication and provides credentials to the gateway server which then uses the credentials to authenticate to the server as the user.Type: GrantFiled: December 1, 2006Date of Patent: June 9, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Gennady Medvinsky, Nir Nice, Tomer Shiran, Alexander Teplitsky, Paul Leach, John Neystadt
-
Patent number: 9032500Abstract: Example embodiments are provided for integrating operating systems with content offered by internet based entities.Type: GrantFiled: October 28, 2013Date of Patent: May 12, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Girish Chander, Tanmoy Dutta, Cristian Ilac, Bronislav Kavsan, Ziquian Li, Andreas K. Luther, Gennady Medvinsky, Liquiang Zhu
-
Patent number: 8683549Abstract: A computer related security mechanism requires that a human participate in an access verification sequence. Upon a request to access secure data, a puzzle is provided to the requester. Proper solution of the puzzle requires human participation. The puzzle is chosen such that its solution is within the capabilities of a human, but beyond the current state of the art for computer systems. The puzzled can be visually and/or audibly rendered to the user. In one configuration, the puzzle is obtained via a library of pluggable puzzle generators. Puzzle generators in the library can be replaced as the state of the art of computing technology improves.Type: GrantFiled: March 23, 2007Date of Patent: March 25, 2014Assignee: Microsoft CorporationInventors: Arthur H. Baker, Brian J. Guarraci, Andrew Stewart Tucker, Gennady Medvinsky, Tanmoy Dutta
-
Publication number: 20140059653Abstract: Example embodiments are provided for integrating operating systems with content offered by internet based entities.Type: ApplicationFiled: October 28, 2013Publication date: February 27, 2014Applicant: Microsoft CorporationInventors: Girish Chander, Tanmoy Dutta, Cristian Ilac, Bronislav Kavsan, Ziquian Li, Andreas K. Luther, Gennady Medvinsky, Liquiang Zhu
-
Patent number: 8635635Abstract: Embodiments are disclosed that relate to hindering unauthorized use or distribution of a middleware program contained within an application. One example embodiment provides a method for hindering unauthorized use or distribution of a middleware program contained within an application. The method comprises acquiring factored middleware code, the factored middleware code having a missing function residing on a remote computing device, and building an application around the factored middleware code such that the application is configured to call to the remote computing device for execution of the missing function during use. The application may be configured to send a call to the remote computing device for execution of the missing function during use.Type: GrantFiled: January 25, 2011Date of Patent: January 21, 2014Assignee: Microsoft CorporationInventors: Kenneth Ray, Gennady Medvinsky, Vijay Gajjala, Darko Kirovski, Benjamin Livshits
-
Patent number: 8572716Abstract: Example embodiments are provided for integrating operating systems with content offered by internet based entities.Type: GrantFiled: April 23, 2007Date of Patent: October 29, 2013Assignee: Microsoft CorporationInventors: Girish Chander, Tanmoy Dutta, Cristian Ilac, Bronislav Kavsan, Ziquan Li, Andreas K. Luther, Gennady Medvinsky, Liquiang Zhu
-
Patent number: 8528058Abstract: Architecture for natively authenticating a client application to a web server via HTTP authentication. The Web Services Architecture, and more specifically, Web Services Security, is leveraged to enable legacy applications to access web services transparently to the existing legacy applications. A security support provider (SSP) is created that employs WS-* protocol to at least emulate ws-trust and ws-mex thereby enabling policy exchange via an HTTP protocol stack. Policy can be exchanged via a WWW-Authenticate header enabling legacy applications to use the WS-* family of protocols without modifying the client application. The WS-* protocols are abstracted into a generic programming interface for native client application use.Type: GrantFiled: May 31, 2007Date of Patent: September 3, 2013Assignee: Microsoft CorporationInventors: Liqiang Zhu, Gennady Medvinsky, Tanmoy Dutta, Cristian Ilac, Andreas Luther, John P Shewchuk
-
Publication number: 20120191803Abstract: Various embodiments are disclosed that relate to decommissioning factored code of a program on a computing device. For example, one disclosed embodiment provides a method of operating a computing device. The method includes executing a program on the computing device, and while executing the program, identifying a remote location of a factored function via a code map, sending a call to the factored function and receiving a return response. The method further comprises, upon occurrence of a decommissioning event, receiving a copy of the factored function; and updating the code map with a location of the copy of the factored function.Type: ApplicationFiled: January 25, 2011Publication date: July 26, 2012Applicant: MICROSOFT CORPORATIONInventors: Kenneth Ray, Gennady Medvinsky, Vijay Gajjala, Darko Kirovski, Benjamin Livshits
-
Publication number: 20120192209Abstract: Embodiments are disclosed that relate to hindering unauthorized use or distribution of a middleware program contained within an application. One example embodiment provides a method for hindering unauthorized use or distribution of a middleware program contained within an application. The method comprises acquiring factored middleware code, the factored middleware code having a missing function residing on a remote computing device, and building an application around the factored middleware code such that the application is configured to call to the remote computing device for execution of the missing function during use. The application may be configured to send a call to the remote computing device for execution of the missing function during use.Type: ApplicationFiled: January 25, 2011Publication date: July 26, 2012Applicant: MICROSOFT CORPORATIONInventors: Kenneth Ray, Gennady Medvinsky, Vijay Gajjala, Darko Kirovski, Benjamin Livshits
-
Publication number: 20120167061Abstract: Various embodiments are disclosed that relate to the automated identification of one or more computer program functions for potentially placing on a remote computing device in a split-computational computing environment. For example, one disclosed embodiment provides, on a computing device, a method of determining a factorable portion of code to locate remotely from other portions of the code of a program to hinder unauthorized use and/or distribution of the program. The method includes, on a computing device, receiving an input of a representation of the code of the program, performing analysis on the representation of the code, the analysis comprising one or more of static analysis and dynamic analysis, and based upon the analysis of the code, outputting a list of one or more functions determined from the analysis to be candidates for locating remotely.Type: ApplicationFiled: December 28, 2010Publication date: June 28, 2012Applicant: MICROSOFT CORPORATIONInventors: Darko Kirovski, Benjamin Livshits, Gennady Medvinsky, Vijay Gajjala, Kenneth Ray, Jesper Lind
-
Publication number: 20120036075Abstract: Identifying a mobile operator account associated with a user to apply charges incurred by the user at a mobile marketplace service. The mobile operator provides an account identifier for the account to a billing token service associated with the mobile marketplace service. The billing token service creates a billing token including the account identifier, and provides the billing token to the user. When subsequently ordering from the mobile marketplace service, the user sends order requests with the billing token to the mobile marketplace service. The mobile marketplace service extracts the account identifier from the billing token and provides the order requests and the extracted account identifier to a mobile operator billing service. The mobile operator billing service applies a charge to the mobile operator account identified by the account identifier. Based on a charge status from the mobile operator billing service (e.g.Type: ApplicationFiled: August 9, 2010Publication date: February 9, 2012Applicant: MICROSOFT CORPORATIONInventors: Johannes Klein, Ori Bar-Niv, David Edward William Mercer, Gennady Medvinsky
-
Patent number: 7913084Abstract: A credential security support provider (Cred SSP) is provided that enables any application to securely delegate a user's credentials from the client, via client side Security Support Provider (SSP) software, to a target server, via server side SSP software in a networked computing environment. The Cred SSP of the invention provides a secure solution that is based in part upon a set of policies, including a default policy that is secure against a broad range of attacks, which are used to control and restrict the delegation of user credentials from a client to a server. The policies can be for any type of user credentials and the different policies are designed to mitigate a broad range of attacks so that appropriate delegation can occur for given delegation circumstances, network conditions, trust levels, etc. Additionally, only a trusted subsystem, e.g.Type: GrantFiled: May 26, 2006Date of Patent: March 22, 2011Assignee: Microsoft CorporationInventors: Gennady Medvinsky, Cristian Ilac, Costin Hagiu, John E. Parsons, Mohamed Emad El Din Fathalla, Paul J. Leach, Tarek Bahaa El-Din Mahmoud Kamel
-
Publication number: 20100151822Abstract: Security protocols for mobile operator networks are described. In embodiments, mobile communication link is established between a mobile phone and a media content provider via a communication service provider with which the mobile phone is registered for mobile communications, and via at least one roaming node network with which the communication service provider has a roaming service agreement. The media content provider receives a security policy request from the mobile phone to establish a security policy for end-to-end security of the mobile communication link between the media content provider and the mobile phone for data communication security. The media content provider then communicates a security policy response to the mobile phone to establish the security policy for the end-to-end security of the mobile communication link that is adaptable to security restrictions of the roaming node network.Type: ApplicationFiled: June 18, 2009Publication date: June 17, 2010Applicant: MICROSOFT CORPORATIONInventors: Gennady Medvinsky, David E.W. Mercer