Patents by Inventor Hassen Saidi
Hassen Saidi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11934538Abstract: In general, this disclosure describes techniques for replacing target cryptographic primitives in executable binary files with other, potentially more secure, cryptographic primitives. In some examples, a computing system for augmenting cryptographic executables includes a locator to determine if an executable program in an executable binary file includes a target cryptographic primitive. The computing system can include a patch generator to generate patch instructions in response to a determination by the locator that the executable program includes the target cryptographic primitive. The patch instructions cause the executable program to execute a replacement cryptographic primitive instead of the target cryptographic primitive. A rewriter engine of the computing system can modify, based on the patch instructions, the executable program to generate a modified executable binary file.Type: GrantFiled: July 24, 2020Date of Patent: March 19, 2024Assignee: SRI INTERNATIONALInventors: Karim Eldefrawy, Hassen Saidi, Michael E. Locasto, Norrathep Rattanavipanon
-
Patent number: 11610173Abstract: Techniques are disclosed for intelligently managing software development. In one example, a method for managing software development, includes receiving, by a computing system, a request to review source code written by a first developer, determining, by the computing system, a software skill set for the source code review, selecting, by the computing system, one or more selected source code reviewers from the pool of source code reviewers based on the software skill set and respective reputation scores for a pool of source code reviewers, assigning, by the computing system, one or more portions of the source code for code review to each of the selected source code reviewers, and determining, by the computing system, a consensus verification output on the code review based on review input from a majority of the selected source code reviewers.Type: GrantFiled: January 23, 2020Date of Patent: March 21, 2023Assignee: SRI INTERNATIONALInventors: Daniel J. Sanchez, Huascar Sanchez, Hassen Saidi
-
Publication number: 20210232695Abstract: In general, this disclosure describes techniques for replacing target cryptographic primitives in executable binary files with other, potentially more secure, cryptographic primitives. In some examples, a computing system for augmenting cryptographic executables includes a locator to determine if an executable program in an executable binary file includes a target cryptographic primitive. The computing system can include a patch generator to generate patch instructions in response to a determination by the locator that the executable program includes the target cryptographic primitive. The patch instructions cause the executable program to execute a replacement cryptographic primitive instead of the target cryptographic primitive. A rewriter engine of the computing system can modify, based on the patch instructions, the executable program to generate a modified executable binary file.Type: ApplicationFiled: July 24, 2020Publication date: July 29, 2021Inventors: Karim Eldefrawy, Hassen Saidi, Michael E. Locasto, Norrathep Rattanavipanon
-
Publication number: 20200394588Abstract: Techniques are disclosed for intelligently managing software development. In one example, a method for managing software development, includes receiving, by a computing system, a request to review source code written by a first developer, determining, by the computing system, a software skill set for the source code review, selecting, by the computing system, one or more selected source code reviewers from the pool of source code reviewers based on the software skill set and respective reputation scores for a pool of source code reviewers, assigning, by the computing system, one or more portions of the source code for code review to each of the selected source code reviewers, and determining, by the computing system, a consensus verification output on the code review based on review input from a majority of the selected source code reviewers.Type: ApplicationFiled: January 23, 2020Publication date: December 17, 2020Inventors: Daniel J. Sanchez, Huascar Sanchez, Hassen Saidi
-
Publication number: 20200159536Abstract: In general, this disclosure describes techniques for building an application designed to run on a given infrastructure as a container. For example, a unicontainer as described herein may represent a smallest-size, statically-linked binary that is the most optimal implementation of a container for executing an application. In some examples, a computing system builds this container by identifying unused or unneeded functionalities from dependencies for the application, for instance where such functionalities are provided by a target infrastructure for the container.Type: ApplicationFiled: November 20, 2019Publication date: May 21, 2020Inventor: Hassen Saidi
-
Patent number: 10073966Abstract: An integrity verification subsystem can verify the integrity of software and firmware modules on a computing device at load time and/or at run time, independently of any operating systems that may be installed on the computing device. Some versions of the integrity verification subsystem can operate in physical and/or virtualized system environments, including virtualized mobile device architectures.Type: GrantFiled: April 29, 2013Date of Patent: September 11, 2018Assignee: SRI InternationalInventors: Scott Oberg, Christopher S. Lockett, Sean Forsberg, Hassen Saidi, Jeffrey E. Casper
-
Patent number: 9922210Abstract: A provisioning system can separately and independently provision different components for different purposes on a computing platform, and enforce component-specific purposes associated with the use of the individual provisioned components during operation of the platform. Some versions of the provisioning subsystem may operate on a virtualized mobile computing device and networked devices under control of the computing device. In some embodiments, the provisioning subsystem can enforce a desired “purpose” of a provisioned component while simultaneously denying a corresponding “anti-purpose.Type: GrantFiled: October 11, 2013Date of Patent: March 20, 2018Assignee: SRI INTERNATIONALInventors: Scott A. Oberg, Christopher S. Lockett, Sean M. Forsberg, Hassen Saidi, Jeffrey E. Casper
-
Patent number: 9792459Abstract: A policy arbitration system manages the fundamental communications and isolation between executable components and shared system resources of a computing device, and controls the use of the shared resources by the executable components. Some versions of the policy arbitration system operate on a virtualized mobile computing device to dynamically compile and implement policy rules that are issued periodically by multiple different independent execution environments that are running on the computing device. Semi-dynamic policy changes allow for context enabled policy changes that enforce the desired system and component “purpose” while simultaneously denying the “anti-purpose”.Type: GrantFiled: October 11, 2013Date of Patent: October 17, 2017Assignee: SRI INTERNATIONALInventors: Sean M. Forsberg, Scott A. Oberg, Christopher S. Lockett, Hassen Saidi, Jeffrey E. Casper, Michael Deleo
-
Patent number: 9501666Abstract: Polymorphic computing architectures can support and control separate, independently executable domains and other components on a computing platform. In some embodiments, the architectures may control the different domains and/or components according to different purposes. In some embodiments, the architectures can control domains and/or components to enforce a desired “purpose” of a domain/component while simultaneously denying a corresponding “anti-purpose”.Type: GrantFiled: October 11, 2013Date of Patent: November 22, 2016Assignee: SRI INTERNATIONALInventors: Christopher S. Lockett, Scott A. Oberg, Sean M. Forsberg, Hassen Saidi, Jeffrey E. Casper
-
Patent number: 9495560Abstract: A domain manager system as disclosed herein can control the selective activation of multiple independently-operable execution environments or domains on a computing device in accordance with one or more policies. In some embodiments, activation of a domain may at least temporarily transform a general purpose computing device into a specific purpose computing device or “appliance” by disabling use of one or more shared system resources by other domains.Type: GrantFiled: October 11, 2013Date of Patent: November 15, 2016Assignee: SRI INTERNATIONALInventors: Hassen Saidi, Scott A. Oberg, Christopher S. Lockett, Sean M. Forsberg, Jeffrey E. Casper
-
Publication number: 20140379923Abstract: A provisioning system can separately and independently provision different components for different purposes on a computing platform, and enforce component-specific purposes associated with the use of the individual provisioned components during operation of the platform. Some versions of the provisioning subsystem may operate on a virtualized mobile computing device and networked devices under control of the computing device. In some embodiments, the provisioning subsystem can enforce a desired “purpose” of a provisioned component while simultaneously denying a corresponding “anti-purpose.Type: ApplicationFiled: October 11, 2013Publication date: December 25, 2014Inventors: Scott A. Oberg, Christopher S. Lockett, Sean M. Forsberg, Hassen Saidi, Jeffrey E. Casper
-
Publication number: 20140380405Abstract: A policy arbitration system manages the fundamental communications and isolation between executable components and shared system resources of a computing device, and controls the use of the shared resources by the executable components. Some versions of the policy arbitration system operate on a virtualized mobile computing device to dynamically compile and implement policy rules that are issued periodically by multiple different independent execution environments that are running on the computing device. Semi-dynamic policy changes allow for context enabled policy changes that enforce the desired system and component “purpose” while simultaneously denying the “anti-purpose”.Type: ApplicationFiled: October 11, 2013Publication date: December 25, 2014Inventors: Sean M. Forsberg, Scott A. Oberg, Christopher S. Lockett, Hassen Saidi, Jeffrey E. Casper, Michael Deleo
-
Publication number: 20140380414Abstract: A method and system for application-based monitoring and enforcement of security, privacy, performance and/or other policies on a mobile device includes incorporating monitoring and policy enforcement code into a previously un-monitored software application package that is installable on a mobile device, and executing the monitoring and policy enforcement code during normal use of the software application by a user of the mobile device.Type: ApplicationFiled: September 9, 2014Publication date: December 25, 2014Inventors: Hassen Saidi, Rubin Xu
-
Publication number: 20140380406Abstract: A domain manager system as disclosed herein can control the selective activation of multiple independently-operable execution environments or domains on a computing device in accordance with one or more policies. In some embodiments, activation of a domain may at least temporarily transform a general purpose computing device into a specific purpose computing device or “appliance” by disabling use of one or more shared system resources by other domains.Type: ApplicationFiled: October 11, 2013Publication date: December 25, 2014Inventors: Hassen Saidi, Scott A. Oberg, Christopher S. Lockett, Sean M. Forsberg, Jeffrey E. Casper
-
Publication number: 20140380425Abstract: Polymorphic computing architectures can support and control separate, independently executable domains and other components on a computing platform. In some embodiments, the architectures may control the different domains and/or components according to different purposes. In some embodiments, the architectures can control domains and/or components to enforce a desired “purpose” of a domain/component while simultaneously denying a corresponding “anti-purpose.Type: ApplicationFiled: October 11, 2013Publication date: December 25, 2014Inventors: Christopher S. Lockett, Scott A. Oberg, Sean M. Forsberg, Hassen Saidi, Jeffrey E. Casper
-
Publication number: 20140325644Abstract: An integrity verification subsystem can verify the integrity of software and firmware modules on a computing device at load time and/or at run time, independently of any operating systems that may be installed on the computing device. Some versions of the integrity verification subsystem can operate in physical and/or virtualized system environments, including virtualized mobile device architectures.Type: ApplicationFiled: April 29, 2013Publication date: October 30, 2014Inventors: Scott Oberg, Christopher S. Lockett, Sean Forsberg, Hassen Saidi, Jeffrey E. Casper
-
Patent number: 8844036Abstract: A method and system for application-based monitoring and enforcement of security, privacy, performance and/or other policies on a mobile device includes incorporating monitoring and policy enforcement code into a previously un-monitored software application package that is installable on a mobile device, and executing the monitoring and policy enforcement code during normal use of the software application by a user of the mobile device.Type: GrantFiled: March 2, 2012Date of Patent: September 23, 2014Assignee: SRI InternationalInventors: Hassen Saidi, Rubin Xu
-
Patent number: 8844032Abstract: A method and system for application-based monitoring and enforcement of security, privacy, performance and/or other policies on a mobile device includes incorporating monitoring and policy enforcement code into a previously un-monitored software application package that is installable on a mobile device, and executing the monitoring and policy enforcement code during normal use of the software application by a user of the mobile device.Type: GrantFiled: March 2, 2012Date of Patent: September 23, 2014Assignee: SRI InternationalInventors: Hassen Saidi, Rubin Xu
-
Publication number: 20130232573Abstract: A method and system for application-based monitoring and enforcement of security, privacy, performance and/or other policies on a mobile device includes incorporating monitoring and policy enforcement code into a previously un-monitored software application package that is installable on a mobile device, and executing the monitoring and policy enforcement code during normal use of the software application by a user of the mobile device.Type: ApplicationFiled: March 2, 2012Publication date: September 5, 2013Inventors: Hassen Saidi, Rubin Xu
-
Publication number: 20130232540Abstract: A method and system for application-based monitoring and enforcement of security, privacy, performance and/or other policies on a mobile device includes incorporating monitoring and policy enforcement code into a previously un-monitored software application package that is installable on a mobile device, and executing the monitoring and policy enforcement code during normal use of the software application by a user of the mobile device.Type: ApplicationFiled: March 2, 2012Publication date: September 5, 2013Inventors: Hassen Saidi, Rubin Xu