Patents by Inventor Itamar AZULAY
Itamar AZULAY has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11902334Abstract: The disclosure is directed towards controlling the persistency of information provided to a service worker. A method includes receiving a response that includes response data. The response is received at a security service and was transmitted by a second computing device in response to receiving an information request from a first computing device. The first computing device implements a service worker. Sensitive data included in the response data is identified. The response includes caching instructions that instruct the service worker to cache the sensitive data at the first computing device. In response to identifying the sensitive data, the caching instructions are updated such that any portion of the response data that the updated caching instructions instruct the service worker to cache at the first computing device excludes the sensitive data. The updated response is transmitted to the first computing device and includes the response data and the updated caching instructions.Type: GrantFiled: June 23, 2021Date of Patent: February 13, 2024Assignee: Microsoft Technology Licensing, LLCInventors: Itamar Azulay, Ishay Hilzenrat, Sharon Itshak Lifshits, Meir Blachman
-
Patent number: 11876814Abstract: The disclosure is directed towards proxy services for the secure uploading of file-system tree structures. A method includes receiving, at a web security service, an indication that client device to upload content to a storage cloud provider. The proxy service performs a security scan of the content while the content is stored on the client device. A security and/or a privacy concern is identified in the content stored on the client device. A security and/or privacy mitigation action is performed in response to identifying the security and/or privacy concern.Type: GrantFiled: March 8, 2023Date of Patent: January 16, 2024Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Itamar Azulay, Guy Lewin, Sharon Lifshits
-
Publication number: 20230403327Abstract: According to examples, an apparatus may include a processor and a memory on which are stored machine-readable instructions that when executed by the processor, may cause the processor to obtain an encryption key from a user. The processor may identify session activity data during a proxy session of the user and may encrypt the identified session activity data using the encryption key obtained from the user. The processor may store the encrypted session activity data.Type: ApplicationFiled: June 14, 2023Publication date: December 14, 2023Applicant: Microsoft Technology Licensing, LLCInventors: Itamar AZULAY, Tomer Cherni
-
Publication number: 20230401275Abstract: A tenant network of a cloud services platform performs the rewriting of code included in a web page. For example, a proxy service communicatively coupled to a plurality of browser applications belonging to the same tenant network and a server receives a request, from a first browser, for a web page hosted by the server. The web page is returned to the proxy service, and the proxy service identifies code component(s) thereof for rewriting. The proxy service provides the identified code component(s) to a second browser included in the same tenant network as the first browser that is configured to rewrite the code component(s). After rewriting the code component, the second browser provides the rewritten code component(s) to the proxy service, which forwards the web page, along with the rewritten code component(s), to the first browser for execution and rendering.Type: ApplicationFiled: June 13, 2022Publication date: December 14, 2023Inventors: Meir Baruch BLACHMAN, Itamar AZULAY, Nitzan FROGEL
-
Publication number: 20230385098Abstract: Systems and methods are provided for managing dynamic controls over access to computer resources and, even more particularly, for evaluating and re-evaluating dynamic conditions and changes associated with user sessions. The systems and methods are configured to automatically make a determination as to whether new or additional authentication credentials are required for a user that is already authorized for accessing resources in a user session, in response to triggering events such as the identification of a new or changed condition associated with the user session.Type: ApplicationFiled: August 8, 2023Publication date: November 30, 2023Inventors: Alexander ESIBOV, Itamar AZULAY
-
Publication number: 20230350984Abstract: Systems and methods are described for client-side rewriting of web page code. A proxy computing device receives a web page from a server computing device and analyzes the web page to identify a code component. The proxy computing device generates a modified version of the web page by replacing the identified code component with a wrapped code component and including a code rewriting and evaluation function in the web page. The wrapped code component includes a call to the code rewriting and evaluation function that includes the identified code component as an argument thereof. The code rewriting and evaluation function is configured to generate a rewritten code component by rewriting the identified code component and to evaluate the rewritten code component. The proxy computing device sends the modified version of the web page to a client computing device that is configured to load the modified version of the web page.Type: ApplicationFiled: April 27, 2022Publication date: November 2, 2023Inventors: Meir Baruch BLACHMAN, Itamar AZULAY
-
Publication number: 20230319072Abstract: The disclosure is directed towards proxy services for the secure uploading of file-system tree structures. A method includes receiving, at a web security service, an indication that client device to upload content to a storage cloud provider. The proxy service performs a security scan of the content while the content is stored on the client device. A security and/or a privacy concern is identified in the content stored on the client device. A security and/or privacy mitigation action is performed in response to identifying the security and/or privacy concern.Type: ApplicationFiled: March 8, 2023Publication date: October 5, 2023Inventors: Itamar AZULAY, Guy LEWIN, Sharon LIFSHITS
-
Patent number: 11768699Abstract: Systems and methods are provided for managing dynamic controls over access to computer resources and, even more particularly, for evaluating and re-evaluating dynamic conditions and changes associated with user sessions. The systems and methods are configured to automatically make a determination as to whether new or additional authentication credentials are required for a user that is already authorized for accessing resources in a user session, in response to triggering events such as the identification of a new or changed condition associated with the user session.Type: GrantFiled: October 5, 2019Date of Patent: September 26, 2023Assignee: Microsoft Technology Licensing, LLCInventors: Alexander Esibov, Itamar Azulay
-
Patent number: 11770439Abstract: A proxy server to receive a request from a client to a webserver and a response corresponding with the request from the webserver to the client is disclosed. The request is wrapped, and a wrapped request is received at the proxy server. The wrapped request is read at the proxy server. Metadata is added to a response corresponding with the wrapped request at the proxy server. The metadata can be based on the read wrapped request or the corresponding response.Type: GrantFiled: June 14, 2022Date of Patent: September 26, 2023Assignee: Microsoft Technology Licensing, LLCInventors: Guy Lewin, Itamar Azulay, Yossi Haber
-
Patent number: 11716391Abstract: According to examples, an apparatus may include a processor and a memory on which are stored machine-readable instructions that when executed by the processor, may cause the processor to obtain an encryption key from a user. The processor may identify session activity data during a proxy session of the user and may encrypt the identified session activity data using the encryption key obtained from the user. The processor may store the encrypted session activity data.Type: GrantFiled: December 17, 2020Date of Patent: August 1, 2023Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Itamar Azulay, Tomer Cherni
-
Publication number: 20230236853Abstract: Methods and systems are provided for a browser in a client device that receives a user interface script-code snippet from a web page. A chain logic engine determines whether an in-memory map indicates an output value of prior execution of the UI script-code snippet. If the in-memory map does indicate the output value, it is returned from the in-memory map to generate the user interface. If not, the engine determines whether an in-local storage map indicates the prior executed snippet output. If the in-local storage map indicates the prior executed snippet output, it is returned from the in-local storage map to generate the user interface, and it is stored in the in-memory map. If not, the UI script-code snippet is executed to generate the output value, which is used to generate the user interface, and is stored in the in-memory map and in the in-local storage map.Type: ApplicationFiled: March 31, 2023Publication date: July 27, 2023Inventors: Itamar AZULAY, Amir GERI, Guy LEWIN, Yossi HABER, Meir Baruch BLACHMAN
-
Patent number: 11627150Abstract: The disclosure is directed towards proxy services for the secure uploading of file-system tree structures. A method includes receiving, at a web security service, an indication that client device to upload content to a storage cloud provider. The proxy service performs a security scan of the content while the content is stored on the client device. A security and/or a privacy concern is identified in the content stored on the client device. A security and/or privacy mitigation action is performed in response to identifying the security and/or privacy concern.Type: GrantFiled: June 30, 2021Date of Patent: April 11, 2023Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Itamar Azulay, Guy Lewin, Sharon Lifshits
-
Patent number: 11620141Abstract: Methods and systems are provided for a browser in a client device that receives a user interface script-code snippet from a web page. A chain logic engine determines whether an in-memory map indicates an output value of prior execution of the UI script-code snippet. If the in-memory map does indicate the output value, it is returned from the in-memory map to generate the user interface. If not, the engine determines whether an in-local storage map indicates the prior executed snippet output. If the in-local storage map indicates the prior executed snippet output, it is returned from the in-local storage map to generate the user interface, and it is stored in the in-memory map. If not, the UI script-code snippet is executed to generate the output value, which is used to generate the user interface, and is stored in the in-memory map and in the in-local storage map.Type: GrantFiled: July 9, 2020Date of Patent: April 4, 2023Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Itamar Azulay, Amir Geri, Guy Lewin, Yossi Haber, Meir Baruch Blachman
-
Patent number: 11611629Abstract: An example inline frame monitor is disclosed. The inline frame monitor injects monitoring logic into a document object model to monitor an activity within a dynamically loaded inline frame of a web page. Data regarding the activity within the dynamically loaded inline frame is received. A policy is applied to validate or invalidate the activity within the dynamically loaded inline frame.Type: GrantFiled: May 13, 2020Date of Patent: March 21, 2023Assignee: Microsoft Technology Licensing, LLCInventors: Meir Blachman, Itamar Azulay, Guy Lewin
-
Publication number: 20230007016Abstract: The disclosure is directed towards proxy services for the secure uploading of file-system tree structures. A method includes receiving, at a web security service, an indication that client device to upload content to a storage cloud provider. The proxy service performs a security scan of the content while the content is stored on the client device. A security and/or a privacy concern is identified in the content stored on the client device. A security and/or privacy mitigation action is performed in response to identifying the security and/or privacy concern.Type: ApplicationFiled: June 30, 2021Publication date: January 5, 2023Inventors: Itamar AZULAY, Guy LEWIN, Sharon LIFSHITS
-
Publication number: 20220417289Abstract: The disclosure is directed towards controlling the persistency of information provided to a service worker. A method includes receiving a response that includes response data. The response is received at a security service and was transmitted by a second computing device in response to receiving an information request from a first computing device. The first computing device implements a service worker. Sensitive data included in the response data is identified. The response includes caching instructions that instruct the service worker to cache the sensitive data at the first computing device. In response to identifying the sensitive data, the caching instructions are updated such that any portion of the response data that the updated caching instructions instruct the service worker to cache at the first computing device excludes the sensitive data. The updated response is transmitted to the first computing device and includes the response data and the updated caching instructions.Type: ApplicationFiled: June 23, 2021Publication date: December 29, 2022Inventors: Itamar AZULAY, Ishay HILZENRAT, Sharon Itshak LIFSHITS, Meir BLACHMAN
-
Publication number: 20220311820Abstract: A proxy server to receive a request from a client to a webserver and a response corresponding with the request from the webserver to the client is disclosed. The request is wrapped, and a wrapped request is received at the proxy server. The wrapped request is read at the proxy server. Metadata is added to a response corresponding with the wrapped request at the proxy server. The metadata can be based on the read wrapped request or the corresponding response.Type: ApplicationFiled: June 14, 2022Publication date: September 29, 2022Applicant: Microsoft Technology Licensing, LLCInventors: Guy Lewin, Itamar Azulay, Yossi Haber
-
Patent number: 11394765Abstract: A proxy server to receive a request from a client to a webserver and a response corresponding with the request from the webserver to the client is disclosed. The request is wrapped, and a wrapped request is received at the proxy server. The wrapped request is read at the proxy server. Metadata is added to a response corresponding with the wrapped request at the proxy server. The metadata can be based on the read wrapped request or the corresponding response.Type: GrantFiled: June 18, 2019Date of Patent: July 19, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Guy Lewin, Itamar Azulay, Yossi Haber
-
Patent number: 11381545Abstract: Generally discussed herein are devices, systems, and methods for secure cloud application provisioning. A method can include, while providing access to the cloud application, receiving data indicating a first universal resource locator (URL) entered in a search bar of a web browser associated with the cloud application has changed to a second URL, determining whether the second URL has a valid certificate, and in response to determining the second URL is associated with the cloud application and a valid certificate for the second URL exists, providing resources for the second URL and the valid certificate to the web browser or in response to determining the second URL is not associated with the application, re-directing the web browser away from the proxy server.Type: GrantFiled: May 22, 2020Date of Patent: July 5, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Itamar Azulay, Daniel Senderovich, Tomer Cherni, Meir Blachman
-
Publication number: 20220201084Abstract: According to examples, an apparatus may include a processor and a memory on which are stored machine-readable instructions that when executed by the processor, may cause the processor to obtain an encryption key from a user. The processor may identify session activity data during a proxy session of the user and may encrypt the identified session activity data using the encryption key obtained from the user. The processor may store the encrypted session activity data.Type: ApplicationFiled: December 17, 2020Publication date: June 23, 2022Applicant: Microsoft Technology Licensing, LLCInventors: Itamar AZULAY, Tomer Cherni