Patents by Inventor Ivan Medvedev
Ivan Medvedev has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10853335Abstract: In one embodiment, an online social network accesses a place-entity cluster comprising a number of place-entity nodes corresponding to a particular place-entity having a geographic location. One of the place-entity nodes is identified as an initial canonical place-entity cluster connected to the other place-entity nodes by redirection edges. A cluster score is calculated for each place-entity node in the cluster, and nodes having a cluster score above a threshold is identified. One of the identified place-entity nodes is selected as a replacement canonical place-entity node. If the replacement node is different from the initial canonical node, then the place-entity cluster is updated by adding or removing at least one place-entity node from the cluster based on their respective cluster scores.Type: GrantFiled: June 24, 2016Date of Patent: December 1, 2020Assignee: Facebook, Inc.Inventors: Justin Moore, Marian Gelu Olteanu, Myle Arif Ott, Long Chen, Ivan Medvedev
-
Patent number: 10462144Abstract: A system for managing privacy of shared content. The system includes a terminal device and a server device. The terminal device includes a content receiving device configured to receive content, a storage configured to store content by the content receiving device, a privacy setting determiner, a content obfuscator; and a transmitter configured to transmit obfuscated content. The server device includes a receiver configured to receive the obfuscated content from the transmitter of the terminal device, a publisher configured to publish the obfuscated content, and a de-obfuscator configured to, based on the received request to change privacy settings, de-obfuscate the at least a portion of the received content to generate de-obfuscated content.Type: GrantFiled: February 22, 2019Date of Patent: October 29, 2019Inventors: Russell Owen, Ivan Medvedev, Garth Shoemaker, Andrew Swerdlow, Yevgeniy Eugene Shteyn, Amanda Elwell Walker
-
Publication number: 20190190916Abstract: A system for managing privacy of shared content. The system includes a terminal device and a server device. The terminal device includes a content receiving device configured to receive content, a storage configured to store content by the content receiving device, a privacy setting determiner, a content obfuscator; and a transmitter configured to transmit obfuscated content. The server device includes a receiver configured to receive the obfuscated content from the transmitter of the terminal device, a publisher configured to publish the obfuscated content, and a de-obfuscator configured to, based on the received request to change privacy settings, de-obfuscate the at least a portion of the received content to generate de-obfuscated content.Type: ApplicationFiled: February 22, 2019Publication date: June 20, 2019Applicant: Google LLCInventors: Russell Owen, Ivan Medvedev, Garth Shoemaker, Andrew Swerdlow, Yevgeniy Eugene Shteyn, Amanda Elwell Walker
-
Patent number: 10284558Abstract: Systems and methods for managing privacy settings of shared content include receiving content associated with an object; receiving privacy settings associated with the object associated with the received content; based on the received privacy settings, obfuscating, at least a portion of the content associated with the object to generated obfuscated content; and transmitting the obfuscated content to a publishing server, wherein the publishing server publishes the obfuscated content to one or more third parties.Type: GrantFiled: August 12, 2015Date of Patent: May 7, 2019Assignee: Google LLCInventors: Russell Owen, Ivan Medvedev, Garth Shoemaker, Andrew Swerdlow, Yevgeniy Eugene Shteyn, Amanda Elwell Walker
-
Patent number: 10152603Abstract: Systems and methods for privacy-preserving data loss detection include performing a sweep of online information for a candidate data leakage to generate an online data set; performing an analysis of the online data set to determine that the online information is a candidate data leakage; the host encrypting the data communication and providing the host-encrypted data communication to a software agent at the enterprise; in response to receiving the host-encrypted data communication, the software agent encrypting a database of enterprise information and re-encrypting the host-encrypted data communication, and providing the same to the host; the host decrypting a host-encrypted aspect of the re-encrypted data communication to generate a software agent-encrypted data communication; determining whether a match exists between the encrypted database of information and the software agent-encrypted data communication; and based on whether the match exists, the software agent taking a first action or the host taking aType: GrantFiled: October 31, 2017Date of Patent: December 11, 2018Assignee: Google LLCInventor: Ivan Medvedev
-
Publication number: 20180068124Abstract: Systems and methods for privacy-preserving data loss detection include performing a sweep of online information for a candidate data leakage to generate an online data set; performing an analysis of the online data set to determine that the online information is a candidate data leakage; the host encrypting the data communication and providing the host-encrypted data communication to a software agent at the enterprise; in response to receiving the host-encrypted data communication, the software agent encrypting a database of enterprise information and re-encrypting the host-encrypted data communication, and providing the same to the host; the host decrypting a host-encrypted aspect of the re-encrypted data communication to generate a software agent-encrypted data communication; determining whether a match exists between the encrypted database of information and the software agent-encrypted data communication; and based on whether the match exists, the software agent taking a first action or the host taking aType: ApplicationFiled: October 31, 2017Publication date: March 8, 2018Inventor: Ivan Medvedev
-
Patent number: 9830463Abstract: Systems and methods for privacy-preserving data loss detection include performing a sweep of online information for a candidate data leakage to generate an online data set; performing an analysis of the online data set to determine that the online information is a candidate data leakage; the host encrypting the data communication and providing the host-encrypted data communication to a software agent at the enterprise; in response to receiving the host-encrypted data communication, the software agent encrypting a database of enterprise information and re-encrypting the host-encrypted data communication, and providing the same to the host; the host decrypting a host-encrypted aspect of the re-encrypted data communication to generate a software agent-encrypted data communication; determining whether a match exists between the encrypted database of information and the software agent-encrypted data communication; and based on whether the match exists, the software agent taking a first action or the host taking aType: GrantFiled: January 22, 2016Date of Patent: November 28, 2017Assignee: GOOGLE LLCInventor: Ivan Medvedev
-
Patent number: 9740877Abstract: Systems and methods for data loss prevention while preserving privacy are described, including receiving a data communication originating from an online account of a user device associated with the enterprise; performing an analysis to determine that the data communication is a candidate data leakage, based on a context of the data communication; encrypting the data communication, and providing the host-encrypted data communication to a software agent at the enterprise; receiving a software agent-encrypted database of enterprise communication and the host-encrypted data communication, re-encrypted by the software agent; decrypting a host-encrypted aspect of the re-encrypted data communication to generate a software agent-encrypted data communication; performing a matching operation to determine whether a match exists between the encrypted database of information and the software agent-encrypted data communication; if the match exists, reporting the match to the software agent; and if the match does not exist,Type: GrantFiled: September 22, 2015Date of Patent: August 22, 2017Assignee: GOOGLE INC.Inventor: Ivan Medvedev
-
Publication number: 20170213041Abstract: Systems and methods for privacy-preserving data loss detection include performing a sweep of online information for a candidate data leakage to generate an online data set; performing an analysis of the online data set to determine that the online information is a candidate data leakage; the host encrypting the data communication and providing the host-encrypted data communication to a software agent at the enterprise; in response to receiving the host-encrypted data communication, the software agent encrypting a database of enterprise information and re-encrypting the host-encrypted data communication, and providing the same to the host; the host decrypting a host-encrypted aspect of the re-encrypted data communication to generate a software agent-encrypted data communication; determining whether a match exists between the encrypted database of information and the software agent-encrypted data communication; and based on whether the match exists, the software agent taking a first action or the host taking aType: ApplicationFiled: January 22, 2016Publication date: July 27, 2017Inventor: Ivan Medvedev
-
Publication number: 20170199927Abstract: In one embodiment, an online social network accesses a place-entity cluster comprising a number of place-entity nodes corresponding to a particular place-entity having a geographic location. One of the place-entity nodes is identified as an initial canonical place-entity cluster connected to the other place-entity nodes by redirection edges. A cluster score is calculated for each place-entity node in the cluster, and nodes having a cluster score above a threshold is identified. One of the identified place-entity nodes is selected as a replacement canonical place-entity node. If the replacement node is different from the initial canonical node, then the place-entity cluster is updated by adding or removing at least one place-entity node from the cluster based on their respective cluster scores.Type: ApplicationFiled: June 24, 2016Publication date: July 13, 2017Inventors: Justin Moore, Marian Gelu Olteanu, Myle Arif Ott, Long Chen, Ivan Medvedev
-
Publication number: 20170083717Abstract: Systems and methods for data loss prevention while preserving privacy are described, including receiving a data communication originating from an online account of a user device associated with the enterprise; performing an analysis to determine that the data communication is a candidate data leakage, based on a context of the data communication; encrypting the data communication, and providing the host-encrypted data communication to a software agent at the enterprise; receiving a software agent-encrypted database of enterprise communication and the host-encrypted data communication, re-encrypted by the software agent; decrypting a host-encrypted aspect of the re-encrypted data communication to generate a software agent-encrypted data communication; performing a matching operation to determine whether a match exists between the encrypted database of information and the software agent-encrypted data communication; if the match exists, reporting the match to the software agent; and if the match does not exist,Type: ApplicationFiled: September 22, 2015Publication date: March 23, 2017Inventor: Ivan Medvedev
-
Publication number: 20170048245Abstract: Systems and methods for managing privacy settings of shared content include receiving content associated with an object; receiving privacy settings associated with the object associated with the received content; based on the received privacy settings, obfuscating, at least a portion of the content associated with the object to generated obfuscated content; and transmitting the obfuscated content to a publishing server, wherein the publishing server publishes the obfuscated content to one or more third parties.Type: ApplicationFiled: August 12, 2015Publication date: February 16, 2017Inventors: Russell Owen, Ivan Medvedev, Garth Shoemaker, Andrew Swerdlow, Yevgeniy Eugene Shteyn, Amanda Elwell Walker
-
Patent number: 9177174Abstract: Systems and methods for protecting sensitive data in communications are described, including identifying first information in content created by a user for a communication; sending the first information to a vault; receiving, from the vault, an identifier associated with the first information; replacing the first information in the content with second information that is associated with the first information and does not provide any indication of the content of the first information; and sending the communication comprising the content with the second information and the identifier.Type: GrantFiled: February 6, 2014Date of Patent: November 3, 2015Assignee: GOOGLE INC.Inventors: Garth Shoemaker, Ivan Medvedev
-
Patent number: 8732838Abstract: Evaluating a threat model for structural validity and descriptive completeness. A threat modeling application provides a progress factor or other overall score associated with the structural validity and descriptive completeness of the threat model being evaluated. The structural validity is evaluated based on a data flow diagram associated with the threat model. The descriptive completeness is evaluated by reviewing descriptions of threat types in the threat model. The progress factor encourages modelers to provide effective models to a model reviewer, thus saving time for the model reviewer.Type: GrantFiled: June 26, 2008Date of Patent: May 20, 2014Assignee: Microsoft CorporationInventors: Ivan Medvedev, Adam Shostack, Lawrence William Osterman
-
Publication number: 20100293618Abstract: An application may watch to see if information passes a defined trust barrier. If defined information passes a defined trust barrier, an alert may be issued. The alert may include informing a developer of the specific code section that triggered the alert.Type: ApplicationFiled: May 12, 2009Publication date: November 18, 2010Applicant: MICROSOFT CORPORATIONInventors: Ivan Medvedev, Clyde R. Roberts, IV
-
Patent number: 7743423Abstract: All execution paths of one or more assemblies in managed code are simulated to find the permissions for each execution path. The managed code can correspond to a managed shared library or a managed application. Each call in each execution path has a corresponding permissions set. When the library or application has permissions to execute that are not less than the required permission sets for the execution paths, any dynamic execution of the library or application will not trigger a security exception The simulated execution provides a tool that can be used to ensure that code being written will not exceed a maximum security permission for the code. A permission set can be determined by the tool for each assembly corresponding to an application and for each entry point corresponding to a shared library.Type: GrantFiled: February 3, 2004Date of Patent: June 22, 2010Assignee: Microsoft CorporationInventors: Sebastian Lange, Gregory D. Fee, Aaron Goldfeder, Ivan Medvedev, Michael Gashler
-
Publication number: 20090327943Abstract: Identifying threats to an information system by analyzing a structural representation of the information system. In some embodiments, a data flow diagram corresponding to the information system is analyzed based on predefined criteria. Potential threats to elements of the data flow diagram are identified based on the predefined criteria. The threats are prioritized and provided to a user for further testing. In an embodiment, the user performs fuzz testing of application programs in the information system based on the prioritized threats.Type: ApplicationFiled: June 26, 2008Publication date: December 31, 2009Applicant: Microsoft CorporationInventors: Ivan Medvedev, Adam Shostack, Lawrence William Osterman
-
Publication number: 20090327971Abstract: Excluding selected elements in a data flow diagram from a threat model. The selected elements are marked as informational. An automated threat modeling system generates a threat model report for the elements in the data flow diagram except for the elements marked as informational. Excluding the informational elements from the threat model and threat model report reduces the complexity of the threat analysis and enables a modeler to focus the threat model on elements of interest.Type: ApplicationFiled: June 26, 2008Publication date: December 31, 2009Applicant: Microsoft CorporationInventors: Adam Shostack, Ivan Medvedev, Meng Li, Douglas Maclver, Patrick Glen McCuller
-
Publication number: 20090328223Abstract: Evaluating a threat model for structural validity and descriptive completeness. A threat modeling application provides a progress factor or other overall score associated with the structural validity and descriptive completeness of the threat model being evaluated. The structural validity is evaluated based on a data flow diagram associated with the threat model. The descriptive completeness is evaluated by reviewing descriptions of threat types in the threat model. The progress factor encourages modelers to provide effective models to a model reviewer, thus saving time for the model reviewer.Type: ApplicationFiled: June 26, 2008Publication date: December 31, 2009Applicant: MICROSOFT CORPORATIONInventors: Ivan Medvedev, Adam Shostack, Lawrence William Osterman
-
Publication number: 20070203973Abstract: A system for fuzzing requests and responses using a proxy includes a client that may include a client application, a server that may include a server application, and a proxy coupled between the client and the server. The proxy communicates message traffic between the client and the server related to testing the client application or the server application. The proxy is adapted to store a template resulting from the message traffic into a data store to facilitate later fuzzing of requests or responses contained in the message traffic. A user interface for presenting events resulting from the fuzzing is also described.Type: ApplicationFiled: February 28, 2006Publication date: August 30, 2007Applicant: Microsoft CorporationInventors: Lawrence Landauer, Alan Myrvold, Thomas Gallagher, Daniel Ricker, Hassan Sultan, Ivan Medvedev, Adel Abouchaev, Peter Oehlert