Patents by Inventor Jacob R. Lorch

Jacob R. Lorch has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11493978
    Abstract: Techniques for employing a decentralized sleep management service are described herein. In some instances, each computing device of a group of computing devices periodically shares information about itself with each other computing device of the group. With this information, each computing device within the group that is awake and capable of managing other devices selects a subset of devices to probe. The devices then probe this subset to determine whether the probed devices are asleep. In response to identifying a sleeping device, the probing device takes over management of the sleeping device. Managing the sleeping device involves informing other devices of the group that the sleeping device is being managed, in addition to monitoring requests for services on the sleeping device. In response to receiving a valid request for a service hosted by the sleeping device, the managing device awakens the sleeping device and ceases managing the now-woken device.
    Type: Grant
    Filed: February 27, 2017
    Date of Patent: November 8, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Jacob R. Lorch, Siddhartha Sen, Jitendra D. Padhye, Richard L. Hughes, Carlos Garcia Jurado Suarez
  • Patent number: 11327905
    Abstract: A computing device requests access to an application object from a remote storage system in order to locally execute application functionality without hosting application resources. An accessed object is associated with an intent in the storage system and locked. Locking an object in combination with an intent prevents computing devices that are not performing the intent from accessing the object. An intent defines one or more operations to be performed with the requested object, which are serialized as intent steps and stored in the storage system. Upon executing an intent step, the computing device stores a log entry at the storage system signifying the step's completion. A locked object remains locked until the log entries indicate every intent step as complete. Different computing devices can unlock a locked object by executing any incomplete steps of an intent associated with the locked object.
    Type: Grant
    Filed: May 19, 2020
    Date of Patent: May 10, 2022
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Lidong Zhou, Jacob R. Lorch, Jinglei Ren, Parveen Kumar Patel, Srinath Setty
  • Patent number: 10901944
    Abstract: Storing an incoming data stream using successive files that are consecutively populated. The appropriate file to populate a given data stream portion into is determined by mapping the data stream offset to a file, and potentially also an address within that file. The successive files may be the same size, so that the file can be identified based on the data stream address (or offset) without the use of an index. Furthermore, the files may be easily named by having that size be some multiple of a binary power of bytes. That way, the files themselves can be automatically and named and identified by using the more significant bit or bits of the data stream offset to uniquely identify the file and establish ordering of the files. Replication may occur from a primary to a secondary store by transmitting the offset, and the actual data to be stored.
    Type: Grant
    Filed: May 24, 2017
    Date of Patent: January 26, 2021
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Rogerio Ramos, Fayssal Martani, Cristian Diaconu, Karthick Krishnamoorthy, Jacob R. Lorch
  • Patent number: 10824716
    Abstract: Techniques for leveraging legacy code to deploy native-code desktop applications over a network (e.g., the Web) are described herein. These techniques include executing an application written in native code within a memory region that hardware of a computing device enforces. For instance, page-protection hardware (e.g., a memory management unit) or segmentation hardware may protect this region of memory in which the application executes. The techniques may also provide a narrow system call interface out of this memory region by dynamically enforcing system calls made by the application. Furthermore, these techniques may enable a browser of the computing device to function as an operating system for the native-code application. These techniques thus allow for execution of native-code applications on a browser of a computing device and, hence, over the Web in a resource-efficient manner and without sacrificing security of the computing device.
    Type: Grant
    Filed: February 23, 2017
    Date of Patent: November 3, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Jonathan R. Howell, Jacob R. Lorch, Jeremy E. Elson, John R. Douceur
  • Publication number: 20200301855
    Abstract: A computing device requests access to an application object from a remote storage system in order to locally execute application functionality without hosting application resources. An accessed object is associated with an intent in the storage system and locked. Locking an object in combination with an intent prevents computing devices that are not performing the intent from accessing the object. An intent defines one or more operations to be performed with the requested object, which are serialized as intent steps and stored in the storage system. Upon executing an intent step, the computing device stores a log entry at the storage system signifying the step's completion. A locked object remains locked until the log entries indicate every intent step as complete. Different computing devices can unlock a locked object by executing any incomplete steps of an intent associated with the locked object.
    Type: Application
    Filed: May 19, 2020
    Publication date: September 24, 2020
    Inventors: Lidong Zhou, Jacob R. Lorch, Jinglei Ren, Parveen Kumar Patel, Srinath Setty
  • Patent number: 10691622
    Abstract: A computing device requests access to an application object from a remote storage system in order to locally execute application functionality without hosting application resources. An accessed object is associated with an intent in the storage system and locked. Locking an object in combination with an intent prevents computing devices that are not performing the intent from accessing the object. An intent defines one or more operations to be performed with the requested object, which are serialized as intent steps and stored in the storage system. Upon executing an intent step, the computing device stores a log entry at the storage system signifying the step's completion. A locked object remains locked until the log entries indicate every intent step as complete. Different computing devices can unlock a locked object by executing any incomplete steps of an intent associated with the locked object.
    Type: Grant
    Filed: September 19, 2017
    Date of Patent: June 23, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Lidong Zhou, Jacob R. Lorch, Jinglei Ren, Parveen Kumar Patel, Srinath Setty
  • Patent number: 10564665
    Abstract: A first set of replicated state machines includes a first state machine that compares a clock value included in a state update message incremented by a first amount, a clock value for the first state machine incremented by a second amount, and a current local wall clock value for the first state machine to determine a maximum value and assigns the maximum value as the clock value for the first state machine. Additionally, in response to a passage of an amount of time, the first state machine advances the clock value for the first state machine to its current local wall clock value and propagates this clock value to the other state machines in the first set of replicated state machines. The advancement of the clock value for all state machines even in the absence of state updates improves their ability to respond to distributed read requests.
    Type: Grant
    Filed: May 1, 2018
    Date of Patent: February 18, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Cheng Huang, Garret Buban, Jacob R. Lorch, Aaron W. Ogus, Mauricio David Zaragoza Ibarra, Jieqing Wang
  • Publication number: 20190339734
    Abstract: A first set of replicated state machines includes a first state machine that compares a clock value included in a state update message incremented by a first amount, a clock value for the first state machine incremented by a second amount, and a current local wall clock value for the first state machine to determine a maximum value and assigns the maximum value as the clock value for the first state machine. Additionally, in response to a passage of an amount of time, the first state machine advances the clock value for the first state machine to its current local wall clock value and propagates this clock value to the other state machines in the first set of replicated state machines. The advancement of the clock value for all state machines even in the absence of state updates improves their ability to respond to distributed read requests.
    Type: Application
    Filed: May 1, 2018
    Publication date: November 7, 2019
    Inventors: Cheng Huang, Garret Buban, Jacob R. Lorch, Aaron W. Ogus, Mauricio David Zaragoza Ibarra, Jieqing Wang
  • Patent number: 10148442
    Abstract: A verified software system may be executable on secure hardware. Prior to being executed, the software system may be verified as conforming to a software specification. First credentials attesting to an identity of the software system may be sent to an external application. Second credentials signed by a provider of the secure hardware may be sent to the external application. The second credentials may attest to an identity of the secure hardware. The external application may securely exchange one or more messages with a software application of the software system. For example, the one or more messages may be decryptable only by the external application and the software application to provide confidentiality for each message. As another example, an attestation may vouch for an identity of a sender of each of the one or more messages to attest to an integrity of each message.
    Type: Grant
    Filed: May 2, 2016
    Date of Patent: December 4, 2018
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Chris Hawblitzel, Jacob R. Lorch, Jonathan R. Howell, Brian D. Zill, Bryan Parno
  • Publication number: 20180341659
    Abstract: Storing an incoming data stream using successive files that are consecutively populated. The appropriate file to populate a given data stream portion into is determined by mapping the data stream offset to a file, and potentially also an address within that file. The successive files may be the same size, so that the file can be identified based on the data stream address (or offset) without the use of an index. Furthermore, the files may be easily named by having that size be some multiple of a binary power of bytes. That way, the files themselves can be automatically and named and identified by using the more significant bit or bits of the data stream offset to uniquely identify the file and establish ordering of the files. Replication may occur from a primary to a secondary store by transmitting the offset, and the actual data to be stored.
    Type: Application
    Filed: May 24, 2017
    Publication date: November 29, 2018
    Inventors: Rogerio RAMOS, Fayssal MARTANI, Cristian DIACONU, Karthick KRISHNAMOORTHY, Jacob R. LORCH
  • Publication number: 20180089110
    Abstract: A computing device requests access to an application object from a remote storage system in order to locally execute application functionality without hosting application resources. An accessed object is associated with an intent in the storage system and locked. Locking an object in combination with an intent prevents computing devices that are not performing the intent from accessing the object. An intent defines one or more operations to be performed with the requested object, which are serialized as intent steps and stored in the storage system. Upon executing an intent step, the computing device stores a log entry at the storage system signifying the step's completion. A locked object remains locked until the log entries indicate every intent step as complete. Different computing devices can unlock a locked object by executing any incomplete steps of an intent associated with the locked object.
    Type: Application
    Filed: September 19, 2017
    Publication date: March 29, 2018
    Applicant: Microsoft Technology Licensing, LLC
    Inventors: Lidong Zhou, Jacob R. Lorch, Jinglei Ren, Parveen Kumar Patel, Srinath Setty
  • Patent number: 9753754
    Abstract: A virtual machine monitor (VMM) is configured to enforce deterministic execution of virtual machines in a multiprocessor machine. The VMM is configured to ensure that any communication by physical processors via shared memory is deterministic. When such VMMs are implemented in a distributed environment of multiprocessor machines coupled via a logical communication link, non-deterministic server applications running on virtual machines using the VMM may be replicated.
    Type: Grant
    Filed: July 20, 2006
    Date of Patent: September 5, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Jonathan R. Howell, Eric Traut, Jacob R. Lorch, John R. Douceur
  • Publication number: 20170168545
    Abstract: Techniques for employing a decentralized sleep management service are described herein. In some instances, each computing device of a group of computing devices periodically shares information about itself with each other computing device of the group. With this information, each computing device within the group that is awake and capable of managing other devices selects a subset of devices to probe. The devices then probe this subset to determine whether the probed devices are asleep. In response to identifying a sleeping device, the probing device takes over management of the sleeping device. Managing the sleeping device involves informing other devices of the group that the sleeping device is being managed, in addition to monitoring requests for services on the sleeping device. In response to receiving a valid request for a service hosted by the sleeping device, the managing device awakens the sleeping device and ceases managing the now-woken device.
    Type: Application
    Filed: February 27, 2017
    Publication date: June 15, 2017
    Inventors: Jacob R. Lorch, Siddhartha Sen, Jitendra D. Padhye, Richard L. Hughes, Carlos Garcia Jurado Suarez
  • Publication number: 20170161493
    Abstract: Techniques for leveraging legacy code to deploy native-code desktop applications over a network (e.g., the Web) are described herein. These techniques include executing an application written in native code within a memory region that hardware of a computing device enforces. For instance, page-protection hardware (e.g., a memory management unit) or segmentation hardware may protect this region of memory in which the application executes. The techniques may also provide a narrow system call interface out of this memory region by dynamically enforcing system calls made by the application. Furthermore, these techniques may enable a browser of the computing device to function as an operating system for the native-code application. These techniques thus allow for execution of native-code applications on a browser of a computing device and, hence, over the Web in a resource-efficient manner and without sacrificing security of the computing device.
    Type: Application
    Filed: February 23, 2017
    Publication date: June 8, 2017
    Inventors: Jonathan R. Howell, Jacob R. Lorch, Jeremy E. Elson, John R. Douceur
  • Patent number: 9588803
    Abstract: Techniques for leveraging legacy code to deploy native-code desktop applications over a network (e.g., the Web) are described herein. These techniques include executing an application written in native code within a memory region that hardware of a computing device enforces. For instance, page-protection hardware (e.g., a memory management unit) or segmentation hardware may protect this region of memory in which the application executes. The techniques may also provide a narrow system call interface out of this memory region by dynamically enforcing system calls made by the application. Furthermore, these techniques may enable a browser of the computing device to function as an operating system for the native-code application. These techniques thus allow for execution of native-code applications on a browser of a computing device and, hence, over the Web in a resource-efficient manner and without sacrificing security of the computing device.
    Type: Grant
    Filed: May 11, 2009
    Date of Patent: March 7, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Jonathan R. Howell, Jacob R. Lorch, Jeremy E. Elson, John R. Douceur
  • Patent number: 9582062
    Abstract: Techniques for employing a decentralized sleep management service are described herein. In some instances, each computing device of a group of computing devices periodically shares information about itself with each other computing device of the group. With this information, each computing device within the group that is awake and capable of managing other devices selects a subset of devices to probe. The devices then probe this subset to determine whether the probed devices are asleep. In response to identifying a sleeping device, the probing device takes over management of the sleeping device. Managing the sleeping device involves informing other devices of the group that the sleeping device is being managed, in addition to monitoring requests for services on the sleeping device. In response to receiving a valid request for a service hosted by the sleeping device, the managing device awakens the sleeping device and ceases managing the now-woken device.
    Type: Grant
    Filed: November 5, 2010
    Date of Patent: February 28, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Jacob R. Lorch, Siddhartha Sen, Jitendra D. Padhye, Richard L. Hughes, Carlos Garcia Jurado Suarez
  • Patent number: 9536093
    Abstract: Software code of a software system (e.g., a software stack) may be verified as conforming to a specification. A high-level language implementation of the software system may be compiled using a compiler to create an assembly language implementation. A high-level specification corresponding to the software system may be translated to a low-level specification. A verifier may verify that the assembly language implementation functionally conforms to properties described in the low-level specification. In this way, the software system (e.g., a complete software system that includes an operating system, device driver(s), a software library, and one or more applications) may be verified at a low level (e.g., assembly language level).
    Type: Grant
    Filed: October 2, 2014
    Date of Patent: January 3, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Chris Hawblitzel, Bryan Parno, Jacob R. Lorch, Jonathan R. Howell, Brian D. Zill
  • Patent number: 9455992
    Abstract: Techniques for utilizing trusted hardware components for mitigating the effects of equivocation amongst participant computing devices of a distributed system are described herein. For instance, a distributed system employing a byzantine-fault-resilient protocol—that is, a protocol intended to mitigate (e.g., tolerate, detect, isolate, etc.) the effects of byzantine faults—may employ the techniques. To do so, the techniques may utilize a trusted hardware component comprising a non-decreasing counter and a key. This hardware component may be “trusted” in that the respective participant computing device cannot modify or observe the contents of the component in any manner other than according to the prescribed procedures, as described herein. Furthermore, the trusted hardware component may couple to the participant computing device in any suitable manner, such as via a universal serial bus (USB) connection or the like.
    Type: Grant
    Filed: June 12, 2009
    Date of Patent: September 27, 2016
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: John R. Douceur, David M Levin, Jacob R. Lorch, Thomas Moscibroda
  • Publication number: 20160248592
    Abstract: A verified software system may be executable on secure hardware. Prior to being executed, the software system may be verified as conforming to a software specification. First credentials attesting to an identity of the software system may be sent to an external application. Second credentials signed by a provider of the secure hardware may be sent to the external application. The second credentials may attest to an identity of the secure hardware. The external application may securely exchange one or more messages with a software application of the software system. For example, the one or more messages may be decryptable only by the external application and the software application to provide confidentiality for each message. As another example, an attestation may vouch for an identity of a sender of each of the one or more messages to attest to an integrity of each message.
    Type: Application
    Filed: May 2, 2016
    Publication date: August 25, 2016
    Inventors: Chris Hawblitzel, Jacob R. Lorch, Jonathan R. Howell, Brian D. Zill, Bryan Parno
  • Patent number: 9363087
    Abstract: A verified software system may be executable on secure hardware. Prior to being executed, the software system may be verified as conforming to a software specification. First credentials attesting to an identity of the software system may be sent to an external application. Second credentials signed by a provider of the secure hardware may be sent to the external application. The second credentials may attest to an identity of the secure hardware. The external application may securely exchange one or more messages with a software application of the software system. For example, the one or more messages may be decryptable only by the external application and the software application to provide confidentiality for each message. As another example, an attestation may vouch for an identity of a sender of each of the one or more messages to attest to an integrity of each message.
    Type: Grant
    Filed: October 2, 2014
    Date of Patent: June 7, 2016
    Assignee: Microsoft Technology Licensing, Inc.
    Inventors: Chris Hawblitzel, Bryan Parno, Jacob R. Lorch, Jonathan R. Howell, Brian D. Zill