Patents by Inventor John DeTreville
John DeTreville has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 7792758Abstract: A computer-implemented mechanism for granting rights is described. A license may be used to identify one or more principals, resources, rights and conditions. The license also identifies a license format scheme and a license format modification scheme. An access control module or other entity may interpret the license in accordance with the license format scheme and license format modification scheme.Type: GrantFiled: November 18, 2002Date of Patent: September 7, 2010Assignee: Microsoft CorporationInventors: Bob Atkinson, John DeTreville, Brian A. LaMacchia
-
Patent number: 7757075Abstract: A computer-implemented mechanism for granting rights to a resource is described. A license identifies-one or more principals, resources, rights and conditions. At least one condition recited in the license includes a reference to state information. The state information is external to the license. When evaluating the license, a resource or access control module requests the state information from the entity identified in the reference to state information.Type: GrantFiled: November 15, 2002Date of Patent: July 13, 2010Assignee: Microsoft CorporationInventor: John DeTreville
-
Patent number: 7603717Abstract: A computer-implemented mechanism for granting rights to a resource is described. A license identifies one or more principals, resources, rights and conditions in fields of the license. The license fields include one or more instances of one or more variables. The variables are universally quantified so that each variable may be any one of a set of values. All instances of any given variable are bound to the same value.Type: GrantFiled: November 18, 2002Date of Patent: October 13, 2009Assignee: Microsoft CorporationInventors: Bob Atkinson, Brian A. LaMacchia, John DeTreville, Muthukrishnan Paramasivam, Xin Wang, Thomas DeMartini
-
Publication number: 20070118769Abstract: In accordance with certain aspects, a chain of trust is established between a subscriber unit and a content provider. A request is submitted from the subscriber unit to the content provider. A challenge nonce is generated at the content provider and returned to the subscriber unit. At the subscriber unit, an operating system (OS) certificate containing an identity of the operating system from the software identity register, information describing the operating system, the challenge nonce, and a CPU public key is formed, and the OS certificate is signed using a CPU private key. The OS certificate and a CPU manufacturer certificate supplied by a manufacturer of the CPU are passed from the subscriber unit to the content provider, and are evaluated at the content provider to determine whether to reject or fulfill the request.Type: ApplicationFiled: December 22, 2006Publication date: May 24, 2007Applicant: Microsoft CorporationInventors: Paul England, John DeTreville, Butler Lampson
-
Publication number: 20070118738Abstract: In accordance with certain aspects, a computer system has a central processing unit (CPU) and an operating system (OS), the CPU having a pair of private and public keys and a software identity register that holds an identity of the operating system. An OS certificate is created including the identity from the software identity register, information describing the operating system, and the CPU public key. The created OS certificate is signed using the CPU private key.Type: ApplicationFiled: December 22, 2006Publication date: May 24, 2007Applicant: Microsoft CorporationInventors: Paul England, John DeTreville, Butler Lampson
-
Publication number: 20070104329Abstract: In accordance with certain aspects, an operating system is booted for execution on a central processing unit (CPU). An atomic operation is executed, and if the atomic operation completes correctly then a software identity register of the CPU is set to an identity of the operating system.Type: ApplicationFiled: December 22, 2006Publication date: May 10, 2007Applicant: Microsoft CorporationInventors: Paul England, John Detreville, Butler Lampson
-
Publication number: 20070091819Abstract: A declarative approach is used for system configuration. The declarative approach improves a system's integrity which makes the system more dependable. An overall system model is defined that describes the system as a whole. The models are hierarchical and can reference and incorporate any number of sub-models. The models within the system model are used to define the programs within the system. The system model is applied to a collection of system parameters that produces a statically typed, fully configured system instance. Each system instance may then be checked against established system policies that can express a variety of additional ad hoc rules defining which system instances are acceptable.Type: ApplicationFiled: October 24, 2005Publication date: April 26, 2007Applicant: Microsoft CorporationInventor: John DeTreville
-
Publication number: 20060123412Abstract: Described herein is at least one implementation employing multiple self-describing software artifacts persisted on one or more computer-storage media of a software-based computer. In this implementation, each artifact is representative of at least part of the software components (e.g., load modules, processes, applications, and operating system components) of the computing system and each artifact is described by at least one associated “manifest,” which include metadata declarative descriptions of the associated artifact.Type: ApplicationFiled: December 7, 2004Publication date: June 8, 2006Applicant: Microsoft CorporationInventors: Galen Hunt, Thomas Roeder, James Larus, Manuel Fahndrich, John DeTreville, Steven Levi, Benjamin Zorn, Wolfgang Grieskamp
-
Publication number: 20060123430Abstract: Described herein is an implementation of a technology for the construction, identification, and/or optimization of operating-system processes. At least one implementation, described herein, constructs an operating-system process having the contents as defined by a process manifest. Once constructed, the operating-system process is unalterable.Type: ApplicationFiled: April 29, 2005Publication date: June 8, 2006Applicant: Microsoft CorporationInventors: Galen Hunt, James Larus, John DeTreville, Edward Wobber, Martin Abadi, Michael Jones, Trishul Chilimbi
-
Publication number: 20060123417Abstract: Described herein is an implementation of a technology for the construction, identity, and/or optimization of operating-system processes. At least one implementation, described herein, constructs an operating-system process having the contents as defined by a process manifest. Once constructed, the operating-system process is unalterable.Type: ApplicationFiled: December 6, 2004Publication date: June 8, 2006Applicant: Microsoft CorporationInventors: Galen Hunt, James Larus, John DeTreville, Edward Wobber, Martin Abadi, Michael Jones, Trishul Chilimbi
-
Publication number: 20060123418Abstract: Described herein is an implementation of a technology for the construction, identification, and/or optimization of operating-system processes. At least one implementation, described herein, constructs an operating-system process having the contents as defined by a process manifest. Once constructed, the operating-system process is unalterable.Type: ApplicationFiled: April 29, 2005Publication date: June 8, 2006Applicant: Microsoft CorporationInventors: Galen Hunt, James Larus, John DeTreville, Edward Wobber, Martin Abadi, Michael Jones, Trishul Chilimbi
-
Publication number: 20060123424Abstract: Described herein is an implementation of an inter-process communications technology. One or more implementations, described herein, facilitate creation of a bi-directional message conduit having exactly two endpoints. A first endpoint is owned by a first software process and a second endpoint is owned by a second software process. One or more implementations, described herein, maintain the bi-directional message conduit for passing multiple messages via the bi-directional message conduit from the first process to the second process, according to established rules that can be checked.Type: ApplicationFiled: December 7, 2004Publication date: June 8, 2006Applicant: Microsoft CorporationInventors: Galen Hunt, James Larus, Manuel Fahndrich, Edward Wobber, Martin Abadi, John DeTreville
-
Patent number: 7010684Abstract: A secure communication channel between an open system and a portable IC device is established. An application running on the open system desiring access to the information on the portable IC device authenticates itself to the portable IC device, proving that it is trustworthy. Once such trustworthiness is proven, the portable IC device authenticates itself to the application. Once such two-way authentication has been completed, trusted communication between the open system and the portable IC device can proceed, and private information that is maintained on the portable IC device can be unlocked and made available to the application.Type: GrantFiled: July 14, 2003Date of Patent: March 7, 2006Assignee: Microsoft CorporationInventor: John DeTreville
-
Publication number: 20060036851Abstract: A secure communication channel between an open system and a portable IC device is established. An application running on the open system desiring access to the information on the portable IC device authenticates itself to the portable IC device, proving that it is trustworthy. Once such trustworthiness is proven, the portable IC device authenticates itself to the application. Once such two-way authentication has been completed, trusted communication between the open system and the portable IC device can proceed, and private information that is maintained on the portable IC device can be unlocked and made available to the application.Type: ApplicationFiled: October 19, 2005Publication date: February 16, 2006Applicant: Microsoft CorporationInventor: John DeTreville
-
Publication number: 20060021064Abstract: A one-way hash function is applied to a seed supplied by an application to produce a hashed seed that is used to generate the application storage key. A one-way hash function is applied to a seed supplied by a user to produce a first hashed seed that is passed to a keyed hash function, which is keyed to an identity for the user, to produce a second hashed seed. The second hashed seed is used to generate the user storage key. An operating system storage key is generated from an unhashed seed. One of the storage keys is used to encrypt the downloaded content. An access predicate attached to the content when it is downloaded is associated with the storage key to enforce certain limitations on the access of the content.Type: ApplicationFiled: September 7, 2005Publication date: January 26, 2006Applicant: Microsoft CorporationInventors: Paul England, John DeTreville, Butler Lampson
-
Publication number: 20050108174Abstract: An electronic book reader has a processor, a display surface, and access to a memory card upon which is stored a digitally-formatted creative work such as a book. In addition, the reader has access to a plurality of precompiled condensed content descriptions of respective books that are subject to copy restrictions. Before reading a given book, the reader creates a condensed content description of the book and compares it to the stored descriptions to determine whether the book is subject to copy restrictions. If it is, the reader checks for a valid license before allowing the user to read the book.Type: ApplicationFiled: December 20, 2004Publication date: May 19, 2005Applicant: Microsoft CorporationInventor: John DeTreville
-
Publication number: 20050060549Abstract: Digital rights for content downloaded to a subscriber computer from a provider are specified in an access predicate. The access predicate is compared with a rights manager certificate associated with an entity, such as an application, that wants access to the content. If the rights manager certificate satisfies the access predicate, the entity is allowed access to the content. A license that specifies limitations on the use of the content can also be associated with the content and provided to the entity. The use the entity makes of the content is monitored and terminated if the entity violates the license limitations. In one aspect of the invention, the access predicate and the license are protected from tampering through cryptographic techniques.Type: ApplicationFiled: October 25, 2004Publication date: March 17, 2005Applicant: Microsoft CorporationInventors: Paul England, John DeTreville, Butler Lampson
-
Patent number: 6868405Abstract: An electronic book reader has a processor, a display surface, and access to a memory card upon which is stored a digitally-formatted creative work such as a book. In addition, the reader has access to a plurality of precompiled condensed content descriptions of respective books that are subject to copy restrictions. Before reading a given book, the reader creates a condensed content description of the book and compares it to the stored descriptions to determine whether the book is subject to copy restrictions. If it is, the reader checks for a valid license before allowing the user to read the book.Type: GrantFiled: November 29, 1999Date of Patent: March 15, 2005Assignee: Microsoft CorporationInventor: John DeTreville
-
Publication number: 20050044047Abstract: An electronic book reader has a processor, a display surface, and access to a memory card upon which is stored a digitally-formatted creative work such as a book. In addition, the reader has access to a plurality of precompiled condensed content descriptions of respective books that are subject to copy restrictions. Before reading a given book, the reader creates a condensed content description of the book and compares it to the stored descriptions to determine whether the book is subject to copy restrictions. If it is, the reader checks for a valid license before allowing the user to read the book.Type: ApplicationFiled: September 16, 2004Publication date: February 24, 2005Applicant: Microsoft CorporationInventor: John DeTreville
-
Publication number: 20040098602Abstract: A computer-implemented mechanism for granting rights to a resource is described. A license identifies one or more principals, resources, rights and conditions. The license also conditions a right to be granted on the existence of one or more prerequisite rights. Before allowing an entity to exercise the right to be granted, a resource or other entity checks to determine whether the prerequisite rights exist.Type: ApplicationFiled: November 18, 2002Publication date: May 20, 2004Applicant: Microsoft CorporationInventors: John DeTreville, Bob Atkinson, Brian A. LaMacchia, M. Paramasivam