Patents by Inventor Josh D. Benaloh
Josh D. Benaloh has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10977384Abstract: This document relates to hardware protection of differential privacy techniques. One example obtains multiple instances of encrypted telemetry data within a secure enclave and processes the encrypted telemetry data to obtain multiple instances of unencrypted telemetry data. The example also processes, within the secure enclave, the multiple instances of unencrypted telemetry data to obtain a perturbed aggregate. The example also releases the perturbed aggregate from the secure enclave.Type: GrantFiled: November 16, 2017Date of Patent: April 13, 2021Assignee: Microsoft Technoogy Licensing, LLCInventors: Josh D. Benaloh, Harsha P. Nori, Janardhan Dattatreya Kulkarni, Joshua Stanley Allen, Jacob Rubin Lorch, Melissa Erin Chase, Olga Ohrimenko, Sergey Yekhanin, Srinath T. V. Setty, Bolin Ding
-
Patent number: 10855665Abstract: The claimed subject matter provides systems and/or methods that effectuate a simple protocol for tangible security on mobile devices. The system can include devices that generate sets of keys and associated secret identifiers, employs the one or more keys to encrypt a secret and utilizes the identifiers and encryptions of the secret to populate a table associated with a security token device that is used in conjunction with a mobile device to release sensitive information persisted on the mobile device for user selected purposes.Type: GrantFiled: November 19, 2018Date of Patent: December 1, 2020Assignee: Microsoft Technology Licensing, LLCInventors: YuQun Chen, Michael J. Sinclair, Josh D. Benaloh
-
Publication number: 20190147188Abstract: This document relates to hardware protection of differential privacy techniques. One example obtains multiple instances of encrypted telemetry data within a secure enclave and processes the encrypted telemetry data to obtain multiple instances of unencrypted telemetry data. The example also processes, within the secure enclave, the multiple instances of unencrypted telemetry data to obtain a perturbed aggregate. The example also releases the perturbed aggregate from the secure enclave.Type: ApplicationFiled: November 16, 2017Publication date: May 16, 2019Applicant: Microsoft Technology Licensing, LLCInventors: Josh D. BENALOH, Harsha P. NORI, Janardhan Dattatreya KULKARNI, Joshua Stanley ALLEN, Jacob Rubin LORCH, Melissa Erin CHASE, Olga OHRIMENKO, Sergey YEKHANIN, Srinath T.V. SETTY, Bolin DING
-
Publication number: 20190098500Abstract: The claimed subject matter provides systems and/or methods that effectuate a simple protocol for tangible security on mobile devices. The system can include devices that generate sets of keys and associated secret identifiers, employs the one or more keys to encrypt a secret and utilizes the identifiers and encryptions of the secret to populate a table associated with a security token device that is used in conjunction with a mobile device to release sensitive information persisted on the mobile device for user selected purposes.Type: ApplicationFiled: November 19, 2018Publication date: March 28, 2019Inventors: YuQun Chen, Michael J. Sinclair, Josh D. Benaloh
-
Patent number: 10165441Abstract: The claimed subject matter provides systems and/or methods that effectuate a simple protocol for tangible security on mobile devices. The system can include devices that generate sets of keys and associated secret identifiers, employs the one or more keys to encrypt a secret and utilizes the identifiers and encryptions of the secret to populate a table associated with a security token device that is used in conjunction with a mobile device to release sensitive information persisted on the mobile device for user selected purposes.Type: GrantFiled: September 22, 2016Date of Patent: December 25, 2018Assignee: Microsoft Technology Licensing, LLCInventors: YuQun Chen, Michael J. Sinclair, Josh D. Benaloh
-
Publication number: 20170013459Abstract: The claimed subject matter provides systems and/or methods that effectuate a simple protocol for tangible security on mobile devices. The system can include devices that generate sets of keys and associated secret identifiers, employs the one or more keys to encrypt a secret and utilizes the identifiers and encryptions of the secret to populate a table associated with a security token device that is used in conjunction with a mobile device to release sensitive information persisted on the mobile device for user selected purposes.Type: ApplicationFiled: September 22, 2016Publication date: January 12, 2017Inventors: YuQun Chen, Michael J. Sinclair, Josh D. Benaloh
-
Patent number: 9503431Abstract: The claimed subject matter provides systems and/or methods that effectuate a simple protocol for tangible security on mobile devices. The system can include devices that generate sets of keys and associated secret identifiers, employs the one or more keys to encrypt a secret and utilizes the identifiers and encryptions of the secret to populate a table associated with a security token device that is used in conjunction with a mobile device to release sensitive information persisted on the mobile device for user selected purposes.Type: GrantFiled: November 9, 2015Date of Patent: November 22, 2016Assignee: Microsoft Technology Licensing, LLCInventors: YuQun Chen, Michael J. Sinclair, Josh D. Benaloh
-
Publication number: 20160065544Abstract: The claimed subject matter provides systems and/or methods that effectuate a simple protocol for tangible security on mobile devices. The system can include devices that generate sets of keys and associated secret identifiers, employs the one or more keys to encrypt a secret and utilizes the identifiers and encryptions of the secret to populate a table associated with a security token device that is used in conjunction with a mobile device to release sensitive information persisted on the mobile device for user selected purposes.Type: ApplicationFiled: November 9, 2015Publication date: March 3, 2016Inventors: YuQun Chen, Michael J. Sinclair, Josh D. Benaloh
-
Patent number: 8984293Abstract: Systems, methods, and apparatus for generating and validating product keys. In some embodiments, a product key includes security information and identification information identifying at least one copy of a software product. The identifying information may be used to access validation information from at least one source other than the product key, and the validation information may be used to process the identification information and the security information to determine whether the product key is valid. In some further embodiments, the security information includes a first portion to be processed by a first validation authority using first validation information and a second portion to be processed by a second validation authority using second validation information, wherein the second validation information is stored separately from the first validation information.Type: GrantFiled: November 19, 2010Date of Patent: March 17, 2015Assignee: Microsoft CorporationInventors: Thomas J. Layson, Caglar Gunyakti, Tarik Soulami, Kalin Georgiev Toshev, Jeffrey Paul Harker, Josh D. Benaloh
-
Patent number: 8875258Abstract: This document describes tools that constrain a login to a subset of access rights. In one embodiment, the tools generate a constrained password by executing a cryptographic algorithm on a user ID, general password, and one or more desired constraints. The constrained password is used in place of the general password to gain access rights that are a subset of the access rights that would be granted if the general password were used instead.Type: GrantFiled: February 18, 2013Date of Patent: October 28, 2014Assignee: Microsoft CorporationInventors: John R. Michener, Niels T. Ferguson, Carl M. Ellison, Josh D. Benaloh, Brian A. LaMacchia
-
Patent number: 8775797Abstract: Systems, methods, and apparatus for validating product keys. In some embodiments, a product key includes security information and identification information identifying at least one copy of a software product. The security information may include a first portion to be processed by a first validation authority using first validation information and a second portion to be processed by a second validation authority using second validation information. The second validation information may be stored separately from the first validation information and may not be accessible to the first validation authority. In some embodiments, the first validation authority randomly determines whether a product key is to be audited by the second validation authority. Alternatively, the first validation authority may determine whether to audit based on a type of the software product associated with the product key and/or a perceived level of security risk.Type: GrantFiled: November 19, 2010Date of Patent: July 8, 2014Assignee: Microsoft CorporationInventors: Thomas J. Layson, Caglar Gunyakti, Tarik Soulami, Kalin Georgiev Toshev, Jeffrey Paul Harker, Josh D. Benaloh
-
Patent number: 8621592Abstract: An authentication ticket is validated to ensure authenticated communications between a client and an online service provider. In an embodiment an authentication request is received from a user agent associated with the client and the authentication request includes a set of identification information and a set of authentication information. Additionally, it is determined that the set of identification information and the set of authentication information are associated with a user and an authentication ticket is created including a user identification and an authentication, indicating to the online service provider that the user is authenticated to access one or more online services. Further, a validation token is embedded into the authentication ticket that provides enhanced verification that the access provided by the online service provider is authenticated.Type: GrantFiled: June 26, 2012Date of Patent: December 31, 2013Assignee: Microsoft CorporationInventors: Josh D. Benaloh, Ismail Cem Paya
-
Publication number: 20120272306Abstract: An authentication ticket is validated to ensure authenticated communications between a client and an online service provider. In an embodiment an authentication request is received from a user agent associated with the client and the authentication request includes a set of identification information and a set of authentication information. Additionally, it is determined that the set of identification information and the set of authentication information are associated with a user and an authentication ticket is created including a user identification and an authentication, indicating to the online service provider that the user is authenticated to access one or more online services. Further, a validation token is embedded into the authentication ticket that provides enhanced verification that the access provided by the online service provider is authenticated.Type: ApplicationFiled: June 26, 2012Publication date: October 25, 2012Applicant: MICROSOFT CORPORATIONInventors: JOSH D. BENALOH, ISMAIL CEM PAYA
-
Patent number: 8239927Abstract: Computer-readable media, systems, and methods for validating an authentication ticket to ensure authenticated communications between a client and an online service provider. In embodiments an authentication request is received from a user agent associated with the client and the authentication request includes a set of identification information and a set of authentication information. Additionally, it is determined that the set of identification information and the set of authentication information are associated with a user and an authentication ticket is created including a user identification and an authentication, indicating to the online service provider that the user is authenticated to access one or more online services. Further, a validation token is embedded into the authentication ticket that provides enhanced verification that the access provided by the online service provider is authenticated.Type: GrantFiled: February 29, 2008Date of Patent: August 7, 2012Assignee: Microsoft CorporationInventors: Josh D. Benaloh, Ismail Cem Paya
-
Patent number: 8224754Abstract: Methods, systems, and apparatus for generation, distribution and verification of tokens are described. In an implementation, a method is described in which a value of an offer is determined and a token for representing the offer is generated. The token has a number of characters based on the determination of the value of the offer.Type: GrantFiled: December 15, 2004Date of Patent: July 17, 2012Assignee: Microsoft CorporationInventors: Andrzej Pastusiak, Arun K. Sacheti, Ting Cai, Deuane Martin, Josh D. Benaloh, Rajesh Kuppuswamy
-
Publication number: 20120131681Abstract: Systems, methods, and apparatus for validating product keys. In some embodiments, a product key includes security information and identification information identifying at least one copy of a software product. The security information may include a first portion to be processed by a first validation authority using first validation information and a second portion to be processed by a second validation authority using second validation information. The second validation information may be stored separately from the first validation information and may not be accessible to the first validation authority. In some embodiments, the first validation authority randomly determines whether a product key is to be audited by the second validation authority. Alternatively, the first validation authority may determine whether to audit based on a type of the software product associated with the product key and/or a perceived level of security risk.Type: ApplicationFiled: November 19, 2010Publication date: May 24, 2012Applicant: Microsoft CorporationInventors: Thomas J. Layson, Caglar Gunyakti, Tarik Soulami, Kalin Georgiev Toshev, Jeffrey Paul Harker, Josh D. Benaloh
-
Publication number: 20120131349Abstract: Systems, methods, and apparatus for generating and validating product keys. In some embodiments, a product key includes security information and identification information identifying at least one copy of a software product. The identifying information may be used to access validation information from at least one source other than the product key, and the validation information may be used to process the identification information and the security information to determine whether the product key is valid. In some further embodiments, the security information includes a first portion to be processed by a first validation authority using first validation information and a second portion to be processed by a second validation authority using second validation information, wherein the second validation information is stored separately from the first validation information.Type: ApplicationFiled: November 19, 2010Publication date: May 24, 2012Applicant: Microsoft CorporationInventors: Thomas J. Layson, Caglar Gunyakti, Tarik Soulami, Kalin Georgiev Toshev, Jeffrey Paul Harker, Josh D. Benaloh
-
Patent number: 7929689Abstract: A method of generating a call sign. A method of generating a call sign comprising determining a distinguished qualifier, finding a distinguished salt, and hashing the distinguished salt with the distinguished qualifier.Type: GrantFiled: June 30, 2004Date of Patent: April 19, 2011Assignee: Microsoft CorporationInventors: Christian François Huitema, Josh D. Benaloh, Kim Cameron
-
Patent number: 7890643Abstract: A system for providing a client's credentials to a computer program comprises a database remote from the client and a single signon server module. The single signon server module can receive a request for the client's credentials from the computer program, determine whether the client's credentials are stored in the database, and send the client's credentials from the database to the computer program in response to a determination that the client's credentials are stored in the database. The single signon server module can store the client's credentials in the database in response to a determination that the client's credentials are not stored in the database. The single signon server module can encrypt the client's credentials prior to storing the client's credentials in the database and can decrypt the client's credentials prior to sending the client's credentials to the computer program.Type: GrantFiled: June 27, 2008Date of Patent: February 15, 2011Assignee: Microsoft CorporationInventors: Dean Jason Justus, Josh D. Benaloh, Nathan James Fink, Michael Howard, Daniel R. Simon, Matthew W. Thomlinson
-
Patent number: 7822200Abstract: Exemplary embodiments disclosed herein may include a method and system for creating pair-wise security keys, comprising receiving an identity key from a website, generating a master key, creating a pair-wise symmetric key or asymmetric key pair by utilizing an encryption function of the identity key and the master key, and storing the pair-wise public or symmetric key at the client and the website.Type: GrantFiled: March 7, 2005Date of Patent: October 26, 2010Assignee: Microsoft CorporationInventors: Kim Cameron, Arun K. Nanda, Josh D. Benaloh, John P. Shewchuk, Daniel R. Simon, Andrew Bortz