Patents by Inventor Kelvin S. Yiu
Kelvin S. Yiu has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10193699Abstract: Classifiers may be used to analyze a valid certificate received from an unverified entity in an attempt to establish a secure connection with the unverified entity. The classifiers may determine a probability that the certificate is being used improperly by an unauthorized third party. An action may be taken based on the probability, such as allowing the unverified entity to establish a secure connection, blocking the unverified entity from establishing a secure connection, etc. The classifiers may be trained by employing machine learning techniques on a collection of valid, authorized certificates. Additionally, or alternatively, received certificates may be sampled for further analysis based on the probability and/or predefined sampling percentages.Type: GrantFiled: May 15, 2015Date of Patent: January 29, 2019Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Kelvin S. Yiu, Zheng Dong, Anthony P. Penta, Kevin Kane
-
Publication number: 20160337133Abstract: Classifiers may be used to analyze a valid certificate received from an unverified entity in an attempt to establish a secure connection with the unverified entity. The classifiers may determine a probability that the certificate is being used improperly by an unauthorized third party. An action may be taken based on the probability, such as allowing the unverified entity to establish a secure connection, blocking the unverified entity from establishing a secure connection, etc. The classifiers may be trained by employing machine learning techniques on a collection of valid, authorized certificates. Additionally, or alternatively, received certificates may be sampled for further analysis based on the probability and/or predefined sampling percentages.Type: ApplicationFiled: May 15, 2015Publication date: November 17, 2016Inventors: Kelvin S. Yiu, Zheng Dong, Anthony P. Penta, Kevin Kane
-
Patent number: 8924714Abstract: Techniques and systems for authentication with an untrusted root between a client and a server are disclosed. In some aspects, a client may connect to a server. The server and client may initiate a secure connection by exchanging certificates. The server may accept a client certificate having an untrusted root that does not chain up to a root certificate verifiable to the server certificate authority. In further aspects, the server may enable the client to associate an untrusted certificate with an existing account associated with the server. The client certificate may be hardware based or generated in software, and may be issued to the client independent of interactions with the server.Type: GrantFiled: June 27, 2008Date of Patent: December 30, 2014Assignee: Microsoft CorporationInventors: Kristjan E. Hatlelid, Kelvin S. Yiu
-
Patent number: 8078960Abstract: Instructions are received to open an eXtensible Markup Language (XML) document. The XML document is searched to locate a processing instruction (PI) containing an entity. The entity, by example, can be a href attribute, a URL, a name, or a character string identifying an application that created an HTML electronic form associated with the XML document. A solution is discovered using the entity. The XML document is opened with the solution. The solution includes an XSLT presentation application and an XML schema. The XML document can be inferred from the XML schema and portions of the XML document are logically coupled with fragments of the XML schema. The XSLT presentation application is executing to transform the coupled portions of the XML document into the HTML electronic form containing data-entry fields associated with the coupled portions. Data entered through the data-entry fields can be validated using the solution.Type: GrantFiled: October 13, 2008Date of Patent: December 13, 2011Assignee: Microsoft CorporationInventors: Jason P. Chalecki, Kelvin S. Yiu, Prakash Sikchi
-
Patent number: 7925621Abstract: Tool(s) enabling installation of a solution are described. These tool(s) may follow appropriate security precautions to contain possibly dangerous code in a data file's solution even when the solution is installed from a local source, such as when a user is offline. These tool(s) determine what level of security is appropriate for a data file's solution based on the original source of the solution. The tool(s) may also and/or instead enable a user to edit a data file without the user having to discover or deploy a solution application governing the data file.Type: GrantFiled: January 29, 2008Date of Patent: April 12, 2011Assignee: Microsoft CorporationInventors: Prakash Sikchi, Arungundram Narendran, Kelvin S. Yiu, Dragos Barac, Miladin Pavlicic, Rajesh J. Jha
-
Patent number: 7818575Abstract: An efficient protocol for retrieving cryptographic evidence may be selected by evaluating a local policy and a number of relevant factors. Furthermore, updated cryptographic evidence may be prefetched during a time period in which there is a low volume of requests for cryptographic evidence. This low volume time period may be defined, approximately, as an overlapping window in which both a first cryptographic evidence publication and a second cryptographic evidence publication are valid.Type: GrantFiled: June 24, 2005Date of Patent: October 19, 2010Assignee: Microsoft CorporationInventors: David B. Cross, Kelvin S. Yiu, Philip J. Hallin, Ryan M. Hurst, Vishal Agarwal
-
Publication number: 20090327696Abstract: Techniques and systems for authentication with an untrusted root between a client and a server are disclosed. In some aspects, a client may connect to a server. The server and client may initiate a secure connection by exchanging certificates. The server may accept a client certificate having an untrusted root that does not chain up to a root certificate verifiable to the server certificate authority. In further aspects, the server may enable the client to associate an untrusted certificate with an existing account associated with the server. The client certificate may be hardware based or generated in software, and may be issued to the client independent of interactions with the server.Type: ApplicationFiled: June 27, 2008Publication date: December 31, 2009Applicant: MICROSOFT CORPORATIONInventors: Kristjan E. Hatlelid, Kelvin S. Yiu
-
Publication number: 20090044103Abstract: Instructions are received to open an eXtensible Markup Language (XML) document. The XML document is searched to locate a processing instruction (PI) containing an entity. The entity, by example, can be a href attribute, a URL, a name, or a character string identifying an application that created an HTML electronic form associated with the XML document. A solution is discovered using the entity. The XML document is opened with the solution. The solution includes an XSLT presentation application and an XML schema. The XML document can be inferred from the XML schema and portions of the XML document are logically coupled with fragments of the XML schema. The XSLT presentation application is executing to transform the coupled portions of the XML document into the HTML electronic form containing data-entry fields associated with the coupled portions. Data entered through the data-entry fields can be validated using the solution.Type: ApplicationFiled: October 13, 2008Publication date: February 12, 2009Applicant: Microsoft CorporationInventors: Jason P. Chalecki, Kelvin S. Yiu, Prakash Sikchi
-
Patent number: 7490109Abstract: A system and method that enables a user to edit a data file offline is described. This system and method can enable a user to edit a data file without the user having to discover or deploy a solution application governing the data file. For security, this system and method can deploy a solution application within a sandbox, thereby limiting the operations the solution application can perform.Type: GrantFiled: March 6, 2006Date of Patent: February 10, 2009Assignee: Microsoft CorporationInventors: Prakash Sikchi, Arungundram Narendran, Kelvin S. Yiu, Dragos Barac, Miladin Pavlicic, Rajesh K. Jha
-
Patent number: 7451392Abstract: Instructions are received to open an eXtensible Markup Language (XML) document. The XML document is searched to locate a processing instruction (PI) containing an entity. The entity, by example, can be a href attribute, a URL, a name, or a character string identifying an application that created an HTML electronic form associated with the XML document. A solution is discovered using the entity. The XML document is opened with the solution. The solution includes an XSLT presentation application and an XML schema. The XML document can be inferred from the XML schema and portions of the XML document are logically coupled with fragments of the XML schema. The XSLT presentation application is executing to transform the coupled portions of the XML document into the HTML electronic form containing data-entry fields associated with the coupled portions. Data entered through the data-entry fields can be validated using the solution.Type: GrantFiled: November 26, 2003Date of Patent: November 11, 2008Assignee: Microsoft CorporationInventors: Jason P. Chalecki, Kelvin S. Yiu, Prakash Sikchi
-
Publication number: 20080189335Abstract: Tool(s) enabling installation of a solution are described. These tool(s) may follow appropriate security precautions to contain possibly dangerous code in a data file's solution even when the solution is installed from a local source, such as when a user is offline. These tool(s) determine what level of security is appropriate for a data file's solution based on the original source of the solution. The tool(s) may also and/or instead enable a user to edit a data file without the user having to discover or deploy a solution application governing the data file.Type: ApplicationFiled: January 29, 2008Publication date: August 7, 2008Applicant: Microsoft CorporationInventors: Prakash Sikchi, Arungundram Narendran, Kelvin S. Yiu, Dragos Barac, Miladin Pavlicic, Rajesh J. Jha
-
Patent number: 7376673Abstract: A user can edit an XML data file offline without the user having to discover or deploy a solution for the XML data file. A processing instruction (PI) in the XML data file is read to determine the solution's origin. The PI contains an entity that can be a href attribute that points to a URL, a name, a target having a character string identifying the application that created an electronic form associated with the XML data file, or a href attribute and at least one of a PI version and a product version. Security precautions for executing the solution based on the solution's origin are determined and the solution is silently installed from a source other than the solution's origin within a sandbox enforcing the security precautions. Deployment within a sandbox limits the operations that the solution application can perform.Type: GrantFiled: November 26, 2003Date of Patent: May 20, 2008Assignee: Microsoft CorporationInventors: Jason P. Chalecki, Kelvin S. Yiu, Prakash Sikchi
-
Patent number: 7370066Abstract: A system and method that enables a user to edit a data file offline is described. This system and method can enable a user to edit a data file without the user having to discover or deploy a solution application governing the data file. For security, this system and method can deploy a solution application within a sandbox, thereby limiting the operations the solution application can perform.Type: GrantFiled: March 24, 2003Date of Patent: May 6, 2008Assignee: Microsoft CorporationInventors: Prakash Sikchi, Arungundram Narendran, Kelvin S. Yiu, Dragos Barac, Miladin Pavlicic, Rajesh K. Jha
-
Patent number: 7280956Abstract: An encrypted file system (EFS) and an underlying file transfer protocol to permit a client to encrypt, decrypt, and transfer file(s) resident on a server are disclosed. A user at a client computer can open, read, and write to encrypted files, including header information associated with encrypted files, and can add users to or remove users from an encrypted file.Type: GrantFiled: October 24, 2003Date of Patent: October 9, 2007Assignee: Microsoft CorporationInventors: David B. Cross, Jainrong Gu, Duncan Bryce, Shishir Pardikar, Pradeep Jnana Madhavarapu, Scott A. Field, Kelvin S. Yiu
-
Patent number: 7143165Abstract: An update process is used to update root certificates in a root certificate store of a client computer, maintaining the integrity of the existing root certificates as well as any new root certificates. In accordance with certain aspects, the integrity of a certificate trust list identifying one or more root certificates is verified. The root certificate store of the client computer is modified in accordance with the certificate trust list if the integrity of the certificate trust list is verified.Type: GrantFiled: October 18, 2004Date of Patent: November 28, 2006Assignee: Microsoft CorporationInventors: Keith R. Vogel, Charlie D. Chase, Kelvin S. Yiu, Philip J. Hallin, Louis K. Thomas
-
Patent number: 6816900Abstract: An update process is used to update root certificates in a root certificate store of a client computer, maintaining the integrity of the existing root certificates as well as any new root certificates. In one embodiment, the root certificate store is updated by adding root certificates to the store, removing root certificates from the store, or modifying usage restrictions of root certificates in the store. A cryptographically signed message including a certificate trust list, as well as any new root certificates to be added to the root certificate store, is accessed by an update root control to update the root certificates in the root certificate store. The update root control verifies the integrity of the message, and thus the integrity of the certificate trust list contained therein. Once such integrity is verified, the update root control proceeds to update the root certificate store in accordance with the information in the certificate trust list.Type: GrantFiled: April 4, 2000Date of Patent: November 9, 2004Assignee: Microsoft CorporationInventors: Keith R. Vogel, Charlie D. Chase, Kelvin S. Yiu, Philip J. Hallin, Louis K. Thomas