Patents by Inventor Mark Vayman
Mark Vayman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9880759Abstract: A data storage array may be made up of several storage devices, each of which may contain array metadata that may allow portions of the storage array to be used. A system may have a file system manager that may receive and respond to file system commands and a storage device manager that may store data on the several storage devices. Array metadata defining where data is stored within the storage array is stored on each device within the array. A policy engine may identify data to be stored on the array and determine if the data contains array metadata or other types of data and may store the data on every device, devices having specific characteristics, two or more devices, or one device.Type: GrantFiled: May 18, 2015Date of Patent: January 30, 2018Assignee: Microsoft Technology Licensing, LLCInventors: David A. Goebel, James M. Lyon, Bulat Shelepov, Robert S. Kleinschmidt, Mark Vayman
-
Publication number: 20150301758Abstract: A data storage array may be made up of several storage devices, each of which may contain array metadata that may allow portions of the storage array to be used. A system may have a file system manager that may receive and respond to file system commands and a storage device manager that may store data on the several storage devices. Array metadata defining where data is stored within the storage array is stored on each device within the array. A policy engine may identify data to be stored on the array and determine if the data contains array metadata or other types of data and may store the data on every device, devices having specific characteristics, two or more devices, or one device.Type: ApplicationFiled: May 18, 2015Publication date: October 22, 2015Inventors: David A. Goebel, James M. Lyon, Bulat Shelepov, Robert S. Kleinschmidt, Mark Vayman
-
Patent number: 9069941Abstract: A facility for receiving an embedded policy is provided. The facility checks an application program image for the presence of an embedded policy. If an embedded policy is detected, the facility extracts the policy from within the application program image. The facility may then apply the extracted policy to the application program image before the application program image is loaded and/or executed. Moreover, the facility may check the application program image's integrity prior to extracting the embedded policy.Type: GrantFiled: May 9, 2013Date of Patent: June 30, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Gilad Golan, Mark Vayman
-
Patent number: 9037541Abstract: A data storage array may be made up of several storage devices, each of which may contain array metadata that may allow portions of the storage array to be used. A system may have a file system manager that may receive and respond to file system commands and a storage device manager that may store data on the several storage devices. Array metadata defining where data is stored within the storage array is stored on each device within the array. A policy engine may identify data to be stored on the array and determine if the data contains array metadata or other types of data and may store the data on every device, devices having specific characteristics, two or more devices, or one device.Type: GrantFiled: April 30, 2009Date of Patent: May 19, 2015Assignee: Microsoft Technology Licensing, LLCInventors: David A. Goebel, James M. Lyon, Bulat Shelepov, Robert S. Kleinschmidt, Mark Vayman
-
Patent number: 8931035Abstract: A facility for receiving an embedded policy is provided. The facility checks an application program image for the presence of an embedded policy. If an embedded policy is detected, the facility extracts the policy from within the application program image. The facility may then apply the extracted policy to the application program image before the application program image is loaded and/or executed. Moreover, the facility may check the application program image's integrity prior to extracting the embedded policy.Type: GrantFiled: November 11, 2010Date of Patent: January 6, 2015Assignee: Microsoft CorporationInventors: Gilad Golan, Mark Vayman
-
Publication number: 20130254835Abstract: A facility for receiving an embedded policy is provided. The facility checks an application program image for the presence of an embedded policy. If an embedded policy is detected, the facility extracts the policy from within the application program image. The facility may then apply the extracted policy to the application program image before the application program image is loaded and/or executed. Moreover, the facility may check the application program image's integrity prior to extracting the embedded policy.Type: ApplicationFiled: May 9, 2013Publication date: September 26, 2013Applicant: Microsoft CorporationInventors: Gilad Golan, Mark Vayman
-
Patent number: 8533420Abstract: A storage monitoring system may reside between a file system and a storage system in a thin provisioned storage system. The storage monitoring system may create space holder files within a volume, where the space holder files contain an address space not backed up with physical storage. As requests for storage space are received from a file system, the storage monitoring system may allocate physical space to the volume by provisioning portions of the physical storage device to the volume and by removing one of the space holder files. The storage monitoring system may present alerts when physical storage space is low, as well as return an amount of physical space available to a volume size request.Type: GrantFiled: November 24, 2010Date of Patent: September 10, 2013Assignee: Microsoft CorporationInventors: David A. Goebel, James M. Lyon, Bulat Shelepov, Robert S. Kleinschmidt, Mark Vayman
-
Patent number: 8453200Abstract: A facility for receiving an embedded policy is provided. The facility checks an application program image for the presence of an embedded policy. If an embedded policy is detected, the facility extracts the policy from within the application program image. The facility may then apply the extracted policy to the application program image before the application program image is loaded and/or executed. Moreover, the facility may check the application program image's integrity prior to extracting the embedded policy.Type: GrantFiled: October 13, 2011Date of Patent: May 28, 2013Assignee: Microsoft CorporationInventors: Gilad Golan, Mark Vayman
-
Patent number: 8443433Abstract: Embodiments of the invention described herein are directed to a mechanism for determining whether at least one operation will be effective in view of at least one security policy. In exemplary implementations, determining whether at least one operation will be effective in view of at least one security policy may comprise determining a merged security policy for a computer system by merging security policies for the computer system from two or more sources. The security policies may be security policies set by a user and/or an administrator of the computer system, may be security policies of a computer network to which the computer system is connected, or may be security policies of one or more other computer systems that are above the computer system in a computer network hierarchy.Type: GrantFiled: June 28, 2007Date of Patent: May 14, 2013Assignee: Microsoft CorporationInventors: David Abzarian, Gerardo Diaz Cuellar, Mark Vayman, Eran Yariv
-
Patent number: 8239648Abstract: A thin provisioned storage system may have a file system manager that presents a logical storage system to a user and a storage management system that manages physical storage devices. When a block of data is freed at the logical layer, the file system manager may identify the freed block and send a command to the physical layer. The physical layer may identify the corresponding physical block or blocks and free those blocks on the physical layer. The storage management system may use a table to manage the location of blocks of data across multiple physical storage devices.Type: GrantFiled: April 13, 2009Date of Patent: August 7, 2012Assignee: Microsoft CorporationInventors: David A. Goebel, James M. Lyon, Bulat Shelepov, Robert S. Kleinschmidt, Mark Vayman
-
Publication number: 20120131303Abstract: A storage monitoring system may reside between a file system and a storage system in a thin provisioned storage system. The storage monitoring system may create space holder files within a volume, where the space holder files contain an address space not backed up with physical storage. As requests for storage space are received from a file system, the storage monitoring system may allocate physical space to the volume by provisioning portions of the physical storage device to the volume and by removing one of the space holder files. The storage monitoring system may present alerts when physical storage space is low, as well as return an amount of physical space available to a volume size request.Type: ApplicationFiled: November 24, 2010Publication date: May 24, 2012Applicant: MICROSOFT CORPORATIONInventors: David A. Goebel, James M. Lyon, Bulat Shelepov, Robert S. Kleinschmidt, Mark Vayman
-
Patent number: 8181219Abstract: A facility for receiving an embedded policy is provided. The facility checks an application program image for the presence of an embedded policy. If an embedded policy is detected, the facility extracts the policy from within the application program image. The facility may then apply the extracted policy to the application program image before the application program image is loaded and/or executed. Moreover, the facility may check the application program image's integrity prior to extracting the embedded policy.Type: GrantFiled: October 1, 2004Date of Patent: May 15, 2012Assignee: Microsoft CorporationInventors: Gilad Golan, Mark Vayman
-
Publication number: 20120036554Abstract: A facility for receiving an embedded policy is provided. The facility checks an application program image for the presence of an embedded policy. If an embedded policy is detected, the facility extracts the policy from within the application program image. The facility may then apply the extracted policy to the application program image before the application program image is loaded and/or executed. Moreover, the facility may check the application program image's integrity prior to extracting the embedded policy.Type: ApplicationFiled: October 13, 2011Publication date: February 9, 2012Applicant: Microsoft CorporationInventors: Gilad Golan, Mark Vayman
-
Publication number: 20110126260Abstract: A facility for receiving an embedded policy is provided. The facility checks an application program image for the presence of an embedded policy. If an embedded policy is detected, the facility extracts the policy from within the application program image. The facility may then apply the extracted policy to the application program image before the application program image is loaded and/or executed. Moreover, the facility may check the application program image's integrity prior to extracting the embedded policy.Type: ApplicationFiled: November 11, 2010Publication date: May 26, 2011Applicant: Microsoft CorporationInventors: Gilad Golan, Mark Vayman
-
Patent number: 7921451Abstract: A facility for receiving an embedded policy is provided. The facility checks an application program image for the presence of an embedded policy. If an embedded policy is detected, the facility extracts the policy from within the application program image. The facility may then apply the extracted policy to the application program image before the application program image is loaded and/or executed. Moreover, the facility may check the application program image's integrity prior to extracting the embedded policy.Type: GrantFiled: October 1, 2004Date of Patent: April 5, 2011Assignee: Microsoft CorporationInventors: Gilad Golan, Mark Vayman
-
Patent number: 7904956Abstract: A facility for providing access authorization is provided. The facility initially enforces a first, less restrictive policy when making its access control decisions. Subsequent to detecting an anomaly, the facility enforces a second, more restrictive policy when making its access control decisions. The facility returns to enforcing the first, less restrictive policy when the anomaly no longer exists. In another embodiment, the facility enforces a policy after detecting an anomaly and until the anomaly has ended.Type: GrantFiled: October 1, 2004Date of Patent: March 8, 2011Assignee: Microsoft CorporationInventors: Gilad Golan, Mark Vayman
-
Patent number: 7853993Abstract: A facility for performing an access control check as an integral component of an operating system and utilizing a centralized policy store is provided. The facility executes as an integral part of an operating system executing on a computer and receives an authorization query to determine whether a principal has authorization to access a resource. The facility applies a policy maintained in a centralized policy store that is applicable to the principal to determine whether authorization exists to access the resource. If authorization does not exist, the facility denies the authorization query and records an indication of the denial of the authorization in an audit log. The facility may trigger events based on the auditing of authorization queries. The facility may also record an indication of authorization to access the resource in the audit log.Type: GrantFiled: January 5, 2009Date of Patent: December 14, 2010Assignee: Microsoft CorporationInventor: Mark Vayman
-
Publication number: 20100280998Abstract: A data storage array may be made up of several storage devices, each of which may contain array metadata that may allow portions of the storage array to be used. A system may have a file system manager that may receive and respond to file system commands and a storage device manager that may store data on the several storage devices. Array metadata defining where data is stored within the storage array is stored on each device within the array. A policy engine may identify data to be stored on the array and determine if the data contains array metadata or other types of data and may store the data on every device, devices having specific characteristics, two or more devices, or one device.Type: ApplicationFiled: April 30, 2009Publication date: November 4, 2010Applicant: MICROSOFT CORPORATIONInventors: David A. Goebel, James M. Lyon, Bulat Shelepov, Robert S. Kleinschmidt, Mark Vayman
-
Patent number: 7818781Abstract: A facility for setting and revoking policies is provided. The facility receives a request from a controlling process a request to set a policy on a controlled process, and determines whether the controlling process has privilege to set the policy on the controlled process. If the facility determines that the controlling process has privilege to set the policy on the controlled process, the facility sets the policy on the controlled process, which causes the policy to be applied to the controlled process to determine whether the controlled process has authorization to access one or more resources.Type: GrantFiled: October 1, 2004Date of Patent: October 19, 2010Assignee: Microsoft CorporationInventors: Gilad Golan, Mark Vayman, Scott A. Field
-
Publication number: 20100262802Abstract: A thin provisioned storage system may have a file system manager that presents a logical storage system to a user and a storage management system that manages physical storage devices. When a block of data is freed at the logical layer, the file system manager may identify the freed block and send a command to the physical layer. The physical layer may identify the corresponding physical block or blocks and free those blocks on the physical layer. The storage management system may use a table to manage the location of blocks of data across multiple physical storage devices.Type: ApplicationFiled: April 13, 2009Publication date: October 14, 2010Applicant: Microsoft CorporationInventors: David A. Goebel, James M. Lyon, Bulat Shelepov, Robert S. Kleinschmidt, Mark Vayman