Patents by Inventor Michael P. Waidner
Michael P. Waidner has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10068064Abstract: Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product.Type: GrantFiled: April 24, 2012Date of Patent: September 4, 2018Assignee: International Business Machines CorporationInventors: Timothy J. Hahn, Bernard P. Palmer, Jr., Michael P. Waidner, James J. Whitmore
-
Patent number: 9946848Abstract: Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product.Type: GrantFiled: February 26, 2009Date of Patent: April 17, 2018Assignee: International Business Machines CorporationInventors: Timothy J. Hahn, Bernard P. Palmer, Jr., Michael P. Waidner, James J. Whitmore
-
Patent number: 9898587Abstract: Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product.Type: GrantFiled: April 24, 2012Date of Patent: February 20, 2018Assignee: International Business Machines CorporationInventors: Timothy J. Hahn, Bernard P. Palmer, Jr., Michael P. Waidner, James J. Whitmore
-
Patent number: 9202080Abstract: A method, system and computer-usable medium are disclosed for controlling the distribution of data. Data stored in a datastore is filtered according to a data release policy to generate filtered data. A data release policy agreement, corresponding to the data release policy, is generated. The filtered data and the data release policy agreement are then provided to an information consumer. The data release policy agreement is then used to enforce the data release policy.Type: GrantFiled: March 12, 2012Date of Patent: December 1, 2015Assignee: International Business Machines CorporationInventors: Ivan M. Milman, Charles D. Wolfson, Matthias Schunter, Heather M. Hinton, Michael P. Waidner
-
Patent number: 9043342Abstract: A method, system and computer-usable medium are disclosed for controlling the distribution of data. Data stored in a datastore is filtered according to a data release policy to generate filtered data. A data release policy agreement, corresponding to the data release policy, is generated. The filtered data and the data release policy agreement are then provided to an information consumer. The data release policy agreement is then used to enforce the data release policy.Type: GrantFiled: December 29, 2009Date of Patent: May 26, 2015Assignee: International Business Machines CorporationInventors: Ivan M. Milman, Charles D. Wolfson, Matthias Schunter, Heather M. Hinton, Michael P. Waidner
-
Patent number: 8892900Abstract: Systems, apparatus and methods for privacy-protecting integrity attestation of a computing platform. An example method for privacy-protecting integrity attestation of a computing platform (P) has a trusted platform module (TPM}, and comprises the following steps. First, the computing platform (P) receives configuration values (PCRI . . . PCRn). Then, by means of the trusted platform module (TPM}, a configuration value (PCRp) is determined which depends on the configuration of the computing platform (P). In a further step the configuration value (PCRp) is signed by means of the trusted platform module. Finally, in the event that the configuration value (PCRp) is one of the received configuration values (PCRI . . . PCRn), the computing platform (P) proves to a verifier (V) that it knows the signature (sign(PCRp}} on one of the received configuration values (PCRI . . . PCRn).Type: GrantFiled: September 2, 2012Date of Patent: November 18, 2014Assignee: International Business Machines CorporationInventors: Endre-Feliz F. Bangerter, Matthias Schunter, Michael P. Waidner, Jan L. Camenisch
-
Patent number: 8713647Abstract: Techniques for facilitating an online transaction session with an end-of-session authentication are provided. The techniques include performing a start-of-session authentication to enable an online transaction session, and performing an end-of-session authentication to end the online transaction session, wherein the end-of-session authentication comprises a scope comprising each pre-defined critical transaction from the transaction session.Type: GrantFiled: August 21, 2009Date of Patent: April 29, 2014Assignee: International Business Machines CorporationInventor: Michael P. Waidner
-
Publication number: 20120216294Abstract: Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product.Type: ApplicationFiled: April 24, 2012Publication date: August 23, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Timothy J. Hahn, Bernard P. Palmer, JR., Michael P. Waidner, James J. Whitmore
-
Publication number: 20120210441Abstract: Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product.Type: ApplicationFiled: April 24, 2012Publication date: August 16, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Timothy J. Hahn, Bernard P. Palmer, JR., Michael P. Waidner, James J. Whitmore
-
Publication number: 20120191731Abstract: A method, system and computer-usable medium are disclosed for controlling the distribution of data. Data stored in a datastore is filtered according to a data release policy to generate filtered data. A data release policy agreement, corresponding to the data release policy, is generated. The filtered data and the data release policy agreement are then provided to an information consumer. The data release policy agreement is then used to enforce the data release policy.Type: ApplicationFiled: March 12, 2012Publication date: July 26, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Ivan M. Milman, Charles D. Wolfson, Matthias Schunter, Heather M. Hinton, Michael P. Waidner
-
Patent number: 8205266Abstract: Software license management systems are provided in which a license to use a software product is represented by a data token. The systems have a software controller for controlling use of the software product at a user device, and a license management server for communicating with the software controller via a data communications network. The software controller allows use of the software product at the user device substantially only during a use period associated with a current data token supplied to the software controller by the license management server. An exchange token can be supplied to another, similar software controller when necessary to transfer the license, e.g. in the event of a breakdown. The software controller is adapted to supply either the current data token, or the exchange token, to the license management server to be exchanged for a new data token.Type: GrantFiled: January 28, 2005Date of Patent: June 19, 2012Assignee: International Business Machines CorporationInventors: Birgit M. Pfitzmann, Michael P. Waidner
-
Publication number: 20110161332Abstract: A method, system and computer-usable medium are disclosed for controlling the distribution of data. Data stored in a datastore is filtered according to a data release policy to generate filtered data. A data release policy agreement, corresponding to the data release policy, is generated. The filtered data and the data release policy agreement are then provided to an information consumer. The data release policy agreement is then used to enforce the data release policy.Type: ApplicationFiled: December 29, 2009Publication date: June 30, 2011Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Ivan M. Milman, Charles D. Wolfson, Matthias Schunter, Heather M. Hinton, Michael P. Waidner
-
Patent number: 7941859Abstract: Method, system, and storage medium for reducing or minimizing access to sensitive information. A method includes identifying processes and data associated with a computer system and classifying each of the data as one of either sensitive information or non-sensitive information. The sensitive information includes at least one of: data that is personal to an individual, confidential data, and data that is legally subject to conditions of restricted use. For each of the processes the method includes selecting a process and a sensitive data item, modifying the sensitive data item, analyzing the behavior of at least the selected process, and preventing access of the sensitive data item by the selected process if, as a result of the analyzing, the sensitive data item is determined not to be needed by the selected process.Type: GrantFiled: June 23, 2004Date of Patent: May 10, 2011Assignee: International Business Machines CorporationInventors: Jan L. Camenisch, Birgit M. Pfitzmann, Matthias Schunter, Michael P. Waidner
-
Patent number: 7941857Abstract: The invention provides a data network, systems and methods for checking nodes of a data network that are used for detecting whether a privacy policy concerning an information is maintained. The information comprises a mark corresponding to the privacy policy. The mark defines the storage place or the accessing paths or the transferring paths of the information. The mark is automatically searchable. The mark is searched, analyzed and checked as to whether the privacy policy is maintained. The advantage of the system is that vulnerabilities of systems for protecting confidential information may be detected a long time before an attack on the confidential information occurs.Type: GrantFiled: July 31, 2008Date of Patent: May 10, 2011Assignee: International Business Machines CorporationInventors: Birgit Baum-Waidner, Christopher M. Kenyon, Michael P. Waidner
-
Publication number: 20110047602Abstract: Techniques for facilitating an online transaction session with an end-of-session authentication are provided. The techniques include performing a start-of-session authentication to enable an online transaction session, and performing an end-of-session authentication to end the online transaction session, wherein the end-of-session authentication comprises a scope comprising each pre-defined critical transaction from the transaction session.Type: ApplicationFiled: August 21, 2009Publication date: February 24, 2011Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventor: Michael P. Waidner
-
Publication number: 20100218182Abstract: Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product.Type: ApplicationFiled: February 26, 2009Publication date: August 26, 2010Applicant: International Business Machines CorporationInventors: Timothy J. Hahn, Bernard P. Palmer, JR., Michael P. Waidner, James J. Whitmore
-
Patent number: 7617393Abstract: A data access control facility is implemented by assigning personally identifying information (PII) classification labels to PII data objects, with each PII data object having one PII classification label assigned thereto. The control facility further includes at least one PII purpose serving function set (PSFS) comprising a list of application functions that read or write PII data objects. Each PII PSFS is also assigned a PII classification label. A PII data object is accessible via an application function of a PII PSFS having a PII classification label that is identical to or dominant of the PII classification label of the PII object. A user of the control facility is assigned a PII clearance set which contains a list of at least one PII classification label, which is employed in determining whether the user is entitled to access a particular function.Type: GrantFiled: June 18, 2007Date of Patent: November 10, 2009Assignee: International Business Machines CorporationInventors: Linda Betz, John C. Dayka, Walter B. Farrell, Richard H. Guski, Guenter Karjoth, Mark A. Nelson, Birgit M. Pfitzmann, Michael P. Waidner, Matthias Schunter
-
Publication number: 20080235805Abstract: Software licence management systems are provided in which a licence to use a software product is represented by a data token. The systems have a software controller for controlling use of the software product at a user device, and a licence management server for communicating with the software controller via a data communications network. The software controller allows use of the software product at the user device substantially only during a use period associated with a current data token supplied to the software controller by the licence management server. An exchange token can be supplied to another, similar software controller when necessary to transfer the licence, e.g. in the event of a breakdown. The software controller is adapted to supply either the current data token, or the exchange token, to the licence management server to be exchanged for a new data token.Type: ApplicationFiled: January 28, 2005Publication date: September 25, 2008Inventors: Birgit M. Pfitzmann, Michael P. Waidner
-
Patent number: 7302569Abstract: A data access control facility is implemented by assigning personally identifying information (PII) classification labels to PII data objects, with each PII data object having one PII classification label assigned thereto. The control facility further includes at least one PII purpose serving function set (PSFS) comprising a list of application functions that read or write PII data objects. Each PII PSFS is also assigned a PII classification label. A PII data object is accessible via an application function of a PII PSFS having a PII classification label that is identical to or dominant of the PII classification label of the PII object. A user of the control facility is assigned a PII clearance set which contains a list of at least one PII classification label, which is employed in determining whether the user is entitled to access a particular function.Type: GrantFiled: August 19, 2003Date of Patent: November 27, 2007Assignee: International Business Machines CorporationInventors: Linda Betz, John C. Dayka, Walter B. Farrell, Richard H. Guski, Guenter Karjoth, Mark A. Nelson, Birgit M. Pfitzmann, Matthias Schunter, Michael P. Waidner