Patents by Inventor Mohamed Rouatbi
Mohamed Rouatbi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230367871Abstract: Event-triggered forensics capture technologies balance security incident data availability against data processing and storage costs. A forensic correlation engine receives basic status data of a monitored computing system. A forensic computing system detects a trigger event in the basic status data, and starts capturing extended status data per a corresponding capture specification. Captured data is submitted to a forensic analysis tool. Different trigger events may cause different data captures. A query specifying which data to capture from a live stream or from virtual machines may operate as a capture trigger start event. Extended status data capture activity may be stopped by a change in the basic status data being received, by a timeout, or by forensic analysis that finds no vulnerability or threat based on captured data. Data transfers and storage may be restricted to comply with privacy regulations or policies.Type: ApplicationFiled: May 16, 2022Publication date: November 16, 2023Inventors: Shi Min Sharon KO, Vidhi AGARWAL, Gueorgui CHKODROV, Sangeetha MADDERLA, Mohamed ROUATBI
-
Patent number: 11327558Abstract: Disclosed herein is a system for facilitating fast and intuitive investigations of security incidents by responding to physical gestures performed by security analysts within a virtual scene. A query triggers an alert for detecting security incidents that occur with respect to computing resources. Following the alert, the security analyst dons a Near-Eye-Display (NED) device and is presented with a virtual scene having control elements representing various data sets and/or data analysis operations relevant to a security incident. The security analyst investigates the security incident by performing hand motions to “grab-and-drag” control elements representing data sets. The security analyst may also perform hand motions to “tap on” control elements that represents a data analysis operation. Responsive to the hand motions, the system performs data analysis operations and displays a result within the virtual scene.Type: GrantFiled: April 2, 2020Date of Patent: May 10, 2022Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Benjamin Brown, Mohamed Rouatbi, Jeffrey Scott Shaw
-
Publication number: 20210311542Abstract: Disclosed herein is a system for facilitating fast and intuitive investigations of security incidents by responding to physical gestures performed by security analysts within a virtual scene. A query triggers an alert for detecting security incidents that occur with respect to computing resources. Following the alert, the security analyst dons a Near-Eye-Display (NED) device and is presented with a virtual scene having control elements representing various data sets and/or data analysis operations relevant to a security incident. The security analyst investigates the security incident by performing hand motions to “grab-and-drag” control elements representing data sets. The security analyst may also perform hand motions to “tap on” control elements that represents a data analysis operation. Responsive to the hand motions, the system performs data analysis operations and displays a result within the virtual scene.Type: ApplicationFiled: April 2, 2020Publication date: October 7, 2021Inventors: Benjamin BROWN, Mohamed ROUATBI, Jeffrey Scott SHAW
-
Patent number: 10791128Abstract: A process to detect intrusions with an intrusion detection system is disclosed. The intrusion detection system identifies instance types, and each instance type includes an instance. A know compromised instance is identified from the plurality of instances. A link between the plurality instance types is traversed from the compromised instance to discover an additional compromised instance.Type: GrantFiled: September 28, 2017Date of Patent: September 29, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Svetlana Gaivoronski, Paul England, Mohamed Rouatbi, Mariusz H. Jakubowski, Marcus Peinado, Julian Federico Gonzalez, Jr.
-
Patent number: 10735457Abstract: A process to investigate intrusions with an investigation system is disclosed. The process receives forensic facts from a set of forensic events on a system or network. A suspicious fact is identified from the forensic facts. A related fact from the forensic facts is identified based on the suspicious fact.Type: GrantFiled: October 3, 2017Date of Patent: August 4, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Mohamed Rouatbi, Julian Federico Gonzalez, Jr., Marcus Peinado, Mariusz H. Jakubowski, Svetlana Gaivoronski
-
Patent number: 10621357Abstract: Security risks associated with scanning a computer are at least mitigated by performing the scanning off node. State data of a target node, or computer, can be acquired in various ways. The acquired state data can be subsequently employed to generate a virtual replica of the target computer or portion thereof on a second computer isolated from the target computer. The virtual replica of the target computer provides a scanner access to the data needed to perform a scan on the second computer without accessing or being able to impact the target computer.Type: GrantFiled: August 31, 2017Date of Patent: April 14, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Rebecca Jean Ochs, Ramesh Chinta, Amrita Satapathy, Jeffrey Cooperstein, Harini Parthasarathy, Scott Antony Field, Mohamed Rouatbi, Julian Federico Gonzalez
-
Publication number: 20190104147Abstract: A process to investigate intrusions with an investigation system is disclosed. The process receives forensic facts from a set of forensic events on a system or network. A suspicious fact is identified from the forensic facts. A related fact from the forensic facts is identified based on the suspicious fact.Type: ApplicationFiled: October 3, 2017Publication date: April 4, 2019Applicant: Microsoft Technology Licensing, LLCInventors: Mohamed Rouatbi, Julian Federico Gonzalez, JR., Marcus Peinado, Mariusz H. Jakubowski, Svetlana Gaivoronski
-
Publication number: 20190098024Abstract: A process to detect intrusions with an intrusion detection system is disclosed. The intrusion detection system identifies instance types, and each instance type includes an instance. A know compromised instance is identified from the plurality of instances. A link between the plurality instance types is traversed from the compromised instance to discover an additional compromised instance.Type: ApplicationFiled: September 28, 2017Publication date: March 28, 2019Applicant: Microsoft Technology Licensing, LLCInventors: Svetlana Gaivoronski, Paul England, Mohamed Rouatbi, Mariusz H. Jakubowski, Marcus Peinado, Julian Federico Gonzalez, JR.
-
Publication number: 20190065754Abstract: Security risks associated with scanning a computer are at least mitigated by performing the scanning off node. State data of a target node, or computer, can be acquired in various ways. The acquired state data can be subsequently employed to generate a virtual replica of the target computer or portion thereof on a second computer isolated from the target computer. The virtual replica of the target computer provides a scanner access to the data needed to perform a scan on the second computer without accessing or being able to impact the target computer.Type: ApplicationFiled: August 31, 2017Publication date: February 28, 2019Inventors: Rebecca Jean Ochs, Ramesh Chinta, Amrita Satapathy, Jeffrey Cooperstein, Harini Parthasarathy, Scott Antony Field, Mohamed Rouatbi, Julian Federico Gonzalez
-
Patent number: 9413740Abstract: Embodiments are directed to establishing a secure connection between computing systems and to providing computer system virtualization on a secure computing device. In one scenario, a computer system receives a request that at least one specified function be initiated. The request includes user credentials and a device claim that identifies the computing device. The computer system authenticates the user using the received user credentials and determines, based on the device claim, that the computing device is an approved computing device that has been approved to initiate performance of the specified function. Then, upon determining that the user has been authenticated and that the computing device is approved to initiate performance the specified function, the computer system initiates performance of the specified function.Type: GrantFiled: July 22, 2014Date of Patent: August 9, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Mohamed Rouatbi, Karthik Jaganathan, Venkata K. Anumalasetty, Ramesh Chinta, Scott A. Field
-
Publication number: 20160087963Abstract: Embodiments are directed to establishing a secure connection between computing systems and to providing computer system virtualization on a secure computing device. In one scenario, a computer system receives a request that at least one specified function be initiated. The request includes user credentials and a device claim that identifies the computing device. The computer system authenticates the user using the received user credentials and determines, based on the device claim, that the computing device is an approved computing device that has been approved to initiate performance of the specified function. Then, upon determining that the user has been authenticated and that the computing device is approved to initiate performance the specified function, the computer system initiates performance of the specified function.Type: ApplicationFiled: December 1, 2015Publication date: March 24, 2016Inventors: Mohamed Rouatbi, Karthik Jaganathan, Venkata K. Anumalasetty, Ramesh Chinta, Scott A. Field
-
Publication number: 20160028704Abstract: Embodiments are directed to establishing a secure connection between computing systems and to providing computer system virtualization on a secure computing device. In one scenario, a computer system receives a request that at least one specified function be initiated. The request includes user credentials and a device claim that identifies the computing device. The computer system authenticates the user using the received user credentials and determines, based on the device claim, that the computing device is an approved computing device that has been approved to initiate performance of the specified function. Then, upon determining that the user has been authenticated and that the computing device is approved to initiate performance the specified function, the computer system initiates performance of the specified function.Type: ApplicationFiled: July 22, 2014Publication date: January 28, 2016Inventors: Mohamed Rouatbi, Karthik Jaganathan, Venkata K. Anumalasetty, Ramesh Chinta, Scott A. Field
-
Patent number: 8620956Abstract: Described is a technology in which a set of objects represent educational entities of an educational model, with relationships between objects. For example, a course object instance may have a relationship with a task instance and a user instance (such as representing a student). Other objects may include user credentials objects, group objects, degree program objects, course plan objects, institution objects, school objects, and/or department objects. The set of objects may be pre-defined and maintained in a persistent storage; this pre-defined set may be extended with an extended object that has relationships with pre-defined objects. The educational entities of an object model may be maintained in rows of a table, with each row having a field that identifies which entity is represented by that row. The table is accessed to determine relationships between an instantiated object for an entity and at least one other instantiated object for another entity.Type: GrantFiled: June 16, 2009Date of Patent: December 31, 2013Assignee: Microsoft CorporationInventors: Lei Wang, Mohamed Rouatbi, Rajeev Kumar Mittal, Parul Ranjit Manek, Zubin Alexander, Kevin C. Gammill, Ellery Charlson, Xin Li, Zhipeng Zhao, Qin Zhou, Yuan-Fen Kuo, Manjusha Madhav Mangaonkar, Tony Kao
-
Patent number: 8244872Abstract: The educational adaptive provider architecture described herein provides a way for an educational services framework to be built on varying underlying existing technologies without any changes in the object model and services. The provider framework supports the ability to have multiple types of providers for various services, such as, for example, for authorization, authentication, communication, grouping, scoring, social-networking, storage and user functions. The educational adaptive provider architecture provides easy integration of existing institutional and educational service deployments.Type: GrantFiled: June 11, 2009Date of Patent: August 14, 2012Assignee: Microsoft Corp.Inventors: Ellery Charlson, Lei Wang, Mohamed Rouatbi, Parul R. Manek, Rajeev Mittal, Xin Li, Zhipeng Zhao, Zubin Alexander, Kevin Casey Gammill, Qin Zhou, Manjusha M. Mangaonkar, Brian James Hardy
-
Publication number: 20100318657Abstract: The educational adaptive provider architecture described herein provides a way for an educational services framework to be built on varying underlying existing technologies without any changes in the object model and services. The provider framework supports the ability to have multiple types of providers for various services, such as, for example, for authorization, authentication, communication, grouping, scoring, social-networking, storage and user functions. The educational adaptive provider architecture provides easy integration of existing institutional and educational service deployments.Type: ApplicationFiled: June 11, 2009Publication date: December 16, 2010Applicant: MICROSOFT CORPORATIONInventors: Ellery Charlson, Lei Wang, Mohamed Rouatbi, Parul Ranjit Manek, Rajeev Kumar Mittal, Xin Li, Zhipeng Zhao, Zubin Alexander, Kevin Casey Gammill, Qin Zhou, Manjusha Madhav Mangaonkar, Brian James Hardy
-
Publication number: 20100318589Abstract: Described is a technology in which a set of objects represent educational entities of an educational model, with relationships between objects. For example, a course object instance may have a relationship with a task instance and a user instance (such as representing a student). Other objects may include user credentials objects, group objects, degree program objects, course plan objects, institution objects, school objects, and/or department objects. The set of objects may be pre-defined and maintained in a persistent storage; this pre-defined set may be extended with an extended object that has relationships with pre-defined objects. The educational entities of an object model may be maintained in rows of a table, with each row having a field that identifies which entity is represented by that row. The table is accessed to determine relationships between an instantiated object for an entity and at least one other instantiated object for another entity.Type: ApplicationFiled: June 16, 2009Publication date: December 16, 2010Applicant: Microsoft CorporationInventors: Lei Wang, Mohamed Rouatbi, Rajeev Kumar Mittal, Parul Ranjit Manek, Zubin Alexander, Kevin C. Gammill, Ellery Charlson, Xin Li, Zhipeng Zhao, Qin Zhou, Yuan-Fen Kuo, Manjusha Madhav Mangaonkar, Tony Kao
-
Publication number: 20100316987Abstract: Described is a technology in which an educational service provides contracts (an interface set) for calling functions that allow management of educational-related data. The interface set may be divided as interfaces to various services; roles associated with users of the educational service determine which interfaces/functions each user can call. The interfaces may include interfaces for calling course-related functions (e.g., of a course service), profile-related functions (e.g., of a profile service), membership-related functions (e.g., of a membership service) and task-related functions (e.g., of a task service).Type: ApplicationFiled: June 16, 2009Publication date: December 16, 2010Applicant: Microsoft CorporationInventors: Ellery Charlson, Lei Wang, Mohamed Rouatbi, Parul Ranjit Manek, Rajeev Kumar Mittal, Xin Li, Zhipeng Zhao, Zubin Alexander, Kevin C. Gammill, Qin Zhou, Yonit Manna, Brian James Hardy