Patents by Inventor Muhammad Umar Janjua
Muhammad Umar Janjua has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10218515Abstract: The techniques described herein dynamically determine a new signature that is valid and that can be used to verify trust of an object (e.g., a certificate, an executable file, user credentials, etc.). The dynamic determination of the new signature is implemented by an entity performing a trust verification process. The entity can execute a single unified service to establish trust in the object. The dynamic determination, or the ability for an invalid signature to evolve into a newer version that can be trusted, is implemented in response to an invalidity event indicating that the initial signature is no longer valid for trust verification purposes. Example invalidity events can comprise the expiration of a time sensitive signature attribute (e.g., an expired private key), a recently discovered weakness associated with an individual signature attribute (e.g., a key of insufficient length), or a determination that a certificate authority can no longer be trusted.Type: GrantFiled: August 26, 2016Date of Patent: February 26, 2019Assignee: Microsoft Technology Licensing, LLCInventors: Muhammad Umar Janjua, Mihail Frintu
-
Publication number: 20180062859Abstract: The techniques described herein dynamically determine a new signature that is valid and that can be used to verify trust of an object (e.g., a certificate, an executable file, user credentials, etc.). The dynamic determination of the new signature is implemented by an entity performing a trust verification process. The entity can execute a single unified service to establish trust in the object. The dynamic determination, or the ability for an invalid signature to evolve into a newer version that can be trusted, is implemented in response to an invalidity event indicating that the initial signature is no longer valid for trust verification purposes. Example invalidity events can comprise the expiration of a time sensitive signature attribute (e.g., an expired private key), a recently discovered weakness associated with an individual signature attribute (e.g., a key of insufficient length), or a determination that a certificate authority can no longer be trusted.Type: ApplicationFiled: August 26, 2016Publication date: March 1, 2018Inventors: Muhammad Umar Janjua, Mihail Frintu
-
Patent number: 9660817Abstract: In many information security scenarios, a certificate issued by a certificate authority may be presented to a client in order to assert a trust level of a certificated item, such as a message or a web page. However, due to a decentralized structure and incomplete coordination among certificate authorities, the presence and exploitation of security vulnerabilities to issue untrustworthy certificates may be difficult to determine, particularly for an individual client. Presented herein are techniques for advising clients of the reputations of respective certificate authorities by evaluating the certificates issued by such certificate authorities, such as the number and types of domains certified by the certificate; the number and pattern of certificates issued for the domain; and the certification techniques used to issue the certificates. Such evaluation enables a determination of a certificate authority trust level that may be distributed to the clients in a certificate authority trust set.Type: GrantFiled: August 1, 2014Date of Patent: May 23, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Anooshiravan Saboori, Muhammad Umar Janjua, Nelly Porter, Philip Hallin, Haitao Li, Xiaohong Su, Kelvin Yiu, Anthony Paul Penta, Vassil Dimitrov Bakalov, Bryston Mitsuo Nitta
-
Patent number: 9553730Abstract: In many information security scenarios, a certificate issued by a certificating authority may be presented to a client in order to assert a trust level of a certificated item, such as a message or a web page. However, due to a decentralized structure and incomplete coordination among certificating authorities, the presence and exploitation of security vulnerabilities to issue untrustworthy certificates may be difficult to determine, particularly for an individual client. Presented herein are techniques for providing a certificating authority trust service that collects and evaluates certificates submitted to clients by certificating authorities, and advises the clients of a certificating authority trust level for respective certificating authorities (e.g., determined as a consensus of the evaluated certificates issued by the certificating authority).Type: GrantFiled: September 6, 2013Date of Patent: January 24, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Anooshiravan Saboor, Muhammad Umar Janjua, Nelly Porter, Philip Hallin, Haitao Li, Xiaohong Su, Kelvin Yiu, Anthony Paul Penta
-
Patent number: 9553732Abstract: In many information security scenarios, a certificate issued by a certificate authority on behalf of a domain is presented to a client in order to verify the identity of the domain. However, due to a decentralized structure and incomplete coordination among certificate authorities, the presence and exploitation of security vulnerabilities to issue untrustworthy certificates may be difficult for an individual client to determine. Presented herein are techniques for advising clients of the trustworthiness of respective certificate authorities by evaluating the certificates issued by such certificate authorities for suspicious indicators, such as hashcode collisions with other certificates and public key re-use.Type: GrantFiled: August 1, 2014Date of Patent: January 24, 2017Assignee: Microsoft Technology Licensing LLCInventors: Anooshiravan Saboori, Muhammad Umar Janjua, Nelly Porter, Philip Hallin, Haitao Li, Xiaohong Su, Kelvin Yiu, Anthony Paul Penta
-
Publication number: 20160036593Abstract: In many information security scenarios, a certificate issued by a certificate authority may be presented to a client in order to assert a trust level of a certificated item, such as a message or a web page. However, due to a decentralized structure and incomplete coordination among certificate authorities, the presence and exploitation of security vulnerabilities to issue untrustworthy certificates may be difficult to determine, particularly for an individual client. Presented herein are techniques for advising clients of the reputations of respective certificate authorities by evaluating the certificates issued by such certificate authorities, such as the number and types of domains certified by the certificate; the number and pattern of certificates issued for the domain; and the certification techniques used to issue the certificates. Such evaluation enables a determination of a certificate authority trust level that may be distributed to the clients in a certificate authority trust set.Type: ApplicationFiled: August 1, 2014Publication date: February 4, 2016Inventors: Anooshiravan Saboori, Muhammad Umar Janjua, Nelly Porter, Philip Hallin, Haitao Li, Xiaohong Su, Kelvin Yiu, Anthony Paul Penta, Vassil Dimitrov Bakalov, Bryston Mitsuo Nitta
-
Patent number: 8966659Abstract: A computing device analyzes digital certificates received from various different sites (e.g., accessed via the Internet or other network) in order to automatically detect fraudulent digital certificates. The computing device maintains a record of the digital certificates it receives from these various different sites. A certificate screening service operating remotely from the computing device also accesses these various different sites and maintains a record of the digital certificates that the service receives from these sites. In response to a request to access a target site the computing device receives a current digital certificate from the target site. The computing device determines whether the current digital certificate is genuine or fraudulent based on one or more of previously received digital certificates for the target site, confirmation certificates received from the certificate screening service, and additional characteristics of the digital certificates and/or the target site.Type: GrantFiled: March 14, 2013Date of Patent: February 24, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Muhammad Umar Janjua, Yogesh A. Mehta, Maarten Van Horenbeeck, Anooshiravan Saboori, Nelly Porter, Vassil D. Bakalov, Bryston Nitta
-
Publication number: 20140359280Abstract: In many information security scenarios, a certificate issued by a certificating authority may be presented to a client in order to assert a trust level of a certificated item, such as a message or a web page. However, due to a decentralized structure and incomplete coordination among certificating authorities, the presence and exploitation of security vulnerabilities to issue untrustworthy certificates may be difficult to determine, particularly for an individual client. Presented herein are techniques for providing a certificating authority trust service that collects and evaluates certificates submitted to clients by certificating authorities, and advises the clients of a certificating authority trust level for respective certificating authorities (e.g., determined as a consensus of the evaluated certificates issued by the certificating authority).Type: ApplicationFiled: September 6, 2013Publication date: December 4, 2014Inventors: Anooshiravan Saboor, Muhammad Umar Janjua, Nelly Porter, Philip Hallin, Haitao Li, Xiaohong Su, Kelvin Yiu, Anthony Paul Penta
-
Publication number: 20140359281Abstract: In many information security scenarios, a certificate issued by a certificate authority on behalf of a domain is presented to a client in order to verify the identity of the domain. However, due to a decentralized structure and incomplete coordination among certificate authorities, the presence and exploitation of security vulnerabilities to issue untrustworthy certificates may be difficult for an individual client to determine. Presented herein are techniques for advising clients of the trustworthiness of respective certificate authorities by evaluating the certificates issued by such certificate authorities for suspicious indicators, such as hashcode collisions with other certificates and public key re-use.Type: ApplicationFiled: August 1, 2014Publication date: December 4, 2014Inventors: Anooshiravan Saboori, Muhammad Umar Janjua, Nelly Porter, Philip Hallin, Haitao Li, Xiaohong Su, Kelvin Yiu, Anthony Paul Penta
-
Publication number: 20140283054Abstract: A computing device analyzes digital certificates received from various different sites (e.g., accessed via the Internet or other network) in order to automatically detect fraudulent digital certificates. The computing device maintains a record of the digital certificates it receives from these various different sites. A certificate screening service operating remotely from the computing device also accesses these various different sites and maintains a record of the digital certificates that the service receives from these sites. In response to a request to access a target site the computing device receives a current digital certificate from the target site. The computing device determines whether the current digital certificate is genuine or fraudulent based on one or more of previously received digital certificates for the target site, confirmation certificates received from the certificate screening service, and additional characteristics of the digital certificates and/or the target site.Type: ApplicationFiled: March 14, 2013Publication date: September 18, 2014Applicant: MICROSOFT CORPORATIONInventors: Muhammad Umar Janjua, Yogesh A. Mehta, Maarten Van Horenbeeck, Anooshiravan Saboori, Nelly Porter, Vassil D. Bakalov, Bryston Nitta