Patents by Inventor Nick Voicu
Nick Voicu has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10715530Abstract: When a user inputs an action request, such as a requested command, to be performed on a target machine, a management system receives the request and verifies it with a separate authentication and permission system. The verified command request is sent to the target machine. An authentication worker on the target machine accesses a set of policies, local to the target machine, to identify a least privileged execution environment in which the requested command can be performed. The authentication worker on the target machine launches the requested command within the identified least privileged execution environment on the target machine.Type: GrantFiled: September 6, 2017Date of Patent: July 14, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Liqiang Zhu, Anand Menon, Guanghui He, Jiahui Wang, Neil Shipp, Nick Voicu, Yi Zeng, Yu Huang, Rajalakshmi Dani, David Hetherington, Zhaoan Liu, Gavin Ackroyd
-
Publication number: 20180063153Abstract: When a user inputs an action request, such as a requested command, to be performed on a target machine, a management system receives the request and verifies it with a separate authentication and permission system. The verified command request is sent to the target machine. An authentication worker on the target machine accesses a set of policies, local to the target machine, to identify a least privileged execution environment in which the requested command can be performed. The authentication worker on the target machine launches the requested command within the identified least privileged execution environment on the target machine.Type: ApplicationFiled: September 6, 2017Publication date: March 1, 2018Inventors: Liqiang Zhu, Anand Menon, Guanghui He, Jiahui Wang, Neil Shipp, Nick Voicu, Yi Zeng, Yu (Kyle) Huang, Rajalakshmi Dani, David Hetherington, Zhaoan Liu, Gavin Ackroyd
-
Patent number: 9787690Abstract: When a user inputs an action request, such as a requested command, to be performed on a target machine, a management system receives the request and verifies it with a separate authentication and permission system. The verified command request is sent to the target machine. An authentication worker on the target machine accesses a set of policies, local to the target machine, to identify a least privileged execution environment in which the requested command can be performed. The authentication worker on the target machine launches the requested command within the identified least privileged execution environment on the target machine.Type: GrantFiled: May 18, 2015Date of Patent: October 10, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Liqiang Zhu, Anand Menon, Guanghui He, Jiahui Wang, Neil Shipp, Nick Voicu, Yi Zeng, Yu (Kyle) Huang, Rajalakshmi Dani, David Hetherington, Zhaoan Liu, Gavin Ackroyd
-
Publication number: 20160182525Abstract: When a user inputs an action request, such as a requested command, to be performed on a target machine, a management system receives the request and verifies it with a separate authentication and permission system. The verified command request is sent to the target machine. An authentication worker on the target machine accesses a set of policies, local to the target machine, to identify a least privileged execution environment in which the requested command can be performed. The authentication worker on the target machine launches the requested command within the identified least privileged execution environment on the target machine.Type: ApplicationFiled: May 18, 2015Publication date: June 23, 2016Inventors: Liqiang Zhu, Anand Menon, Guanghui He, Jiahui Wang, Neil Shipp, Nick Voicu, Yi Zeng, Yu (Kyle) Huang, Rajalakshmi Dani, David Hetherington, Zhaoan Liu, Gavin Ackroyd
-
Patent number: 9256750Abstract: Computing devices utilizing trusted execution environments as virtual smart cards are designed to support expected credential recovery operations when a user credential, e.g., personal identification number (PIN), password, etc. has been forgotten or is unknown. A computing device generates a cryptographic key that is protected with a PIN unlock key (PUK) provided by an administrative entity. If the user PIN cannot be input to the computing device the PUK can be input to unlock the locked cryptographic key and thereby provide access to protected data. A computing device can also, or alternatively, generate a group of challenges and formulate responses thereto. The formulated responses are each used to secure a computing device cryptographic key. If the user PIN cannot be input to the computing device an entity may request a challenge. The computing device issues a challenge from the set of generated challenges.Type: GrantFiled: March 28, 2015Date of Patent: February 9, 2016Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Stefan Thom, Robert K. Spiger, Magnus NystrÖm, Himanshu Soni, Marc R. Barbour, Nick Voicu, Xintong Zhou, Kirk Shoop
-
Publication number: 20150213278Abstract: Computing devices utilizing trusted execution environments as virtual smart cards are designed to support expected credential recovery operations when a user credential, e.g., personal identification number (PIN), password, etc. has been forgotten or is unknown. A computing device generates a cryptographic key that is protected with a PIN unlock key (PUK) provided by an administrative entity. If the user PIN cannot be input to the computing device the PUK can be input to unlock the locked cryptographic key and thereby provide access to protected data. A computing device can also, or alternatively, generate a group of challenges and formulate responses thereto. The formulated responses are each used to secure a computing device cryptographic key. If the user PIN cannot be input to the computing device an entity may request a challenge. The computing device issues a challenge from the set of generated challenges.Type: ApplicationFiled: March 28, 2015Publication date: July 30, 2015Inventors: Stefan Thom, Robert K. Spiger, Magnus NystrÖm, Himanshu Soni, Marc R. Barbour, Nick Voicu, Xintong Zhou, Kirk Shoop
-
Patent number: 9015490Abstract: Computing devices utilizing trusted execution environments as virtual smart cards are designed to support expected credential recovery operations when a user credential, e.g., personal identification number (PIN), password, etc. has been forgotten or is unknown. A computing device generates a cryptographic key that is protected with a PIN unlock key (PUK) provided by an administrative entity. If the user PIN cannot be input to the computing device the PUK can be input to unlock the locked cryptographic key and thereby provide access to protected data. A computing device can also, or alternatively, generate a group of challenges and formulate responses thereto. The formulated responses are each used to secure a computing device cryptographic key. If the user PIN cannot be input to the computing device an entity may request a challenge. The computing device issues a challenge from the set of generated challenges.Type: GrantFiled: December 12, 2013Date of Patent: April 21, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Stefan Thom, Robert K. Spiger, Magnus NystrÖm, Himanshu Soni, Marc R. Barbour, Nick Voicu, Xintong Zhou, Kirk Shoop
-
Publication number: 20140101454Abstract: Computing devices utilizing trusted execution environments as virtual smart cards are designed to support expected credential recovery operations when a user credential, personal identification number (PIN), password, etc. has been forgotten or is unknown. A computing device generates a cryptographic key that is protected with a PIN unlock key (PUK) provided by an administrative entity. If the user PIN cannot be input to the computing device the PUK can be input to unlock the locked cryptographic key and thereby provide access to protected data. A computing device can also, or alternatively, generate a group of challenges and formulate responses thereto. The formulated responses are each used to secure a computing device cryptographic key. If the user PIN cannot be input to the computing device an entity may request a challenge. The computing device issues a challenge from the set of generated challenges.Type: ApplicationFiled: December 12, 2013Publication date: April 10, 2014Applicant: Microsoft CorporationInventors: Stefan Thom, Robert K. Spiger, Magnus NystrÖm, Himanshu Soni, Marc R. Barbour, Nick Voicu, Xintong Zhou, Kirk Shoop
-
Patent number: 8612766Abstract: Computing devices utilizing trusted execution environments as virtual smart cards are designed to support expected credential recovery operations when a user credential, e.g., personal identification number (PIN), password, etc. has been forgotten or is unknown. A computing device generates a cryptographic key that is protected with a PIN unlock key (PUK) provided by an administrative entity. If the user PIN cannot be input to the computing device the PUK can be input to unlock the locked cryptographic key and thereby provide access to protected data. A computing device can also, or alternatively, generate a group of challenges and formulate responses thereto. The formulated responses are each used to secure a computing device cryptographic key. If the user PIN cannot be input to the computing device an entity may request a challenge. The computing device issues a challenge from the set of generated challenges.Type: GrantFiled: July 5, 2011Date of Patent: December 17, 2013Assignee: Microsoft CorporationInventors: Stefan Thom, Robert K. Spiger, Magnus Nyström, Himanshu Soni, Marc R. Barbour, Nick Voicu, Xintong Zhou, Kirk Shoop
-
Publication number: 20130013928Abstract: Computing devices utilizing trusted execution environments as virtual smart cards are designed to support expected credential recovery operations when a user credential, e.g., personal identification number (PIN), password, etc. has been forgotten or is unknown. A computing device generates a cryptographic key that is protected with a PIN unlock key (PUK) provided by an administrative entity. If the user PIN cannot be input to the computing device the PUK can be input to unlock the locked cryptographic key and thereby provide access to protected data. A computing device can also, or alternatively, generate a group of challenges and formulate responses thereto. The formulated responses are each used to secure a computing device cryptographic key. If the user PIN cannot be input to the computing device an entity may request a challenge. The computing device issues a challenge from the set of generated challenges.Type: ApplicationFiled: July 5, 2011Publication date: January 10, 2013Applicant: Microsoft CorporationInventors: Stefan Thom, Robert K. Spiger, Magnus Nystrôm, Himanshu Soni, Marc R. Barbour, Nick Voicu, Xintong Zhou, Kirk Shoop