Patents by Inventor Simon FRADKIN
Simon FRADKIN has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11983266Abstract: Systems and methods are disclosed for event-based application control. A system extension is configured to leverage an endpoint security API for monitoring event activity within operating system kernel processes. The system extension registers with the endpoint security API particular event types for which the system extension would like to receive notifications. In response to receiving notifications regarding detected events corresponding to the registered event types, the system extension determines if the event, and its corresponding process, are safe and allowable to execute. In various embodiments, the system leverages whitelists, blacklists, and rules policies for making a safeness determination regarding the event notification. The system extension transmits this determination to the operating system via the endpoint security API.Type: GrantFiled: January 17, 2023Date of Patent: May 14, 2024Assignee: BEYOND TRUST CORPORATIONInventors: Omar Jawayd Ikram, Simon Fradkin
-
Patent number: 11943371Abstract: Systems and methods for root-level application selective configuration for managing performance of actions on files in a file system including an agent executed on a computing device. The agent can determine files stored in a particular folder and determine file metadata corresponding to the files based on a policy file. The agent can receive a selection of a particular file of the files that corresponds to one of the file metadata. The agent can determine an availability of one or more actions for the particular file as specified by file metadata. The agent can render a context menu that includes menu entries with one or more additional menu entry that corresponds to the actions based on the file metadata. The agent can perform an authentication of a current user account based on the policy file and cause the action to be performed based on privileges of the agent.Type: GrantFiled: November 18, 2022Date of Patent: March 26, 2024Assignee: BEYOND TRUST SOFTWARE, INC.Inventors: Simon Fradkin, Steven Joruk
-
Publication number: 20230237149Abstract: Systems and methods are disclosed for event-based application control. A system extension is configured to leverage an endpoint security API for monitoring event activity within operating system kernel processes. The system extension registers with the endpoint security API particular event types for which the system extension would like to receive notifications. In response to receiving notifications regarding detected events corresponding to the registered event types, the system extension determines if the event, and its corresponding process, are safe and allowable to execute. In various embodiments, the system leverages whitelists, blacklists, and rules policies for making a safeness determination regarding the event notification. The system extension transmits this determination to the operating system via the endpoint security API.Type: ApplicationFiled: January 17, 2023Publication date: July 27, 2023Inventors: Omar Jawayd IKRAM, Simon FRADKIN
-
Publication number: 20230078462Abstract: Systems and methods for root-level application selective configuration for managing performance of actions on files in a file system including an agent executed on a computing device. The agent can determine files stored in a particular folder and determine file metadata corresponding to the files based on a policy file. The agent can receive a selection of a particular file of the files that corresponds to one of the file metadata. The agent can determine an availability of one or more actions for the particular file as specified by file metadata. The agent can render a context menu that includes menu entries with one or more additional menu entry that corresponds to the actions based on the file metadata. The agent can perform an authentication of a current user account based on the policy file and cause the action to be performed based on privileges of the agent.Type: ApplicationFiled: November 18, 2022Publication date: March 16, 2023Inventors: Simon FRADKIN, Steven JORUK
-
Patent number: 11556634Abstract: Systems and methods are disclosed for event-based application control. A system extension is configured to leverage an endpoint security API for monitoring event activity within operating system kernel processes. The system extension registers with the endpoint security API particular event types for which the system extension would like to receive notifications. In response to receiving notifications regarding detected events corresponding to the registered event types, the system extension determines if the event, and its corresponding process, are safe and allowable to execute. In various embodiments, the system leverages whitelists, blacklists, and rules policies for making a safeness determination regarding the event notification. The system extension transmits this determination to the operating system via the endpoint security API.Type: GrantFiled: June 15, 2020Date of Patent: January 17, 2023Assignee: Beyondtrust Software, Inc.Inventors: Omar Jawayd Ikram, Simon Fradkin
-
Patent number: 11537452Abstract: A computing device can intercept a request to launch a requested application. The request can be intercepted by a calling process executed by the computing device. The request can include information identifying the requested application. The computing device can determine that a user interaction is required before launching the requested application by consulting a set of application policies based on the information identifying the requested application. The computing device can establish that the calling process is associated with a controlling terminal provided by an operating system in response to determining that the user interaction is required. A process session group containing processes launched within a user session can be selectively associated with the controlling terminal by the operating system. The computing device can perform the user interaction using the controlling terminal in response to establishing that the calling process is associated with the controlling terminal.Type: GrantFiled: April 16, 2021Date of Patent: December 27, 2022Inventors: Paul Thexton, Steven Joruk, Simon Fradkin
-
Patent number: 11528149Abstract: Systems and methods for root-level application selective configuration for managing installation of applications in a file system include at least one computing device and an agent. The at least one computing device can receive selections from a user for a file and for actions desired to be executed on the file. Instead of requiring a particular privilege level for the user, the agent can be provided privileges based on a policy file associated with the selected file, thereby allowing the selectable actions to be executed via the agent. The agent can be executed by the at least one computing device and register with an OS during a boot sequence. The agent can receive a selection of a file and render a context menu based on metadata from an associated policy file. The context menu can include one or more badges providing an indication of executable actions for the selected file.Type: GrantFiled: April 27, 2020Date of Patent: December 13, 2022Assignee: Beyondtrust Software, Inc.Inventors: Simon Fradkin, Steven Joruk
-
Publication number: 20210286660Abstract: An application control system (ACS) in a computer device intercepts a request to launch a requested application by a calling process, and determines, based on the requested application, that user interaction is required before launch. In response, the ACS establishes whether or not the calling process is associated with a controlling terminal and, if so, performs the user interactions using that controlling terminal. Where the user interactions are successful then the intended application is permitted to launch or, conversely, the intended application may be denied. Other solutions are provided in the event that the calling process is not associated with the controlling terminal.Type: ApplicationFiled: April 16, 2021Publication date: September 16, 2021Inventors: Paul Thexton, Steven Joruk, Simon Fradkin
-
Patent number: 10983845Abstract: An application control system (ACS) in a computer device intercepts a request to launch a requested application by a calling process, and determines, based on the requested application, that user interaction is required before launch. In response, the ACS establishes whether or not the calling process is associated with a controlling terminal and, if so, performs the user interactions using that controlling terminal. Where the user interactions are successful then the intended application is permitted to launch or, conversely, the intended application may be denied. Other solutions are provided in the event that the calling process is not associated with the controlling terminal.Type: GrantFiled: September 10, 2019Date of Patent: April 20, 2021Assignee: AVECTO LIMITEDInventors: Paul Thexton, Steven Joruk, Simon Fradkin
-
Publication number: 20200394295Abstract: Systems and methods are disclosed for event-based application control. A system extension is configured to leverage an endpoint security API for monitoring event activity within operating system kernel processes. The system extension registers with the endpoint security API particular event types for which the system extension would like to receive notifications. In response to receiving notifications regarding detected events corresponding to the registered event types, the system extension determines if the event, and its corresponding process, are safe and allowable to execute. In various embodiments, the system leverages whitelists, blacklists, and rules policies for making a safeness determination regarding the event notification. The system extension transmits this determination to the operating system via the endpoint security API.Type: ApplicationFiled: June 15, 2020Publication date: December 17, 2020Inventors: Omar Jawayd IKRAM, Simon FRADKIN
-
Publication number: 20200344067Abstract: Systems and methods for root-level application selective configuration for managing installation of applications in a file system include at least one computing device and an agent. The at least one computing device can receive selections from a user for a file and for actions desired to be executed on the file. Instead of requiring a particular privilege level for the user, the agent can be provided privileges based on a policy file associated with the selected file, thereby allowing the selectable actions to be executed via the agent. The agent can be executed by the at least one computing device and register with an OS during a boot sequence. The agent can receive a selection of a file and render a context menu based on metadata from an associated policy file. The context menu can include one or more badges providing an indication of executable actions for the selected file.Type: ApplicationFiled: April 27, 2020Publication date: October 29, 2020Inventors: Simon Fradkin, Steven Joruk
-
Publication number: 20200081752Abstract: An application control system (ACS) in a computer device intercepts a request to launch a requested application by a calling process, and determines, based on the requested application, that user interaction is required before launch. In response, the ACS establishes whether or not the calling process is associated with a controlling terminal and, if so, performs the user interactions using that controlling terminal. Where the user interactions are successful then the intended application is permitted to launch or, conversely, the intended application may be denied. Other solutions are provided in the event that the calling process is not associated with the controlling terminal.Type: ApplicationFiled: September 10, 2019Publication date: March 12, 2020Inventors: Paul Thexton, Steven Joruk, Simon Fradkin
-
Publication number: 20120284647Abstract: A method in a collaborative input system comprises a computer system, a display associated with the computer system, and a plurality of remote terminals each associated with one of a respective plurality of users and each having a display. The plurality of remote terminals are in communication with the computer system. The method comprises: displaying, on the display, a seed word; transmitting a request for a word from the computer to each of the remote terminals; at each of the remote terminals, prompting the respective user to enter a word by displaying a request for data entry; receiving, at at least one of the remote terminals, a word entered by a user; transmitting the entered word from the at least one of remote terminals to the computer; and displaying each word received from a remote terminal on the display in association with the seed word.Type: ApplicationFiled: November 3, 2011Publication date: November 8, 2012Applicant: PROMETHEAN LIMITEDInventors: Simon FRADKIN, David HARRISON
-
Publication number: 20120117517Abstract: A method of controlling a user interface comprising the steps of: detecting movement of a contact continuously between a first contact point at which contact is made and a second contact point at which contact is released; determining a state of a selection/de-selection mode of operation in dependence on: a line traced between the first contact point and the second contact point traversing one of more objects of an application layer; the first contact point not being co-incident with an object of the application layer; and the second contact point not being coincident with an object of the application layer.Type: ApplicationFiled: November 3, 2011Publication date: May 10, 2012Applicant: PROMETHEAN LIMITEDInventors: Simon FRADKIN, David HARRISON