John L Rector

US Patent:

7756841, Jul 13, 2010

Filed:

Mar 22, 2005

Appl. No.:

11/087222

Inventors:

David B. Probert - Woodinville WA, US
Eric Li - Redmond WA, US
Genevieve Fernandes - Redmond WA, US
John Rector - Redmond WA, US

Assignee:

Microsoft Corporation - Redmond WA

International Classification:

G06F 17/30

US Classification:

707690, 707701

Abstract:

A system and method for identity decisions and invalidation. Modified objects (e. g. , files, executables, etc. ) are flagged for reevaluation. Privileges associated with the object are only persisted if the modifications are determined to be authorized (e. g. , updates and patches). In one embodiment, a tagging system registers to be notified of all writes, renames, truncations, moves, deletions, or any other relevant modifications to objects. If the tagging system detects a modification operation targeting the object, it invalidates all identity decisions cached with the object. The next time the object runs, the system does not recognize the object and it is forced to reevaluate its identity. Thus, patching and other write operations are still permitted, but the system detects the changed object and reevaluates the identity.

US Patent:

20050091192, Apr 28, 2005

Filed:

Oct 12, 2004

Appl. No.:

10/963479

Inventors:

David Probert - Woodinville WA, US
Eric Li - Redmond WA, US
John Rector - Redmond WA, US

Assignee:

Microsoft Corporation - Redmond WA

International Classification:

G06F007/00

US Classification:

707001000

Abstract:

Tracking creation of one or more files by an application program or operating system. A method of the invention dynamically maintains a list of files or other resources associated with a particular application program or operating system. The method maintains the list by detecting creation of a file, determining an identity for the file, identifying a list associated with the file identity, and adding the file to the list.

US Patent:

20050091214, Apr 28, 2005

Filed:

Sep 10, 2004

Appl. No.:

10/938094

Inventors:

David Probert - Woodinville WA, US
Eric Li - Redmond WA, US
Dragos Sambotin - Issaquah WA, US
Genevieve Fernandes - Bellevue WA, US
John Rector - Redmond WA, US
Edward Praitis - Woodinville WA, US
Valeriy Tsuryk - Sammamish WA, US

Assignee:

Mircrosoft Corporation - Redmond WA

International Classification:

G06F007/00

US Classification:

707009000

Abstract:

Granting an executable object (e.g., an application program, thread, or process) access to a namespace object (e.g., a named object, resource, file, or folder). A request by the executable object for the namespace object is intercepted and processed to determine whether a local namespace associated with the executable object, user, or session stores a copy of the requested namespace object. If the copy exists in one of the local namespaces, the request is granted and allowed to operate on that local namespace. If the requested namespace object exists only in a global namespace, the namespace object is copied to a local namespace. The request is then granted and allowed to operate on the copy of the namespace object in the local namespace. Protecting the namespace objects stored in the global namespace from modification improves the stability of the application program and operating system.

US Patent:

20050091655, Apr 28, 2005

Filed:

Sep 10, 2004

Appl. No.:

10/938126

Inventors:

David Probert - Woodinville WA, US
Eric Li - Redmond WA, US
John Rector - Redmond WA, US

Assignee:

Microsoft Corporation - Redmond WA

International Classification:

G06F009/46

US Classification:

718100000, 719328000

Abstract:

Maintaining a set of runtime objects. A method of the invention detects creation of a runtime object by an application program or operating system. The method evaluates a predicate for a set associated with the runtime object to determine membership of the runtime object in the set. Further, one or more properties of the set may be applied to the determined runtime object members of the set (e.g., to control access to a resource).