Joseph Richard Steele

US Patent:

7555769, Jun 30, 2009

Filed:

Dec 16, 2004

Appl. No.:

11/016258

Inventors:

William M. Shapiro - Palo Alto CA, US
Joseph D. Steele - Danville CA, US

Assignee:

Adobe Systems Incorporated - San Jose CA

International Classification:

G06F 17/00
G06F 3/00

US Classification:

726 1, 715700, 715741

Abstract:

Methods and apparatus, including computer systems and program products, that relate to a security policy user interface. The methods feature a machine-implemented method that includes presenting labels of multiple security policies, receiving input specifying a selected security policy, and securing a first document according to the selected security policy. In that method, each security policy specifies criteria that governs use of an electronic document and has an associated security mechanism. Moreover, security mechanisms of a number of the multiple security policies distinctly enforce security of a document, and presenting labels of multiple security policies includes presenting at least two labels of two respective security policies such that a detailed description of a respective, associated security mechanism is left out. The security policies can be declarative security policies. At least one of the labels can include an abstract of a corresponding security mechanism.

US Patent:

8185741, May 22, 2012

Filed:

Jan 30, 2006

Appl. No.:

11/344293

Inventors:

Sunil C. Agrawal - Milpitas CA, US
Jagriti Uppal - Santa Clara CA, US
Joseph Steele - Danville CA, US

Assignee:

Adobe Systems Incorporated - San Jose CA

International Classification:

H04L 9/32

US Classification:

713176

Abstract:

Briefly, in accordance with one or more embodiments, a transport level transactional security may be converted into a persistent document signature. In one embodiment, a digital signature of an electronic mail message may be saved in a file attached to the electronic mail message. The file with the added digital signature may be saved, transmitted, received, and/or otherwise utilized independent of the original electronic mail message. A receiving node may verify the identity of an originating node based at least in part on the digital signature contained in the file. In alternative embodiment, the signature for the file may be generated at least in part on a message to be transmitted according to a secure transmission and/or file download protocol from a server to a client.

US Patent:

8220035, Jul 10, 2012

Filed:

Feb 29, 2008

Appl. No.:

12/040440

Inventors:

James D. Pravetz - Sunnyvale CA, US
Joseph D. Steele - Danville CA, US
Sunil Agrawal - Milpitas CA, US

Assignee:

Adobe Systems Incorporated - San Jose CA

International Classification:

H04L 29/06

US Classification:

726 5, 715749

Abstract:

A security component may be associated with a network-enabled application. The security component may initiate the display of an embedded region of a window drawn according to display information received from a relying party. The security component may define at least a portion of the appearance of the embedded region; the relying party may not define this portion. The embedded region may include customization information configured by a user, and “Card” information received from an assertion provider, indicating how to authenticate user credentials in order to gain access to relying party restricted content. The security component may request authentication of user credentials from the assertion provider, which may be trusted by the relying party. The security component may receive an assertion token from the assertion provider indicating the credentials are authentic. The security component may forward the assertion token to the relying party to gain access to the restricted content.

US Patent:

8353016, Jan 8, 2013

Filed:

Feb 29, 2008

Appl. No.:

12/040333

Inventors:

James D. Pravetz - Sunnyvale CA, US
Joseph D. Steele - Danville CA, US
Sunil Agrawal - Milpitas CA, US

Assignee:

Adobe Systems Incorporated - San Jose CA

International Classification:

H04L 29/06

US Classification:

726 5, 726 4, 715749

Abstract:

A security component may be associated with a network-enabled application. The security component may access a secure store, which may include customization information, which may include one or more graphical user interface customizations defined by a user, and one or more instances of card information. The card information may specify how to authenticate a user's credentials to access a relying party (e. g. , web site). The security component may initiate the display of an embedded region of a window drawn by the network-enabled application. At least a part of the appearance of the embedded region of the window may be defined according to the customization information and not by the relying party. The embedded region may provide a user interface for determining user authentication credentials. The customization information and the one or more instances of card information may not be accessible to the relying party.

US Patent:

8555078, Oct 8, 2013

Filed:

Feb 29, 2008

Appl. No.:

12/040445

Inventors:

James D. Pravetz - Sunnyvale CA, US
Joseph D. Steele - Danville CA, US
Sunil Agrawal - Milpitas CA, US

Assignee:

Adobe Systems Incorporated - San Jose CA

International Classification:

G06F 21/00
H04L 29/06
H04L 21/00
G06F 15/16

US Classification:

713185, 713155, 713182, 709206, 709229, 726 9

Abstract:

A security component may be associated with a network-enabled application. The network-enabled application may request access to restricted content from a relying party (e. g. , web site). The security component associated with the network-enabled application may receive authentication policy information from the relying party and send a user's authentication credentials to an assertion provider to authenticate the credentials. The relying party may trust the assertion provider to authenticate user credentials. Upon successful authentication, the assertion provider may return an assertion token to the security component and the security component may sign the assertion token as specified in the authentication policy information. Subsequently, the security token may forward the signed assertion token to the relying party and the relying party may grant access to the restricted content.

US Patent:

20140032899, Jan 30, 2014

Filed:

Nov 8, 2006

Appl. No.:

11/594467

Inventors:

Marc T. Kaufman - Woodside CA, US
Genevieve Laroche - San Jose CA, US
Roberto Perelman - Sunnyvale CA, US
Joseph D. Steele - Danville CA, US

International Classification:

G06F 21/62

US Classification:

713165

Abstract:

A system, for secure form delivery, may include a detector to detect a request to submit an electronic form that includes associated application data; an encryption module to respond to the request to submit the electronic form by automatically accessing an encryption key, determining destination information, and encrypting the associated application data, utilizing the encryption key; and a submit module to submit the electronic form to a destination, utilizing the destination information.

US Patent:

20160366116, Dec 15, 2016

Filed:

Aug 25, 2016

Appl. No.:

15/246965

Inventors:

- San Jose CA, US
Sheng Wei - San Jose CA, US
Joseph Donovan Steele - Danville CA, US

Assignee:

Adobe Systems Incorporated - San Jose CA

International Classification:

H04L 29/06
H04L 29/08

Abstract:

Techniques are disclosed for secure playback of protected multimedia content on a game console using a secret-less application. An SSO model can be used for client authentication at a key server, which eliminates the need of storing or using any secret information in the client application. Further, an encrypted content key generated by a content packager using a public key can be deployed in the key URI of a playlist file, which is sent to the key server. The key server can be configured to decrypt the content key using a corresponding private key. Further, the content key and unencrypted samples are protected in the game console client application from debugging and replay attacks by using additional security checks at both the client and key server. By storing secret information remotely from the game console and using the SSO model, DRM policies can be enforced on an untrusted client application.

US Patent:

20150235011, Aug 20, 2015

Filed:

Feb 19, 2014

Appl. No.:

14/183680

Inventors:

- San Jose CA, US
Sheng Wei - San Jose CA, US
Joseph Donovan Steele - Danville CA, US

Assignee:

Adobe Systems Incorporated - San Jose CA

International Classification:

G06F 21/10
G06F 21/62
H04L 29/06

Abstract:

Techniques are disclosed for secure playback of protected multimedia content on a game console using a secret-less application. An SSO model can be used for client authentication at a key server, which eliminates the need of storing or using any secret information in the client application. Further, an encrypted content key generated by a content packager using a public key can be deployed in the key URI of a playlist file, which is sent to the key server. The key server can be configured to decrypt the content key using a corresponding private key. Further, the content key and unencrypted samples are protected in the game console client application from debugging and replay attacks by using additional security checks at both the client and key server. By storing secret information remotely from the game console and using the SSO model, DRM policies can be enforced on an untrusted client application.