Nir B Zvi

US Patent:

7380269, May 27, 2008

Filed:

Apr 14, 2006

Appl. No.:

11/404448

Inventors:

Nir Ben Zvi - Redmond WA, US
Kristjan E. Hatlelid - Sammamish WA, US
Andrey V. Lelikov - Redmond WA, US

Assignee:

Microsoft Corporation - Redmond WA

International Classification:

G06F 7/04
G06F 17/30
G06K 9/00
H03M 1/68

US Classification:

726 2, 726 22, 726 26

Abstract:

A mechanism for redirecting a code execution path in a running process. A one-byte interrupt instruction (e. g. , INT 3) is inserted into the code path. The interrupt instruction passes control to a kernel handler, which after executing a replacement function, returns to continue executing the process. The replacement function resides in a memory space that is accessible to the kernel handler. The redirection mechanism may be applied without requiring a reboot of the computing device on which the running process is executing. In addition, the redirection mechanism may be applied without overwriting more than one byte in the original code.

US Patent:

8001596, Aug 16, 2011

Filed:

May 3, 2007

Appl. No.:

11/743755

Inventors:

Matthias Wollnik - Seattle WA, US
Nir Ben Zvi - Redmond WA, US
Hakki Tunc Bostanci - Redmond WA, US
John Richard McDowell - Seattle WA, US
Aaron Goldsmid - Seattle WA, US

Assignee:

Microsoft Corporation - Redmond WA

International Classification:

G06F 11/00

US Classification:

726 22, 726 23, 726 24, 726 25, 726 26, 726 27, 726 28, 726 29, 726 30, 726 31, 726 32, 726 33, 713189, 713193

Abstract:

A method to apply a protection mechanism to a binary object includes using operating system resources to load a binary object from a storage medium along with a manifest and a digital signature. Authentication of the binary object is performed using the digital signature and the manifest is read to determine a category of protection for the binary object. The operating system selects a protection mechanism corresponding to the protection category and injects protection mechanism code, along with the binary object into a binary image on computer RAM. When the binary image is accessed, the protection mechanism executes and either allows full access and functionality to the binary object or prevents proper access and operation of the binary object. The protection mechanisms may be updated independently from the information on the storage medium.

US Patent:

8103592, Jan 24, 2012

Filed:

Nov 14, 2005

Appl. No.:

11/273775

Inventors:

Donald H. Rule - Mercer Island WA, US
Kristjan E. Hatlelid - Sammamish WA, US
Nir Ben Zvi - Redmond WA, US

Assignee:

Microsoft Corporation - Redmond WA

International Classification:

G06F 21/00

US Classification:

705 59, 705 51, 726 2, 726 22, 726 26, 726 27, 726 30, 713150, 713182, 713189

Abstract:

Upon a first process encountering a triggering device, a second process chooses whether to proxy-execute code corresponding to the triggering device of the first process on behalf of such first process based at least in part on whether a license evaluator of the second process has determined that the first process is to be operated in accordance with the terms and conditions of a corresponding digital license. The license evaluator at least in part performs such determination by running a script corresponding to the triggering device in the code of the first process. Thus, the first process is dependent upon the second process and the license for operation thereof.

US Patent:

8266691, Sep 11, 2012

Filed:

Apr 13, 2007

Appl. No.:

11/735284

Inventors:

Nir Ben Zvi - Redmond WA, US

Assignee:

Microsoft Corporation - Redmond WA

International Classification:

G06F 21/24

US Classification:

726 22, 726 26, 713165, 713176, 713189, 713171

Abstract:

A method of validating software is disclosed. The method may include receiving, at a first function, a first hash and a first version. The first function may validate a second function according to the first hash and first version. The second function may receive a second hash and a second version, and the second function may validate a third function according to the second hash and second version. The first version and first hash may be stored within the first function, for example. The first version and first hash may be stored within a manifest, for example. In another embodiment, a method of validating software may include storing a plurality of functions and storing a version and hash for each function. Each function may be verified according to the respective version and hash, and each function may verify at least one other function.

US Patent:

8380634, Feb 19, 2013

Filed:

Dec 21, 2011

Appl. No.:

13/332698

Inventors:

Donald H. Rule - Mercer Island WA, US
Kristjan E. Hatlelid - Sammamish WA, US
Nir Ben Zvi - Redmond WA, US

Assignee:

Microsoft Corporation - Redmond WA

International Classification:

G06F 21/00

US Classification:

705 59, 705 51, 705 78, 726 2, 726 22, 726 26, 726 27, 726 30, 713150, 713182, 713189

Abstract:

Upon a first process encountering a triggering device, a second process chooses whether to proxy-execute code corresponding to the triggering device of the first process on behalf of such first process based at least in part on whether a license evaluator of the second process has determined that the first process is to be operated in accordance with the terms and conditions of a corresponding digital license. The license evaluator at least in part performs such determination by running a script corresponding to the triggering device in the code of the first process. Thus, the first process is dependent upon the second process and the license for operation thereof.

US Patent:

20070101131, May 3, 2007

Filed:

Nov 1, 2005

Appl. No.:

11/265265

Inventors:

Ivan Davtchev - Seattle WA, US
Karan Dhillon - Renton WA, US
Nir Zvi - Redmond WA, US
Aaron Goldsmid - Seattle WA, US
Ping Xie - Bellevue WA, US
Yifat Sagiv - Redmond WA, US

Assignee:

Microsoft Corporation - Redmond WA

International Classification:

H04L 9/00

US Classification:

713166000

Abstract:

A security flag stored in a trusted store is utilized to determine if the trusted store has been subjected to tampering. The security flag is indicative of a globally unique identifier (GUID), the version of the trusted store, and a counter. The security flag is created when the trusted store is created. Each time a critical event occurs, the security flag is updated to indicate the occurrence thereof. The security flag also is stored in a write-once portion of the system registry. At appropriate times, the security flag stored in the trusted store is compared with the corresponding security flag stored in the write-once registry. If the security flags match within a predetermined tolerance, it is determined that the trusted store has not been subjected to tampering. If the security flags do not match, or if a security flag is missing, it is determined that the trusted store has been subjected to tampering.

US Patent:

20120167158, Jun 28, 2012

Filed:

Dec 24, 2010

Appl. No.:

12/978451

Inventors:

Paul Leach - Seattle WA, US
David McPherson - Bothell WA, US
Vishal Agarwal - Bothell WA, US
Mark Fishel Novak - Newcastle WA, US
Ming Tang - Redmond WA, US
Ramaswamy Ranganathan - Bellevue WA, US
Pranav Kukreja - Bellevue WA, US
Andrey Popov - Renton WA, US
Nir Ben Zvi - Redmond WA, US
Arun K. Nanda - Sammamish WA, US

Assignee:

MICROSOFT CORPORATION - Redmond WA

International Classification:

G06F 17/00

US Classification:

726 1, 726 21

Abstract:

Resource authorization policies and resource scopes may be defined separately, thereby decoupling a set of authorization rules from the scope of resources to which those rules apply. In one example, a resource includes anything that can be used in a computing environment (e.g., a file, a device, etc.). A scope describes a set of resources (e.g., all files in folder X, all files labeled “Y”, etc.). Policies describe what can be done with a resource (e.g., “read-only,” “read/write,” “delete, if requestor is a member of the admin group,” etc.). When scopes and policies have been defined, they may be linked, thereby indicating that the policy applies to any resource within the scope. When a request for the resource is made, the request is evaluated against all policies associated with scopes that contain the resource. If the conditions specified in the policies apply, then the request may be granted.

US Patent:

20130125199, May 16, 2013

Filed:

Nov 10, 2011

Appl. No.:

13/294162

Inventors:

Mark F. Novak - Newcastle WA, US
Paul Leach - Seattle WA, US
Vishal Agarwal - Bothell WA, US
David McPherson - Bothell WA, US
Sunil Gottumukkala - Redmond WA, US
Jignesh Shah - Redmond WA, US
Arun K. Nanda - Sammamish WA, US
Nir Ben Zvi - Redmond WA, US
Pranav Kukreja - Bellevue WA, US
Ramaswamy Ranganathan - Bellevue WA, US

Assignee:

MICROSOFT CORPORATION - Redmond WA

International Classification:

G06F 21/00

US Classification:

726 1

Abstract:

A policy that governs access to a resource may be tested against real-world access requests before being used to control access to the resource. In one example, access to a resource is governed by a policy, referred to as an effective policy. When the policy is to be modified or replaced, the modification or replacement may become a test policy. When a request is made to access the resource, the request may be evaluated under both the effective policy and the test policy. Whether access is granted is determined under the effective policy, but the decision that would be made under the test policy is noted, and may be logged. If the test policy is determined to behave acceptably when confronted with real-world access requests, then the current effective policy may be replaced with the test policy.