Navin N Pai

US Patent:

20130111587, May 2, 2013

Filed:

Oct 27, 2011

Appl. No.:

13/283353

Inventors:

Nitin Kumar Goel - Bothell WA, US
Kenneth D. Johnson - Bellevue WA, US
Matthew Ryan Miller - Seattle WA, US
Navin Narayan Pai - Seattle WA, US
Grzegorz M. Wroblewski - Bellevue WA, US
Gregory Justice Riggs - Renton WA, US

Assignee:

MICROSOFT CORPORATION - Redmond WA

International Classification:

G06F 21/00

US Classification:

726 23, 726 25

Abstract:

The subject disclosure is directed towards detecting software vulnerabilities in an isolated computing environment. In order to evaluate each input submission from an external computer, a plurality of tasks are automatically generated for execution on one or more computing units running within the isolated computing environment. Various configurations of the one or more computing units are defined in which each computing unit executes the plurality of tasks. A report is produced comprising results associated with such an execution.

US Patent:

20190158497, May 23, 2019

Filed:

Nov 20, 2017

Appl. No.:

15/818481

Inventors:

- Redmond WA, US
Navin Narayan PAI - Seattle WA, US
Ivan Dimitrov PASHOV - Woodinville WA, US
Giridhar VISWANATHAN - Redmond WA, US
Benjamin M. SCHULTZ - Bellevue WA, US
Hari R. PULAPAKA - Redmond WA, US

International Classification:

H04L 29/06

Abstract:

Providing access control by a first operating system. A method includes receiving at the first operating system, from the second operating system, a request for a bounding reference to a set having at least one resource. A bounding reference for the set is obtained. The bounding reference comprises a reference created from a first operating system resolvable reference to the set. The method further includes providing the obtained bounding reference for the obtained provided bounding reference to the second operating system. A request, including the obtained bounding reference and an identifier identifying the second operating system for the set, is received from the second operating system. The obtained bounding reference and the identifier identifying the second operating system are evaluated. As a result of evaluating the obtained bounding reference and the identifier identifying the second operating system, a resource control action is performed.

US Patent:

20180322307, Nov 8, 2018

Filed:

Jun 30, 2017

Appl. No.:

15/640164

Inventors:

- Redmond WA, US
Gerardo DIAZ CUELLAR - Kirkland WA, US
Hari R. PULAPAKA - Redmond WA, US
Ivan Dimitrov PASHOV - Woodinville WA, US
Navin Narayan PAI - Seattle WA, US
Benjamin M. SCHULTZ - Redmond WA, US

International Classification:

G06F 21/62

Abstract:

A second operating system accessing resources from an external service. A method includes sending an anonymized request, for an anonymized user corresponding to an authorized user, for resources, through a broker. A request for proof indicating that the anonymized user is authorized to obtain the resources is received from the broker. As a result, a request is send to a first operating system for the proof that the anonymized user is authorized to obtain the resources. Proof is received from the first operating system, based on the anonymized user being associated with the authorized user, that the anonymized user is authorized to obtain the resources. The proof is provided to the broker. As a result, the resources are obtained by the second operating system from the service.

US Patent:

20160092691, Mar 31, 2016

Filed:

Sep 25, 2014

Appl. No.:

14/497221

Inventors:

- Redmond WA, US
Ronald Aigner - Aigner WA, US
Navin Pai - Seattle WA, US

International Classification:

G06F 21/62
H04L 29/06

Abstract:

Techniques for representation of operating system context in a trusted platform module are described. In at least some embodiments, authorization principals that corresponds to representations of operating system context are derived in a trusted platform module. The authorization principals can be used to define authorization policies for access to security assets stored in a trusted platform module.