公开(公告)号：US20240119168A1

公开(公告)日：2024-04-11

申请号：US17938711

申请日：2022-10-07

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ramarathnam VENKATESAN ,  Nishanth CHANDRAN ,  Panagiotis ANTONOPOULOS ,  Srinath T.V. SETTY ,  Basil CHERIAN ,  Daniel John CARROLL, JR. ,  Jason Sydney BARNWELL

IPC: G06F21/62 ,  H04L9/08 ,  H04L9/32

CPC classification number: G06F21/6227 ,  H04L9/085 ,  H04L9/3263

Abstract: Embodiments described herein enable at least one of a plurality of entities to access data protected by a security policy in response to validating respective digital access requests from the entities. The respective digital access requests are received, each comprising a proof. For each request, an encrypted secret share is obtained from a respective ledger database. Each request is validated based at least on the respective encrypted secret share and the proof, without decrypting the respective encrypted secret share. In response to validating all of the requests, a verification that an access criteria of a security policy is met is made. If so, at least one of the entities is provided with access to data protected by the security policy. In an aspect, embodiments enable a blind subpoena to be performed. In another aspect, embodiments enable the at least one entity to access the data for an isolated purpose.

公开(公告)号：US20190147188A1

公开(公告)日：2019-05-16

申请号：US15815593

申请日：2017-11-16

Applicant: Microsoft Technology Licensing, LLC

Inventor： Josh D. BENALOH ,  Harsha P. NORI ,  Janardhan Dattatreya KULKARNI ,  Joshua Stanley ALLEN ,  Jacob Rubin LORCH ,  Melissa Erin CHASE ,  Olga OHRIMENKO ,  Sergey YEKHANIN ,  Srinath T.V. SETTY ,  Bolin DING

IPC: G06F21/62 ,  G06F21/60 ,  H04L9/32

Abstract: This document relates to hardware protection of differential privacy techniques. One example obtains multiple instances of encrypted telemetry data within a secure enclave and processes the encrypted telemetry data to obtain multiple instances of unencrypted telemetry data. The example also processes, within the secure enclave, the multiple instances of unencrypted telemetry data to obtain a perturbed aggregate. The example also releases the perturbed aggregate from the secure enclave.

公开(公告)号：US20240121081A1

公开(公告)日：2024-04-11

申请号：US18045335

申请日：2022-10-10

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ramarathnam VENKATESAN ,  Nishanth CHANDRAN ,  Ganesh ANANTHANARAYANAN ,  Panagiotis ANTONOPOULOS ,  Srinath T.V. SETTY ,  Daniel John CARROLL, JR. ,  Kiran MUTHABATULLA ,  Yuanchao SHU ,  Sanjeev MEHROTRA

IPC: H04L9/08

CPC classification number: H04L9/0825 ,  H04L9/085 ,  H04L9/0866

Abstract: An access control system is disclosed for controlling access to a resource. A request is received by a location attribute policy (LAP) server to access an encrypted resource. The LAP server accesses a resource policy that identifies requirements for granting access to the encrypted resource, such as a list of attributes of the requestor that are required and a dynamic attribute requirement of the requestor. The LAP server receives a cryptographic proof from the computing device that the requestor possesses the attributes and validates the proof based at least on information obtained from a trusted ledger. Once the proof is validated, the LAP server provides a shared secret associated with the dynamic attribute requirement to a decryption algorithm. The decryption algorithm uses the dynamic attribute shared secret in combination with one or more attribute shared secrets from the requestor to generate a decryption key for the encrypted resource.