BRYAN MARK WILLMAN
Pilots at 80 Pl, Kirkland, WA

6529966, Mar 4, 2003

Aug 24, 1995

08/518852

Bryan M. Willman - Kirkland WA
Dan Alvin Hinsley - Issaquah WA
John David Vert - Seattle WA
David Otto Hovel - Redmond WA
Rita Mang Chee Wong - Issaquah WA

Microsoft Corporation - Redmond WA

G06F 900

710 10, 713 1

A method and system provides for booting a computer system after configuration data becomes unusable. One method and system provides for booting the computer system from a set of configuration data that last booted the system properly. An embodiment is directed to attempting to boot the computer system from a first set of configuration data, and, if the attempt is unsuccessful, automatically booting the computer system using the second set of configuration data which successfully booted the computer system and was previously stored. In response to a successful boot of the computer system using the first set of configuration data, an embodiment is directed to updating second set of configuration data so that it is equivalent to the first set of configuration data as the second set of configuration data that successfully booted the computer system.

6745306, Jun 1, 2004

Mar 7, 2000

09/520203

Bryan M. Willman - Kirkland WA
Paul England - Bellevue WA
John D. DeTreville - Seattle WA

Microsoft Corporation - Redmond WA

G06F 1214

711163, 711135, 711206, 711207

A method and system for protecting data on a computer system uses one or more restricted areas of memory to store proprietary or confidential data. The translation lookaside buffer (TLB) is used to regulate access to the restricted memory. When a TLB miss occurs during the execution of a program, the TLB miss handling logic determines whether the program is attempting to access restricted memory. If so, then the TLB miss handling logic determines whether the program is authorized to have access. If the program is not authorized to have access, then the TLB miss handling logic generates an exception, such as an invalid page fault, and the TLB is not loaded. If the program is authorized to have access to the restricted page, then the TLB is loaded with the appropriate address translation. As long as the translation remains in the TLB, future accesses to the page by an authorized program will require no additional checks and no additional CPU time.

5497492, Mar 5, 1996

Sep 8, 1993

8/118474

Mark J. Zbikowski - Woodinville WA
Alan R. Whitney - Bellevue WA
Rajen J. Shah - Bellevue WA
Bryan M. Willman - Kirkland WA
J. Gordon Letwin - Redmond WA

Microsoft Corporation - Redmond WA

G06F 15177

395700

A method in a computer system for loading an operating system into memory through use of a file system that is stored on secondary storage. The operating system is stored on secondary storage as files with file names. Before the operating system is loaded into memory, a bootstrap program loads the file system from secondary storage into memory. The file system is stored at locations in secondary storage that are known to the bootstrap program. The file system also has a mapping of file names of operating system files to locations in secondary storage that contain the operating system files. After loading the file system, the bootstrap program requests the loaded file system to load the operating system files by specifying the file names of the operating system files to be loaded. In response to the request, the file system uses the mapping to retrieve the locations in secondary storage of the operating system files specified by the file names. The loaded file system then loads the operating system files into memory from the retrieved locations of secondary storage.

8122361, Feb 21, 2012

Oct 23, 2003

10/691759

Idan Avraham - Seattle WA, US
Christine M. Chew - Redmond WA, US
Paul C. Roberts - Kirkland WA, US
Bryan Willman - Kirkland WA, US

Microsoft Corporation - Redmond WA

G06F 3/00, H04L 29/06

715741, 715742, 713164, 713166

Techniques are disclosed to provide security for graphical user interface elements being displayed in a system having a host operating system and a high assurance operating system. Graphical user interface elements associated with the high-assurance operating system may be prevented from being obscured and from any partial transparency. Additionally, a piece of secret information may be stored and displayed by graphical user interface elements associated with the high-assurance operating system. Coordinating certain elements of the graphical user interface elements associated with the high assurance operating system also helps to identify legitimate elements associated with the high assurance operating system. Public title information may be furnished to a host operating system windowing system to identify a window owned by a process running on a high-assurance operating system. Private title information associated with the same window may be used in the high assurance operating system.

7370199, May 6, 2008

Jan 28, 2004

10/766060

Michael A. Aday - Bellevue WA, US
Bryan M. Willman - Kirkland WA, US
Marcus Peinado - Bellevue WA, US
Alan S. Geller - Redmond WA, US

Microsoft Corporation - Redmond WA

G06F 21/00

713168

A method of controlling information exposure in a multiparty transaction includes an originating transaction participant cryptographically encoding all information for each of the transaction participants such that a unique data content and encryption are used for each of the messages destined to the other transaction participants. The cryptographically encoded messages are transmitted to the transaction participants such that each may decrypt their message and respond to a primary transaction participant with status concerning their portion of the transaction. After reception of affirmative status messages from the transaction participants, the primary transaction participant may transmit messages to the responding transaction participants to execute the multiparty transaction. The originating transaction participant may also be provided an indication that the multiparty transaction is executed.

7975117, Jul 5, 2011

Dec 19, 2003

10/741629

Marcus Peinado - Bellevue WA, US
Paul England - Bellevue WA, US
Bryan Mark Willman - Kirkland WA, US
Yuqun Chen - Bellevue WA, US
Andrew John Thornton - Seattle WA, US

Microsoft Corporation - Redmond WA

G06F 13/00

711163, 711153

Plural guest operating systems run on a computer, where a security kernel enforces a policy of isolation among the guest operating systems. An exclusion vector defines a set of pages that cannot be accessed by direct memory access (DMA) devices. The security kernel enforces an isolation policy by causing certain pages to be excluded from direct access. Thus, device drivers in guest operating systems are permitted to control DMA devices directly without virtualization of those devices, while each guest is prevented from using DMA devices to access pages that the guest is not permitted to access under the policy.

7330981, Feb 12, 2008

Apr 23, 2004

10/831596

Bryan Mark Willman - Kirkland WA, US

Microsoft Corporation - Redmond WA

G06F 21/22, H04L 9/00, H04K 1/00

713193, 713165, 726 27

A file locker manages the storage and use of protected data for software objects. A protected environment maintains the cryptographic and isolative infrastructure to support sealing of data items for use by a trusted agent. The file locker uses the protected environment's sealing functionality to seal data items for the file locker's exclusive access. The file locker seals, to itself, files received from software objects, and provides those files upon request, and upon sufficient proof of the requestor's trustworthiness, authenticity, and/or identity. The file locker may be used to extend the protected environment's sealing functionality to legacy applications, without the legacy applications having to implement agents that can run in the protected environment and access the sealing functionality directly.

7565505, Jul 21, 2009

Dec 9, 2005

11/298033

Marcus Peinado - Bellevue WA, US
Paul England - Bellevue WA, US
Bryan Mark Willman - Kirkland WA, US

Microsoft Corporation - Redmond WA

G06F 12/00

711163, 711154, 711152, 711202, 711203

A data storage resource is identifiable by physical addresses, and optionally by a virtual address. A policy defines which resources are accessible and which resources are not accessible. A request to access a resource is allowed if access to the resource is permitted by the policy, and if carrying out the access will not cause virtual addresses to be assigned to resources to which the policy disallows access. Since resources to which access is disallowed do not have virtual addresses, certain types of access requests that identify a resource by a virtual address can be allowed without consulting the policy.

5684993, Nov 4, 1997

Apr 16, 1996

8/632750

Bryan Willman - Kirkland WA

Microsoft Corporation - Redmond WA

G06F 1300

395677

A multi-processor system includes memory and at least two central processing units (CPUs) that may execute different threads of computation of a same task at the same time. CPU-specific data is segregated from shared task information of different threads of computation of the task. In particular, the shared task information is placed in memory locations of the memory that are directly addressable by both CPUs, and CPU-specific data are placed in memory locations that are directly addressable by only the associated CPU. No additional hardware is needed, and the memory and run-time costs of the invention are miniscule.

7565509, Jul 21, 2009

Nov 1, 2002

10/286613

Marcus Peinado - Bellevue WA, US
Paul England - Bellevue WA, US
Bryan Mark Willman - Kirkland WA, US

Microsoft Corporation - Redmond WA

G06F 12/00

711202, 711163, 711151, 711152

A data storage resource is identifiable by physical addresses, and optionally by a virtual address. A policy defines which resources are accessible and which resources are not accessible. A request to access a resource is allowed if access to the resource is permitted by the policy, and if carrying out the access will not cause virtual addresses to be assigned to resources to which the policy disallows access. Since resources to which access is disallowed do not have virtual addresses, certain types of access requests that identify a resource by a virtual address can be allowed without consulting the policy.