Patents by Inventor Ayla Kol
Ayla Kol has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230205572Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that receives requests to investigate an incident. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. An investigation pack, which includes investigative resources used in the investigation, is identified and the workspace is pre-configured with the identified investigation pack. The control message processing system performs investigation tasks within the workspace using the investigation pack.Type: ApplicationFiled: March 7, 2023Publication date: June 29, 2023Inventors: Yoganand RAJASEKARAN, Raquibur RAHMAN, Ayla KOL, Philip Ross MOYER, Brijesh Bhupendra DESAI, Zijun HAO, Mainul MIZAN, Kameshwar JAYARAMAN, Benjamin DU, PARUL MANEK, GANESH PANDEY
-
Patent number: 11665183Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that receives requests to investigate an incident. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. The control message processing system performs investigation tasks within the workspace. A secure log generation system captures information corresponding to the tasks and generates an event record based on the captured information.Type: GrantFiled: November 17, 2021Date of Patent: May 30, 2023Assignee: Microsoft Technology Licensing, LLCInventors: Yoganand Rajasekaran, Raquibur Rahman, Ayla Kol, Philip Ross Moyer, Brijesh Bhupendra Desai, Zijun Hao, Mainul Mizan, Kameshwar Jayaraman, Benjamin Du, Ganesh Pandey, Parul Manek
-
Patent number: 11630684Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that receives requests to investigate an incident. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. An investigation pack, which includes investigative resources used in the investigation, is identified and the workspace is pre-configured with the identified investigation pack. The control message processing system performs investigation tasks within the workspace using the investigation pack.Type: GrantFiled: July 26, 2019Date of Patent: April 18, 2023Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Yoganand Rajasekaran, Raquibur Rahman, Ayla Kol, Philip Ross Moyer, Brijesh Bhupendra Desai, Zijun Hao, Mainul Mizan, Kameshwar Jayaraman, Benjamin Du, Parul Manek, Ganesh Pandey
-
Publication number: 20230093731Abstract: Methods, systems, and computer programs are presented for protecting restricted actions on encryption keys that control the management of data stored by a service provider. In some implementations, a system of the service provider receives a request to generate a data encryption policy (DEP) for data stored by the system of the service provider for a customer, the request including a reference to a customer key and an availability key. The customer key and the availability key are root keys for encrypting a data encryption key. The data encryption key is used to encrypt the data stored by the service provider for the customer. Further, destructive changes to the availability key require receiving an approval from an account of the service provider. The system of the service provider validates the DEP. The system of the service provider stores the DEP based on the validation.Type: ApplicationFiled: November 28, 2022Publication date: March 23, 2023Inventors: Anuj DHAWAN, Brijesh Bhupendra DESAI, Kameshwar JAYARAMAN, Ayla KOL, Amit A. BAPAT, Qi CAO, Steven Jay LIEBERMAN, Ganesh PANDEY, Parul MANEK
-
Patent number: 11520918Abstract: Methods, systems, and computer programs are presented for protecting restricted actions on encryption keys that control the management of data stored by a service provider. In some implementations, a of the service provider receives a request to generate a data encryption policy (DEP) for data stored by the of the service provider for a customer, the request including a reference to a customer key and an availability key. The customer key and the availability key are root keys for encrypting a data encryption key. The data encryption key is used to encrypt the data stored by the service provider for the customer. Further, destructive changes to the availability key require receiving an approval from an account of the service provider. The of the service provider validates the DEP. The of the service provider stores the DEP based on the validation.Type: GrantFiled: February 3, 2021Date of Patent: December 6, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Anuj Dhawan, Brijesh Bhupendra Desai, Kameshwar Jayaraman, Ayla Kol, Amit A. Bapat, Qi Cao, Steven Jay Lieberman, Ganesh Pandey, Parul Manek
-
Publication number: 20220329666Abstract: A client-side system detects a current location of a client device and a cloud interaction metric. The geographic area around the location of the client device is divided into grid sections. The client-side system identifies a pre-defined reference location corresponding to the grid section that the client device location resides in. The pre-defined reference location, corresponding to that grid section, and the cloud interaction metric are provided to a remote server computing system.Type: ApplicationFiled: June 27, 2022Publication date: October 13, 2022Inventors: Srinivasachakrapani KOTIPALLI, Parul MANEK, Konstantin E. RYVKIN, Brad RUTKOWSKI, Gregory Irving THIEL, Ayla KOL
-
Publication number: 20220245268Abstract: Methods, systems, and computer programs are presented for protecting restricted actions on encryption keys that control the management of data stored by a service provider. In some implementations, a system of the service provider receives a request to generate a data encryption policy (DEP) for data stored by the system of the service provider for a customer, the request including a reference to a customer key and an availability key. The customer key and the availability key are root keys for encrypting a data encryption key. The data encryption key is used to encrypt the data stored by the service provider for the customer. Further, destructive changes to the availability key require receiving an approval from an account of the service provider. The system of the service provider validates the DEP. The system of the service provider stores the DEP based on the validation.Type: ApplicationFiled: February 3, 2021Publication date: August 4, 2022Inventors: Anuj Dhawan, Brijesh Bhupendra DESAI, Kameshwar JAYARAMAN, Ayla KOL, Amit A. BAPAT, Qi CAO, Steven Jay LIEBERMAN, Ganesh PANDEY, Parul MANEK
-
Patent number: 11405474Abstract: A client-side system detects a current location of a client device and a cloud interaction metric. The geographic area around the location of the client device is divided into grid sections. The client-side system identifies a pre-defined reference location corresponding to the grid section that the client device location resides in. The pre-defined reference location, corresponding to that grid section, and the cloud interaction metric are provided to a remote server computing system.Type: GrantFiled: November 1, 2019Date of Patent: August 2, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Srinivasachakrapani Kotipalli, Parul Manek, Konstantin E. Ryvkin, Brad Rutkowski, Gregory Irving Thiel, Ayla Kol
-
Patent number: 11388172Abstract: A request to perform a command or operation on a computing system is received from a support user. A clearance level needed to perform that requested command or operation is identified, and a data store that has a pool of cleared users is accessed to identify a cleared user that has an adequate clearance level. The secured user is assigned to the request. A risk level, corresponding to the requested command or operation is identified and surfaced for the secured user. The requested command or operation can be automatically executed, after it is authorized by the secured user.Type: GrantFiled: August 7, 2019Date of Patent: July 12, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Soumit Rahman, Ganesh Pandey, Curtis Thibault, Kameshwar Jayaraman, Ajay Kalidindi, Ayla Kol, Yeshua Garcia, Priyanshu Kumar Jha, Parul Manek, Yoganand Rajasekaran
-
Publication number: 20220078200Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that receives requests to investigate an incident. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. The control message processing system performs investigation tasks within the workspace. A secure log generation system captures information corresponding to the tasks and generates an event record based on the captured information.Type: ApplicationFiled: November 17, 2021Publication date: March 10, 2022Inventors: Yoganand Rajasekaran, Raquibur Rahman, Ayla Kol, Philip Ross Moyer, Brijesh Bhupendra Desai, Zijun Hao, Mainul Mizan, Kameshwar Jayaraman, Benjamin Du, Ganesh Pandey, Parul Manek
-
Patent number: 11212300Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that receives requests to investigate an incident. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. The control message processing system performs investigation tasks within the workspace. A secure log generation system captures information corresponding to the tasks and generates an event record based on the captured information.Type: GrantFiled: July 26, 2019Date of Patent: December 28, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Yoganand Rajasekaran, Raquibur Rahman, Ayla Kol, Philip Ross Moyer, Brijesh Bhupendra Desai, Zijun Hao, Mainul Mizan, Kameshwar Jayaraman, Benjamin Du, Ganesh Pandey, Parul Manek
-
Patent number: 11153321Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that is a user-facing system and receives requests to prepare for an incident investigation. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. The request processing system does not access the workspace and the control message processing system is not available for external access by a user. Data and functionality are ingested into the workspace. The control message processing system performs investigation preparation tasks within the workspace. The results of the investigation tasks are surfaced for user access.Type: GrantFiled: July 26, 2019Date of Patent: October 19, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Yoganand Rajasekaran, Raquibur Rahman, Ayla Kol, Philip Ross Moyer, Brijesh Bhupendra Desai, Zijun Hao, Mainul Mizan, Kameshwar Jayaraman, Benjamin Du, Ganesh Pandey, Parul Manek
-
Patent number: 11044079Abstract: Systems, methods, and software technology for managing keys used to encrypt data at-rest and decrypt the data when serving requests for the data. In an implementation, a data service receives a request for data that has been encrypted at rest using a data key, wherein the data key has been encrypted using a policy key, and wherein the policy key has been encrypted using a root key. When the root key is unavailable, the data service requests a key service to decrypt the policy key using an alternative root key. When the data service receives the policy key in an unencrypted state from the key service, it decrypts the data key using the policy key and decrypts the data using the data key.Type: GrantFiled: April 19, 2019Date of Patent: June 22, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Ayla Kol, Kameshwar Jayaraman, Yoganand Rajasekaran, Jaclynn Hiranaka, Girish Nagaraja, Nikhil Aggarwal, Paul Howard Rich
-
Publication number: 20210136161Abstract: A client-side system detects a current location of a client device and a cloud interaction metric. The geographic area around the location of the client device is divided into grid sections. The client-side system identifies a pre-defined reference location corresponding to the grid section that the client device location resides in. The pre-defined reference location, corresponding to that grid section, and the cloud interaction metric are provided to a remote server computing system.Type: ApplicationFiled: November 1, 2019Publication date: May 6, 2021Inventors: Srinivasachakrapani KOTIPALLI, Parul MANEK, Konstantin E. RYVKIN, Brad RUTKOWSKI, Gregory Irving THIEL, Ayla KOL
-
Publication number: 20210044597Abstract: A request to perform a command or operation on a computing system is received from a support user. A clearance level needed to perform that requested command or operation is identified, and a data store that has a pool of cleared users is accessed to identify a cleared user that has an adequate clearance level. The secured user is assigned to the request. A risk level, corresponding to the requested command or operation is identified and surfaced for the secured user. The requested command or operation can be automatically executed, after it is authorized by the secured user.Type: ApplicationFiled: August 7, 2019Publication date: February 11, 2021Inventors: Soumit Rahman, Ganesh Pandey, Curtis Thibault, Kameshwar Jayaraman, Ajay Kalidindi, Ayla Kol, Yeshua Garcia, Priyanshu Kumar Jha, Parul Manek, Yoganand Rajasekaran
-
Publication number: 20210029128Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that is a user-facing system and receives requests to prepare for an incident investigation. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. The request processing system does not access the workspace and the control message processing system is not available for external access by a user. Data and functionality are ingested into the workspace. The control message processing system performs investigation preparation tasks within the workspace. The results of the investigation tasks are surfaced for user access.Type: ApplicationFiled: July 26, 2019Publication date: January 28, 2021Inventors: Yoganand RAJASEKARAN, Raquibur RAHMAN, Ayla KOL, Philip Ross MOYER, Brijesh Bhupendra DESAI, Zijun HAO, Mainul MIZAN, Kameshwar JAYARAMAN, Benjamin DU, Ganesh PANDEY, Parul MANEK
-
Publication number: 20210029142Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that receives requests to investigate an incident. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. The control message processing system performs investigation tasks within the workspace. A secure log generation system captures information corresponding to the tasks and generates an event record based on the captured information.Type: ApplicationFiled: July 26, 2019Publication date: January 28, 2021Inventors: Yoganand RAJASEKARAN, Raquibur RAHMAN, Ayla KOL, Philip Ross MOYER, Brijesh Bhupendra DESAI, Zijun HAO, Mainul MIZAN, Kameshwar JAYARAMAN, Benjamin DU, Ganesh PANDEY, Parul MANEK
-
Publication number: 20210026674Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that receives requests to investigate an incident. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. An investigation pack, which includes investigative resources used in the investigation, is identified and the workspace is pre-configured with the identified investigation pack. The control message processing system performs investigation tasks within the workspace using the investigation pack.Type: ApplicationFiled: July 26, 2019Publication date: January 28, 2021Inventors: YOGANAND RAJASEKARAN, RAQUIBUR RAHMAN, AYLA KOL, PHILIP ROSS MOYER, BRIJESH BHUPENDRA DESAI, ZIJUN HAO, MAINUL MIZAN, KAMESHWAR JAYARAMAN, BENJAMIN DU, PARUL MANEK, GANESH PANDEY
-
Publication number: 20200099519Abstract: Systems, methods, and software technology for managing keys used to encrypt data at-rest and decrypt the data when serving requests for the data. In an implementation, a data service receives a request for data that has been encrypted at rest using a data key, wherein the data key has been encrypted using a policy key, and wherein the policy key has been encrypted using a root key. When the root key is unavailable, the data service requests a key service to decrypt the policy key using an alternative root key. When the data service receives the policy key in an unencrypted state from the key service, it decrypts the data key using the policy key and decrypts the data using the data key.Type: ApplicationFiled: April 19, 2019Publication date: March 26, 2020Inventors: Ayla Kol, Kameshwar Jayaraman, Yoganand Rajasekaran, Jaclynn Hiranaka, Girish Nagaraja, Nikhil Aggarwal, Paul Howard Rich
-
Patent number: 8924589Abstract: High availability architecture that employs a mid-tier proxy server to route client communications to active data store instances in response to failover and switchover. The proxy server includes an active manager client that interfaces to an active manager in each of the backend servers. State information and configuration information are maintained separately and according to semantics consistent with needs of corresponding data, the configuration information changing less frequently and more available, the state information changing more frequently and less available. The active manager indicates to the proxy server which of the data storage instances is the currently the active instance. In the event that the currently active instance is inactive, the proxy server selects a different backend server that currently hosts the active data store instance. Client communications are then routed to the different backend server with minimal or no interruption to the client.Type: GrantFiled: September 7, 2012Date of Patent: December 30, 2014Assignee: Microsoft CorporationInventors: Gregory Thiel, Alexander R. Wetmore, Ayla Kol, Rebecca Benfield, James Kleewein, Naresh Sundaram, Yogesh Bansal, Mark Wistrom, Manoharan Kuppusamy