Patents by Inventor Brian Stuart Perlman
Brian Stuart Perlman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230396497Abstract: This document relates to a process for supporting the management of a variety of types of deployed devices. Administrators utilizing enterprise services can provide generic configuration data using configuration templates, which can be provided to a management server. The management server can then precompute device-specific configuration settings and resolve any conflicts that may arise based on the configuration templates. The configuration templates can also include placeholders for secret values, and once a managed device checks in to the management server, the secret values can be retrieved from an applicable enterprise service and provided to the managed device at the time of applying the configuration template.Type: ApplicationFiled: August 18, 2023Publication date: December 7, 2023Applicant: Microsoft Technology Licensing, LLCInventors: Peter John Richards, Sean Anderson Bowles, Haipeng Li, Peter J. Kaufman, Shayak Lahiri, Brian Stuart Perlman, Venkata Raghuram Pampana, Dhruma Kishan Parikh, Manoj Jain
-
Patent number: 11792184Abstract: This document relates to a process for autopilot re-enrollment of managed devices in a network following a reset of the managed devices. Upon determining that the managed devices lack a hardware authenticator, a one-time password can be issued to the managed devices that may be stored in a persistent memory, and upon reset of the managed devices, the one-time password can be returned for validation and the managed devices can be automatically re-enrolled in the network upon validation of the one-time password.Type: GrantFiled: December 5, 2019Date of Patent: October 17, 2023Assignee: Microsoft Technology Licensing, LLCInventors: Adrian Francisco Teran Guajardo, Brian Stuart Perlman
-
Patent number: 11775647Abstract: This document relates to securing ownership of devices to particular users when the devices are shipped directly from an original equipment manufacturer in order to prevent malicious use of devices that are lost or stolen. A purchaser may purchase a device from an original equipment manufacturer, and as part of the purchasing process, may provide ownership information for the device, which may include a user identifier and an identity provider. The ownership data can be written to firmware, and upon powering on of the device, the device can request a user identifier, which is then validated by the identity provider before allowing operating systems operations to continue on the device.Type: GrantFiled: June 25, 2020Date of Patent: October 3, 2023Assignee: Microsoft Technology Licensing, LLCInventors: Anni Dong, Yanan Zhang, Brian Stuart Perlman
-
Patent number: 11770300Abstract: This document relates to a process for supporting the management of a variety of types of deployed devices. Administrators utilizing enterprise services can provide generic configuration data using configuration templates, which can be provided to a management server. The management server can then precompute device-specific configuration settings and resolve any conflicts that may arise based on the configuration templates. The configuration templates can also include placeholders for secret values, and once a managed device checks in to the management server, the secret values can be retrieved from an applicable enterprise service and provided to the managed device at the time of applying the configuration template.Type: GrantFiled: April 20, 2022Date of Patent: September 26, 2023Assignee: Microsoft Technology Licensing, LLCInventors: Peter John Richards, Sean Anderson Bowles, Haipeng Li, Peter J. Kaufman, Shayak Lahiri, Brian Stuart Perlman, Venkata Raghuram Pampana, Dhruma Kishan Parikh, Manoj Jain
-
Publication number: 20230297724Abstract: Embodiments described herein involve building upon a hardware identity of a device and using it to match and detect hardware changes on the device and to identify potential identity mismatches. At initialization, the device also generates a globally-unique identification (GUID) marker that persists across operating system (OS) reinstallations. On the device, there is a periodic routine that detects hardware mismatches by comparing the current identity of the device with a cached version, along with the GUID. Once a change is detected, the device sends a request to a service that stores a hint (e.g., the GUID) for a later secure restoration attempt. A remote service (e.g., a cloud-based service) then attempts to restore the hardware identity of the device upon next check-in via a secure transmission of the updated identity, as well as resolving conflicts in a device record maintained by the remote service.Type: ApplicationFiled: May 31, 2022Publication date: September 21, 2023Inventors: Brian Stuart PERLMAN, Daniel Chavez ZAYAS, Eric Phuoc HUANG, Marilyn Lai SUN, Hung Minh DANG, Juanita Jestina BAPTISTE, Zakariyah Toyer
-
Publication number: 20230006832Abstract: Techniques are described herein that are capable of registering a user device with a cloud-based management service using an intermediate cloud storage. For instance, the intermediate cloud storage may store an encrypted data blob including information that identifies the user device. The intermediate cloud storage or a registration system may decrypt the encrypted data blob so that the registration system may use the decrypted data blob to register the user device with the cloud-based management service. For instance, the registration system may retrieve the encrypted or decrypted data blob from the intermediate cloud storage by providing a requisite secret to the intermediate cloud storage. The requisite secret may be provided to the registration system by the user device (e.g., via a matrix barcode, such as a QR code).Type: ApplicationFiled: September 3, 2022Publication date: January 5, 2023Inventors: Adrian Francisco TERAN GUAJARDO, Hung Minh DANG, Yanan ZHANG, Brian Stuart PERLMAN, Colin William HASSETT, Jonathan M. ANDES
-
Patent number: 11438163Abstract: Techniques are described herein that are capable of registering a user device with a cloud-based management service using an intermediate cloud storage. For instance, the intermediate cloud storage may store an encrypted data blob including information that identifies the user device. The intermediate cloud storage or a registration system may decrypt the encrypted data blob so that the registration system may use the decrypted data blob to register the user device with the cloud-based management service. For instance, the registration system may retrieve the encrypted or decrypted data blob from the intermediate cloud storage by providing a requisite secret to the intermediate cloud storage. The requisite secret may be provided to the registration system by the user device (e.g., via a matrix barcode, such as a QR code).Type: GrantFiled: June 30, 2020Date of Patent: September 6, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Adrian Francisco Teran Guajardo, Hung Minh Dang, Yanan Zhang, Brian Stuart Perlman, Colin William Hassett, Jonathan M. Andes
-
Publication number: 20220247636Abstract: This document relates to a process for supporting the management of a variety of types of deployed devices. Administrators utilizing enterprise services can provide generic configuration data using configuration templates, which can be provided to a management server. The management server can then precompute device-specific configuration settings and resolve any conflicts that may arise based on the configuration templates. The configuration templates can also include placeholders for secret values, and once a managed device checks in to the management server, the secret values can be retrieved from an applicable enterprise service and provided to the managed device at the time of applying the configuration template.Type: ApplicationFiled: April 20, 2022Publication date: August 4, 2022Applicant: Microsoft Technology Licensing, LLCInventors: Peter John Richards, Sean Anderson Bowles, Haipeng Li, Peter J. Kaufman, Shayak Lahiri, Brian Stuart Perlman, Venkata Raghuram Pampana, Dhruma Kishan Parikh, Manoj Jain
-
Patent number: 11343148Abstract: This document relates to a process for supporting the management of a variety of types of deployed devices. Administrators utilizing enterprise services can provide generic configuration data using configuration templates, which can be provided to a management server. The management server can then precompute device-specific configuration settings and resolve any conflicts that may arise based on the configuration templates. The configuration templates can also include placeholders for secret values, and once a managed device checks in to the management server, the secret values can be retrieved from an applicable enterprise service and provided to the managed device at the time of applying the configuration template.Type: GrantFiled: March 9, 2020Date of Patent: May 24, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Peter John Richards, Sean Anderson Bowles, Haipeng Li, Peter J. Kaufman, Shayak Lahiri, Brian Stuart Perlman, Venkata Raghuram Pampana, Dhruma Kishan Parikh, Manoj Jain
-
Publication number: 20210377033Abstract: Techniques are described herein that are capable of registering a user device with a cloud-based management service using an intermediate cloud storage. For instance, the intermediate cloud storage may store an encrypted data blob including information that identifies the user device. The intermediate cloud storage or a registration system may decrypt the encrypted data blob so that the registration system may use the decrypted data blob to register the user device with the cloud-based management service. For instance, the registration system may retrieve the encrypted or decrypted data blob from the intermediate cloud storage by providing a requisite secret to the intermediate cloud storage. The requisite secret may be provided to the registration system by the user device (e.g., via a matrix barcode, such as a QR code).Type: ApplicationFiled: June 30, 2020Publication date: December 2, 2021Inventors: Adrian Francisco Teran Guajardo, Hung Minh Dang, Yanan Zhang, Brian Stuart Perlman, Colin William Hassett, Jonathan M. Andes
-
Publication number: 20210281481Abstract: This document relates to a process for supporting the management of a variety of types of deployed devices. Administrators utilizing enterprise services can provide generic configuration data using configuration templates, which can be provided to a management server. The management server can then precompute device-specific configuration settings and resolve any conflicts that may arise based on the configuration templates. The configuration templates can also include placeholders for secret values, and once a managed device checks in to the management server, the secret values can be retrieved from an applicable enterprise service and provided to the managed device at the time of applying the configuration template.Type: ApplicationFiled: March 9, 2020Publication date: September 9, 2021Applicant: Microsoft Technology Licensing, LLCInventors: Peter John Richards, Sean Anderson Bowles, Haipeng Li, Peter J. Kaufman, Shayak Lahiri, Brian Stuart Perlman, Venkata Raghuram Pampana, Dhruma Kishan Parikh, Manoj Jain
-
Publication number: 20210176232Abstract: This document relates to a process for autopilot re-enrollment of managed devices in a network following a reset of the managed devices. Upon determining that the managed devices lack a hardware authenticator, a one-time password can be issued to the managed devices that may be stored in a persistent memory, and upon reset of the managed devices, the one-time password can be returned for validation and the managed devices can be automatically re-enrolled in the network upon validation of the one-time password.Type: ApplicationFiled: December 5, 2019Publication date: June 10, 2021Applicant: Microsoft Technology Licensing, LLCInventors: Adrian Francisco TERAN GUAJARDO, Brian Stuart PERLMAN
-
Publication number: 20090204544Abstract: A mechanism for delegating trust to activate a target program from the vendor (or its intermediary) to a customer (or its intermediary) using an issuance license. The customer may then activate using their own authentication implementation. Also, a method for formulating an issuance license that permits such delegation. Furthermore, a method for an entity outside of a customer to gather trace information from the activation process after the fact that allows a customer to identify the activating entity without the outside entity first identifying the activating entity.Type: ApplicationFiled: February 8, 2008Publication date: August 13, 2009Applicant: Microsoft CorporationInventors: Richard S. Eizenhoefer, Brian Stuart Perlman, Aaron J. Smith, David Robinson, Tarik Soulami, Kalin Raykov Kopachev