Patents by Inventor Jasen Minov

Jasen Minov has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10484385
    Abstract: A request from an application client is received at a protected application. The request includes an access token. A grant information associated with the received access token is retrieved. The grant information includes a plurality of intersecting scopes of rights granted to the application client. In another aspect, a session is established between the protected application and the application client. Furthermore, at least one scope of rights from the plurality of intersecting scopes of rights is determined to be mapped to at least one Application Programming Interface (API) from a number of APIs provided by the protected application.
    Type: Grant
    Filed: June 4, 2015
    Date of Patent: November 19, 2019
    Assignee: SAP SE
    Inventors: Milen Manov, Jasen Minov, Martin Raepple
  • Patent number: 10015157
    Abstract: A multi-domain application requiring SSO and SLO operations in cloud environment is presented. The computing system of the multi-domain application includes a multi-domain service (MDS) to redirect the calls for the multi-domain application to an identity provider to authenticate the user or to invoke the single logout services (SLOs) on the domains of the multi-domain application and to invalidate the user sessions on the domains. A cookie that includes the multi-domain application URL is generated to reach the assertion consumer service (ASC) and the single logout service (SLO) that receive an identity assertion response from the identity provider. Domain specific SLOs are provided. A trust between these domain specific SLOs and the SLO is provided based on service provider keys. The SAML mechanism for a logout scenario is reused for communication between the SLO and the domain specific SLOs, where the SLO plays a role of a local IDP.
    Type: Grant
    Filed: June 1, 2016
    Date of Patent: July 3, 2018
    Assignee: SAP SE
    Inventors: Jasen Minov, Milen Manov, Stefan Petrov
  • Publication number: 20160359861
    Abstract: A request from an application client is received at a protected application. The request includes an access token. A grant information associated with the received access token is retrieved. The grant information includes a plurality of intersecting scopes of rights granted to the application client. In another aspect, a session is established between the protected application and the application client. Furthermore, at least one scope of rights from the plurality of intersecting scopes of rights is determined to be mapped to at least one Application Programming Interface (API) from a number of APIs provided by the protected application.
    Type: Application
    Filed: June 4, 2015
    Publication date: December 8, 2016
    Inventors: MILEN MANOV, JASEN MINOV, MARTIN RAEPPLE
  • Patent number: 9501293
    Abstract: Various embodiments of systems and methods for automatic context passing during management application navigation are described herein. When management applications work with different managed entities, the managed context is preserved by following the relations between the managed entities. These relations are followed from a mediator framework during the navigation between the management applications. In this manner, a managed application passes context information for one entity type, and second managed application retrieves from the framework context information for different entity type, but the user context information will be preserved as the framework follows the relations between the passed entity and the requested entity types.
    Type: Grant
    Filed: August 3, 2010
    Date of Patent: November 22, 2016
    Assignee: SAP SE
    Inventors: Jasen Minov, Stanimir Eisner
  • Patent number: 9471788
    Abstract: Software applications receive input data, perform processing of the received data and generate output. In one aspect the output is modification of data structures. The software application is tested with instances of input data that lead to various data modifications in the data structures. In another aspect, patterns are found in the modifications of the data structures, which are evaluated and analyzed for software vulnerabilities.
    Type: Grant
    Filed: December 14, 2012
    Date of Patent: October 18, 2016
    Assignee: SAP SE
    Inventor: Jasen Minov
  • Publication number: 20160277390
    Abstract: A multi-domain application requiring SSO and SLO operations in cloud environment is presented. The computing system of the multi-domain application includes a multi-domain service (MDS) to redirect the calls for the multi-domain application to an identity provider to authenticate the user or to invoke the single logout services (SLOs) on the domains of the multi-domain application and to invalidate the user sessions on the domains. A cookie that includes the multi-domain application URL is generated to reach the assertion consumer service (ASC) and the single logout service (SLO) that receive an identity assertion response from the identity provider. Domain specific SLOs are provided. A trust between these domain specific SLOs and the SLO is provided based on service provider keys. The SAML mechanism for a logout scenario is reused for communication between the SLO and the domain specific SLOs, where the SLO plays a role of a local IDP.
    Type: Application
    Filed: June 1, 2016
    Publication date: September 22, 2016
    Inventors: JASEN MINOV, MILEN MANOV, STEFAN PETROV
  • Patent number: 9386007
    Abstract: A multi-domain application requiring SSO and SLO operations in cloud environment is presented. The computing system of the multi-domain application includes a multi-domain service (MDS) to redirect the calls for the multi-domain application to an identity provider to authenticate the user or to invoke the single logout services (SLOs) on the domains of the multi-domain application and to invalidate the user sessions on the domains. A cookie that includes the multi-domain application URL is generated to reach the assertion consumer service (ACS) and the single logout service (SLO) that receive an identity assertion response from the identity provider. Domain specific SLOs are provided. A trust between these domain specific SLOs and the SLO is provided based on service provider keys. The SAML mechanism for a logout scenario is reused for communication between the SLO and the domain specific SLOs, where the SLO plays a role of a local IDP.
    Type: Grant
    Filed: December 27, 2013
    Date of Patent: July 5, 2016
    Assignee: SAP SE
    Inventors: Jasen Minov, Milen Manov, Stefan Petrov
  • Publication number: 20150188906
    Abstract: A multi-domain application requiring SSO and SLO operations in cloud environment is presented. The computing system of the multi-domain application includes a multi-domain service (MDS) to redirect the calls for the multi-domain application to an identity provider to authenticate the user or to invoke the single logout services (SLOs) on the domains of the multi-domain application and to invalidate the user sessions on the domains. A cookie that includes the multi-domain application URL is generated to reach the assertion consumer service (ASC) and the single logout service (SLO) that receive an identity assertion response from the identity provider. Domain specific SLOs are provided. A trust between these domain specific SLOs and the SLO is provided based on service provider keys. The SAML mechanism for a logout scenario is reused for communication between the SLO and the domain specific SLOs, where the SLO plays a role of a local IDP.
    Type: Application
    Filed: December 27, 2013
    Publication date: July 2, 2015
    Inventors: JASEN MINOV, Milen Manov, Stefan Petrov
  • Publication number: 20140172404
    Abstract: Software applications receive input data, perform processing of the received data and generate output. In one aspect the output is modification of data structures. The software application is tested with instances of input data that lead to various data modifications in the data structures. In another aspect, patterns are found in the modifications of the data structures, which are evaluated and analyzed for software vulnerabilities.
    Type: Application
    Filed: December 14, 2012
    Publication date: June 19, 2014
    Inventor: JASEN MINOV
  • Publication number: 20120036458
    Abstract: Various embodiments of systems and methods for automatic context passing during management application navigation are described herein. When management applications work with different managed entities, the managed context is preserved by following the relations between the managed entities. These relations are followed from a mediator framework during the navigation between the management applications. In this manner, a managed application passes context information for one entity type, and second managed application retrieves from the framework context information for different entity type, but the user context information will be preserved as the framework follows the relations between the passed entity and the requested entity types.
    Type: Application
    Filed: August 3, 2010
    Publication date: February 9, 2012
    Inventors: JASEN MINOV, Stanimir Eisner
  • Publication number: 20050270973
    Abstract: A cluster includes a plurality of application server instances, a central services instance that includes a message server, and a database. The application server instances each include a dispatcher, a plurality of redundant server nodes, and a socket connection between the dispatcher and each of the server nodes for handling communications relating to processing a client request. A separate socket connection between the message server and each of the server nodes is provided for handling internal communications between the server nodes. Additionally, a third socket connection may be established directly between server nodes.
    Type: Application
    Filed: June 7, 2004
    Publication date: December 8, 2005
    Inventors: Kaloyan Raev, Jochen Mueller, Jasen Minov, Georgi Stanev, Petio Petev
  • Publication number: 20050268136
    Abstract: Embodiments include a timeout event management system that registers timeout events and checks for and corrects inaccuracies in timing caused by hibernation or system time changes. The timeout event management system may trigger an event after an intended delay time or at an intended expiration time. A handler program may be called in response to the triggered timeout. In an additional embodiment, the timeout system may track timeout events in a priority queue data structure.
    Type: Application
    Filed: May 28, 2004
    Publication date: December 1, 2005
    Inventors: Dimitar Kostadinov, Petio Petev, Hristo Iliev, Krasimir Semerdzhiev, Georgi Stanev, Jasen Minov