Patents by Inventor Sarat Subramaniam
Sarat Subramaniam has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11902327Abstract: Techniques are described herein that are capable of evaluating a result of enforcement of access control policies instead of enforcing the access control policies. For instance, a result of enforcement of an access control policy with regard to sign-in processes is evaluated instead of enforcing the access control policy with regard to the sign-in processes. The evaluation includes monitoring access requests that are received during the sign-in processes. Each access request requests access to a resource. The evaluation further includes comparing attributes of each access request against the access control policy that specifies criteria that are to be satisfied as a prerequisite to granting access to the resource to which access is requested by the respective access request. Metadata associated with the sign-in processes is generated instead of enforcing the access control policy with regard to the sign-in processes.Type: GrantFiled: January 6, 2020Date of Patent: February 13, 2024Assignee: Microsoft Technology Licensing, LLCInventors: Daniel Edward Lee Wood, Caleb Geoffrey Baker, Sarat Subramaniam, Etan Micah Basseri, Carlos Adrian Lopez Castro, Sandra Jiang, Dilesh Dhokia, Jessica Tian-Hueih Lin, Pui Yin Winfred Wong, Robyn Nicole Hicock
-
Patent number: 11625469Abstract: Technologies are provided for prevention of organizational data leakage across platforms based on device status. A device management service may include status information for a client device and/or a connection in a token provided to the client device and update the status in response to changes. An applicable data protection policy may be determined based on the detected status and optionally based on data being accessed. An instruction may be transmitted to a client application executed on the client device based on the applicable data protection policy thereby enforcing the data protection policy at the server. The instruction may cause a script executed at the client application to disable one or more user interface controls associated with functionality such as downloading, synchronizing, printing, etc. of the organizational data to prevent leakage of organizational data.Type: GrantFiled: May 19, 2017Date of Patent: April 11, 2023Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Sameer Yadav, Willard Bruce Jones, Matthew R. Wallace, Kavita K. Kamani, Titus C. Miron, Alexandru Munteanu, Sarat Subramaniam
-
Publication number: 20220353256Abstract: Usage-limited passcodes support authentication when onboarding new employees, when recovering access after an enrolled device is lost or temporarily unavailable, or when registering passwordless authentication methods for new devices during an out of the box setup, among other scenarios. Usage-limited passcodes are also referred to as “temporary access passes” or TAPs. TAP usage may be limited to a specific number of uses, particular kinds of uses, certain time periods, or a combination thereof. A TAP includes a code string and an implementation of corresponding tokens, rights, and other identity aspects within an enhanced access control infrastructure. TAP usage may supplement or replace other authentication, and in particular may replace authentication through a username and password combination, thereby enhancing both usability and security. Self-service identity confirmation may be used to obtain a TAP. Redirection to a federated domain identity provider may be avoided during TAP authentication.Type: ApplicationFiled: April 29, 2021Publication date: November 3, 2022Inventors: Inbar CIZER KOBRINSKY, Anirban BASU, Ananda SINHA, Sarat SUBRAMANIAM, Alexander T. WEINERT, Nitika GUPTA, Kamen MOUTAFOV, Ashok CHANDRASEKARAN
-
Publication number: 20210211470Abstract: Techniques are described herein that are capable of evaluating a result of enforcement of access control policies instead of enforcing the access control policies. For instance, a result of enforcement of an access control policy with regard to sign-in processes is evaluated instead of enforcing the access control policy with regard to the sign-in processes. The evaluation includes monitoring access requests that are received during the sign-in processes. Each access request requests access to a resource. The evaluation further includes comparing attributes of each access request against the access control policy that specifies criteria that are to be satisfied as a prerequisite to granting access to the resource to which access is requested by the respective access request. Metadata associated with the sign-in processes is generated instead of enforcing the access control policy with regard to the sign-in processes.Type: ApplicationFiled: January 6, 2020Publication date: July 8, 2021Inventors: Daniel Edward Lee Wood, Caleb Geoffrey Baker, Sarat Subramaniam, Etan Micah Basseri, Carlos Adrian Lopez Castro, Sandra Jiang, Dilesh Dhokia, Jessica Tian-Hueih Lin, Pui Yin Winfred Wong, Robyn Nicole Hicock
-
Patent number: 10775956Abstract: A computing system providing access to electronic files is provided. The computing system includes a processor and a data store coupled to the processor and configured to store the electronic files. A user interface component is coupled to the processor and is configured to generate a user interface that allows a first user to select an electronic file to be re-shared with second user. The processor is configured to detect re-sharing of the selected electronic file by the first user and automatically generate a notification to a third user. The notification is configured to allow the third user to cancel the re-sharing of the electronic file.Type: GrantFiled: April 29, 2016Date of Patent: September 15, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Stephen L. Rice, Ghania A. Moussa, Sarat Subramaniam
-
Publication number: 20180336334Abstract: Technologies are provided for prevention of organizational data leakage across platforms based on device status. A device management service may include status information for a client device and/or a connection in a token provided to the client device and update the status in response to changes. An applicable data protection policy may be determined based on the detected status and optionally based on data being accessed. An instruction may be transmitted to a client application executed on the client device based on the applicable data protection policy thereby enforcing the data protection policy at the server. The instruction may cause a script executed at the client application to disable one or more user interface controls associated with functionality such as downloading, synchronizing, printing, etc. of the organizational data to prevent leakage of organizational data.Type: ApplicationFiled: May 19, 2017Publication date: November 22, 2018Applicant: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Sameer YADAV, Willard Bruce JONES, Matthew R. WALLACE, Kavita K. KAMANI, Titus C. MIRON, Alexandru MUNTEANU, Sarat SUBRAMANIAM
-
Publication number: 20170315677Abstract: A computing system providing access to electronic files is provided. The computing system includes a processor and a data store coupled to the processor and configured to store the electronic files. A user interface component is coupled to the processor and is configured to generate a user interface that allows a first user to select an electronic file to be re-shared with second user. The processor is configured to detect re-sharing of the selected electronic file by the first user and automatically generate a notification to a third user. The notification is configured to allow the third user to cancel the re-sharing of the electronic file.Type: ApplicationFiled: April 29, 2016Publication date: November 2, 2017Inventors: Stephen L. Rice, Ghania A. Moussa, Sarat Subramaniam
-
Patent number: 8390600Abstract: An interactive display system with a contact geometry interface is disclosed. The interactive display system may include a multi-touch display, a touch detection system configured to detect a touch input on the multi-touch display and to generate contact geometry for a contact region of the touch input, and an application programming interface executed on a processor of the interactive display system. The application programming interface may be configured to receive the contact geometry and to send the contact geometry to a requesting application program for application-level processing. Further, the application programming interface may be configured to receive from the application program a display command based on the application level-processing. The application programming interface may be configured to send the display command to the multi-touch display to adjust a display of a graphical element on the multi-touch display.Type: GrantFiled: November 13, 2009Date of Patent: March 5, 2013Assignee: Microsoft CorporationInventors: Luis Eduardo Cabrera Cordon, Robert Levy, Sundaram Ramani, Daniel Wigdor, Joyce Wu, Ian Middleton, Paul Armistead Hoover, Sarat Subramaniam, Carlos Pessoa
-
Publication number: 20110115745Abstract: An interactive display system with a contact geometry interface is disclosed. The interactive display system may include a multi-touch display, a touch detection system configured to detect a touch input on the multi-touch display and to generate contact geometry for a contact region of the touch input, and an application programming interface executed on a processor of the interactive display system. The application programming interface may be configured to receive the contact geometry and to send the contact geometry to a requesting application program for application-level processing. Further, the application programming interface may be configured to receive from the application program a display command based on the application level-processing. The application programming interface may be configured to send the display command to the multi-touch display to adjust a display of a graphical element on the multi-touch display.Type: ApplicationFiled: November 13, 2009Publication date: May 19, 2011Applicant: MICROSOFT CORPORATIONInventors: Luis Eduardo Cabrera Cordon, Robert Levy, Sundaram Ramani, Daniel Wigdor, Joyce Wu, Ian Middleton, Paul Armistead Hoover, Sarat Subramaniam, Carlos Pessoa