Patents by Inventor Thomas A. Galvin
Thomas A. Galvin has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9967258Abstract: A deployable computing environment may facilitate interaction and data sharing between users and devices. Users, devices, and relationships between the users and devices may be represented within the deployable computing environment. A relationship between a user and a device may specify that the device is owned by the user and that the device is authorized to perform operations within the deployable computing environment on behalf of the user. Secure authentication of devices and users for interaction within the deployable computing environment is achieved by authenticating tickets corresponding to the user, the device, and the relationship. A device identification ticket and a user identification ticket are used to authenticate the device and user for interaction within the deployable computing environment. A device claim ticket allows the device to perform delegated operations (e.g., data synchronization, peer connectivity, etc.) on behalf of the user without the user's credentials (e.g.Type: GrantFiled: August 30, 2016Date of Patent: May 8, 2018Assignee: Microsoft Technology Licensing, LLCInventors: Abolade Gbadegesin, Dharma K. Shukla, Thomas A. Galvin, David R. Reed, Nikolay Smolyanskiy, Eric Fleischman, Roman Batoukov
-
Patent number: 9930039Abstract: A deployable computing environment may facilitate interaction and data sharing between users and devices. Users, devices, and relationships between the users and devices may be represented within the deployable computing environment. A relationship between a user and a device may specify that the device is owned by the user and that the device is authorized to perform operations within the deployable computing environment on behalf of the user. Secure authentication of devices and users for interaction within the deployable computing environment is achieved by authenticating tickets corresponding to the user, the device, and the relationship. A device identification ticket and a user identification ticket are used to authenticate the device and user for interaction within the deployable computing environment. A device claim ticket allows the device to perform delegated operations (e.g., data synchronization, peer connectivity, etc.) on behalf of the user without the user's credentials (e.g.Type: GrantFiled: April 11, 2016Date of Patent: March 27, 2018Assignee: Microsoft Technology Licensing, LLCInventors: Abolade Gbadegesin, Dharma K. Shukla, Thomas A. Galvin, David R. Reed, Nikolay Smolyanskiy, Eric Fleischman, Roman Batoukov
-
Patent number: 9579231Abstract: An Orthopedic Toe Guard is a single piece of Stainless Steel Tube, bent to protrude forward of the toes when mounted to the sides of the cast.Type: GrantFiled: April 24, 2015Date of Patent: February 28, 2017Inventor: Scott Thomas Galvin
-
Publication number: 20160373451Abstract: A deployable computing environment may facilitate interaction and data sharing between users and devices. Users, devices, and relationships between the users and devices may be represented within the deployable computing environment. A relationship between a user and a device may specify that the device is owned by the user and that the device is authorized to perform operations within the deployable computing environment on behalf of the user. Secure authentication of devices and users for interaction within the deployable computing environment is achieved by authenticating tickets corresponding to the user, the device, and the relationship. A device identification ticket and a user identification ticket are used to authenticate the device and user for interaction within the deployable computing environment. A device claim ticket allows the device to perform delegated operations (e.g., data synchronization, peer connectivity, etc.) on behalf of the user without the user's credentials (e.g.Type: ApplicationFiled: August 30, 2016Publication date: December 22, 2016Inventors: Abolade Gbadegesin, Dharma K. Shukla, Thomas A. Galvin, David R. Reed, Nikolay Smolyanskiy, Eric Fleischman, Roman Batoukov
-
Publication number: 20160310312Abstract: An Orthopedic Toe Guard is a single piece of Stainless Steel Tube, bent to protrude forward of the toes when mounted to the sides of the cast.Type: ApplicationFiled: April 24, 2015Publication date: October 27, 2016Inventor: Scott Thomas Galvin
-
Patent number: 9461985Abstract: A deployable computing environment may facilitate interaction and data sharing between users and devices. Users, devices, and relationships between the users and devices may be represented within the deployable computing environment. A relationship between a user and a device may specify that the device is owned by the user and that the device is authorized to perform operations within the deployable computing environment on behalf of the user. Secure authentication of devices and users for interaction within the deployable computing environment is achieved by authenticating tickets corresponding to the user, the device, and the relationship. A device identification ticket and a user identification ticket are used to authenticate the device and user for interaction within the deployable computing environment. A device claim ticket allows the device to perform delegated operations (e.g., data synchronization, peer connectivity, etc.) on behalf of the user without the user's credentials (e.g.Type: GrantFiled: March 25, 2013Date of Patent: October 4, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Abolade Gbadegesin, Dharma K. Shukla, Thomas A. Galvin, David R. Reed, Nikolay Smolyanskiy, Eric Fleischman, Roman Batoukov
-
Publication number: 20160226875Abstract: A deployable computing environment may facilitate interaction and data sharing between users and devices. Users, devices, and relationships between the users and devices may be represented within the deployable computing environment. A relationship between a user and a device may specify that the device is owned by the user and that the device is authorized to perform operations within the deployable computing environment on behalf of the user. Secure authentication of devices and users for interaction within the deployable computing environment is achieved by authenticating tickets corresponding to the user, the device, and the relationship. A device identification ticket and a user identification ticket are used to authenticate the device and user for interaction within the deployable computing environment. A device claim ticket allows the device to perform delegated operations (e.g., data synchronization, peer connectivity, etc.) on behalf of the user without the user's credentials (e.g.Type: ApplicationFiled: April 11, 2016Publication date: August 4, 2016Inventors: Abolade Gbadegesin, Dharma K. Shukla, Thomas A. Galvin, David R. Reed, Nikolay Smolyanskiy, Eric Fleischman, Roman Batoukov
-
Patent number: 8898318Abstract: One or more techniques and/or systems are disclosed for providing resource authorization to users of a distributed memory store (e.g., a distributed web-based cloud service). A session ID that identifies a location of an authorization document in a distributed memory store is used to access the authorization document, which comprises a global section with a principal ID related to a user. The user can be authorized to utilize a resource (e.g., in a distributed cloud service) if a resource section is present for the principal ID in the authorization document, and has appropriate resource data for the resource. If the resource section is not present, it can be created in the authorization document, and identified by a resource identifier. Authorization data can be loaded into the newly created resource section, and the authorization document, with the global and resource sections, is saved to a local cache for the distributed memory store.Type: GrantFiled: June 3, 2010Date of Patent: November 25, 2014Assignee: Microsoft CorporationInventors: Thomas A. Galvin, Bruce W. Copeland
-
Patent number: 8832806Abstract: End users of a multi-factor authentication service can utilize an account management service, and third-party website can register to utilize the multi-factor authentication service. Registering a third-party website can comprise the multi-factor authentication service receiving a valid digital identity certificate for the third-party website, and receiving an agreement to terms of use of the multi-factor authentication service for the third-party website. Once received, the multi-factor authentication service can enable the third-party website to utilize the service (e.g., switch the service on, or send an authorization key to the third-party website). Further, registering a user to the multi-factor authentication service can comprise determining availability of service, and providing a location-specific access code. Additionally, registering the user can comprise registering the user's mobile device, for example, to provide multi-factor authentication.Type: GrantFiled: October 15, 2012Date of Patent: September 9, 2014Assignee: Microsoft CorporationInventors: Raymond E. Ozzie, Jack E. Ozzie, Thomas A. Galvin, Eric M. Patey
-
Patent number: 8522010Abstract: Providing a remote computer user authentication service involves providing a reference to a user authentication service in a host server's source code (e.g., website source code). Further, integration code that may be used in an application programming interface (API) on the host server for interaction with a user authentication service can be provided. Additionally, a user interface (UI) for user authentication on the host server, and an authentication-test message on the host server using the UI may be provided. Also, providing authentication can comprise sending an authentication-request message to a mobile device designated by the user; and/or can comprise the user responding with information from the authentication-test message. The host server can be notified of the user's authentication after a correct response is received by the user authentication service.Type: GrantFiled: October 20, 2008Date of Patent: August 27, 2013Assignee: Microsoft CorporationInventors: Raymond E. Ozzie, Jack E. Ozzie, Thomas A. Galvin, Eric M. Patey
-
Patent number: 8412930Abstract: A deployable computing environment may facilitate interaction and data sharing between users and devices. Users, devices, and relationships between the users and devices may be represented within the deployable computing environment. A relationship between a user and a device may specify that the device is owned by the user and that the device is authorized to perform operations within the deployable computing environment on behalf of the user. Secure authentication of devices and users for interaction within the deployable computing environment is achieved by authenticating tickets corresponding to the user, the device, and the relationship. A device identification ticket and a user identification ticket are used to authenticate the device and user for interaction within the deployable computing environment. A device claim ticket allows the device to perform delegated operations (e.g., data synchronization, peer connectivity, etc.) on behalf of the user without the user's credentials (e.g.Type: GrantFiled: October 9, 2008Date of Patent: April 2, 2013Assignee: Microsoft CorporationInventors: Abolade Gbadegesin, Dharma K. Shukla, Thomas A. Galvin, David R. Reed, Nikolay Smolyanskiy, Eric Fleischman, Roman Batoukov
-
Patent number: 8307412Abstract: End users of a multi-factor authentication service can utilize an account management service, and third-party website can register to utilize the multi-factor authentication service. Registering a third-party website can comprise the multi-factor authentication service receiving a valid digital identity certificate for the third-party website, and receiving an agreement to terms of use of the multi-factor authentication service for the third-party website. Once received, the multi-factor authentication service can enable the third-party website to utilize the service (e.g., switch the service on, or send an authorization key to the third-party website). Further, registering a user to the multi-factor authentication service can comprise determining availability of service, and providing a location-specific access code. Additionally, registering the user can comprise registering the user's mobile device, for example, to provide multi-factor authentication.Type: GrantFiled: October 20, 2008Date of Patent: November 6, 2012Assignee: Microsoft CorporationInventors: Raymond E. Ozzie, Jack E. Ozzie, Thomas A. Galvin, Eric M. Patey
-
Patent number: 8196175Abstract: A ticketing system adapted for use with a cloud-based services platform is provided by a ticket-based authorization model in which the authorization requirements for traversing one or more meshes of resources associated with a cloud service are annotated in links included in a resource that refer to other resources. The meshes are thus self-describing with respect to the association among the resources (i.e., the links) as well as the authorization required to access resources. Resource access requires a principal ticket which asserts that a caller at a client (e.g., a security principal representing a device or identity associated with a user) is authenticated, plus zero or more claim tickets. The claim tickets make additional assertions about the caller that the cloud service may use to check that the caller is authorized to access the resource.Type: GrantFiled: March 5, 2008Date of Patent: June 5, 2012Assignee: Microsoft CorporationInventors: David R. Reed, Eric S. Fleischman, Abolade Gbadegesin, Dharma Shukla, Nikolay Smolyanskiy, Thomas A. Galvin
-
Publication number: 20110302315Abstract: One or more techniques and/or systems are disclosed for providing resource authorization to users of a distributed memory store (e.g., a distributed web-based cloud service). A session ID that identifies a location of an authorization document in a distributed memory store is used to access the authorization document, which comprises a global section with a principal ID related to a user. The user can be authorized to utilize a resource (e.g., in a distributed cloud service) if a resource section is present for the principal ID in the authorization document, and has appropriate resource data for the resource. If the resource section is not present, it can be created in the authorization document, and identified by a resource identifier. Authorization data can be loaded into the newly created resource section, and the authorization document, with the global and resource sections, is saved to a local cache for the distributed memory store.Type: ApplicationFiled: June 3, 2010Publication date: December 8, 2011Applicant: Microsoft CorporationInventors: Thomas A. Galvin, Bruce W. Copeland
-
Patent number: 7924816Abstract: A method for providing call services in a telecommunications system includes receiving a call request from a call origination station via the Internet. The call request may involve an advanced call service. The method may also include validating the call request and initiating a communications link between the call origination station and a telephony server via the Internet when the call request is validated. The method may further include initiating a telephony link between the telephony server and a call termination station when the call request is validated.Type: GrantFiled: June 20, 2005Date of Patent: April 12, 2011Assignee: MCI Communications CorporationInventors: Duraisamy Gunasekar, Thomas Galvin, Tim E. Reynolds
-
Publication number: 20100100945Abstract: End users of a multi-factor authentication service can utilize an account management service, and third-party website can register to utilize the multi-factor authentication service. Registering a third-party website can comprise the multi-factor authentication service receiving a valid digital identity certificate for the third-party website, and receiving an agreement to terms of use of the multi-factor authentication service for the third-party website. Once received, the multi-factor authentication service can enable the third-party website to utilize the service (e.g., switch the service on, or send an authorization key to the third-party website). Further, registering a user to the multi-factor authentication service can comprise determining availability of service, and providing a location-specific access code. Additionally, registering the user can comprise registering the user's mobile device, for example, to provide multi-factor authentication.Type: ApplicationFiled: October 20, 2008Publication date: April 22, 2010Applicant: Microsoft CorporationInventors: Raymond E. Ozzie, Jack E. Ozzie, Thomas A. Galvin, Eric M. Patey
-
Publication number: 20100100725Abstract: Providing a remote computer user authentication service involves providing a reference to a user authentication service in a host server's source code (e.g., website source code). Further, integration code that may be used in an application programming interface (API) on the host server for interaction with a user authentication service can be provided. Additionally, a user interface (UI) for user authentication on the host server, and an authentication-test message on the host server using the UI may be provided. Also, providing authentication can comprise sending an authentication-request message to a mobile device designated by the user; and/or can comprise the user responding with information from the authentication-test message. The host server can be notified of the user's authentication after a correct response is received by the user authentication service.Type: ApplicationFiled: October 20, 2008Publication date: April 22, 2010Applicant: Microsoft CorporationInventors: Raymond Ozzie, Jack Ozzie, Thomas A. Galvin, Eric M. Patey
-
Publication number: 20100093310Abstract: A deployable computing environment may facilitate interaction and data sharing between users and devices. Users, devices, and relationships between the users and devices may be represented within the deployable computing environment. A relationship between a user and a device may specify that the device is owned by the user and that the device is authorized to perform operations within the deployable computing environment on behalf of the user. Secure authentication of devices and users for interaction within the deployable computing environment is achieved by authenticating tickets corresponding to the user, the device, and the relationship. A device identification ticket and a user identification ticket are used to authenticate the device and user for interaction within the deployable computing environment. A device claim ticket allows the device to perform delegated operations (e.g., data synchronization, peer connectivity, etc.) on behalf of the user without the user's credentials (e.g.Type: ApplicationFiled: October 9, 2008Publication date: April 15, 2010Applicant: Microsoft CorporationInventors: Abolade Gbadegesin, Dharma K. Shukla, Thomas A. Galvin, David R. Reed, Nikolay Smolyanskiy, Eric Fleischman, Roman Batoukov
-
Publication number: 20090228950Abstract: A ticketing system adapted for use with a cloud-based services platform is provided by a ticket-based authorization model in which the authorization requirements for traversing one or more meshes of resources associated with a cloud service are annotated in links included in a resource that refer to other resources. The meshes are thus self-describing with respect to the association among the resources (i.e., the links) as well as the authorization required to access resources. Resource access requires a principal ticket which asserts that a caller at a client (e.g., a security principal representing a device or identity associated with a user) is authenticated, plus zero or more claim tickets. The claim tickets make additional assertions about the caller that the cloud service may use to check that the caller is authorized to access the resource.Type: ApplicationFiled: March 5, 2008Publication date: September 10, 2009Applicant: MICROSOFT CORPORATIONInventors: David R. Reed, Eric S. Fleischman, Abolade Gbadegesin, Dharma Shukla, Nikolay Smolyanskiy, Thomas A. Galvin
-
Publication number: 20050232173Abstract: A system and method for servicing a call request within a telecommunications system includes and involves a client sub-system that is configured to generate a call request and to transmit the same via the Internet. The call request includes a call termination address and a service identifier. The call termination address corresponds to a call termination station that is coupled to a switching system that is coupled to the telecommunications system. Also included and involved is an intelligent services network that is coupled to the client sub-system via the Internet and which is operative to receive and validate the call request and to process the call request in accordance with the service identifier. A telephony gateway sub-system is coupled to the intelligent services network via the switching system and to the client sub-system via the Internet.Type: ApplicationFiled: June 20, 2005Publication date: October 20, 2005Applicant: MCI, Inc.Inventors: Duraisamy Gunasekar, Thomas Galvin, Tim Reynolds