Patents by Inventor Ayla Kol

Ayla Kol has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11044079
    Abstract: Systems, methods, and software technology for managing keys used to encrypt data at-rest and decrypt the data when serving requests for the data. In an implementation, a data service receives a request for data that has been encrypted at rest using a data key, wherein the data key has been encrypted using a policy key, and wherein the policy key has been encrypted using a root key. When the root key is unavailable, the data service requests a key service to decrypt the policy key using an alternative root key. When the data service receives the policy key in an unencrypted state from the key service, it decrypts the data key using the policy key and decrypts the data using the data key.
    Type: Grant
    Filed: April 19, 2019
    Date of Patent: June 22, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Ayla Kol, Kameshwar Jayaraman, Yoganand Rajasekaran, Jaclynn Hiranaka, Girish Nagaraja, Nikhil Aggarwal, Paul Howard Rich
  • Publication number: 20210136161
    Abstract: A client-side system detects a current location of a client device and a cloud interaction metric. The geographic area around the location of the client device is divided into grid sections. The client-side system identifies a pre-defined reference location corresponding to the grid section that the client device location resides in. The pre-defined reference location, corresponding to that grid section, and the cloud interaction metric are provided to a remote server computing system.
    Type: Application
    Filed: November 1, 2019
    Publication date: May 6, 2021
    Inventors: Srinivasachakrapani KOTIPALLI, Parul MANEK, Konstantin E. RYVKIN, Brad RUTKOWSKI, Gregory Irving THIEL, Ayla KOL
  • Publication number: 20210044597
    Abstract: A request to perform a command or operation on a computing system is received from a support user. A clearance level needed to perform that requested command or operation is identified, and a data store that has a pool of cleared users is accessed to identify a cleared user that has an adequate clearance level. The secured user is assigned to the request. A risk level, corresponding to the requested command or operation is identified and surfaced for the secured user. The requested command or operation can be automatically executed, after it is authorized by the secured user.
    Type: Application
    Filed: August 7, 2019
    Publication date: February 11, 2021
    Inventors: Soumit Rahman, Ganesh Pandey, Curtis Thibault, Kameshwar Jayaraman, Ajay Kalidindi, Ayla Kol, Yeshua Garcia, Priyanshu Kumar Jha, Parul Manek, Yoganand Rajasekaran
  • Publication number: 20210029142
    Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that receives requests to investigate an incident. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. The control message processing system performs investigation tasks within the workspace. A secure log generation system captures information corresponding to the tasks and generates an event record based on the captured information.
    Type: Application
    Filed: July 26, 2019
    Publication date: January 28, 2021
    Inventors: Yoganand RAJASEKARAN, Raquibur RAHMAN, Ayla KOL, Philip Ross MOYER, Brijesh Bhupendra DESAI, Zijun HAO, Mainul MIZAN, Kameshwar JAYARAMAN, Benjamin DU, Ganesh PANDEY, Parul MANEK
  • Publication number: 20210026674
    Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that receives requests to investigate an incident. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. An investigation pack, which includes investigative resources used in the investigation, is identified and the workspace is pre-configured with the identified investigation pack. The control message processing system performs investigation tasks within the workspace using the investigation pack.
    Type: Application
    Filed: July 26, 2019
    Publication date: January 28, 2021
    Inventors: YOGANAND RAJASEKARAN, RAQUIBUR RAHMAN, AYLA KOL, PHILIP ROSS MOYER, BRIJESH BHUPENDRA DESAI, ZIJUN HAO, MAINUL MIZAN, KAMESHWAR JAYARAMAN, BENJAMIN DU, PARUL MANEK, GANESH PANDEY
  • Publication number: 20210029128
    Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that is a user-facing system and receives requests to prepare for an incident investigation. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. The request processing system does not access the workspace and the control message processing system is not available for external access by a user. Data and functionality are ingested into the workspace. The control message processing system performs investigation preparation tasks within the workspace. The results of the investigation tasks are surfaced for user access.
    Type: Application
    Filed: July 26, 2019
    Publication date: January 28, 2021
    Inventors: Yoganand RAJASEKARAN, Raquibur RAHMAN, Ayla KOL, Philip Ross MOYER, Brijesh Bhupendra DESAI, Zijun HAO, Mainul MIZAN, Kameshwar JAYARAMAN, Benjamin DU, Ganesh PANDEY, Parul MANEK
  • Publication number: 20200099519
    Abstract: Systems, methods, and software technology for managing keys used to encrypt data at-rest and decrypt the data when serving requests for the data. In an implementation, a data service receives a request for data that has been encrypted at rest using a data key, wherein the data key has been encrypted using a policy key, and wherein the policy key has been encrypted using a root key. When the root key is unavailable, the data service requests a key service to decrypt the policy key using an alternative root key. When the data service receives the policy key in an unencrypted state from the key service, it decrypts the data key using the policy key and decrypts the data using the data key.
    Type: Application
    Filed: April 19, 2019
    Publication date: March 26, 2020
    Inventors: Ayla Kol, Kameshwar Jayaraman, Yoganand Rajasekaran, Jaclynn Hiranaka, Girish Nagaraja, Nikhil Aggarwal, Paul Howard Rich
  • Patent number: 8924589
    Abstract: High availability architecture that employs a mid-tier proxy server to route client communications to active data store instances in response to failover and switchover. The proxy server includes an active manager client that interfaces to an active manager in each of the backend servers. State information and configuration information are maintained separately and according to semantics consistent with needs of corresponding data, the configuration information changing less frequently and more available, the state information changing more frequently and less available. The active manager indicates to the proxy server which of the data storage instances is the currently the active instance. In the event that the currently active instance is inactive, the proxy server selects a different backend server that currently hosts the active data store instance. Client communications are then routed to the different backend server with minimal or no interruption to the client.
    Type: Grant
    Filed: September 7, 2012
    Date of Patent: December 30, 2014
    Assignee: Microsoft Corporation
    Inventors: Gregory Thiel, Alexander R. Wetmore, Ayla Kol, Rebecca Benfield, James Kleewein, Naresh Sundaram, Yogesh Bansal, Mark Wistrom, Manoharan Kuppusamy
  • Patent number: 8752152
    Abstract: A data replication mechanism is proposed that relies on existing federation infrastructure enabling distributed authentication instead of storing and using explicit credentials for a remote forest. The data replication mechanism requests a federation token with data replication capabilities targeted to the remote forest and passes this token to the remote forest in lieu of explicit credentials.
    Type: Grant
    Filed: December 14, 2009
    Date of Patent: June 10, 2014
    Assignee: Microsoft Corporation
    Inventors: Ayla Kol, Dmitri Gavrilov, Bradford Clark, Brian T. Kress, James C. Kleewein
  • Patent number: 8677009
    Abstract: Optimizations for data transmission may be provided. A portion of a data block may be read into a batch by a read thread on a first server. The batch may be passed to a transmission thread. The transmission thread may then transmit the first batch to a second server while the read thread asynchronously reads a second portion of the data block into another batch.
    Type: Grant
    Filed: January 22, 2010
    Date of Patent: March 18, 2014
    Assignee: Microsoft Corporation
    Inventors: Dmitri Gavrilov, Bradford R. Clark, James C. Kleewein, Ayla Kol, Brian T. Kress
  • Publication number: 20120331336
    Abstract: High availability architecture that employs a mid-tier proxy server to route client communications to active data store instances in response to failover and switchover. The proxy server includes an active manager client that interfaces to an active manager in each of the backend servers. State information and configuration information are maintained separately and according to semantics consistent with needs of corresponding data, the configuration information changing less frequently and more available, the state information changing more frequently and less available. The active manager indicates to the proxy server which of the data storage instances is the currently the active instance. In the event that the currently active instance is inactive, the proxy server selects a different backend server that currently hosts the active data store instance. Client communications are then routed to the different backend server with minimal or no interruption to the client.
    Type: Application
    Filed: September 7, 2012
    Publication date: December 27, 2012
    Applicant: MICROSOFT CORPORATION
    Inventors: Gregory Thiel, Alexander R. Wetmore, Ayla Kol, Rebecca Benfield, James Kleewein, Naresh Sundaram, Yogesh Bansal, Mark Wistrom, Manoharan Kuppusamy
  • Patent number: 8332369
    Abstract: A data resiliency layer provides manageable data resiliency policy options for email related applications. Through one or more APIs such applications are enabled to query whether a data resiliency policy is satisfied for a given mailbox or database at a given point in time. Email related applications may consume this information to modify their behavior such as to wait, repeat, or fail the actions at hand to the point where data committal is guaranteed to a degree specified by the data resiliency policy.
    Type: Grant
    Filed: December 15, 2009
    Date of Patent: December 11, 2012
    Assignee: Microsoft Corporation
    Inventors: Ayla Kol, Dmitri Gavrilov, Bradford Clark, Brian T. Kress, James C. Kleewein, Gregory I. Thiel
  • Patent number: 8275907
    Abstract: High availability architecture that employs a mid-tier proxy server to route client communications to active data store instances in response to failover and switchover. The proxy server includes an active manager client that interfaces to an active manager in each of the backend servers. State information and configuration information are maintained separately and according to semantics consistent with needs of corresponding data, the configuration information changing less frequently and more available, the state information changing more frequently and less available. The active manager indicates to the proxy server which of the data storage instances is the currently the active instance. In the event that the currently active instance is inactive, the proxy server selects a different backend server that currently hosts the active data store instance. Client communications are then routed to the different backend server with minimal or no interruption to the client.
    Type: Grant
    Filed: June 26, 2008
    Date of Patent: September 25, 2012
    Assignee: Microsoft Corporation
    Inventors: Gregory Thiel, Alexander R. Wetmore, Ayla Kol, Rebecca Benfield, James Kleewein, Naresh Sundaram, Yogesh Bansal, Mark Wistrom, Manoharan Kuppusamy
  • Patent number: 8041678
    Abstract: A single native integrated system may be provided for replicating data to one or more copies of high-availability data and for replicating the data to one or more copies of backup data. The data may be replicated, in near real-time, to the one or more copies of high-availability data as changes occur to the data. The data may be replicated and later incorporated to a copy of the backup data at different points in time. The single native integrated system may have a single set of functions for replicating the data to the one or more copies of high-availability data and for replicating the data for the one or more copies of the backup data. Administrative access to the one or more copies of high-availability data may be isolated from administrative access to the one or more copies of the backup data.
    Type: Grant
    Filed: June 20, 2008
    Date of Patent: October 18, 2011
    Assignee: Microsoft Corporation
    Inventors: Ayla Kol, Rebecca Carolyn Benfield, Georgia Ann Huggins, Greg Irving Thiel, Alexander Robert Norton Wetmore, Mark Sheldon Wistrom
  • Patent number: 8001413
    Abstract: A central controlling service for datacenter activation/deactivation control in a cluster deployment to assist in preventing a split-brain scenario. The central controlling service provides a central point of control in the datacenter for application servers to periodically query as to whether to go offline, online, or normal. Redundancy of the central service facilitates detection of datacenter failure by the redundant services interacting to resolve the state of control information. This control information is then used to answer the server queries. On startup from a datacenter failure, a single instance of the central service queries other redundant instance(s) to determine if the single instance is starting up from a datacenter-wide failure or from operations other than total datacenter failure. If the failure is datacenter-wide, a central service protocol assists in resolving to the single service keeping the associated datacenter servers offline; otherwise, the server queries are answered to go online.
    Type: Grant
    Filed: May 5, 2008
    Date of Patent: August 16, 2011
    Assignee: Microsoft Corporation
    Inventors: Alexander R Wetmore, Gregory Thiel, Ayla Kol, Rebecca Benfield
  • Publication number: 20110185247
    Abstract: Optimizations for data transmission may be provided. A portion of a data block may be read into a batch by a read thread on a first server. The batch may be passed to a transmission thread. The transmission thread may then transmit the first batch to a second server while the read thread asynchronously reads a second portion of the data block into another batch.
    Type: Application
    Filed: January 22, 2010
    Publication date: July 28, 2011
    Applicant: MICROSOFT CORPORATION
    Inventors: DMITRI GAVRILOV, BRADFORD R. CLARK, JAMES C. KLEEWEIN, AYLA KOL, BRIAN T. KRESS
  • Publication number: 20110185136
    Abstract: Incremental change synchronization for moving large data sets may be provided. Source data to be moved may be identified and a snapshot of the data may be created. The data may be moved to a new datastore and a second snapshot may be created. The snapshots may be compared to identify any data elements that have been modified and the modified elements may be copied to the new datastore.
    Type: Application
    Filed: January 22, 2010
    Publication date: July 28, 2011
    Applicant: MICROSOFT CORPORATION
    Inventors: DMITRI GAVRILOV, BRADFORD R. CLARK, JAMES C. KLEEWEIN, AYLA KOL, BRIAN T. KRESS, NARESH SUNDARAM
  • Publication number: 20110167039
    Abstract: Distributed mailbox data replication agents are employed to adjust load on mail system resources by enabling the agents to receive a throttling policy, resource capacity, and current usage information. Each agent preparing to access the resource (e.g. provide replicated data) may then throttle itself ensuring optimum resource usage. The agents may receive the information by querying the resource, which monitors accessing agents and their types, or from a shared space instead of directly from the resource.
    Type: Application
    Filed: January 5, 2010
    Publication date: July 7, 2011
    Applicant: Microsoft Corporation
    Inventors: Ayla Kol, Dmitri Gavrilov, Bradford Clark, Brian T. Kress, James C. Kleewein, Gaurav Navlakha
  • Publication number: 20110145565
    Abstract: A data replication mechanism is proposed that relies on existing federation infrastructure enabling distributed authentication instead of storing and using explicit credentials for a remote forest. The data replication mechanism requests a federation token with data replication capabilities targeted to the remote forest and passes this token to the remote forest in lieu of explicit credentials.
    Type: Application
    Filed: December 14, 2009
    Publication date: June 16, 2011
    Applicant: Microsoft Corporation
    Inventors: Ayla Kol, Dmitri Gavrilov, Bradford Clark, Brian T. Kress, James C. Kleewein
  • Publication number: 20110145208
    Abstract: A data resiliency layer provides manageable data resiliency policy options for email related applications. Through one or more APIs such applications are enabled to query whether a data resiliency policy is satisfied for a given mailbox or database at a given point in time. Email related applications may consume this information to modify their behavior such as to wait, repeat, or fail the actions at hand to the point where data committal is guaranteed to a degree specified by the data resiliency policy.
    Type: Application
    Filed: December 15, 2009
    Publication date: June 16, 2011
    Applicant: Microsoft Corporation
    Inventors: Ayla Kol, Dmitri Gavrilov, Bradford Clark, Brian T. Kress, James C. Kleewein, Gregory I. Thiel