Patents by Inventor Daniel James Buchner
Daniel James Buchner has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11916919Abstract: The resolving of a decentralized identifier to a corresponding data structure using multiple resolvers. This allows for the use of a consensus of resolvers to improve trust in the resolution process. In order to resolve, a decentralized identifier is sent to multiple resolvers. In response, each of at least some of those resolvers will return a data structure of a particular type (e.g., a decentralized identifier document) that is associated with the decentralized identifier. Then, it is determined whether the data structure for at least some number of resolvers matches each other. That is, it is determined whether at least some predetermined threshold of resolvers is returning the same data structure (e.g., the same decentralized identifier document). If so, then it is determined that the matching data structure is indeed associated with the decentralized identifier. Otherwise, the resolution process has failed.Type: GrantFiled: July 12, 2022Date of Patent: February 27, 2024Assignee: Microsoft Technology Licensing, LLCInventors: Brandon Murdoch, Ankur Patel, Daniel James Buchner
-
Patent number: 11762746Abstract: A computing system is configured to receive user data from a user associated with a decentralized identifier (DID) and authenticate the user based on the DID via data recorded on a distributed ledger. In response to authenticating the user, the computing system stores the user data redundantly at each of a plurality of decentralized identity stores. One of the plurality of decentralized identity stores is designated as a primary decentralized identity store. In particular, redundantly storing the user data includes storing the user data at the primary decentralized identity store, and causing each remaining decentralized identity store in the plurality of decentralized identity stores to store the user data following the primary decentralized identity store.Type: GrantFiled: February 10, 2022Date of Patent: September 19, 2023Assignee: Microsoft Technology Licensing, LLCInventors: Brandon Murdoch, Ankur Patel, Daniel James Buchner
-
Patent number: 11729274Abstract: A system, which includes a first device associated with a user, a second device configured to establish a user session and a server, performs storing a default user session setting associated with the user, the default user session setting defining a default user access privilege to functionality or content; determining that the first device is proximate to the second device; receiving a second user input requesting to modify the default user session setting, the second user input including modification data defining a restrictive modification to the default user session setting; modifying, at the server, the default user session setting based on the modification data to create a customized user session setting defining a customized user access privilege to the functionality or content available via the system; and establishing, at the second device, the customized user session for the user based on the customized user setting received from the server.Type: GrantFiled: January 11, 2022Date of Patent: August 15, 2023Assignee: Microsoft Technology Licensing, LLCInventors: Sandhya Rajendra Rao, Kruthika Ponnusamy, Ashish Mehta, Daniel James Buchner, Viney Anand Ugave
-
Publication number: 20230224373Abstract: A system, which includes a first device associated with a user, a second device configured to establish a user session and a server, performs storing a default user session setting associated with the user, the default user session setting defining a default user access privilege to functionality or content; determining that the first device is proximate to the second device; receiving a second user input requesting to modify the default user session setting, the second user input including modification data defining a restrictive modification to the default user session setting; modifying, at the server, the default user session setting based on the modification data to create a customized user session setting defining a customized user access privilege to the functionality or content available via the system; and establishing, at the second device, the customized user session for the user based on the customized user setting received from the server.Type: ApplicationFiled: January 11, 2022Publication date: July 13, 2023Applicant: Microsoft Technology Licensing, LLCInventors: Sandhya Rajendra RAO, Kruthika PONNUSAMY, Ashish MEHTA, Daniel James BUCHNER, Viney Anand UGAVE
-
Patent number: 11552795Abstract: Generating a private key recovery seed based on random words extracted from an input memory of a user and using the recovery seed to recover the private key. An input that is related to a specific memory of a user is received. The specific memory was previously entered and used to generate random words that are related to each other by being included in the specific memory. The random words are extracted from the received input. The random words are associated with a first private key recovery mechanism for recovering a private key. The random words are input into the first private key recovery mechanism to generate a recovery seed. The recovery seed is input into a second private key recovery mechanism. The second private key recovery mechanism generates a recovered private key upon performing a recovery operation on the private key recovery seed.Type: GrantFiled: May 31, 2018Date of Patent: January 10, 2023Assignee: Microsoft Technology Licensing, LLCInventors: Ankur Patel, Daniel James Buchner
-
Publication number: 20220353272Abstract: The resolving of a decentralized identifier to a corresponding data structure using multiple resolvers. This allows for the use of a consensus of resolvers to improve trust in the resolution process. In order to resolve, a decentralized identifier is sent to multiple resolvers. In response, each of at least some of those resolvers will return a data structure of a particular type (e.g., a decentralized identifier document) that is associated with the decentralized identifier. Then, it is determined whether the data structure for at least some number of resolvers matches each other. That is, it is determined whether at least some predetermined threshold of resolvers is returning the same data structure (e.g., the same decentralized identifier document). If so, then it is determined that the matching data structure is indeed associated with the decentralized identifier. Otherwise, the resolution process has failed.Type: ApplicationFiled: July 12, 2022Publication date: November 3, 2022Inventors: Brandon MURDOCH, Ankur PATEL, Daniel James BUCHNER
-
Patent number: 11429743Abstract: Embodiments disclosed herein are related to computing systems and methods for localizing how a user will receive and view received DID-related data. The computing system and methods are implemented in the decentralized network that implements a distributed ledger that backs one or more decentralized identities (DID) for one or more users of the computing system. Various sets of rule are accessed. The sets of rules specify how a DID owner will receive and view DID-related data received from a third party entity. The sets of rules are applied to the DID-related data received from the third party entity. The received DID-related data is modified such that the received DID-related data conforms to the one or more sets of rules. The modified DID-related data is provided to the DID owner so that the DID owner is able to view the modified DID-related data according to the applied sets of rules.Type: GrantFiled: April 29, 2019Date of Patent: August 30, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Brandon Murdoch, Daniel James Buchner, Ankur Patel
-
Patent number: 11412002Abstract: Enforcing different policy rules that are applicable to different types of data. A plurality of DIDs and a plurality of storages are managed by a computing system. Each of the plurality of storages is associated with at least one of the plurality of DIDs. Receive a request from an entity for operating on data stored or to be stored in one of the plurality of storages. Determine a type of the data requested to be operated on. Access one or more policy rules that are applicable to the type of the data. Based on the accessed one or more policy rules, determine whether the operation to be performed on the data will result in the data complying with the one or more policy rules. Based on the determination, allow or deny the request.Type: GrantFiled: March 15, 2019Date of Patent: August 9, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Daniel James Buchner, Brandon Murdoch, Ankur Patel
-
Patent number: 11411959Abstract: Executing an application in a container within a scope of user-granted permission in a decentralized network that implements a distributed edger. Receiving a request from an entity for using data stored in a data storage that is associated with a DID as one or more inputs of an application associated with the entity to generate one or more results. One or more characteristics of the application is identified. Based on the identified characteristics, a scope of permission to use the requested data is determined. Next, the scope of permission is granted to a container where the application is stored or is to be stored. The application is then executed in the container using the data within the granted scope of permission as input to generate one or more results.Type: GrantFiled: May 3, 2019Date of Patent: August 9, 2022Inventors: Brandon Murdoch, Daniel James Buchner, Ankur Patel
-
Patent number: 11411955Abstract: Enforcing different policy rules that are applicable to different types of data stored at a decentralized storage service that uses a distributed ledger to authenticate and/or authorize users. Receive a request from an entity for operating on data stored or to be stored in a storage that is associated with a DID. A type of data that is requested to be operated on is then determined. One or more policy rules that are applicable to the determined type of data are accessed. Based on the one or more policy rules, determine if the operation to be performed on the data will result in the data complying with the one or more policy rules. Based on the determination, allow the request when the operation will result in the data complying with the one or more policy rules.Type: GrantFiled: March 15, 2019Date of Patent: August 9, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Daniel James Buchner, Brandon Murdoch, Ankur Patel
-
Patent number: 11392467Abstract: Failover between decentralized identity stores in the context of there being multiple decentralized identity stores that are each under the control of a single decentralized identity to store data belonging to or regarding the decentralized identity. Third parties can use the decentralized identity to at least conditionally access the data of the primary decentralized identity store. However, in response to detecting a failover event, one of the remaining decentralized identity stores is promoted as the new primary decentralized identity store. As part of this promotion, the new primary decentralized identity store replaces the old primary decentralized identity store as being the decentralized identity store that is accessed using the decentralized identity.Type: GrantFiled: April 17, 2019Date of Patent: July 19, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Brandon Murdoch, Ankur Patel, Daniel James Buchner
-
Patent number: 11394718Abstract: The resolving of a decentralized identifier to a corresponding data structure using multiple resolvers. This allows for the use of a consensus of resolvers to improve trust in the resolution process. In order to resolve, a decentralized identifier is sent to multiple resolvers. In response, each of at least some of those resolvers will return a data structure of a particular type (e.g., a decentralized identifier document) that is associated with the decentralized identifier. Then, it is determined whether the data structure for at least some number of resolvers matches each other. That is, it is determined whether at least some predetermined threshold of resolvers is returning the same data structure (e.g., the same decentralized identifier document). If so, then it is determined that the matching data structure is indeed associated with the decentralized identifier. Otherwise, the resolution process has failed.Type: GrantFiled: June 10, 2019Date of Patent: July 19, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Brandon Murdoch, Ankur Patel, Daniel James Buchner
-
Patent number: 11394542Abstract: Embodiments disclosed herein are related to the deauthorization of a private key associated with a decentralized identifier. While a user of a computing system is authenticated as a decentralized identifier, the system detects user input, and determines based on that user input that the private key associated with the decentralized identity is to be revoked. In response to this determination, the private key is deauthorized so that the private key cannot be used to perform actions for the decentralized identity at least until the private key is restored.Type: GrantFiled: March 27, 2020Date of Patent: July 19, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Brandon Murdoch, Ankur Patel, Bailey Marie Bercik, Daniel James Buchner
-
Patent number: 11386225Abstract: Embodiments disclosed herein are related to computing systems and methods for localizing how a user will receive and view received DID-related data. The computing system and methods are implemented in the decentralized network that implements a distributed ledger that backs one or more decentralized identities (DID) for one or more users of the computing system. Various sets of rule are accessed. The sets of rules specify how a DID owner will receive and view DID-related data received from a third party entity. The sets of rules are applied to the DID-related data received from the third party entity. The received DID-related data is modified such that the received DID-related data conforms to the one or more sets of rules. The modified DID-related data is provided to the DID owner so that the DID owner is able to view the modified DID-related data according to the applied sets of rules.Type: GrantFiled: April 29, 2019Date of Patent: July 12, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Brandon Murdoch, Daniel James Buchner, Ankur Patel
-
Patent number: 11381567Abstract: Executing an application within a scope of user-granted permission in a decentralized network that implements a distributed edger. First, receiving a request from an entity for using data stored in a data storage that is associated with a DID owner as one or more inputs of an application associated with the entity to generate one or more results. Next, one or more characteristics of the application associated with the entity is identified. Based on identified one or more characteristics, a scope of permission to access the requested data that is to be granted to the entity is determined. Then, the scope of permission is granted to the entity to use the data as the one or more inputs of the application associated with the entity. Finally, the one or more results from the application is received.Type: GrantFiled: April 29, 2019Date of Patent: July 5, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Brandon Murdoch, Daniel James Buchner, Ankur Patel
-
Publication number: 20220164267Abstract: A computing system is configured to receive user data from a user associated with a decentralized identifier (DID) and authenticate the user based on the DID via data recorded on a distributed ledger. In response to authenticating the user, the computing system stores the user data redundantly at each of a plurality of decentralized identity stores. One of the plurality of decentralized identity stores is designated as a primary decentralized identity store. In particular, redundantly storing the user data includes storing the user data at the primary decentralized identity store, and causing each remaining decentralized identity store in the plurality of decentralized identity stores to store the user data following the primary decentralized identity store.Type: ApplicationFiled: February 10, 2022Publication date: May 26, 2022Inventors: Brandon MURDOCH, Ankur PATEL, Daniel James BUCHNER
-
Patent number: 11329968Abstract: Permitting a decentralized identity to authenticate on behalf of a centralized identity to a centralized identity system, and/or permitting a centralized identity to authenticate on behalf of a decentralized identity to a decentralized identity system. Thus, the principles described herein permit authentication across decentralized and centralized domains. The identity system receives and registers a delegation for the first identity to authentic as the second identity, where one of the identities is a decentralized identity and one is a centralized identity. Thereafter, when the identity system receives a communication from the first identity to access a resource owned by the second identity, the identity system accesses the registration to determine that the first identity is authorized to authenticate as the second identity, authenticates the first identity as the second identity, and grants the first identity access to the resource owned by the second identity.Type: GrantFiled: March 18, 2019Date of Patent: May 10, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Daniel James Buchner, Brandon Murdoch, Ankur Patel
-
Patent number: 11249870Abstract: Failover between decentralized identity stores in the context of there being multiple decentralized identity stores that are each under the control of a single decentralized identity to store data belonging to or regarding the decentralized identity. Third parties can use the decentralized identity to at least conditionally access the data of the primary decentralized identity store. However, in response to detecting a failover event, one of the remaining decentralized identity stores is promoted as the new primary decentralized identity store. As part of this promotion, the new primary decentralized identity store replaces the old primary decentralized identity store as being the decentralized identity store that is accessed using the decentralized identity.Type: GrantFiled: April 17, 2019Date of Patent: February 15, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Brandon Murdoch, Ankur Patel, Daniel James Buchner
-
Patent number: 11245524Abstract: Using an association data structure corresponding to a derived decentralized identifier of a subject entity to share a verified claim about the subject entity to one or more relying entities. A decentralized identifier of a subject entity is derived from a source decentralized identity of the subject entity. Next, an association data structure is created using the derived decentralized identifier. The association data structure is structured to be interpretable by a relying entity as demonstrating that a verified claim is about the derived decentralized identity. The relying entity is then caused to be provided the verified claim about the subject entity. The verified claim includes the association data structure that was created using the derived decentralized identifier.Type: GrantFiled: June 18, 2019Date of Patent: February 8, 2022Assignee: MICROSOFT TECHNOLOGLY LICENSING, LLCInventors: Brandon Murdoch, Ankur Patel, Ronald John Kamiel Eurphrasia Bjones, Daniel James Buchner
-
Patent number: 11228588Abstract: Embodiments disclosed herein are related to computing systems, computer program products, and methods for providing a callback pattern for DID attestations or claims. An attestation is provided from a first entity of a decentralized network to a second entity of the decentralized network. The attestation defines information about an owner of the attestation that has been generated by the first entity and that is to be used by the second entity. The attestation includes contact metadata that defines how to contact the first entity. In response to the attestation being provided to the second entity, the first entity is contacted using the contact metadata.Type: GrantFiled: March 20, 2019Date of Patent: January 18, 2022Assignee: MICROSOFT TECHNOLOGLY LICENSING, LLCInventors: Daniel James Buchner, Brandon Murdoch, Ankur Patel