Patents by Inventor Duy Lan Nguyen
Duy Lan Nguyen has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10623398Abstract: The subject disclosure is directed towards processing requests for accessing a service provider. After examining at least one security token, a public key and a portion of attribute information are identified. An authentication component is accessed and applied to the public key. A unique user identifier is employed in generating the public key. The authentication component is generated using information from at least one revoked security token or at least one valid security token. The authentication component is configured to prove validity of the at least one security token.Type: GrantFiled: January 12, 2016Date of Patent: April 14, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Duy Lan Nguyen, Tolga Acar
-
Patent number: 9768962Abstract: The subject disclosure is directed towards credential verification for accessing a service provider. A user may prove to the service provider the validity of the credential by communicating a non-revocation component that is based upon a prime-order cryptographic group without a bilinear pairing. In order to authenticate the user, a verification mechanism within an identity management system applies private cryptographic data, including a verifier-designated private key to the non-revocation component, which proves that the user's identity and therefore, the credential is not revoked. The presentation proof includes a hash value that is computed using the credential's commitment and the prime-order cryptographic group. By verifying that the hash value was computed using that commitment, the verification mechanism validates the credential and permits access to the service provider.Type: GrantFiled: March 15, 2013Date of Patent: September 19, 2017Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Tolga Acar, Christian Paquin, Duy Lan Nguyen, Melissa Chase
-
Patent number: 9722776Abstract: The subject disclosure is directed towards a technology by which data is securely distributed using a homomorphic signature scheme and homomorphic network coding signature schemes. A homomorphic signature scheme for signing the data is based upon binary pairing with standard prime order groups. Sets of data are signed based upon dividing a larger block of data into smaller blocks, and separately signing each smaller block. The smaller blocks may be distributed to nodes of a network topology that are configured for network coding. In one alternative, the homomorphic signature scheme protects against changes to the block identifier. Proof data may be provided independent of a random oracle, may be provided by providing parameters for verification in a Groth-Sahai proof system, or may be provided by providing parameters for verification independent of a Groth-Sahai proof system.Type: GrantFiled: June 21, 2012Date of Patent: August 1, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Duy Lan Nguyen, Tolga Acar, Avradip Mandal
-
Publication number: 20160241547Abstract: The subject disclosure is directed towards processing requests for accessing a service provider. After examining at least one security token, a public key and a portion of attribute information are identified. An authentication component is accessed and applied to the public key. A unique user identifier is employed in generating the public key. The authentication component is generated using information from at least one revoked security token or at least one valid security token. The authentication component is configured to prove validity of the at least one security token.Type: ApplicationFiled: January 12, 2016Publication date: August 18, 2016Inventors: Duy Lan Nguyen, Tolga Acar
-
Patent number: 9264237Abstract: The subject disclosure is directed towards processing requests for accessing a service provider. After examining at least one security token, a public key and a portion of attribute information are identified. An authentication component is accessed and applied to the public key. A unique user identifier is employed in generating the public key. The authentication component is generated using information from at least one revoked security token or at least one valid security token. The authentication component is configured to prove validity of the at least one security token.Type: GrantFiled: June 15, 2011Date of Patent: February 16, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Duy Lan Nguyen, Tolga Acar
-
Publication number: 20130346755Abstract: The subject disclosure is directed towards a technology by which data is securely distributed using a homomorphic signature scheme and homomorphic network coding signature schemes. A homomorphic signature scheme for signing the data is based upon binary pairing with standard prime order groups. Sets of data are signed based upon dividing a larger block of data into smaller blocks, and separately signing each smaller block. The smaller blocks may be distributed to nodes of a network topology that are configured for network coding. In one alternative, the homomorphic signature scheme protects against changes to the block identifier. Proof data may be provided independent of a random oracle, may be provided by providing parameters for verification in a Groth-Sahai proof system, or may be provided by providing parameters for verification independent of a Groth-Sahai proof system.Type: ApplicationFiled: June 21, 2012Publication date: December 26, 2013Applicant: Microsoft CorporationInventors: Duy Lan Nguyen, Tolga Acar, Avradip Mandal
-
Publication number: 20120324233Abstract: The subject disclosure is directed towards processing requests for accessing a service provider. After examining at least one security token, a public key and a portion of attribute information are identified. An authentication component is accessed and applied to the public key. A unique user identifier is employed in generating the public key. The authentication component is generated using information from at least one revoked security token or at least one valid security token. The authentication component is configured to prove validity of the at least one security token.Type: ApplicationFiled: June 15, 2011Publication date: December 20, 2012Applicant: MICROSOFT CORPORATIONInventors: Duy Lan Nguyen, Tolga Acar
-
Patent number: 8325924Abstract: In an example, one or more cryptographic keys may be associated with a group. Any member of the group may use the key to encrypt and decrypt information, thereby allowing members of the group to share encrypted information. Domain controllers (DCs) maintain copies of the group's keys. The DCs may synchronize with each other, so that each DC may have a copy of the group's keys. Keys may have expiration dates, and any client connected to a DC may generate a new key when a key is nearing expiration. The various clients may create new keys at differing amounts of time before expiration on various DCs. DCs that store keys early thus may have time to propagate the newly-created keys through synchronization before other DCs are requested to store keys created by other clients. In this way, the creation of an excessive number of new keys may be avoided.Type: GrantFiled: February 19, 2009Date of Patent: December 4, 2012Assignee: Microsoft CorporationInventors: Tolga Acar, Josh Benaloh, Niels Thomas Ferguson, Carl M. Ellison, Mira Belenkiy, Duy Lan Nguyen
-
Publication number: 20100208898Abstract: In an example, one or more cryptographic keys may be associated with a group. Any member of the group may use the key to encrypt and decrypt information, thereby allowing members of the group to share encrypted information. Domain controllers (DCs) maintain copies of the group's keys. The DCs may synchronize with each other, so that each DC may have a copy of the group's keys. Keys may have expiration dates, and any client connected to a DC may generate a new key when a key is nearing expiration. The various clients may create new keys at differing amounts of time before expiration on various DCs. DCs that store keys early thus may have time to propagate the newly-created keys through synchronization before other DCs are requested to store keys created by other clients. In this way, the creation of an excessive number of new keys may be avoided.Type: ApplicationFiled: February 19, 2009Publication date: August 19, 2010Applicant: MICROSOFT CORPORATIONInventors: Tolga Acar, Josh Benaloh, Niels Thomas Ferguson, Carl M. Ellison, Mira Belenkiy, Duy Lan Nguyen