Patents by Inventor John Hal Howard
John Hal Howard has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9886675Abstract: A virtual environment service obtains automatically collected diagnostic information from a deployed instance of a computer system and automatically generates a reproduction of an environment of the instance of the computer system, based upon the collected diagnostic data. User interactions with the virtual diagnostic environment can be recorded to identify a technical issue with the deployed instance of the computer system. A fix for the issue is applied in the virtual diagnostic environment so that it can be verified by the user prior to applying it to the deployed instance.Type: GrantFiled: June 23, 2016Date of Patent: February 6, 2018Assignee: Microsoft Technology Licensing, LLCInventors: Satish Thomas, Yi Zhang, Murtaza Chowdhury, Sridhar Srinivasan, John Hal Howard
-
Publication number: 20160307129Abstract: A virtual environment service obtains automatically collected diagnostic information from a deployed instance of a computer system and automatically generates a reproduction of an environment of the instance of the computer system, based upon the collected diagnostic data. User interactions with the virtual diagnostic environment can be recorded to identify a technical issue with the deployed instance of the computer system. A fix for the issue is applied in the virtual diagnostic environment so that it can be verified by the user prior to applying it to the deployed instance.Type: ApplicationFiled: June 23, 2016Publication date: October 20, 2016Inventors: Satish Thomas, Yi Zhang, Murtaza Chowdhury, Sridhar Srinivasan, John Hal Howard
-
Patent number: 9405645Abstract: A virtual environment service obtains automatically collected diagnostic information from a deployed instance of a computer system and automatically generates a reproduction of an environment of the instance of the computer system, based upon the collected diagnostic data. User interactions with the virtual diagnostic environment can be recorded to identify a technical issue with the deployed instance of the computer system. A fix for the issue is applied in the virtual diagnostic environment so that it can be verified by the user prior to applying it to the deployed instance.Type: GrantFiled: November 14, 2013Date of Patent: August 2, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Satish Thomas, Yi Zhang, Murtaza Chowdhury, Sridhar Srinivasan, John Hal Howard
-
Publication number: 20150135013Abstract: A virtual environment service obtains automatically collected diagnostic information from a deployed instance of a computer system and automatically generates a reproduction of an environment of the instance of the computer system, based upon the collected diagnostic data. User interactions with the virtual diagnostic environment can be recorded to identify a technical issue with the deployed instance of the computer system. A fix for the issue is applied in the virtual diagnostic environment so that it can be verified by the user prior to applying it to the deployed instance.Type: ApplicationFiled: November 14, 2013Publication date: May 14, 2015Inventors: Satish Thomas, Yi Zhang, Murtaza Chowdhury, Sridhar Srinivasan, John Hal Howard
-
Patent number: 7971240Abstract: Exchanging information in a multi-site authentication system. A network server receives, from an authentication server, a request by a client computing device for a service provided by the network server along with an authentication ticket. The authentication ticket includes: a session key encrypted by a public key associated with the network server, message content encrypted by the session key, and a signature for the encrypted session key and the encrypted message content. The signature includes address information of the network server. The network server identifies its own address information in the signature to validate the signature included in the authentication ticket and verifies the authentication ticket content based on the signature included in the authentication ticket. The network server decrypts the encrypted session key via a private key associated with the second network server and decrypts the encrypted message content via the decrypted session key.Type: GrantFiled: April 20, 2009Date of Patent: June 28, 2011Assignee: Microsoft CorporationInventors: Wei-Quiang Michael Guo, John Hal Howard, Kok Wai Chan
-
Patent number: 7607008Abstract: A user is authenticated for a relying computing entity (e.g., an enterprise) through an authentication broker service, wherein a trust relationship exists between the relying computing entity and the authentication broker service. The authentication broker service has a trust relationship with the relying computing entity and the authentication service that issued the identity of the user. The relying computing entity asks the authentication broker service to authenticate the identity of the user. The authentication broker service captures the user's credential (or directs the authentication service to do so) and sends an authentication response (e.g., a token) to the relying computing entity in order to authenticate the identity of the user to the relying computing entity. The relying computing entity verifies the authentication response based on the trust relationship between the relying computing entity and the authentication broker service.Type: GrantFiled: April 1, 2004Date of Patent: October 20, 2009Assignee: Microsoft CorporationInventors: John Hal Howard, Daniel Salvatore Schiappa, Khaja E. Ahmed, Kyle S. Young
-
Patent number: 7590731Abstract: A mechanism for seeking access of a client to a first server is described. The mechanism involves determining that a client seeking access to the first server is not authenticated by an authentication server. The mechanism further involves communicating a request for login information to be returned to the second server from the client. Login information is received at the authentication server from the client. The client is authenticated by comparing the login information with authentication information maintained by the authentication server. When the login information matches the authentication information, a user authentication indicator is generated at the authentication server and the user sends the authentication indicator to the first server.Type: GrantFiled: November 24, 2003Date of Patent: September 15, 2009Assignee: Microsoft CorporationInventors: John Hal Howard, Jeffrey C. Kunins, Darren L. Anderson, Ryan W. Battle, Max E. Metral
-
Publication number: 20090204808Abstract: Exchanging information in a multi-site authentication system. A network server receives, from an authentication server, a request by a client computing device for a service provided by the network server along with an authentication ticket. The authentication ticket includes: a session key encrypted by a public key associated with the network server, message content encrypted by the session key, and a signature for the encrypted session key and the encrypted message content. The signature includes address information of the network server. The network server identifies its own address information in the signature to validate the signature included in the authentication ticket and verifies the authentication ticket content based on the signature included in the authentication ticket. The network server decrypts the encrypted session key via a private key associated with the second network server and decrypts the encrypted message content via the decrypted session key.Type: ApplicationFiled: April 20, 2009Publication date: August 13, 2009Applicant: MICROSOFT CORPORATIONInventors: Wei-Quiang Michael Guo, John Hal Howard, Kok Wai Chan
-
Patent number: 7523490Abstract: A security protocol for use in a multi-site authentication system. After authenticating a user, an authentication server generates a ticket including information associated with the user. The authentication server encrypts content of the ticket using a symmetric key shared with an affiliate server. The affiliate server has a public key that the authentication server uses to encrypt the shared key. The authentication server has private key for creating a signature on the ticket. The affiliate server decrypts the shared key with its private key and then decrypts the content of the ticket using the decrypted shared key. The affiliate server validates the signature with the authentication server's public key.Type: GrantFiled: May 15, 2002Date of Patent: April 21, 2009Assignee: Microsoft CorporationInventors: Wei-Quiang Michael Guo, John Hal Howard, Kok Wai Chan
-
Patent number: 7421731Abstract: A user, by way of a computing device, requests and receives content from a first server at the computing device. An authentication response is also received from the first server at the computing device of the user. The authentication response includes an address of the second server and an executable script. The computing device of the user executes the executable script by issuing a request to the second server for state information corresponding to the user, receiving the state information from the second server; and determining, based on the state information, whether the user is authenticated to the second server. If the user is not authenticated to the second server, the computer device of the user displays a login module that is visually associated with the first server. Such login module collects login information for authenticating the user to the second server.Type: GrantFiled: February 23, 2001Date of Patent: September 2, 2008Assignee: Microsoft CorporationInventors: Christopher E. Mitchell, Ryan W. Battle, Darren L. Anderson, Joshua G. Poley, Greg A. Marks, John Hal Howard, Michael Wei-Quiang Guo
-
Patent number: 7418502Abstract: A system determines whether to grant user access. Prior to granting access, the network server authenticates the user by sending an authentication request. An authentication server determines whether the user has been authenticated. If the user has been authenticated, the network server is notified and the network server grants access. If the user is not authenticated, then login information is retrieved and compared to maintained authentication information. If the retrieved login information matches, then the network server is notified. The retrieved login and authentication information is concealed from the network server. If the user is authenticated, a user profile is communicated to the network server with the notification. If the user is successfully authenticated, a cookie is provided to a user Internet browser. The cookie contains information regarding user authentication, the user's profile, and a list of network servers previously visited.Type: GrantFiled: January 12, 2006Date of Patent: August 26, 2008Assignee: Microsoft CorporationInventors: John Hal Howard, Darren L. Anderson, Jeffrey C. Kunins, Max E. Metral, Ryan W. Battle
-
Patent number: 7016960Abstract: A system determines whether to grants access to a network server by a user. Initially, a user attempts to gain access to a network server, such as a web server. Prior to granting access to the network server, the network server authenticates the user by sending an authentication request to an authentication server. The authentication server determines whether the user was already authenticated by the authentication server. If the user was already authenticated by the authentication server, then the network server is notified that the user is authenticated. The network server then grants the user access to the network server. If the user was not already authenticated by the authentication server, then login information is retrieved from the user and compared to authentication information maintained by the authentication server. If the retrieved login information matches the authentication information, then the network server is notified that the user is authenticated.Type: GrantFiled: April 30, 2003Date of Patent: March 21, 2006Assignee: Microsoft CorporationInventors: John Hal Howard, Jeffrey C. Kunins, Darren L. Anderson, Ryan W. Battle, Max E. Metral
-
Publication number: 20040148410Abstract: A mechanism for seeking access of a client to a first server is described. The mechanism involves determining that a client seeking access to the first server is not authenticated by an authentication server. The mechanism further involves communicating a request for login information to be returned to the second server from the client. Login information is received at the authentication server from the client. The client is authenticated by comparing the login information with authentication information maintained by the authentication server. When the login information matches the authentication information, a user authentication indicator is generated at the authentication server and the user sends the authentication indicator to the first server.Type: ApplicationFiled: November 24, 2003Publication date: July 29, 2004Inventors: John Hal Howard, Jeffrey C. Kunins, Darren L. Anderson, Ryan W. Battle, Max E. Metral
-
Patent number: 6678731Abstract: A system determines whether to grant a user access to a network server. Prior to granting access to the network server, the network server authenticates the user by sending an authentication request to an authentication server. The authentication server determines whether the user was already authenticated by the authentication server. If the user is authenticated by the authentication server, then the network server is notified that the user is authenticated through the use of an authentication ticket, and the network server grants the network server user access. If the user is not authenticated by the authentication server, then login information is retrieved from the user and compared to authentication information maintained by the authentication server. If the retrieved login information matches the authentication information, then the network server is notified that the user is authenticated by using the authentication ticket.Type: GrantFiled: July 8, 1999Date of Patent: January 13, 2004Assignee: Microsoft CorporationInventors: John Hal Howard, Jeffrey C. Kunins, Darren L. Anderson, Ryan W. Battle, Max E. Metral
-
Publication number: 20030217288Abstract: A security protocol for use in a multi-site authentication system. After authenticating a user, an authentication server generates a ticket including information associated with the user. The authentication server encrypts content of the ticket using a symmetric key shared with an affiliate server. The affiliate server has a public key that the authentication server uses to encrypt the shared key. The authentication server has private key for creating a signature on the ticket. The affiliate server decrypts the shared key with its private key and then decrypts the content of the ticket using the decrypted shared key. The affiliate server validates the signature with the authentication server's public key.Type: ApplicationFiled: May 15, 2002Publication date: November 20, 2003Applicant: Microsoft CorporationInventors: Wei-Quiang Michael Guo, John Hal Howard, Kok Wai Chan
-
Publication number: 20030204610Abstract: A system determines whether to grants access to a network server by a user. Initially, a user attempts to gain access to a network server, such as a web server. Prior to granting access to the network server, the network server authenticates the user by sending an authentication request to an authentication server. The authentication server determines whether the user was already authenticated by the authentication server. If the user was already authenticated by the authentication server, then the network server is notified that the user is authenticated. The network server then grants the user access to the network server. If the user was not already authenticated by the authentication server, then login information is retrieved from the user and compared to authentication information maintained by the authentication server. If the retrieved login information matches the authentication information, then the network server is notified that the user is authenticated.Type: ApplicationFiled: April 30, 2003Publication date: October 30, 2003Inventors: John Hal Howard, Jeffrey C. Kunins, Darren L. Anderson, Ryan W. Battle, Max E. Metral
-
Patent number: 6584505Abstract: A system determines whether to grants access to a network server by a user. Initially, a user attempts to gain access to a network server, such as a web server. Prior to granting access to the network server, the network server authenticates the user by sending an authentication request to an authentication server. The authentication server determines whether the user was already authenticated by the authentication server. If the user was already authenticated by the authentication server, then the network server is notified that the user is authenticated. The network server then grants the user access to the network server. If the user was not already authenticated by the authentication server, then login information is retrieved from the user and compared to authentication information maintained by the authentication server. If the retrieved login information matches the authentication information, then the network server is notified that the user is authenticated.Type: GrantFiled: July 8, 1999Date of Patent: June 24, 2003Assignee: Microsoft CorporationInventors: John Hal Howard, Jeffrey C. Kunins, Darren L. Anderson, Ryan W. Battle, Max E. Metral
-
Publication number: 20020120867Abstract: A user, by way of a computing device, requests and receives content from a first server at the computing device. An authentication response is also received from the first server at the computing device of the user. The authentication response includes an address of the second server and an executable script. The computing device of the user executes the executable script by issuing a request to the second server for state information corresponding to the user, receiving the state information from the second server; and determining, based on the state information, whether the user is authenticated to the second server. If the user is not authenticated to the second server, the computer device of the user displays a login module that is visually associated with the first server. Such login module collects login information for authenticating the user to the second server.Type: ApplicationFiled: February 23, 2001Publication date: August 29, 2002Applicant: Microsoft CorporationInventors: Christopher E. Mitchell, Ryan W. Battle, Darren L. Anderson, Joshua G. Poley, Greg A. Marks, John Hal Howard