Patents by Inventor K. Michiko Short
K. Michiko Short has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9118672Abstract: A client can communicate with a middle tier, which can then, in turn, communicate with a back end tier to access information and resources on behalf of the client within the context of a system that can scale well. Each individual back end can establish a policy that defines which computing device can delegate to that back end. That policy can be enforced by a domain controller within the same administrative domain as the particular back end. When a middle tier requests to delegate to a back end, the domain controller to which that request was directed can either apply the policy, or, if the domain controller is in a different domain than the targeted back end, it can direct the middle tier to a domain controller in a different domain and can sign relevant information that the middle tier can utilize when communicating with that different domain controller.Type: GrantFiled: December 10, 2010Date of Patent: August 25, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Mark Fishel Novak, Paul J. Leach, Liqiang Zhu, Paul J. Miller, Alexandru Hanganu, Yi Zeng, Jeremy Dominic Viegas, K. Michiko Short
-
Patent number: 9058467Abstract: A distributed system in which time-dependent credentials are supplied by controllers that operate according to different local times. Errors that might arise from the controllers generating inconsistent credentials because of time skew are avoided by identifying credentials generated during transition intervals in which different ones of the controllers may generate different credentials at the same absolute time. During a transition interval, controllers and other devices may use credentials differentially based on the nature of the authentication function. Each controller may periodically renew its credentials based on self-scheduled renewals or based on requests from other devices, such that renewal times are offset by random delays to avoid excessive network traffic. Controllers may determine which credential is valid for any given time, based on a cryptographically secure key associated with that time and information identifying the entity that is associated with that credential.Type: GrantFiled: September 1, 2011Date of Patent: June 16, 2015Assignee: Microsoft CorporationInventors: Mark Novak, Paul J. Leach, Yi Zeng, Saurav Sinha, K Michiko Short, Gopinathan Kannan
-
Patent number: 9032492Abstract: A distributed system in which time-dependent credentials are supplied by controllers that operate according to different local times. Errors that might arise from the controllers generating inconsistent credentials because of time skew are avoided by identifying credentials generated during transition intervals in which different ones of the controllers may generate different credentials at the same absolute time. During a transition interval, controllers and other devices may use credentials differentially based on the nature of the authentication function. Each controller may periodically renew its credentials based on self-scheduled renewals or based on requests from other devices, such that renewal times are offset by random delays to avoid excessive network traffic. Controllers may determine which credential is valid for any given time, based on a cryptographically secure key associated with that time and information identifying the entity that is associated with that credential.Type: GrantFiled: September 1, 2011Date of Patent: May 12, 2015Assignee: Microsoft CorporationInventors: Mark Novak, Paul J. Leach, Yi Zeng, Saurav Sinha, K Michiko Short, Gopinathan Kannan
-
Patent number: 8640210Abstract: A distributed system in which time-dependent credentials are supplied by controllers that operate according to different local times. Errors that might arise from the controllers generating inconsistent credentials because of time skew are avoided by identifying credentials generated during transition intervals in which different ones of the controllers may generate different credentials at the same absolute time. During a transition interval, controllers and other devices may use credentials differentially based on the nature of the authentication function. Each controller may periodically renew its credentials based on self-scheduled renewals or based on requests from other devices, such that renewal times are offset by random delays to avoid excessive network traffic. Controllers may determine which credential is valid for any given time, based on a cryptographically secure key associated with that time and information identifying the entity that is associated with that credential.Type: GrantFiled: September 1, 2011Date of Patent: January 28, 2014Assignee: Microsoft CorporationInventors: Mark Novak, Paul J. Leach, Yi Zeng, Saurav Sinha, K Michiko Short, Gopinathan Kannan
-
Publication number: 20130061301Abstract: A distributed system in which time-dependent credentials are supplied by controllers that operate according to different local times. Errors that might arise from the controllers generating inconsistent credentials because of time skew are avoided by identifying credentials generated during transition intervals in which different ones of the controllers may generate different credentials at the same absolute time. During a transition interval, controllers and other devices may use credentials differentially based on the nature of the authentication function. Each controller may periodically renew its credentials based on self-scheduled renewals or based on requests from other devices, such that renewal times are offset by random delays to avoid excessive network traffic. Controllers may determine which credential is valid for any given time, based on a cryptographically secure key associated with that time and information identifying the entity that is associated with that credential.Type: ApplicationFiled: September 1, 2011Publication date: March 7, 2013Applicant: Microsoft CorporationInventors: Mark Novak, Paul J. Leach, Yi Zeng, Saurav Sinha, K. Michiko Short, Gopinathan Kannan
-
Publication number: 20130061300Abstract: A distributed system in which time-dependent credentials are supplied by controllers that operate according to different local times. Errors that might arise from the controllers generating inconsistent credentials because of time skew are avoided by identifying credentials generated during transition intervals in which different ones of the controllers may generate different credentials at the same absolute time. During a transition interval, controllers and other devices may use credentials differentially based on the nature of the authentication function. Each controller may periodically renew its credentials based on self-scheduled renewals or based on requests from other devices, such that renewal times are offset by random delays to avoid excessive network traffic. Controllers may determine which credential is valid for any given time, based on a cryptographically secure key associated with that time and information identifying the entity that is associated with that credential.Type: ApplicationFiled: September 1, 2011Publication date: March 7, 2013Applicant: Microsoft CorporationInventors: Mark Novak, Paul J. Leach, Yi Zeng, Saurav Sinha, K. Michiko Short, Gopinathan Kannan
-
Publication number: 20130061299Abstract: A distributed system in which time-dependent credentials are supplied by controllers that operate according to different local times. Errors that might arise from the controllers generating inconsistent credentials because of time skew are avoided by identifying credentials generated during transition intervals in which different ones of the controllers may generate different credentials at the same absolute time. During a transition interval, controllers and other devices may use credentials differentially based on the nature of the authentication function. Each controller may periodically renew its credentials based on self-scheduled renewals or based on requests from other devices, such that renewal times are offset by random delays to avoid excessive network traffic. Controllers may determine which credential is valid for any given time, based on a cryptographically secure key associated with that time and information identifying the entity that is associated with that credential.Type: ApplicationFiled: September 1, 2011Publication date: March 7, 2013Applicant: Microsoft CorporationInventors: Mark Novak, Paul J. Leach, Yi Zeng, Saurav Sinha, K. Michiko Short, Gopinathan Kannan
-
Publication number: 20120131661Abstract: A client can communicate with a middle tier, which can then, in turn, communicate with a back end tier to access information and resources on behalf of the client within the context of a system that can scale well. Each individual back end can establish a policy that defines which computing device can delegate to that back end. That policy can be enforced by a domain controller within the same administrative domain as the particular back end. When a middle tier requests to delegate to a back end, the domain controller to which that request was directed can either apply the policy, or, if the domain controller is in a different domain than the targeted back end, it can direct the middle tier to a domain controller in a different domain and can sign relevant information that the middle tier can utilize when communicating with that different domain controller.Type: ApplicationFiled: December 10, 2010Publication date: May 24, 2012Applicant: MICROSOFT CORPORATIONInventors: Mark Fishel Novak, Paul J. Leach, Liqiang Zhu, Paul J. Miller, Alexandru Hanganu, Yi Zeng, Jeremy Dominic Viegas, K. Michiko Short