Patents by Inventor Sai Sudhir Anantha Padmanaban
Sai Sudhir Anantha Padmanaban has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10798092Abstract: Services from domainless machines are made available in a security domain under a virtual name. Each machine is not joined to the domain but can reach a security domain controller. The controller controls at least one security domain using an authentication protocol, such as a modified Kerberos protocol. One obtains a set of security domain credentials, generates a cluster name secret, gives the cluster a virtual name, and authenticates the machines to the domain controller using these items. In some cases, authentication uses a ticket-based protocol which accepts the cluster name secret in place of a proof of valid security domain membership. In some, the domain controller uses a directory service which is compatible with an active directory service; the cluster virtual name is provisioned as an account in the directory service. The cluster virtual name may concurrently serve clients on different security domains of the directory service.Type: GrantFiled: March 7, 2019Date of Patent: October 6, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Sai Sudhir Anantha Padmanaban, Lokesh Srinivas Koppolu, Andrea D'Amato, Yi Zeng
-
Publication number: 20190207925Abstract: Services from domainless machines are made available in a security domain under a virtual name. Each machine is not joined to the domain but can reach a security domain controller. The controller controls at least one security domain using an authentication protocol, such as a modified Kerberos protocol. One obtains a set of security domain credentials, generates a cluster name secret, gives the cluster a virtual name, and authenticates the machines to the domain controller using these items. In some cases, authentication uses a ticket-based protocol which accepts the cluster name secret in place of a proof of valid security domain membership. In some, the domain controller uses a directory service which is compatible with an active directory service; the cluster virtual name is provisioned as an account in the directory service. The cluster virtual name may concurrently serve clients on different security domains of the directory service.Type: ApplicationFiled: March 7, 2019Publication date: July 4, 2019Inventors: Sai Sudhir ANANTHA PADMANABAN, Lokesh Srinivas KOPPOLU, Andrea D'AMATO, Yi ZENG
-
Patent number: 10275467Abstract: Implementing a high availability mode. A distributed computing environment includes a plurality of nodes. Each of the nodes has an instance of a particular storage service. One or more of the instances have one or more cluster shared filesystems coupled to them. A method includes monitoring arrivals and departures of cluster shared file systems. The method further includes identifying the arrival of one or more clustered shared file systems previously attached to a different instance of the storage service on a different node and being accessible by following one or more namespace partitions located in that clustered shared file system. As a result, the method further includes connecting the instance of the storage service to the one or more arriving clustered shared file systems and exposing the one or more namespace partitions located in that clustered shared file system.Type: GrantFiled: March 15, 2016Date of Patent: April 30, 2019Assignee: Microsoft Technology Licensing, LLCInventors: Diaa E. Fathalla, Sai Sudhir Anantha Padmanaban, Ali Ediz Turkoglu
-
Patent number: 10270760Abstract: Services from domainless machines are made available in a security domain under a virtual name. Each machine is not joined to the domain but can reach a security domain controller. The controller controls at least one security domain using an authentication protocol, such as a modified Kerberos protocol. One obtains a set of security domain credentials, generates a cluster name secret, gives the cluster a virtual name, and authenticates the machines to the domain controller using these items. In some cases, authentication uses a ticket-based protocol which accepts the cluster name secret in place of a proof of valid security domain membership. In some, the domain controller uses a directory service which is compatible with an active directory service; the cluster virtual name is provisioned as an account in the directory service. The cluster virtual name may concurrently serve clients on different security domains of the directory service.Type: GrantFiled: October 5, 2017Date of Patent: April 23, 2019Assignee: Microsoft Tehnology Licensing, LLCInventors: Sai Sudhir Anantha Padmanaban, Lokesh Srinivas Koppolu, Andrea D'Amato, Yi Zeng
-
Publication number: 20180048636Abstract: Services from domainless machines are made available in a security domain under a virtual name. Each machine is not joined to the domain but can reach a security domain controller. The controller controls at least one security domain using an authentication protocol, such as a modified Kerberos protocol. One obtains a set of security domain credentials, generates a cluster name secret, gives the cluster a virtual name, and authenticates the machines to the domain controller using these items. In some cases, authentication uses a ticket-based protocol which accepts the cluster name secret in place of a proof of valid security domain membership. In some, the domain controller uses a directory service which is compatible with an active directory service; the cluster virtual name is provisioned as an account in the directory service. The cluster virtual name may concurrently serve clients on different security domains of the directory service.Type: ApplicationFiled: October 5, 2017Publication date: February 15, 2018Inventors: Sai Sudhir ANANTHA PADMANABAN, Lokesh Srinivas KOPPOLU, Andrea D'AMATO, Yi ZENG
-
Patent number: 9813413Abstract: Services from domainless machines are made available in a security domain under a virtual name. Each machine is not joined to the domain but can reach a security domain controller. The controller controls at least one security domain using an authentication protocol, such as a modified Kerberos protocol. One obtains a set of security domain credentials, generates a cluster name secret, gives the cluster a virtual name, and authenticates the machines to the domain controller using these items. In some cases, authentication uses a ticket-based protocol which accepts the cluster name secret in place of a proof of valid security domain membership. In some, the domain controller uses a directory service which is compatible with an active directory service; the cluster virtual name is provisioned as an account in the directory service. The cluster virtual name may concurrently serve clients on different security domains of the directory service.Type: GrantFiled: September 20, 2015Date of Patent: November 7, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Sai Sudhir Anantha Padmanaban, Lokesh Srinivas Koppolu, Andrea D'Amato, Yi Zeng
-
Publication number: 20170169048Abstract: Implementing a high availability mode. A distributed computing environment includes a plurality of nodes. Each of the nodes has an instance of a particular storage service. One or more of the instances have one or more cluster shared filesystems coupled to them. A method includes monitoring arrivals and departures of cluster shared file systems. The method further includes identifying the arrival of one or more clustered shared file systems previously attached to a different instance of the storage service on a different node and being accessible by following one or more namespace partitions located in that clustered shared file system. As a result, the method further includes connecting the instance of the storage service to the one or more arriving clustered shared file systems and exposing the one or more namespace partitions located in that clustered shared file system.Type: ApplicationFiled: March 15, 2016Publication date: June 15, 2017Inventors: Diaa E. Fathalla, Sai Sudhir Anantha Padmanaban, Ali Ediz Turkoglu
-
Publication number: 20170048223Abstract: Services from domainless machines are made available in a security domain under a virtual name. Each machine is not joined to the domain but can reach a security domain controller. The controller controls at least one security domain using an authentication protocol, such as a modified Kerberos protocol. One obtains a set of security domain credentials, generates a cluster name secret, gives the cluster a virtual name, and authenticates the machines to the domain controller using these items. In some cases, authentication uses a ticket-based protocol which accepts the cluster name secret in place of a proof of valid security domain membership. In some, the domain controller uses a directory service which is compatible with an active directory service; the cluster virtual name is provisioned as an account in the directory service. The cluster virtual name may concurrently serve clients on different security domains of the directory service.Type: ApplicationFiled: September 20, 2015Publication date: February 16, 2017Inventors: Sai Sudhir ANANTHA PADMANABAN, Lokesh Srinivas KOPPOLU, Andrea D'AMATO, Yi ZENG
-
Patent number: 8751711Abstract: Defining a storage topology of a distributed computing system including a set of machine nodes. A method includes dynamically receiving from a number of nodes in the distributed computing system information about storage devices. Each node sends information about storage devices connected to that particular node. The information is sent dynamically from each node as conditions related to storage change and as a result of conditions related to storage changing. From the received information, the method includes dynamically constructing a storage topology representation of the distributed computed system.Type: GrantFiled: December 17, 2010Date of Patent: June 10, 2014Assignee: Microsoft CorporationInventors: Sai Sudhir Anantha Padmanaban, Andrea D'Amato, Alan Warwick
-
Patent number: 8738701Abstract: The present invention extends to methods, systems, and computer program products for implementing persistent reservation techniques for establishing ownership of one or more physical disks. These persistent reservation techniques can be employed to determine ownership of physical disks in a storage pool as well as in any other storage configuration. Using the persistent reservation techniques of the present invention, when a network partition occurs, a defender of a physical disk does not remove a challenger's registration key until the defender receives notification that the challenger is no longer in the defender's partition. In this way, pending I/O from applications executing on the challenger will not fail due to the challenger's key being removed until the proper ownership of the physical disk can be resolved.Type: GrantFiled: February 28, 2012Date of Patent: May 27, 2014Assignee: Microsoft CorporationInventors: Sai Sudhir Anantha Padmanaban, Vyacheslav Kuznetsov, Alan Warwick, Andrea D'Amato
-
Patent number: 8627431Abstract: Aspects of the subject matter described herein relate to a distributed network name. In aspects, computers of a cluster have components of a distributed network name service. The network name service has a leader and clones that are hosted on the computers of the cluster. The leader is responsible for updating a name server with network names and addresses of the computers. The leader is also responsible for configuring a security server that allows clients to securely access the computers. The network name service provides credentials to local security authorities of the computers so that a client that attempts to access a service of the computers can be authenticated.Type: GrantFiled: June 4, 2011Date of Patent: January 7, 2014Assignee: Microsoft CorporationInventors: Sai Sudhir Anantha Padmanaban, Alan M. Warwick, Andrea D'Amato, Henry Anthuvan Aloysius, Vladimir Petter
-
Publication number: 20130227009Abstract: The present invention extends to methods, systems, and computer program products for implementing persistent reservation techniques for establishing ownership of one or more physical disks. These persistent reservation techniques can be employed to determine ownership of physical disks in a storage pool as well as in any other storage configuration. Using the persistent reservation techniques of the present invention, when a network partition occurs, a defender of a physical disk does not remove a challenger's registration key until the defender receives notification that the challenger is no longer in the defender's partition. In this way, pending I/O from applications executing on the challenger will not fail due to the challenger's key being removed until the proper ownership of the physical disk can be resolved.Type: ApplicationFiled: February 28, 2012Publication date: August 29, 2013Applicant: MICROSOFT CORPORATIONInventors: Sai Sudhir Anantha Padmanaban, Vyacheslav Kuznetsov, Alan Warwick, Andrea D'Amato
-
Publication number: 20120311685Abstract: Aspects of the subject matter described herein relate to a distributed network name. In aspects, computers of a cluster have components of a distributed network name service. The network name service has a leader and clones that are hosted on the computers of the cluster. The leader is responsible for updating a name server with network names and addresses of the computers. The leader is also responsible for configuring a security server that allows clients to securely access the computers. The network name service provides credentials to local security authorities of the computers so that a client that attempts to access a service of the computers can be authenticated.Type: ApplicationFiled: June 4, 2011Publication date: December 6, 2012Applicant: MICROSOFT CORPORATIONInventors: Sai Sudhir Anantha Padmanaban, Alan M. Warwick, Andrea D'Amato, Henry Anthuvan Aloysius, Vladimir Petter
-
Publication number: 20120159021Abstract: Defining a storage topology of a distributed computing system including a set of machine nodes. A method includes dynamically receiving from a number of nodes in the distributed computing system information about storage devices. Each node sends information about storage devices connected to that particular node. The information is sent dynamically from each node as conditions related to storage change and as a result of conditions related to storage changing. From the received information, the method includes dynamically constructing a storage topology representation of the distributed computed system.Type: ApplicationFiled: December 17, 2010Publication date: June 21, 2012Applicant: Microsoft CorporationInventors: Sai Sudhir Anantha Padmanaban, Andrea D'Amato, Alan Warwick