Patents by Inventor Sandeep Kalarickal
Sandeep Kalarickal has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11700278Abstract: Methods, systems, and computer storage media for providing access to computing environments based on a multi-environment policy are provided. The a multi-environment policy is configurable to define rules that have provider-controlled and customer-controlled computing environment parameters for approving access to provider-controlled computing environments and customer-controlled computing environments. In operation, a request associated a computing environment are received. The computing environment is associated with a multi-environment policy. The multi-environment policy is configurable to define the rules based on access vectors having grouped computing environment aspects for control and visibility associated with accessing computing environments. Based on the request, a determination whether the request is for a provider-controlled or a customer-controlled computing environment is made.Type: GrantFiled: June 30, 2019Date of Patent: July 11, 2023Inventors: Bhuvaneshwari Krishnamurthi, Janani Vasudevan, Harsha Vardhan Sanagaram, Corbin C. Rogerson, Sandeep Kalarickal, Kahren Tevosyan, Thomas Charles Knudson
-
Patent number: 11233794Abstract: Methods, systems, and computer storage media for providing escorted-access management based on an escort-admin session engine are provided. The escort-admin session engine approves an external administrator's access to a resource instance based on a service team policy, while approving an escort operator to escort the external administrator in an escort-admin session that provides access to the resource. In operation, an external administrator's request for access to a resource is evaluated based on the service team policy that is managed by a service team. The request is approved with access rights to the resource identified in the policy. An escort operator is identified for the external administrator. The escort operator is approved to escort the external administrator for access to the resource during an escort-admin session. The escort-admin session includes an escort operator context referring to the escort operator having access rights based on the access rights approved using the policy.Type: GrantFiled: June 30, 2019Date of Patent: January 25, 2022Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Chetan S. Shankar, LiLei Cui, Sandeep Kalarickal S, Thomas Charles Knudson, Pavan Gopal Bandla, Pradeep Ayyappan Nair, Aaron Keith Rosenfeld, Tyler S. Wiegers, Sudharshan Reddy Bommu, Margus Janese, Mario Mett, Chi Zhou
-
Patent number: 10965612Abstract: Methods, systems, and computer storage media for providing access to computing environments are provided. Based on a resource-ownership policy manager (i.e., a self-service engine and a runtime policy evaluation engine) that provides resource-ownership policy operations executed to apply a resource owner's policies only on resource owned by the resource owner. In operation, at runtime, a first resource instance is identified and an entity is determined to be the resource owner of the first policy and first resource instance. The first policy is applied to the first resource instance because the entity owns both the first policy and the first resource instance. A second resource instance is identified and the entity is determined not to be the resource owner of the second resource instance. A second resource policy of the entity is not applied to the second resource instance because the entity is not the owner of the second resource instance.Type: GrantFiled: June 30, 2019Date of Patent: March 30, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Chetan Shankar, LiLei Cui, Christopher Michael Jeffords, Sandeep Kalarickal
-
Patent number: 10924497Abstract: A JIT service in a cloud computing environment manages just-in-time access to resources in the cloud computing environment for an external device. When JIT access to a resource is requested by a device, the JIT service retrieves a JIT policy for the resource that includes geolocation criteria limiting the geolocation from which JIT access can be automatically granted. The geolocation of the device is evaluated against the geolocation criteria. If the geolocation criteria and any other criteria of the JIT policy are satisfied, the JIT service provisions JIT access to the resource for the device.Type: GrantFiled: October 14, 2019Date of Patent: February 16, 2021Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Ramnath Prasad, Pradeep Ayyappan Nair, Veena Ramachandran, Sandeep Kalarickal, Thomas Knudson, Pavan Gopal Bandla, Chetan Shankar, Ranajoy Sanyal, Qingsu Wu, Chi Zhou, Thomas Keane
-
Publication number: 20200412765Abstract: Methods, systems, and computer storage media for providing access to computing environments based on a multi-environment policy are provided. The a multi-environment policy is configurable to define rules that have provider-controlled and customer-controlled computing environment parameters for approving access to provider-controlled computing environments and customer-controlled computing environments. In operation, a request associated a computing environment are received. The computing environment is associated with a multi-environment policy. The multi-environment policy is configurable to define the rules based on access vectors having grouped computing environment aspects for control and visibility associated with accessing computing environments. Based on the request, a determination whether the request is for a provider-controlled or a customer-controlled computing environment is made.Type: ApplicationFiled: June 30, 2019Publication date: December 31, 2020Inventors: Bhuvaneshwari KRISHNAMURTHI, Janani Vasudevan, Harsha Vardhan Sanagaram, Corbin C. Rogerson, Sandeep Kalarickal, Kahren Tevosyan, Thomas Charles Knudson
-
Patent number: 10848522Abstract: A JIT service in a cloud computing environment manages just-in-time access to resources in the cloud computing environment for an external device. When JIT access to a resource is requested by a device, the JIT service retrieves a JIT policy for the resource that includes screening criteria limiting automatic granting of JIT access to users who meet the screening criteria. Screening information for a user associated with the request is evaluated against one or more screening requirements set forth by the screening criteria. If the screening criteria and any other criteria of the JIT policy are satisfied, the JIT service provisions JIT access to the resource for the device.Type: GrantFiled: October 14, 2019Date of Patent: November 24, 2020Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Ramnath Prasad, Pradeep Ayyappan Nair, Veena Ramachandran, Sandeep Kalarickal, Thomas Knudson, Pavan Gopal Bandla, Chetan Shankar, Ranajoy Sanyal, Qingsu Wu, Chi Zhou, Doug Kirschner, Ryan Meyer, Thomas Keane
-
Patent number: 10560463Abstract: Techniques allow DevOps personnel to perform incident management for cloud computing environments in a manner that maintains control over restricted data and the data plane. The DevOps personnel do not have access to restricted data or the ability to modify the cloud computing environment to gain access to restricted data. The incident management techniques include executing automatic operations to resolve an incident and allowing DevOps personnel to execute remote operations without providing the DevOps personnel access. A further incident management technique provides DevOps personnel with just-in-time (JIT) access that is limited to a certain level or type of access and limited in time. Still another technique for incident management is using an escort model, in which an escort session between operating personnel and DevOps personnel is established and connected to the cloud computing environment to allow the DevOps personnel access to the production environment while escorted by the operating personnel.Type: GrantFiled: November 5, 2015Date of Patent: February 11, 2020Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Somak Chattopadhyay, Thomas Knudson, Chetan Shankar, Maisem Ali, Lilei Cui, Sandeep Kalarickal, Pradeep Ayyappan Nair, Tom Keane, Siddhartha Pasumarthy, Shont Miller, Lu Jin, Qin Zhou, Maria Black, Elaine Lu, Damien Gallot, Christopher Geisbush, David Sauntry, Peter Miller
-
Publication number: 20200045083Abstract: A JIT service in a cloud computing environment manages just-in-time access to resources in the cloud computing environment for an external device. When JIT access to a resource is requested by a device, the JIT service retrieves a JIT policy for the resource that includes screening criteria limiting automatic granting of JIT access to users who meet the screening criteria. Screening information for a user associated with the request is evaluated against one or more screening requirements set forth by the screening criteria. If the screening criteria and any other criteria of the JIT policy are satisfied, the JIT service provisions JIT access to the resource for the device.Type: ApplicationFiled: October 14, 2019Publication date: February 6, 2020Inventors: RAMNATH PRASAD, PRADEEP AYYAPPAN NAIR, VEENA RAMACHANDRAN, SANDEEP KALARICKAL, THOMAS KNUDSON, PAVAN GOPAL BANDLA, CHETAN SHANKAR, RANAJOY SANYAL, QINGSU WU, CHI ZHOU, DOUG KIRSCHNER, RYAN MEYER, THOMAS KEANE
-
Publication number: 20200045056Abstract: A JIT service in a cloud computing environment manages just-in-time access to resources in the cloud computing environment for an external device. When JIT access to a resource is requested by a device, the JIT service retrieves a JIT policy for the resource that includes geolocation criteria limiting the geolocation from which JIT access can be automatically granted. The geolocation of the device is evaluated against the geolocation criteria. If the geolocation criteria and any other criteria of the JIT policy are satisfied, the JIT service provisions JIT access to the resource for the device.Type: ApplicationFiled: October 14, 2019Publication date: February 6, 2020Inventors: RAMNATH PRASAD, PRADEEP AYYAPPAN NAIR, VEENA RAMACHANDRAN, SANDEEP KALARICKAL, THOMAS KNUDSON, PAVAN GOPAL BANDLA, CHETAN SHANKAR, RANAJOY SANYAL, QINGSU WU, CHI ZHOU, THOMAS KEANE
-
Patent number: 10484430Abstract: A JIT service in a cloud computing environment manages just-in-time access to resources in the cloud computing environment for DevOps personnel who do not have persistent access to restricted data or the ability to modify the cloud computing environment to gain access to restricted data. When JIT access to a resource is requested by a DevOps device, the JIT service retrieves a JIT policy for the resource that includes screening criteria limiting automatic granting of JIT access to DevOps personnel who meeting the screening criteria. Screening information for the DevOps personnel is evaluated against one or more screening requirements set forth by the screening criteria. If the screening criteria and any other criteria of the JIT policy are satisfied, the JIT service provisions JIT access to the resource for the DevOps device.Type: GrantFiled: May 8, 2017Date of Patent: November 19, 2019Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Ramnath Prasad, Pradeep Ayyappan Nair, Veena Ramachandran, Sandeep Kalarickal, Thomas Knudson, Pavan Gopal Bandla, Chetan Shankar, Ranajoy Sanyal, Qingsu Wu, Chi Zhou, Doug Kirschner, Ryan Meyer, Thomas Keane
-
Patent number: 10476886Abstract: A JIT service in a cloud computing environment manages just-in-time access to resources in the cloud computing environment for DevOps personnel who do not have persistent access to restricted data or the ability to modify the cloud computing environment to gain access to restricted data. When JIT access to a resource is requested by a DevOps device, the JIT service retrieves a JIT policy for the resource that includes geolocation criteria limiting the geolocation from which JIT access can be automatically granted. The geolocation of the DevOps device is evaluated against the geolocation criteria. If the geolocation criteria and any other criteria of the JIT policy are satisfied, the JIT service provisions JIT access to the resource for the DevOps device.Type: GrantFiled: May 8, 2017Date of Patent: November 12, 2019Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Ramnath Prasad, Pradeep Ayyappan Nair, Veena Ramachandran, Sandeep Kalarickal, Thomas Knudson, Pavan Gopal Bandla, Chetan Shankar, Ranajoy Sanyal, Qingsu Wu, Chi Zhou, Thomas Keane
-
Publication number: 20170244723Abstract: A JIT service in a cloud computing environment manages just-in-time access to resources in the cloud computing environment for DevOps personnel who do not have persistent access to restricted data or the ability to modify the cloud computing environment to gain access to restricted data. When JIT access to a resource is requested by a DevOps device, the JIT service retrieves a JIT policy for the resource that includes geolocation criteria limiting the geolocation from which JIT access can be automatically granted. The geolocation of the DevOps device is evaluated against the geolocation criteria. If the geolocation criteria and any other criteria of the JIT policy are satisfied, the JIT service provisions JIT access to the resource for the DevOps device.Type: ApplicationFiled: May 8, 2017Publication date: August 24, 2017Inventors: RAMNATH PRASAD, PRADEEP AYYAPPAN NAIR, VEENA RAMACHANDRAN, SANDEEP KALARICKAL, THOMAS KNUDSON, PAVAN GOPAL BANDLA, CHETAN SHANKAR, RANAJOY SANYAL, QINGSU WU, CHI ZHOU, THOMAS KEANE
-
Publication number: 20170244760Abstract: A JIT service in a cloud computing environment manages just-in-time access to resources in the cloud computing environment for DevOps personnel who do not have persistent access to restricted data or the ability to modify the cloud computing environment to gain access to restricted data. When JIT access to a resource is requested by a DevOps device, the JIT service retrieves a JIT policy for the resource that includes screening criteria limiting automatic granting of JIT access to DevOps personnel who meeting the screening criteria. Screening information for the DevOps personnel is evaluated against one or more screening requirements set forth by the screening criteria. If the screening criteria and any other criteria of the JIT policy are satisfied, the JIT service provisions JIT access to the resource for the DevOps device.Type: ApplicationFiled: May 8, 2017Publication date: August 24, 2017Inventors: RAMNATH PRASAD, PRADEEP AYYAPPAN NAIR, VEENA RAMACHANDRAN, SANDEEP KALARICKAL, THOMAS KNUDSON, PAVAN GOPAL BANDLA, CHETAN SHANKAR, RANAJOY SANYAL, QINGSU WU, CHI ZHOU, DOUG KIRSCHNER, RYAN MEYER, THOMAS KEANE
-
Publication number: 20170134392Abstract: Techniques allow DevOps personnel to perform incident management for cloud computing environments in a manner that maintains control over restricted data and the data plane. The DevOps personnel do not have access to restricted data or the ability to modify the cloud computing environment to gain access to restricted data. The incident management techniques include executing automatic operations to resolve an incident and allowing DevOps personnel to execute remote operations without providing the DevOps personnel access. A further incident management technique provides DevOps personnel with just-in-time (JIT) access that is limited to a certain level or type of access and limited in time. Still another technique for incident management is using an escort model, in which an escort session between operating personnel and DevOps personnel is established and connected to the cloud computing environment to allow the DevOps personnel access to the production environment while escorted by the operating personnel.Type: ApplicationFiled: November 5, 2015Publication date: May 11, 2017Inventors: Somak Chattopadhyay, Thomas Knudson, Chetan Shankar, Maisem Ali, Lilei Cui, Sandeep Kalarickal, Pradeep Ayyapan Nair, Tom Keane, Siddhartha Pasumarthy, Shont Miller, Lu Jin, Qin Zhou, Maria Black, Elaine Lu, Damien Gallot, Christopher Geisbush, David Sauntry, Peter Miller