Patents by Inventor Sergey A. Kuzin
Sergey A. Kuzin has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9537742Abstract: The adjustment of a number of application launch endpoint servers that may be used to service incoming connection requests. Application launch endpoints are entities, such as running code, that may be used to launch other applications. Examples of endpoints include virtual machines or sessions in a session management server. The system load associated with the incoming connection rate and number of users is monitored. In response, an add threshold and a perhaps a remove threshold is calculated. If the system load rises above the add threshold, application launch endpoint server(s) are added to the set of endpoints that can handle incoming connection requests. If the system load falls below the remove threshold, application launch endpoint server(s) are removed from to the set of endpoints. The add and remove thresholds may be calculated per tenant, and adjusted based on tenant behavior.Type: GrantFiled: June 25, 2013Date of Patent: January 3, 2017Assignee: Microsoft Technology Licensing LLCInventors: Munindra Nath Das, Sriram Sampath, Sergey A. Kuzin, Amjad Hussain, Ido Miles Ben-Shachar, Jingyuan Li, Nihar Namjoshi
-
Patent number: 9038162Abstract: Implementations of the present invention efficiently establish secure connections between a client and server, at least in part by authenticating the client and server early on in the connection setup phases. A client initiating a connection with a server identifies the secure communication protocols enabled at the client, and identifies these protocols in a connection request it sends to the server. The server processes the message and responds with a communication protocol it deems appropriate for the connection. The client and server then exchange appropriate authentication information, and then establish a connection session that implements the chosen communication protocol, and encrypts messages using the negotiated communication protocol. Additional implementations relate to reestablishing dropped connections behind virtual Internet Protocol addresses, without necessarily having to recommit much connection resource overhead.Type: GrantFiled: June 25, 2012Date of Patent: May 19, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Costin Hagiu, Elton Saul, Rajneesh Mahajan, Sergey A. Kuzin, Joy Chik, John E. Parsons, Ashwin Palekar, Ara Bernardi
-
Publication number: 20140379899Abstract: The adjustment of a number of application launch endpoint servers that may be used to service incoming connection requests. Application launch endpoints are entities, such as running code, that may be used to launch other applications. Examples of endpoints include virtual machines or sessions in a session management server. The system load associated with the incoming connection rate and number of users is monitored. In response, an add threshold and a perhaps a remove threshold is calculated. If the system load rises above the add threshold, application launch endpoint server(s) are added to the set of endpoints that can handle incoming connection requests. If the system load falls below the remove threshold, application launch endpoint server(s) are removed from to the set of endpoints. The add and remove thresholds may be calculated per tenant, and adjusted based on tenant behavior.Type: ApplicationFiled: June 25, 2013Publication date: December 25, 2014Inventors: Munindra Nath Das, Sriram Sampath, Sergey A. Kuzin, Amjad Hussain, Ido Miles Ben-Shachar, Jingyuan Li, Nihar Namjoshi
-
Patent number: 8887250Abstract: Techniques for extending federation services to access desktop applications are herein described. In addition to the foregoing, other aspects are described in the claims, drawings, and text forming a part of the present disclosure.Type: GrantFiled: December 18, 2009Date of Patent: November 11, 2014Assignee: Microsoft CorporationInventors: Sergey A. Kuzin, Olga B. Ivanova, Ashwin Palekar, Sriram Sampath, Arun K. Nanda, Lucas R. Melton
-
Patent number: 8843646Abstract: As described herein, a computer system receives a first indication that an interactive login session is to be established. The first indication includes user credentials for establishing the interactive login session. The computer system then establishes the interactive login session using the received user credentials. The interactive login session includes a data transfer endpoint for receiving data from other sessions. The computer system receives a second indication that a child session is to be established in parallel to the established interactive login session. The child session is configured to direct input and output data through a loopback connection to the data transfer endpoint of the interactive login session. The computer system also establishes the child session using the received user credentials. The child session then transfers at least a portion of data to the data transfer endpoint of the interactive login session using the loopback connection.Type: GrantFiled: December 15, 2011Date of Patent: September 23, 2014Assignee: Microsoft CorporationInventors: Sergey A. Kuzin, Christopher Benjamin Black, Kashif Mehmood, Amjad Hussain, Ido Miles Ben-Shachar
-
Patent number: 8505083Abstract: Exemplary techniques for enabling single sign-on to an operating system configured to conduct a remote presentation session are disclosed. In an exemplary embodiment, a user credential can be encrypted using an encryption key generated by a remote presentation session server and sent to a client. The client can send the encrypted user credential to the remote presentation session server. The remote presentation session server can decrypt the user credential and use it to log a user into an operating system running on the remote presentation session server. In addition to the foregoing, other techniques are described in the claims, the detailed description, and the figures.Type: GrantFiled: September 30, 2010Date of Patent: August 6, 2013Assignee: Microsoft CorporationInventors: Sergey A. Kuzin, Andrew Eremenko, Ido Ben Shachar, Amjad Hussain, James Baker, Raymond M. Reskusich
-
Patent number: 8413210Abstract: Disclosed are techniques for sharing user credentials between multiple client applications when connecting to a set of remote resources. The mechanism enables a single sign-on between a terminal server web access service and the remote applications, remote desktops and corresponding terminal servers accessible through the service. User credentials may be received by one of the client applications and passed to a credential store running as a local software object in association with the user's logon session. Further requests to launch a new remote connection may then pass through the credential store. Upon successful validation of the request, the credential store may attach user credential information to the request and pass the request to the requested client. The requested client may also execute as a software object associated with the current logon session. The client may then use the supplied credential for authentication to the requested resource or application.Type: GrantFiled: December 9, 2008Date of Patent: April 2, 2013Assignee: Microsoft CorporationInventors: Sergey Kuzin, Olga Ivanova, Ashwin Palekar, Kashif Mehmood, Sriram Sampath, Ersev Samim Erdogan
-
Publication number: 20130067100Abstract: As described herein, a computer system receives a first indication that an interactive login session is to be established. The first indication includes user credentials for establishing the interactive login session. The computer system then establishes the interactive login session using the received user credentials. The interactive login session includes a data transfer endpoint for receiving data from other sessions. The computer system receives a second indication that a child session is to be established in parallel to the established interactive login session. The child session is configured to direct input and output data through a loopback connection to the data transfer endpoint of the interactive login session. The computer system also establishes the child session using the received user credentials. The child session then transfers at least a portion of data to the data transfer endpoint of the interactive login session using the loopback connection.Type: ApplicationFiled: December 15, 2011Publication date: March 14, 2013Applicant: MICROSOFT CORPORATIONInventors: Sergey A. Kuzin, Christopher Benjamin Black, Kashif Mehmood, Amjad Hussain, Ido Miles Ben-Shachar
-
Publication number: 20120266214Abstract: Implementations of the present invention efficiently establish secure connections between a client and server, at least in part by authenticating the client and server early on in the connection setup phases. A client initiating a connection with a server identifies the secure communication protocols enabled at the client, and identifies these protocols in a connection request it sends to the server. The server processes the message and responds with a communication protocol it deems appropriate for the connection. The client and server then exchange appropriate authentication information, and then establish a connection session that implements the chosen communication protocol, and encrypts messages using the negotiated communication protocol. Additional implementations relate to reestablishing dropped connections behind virtual Internet Protocol addresses, without necessarily having to recommit much connection resource overhead.Type: ApplicationFiled: June 25, 2012Publication date: October 18, 2012Applicant: Microsoft CorporationInventors: Costin Hagiu, Elton Saul, Rajneesh Mahajan, Sergey A. Kuzin, Joy Chik, John E. Parsons, Ashwin Palekar, Ara Bernardi
-
Patent number: 8220042Abstract: Implementations of the present invention efficiently establish secure connections between a client and server, at least in part by authenticating the client and server early on in the connection setup phases. A client initiating a connection with a server identifies the secure communication protocols enabled at the client, and identifies these protocols in a connection request it sends to the server. The server processes the message and responds with a communication protocol it deems appropriate for the connection. The client and server then exchange appropriate authentication information, and then establish a connection session that implements the chosen communication protocol, and encrypts messages using the negotiated communication protocol. Additional implementations relate to reestablishing dropped connections behind virtual Internet Protocol addresses, without necessarily having to recommit much connection resource overhead.Type: GrantFiled: February 15, 2006Date of Patent: July 10, 2012Assignee: Microsoft CorporationInventors: Costin Hagiu, Elton Saul, Rajneesh Mahajan, Sergey A. Kuzin, Joy Chik, John E. Parsons, Ashwin Palekar, Ara Bernardi
-
Publication number: 20120084570Abstract: Exemplary techniques for enabling single sign-on to an operating system configured to conduct a remote presentation session are disclosed. In an exemplary embodiment, a user credential can be encrypted using an encryption key generated by a remote presentation session server and sent to a client. The client can send the encrypted user credential to the remote presentation session server. The remote presentation session server can decrypt the user credential and use it to log a user into an operating system running on the remote presentation session server. In addition to the foregoing, other techniques are described in the claims, the detailed description, and the figures.Type: ApplicationFiled: September 30, 2010Publication date: April 5, 2012Applicant: Microsoft CorporationInventors: Sergey A. Kuzin, Andrew Eremenko, Ido Ben-Shachar, Amjad Hussain, James Baker, Raymond M. Reskusich
-
Publication number: 20110154465Abstract: Techniques for extending federation services to access desktop applications are herein described. In addition to the foregoing, other aspects are described in the claims, drawings, and text forming a part of the present disclosure.Type: ApplicationFiled: December 18, 2009Publication date: June 23, 2011Applicant: Microsoft CorporationInventors: Sergey A. Kuzin, Olga B. Ivanova, Ashwin Palekar, Sriram Sampath, Arun K. Nanda, Lucas R. Melton
-
Publication number: 20100146611Abstract: Disclosed are techniques for sharing user credentials between multiple client applications when connecting to a set of remote resources. The mechanism enables a single sign-on between a terminal server web access service and the remote applications, remote desktops and corresponding terminal servers accessible through the service. User credentials may be received by one of the client applications and passed to a credential store running as a local software object in association with the user's logon session. Further requests to launch a new remote connection may then pass through the credential store. Upon successful validation of the request, the credential store may attach user credential information to the request and pass the request to the requested client. The requested client may also execute as a software object associated with the current logon session. The client may then use the supplied credential for authentication to the requested resource or application.Type: ApplicationFiled: December 9, 2008Publication date: June 10, 2010Applicant: MICROSOFT CORPORATIONInventors: Sergey Kuzin, Olga Ivanova, Ashwin Palekar, Kashif Mehmood, Sriram Sampath, Ersev Samim Erdogan
-
Publication number: 20070061878Abstract: Implementations of the present invention efficiently establish secure connections between a client and server, at least in part by authenticating the client and server early on in the connection setup phases. A client initiating a connection with a server identifies the secure communication protocols enabled at the client, and identifies these protocols in a connection request it sends to the server. The server processes the message and responds with a communication protocol it deems appropriate for the connection. The client and server then exchange appropriate authentication information, and then establish a connection session that implements the chosen communication protocol, and encrypts messages using the negotiated communication protocol. Additional implementations relate to reestablishing dropped connections behind virtual Internet Protocol addresses, without necessarily having to recommit much connection resource overhead.Type: ApplicationFiled: February 15, 2006Publication date: March 15, 2007Applicant: Microsoft CorporationInventors: Costin Hagiu, Elton Saul, Rajneesh Mahajan, Sergey Kuzin, Joy Chik, John Parsons, Ashwin Palekar, Ara Bernardi