Patents by Inventor Seshadri Mani
Seshadri Mani has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11777798Abstract: A settings management system in a remote server environment generates user interface displays with settings management user input mechanisms, and detects actuation of those user input mechanisms. Settings configuration metadata is generated, for a given setting, based upon the detected actuation. The settings metadata is output for access by a plurality of different, heterogeneous, computing environments, and the settings metadata is consistent across all of those environments.Type: GrantFiled: June 17, 2020Date of Patent: October 3, 2023Assignee: Microsoft Technology Licensing, LLCInventors: Seshadri Mani, Robert G. Hawking, Omid Mola, Dongping (Donna) Huang
-
Patent number: 11659019Abstract: Technologies are disclosed for resource mapping during URL changes in multi-tenant distributed computing systems. The distributed computing system may resolve a URL by using a tenant and/or site name extracted from the URL to retrieve an entry in a site map table. The entry includes an address to a database that contains the requested content. After a tenant or site name has been changed, or if the tenant or site have been moved, the distributed computing system will resolve pre-existing URLs to the old entry, resulting in a file not found error. In some embodiments, during an operation that changes a tenant or site name, a redirect URL containing the new tenant and/or site name is added to the old entry. When a request addressed to a URL containing the old tenant and/or site names is received, the distributed system sends a redirect response that includes the redirect URL.Type: GrantFiled: December 1, 2019Date of Patent: May 23, 2023Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Adriana Wood, Min Gao, Yanxia Xu, Feng Zhang, Andrei-Dumitru Blotu, Hanwen Wang, Hongzhou Ma, Seshadri Mani
-
Publication number: 20230127695Abstract: The techniques disclosed herein enable applications to seamlessly consume cloud-based services while minimizing exposure to security vulnerabilities. Specifically, an application is enabled to access a cloud service on behalf of a user without the user's active user token. Access is granted in a way that does not also grant access to any other user's cloud service. In some configurations, during an active user session, an artifact token is generated that caches the user's permissions. The artifact token may later be redeemed to gain access to the user's cloud service. For example, an application may request that a cloud service generate an artifact token. The request may be in response to a user scheduling the application to perform a task that depends on the cloud service. When the scheduled task is performed, the application may redeem the artifact token to access the user's cloud service.Type: ApplicationFiled: October 27, 2021Publication date: April 27, 2023Inventors: Wei-ting Timothy WOO, Vladimir FESICH, Seshadri MANI, Jeffrey Lamar MCDOWELL, Naresh KANNAN
-
Publication number: 20230055726Abstract: A data processing system for controlling data access to a secured resource of a distributed system implements receiving, from a first user device of a first user, a first request to access a secured resource and a first security token, the first security token including group information for one or more first access control groups associated with the secured resource of which the first user is a member; accessing group access policy information for groups associated with the secured resource; determining, based on the group information included in the first security token and the group access policy information, that the first user is a member of at least one group that is permitted to access the secured resource; and permitting the first user device of the user to access the secured resource responsive to determining that the first user is a member of at least one group that is permitted to access the secured resource.Type: ApplicationFiled: August 19, 2021Publication date: February 23, 2023Applicant: Microsoft Technology Licensing, LLCInventors: Nikita BANDYOPADHYAY, Seshadri MANI, Duane Stanley BOLICK, JR., Weijie LI, Vladimir Vladimirovich GREBENIK
-
Publication number: 20220276893Abstract: Operation requests received from a tenant are added to a tenant-specific queue. A tenant scheduling work item is added to an execution queue that is shared with oilier tenants. When the tenant scheduling work item is executed, it copies up to a defined number of scheduled operations from the tenant-specific queue to the execution queue. The tenant-scheduling work item then re-adds itself to the execution queue. While the operations are executed and before the tenant scheduling work item is executed again, other tenants have an opportunity to queue their own operations. The tenant scheduling work item selects scheduled operations from the tenant-specific queue in the order they were originally requested until one of several conditions is met. Conditions may be based on how many operations are in progress, what kind of operations are in progress, and/or dependencies between operations of different types.Type: ApplicationFiled: August 27, 2019Publication date: September 1, 2022Inventors: Adriana WOOD, Andrei-Dumitru BLOTU, Feng ZHANG, Jingzhou LIU, Seshadri MANI
-
Publication number: 20210168191Abstract: Technologies are disclosed for resource mapping during URL changes in multi-tenant distributed computing systems. The distributed computing system may resolve a URL by using a tenant and/or site name extracted from the URL to retrieve an entry in a site map table. The entry includes an address to a database that contains the requested content. After a tenant or site name has been changed, or if the tenant or site have been moved, the distributed computing system will resolve pre-existing URLs to the old entry, resulting in a file not found error. In some embodiments, during an operation that changes a tenant or site name, a redirect URL containing the new tenant and/or site name is added to the old entry. When a request addressed to a URL containing the old tenant and/or site names is received, the distributed system sends a redirect response that includes the redirect URL.Type: ApplicationFiled: December 1, 2019Publication date: June 3, 2021Inventors: Adriana WOOD, Min GAO, Yanxia XU, Feng ZHANG, Andrei Dumitru BLOTU, Hanwen WANG, Hongzhou MA, Seshadri MANI
-
Publication number: 20200313966Abstract: A settings management system in a remote server environment generates user interface displays with settings management user input mechanisms, and detects actuation of those user input mechanisms. Settings configuration metadata is generated, for a given setting, based upon the detected actuation. The settings metadata is output for access by a plurality of different, heterogeneous, computing environments, and the settings metadata is consistent across all of those environments.Type: ApplicationFiled: June 17, 2020Publication date: October 1, 2020Inventors: Seshadri MANI, Robert G. Hawking, Omid Mola, Dongping (Donna) Huang
-
Patent number: 10728092Abstract: A settings management system in a remote server environment generates user interface displays with settings management user input mechanisms, and detects actuation of those user input mechanisms. Settings configuration metadata is generated, for a given setting, based upon the detected actuation. The settings metadata is output for access by a plurality of different, heterogeneous, computing environments, and the settings metadata is consistent across all of those environments.Type: GrantFiled: September 15, 2015Date of Patent: July 28, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Seshadri Mani, Robert G. Hawking, Omid Mola, Dongping (Donna) Huang
-
Patent number: 10581670Abstract: Users in a given organization are tagged with a data center identifier (or data location) that identifies a data center where the user's resources are located. A user request is detected, that indicates that the user wishes to access a resource that is tied to the user. The user is automatically navigated to the user's corresponding data center, where the user permissions are analyzed to selectively grant access to the requested resource.Type: GrantFiled: October 2, 2015Date of Patent: March 3, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Robert G. Hawking, Shiguang Dong, Roberto C. Taboada, Burra Gopal, Seshadri Mani
-
Patent number: 10530860Abstract: Directory information and content for two separate tenants are merged by identifying a first of tenants as a hub tenant and a second of the tenants as a satellite tenant. The hub tenant is modified to include two instances, or data containers, one instance for the hub tenant and another instance for the satellite tenant. Directory merger logic re-associates identity account items in the satellite instance, with the hub instance, by replacing a tenant identifier in the identity account items of the satellite instance with a tenant identifier corresponding to the hub instance. Unique identifiers for users of the satellite instance are maintained unchanged. Content merger logic re-associates content items of the satellite instance with the hub instance by setting a tenant identifier for all satellite content items to the tenant identifier corresponding to the hub instance.Type: GrantFiled: June 30, 2017Date of Patent: January 7, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Seshadri Mani, Murli D. Satagopan, Hongzhou Ma, Ziyi Wang, Naresh Kannan
-
Publication number: 20190098107Abstract: Distributed computing systems, computing devices, and associated methods of operations implementing geographic location based computing asset provisioning are disclosed herein. In one embodiment, a provisioning server is configured to retrieve, from a directory service, a record of user account data containing data representing a pre-configured deployment location at which user data of the requested computing service is to be stored. The provisioning server is also configured to determine whether a current geographic location of the provisioning server is within a geographic boundary of the deployment location and in response to determining that the current geographic location of the provisioning server is within a geographic boundary of the deployment location, deploy computing assets at the current geographic location to allow user data of the computing service to be stored at the pre-configured deployment location to satisfy data residency regulations.Type: ApplicationFiled: June 20, 2018Publication date: March 28, 2019Inventors: Amy Howard, Sergiy Gavrylenko, Adriana Wood, Roberto Taboada, Hongzhou Ma, Seshadri Mani, Vijaya Chidambara Babu Nelson, Kolvekar Loveleen Ramachandra, Ravi Kanth Nagavarapu, Brian Lee Van Eimeren
-
Publication number: 20190007494Abstract: Directory information and content for two separate tenants are merged by identifying a first of tenants as a hub tenant and a second of the tenants as a satellite tenant. The hub tenant is modified to include two instances, or data containers, one instance for the hub tenant and another instance for the satellite tenant. Directory merger logic re-associates identity account items in the satellite instance, with the hub instance, by replacing a tenant identifier in the identity account items of the satellite instance with a tenant identifier corresponding to the hub instance. Unique identifiers for users of the satellite instance are maintained unchanged. Content merger logic re-associates content items of the satellite instance with the hub instance by setting a tenant identifier for all satellite content items to the tenant identifier corresponding to the hub instance.Type: ApplicationFiled: June 30, 2017Publication date: January 3, 2019Inventors: Seshadri MANI, Murli D. SATAGOPAN, Hongzhou MA, Ziyi WANG, Naresh KANNAN
-
Publication number: 20170099181Abstract: Users in a given organization are tagged with a data center identifier (or data location) that identifies a data center where the user's resources are located. A user request is detected, that indicates that the user wishes to access a resource that is tied to the user. The user is automatically navigated to the user's corresponding data center, where the user permissions are analyzed to selectively grant access to the requested resource.Type: ApplicationFiled: October 2, 2015Publication date: April 6, 2017Inventors: Robert G. Hawking, Shiguang Dong, Roberto C. Taboada, Burra Gopal, Seshadri Mani
-
Patent number: 9525679Abstract: A session token can be requested to be sent to a first computing service from a second computing service, and a first computing service can receive the requested session token from the second computing service. The first computing service can send a message that includes the session token through a passive client to the second computing service. The second computing service can receive the message that includes the session token from the passive client, and the second computing service can verify that the message is valid. This verification of the validity of the message can include verifying that the session token received back from the passive client matches the session token the second computing service sent to the first computing service.Type: GrantFiled: January 19, 2016Date of Patent: December 20, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Seshadri Mani, William Taylor, Haytham Abuel-Futuh, Titus Miron, Murli Satagopan
-
Publication number: 20160323142Abstract: A settings management system in a remote server environment generates user interface displays with settings management user input mechanisms, and detects actuation of those user input mechanisms. Settings configuration metadata is generated, for a given setting, based upon the detected actuation. The settings metadata is output for access by a plurality of different, heterogeneous, computing environments, and the settings metadata is consistent across all of those environments.Type: ApplicationFiled: September 15, 2015Publication date: November 3, 2016Inventors: Seshadri Mani, Robert G. Hawking, Omid Mola, Dongping (Donna) Huang
-
Publication number: 20160134617Abstract: A session token can be requested to be sent to a first computing service from a second computing service, and a first computing service can receive the requested session token from the second computing service. The first computing service can send a message that includes the session token through a passive client to the second computing service. The second computing service can receive the message that includes the session token from the passive client, and the second computing service can verify that the message is valid. This verification of the validity of the message can include verifying that the session token received back from the passive client matches the session token the second computing service sent to the first computing service.Type: ApplicationFiled: January 19, 2016Publication date: May 12, 2016Applicant: Microsoft Technology Licensing, LLCInventors: Seshadri Mani, William Taylor, Haytham Abuel-Futuh, Titus Miron, Murli Satagopan
-
Patent number: 9276928Abstract: A session token can be requested to be sent to a first computing service from a second computing service, and a first computing service can receive the requested session token from the second computing service. The first computing service can send a message that includes the session token through a passive client to the second computing service. The second computing service can receive the message that includes the session token from the passive client, and the second computing service can verify that the message is valid. This verification of the validity of the message can include verifying that the session token received back from the passive client matches the session token the second computing service sent to the first computing service.Type: GrantFiled: September 3, 2013Date of Patent: March 1, 2016Assignee: Microsoft CorporationInventors: Seshadri Mani, William David Taylor, Haytham Abuel-Futuh, Titus C. Miron, Murli D. Satagopan
-
Publication number: 20140373101Abstract: A session token can be requested to be sent to a first computing service from a second computing service, and a first computing service can receive the requested session token from the second computing service. The first computing service can send a message that includes the session token through a passive client to the second computing service. The second computing service can receive the message that includes the session token from the passive client, and the second computing service can verify that the message is valid. This verification of the validity of the message can include verifying that the session token received back from the passive client matches the session token the second computing service sent to the first computing service.Type: ApplicationFiled: September 3, 2013Publication date: December 18, 2014Applicant: Microsoft CorporationInventors: Seshadri Mani, William David Taylor, Haytham Abuel-Futuh, Titus C. Miron, Murli D. Satagopan
-
Patent number: 8020005Abstract: A user authentication system collects measurements of physical and/or behavioral characteristics of a user. The measurements are processed by two or more processing engines to produce initial confidence measures, and a unified confidence measure is prepared from weighted inputs including the initial confidence measures.Type: GrantFiled: December 23, 2005Date of Patent: September 13, 2011Assignee: Scout Analytics, Inc.Inventors: Seshadri Mani, David M. D'Andrea
-
Patent number: 7526412Abstract: Methods of comparing a plurality of measurements to a template are described. Measurements are compared piecewise (element-by-element) and a proportion of successful comparisons at each of a plurality of distance scaling factors is calculated. The proportions are subjected to a nonlinear transformation, then normalized and combined into a weighted sum. The weighted sum is compared with a threshold value to establish the result of the comparison. Software and systems to implement embodiments of the invention are also described and claimed.Type: GrantFiled: March 31, 2006Date of Patent: April 28, 2009Assignee: Biopassword, Inc.Inventors: Seshadri Mani, Mechthild Kellas-Dicks