Patents by Inventor Shankar Seal
Shankar Seal has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10795717Abstract: Embodiments relate to hypervisors that provide hardware isolated virtualization environments (HIVEs) such as containers and virtual machines (VMs). A first HIVE includes a first virtual network interface card (NIC) and a second HIVE includes a second virtual NIC. Both virtual NICs are backed by the same physical NIC. The physical NIC has an Internet Protocol (IP) address. The virtual NICs are assigned the same IP address as the physical NIC. A networking stack of the hypervisor receives inbound packets addressed to the IP address. The networking stack steers the inbound packets to the virtual NICs according to tuples of the inbound packets. Packets emitted by the virtual NICs comprise the IP address, pass through the network stack, and are transmitted by the physical NIC with headers comprising the IP address.Type: GrantFiled: September 18, 2018Date of Patent: October 6, 2020Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Anirban Paul, Poornananda Gaddehosur Ramachandra, Gerardo Diaz-Cuellar, Osman Nuri Ertugay, Keith Edgar Horton, Omar Cardona, Nicholas David Wood, Shankar Seal, Dinesh Kumar Govindasamy
-
Publication number: 20200089517Abstract: Embodiments relate to hypervisors that provide hardware isolated virtualization environments (HIVEs) such as containers and virtual machines (VMs). A first HIVE includes a first virtual network interface card (NIC) and a second HIVE includes a second virtual NIC. Both virtual NICs are backed by the same physical NIC. The physical NIC has an Internet Protocol (IP) address. The virtual NICs are assigned the same IP address as the physical NIC. A networking stack of the hypervisor receives inbound packets addressed to the IP address. The networking stack steers the inbound packets to the virtual NICs according to tuples of the inbound packets. Packets emitted by the virtual NICs comprise the IP address, pass through the network stack, and are transmitted by the physical NIC with headers comprising the IP address.Type: ApplicationFiled: September 18, 2018Publication date: March 19, 2020Inventors: Anirban Paul, Poornananda Gaddehosur Ramachandra, Gerardo Diaz-Cuellar, Osman Nuri Ertugay, Keith Edgar Horton, Omar Cardona, Nicholas David Wood, Shankar Seal, Dinesh Kumar Govindasamy
-
Publication number: 20190334862Abstract: Embodiments described herein relate to providing hardware isolated virtualized environments (HIVEs) with network information. The HIVEs are managed by a hypervisor that virtualizes access to one or more physical network interface cards (NICs) of the host. Each HIVE has a virtual NIC backed by the physical NIC. Network traffic of the HIVEs flows through the physical NIC to a physical network. Traits of the physical NIC may be projected to the virtual NICs. For example, a media-type property of the virtual NICs (exposed to guest software in the HIVEs) may be set to mirror the media type of the physical NIC. A private subnet connects the virtual NICs with the physical NICs, possibly through a network address translation (NAT) component and virtual NICs of the host.Type: ApplicationFiled: April 27, 2018Publication date: October 31, 2019Inventors: Anirban Paul, Poornananda Gaddehosur Ramachandra, Gerardo Diaz-Cuellar, Osman Nuri Ertugay, Keith Edgar Horton, Omar Cardona, Nicholas David Wood, Shankar Seal, Dinesh Kumar Govindasamy
-
Publication number: 20190306116Abstract: Embodiments relate to enabling clouds to multiplex their public network addresses among private addresses of IPSec gateways while making sure that IPSec tunnel packets are delivered to the private addresses of the IPSec tunnels that they are associated with. When IPSec packets egress from a cloud, the cloud may determine which IPSec tunnel or gateway the IPSec packets are associated with and modify the IPSec packets to identify the associated tunnel or gateway. When IPSec packets ingress to the cloud, the cloud may find identity information in the IPSec packets that identifies the associated tunnel or gateway. The identity information is used to direct the IPSec packets to the associated tunnel or gateway.Type: ApplicationFiled: March 27, 2018Publication date: October 3, 2019Inventors: Anirban Paul, Poornananda Gaddehosur Ramachandra, Shankar Seal, Anurag Saxena, Arun Venkatachalam, Sai Krishna Goutham Bachu
-
Patent number: 9432359Abstract: In embodiments of registration and network access control, an initially unconfigured network interface device can be registered and configured as an interface to a public network for a client device. In another embodiment, a network interface device can receive a network access request from a client device to access a secure network utilizing extensible authentication protocol (EAP), and the request is communicated to an authentication service to authenticate a user of the client device based on user credentials. In another embodiment, a network interface device can receive a network access request from a client device to access a Web site in a public network utilizing a universal access method (UAM), and the request is redirected to the authentication service to authenticate a user of the client device based on user credentials.Type: GrantFiled: July 17, 2015Date of Patent: August 30, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Ryan S. Menezes, Taroon Mandhana, Shankar Seal, Dhiraj P. Gandhi, Aaron Wesley Cunningham
-
Publication number: 20150326560Abstract: In embodiments of registration and network access control, an initially unconfigured network interface device can be registered and configured as an interface to a public network for a client device. In another embodiment, a network interface device can receive a network access request from a client device to access a secure network utilizing extensible authentication protocol (EAP), and the request is communicated to an authentication service to authenticate a user of the client device based on user credentials. In another embodiment, a network interface device can receive a network access request from a client device to access a Web site in a public network utilizing a universal access method (UAM), and the request is redirected to the authentication service to authenticate a user of the client device based on user credentials.Type: ApplicationFiled: July 17, 2015Publication date: November 12, 2015Inventors: Ryan S. Menezes, Taroon Mandhana, Shankar Seal, Dhiraj P. Gandhi, Aaron Wesley Cunningham
-
Patent number: 9112861Abstract: In embodiments of registration and network access control, an initially unconfigured network interface device can be registered and configured as an interface to a public network for a client device. In another embodiment, a network interface device can receive a network access request from a client device to access a secure network utilizing extensible authentication protocol (EAP), and the request is communicated to an authentication service to authenticate a user of the client device based on user credentials. In another embodiment, a network interface device can receive a network access request from a client device to access a Web site in a public network utilizing a universal access method (UAM), and the request is redirected to the authentication service to authenticate a user of the client device based on user credentials.Type: GrantFiled: April 25, 2014Date of Patent: August 18, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Ryan S. Menezes, Taroon Mandhana, Shankar Seal, Dhiraj P. Gandhi, Aaron Wesley Cunningham
-
Publication number: 20140237250Abstract: In embodiments of registration and network access control, an initially unconfigured network interface device can be registered and configured as an interface to a public network for a client device. In another embodiment, a network interface device can receive a network access request from a client device to access a secure network utilizing extensible authentication protocol (EAP), and the request is communicated to an authentication service to authenticate a user of the client device based on user credentials. In another embodiment, a network interface device can receive a network access request from a client device to access a Web site in a public network utilizing a universal access method (UAM), and the request is redirected to the authentication service to authenticate a user of the client device based on user credentials.Type: ApplicationFiled: April 25, 2014Publication date: August 21, 2014Inventors: Ryan S. Menezes, Taroon Mandhana, Shankar Seal, Dhiraj P. Gandhi, Aaron Wesley Cunningham
-
Patent number: 8713589Abstract: In embodiments of registration and network access control, an initially unconfigured network interface device can be registered and configured as an interface to a public network for a client device. In another embodiment, a network interface device can receive a network access request from a client device to access a secure network utilizing extensible authentication protocol (EAP), and the request is communicated to an authentication service to authenticate a user of the client device based on user credentials. In another embodiment, a network interface device can receive a network access request from a client device to access a Web site in a public network utilizing a universal access method (UAM), and the request is redirected to the authentication service to authenticate a user of the client device based on user credentials.Type: GrantFiled: December 23, 2010Date of Patent: April 29, 2014Assignee: Microsoft CorporationInventors: Ryan S. Menezes, Taroon Mandhana, Shankar Seal, Dhiraj P. Gandhi, Aaron Wesley Cunningham
-
Publication number: 20130067378Abstract: Various embodiments provide a user interface that displays a history of resource usage of a computing device's applications over time. Historical resource usage data can be presented in a manner which informs the user, on an application-by-application basis, of each application's resource usage across a plurality of resources. In at least some embodiments, the user interface can provide one or more instrumentalities that enable the user to interact with and/or modify operational characteristics of various applications based upon the presented historical resource usage data.Type: ApplicationFiled: September 9, 2011Publication date: March 14, 2013Applicant: Microsoft CorporationInventors: Jonathan M. Au, Peter Seraphim Ponomarev, Sharif S. Farag, Kevin Michael Woley, Sharad Kylasam, Mark Yalovsky, Krishna Venkatesh, Shankar Seal, Srinivas Raghu Gatta, Rajeev Agrawal, Vijay Prakash
-
Publication number: 20120167185Abstract: In embodiments of registration and network access control, an initially unconfigured network interface device can be registered and configured as an interface to a public network for a client device. In another embodiment, a network interface device can receive a network access request from a client device to access a secure network utilizing extensible authentication protocol (EAP), and the request is communicated to an authentication service to authenticate a user of the client device based on user credentials. In another embodiment, a network interface device can receive a network access request from a client device to access a Web site in a public network utilizing a universal access method (UAM), and the request is redirected to the authentication service to authenticate a user of the client device based on user credentials.Type: ApplicationFiled: December 23, 2010Publication date: June 28, 2012Applicant: MICROSOFT CORPORATIONInventors: Ryan S. Menezes, Taroon Mandhana, Shankar Seal, Dhiraj P. Gandhi, Aaron Wesley Cunningham
-
Publication number: 20070198525Abstract: A managed network with a quarantine enforcement policy based on the status of installed updates for software on each client seeking access to the managed network. To determine whether a client requesting access has up-to-date software, an access server may communicate directly with an update server to determine the update status of the client requesting access. Information from the update server allows the update server to determine which update the client requesting access is missing. The access server may also receive an indication of the severity of the updates missing from the client requesting access. The access server may use the severity information to apply a quarantine enforcement policy, thereby avoiding the need for either the client or access server to be programmed to identify specific software updates that must be installed for a client to comply with a quarantine enforcement policy.Type: ApplicationFiled: February 13, 2006Publication date: August 23, 2007Applicant: Microsoft CorporationInventors: Arindam Chatterjee, Bashar Kachachi, Bruce Leban, Calvin Choe, Charles Jeffries, Jeffrey Shipman, Lakshmanan Venkitaraman, Marc Shepard, Sachin Sheth, Shankar Seal, Yang Gao, Patrick Stratton, Michael Lee