Patents by Inventor Siddharth Bhai
Siddharth Bhai has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9501635Abstract: This disclosure describes methods, systems, and application programming interfaces for creating a credential managed account. This disclosure describes creating a new password managed account, defining the password managed account, wherein the password managed account is to access a service on a managed computing device, identifying the password managed account for a lifecycle, and automatically managing the password managed account by updating and changing a password for the password managed account on a periodic basis.Type: GrantFiled: June 25, 2008Date of Patent: November 22, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Ramesh Chinta, Scott A. Field, Liqiang Zhu, Umit Akkus, Siddharth Bhai, Gopinathan Kannan, James J Simmons, Qi Cao, Paul Miller, Ryan Fairfax, Alexandru Hanganu
-
Patent number: 9047442Abstract: Described is a technology by which a target machine (managed device) is provisioned with arbitrary states for subsequent communication with a central authority, in which the configuration provisioning of the device is decoupled from the collection of the provisioning data. In a provisioning phase, arbitrary state information for provisioning the managed device is obtained and packaged in a container. In a configuration phase, the container is accessed, and the arbitrary state information is unpackaged to apply state to the managed device. The target machine thus may be provisioned with arbitrary states without actively communicating with the central authority.Type: GrantFiled: June 18, 2012Date of Patent: June 2, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Dan A. Knudson, James J. Simmons, Siddharth Bhai
-
Publication number: 20130347063Abstract: Sharing security claims across different security contexts. A method includes, for a first security context, identifying a first set of security claims. The method further includes for the first security context identifying a second set of security claims from the first set of security claims that is allowed to be sent from the first security context. The first set of security claims is modified to create the second set of security claims. For a second security context, security claim requirements are identified. The second set of security claims is modified to satisfy the security claim requirements for the second security context.Type: ApplicationFiled: June 21, 2012Publication date: December 26, 2013Applicant: MICROSOFT CORPORATIONInventors: Sarath Madakasira, Siddharth Bhai, James J. Simmons, Ryan J. Fairfax, Qi Cao, Arun K. Nanda, Mark Fishel Novak
-
Publication number: 20130340027Abstract: Described is a technology by which a target machine (managed device) is provisioned with arbitrary states for subsequent communication with a central authority, in which the configuration provisioning of the device is decoupled from the collection of the provisioning data. In a provisioning phase, arbitrary state information for provisioning the managed device is obtained and packaged in a container. In a configuration phase, the container is accessed, and the arbitrary state information is unpackaged to apply state to the managed device. The target machine thus may be provisioned with arbitrary states without actively communicating with the central authority.Type: ApplicationFiled: June 18, 2012Publication date: December 19, 2013Applicant: MICROSOFT CORPORATIONInventors: Dan A. Knudson, James J. Simmons, Siddharth Bhai
-
Patent number: 8302165Abstract: An offline trust system establishes a trust relationship between a trust authority computer system and a target computer system without relying on an active network connection between the computer systems. The offline trust system separates the trust establishment operation into a provisioning phase and a configuration phase. The provisioning phase can be performed entirely on the trust authority, while the configuration phase can be performed entirely on the target computer system requesting trust. The two phases can be performed at different times and do not assume any connection between the two computer systems. An administrator may perform the provisioning phase for many target computer systems at the same time. Thus, the offline trust system provides a way to establish trust between computer systems that is more reliable and less prone to failure.Type: GrantFiled: November 3, 2009Date of Patent: October 30, 2012Assignee: Microsoft CorporationInventors: Siddharth Bhai, Zhe (Jessie) Li, William S. Jack, III, Christopher W. McCarron, James J. Simmons, Qi Cao
-
Patent number: 8074264Abstract: A server may bridge between a wide area network, such as the Internet, and a local area network and may process authentication requests from clients on the wide area network. The server may filter the requests to enable specific types of requests to pass, and may forward the requests to a credential server within the local area network and pass any responses back to the client. The server may be configured with some or all of a set of domain services objects, but such objects may be stored in a read only format. The server may further contain a minimum of or no sensitive data such that, if compromised, an attacker may gain little advantage. The client may request evidence of authentication available to devices within the local area network and may use the evidence of authentication to access services made available to the wide area network.Type: GrantFiled: April 16, 2008Date of Patent: December 6, 2011Assignee: Microsoft CorporationInventors: Daniel W. Hitchcock, Siddharth Bhai, Nathan D. Muggli, Brian W. Puhl, Lee F. Walker
-
Publication number: 20110107401Abstract: An offline trust system establishes a trust relationship between a trust authority computer system and a target computer system without relying on an active network connection between the computer systems. The offline trust system separates the trust establishment operation into a provisioning phase and a configuration phase. The provisioning phase can be performed entirely on the trust authority, while the configuration phase can be performed entirely on the target computer system requesting trust. The two phases can be performed at different times and do not assume any connection between the two computer systems. An administrator may perform the provisioning phase for many target computer systems at the same time. Thus, the offline trust system provides a way to establish trust between computer systems that is more reliable and less prone to failure.Type: ApplicationFiled: November 3, 2009Publication date: May 5, 2011Applicant: Microsoft CorporationInventors: Siddharth Bhai, Zhe (Jessie) Li, William S. Jack, III, Christopher W. McCarron, James J. Simmons, Qi Cao
-
Publication number: 20090328154Abstract: This disclosure describes methods, systems, and application programming interfaces for creating a credential managed account. This disclosure describes creating a new password managed account, defining the password managed account, wherein the password managed account is to access a service on a managed computing device, identifying the password managed account for a lifecycle, and automatically managing the password managed account by updating and changing a password for the password managed account on a periodic basis.Type: ApplicationFiled: June 25, 2008Publication date: December 31, 2009Applicant: Microsoft CorporationInventors: Scott A. Field, Ramesh Chinta, Liqiang Zhu, Umit Akkus, Siddharth Bhai, Gopinathan Kannan, James J. Simmons, Qi Cao, Paul Miller, Ryan Fairfax, Alexandru Hanganu