Patents by Inventor Siddhartha Mathur
Siddhartha Mathur has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11075917Abstract: Tenant approval for operator access to tenant data is provided. In order to grant service personnel operators access to a tenant's data for performing a requested action, a lockbox determines a security group role to which an operator needs to be elevated to perform a requested action, computes a set of internal administrators and tenant administrators authorized to grant a temporary role elevation, and sends an access control request to the administrators. Upon receiving approval of the access control request from an internal administrator and a tenant administrator, the lockbox elevates the operator to the security group role, granting the operator a set of permissions needed in order to allow the operator to perform the requested action. Accordingly, tenants are enabled to control access to their data and scrutinize access requests per their company procedures and compliance needs.Type: GrantFiled: June 29, 2017Date of Patent: July 27, 2021Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Rajalakshmi Dani, Anand Madhava Menon, Paul H. Rich, Naveen Madan, Vikas Ahuja, Siddhartha Mathur, Liqiang Zhu
-
Patent number: 10326795Abstract: Techniques to contain lateral movement of attackers through just-in-time (JIT) provisioned accounts comprising an account management component to receive a request from a first account via a client device for a second account to access a server device in a set of server devices, an account authorization component to authorize the request for the second account based at least partially on account information associated with the first account, an account provisioning component to provision the second account to enable a client to access the server device, and an account notification component to provide account information associated with the second account to a client via the client device. Other embodiments are described and claimed.Type: GrantFiled: November 3, 2017Date of Patent: June 18, 2019Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Shane Brady, Siddhartha Mathur, Rajalakshmi Dani, Santosh Kumar, Luke Schoen, David Hetherington
-
Patent number: 10320623Abstract: Techniques to track resource usage statistics per transaction across multiple layers of protocols and across multiple threads, processes and/or devices are disclosed. In one embodiment, for example, a technique may comprise assigning an activity context to a request at the beginning of a first stage, where the activity context has an initial set of properties. The values of the properties may be assigned to the properties in the initial set during the first stage. The value of a property may be stored on a data store local to the first stage. The activity context may be transferred to a second stage when the request begins the second stage. The transferred activity context may include a property from the initial set of properties. The stored values may be analyzed to determine a resource usage statistic. Other embodiments are described and claimed.Type: GrantFiled: May 24, 2017Date of Patent: June 11, 2019Assignee: Microsoft Technology Licensing, LLCInventors: Raghu Kolluru, David Nunez Tejerina, Siddhartha Mathur, James Kleewein, Adrian Hamza, Ozan Ozhan
-
Publication number: 20180054460Abstract: Techniques to contain lateral movement of attackers through just-in-time (JIT) provisioned accounts comprising an account management component to receive a request from a first account via a client device for a second account to access a server device in a set of server devices, an account authorization component to authorize the request for the second account based at least partially on account information associated with the first account, an account provisioning component to provision the second account to enable a client to access the server device, and an account notification component to provide account information associated with the second account to a client via the client device. Other embodiments are described and claimed.Type: ApplicationFiled: November 3, 2017Publication date: February 22, 2018Applicant: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Shane Brady, Siddhartha Mathur, Rajalakshmi Dani, Santosh Kumar, Luke Schoen, David Hetherington
-
Patent number: 9838424Abstract: Techniques to contain lateral movement of attackers through just-in-time (JIT) provisioned accounts comprising an account management component to receive a request from a first account via a client device for a second account to access a server device in a set of server devices, an account authorization component to authorize the request for the second account based at least partially on account information associated with the first account, an account provisioning component to provision the second account to enable a client to access the server device, and an account notification component to provide account information associated with the second account to a client via the client device. Other embodiments are described and claimed.Type: GrantFiled: March 20, 2014Date of Patent: December 5, 2017Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Shane Brady, Siddhartha Mathur, Rajalakshmi Dani, Santosh Kumar, Luke Schoen, David Hetherington
-
Patent number: 9825869Abstract: A current request for a server to perform work for a user profile can be received and processed at the server. It can be determined whether server usage by the profile exhibits a sufficient trend toward a threshold value to warrant performing traffic shaping for the user profile. If so, then a delay time can be calculated based on, or as a function of, server resources used in processing the current request, and a response to the current request can be delayed by the delay time.Type: GrantFiled: February 25, 2016Date of Patent: November 21, 2017Assignee: Microsoft Technology Licensing, LLCInventors: David A. Sterling, Siddhartha Mathur, Victor Boctor
-
Publication number: 20170302677Abstract: Tenant approval for operator access to tenant data is provided. In order to grant service personnel operators access to a tenant's data for performing a requested action, a lockbox determines a security group role to which an operator needs to be elevated to perform a requested action, computes a set of internal administrators and tenant administrators authorized to grant a temporary role elevation, and sends an access control request to the administrators. Upon receiving approval of the access control request from an internal administrator and a tenant administrator, the lockbox elevates the operator to the security group role, granting the operator a set of permissions needed in order to allow the operator to perform the requested action. Accordingly, tenants are enabled to control access to their data and scrutinize access requests per their company procedures and compliance needs.Type: ApplicationFiled: June 29, 2017Publication date: October 19, 2017Applicant: Microsoft Technology Licensing, LLCInventors: Rajalakshmi DANI, Anand Madhava MENON, Paul H. RICH, Naveen MADAN, Vikas AHUJA, Siddhartha MATHUR, Liqiang ZHU
-
Publication number: 20170264505Abstract: Techniques to track resource usage statistics per transaction across multiple layers of protocols and across multiple threads, processes and/or devices are disclosed. In one embodiment, for example, a technique may comprise assigning an activity context to a request at the beginning of a first stage, where the activity context has an initial set of properties. The values of the properties may be assigned to the properties in the initial set during the first stage. The value of a property may be stored on a data store local to the first stage. The activity context may be transferred to a second stage when the request begins the second stage. The transferred activity context may include a property from the initial set of properties. The stored values may be analyzed to determine a resource usage statistic. Other embodiments are described and claimed.Type: ApplicationFiled: May 24, 2017Publication date: September 14, 2017Applicant: Microsoft Technology Licensing, LLCInventors: Raghu KOLLURU, David Nunez TEJERINA, Siddhartha MATHUR, James KLEEWEIN, Adrian HAMZA, Ozan OZHAN
-
Patent number: 9762585Abstract: Tenant approval for operator access to tenant data is provided. In order to grant service personnel operators access to a tenant's data for performing a requested action, a lockbox determines a security group role to which an operator needs to be elevated to perform a requested action, computes a set of internal administrators and tenant administrators authorized to grant a temporary role elevation, and sends an access control request to the administrators. Upon receiving approval of the access control request from an internal administrator and a tenant administrator, the lockbox elevates the operator to the security group role, granting the operator a set of permissions needed in order to allow the operator to perform the requested action. Accordingly, tenants are enabled to control access to their data and scrutinize access requests per their company procedures and compliance needs.Type: GrantFiled: March 19, 2015Date of Patent: September 12, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Rajalakshmi Dani, Anand Madhava Menon, Paul H. Rich, Naveen Madan, Vikas Ahuja, Siddhartha Mathur, Liqiang Zhu
-
Patent number: 9686152Abstract: Techniques to track resource usage statistics per transaction across multiple layers of protocols and across multiple threads, processes and/or devices are disclosed. In one embodiment, for example, a technique may comprise assigning an activity context to a request at the beginning of a first stage, where the activity context has an initial set of properties. The values of the properties may be assigned to the properties in the initial set during the first stage. The value of a property may be stored on a data store local to the first stage. The activity context may be transferred to a second stage when the request begins the second stage. The transferred activity context may include a property from the initial set of properties. The stored values may be analyzed to determine a resource usage statistic. Other embodiments are described and claimed.Type: GrantFiled: January 27, 2012Date of Patent: June 20, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Raghu Kolluru, David Nunez Tejerina, Siddhartha Mathur, James Kleewein, Adrian Hamza, Ozan Ozhan
-
Patent number: 9645856Abstract: Allocation of computing threads can include receiving a registration of a workload, the registration including a workload classification and a workload priority; monitoring statuses of a plurality of resources; identifying, by a computing device, a thread of a resource from the plurality of resources, the thread being programmed to execute a task associated with the workload; evaluating, by the computing device, the workload classification and the workload priority of the workload with workload classifications and workload priorities of other workloads requesting the thread; and allocating the thread to one of the workloads based on evaluation of the workload classification and the workload priority.Type: GrantFiled: April 4, 2016Date of Patent: May 9, 2017Assignee: Microsoft Technology Licensing, LLCInventors: David A. Sterling, Victor Boctor, Siddhartha Mathur, Ozan Ozhan, Vitali Prokopenko, David Nunez Tejerina, Selim Yazicioglu
-
Publication number: 20160277411Abstract: Tenant approval for operator access to tenant data is provided. In order to grant service personnel operators access to a tenant's data for performing a requested action, a lockbox determines a security group role to which an operator needs to be elevated to perform a requested action, computes a set of internal administrators and tenant administrators authorized to grant a temporary role elevation, and sends an access control request to the administrators. Upon receiving approval of the access control request from an internal administrator and a tenant administrator, the lockbox elevates the operator to the security group role, granting the operator a set of permissions needed in order to allow the operator to perform the requested action. Accordingly, tenants are enabled to control access to their data and scrutinize access requests per their company procedures and compliance needs.Type: ApplicationFiled: March 19, 2015Publication date: September 22, 2016Applicant: Microsoft Technology Licensing, LLC.Inventors: Rajalakshmi Dani, Anand Madhava Menon, Paul H. Rich, Naveen Madan, Vikas Ahuja, Siddhartha Mathur, Liqiang Zhu
-
Publication number: 20160217008Abstract: Allocation of computing threads can include receiving a registration of a workload, the registration including a workload classification and a workload priority; monitoring statuses of a plurality of resources; identifying, by a computing device, a thread of a resource from the plurality of resources, the thread being programmed to execute a task associated with the workload; evaluating, by the computing device, the workload classification and the workload priority of the workload with workload classifications and workload priorities of other workloads requesting the thread; and allocating the thread to one of the workloads based on evaluation of the workload classification and the workload priority.Type: ApplicationFiled: April 4, 2016Publication date: July 28, 2016Applicant: Microsoft Technology Licensing, LLCInventors: David A. Sterling, Victor Boctor, Siddhartha Mathur, Ozan Ozhan, Vitali Prokopenko, David Nunez Tejerina, Selim Yazicioglu
-
Publication number: 20160197833Abstract: A current request for a server to perform work for a user profile can be received and processed at the server. It can be determined whether server usage by the profile exhibits a sufficient trend toward a threshold value to warrant performing traffic shaping for the user profile. If so, then a delay time can be calculated based on, or as a function of, server resources used in processing the current request, and a response to the current request can be delayed by the delay time.Type: ApplicationFiled: February 25, 2016Publication date: July 7, 2016Applicant: Microsoft Technology Licensing, LLCInventors: David A. Sterling, Siddhartha Mathur, Victor Boctor
-
Patent number: 9329901Abstract: A computer-implemented method for allocating threads includes: receiving a registration of a workload, the registration including a workload classification and a workload priority; monitoring statuses of a plurality of resources; identifying, by a computing device, a thread of a resource from the plurality of resources, the thread being programmed to execute a task associated with the workload; evaluating, by the computing device, the workload classification and the workload priority of the workload with workload classifications and workload priorities of other workloads requesting the thread; and allocating the thread to one of the workloads based on evaluation of the workload classification and the workload priority.Type: GrantFiled: December 9, 2011Date of Patent: May 3, 2016Assignee: Microsoft Technology Licensing, LLCInventors: David Andrew Sterling, Victor Boctor, Siddhartha Mathur, Ozan Ozhan, Vitali V. Prokopenko, David Nunez Tejerina, Selim Yazicioglu
-
Patent number: 9305274Abstract: A current request for a server to perform work for a user profile can be received and processed at the server. It can be determined whether server usage by the profile exhibits a sufficient trend toward a threshold value to warrant performing traffic shaping for the user profile. If so, then a delay time can be calculated based on, or as a function of, server resources used in processing the current request, and a response to the current request can be delayed by the delay time.Type: GrantFiled: January 16, 2012Date of Patent: April 5, 2016Assignee: Microsoft Technology Licensing, LLCInventors: David A. Sterling, Siddhartha Mathur, Victor Boctor
-
Publication number: 20150281225Abstract: Techniques to operate a service with machine generated authentication tokens comprising a authentication token management component to establish a secure connection with a client device based at least partially on client authentication information associated with a first account of the client, receive a request for account information of one or more accounts associated with the first account of the client, provide account information for a second account associated with the first account to the client via the client device, receive a request to generate an authentication token for the second account, validate the request to generate the authentication token based on the client authentication information associated with the client, and a token generation component to generate the authentication token for the second account. Other embodiments are described and claimed.Type: ApplicationFiled: March 27, 2014Publication date: October 1, 2015Applicant: Microsoft CorporationInventors: Luke Schoen, Santosh Kumar, Rajalakshmi Dani, Siddhartha Mathur, Shane Brady, Ramesh Arimilli, David Hetherington, Vikas Ahuja
-
Publication number: 20150271200Abstract: Techniques to contain lateral movement of attackers through just-in-time (JIT) provisioned accounts comprising an account management component to receive a request from a first account via a client device for a second account to access a server device in a set of server devices, an account authorization component to authorize the request for the second account based at least partially on account information associated with the first account, an account provisioning component to provision the second account to enable a client to access the server device, and an account notification component to provide account information associated with the second account to a client via the client device. Other embodiments are described and claimed.Type: ApplicationFiled: March 20, 2014Publication date: September 24, 2015Inventors: Shane Brady, Siddhartha Mathur, Rajalakshmi Dani, Santosh Kumar, Luke Schoen, David Hetherington
-
Patent number: 9122524Abstract: The described implementations relate to processing of electronic data. One implementation is manifest as a system that can include logic and at least one processing device configured to execute the logic. The logic can be configured to receive a first task request to execute a first task that uses a resource when performed. The first task can have an associated first level of interactivity. The logic can also be configured to receive a second task request to execute a second task that also uses the resource when performed. The second task can have an associated second level of interactivity. The logic can also be configured to selectively throttle the first task and the second task based upon the first level of interactivity and the second level of interactivity.Type: GrantFiled: January 8, 2013Date of Patent: September 1, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Siddhartha Mathur, David A. Sterling, Lu Yang, Zhengwen Zhu, David Nunez Tejerina, Ozan Ozhan, Michael Butler
-
Publication number: 20140196048Abstract: The described implementations relate to processing of electronic data. One implementation is manifest as a system that can include logic and at least one processing device configured to execute the logic. The logic can be configured to receive a first task request to execute a first task that uses a resource when performed. The first task can have an associated first level of interactivity. The logic can also be configured to receive a second task request to execute a second task that also uses the resource when performed. The second task can have an associated second level of interactivity. The logic can also be configured to selectively throttle the first task and the second task based upon the first level of interactivity and the second level of interactivity.Type: ApplicationFiled: January 8, 2013Publication date: July 10, 2014Applicant: MICROSOFT CORPORATIONInventors: Siddhartha Mathur, David A. Sterling, Lu Yang, Zhengwen Zhu, David Nunez Tejerina, Ozan Ozhan, Michael Butler