Patents by Inventor Varugis Kurien
Varugis Kurien has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20180167300Abstract: This document relates to a distributed network coordinate system. One implementation provides computer-readable storage media including instructions that may cause a processor to perform certain acts. For example, the acts may include storing an initial network location of a first device in a network. The network may include the first device and a second device. The acts may also include monitoring one or more network performance metrics related to existing application communications with the second device, and determining an updated network location of the first device, based on the initial network location and the network performance metrics. Aspects of network health can be derived from monitoring changes in the network locations of various devices within the coordinate system.Type: ApplicationFiled: December 11, 2017Publication date: June 14, 2018Inventors: Lihua YUAN, Sharad AGARWAL, Kevin DAMOUR, Thekkthalackal Varugis KURIEN, Albert G. GREENBERG, Randall KERN
-
Patent number: 9871711Abstract: This document relates to a distributed network coordinate system. One implementation provides computer-readable storage media including instructions that may cause a processor to perform certain acts. For example, the acts may include storing an initial network location of a first device in a network. The network may include the first device and a second device. The acts may also include monitoring one or more network performance metrics related to existing application communications with the second device, and determining an updated network location of the first device, based on the initial network location and the network performance metrics. Aspects of network health can be derived from monitoring changes in the network locations of various devices within the coordinate system.Type: GrantFiled: August 3, 2014Date of Patent: January 16, 2018Assignee: Microsoft Technology Licensing, LLCInventors: Lihua Yuan, Sharad Agarwal, Kevin Damour, Thekkthalackal Varugis Kurien, Albert G. Greenberg, Randall Kern
-
Patent number: 9864608Abstract: A mechanism for performing a network boot sequence and provisioning a device may generate a command by a server and have the command executed by the device. The command may be used to verify the authenticity of the device, and may be used to establish ownership of the device. After authenticity and, in some cases ownership is established, bootable software may be downloaded and executed. The device may be provisioned with software applications.Type: GrantFiled: March 7, 2016Date of Patent: January 9, 2018Assignee: Microsoft Technology Licensing, LLCInventors: Christopher McCarron, Varugis Kurien
-
Patent number: 9519878Abstract: One or more techniques and/or systems are provided for regulating an amount of power on a power grid using a datacenter. This allows demand to be more closely brought into alignment with supply. For example, when supply exceeds demand by a predetermined level, the datacenter may increase consumption, causing demand to increase, and when demand exceeds supply and/or comes within a predetermined threshold of supply, the datacenter may decrease consumption, causing demand to decrease. In this way, the datacenter can be utilized as a regulatory tool on the grid. It may be appreciated that given the technology used by and/or operations performed by datacenters, datacenters are uniquely situated to achieve these ends as compared to other (large) energy consumers, such as manufacturing facilities that cannot shift around and/or shut-down operations swiftly.Type: GrantFiled: April 6, 2015Date of Patent: December 13, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Sriram Sankar, Christian L. Belady, T. Varugis Kurien, Joseph M. Sherman
-
Publication number: 20160188349Abstract: A mechanism for performing a network boot sequence and provisioning a device may generate a command by a server and have the command executed by the device. The command may be used to verify the authenticity of the device, and may be used to establish ownership of the device. After authenticity and, in some cases ownership is established, bootable software may be downloaded and executed. The device may be provisioned with software applications.Type: ApplicationFiled: March 7, 2016Publication date: June 30, 2016Inventors: Christopher McCarron, Varugis Kurien
-
Patent number: 9311483Abstract: Systems and methods provide multiple partitions hosted on an isolation technology such as a hypervisor where at least one of the partitions, a local secure service partition (LSSP), provides security services to other partitions. The service partitions (LSSPs) host those high assurance services that require strict security isolation, where the service can be shared across partitions and accessed even when the user is not connected to a network. The LSSP also can certify the results of any computation using a key signed by a TPM attestation identity key (AIK), or other key held securely by the hypervisor or a service partition. The LSSPs may be configured to provide trusted audit logs, trusted security scans, trusted cryptographic services, trusted compilation and testing, trusted logon services, and the like.Type: GrantFiled: October 31, 2013Date of Patent: April 12, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Thekkthalackal Varugis Kurien, Paul England, Ravindra Nath Pandya, Niels Ferguson
-
Patent number: 9306945Abstract: A mechanism for performing a network boot sequence and provisioning a device may generate a command by a server and have the command executed by the device. The command may be used to verify the authenticity of the device, and may be used to establish ownership of the device. After authenticity and, in some cases ownership is established, bootable software may be downloaded and executed. The device may be provisioned with software applications.Type: GrantFiled: March 11, 2015Date of Patent: April 5, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Christopher McCarron, Varugis Kurien
-
Patent number: 9166797Abstract: Systems and methods that establish a secured compartment that manages sensitive user transactions/information on a user's machine. The secured compartment qualifies user interaction with the machine, and separates such qualified interaction from other user activity on the machine. A user is switched to such secured compartment upon occurrence of a predetermined event, such as in form of: an explicit request (e.g., a secure attention sequence); an implicit request (e.g., inference of user activities); and presence of a peripheral device that is bound to the secured compartment (e.g., a USB)—wherein such actions typically cannot be generated by an application running outside the secured compartment.Type: GrantFiled: October 24, 2008Date of Patent: October 20, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Thekkthalackal Varugis Kurien, Cormac E. Herley, Alice Jane Bernheim Brush, Daniel C. Robbins, Arindam Chatterjee, Scott Field
-
Patent number: 9135357Abstract: Methods for using scenario solution-related information to generate customized user experiences are provided. Upon receiving a user query, a plurality of results is returned, each result being representative of a scenario solution which may be utilized to address a particular issue relevant to the received query. At the time of authoring, each scenario solution is organized based upon one or more keywords and/or one or more categories (i.e., namespaces). Data associated with a namespace/keyword corresponding to a returned search result may be mined to determine information beyond basic scenario solution search results that may be of interest to the user.Type: GrantFiled: September 20, 2010Date of Patent: September 15, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Thekkthalackal Varugis Kurien, Steven E. Jackson, Scott A. Field
-
Publication number: 20150213387Abstract: One or more techniques and/or systems are provided for regulating an amount of power on a power grid using a datacenter. This allows demand to be more closely brought into alignment with supply. For example, when supply exceeds demand by a predetermined level, the datacenter may increase consumption, causing demand to increase, and when demand exceeds supply and/or comes within a predetermined threshold of supply, the datacenter may decrease consumption, causing demand to decrease. In this way, the datacenter can be utilized as a regulatory tool on the grid. It may be appreciated that given the technology used by and/or operations performed by datacenters, datacenters are uniquely situated to achieve these ends as compared to other (large) energy consumers, such as manufacturing facilities that cannot shift around and/or shut-down operations swiftly.Type: ApplicationFiled: April 6, 2015Publication date: July 30, 2015Inventors: Sriram Sankar, Christian L. Belady, T. Varugis Kurien, Joseph M. Sherman
-
Publication number: 20150188917Abstract: A mechanism for performing a network boot sequence and provisioning a device may generate a command by a server and have the command executed by the device. The command may be used to verify the authenticity of the device, and may be used to establish ownership of the device. After authenticity and, in some cases ownership is established, bootable software may be downloaded and executed. The device may be provisioned with software applications.Type: ApplicationFiled: March 11, 2015Publication date: July 2, 2015Inventors: Christopher McCarron, Varugis Kurien
-
Patent number: 9003216Abstract: One or more techniques and/or systems are provided for regulating an amount of power on a power grid using a datacenter. This allows demand to be more closely brought into alignment with supply. For example, when supply exceeds demand by a predetermined level, the datacenter may increase consumption, causing demand to increase, and when demand exceeds supply and/or comes within a predetermined threshold of supply, the datacenter may decrease consumption, causing demand to decrease. In this way, the datacenter can be utilized as a regulatory tool on the grid. It may be appreciated that given the technology used by and/or operations performed by datacenters, datacenters are uniquely situated to achieve these ends as compared to other (large) energy consumers, such as manufacturing facilities that cannot shift around and/or shut-down operations swiftly.Type: GrantFiled: October 3, 2011Date of Patent: April 7, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Sriram Sankar, Christian L. Belady, T. Varugis Kurien, Joseph M. Sherman
-
Patent number: 8990902Abstract: A secure mechanism for performing a network boot sequence and provisioning a remote device may use a private key of a public key/private key encryption mechanism to generate a command by a server and have the command executed by the device. The command may be used to verify the authenticity of the remote device, and may be used to establish ownership of the device. After authenticity and, in some cases ownership is established, bootable software may be downloaded and executed. The remote device may be provisioned with software applications. One mechanism for performing the initial encrypted commands is through a Trusted Platform Module. In many embodiments, the public key for the initial encrypted communication may be provided through a trusted second channel.Type: GrantFiled: September 23, 2013Date of Patent: March 24, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Christopher McCarron, Varugis Kurien
-
Publication number: 20140370482Abstract: A virtual lab is generated for a underlying learning objective defined by a lab instructor. The virtual lab is decomposed into multiple lab steps. Each lab step defines a portion of the underlying learning objective that can be performed independently. Each lab step includes pedagogical information for teaching a learner the portion of the underlying learning objective and information for specifying a portion of the underlying system that will execute the lab step. A first portion of the underlying system is caused to execute a first lab step. This allows the learner to perform the portion of the underlying learning objective defined in the first lab step. An event generated by the learner's performance of the first lab step is received. In response, a specific pedagogical procedure that is dictated by the event is caused to be performed.Type: ApplicationFiled: June 18, 2013Publication date: December 18, 2014Inventors: Thekkthalackal Varugis Kurien, Alpesh Gaglani, Arunprakash Balakrishnan, Eric . D. Schweickert, Daniel Behrendt, Vinay Balasubramaniam, Suyash Sinha
-
Publication number: 20140337524Abstract: This document relates to a distributed network coordinate system. One implementation provides computer-readable storage media including instructions that may cause a processor to perform certain acts. For example, the acts may include storing an initial network location of a first device in a network. The network may include the first device and a second device. The acts may also include monitoring one or more network performance metrics related to existing application communications with the second device, and determining an updated network location of the first device, based on the initial network location and the network performance metrics. Aspects of network health can be derived from monitoring changes in the network locations of various devices within the coordinate system.Type: ApplicationFiled: August 3, 2014Publication date: November 13, 2014Applicant: MICROSOFT CORPORATIONInventors: Lihua YUAN, Sharad AGARWAL, Kevin DAMOUR, Thekkthalackal Varugis KURIEN, Albert G. GREENBERG, Randall KERN
-
Publication number: 20140304787Abstract: Sending alerts regarding events related to badges. A method includes receiving a subscription for an entity to receive alerts regarding one or more badges or one or more individuals as it relates to the one or more individuals receiving or maintaining badges. The one or more badges signify one or more of skills, training, attributes, or qualifications of individuals who receive them. The method further includes determining that an event has occurred with respect to the one or more badges or one or more individuals. As a result, the method further includes notifying the entity of the event.Type: ApplicationFiled: June 24, 2013Publication date: October 9, 2014Inventors: T. Varugis Kurien, Donald Frank Brinkman, Vinay Balasubramaniam, Suyash Sinha, Alpesh R. Gaglani, Tushar Subodh Nene
-
Publication number: 20140304181Abstract: Authenticating a badge. The badge represents at least one of skills, training, attributes, or qualifications of an individual. The method includes at a trustworthy verifier, accessing a badge image identified by a user. The method further includes at the trustworthy verifier, accessing policy identified by the user. The method further includes determining that the badge identified by the user is compliant with the policy by determining that the badge complies with the policy identified by the user. As a result of determining that the badge is compliant with the policy, the method further includes causing an indicator to be displayed in a trustworthy way to indicate to the user that the purported badge is compliant with the policy.Type: ApplicationFiled: June 24, 2013Publication date: October 9, 2014Inventors: T. Varugis Kurien, Donald Frank Brinkman, Vinay Balasubramaniam, Suyash Sinha, Alpesh R. Gaglani, Tushar Subodh Nene
-
Publication number: 20140304182Abstract: Identifying that one or more badges in a set of a plurality of badges indicates that an individual having the set of a plurality of badges meets certain requirements in terms of one or more of skills, training, attributes, or qualifications. The method includes identifying a set of a plurality of badges for an individual. The method further includes identifying evaluation criteria, the evaluation criteria comprising criteria for evaluating a plurality of badges, that when satisfied, indicates that an individual meets certain requirements. The method further includes comparing the set of the plurality of badges to the evaluation criteria.Type: ApplicationFiled: June 24, 2013Publication date: October 9, 2014Inventors: T. Varugis Kurien, Donald Frank Brinkman, Vinay Balasubramaniam, Suyash Sinha, Alpesh R. Gaglani, Tushar Subodh Nene
-
Patent number: 8825813Abstract: This document relates to a distributed network coordinate system. One implementation provides computer-readable storage media including instructions that may cause a processor to perform certain acts. For example, the acts may include storing an initial network location of a first device in a network. The network may include the first device and a second device. The acts may also include monitoring one or more network performance metrics related to existing application communications with the second device, and determining an updated network location of the first device, based on the initial network location and the network performance metrics. Aspects of network health can be derived from monitoring changes in the network locations of various devices within the coordinate system.Type: GrantFiled: December 28, 2010Date of Patent: September 2, 2014Assignee: Microsoft CorporationInventors: Lihua Yuan, Sharad Agarwal, Kevin Damour, Thekkthalackal Varugis Kurien, Albert G. Greenberg, Randall Kern
-
Publication number: 20140059680Abstract: Systems and methods provide multiple partitions hosted on an isolation technology such as a hypervisor where at least one of the partitions, a local secure service partition (LSSP), provides security services to other partitions. The service partitions (LSSPs) host those high assurance services that require strict security isolation, where the service can be shared across partitions and accessed even when the user is not connected to a network. The LSSP also can certify the results of any computation using a key signed by a TPM attestation identity key (AIK), or other key held securely by the hypervisor or a service partition. The LSSPs may be configured to provide trusted audit logs, trusted security scans, trusted cryptographic services, trusted compilation and testing, trusted logon services, and the like.Type: ApplicationFiled: October 31, 2013Publication date: February 27, 2014Inventors: Thekkthalackal Varugis Kurien, Paul England, Ravindra Nath Pandya, Niels Ferguson