Patents by Inventor Wei-Qiang (Michael) Guo

Wei-Qiang (Michael) Guo has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9544147
    Abstract: Authentication is widely used to protect consumer data and computing services, such as email, document storage, and online banking. Current authentication models, such as those employed by online identity providers, may have limited options and configurations for authentication schemes. Accordingly, as provided herein, a model based authentication scheme may be configured based upon a policy and/or an authentication mechanism list. The policy may define the target resource, a user, a group the user belongs to, devices used to connect to the target resource, a service owning the target resource, etc. The authentication mechanism list may comprise predefined authentication mechanisms and/or user plug-in authentication mechanisms (e.g., user created authentication mechanism). Once the authentication scheme is configured, it may be enforced upon authentication requests from a user. Feedback may be provided to the user based upon patterns of usage of the target resource.
    Type: Grant
    Filed: May 22, 2009
    Date of Patent: January 10, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Yordan I. Rouskov, Wei-Qiang Michael Guo, Orville Charles McDonald, Ramu Movva, Kyle Stapley Young, Kok Wai Chan
  • Patent number: 8800003
    Abstract: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.
    Type: Grant
    Filed: June 17, 2011
    Date of Patent: August 5, 2014
    Assignee: Microsoft Corporation
    Inventors: Wei-Qiang (Michael) Guo, Yordan Rouskov, Rui Chen, Pui-Yin Winfred Wong
  • Patent number: 8626897
    Abstract: Techniques and systems are disclosed that can measure capacity of a server farm, and project capacity needs based on traffic and resources. Server farm system information is collected for managing the server farm by identifying a list of servers in the server farm. Performance metrics are collected from identified servers and stored in a collection database. The stored performance metrics are analyzed in accordance with a server farm management request.
    Type: Grant
    Filed: May 11, 2009
    Date of Patent: January 7, 2014
    Assignee: Microsoft Corporation
    Inventors: Wei-Qiang Michael Guo, Ajay Wadhawan, Lin Huang, Jacek T. Dudziak
  • Publication number: 20110247055
    Abstract: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.
    Type: Application
    Filed: June 17, 2011
    Publication date: October 6, 2011
    Applicant: Microsoft Corporation
    Inventors: Wei-Qiang Michael Guo, Yordan Rouskov, Rui Chen, Pui-Yin Winfred Wong
  • Patent number: 7979899
    Abstract: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.
    Type: Grant
    Filed: June 2, 2008
    Date of Patent: July 12, 2011
    Assignee: Microsoft Corporation
    Inventors: Wei-Qiang (Michael) Guo, Yordan Rouskov, Rui Chen, Pui-Yin Winfred Wong
  • Publication number: 20100299716
    Abstract: Authentication is widely used to protect consumer data and computing services, such as email, document storage, and online banking. Current authentication models, such as those employed by online identity providers, may have limited options and configurations for authentication schemes. Accordingly, as provided herein, a model based authentication scheme may be configured based upon a policy and/or an authentication mechanism list. The policy may define the target resource, a user, a group the user belongs to, devices used to connect to the target resource, a service owning the target resource, etc. The authentication mechanism list may comprise predefined authentication mechanisms and/or user plug-in authentication mechanisms (e.g., user created authentication mechanism). Once the authentication scheme is configured, it may be enforced upon authentication requests from a user. Feedback may be provided to the user based upon patterns of usage of the target resource.
    Type: Application
    Filed: May 22, 2009
    Publication date: November 25, 2010
    Applicant: Microsoft Corporation
    Inventors: Yordan I. Rouskov, Wei-Qiang Michael Guo, Orville Charles McDonald, Ramu Movva, Kyle Stapley Young, Kok Wai Chau
  • Publication number: 20100287019
    Abstract: Techniques and systems are disclosed that can measure capacity of a server farm, and project capacity needs based on traffic and resources. Server farm system information is collected for managing the server farm by identifying a list of servers in the server farm. Performance metrics are collected from identified servers and stored in a collection database. The stored performance metrics are analyzed in accordance with a server farm management request.
    Type: Application
    Filed: May 11, 2009
    Publication date: November 11, 2010
    Applicant: Microsoft Corporation
    Inventors: Wei-Qiang Michael Guo, Ajay Wadhawan, Lin Huang, Jacek T. Dudziak
  • Publication number: 20100088753
    Abstract: An identity and authentication platform utilizes a data model that enables multiple identities such as e-mail addresses, mobile phone numbers, nicknames, gaming IDs, and other user IDs to be utilized as aliases which are unique sub-identities of a main account name. A user may utilize the aliases supported by the platform to project multiple different on-line identities while using the authentication credentials of the main account. The platform is configured to expose the aliases to various client applications and Internet-accessible sites and services such as e-mail, instant messaging, media sharing, gaming and social networks, and the like, to enable the implementation of a variety of usage scenarios that employ aliases.
    Type: Application
    Filed: October 3, 2008
    Publication date: April 8, 2010
    Applicant: MICROSOFT CORPORATION
    Inventors: Lynn C. Ayres, Rui Chen, Wei-Qiang Michael Guo, Neelamadhaba Mahapatro
  • Publication number: 20090300720
    Abstract: A centralized account reputation system differentiates between illegitimate users and legitimate users using reputation scores associated with the users' online accounts. The system restricts the access of illegitimate users to certain network services while minimizing its negative effects on legitimate users. The system can manage the life cycle of an online account, considering data about the account that is obtained throughout the account network to compute the online account reputation score and allocating access to network services based on the online account reputation score. For example, a reputation score may be embedded in a security token that can be accessed by multiple services on the account network, so that each service can determine the appropriate level of access to be granted to the associated user account based on the reputation score. Various types of online account behavior over time can improve or diminish the online account's reputation.
    Type: Application
    Filed: May 30, 2008
    Publication date: December 3, 2009
    Applicant: MICROSOFT CORPORATION
    Inventors: Wei-Qiang Michael Guo, Vaishali De, Rui Chen, Geoffrey John Hulten, Lin Huang, Vikas Rajvanshy
  • Publication number: 20090300744
    Abstract: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.
    Type: Application
    Filed: June 2, 2008
    Publication date: December 3, 2009
    Applicant: MICROSOFT CORPORATION
    Inventors: Wei-Qiang (Michael) Guo, Yordan Rouskon, Rui Chen, Pui-Yin Winfred Wong
  • Publication number: 20090300168
    Abstract: A device identifier (ID) is used across enterprise boundaries. A user can use the device ID to publish a device for sharing with other remote users. The remote users can discover devices that are shared by other users based on device IDs, connect to a selected device, and then verify that they have connected to the correct device based on its device ID. An account authority service may be used to manage the publication and/or discovery of the shared devices and their device IDs.
    Type: Application
    Filed: June 2, 2008
    Publication date: December 3, 2009
    Applicant: MICROSOFT CORPORATION
    Inventors: Wei-Qiang (Michael) Guo, Vaishali De, Rui Chen, Yordan Rouskov, Vikas Rajvanshy