Patents by Inventor Wei-Qiang (Michael) Guo
Wei-Qiang (Michael) Guo has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9544147Abstract: Authentication is widely used to protect consumer data and computing services, such as email, document storage, and online banking. Current authentication models, such as those employed by online identity providers, may have limited options and configurations for authentication schemes. Accordingly, as provided herein, a model based authentication scheme may be configured based upon a policy and/or an authentication mechanism list. The policy may define the target resource, a user, a group the user belongs to, devices used to connect to the target resource, a service owning the target resource, etc. The authentication mechanism list may comprise predefined authentication mechanisms and/or user plug-in authentication mechanisms (e.g., user created authentication mechanism). Once the authentication scheme is configured, it may be enforced upon authentication requests from a user. Feedback may be provided to the user based upon patterns of usage of the target resource.Type: GrantFiled: May 22, 2009Date of Patent: January 10, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Yordan I. Rouskov, Wei-Qiang Michael Guo, Orville Charles McDonald, Ramu Movva, Kyle Stapley Young, Kok Wai Chan
-
Patent number: 8800003Abstract: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.Type: GrantFiled: June 17, 2011Date of Patent: August 5, 2014Assignee: Microsoft CorporationInventors: Wei-Qiang (Michael) Guo, Yordan Rouskov, Rui Chen, Pui-Yin Winfred Wong
-
Patent number: 8626897Abstract: Techniques and systems are disclosed that can measure capacity of a server farm, and project capacity needs based on traffic and resources. Server farm system information is collected for managing the server farm by identifying a list of servers in the server farm. Performance metrics are collected from identified servers and stored in a collection database. The stored performance metrics are analyzed in accordance with a server farm management request.Type: GrantFiled: May 11, 2009Date of Patent: January 7, 2014Assignee: Microsoft CorporationInventors: Wei-Qiang Michael Guo, Ajay Wadhawan, Lin Huang, Jacek T. Dudziak
-
Publication number: 20110247055Abstract: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.Type: ApplicationFiled: June 17, 2011Publication date: October 6, 2011Applicant: Microsoft CorporationInventors: Wei-Qiang Michael Guo, Yordan Rouskov, Rui Chen, Pui-Yin Winfred Wong
-
Patent number: 7979899Abstract: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.Type: GrantFiled: June 2, 2008Date of Patent: July 12, 2011Assignee: Microsoft CorporationInventors: Wei-Qiang (Michael) Guo, Yordan Rouskov, Rui Chen, Pui-Yin Winfred Wong
-
Publication number: 20100299716Abstract: Authentication is widely used to protect consumer data and computing services, such as email, document storage, and online banking. Current authentication models, such as those employed by online identity providers, may have limited options and configurations for authentication schemes. Accordingly, as provided herein, a model based authentication scheme may be configured based upon a policy and/or an authentication mechanism list. The policy may define the target resource, a user, a group the user belongs to, devices used to connect to the target resource, a service owning the target resource, etc. The authentication mechanism list may comprise predefined authentication mechanisms and/or user plug-in authentication mechanisms (e.g., user created authentication mechanism). Once the authentication scheme is configured, it may be enforced upon authentication requests from a user. Feedback may be provided to the user based upon patterns of usage of the target resource.Type: ApplicationFiled: May 22, 2009Publication date: November 25, 2010Applicant: Microsoft CorporationInventors: Yordan I. Rouskov, Wei-Qiang Michael Guo, Orville Charles McDonald, Ramu Movva, Kyle Stapley Young, Kok Wai Chau
-
Publication number: 20100287019Abstract: Techniques and systems are disclosed that can measure capacity of a server farm, and project capacity needs based on traffic and resources. Server farm system information is collected for managing the server farm by identifying a list of servers in the server farm. Performance metrics are collected from identified servers and stored in a collection database. The stored performance metrics are analyzed in accordance with a server farm management request.Type: ApplicationFiled: May 11, 2009Publication date: November 11, 2010Applicant: Microsoft CorporationInventors: Wei-Qiang Michael Guo, Ajay Wadhawan, Lin Huang, Jacek T. Dudziak
-
Publication number: 20100088753Abstract: An identity and authentication platform utilizes a data model that enables multiple identities such as e-mail addresses, mobile phone numbers, nicknames, gaming IDs, and other user IDs to be utilized as aliases which are unique sub-identities of a main account name. A user may utilize the aliases supported by the platform to project multiple different on-line identities while using the authentication credentials of the main account. The platform is configured to expose the aliases to various client applications and Internet-accessible sites and services such as e-mail, instant messaging, media sharing, gaming and social networks, and the like, to enable the implementation of a variety of usage scenarios that employ aliases.Type: ApplicationFiled: October 3, 2008Publication date: April 8, 2010Applicant: MICROSOFT CORPORATIONInventors: Lynn C. Ayres, Rui Chen, Wei-Qiang Michael Guo, Neelamadhaba Mahapatro
-
Publication number: 20090300168Abstract: A device identifier (ID) is used across enterprise boundaries. A user can use the device ID to publish a device for sharing with other remote users. The remote users can discover devices that are shared by other users based on device IDs, connect to a selected device, and then verify that they have connected to the correct device based on its device ID. An account authority service may be used to manage the publication and/or discovery of the shared devices and their device IDs.Type: ApplicationFiled: June 2, 2008Publication date: December 3, 2009Applicant: MICROSOFT CORPORATIONInventors: Wei-Qiang (Michael) Guo, Vaishali De, Rui Chen, Yordan Rouskov, Vikas Rajvanshy
-
Publication number: 20090300744Abstract: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.Type: ApplicationFiled: June 2, 2008Publication date: December 3, 2009Applicant: MICROSOFT CORPORATIONInventors: Wei-Qiang (Michael) Guo, Yordan Rouskon, Rui Chen, Pui-Yin Winfred Wong
-
Publication number: 20090300720Abstract: A centralized account reputation system differentiates between illegitimate users and legitimate users using reputation scores associated with the users' online accounts. The system restricts the access of illegitimate users to certain network services while minimizing its negative effects on legitimate users. The system can manage the life cycle of an online account, considering data about the account that is obtained throughout the account network to compute the online account reputation score and allocating access to network services based on the online account reputation score. For example, a reputation score may be embedded in a security token that can be accessed by multiple services on the account network, so that each service can determine the appropriate level of access to be granted to the associated user account based on the reputation score. Various types of online account behavior over time can improve or diminish the online account's reputation.Type: ApplicationFiled: May 30, 2008Publication date: December 3, 2009Applicant: MICROSOFT CORPORATIONInventors: Wei-Qiang Michael Guo, Vaishali De, Rui Chen, Geoffrey John Hulten, Lin Huang, Vikas Rajvanshy