Patents by Inventor Winfred Wong
Winfred Wong has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20180332026Abstract: In one embodiment, a user authentication server may use geo-location tracking to determine whether to present an enhanced identity challenge. A communication interface 180 may receive a user login attempt by a user and a current location of the user login attempt. A data storage 150 may store a user location profile of the user. A processor 120 may execute a comparison of the current location to the user location profile. The communication interface 180 may present the user with an enhanced identity challenge before allowing user access based on the comparison.Type: ApplicationFiled: July 20, 2018Publication date: November 15, 2018Applicant: Microsoft Technology Licensing, LLCInventors: David Steeves, Luke Abrams, Hersh Dangayach, Eric Fleischman, Prabu Raju, Krishna Vitaldevara, Niyantha Shekar, Payoj Baral, Meenakshi Ramaswamy, Winfred Wong, Yordan Rouskov, Ramesh Manne
-
Patent number: 10033731Abstract: In one embodiment, a user authentication server may use geo-location tracking to determine whether to present an enhanced identity challenge. A communication interface 180 may receive a user login attempt by a user and a current location of the user login attempt. A data storage 150 may store a user location profile of the user. A processor 120 may execute a comparison of the current location to the user location profile. The communication interface 180 may present the user with an enhanced identity challenge before allowing user access based on the comparison.Type: GrantFiled: July 31, 2017Date of Patent: July 24, 2018Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: David Steeves, Luke Abrams, Hersh Dangayach, Eric Fleischman, Prabu Raju, Krishna Vitaldevara, Niyantha Shekar, Payoj Baral, Meenakshi Ramaswamy, Winfred Wong, Yordan Rouskov, Ramesh Manne
-
Publication number: 20170331811Abstract: In one embodiment, a user authentication server may use geo-location tracking to determine whether to present an enhanced identity challenge. A communication interface 180 may receive a user login attempt by a user and a current location of the user login attempt. A data storage 150 may store a user location profile of the user. A processor 120 may execute a comparison of the current location to the user location profile. The communication interface 180 may present the user with an enhanced identity challenge before allowing user access based on the comparison.Type: ApplicationFiled: July 31, 2017Publication date: November 16, 2017Applicant: Microsoft Technology Licensing, LLCInventors: David Steeves, Luke Abrams, Hersh Dangayach, Eric Fleischman, Prabu Raju, Krishna Vitaldevara, Niyantha Shekar, Payoj Baral, Meenakshi Ramaswamy, Winfred Wong, Yordan Rouskov, Ramesh Manne
-
Patent number: 9779236Abstract: One or more techniques and/or systems are provided for risk assessment. Historical authentication data and/or compromised user account data may be evaluated to identify a set of authentication context properties associated with user authentication sessions and/or a set of malicious account context properties associated with compromised user accounts (e.g., properties indicative of whether a user recently visited a malicious site, created a fake social network profile, logged in from unknown locations, etc.). The set of authentication context properties and/or the set of malicious account context properties may be annotated to create an annotated context property training set that may be used to train a risk assessment machine learning model to generate a risk assessment model. The risk assessment model may be used to evaluate user context properties of a user account event to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe.Type: GrantFiled: June 21, 2016Date of Patent: October 3, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Luke Abrams, David J. Steeves, Robert Alexander Sim, Pui-Yin Winfred Wong, Harry Simon Katz, Aaron Small, Dana Scott Kaufman, Adrian Kreuziger, Mark A. Nikiel, Laurentiu Bogdan Cristofor, Alexa Lynn Keizur, Collin Tibbetts, Charles Hayden
-
Patent number: 9749313Abstract: In one embodiment, a user authentication server may use geo-location tracking to determine whether to present an enhanced identity challenge. A communication interface 180 may receive a user login attempt by a user and a current location of the user login attempt. A data storage 150 may store a user location profile of the user. A processor 120 may execute a comparison of the current location to the user location profile. The communication interface 180 may present the user with an enhanced identity challenge before allowing user access based on the comparison.Type: GrantFiled: September 30, 2015Date of Patent: August 29, 2017Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: David Steeves, Luke Abrams, Hersh Dangayach, Eric Fleischman, Prabu Raju, Krishna Vitaldevara, Niyantha Shekar, Payoj Baral, Meenakshi Ramaswamy, Winfred Wong, Yordan Rouskov, Ramesh Manne
-
Publication number: 20170208075Abstract: Embodiments are directed to having multiple lockout counters that apply to login requests from different origins. More specifically, one counter is associated with a user's familiar locations, another counter is associated with unfamiliar locations. In another embodiment, hashes of incorrect passwords are recorded so that lockout counters are not incremented multiple times when the same incorrect password is entered repeatedly.Type: ApplicationFiled: July 29, 2016Publication date: July 20, 2017Applicant: Microsoft Technology Licensing, LLC.Inventors: Alexandre Kerametlian, Amit Dhariwal, Dana Kaufman, Winfred Wong
-
Publication number: 20160300059Abstract: One or more techniques and/or systems are provided for risk assessment. Historical authentication data and/or compromised user account data may be evaluated to identify a set of authentication context properties associated with user authentication sessions and/or a set of malicious account context properties associated with compromised user accounts (e.g., properties indicative of whether a user recently visited a malicious site, created a fake social network profile, logged in from unknown locations, etc.). The set of authentication context properties and/or the set of malicious account context properties may be annotated to create an annotated context property training set that may be used to train a risk assessment machine learning model to generate a risk assessment model. The risk assessment model may be used to evaluate user context properties of a user account event to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe.Type: ApplicationFiled: June 21, 2016Publication date: October 13, 2016Inventors: Luke Abrams, David J. Steeves, Robert Alexander Sim, Pui-Yin Winfred Wong, Harry Simon Katz, Aaron Small, Dana Scott Kaufman, Adrian Kreuziger, Mark A. Nikiel, Laurentiu Bogdan Cristofor, Alexa Lynn Keizur, Collin Tibbetts, Charles Hayden
-
Patent number: 9396332Abstract: One or more techniques and/or systems are provided for risk assessment. Historical authentication data and/or compromised user account data may be evaluated to identify a set of authentication context properties associated with user authentication sessions and/or a set of malicious account context properties associated with compromised user accounts (e.g., properties indicative of whether a user recently visited a malicious site, created a fake social network profile, logged in from unknown locations, etc.). The set of authentication context properties and/or the set of malicious account context properties may be annotated to create an annotated context property training set that may be used to train a risk assessment machine learning model to generate a risk assessment model. The risk assessment model may be used to evaluate user context properties of a user account event to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe.Type: GrantFiled: May 21, 2014Date of Patent: July 19, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Luke Abrams, David J. Steeves, Robert Alexander Sim, Pui-Yin Winfred Wong, Harry Simon Katz, Aaron Small, Dana Scott Kaufman, Adrian Kreuziger, Mark A. Nikiel, Laurentiu Bogdan Cristofor, Alexa Lynn Keizur, Collin Tibbetts, Charles Hayden
-
Publication number: 20160021095Abstract: In one embodiment, a user authentication server may use geo-location tracking to determine whether to present an enhanced identity challenge. A communication interface 180 may receive a user login attempt by a user and a current location of the user login attempt. A data storage 150 may store a user location profile of the user. A processor 120 may execute a comparison of the current location to the user location profile. The communication interface 180 may present the user with an enhanced identity challenge before allowing user access based on the comparison.Type: ApplicationFiled: September 30, 2015Publication date: January 21, 2016Applicant: Microsoft Technology Licensing, LLCInventors: David Steeves, Luke Abrams, Hersh Dangayach, Eric Fleischman, Prabu Raju, Krishna Vitaldevara, Niyantha Shekar, Payoj Baral, Meenakshi Ramaswamy, Winfred Wong, Yordan Rouskov, Ramesh Manne
-
Publication number: 20150339477Abstract: One or more techniques and/or systems are provided for risk assessment. Historical authentication data and/or compromised user account data may be evaluated to identify a set of authentication context properties associated with user authentication sessions and/or a set of malicious account context properties associated with compromised user accounts (e.g., properties indicative of whether a user recently visited a malicious site, created a fake social network profile, logged in from unknown locations, etc.). The set of authentication context properties and/or the set of malicious account context properties may be annotated to create an annotated context property training set that may be used to train a risk assessment machine learning model to generate a risk assessment model. The risk assessment model may be used to evaluate user context properties of a user account event to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe.Type: ApplicationFiled: May 21, 2014Publication date: November 26, 2015Inventors: Luke Abrams, David J. Steeves, Robert Alexander Sim, Pui-Yin Winfred Wong, Harry Simon Katz, Aaron Small, Dana Scott Kaufman, Adrian Kreuziger, Mark A. Nikiel, Laurentiu Bogdan Cristofor, Alexa Lynn Keizur, Collin Tibbetts, Charles Hayden
-
Patent number: 9177125Abstract: In one embodiment, a user authentication server may use geo-location tracking to determine whether to present an enhanced identity challenge. A communication interface 180 may receive a user login attempt by a user and a current location of the user login attempt. A data storage 150 may store a user location profile of the user. A processor 120 may execute a comparison of the current location to the user location profile. The communication interface 180 may present the user with an enhanced identity challenge before allowing user access based on the comparison.Type: GrantFiled: July 6, 2011Date of Patent: November 3, 2015Assignee: Microsoft Technology Licensing, LLCInventors: David Steeves, Luke Abrams, Hersh Dangayach, Eric Fleischman, Prabu Raju, Krishna Vitaldevara, Niyantha Shekar, Payoj Baral, Meenakshi Ramaswamy, Winfred Wong, Yordan Rouskov, Ramesh Manne
-
Patent number: 8800003Abstract: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.Type: GrantFiled: June 17, 2011Date of Patent: August 5, 2014Assignee: Microsoft CorporationInventors: Wei-Qiang (Michael) Guo, Yordan Rouskov, Rui Chen, Pui-Yin Winfred Wong
-
Patent number: 8726358Abstract: Systems, computer-implemented methods, and computer-readable media for establishing an online account with a resource provider are provided. An authentication token including identification of a user from an authentication server is received. The identification of the user from the authentication token is utilized to establish an online account for the user with the resource provider. Additional credentialing information from the user for the online account is received. The additional information received from the user is associated with the online account for the user with the resource provider.Type: GrantFiled: April 14, 2008Date of Patent: May 13, 2014Assignee: Microsoft CorporationInventors: Yordan I. Rouskov, Tore Sundelin, Mrigankka Fotedar, Sarah Faulkner, Pui-Yin Winfred Wong, Wei-Quiang Michael Guo, Lynn Ayres
-
Patent number: 8490201Abstract: One or more strong proofs are maintained as associated with an account of a user. In response to a request to change a security setting of the account, an attempt is made to confirm the request by using one of the one or more strong proofs to notify the user. The change is permitted if the request is confirmed via one or more of the strong proofs, and otherwise the change to the security setting of the account is kept unchanged.Type: GrantFiled: March 26, 2010Date of Patent: July 16, 2013Assignee: Microsoft CorporationInventors: Tarek Bahaa El-Din Mahmoud Kamel, Yordan I. Rouskov, David J. Steeves, Rammohan Nagasubramani, Pui-Yin Winfred Wong, WeiQiang Michael Guo, Vikas Rajvanshy, Orville C. McDonald, Sean Christian Wohlgemuth, Vikrant Minhas
-
Patent number: 8341718Abstract: An integrated authentication service is described which may receive a bundled request from one or more clients. One or more of the described techniques may be utilized to provide, in response to a single bundled request, a token for proof of identity and a certificate for establishing secure communications.Type: GrantFiled: December 10, 2010Date of Patent: December 25, 2012Assignee: Microsoft CorporationInventors: Trevin M Chow, Pui-Yin Winfred Wong, Yordan I Rouskov, Kok Wai Chan, Wei Jiang, Colin Chow, Sanjeev M Nagvekar, Matt Sullivan, Kalyan Sayyaparaju, Dilip K. Pai, Avinash Belur
-
Publication number: 20120304260Abstract: In one embodiment, a user authentication server may use geo-location tracking to determine whether to present an enhanced identity challenge. A communication interface 180 may receive a user login attempt by a user and a current location of the user login attempt. A data storage 150 may store a user location profile of the user. A processor 120 may execute a comparison of the current location to the user location profile. The communication interface 180 may present the user with an enhanced identity challenge before allowing user access based on the comparison.Type: ApplicationFiled: July 6, 2011Publication date: November 29, 2012Applicant: Microsoft CorporationInventors: David Steeves, Luke Abrams, Hersh Dangayach, Eric Fleischman, Prabu Raju, Krishna Vitaldevara, Niyantha Shekar, Payoj Baral, Meenakshi Ramaswamy, Winfred Wong, Yordan Rouskov, Ramesh Manne
-
Patent number: 8225385Abstract: Embodiments of multiple security token transactions are described herein. One or more of the described techniques may be utilized to provide, in a single request and response, an authentication token and a plurality security tokens for proof of identity at respective service providers.Type: GrantFiled: March 23, 2006Date of Patent: July 17, 2012Assignee: Microsoft CorporationInventors: Trevin M Chow, Colin Chow, Pui-Yin Winfred Wong, Dilip K. Pai, Sanjeev M Nagvekar, Wei Jiang, Yordan I Rouskov
-
Publication number: 20120079585Abstract: Embodiments of proxy authentication and indirect certificate chaining are described herein. In an implementation, authentication for a client occurs via a proxy service. Proxy service communicates between client and server, and caches security tokens on behalf of the client. In an implementation, trustworthiness of certificate presented to a client to establish trust is determined utilizing a signed data package which incorporates a plurality of known certificates. The presented certificate is verified without utilizing root certificates installed on the client device.Type: ApplicationFiled: December 6, 2011Publication date: March 29, 2012Applicant: MICROSOFT CORPORATIONInventors: Kok Wai Chan, Colin Chow, Trevin M. Chow, Lin Huang, Ryan Hurst, Naresh Jain, Wei Jiang, Yordan I. Rouskov, Pui-Yin Winfred Wong, Ismail Cem Paya, Ryan Hurst
-
Publication number: 20110247055Abstract: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.Type: ApplicationFiled: June 17, 2011Publication date: October 6, 2011Applicant: Microsoft CorporationInventors: Wei-Qiang Michael Guo, Yordan Rouskov, Rui Chen, Pui-Yin Winfred Wong
-
Publication number: 20110214173Abstract: One or more strong proofs are maintained as associated with an account of a user. In response to a request to change a security setting of the account, an attempt is made to confirm the request by using one of the one or more strong proofs to notify the user. The change is permitted if the request is confirmed via one or more of the strong proofs, and otherwise the change to the security setting of the account is kept unchanged.Type: ApplicationFiled: March 26, 2010Publication date: September 1, 2011Applicant: Microsoft CorporationInventors: Tarek Bahaa El-Din Mahmoud Kamel, Yordan I. Rouskov, David J. Steeves, Rammohan Nagasubramani, Pui-Yin Winfred Wong, WeiQiang Michael Guo, Vikas Rajvanshy, Orville C. McDonald, Sean Christian Wohlgemuth