Patents by Inventor Yordan Ivanov Rouskov
Yordan Ivanov Rouskov has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11627138Abstract: A computing system configured to support entities having the ability to indicate capability information for capabilities of the entities is illustrated. Embodiments may include an identity provider computer system comprising at least one processor. The identity provider computer system is configured to receive requests for access tokens from entities. The requests include capability information for the entities. The identity provider computer system is further configured to provide access tokens to the entities which include the capability information. The computing system further includes a resource provider computer system comprising at least one processor configured to receive resource requests and access tokens from entities. The access tokens include the capability information. The resource providers are further configured to provide responses to the entities according to the capability information.Type: GrantFiled: October 31, 2019Date of Patent: April 11, 2023Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Violet Anna Barhudarian, Jiangfeng Lu, Caleb Geoffrey Baker, Oren Jordan Melzer, Anirban Basu, Yordan Ivanov Rouskov, William Bruce Barr, III, Radhika Kashyap
-
Patent number: 11405425Abstract: Authenticating computing entities. A method includes at an identity provider, providing a first access token to an entity for use by the entity in obtaining resources from a resource provider. The method further includes, at the identity provider, receiving response information from the entity. The response information from the entity is provided to the entity from the resource provider as a result of the resource provider enforcing policy at the resource provider. At the identity provider, a second access token is provided to the entity. The second access token is provided based on the response information, such that the second access token can be used by the entity to obtain the resources from the resource provider.Type: GrantFiled: October 31, 2019Date of Patent: August 2, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Violet Anna Barhudarian, Jiangfeng Lu, Caleb Geoffrey Baker, Oren Jordan Melzer, Anirban Basu, Yordan Ivanov Rouskov, William Bruce Barr, III, Radhika Kashyap, Carlos Adrian Lopez Castro, Pui-Yin Winfred Wong
-
Patent number: 11252146Abstract: Managing user sessions in a networked computing environment. A method includes, at an identity provider computer system, providing a first id token to a resource provider for an entity. The first id token has therein a first policy check interval having a value defining a period when the first id token should be revalidated. Due to expiration of the first policy check interval, a first refresh token is received from a resource provider computer system that received the first id token. As a result of receiving the first refresh token from the resource provider computer system, the identity provider computer system evaluates conditional access policy for the entity. If the identity provider computer system determines that the conditional access policy for the entity has been met, the identity provider computer system provides a new id token and a new refresh token to the resource provider computer system.Type: GrantFiled: November 19, 2019Date of Patent: February 15, 2022Assignee: MICROSOFT TECHNOLOGLY LICENSING, LLCInventors: Violet Anna Barhudarian, Yordan Ivanov Rouskov, Radhika Kashyap, Pui-Yin Winfred Wong, George Adrian Drumea
-
Publication number: 20210152547Abstract: Managing user sessions in a networked computing environment. A method includes, at an identity provider computer system, providing a first id token to a resource provider for an entity. The first id token has therein a first policy check interval having a value defining a period when the first id token should be revalidated. Due to expiration of the first policy check interval, a first refresh token is received from a resource provider computer system that received the first id token. As a result of receiving the first refresh token from the resource provider computer system, the identity provider computer system evaluates conditional access policy for the entity. If the identity provider computer system determines that the conditional access policy for the entity has been met, the identity provider computer system provides a new id token and a new refresh token to the resource provider computer system.Type: ApplicationFiled: November 19, 2019Publication date: May 20, 2021Inventors: Violet Anna BARHUDARIAN, Yordan Ivanov ROUSKOV, Radhika KASHYAP, Pui-Yin Winfred WONG, George Adrian DRUMEA
-
Publication number: 20210136078Abstract: A computing system configured to support entities having the ability to indicate capability information for capabilities of the entities is illustrated. Embodiments may include an identity provider computer system comprising at least one processor. The identity provider computer system is configured to receive requests for access tokens from entities. The requests include capability information for the entities. The identity provider computer system is further configured to provide access tokens to the entities which include the capability information. The computing system further includes a resource provider computer system comprising at least one processor configured to receive resource requests and access tokens from entities. The access tokens include the capability information. The resource providers are further configured to provide responses to the entities according to the capability information.Type: ApplicationFiled: October 31, 2019Publication date: May 6, 2021Inventors: Violet Anna BARHUDARIAN, Jiangfeng LU, Caleb Geoffrey BAKER, Oren Jordan MELZER, Anirban BASU, Yordan Ivanov ROUSKOV, William Bruce BARR, III, Radhika KASHYAP
-
Publication number: 20210136113Abstract: Authenticating computing entities. A method includes at an identity provider, providing a first access token to an entity for use by the entity in obtaining resources from a resource provider. The method further includes, at the identity provider, receiving response information from the entity. The response information from the entity is provided to the entity from the resource provider as a result of the resource provider enforcing policy at the resource provider. At the identity provider, a second access token is provided to the entity. The second access token is provided based on the response information, such that the second access token can be used by the entity to obtain the resources from the resource provider.Type: ApplicationFiled: October 31, 2019Publication date: May 6, 2021Inventors: Violet Anna BARHUDARIAN, Jiangfeng LU, Caleb Geoffrey BAKER, Oren Jordan MELZER, Anirban BASU, Yordan Ivanov ROUSKOV, William Bruce BARR, III, Radhika KASHYAP, Carlos Adrian LOPEZ CASTRO, Pui-Yin Winfred WONG
-
Patent number: 10749854Abstract: Single sign-on identity management between local and cloud-based systems is provided. A remote or cloud-based authentication endpoint is registered as a local device, service or resource in a user's local directory services system. A local device and associated user requesting access to cloud-based resources will then see the authentication endpoint as an internal (inside the enterprise) server and may supply an authentication ticket which includes on-premises log-in or sign-on identity for the user. The remote or cloud-based authentication endpoint may then validate the authentication ticket, and the user may then access devices, applications and services operated in association with the remote or cloud-based authentication endpoint without a second or separate log-in or sign-on and without use of additional authentication equipment at the user's enterprise network.Type: GrantFiled: November 12, 2015Date of Patent: August 18, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Edan Doitch, Yavor V. Angelov, Shiung-Vei Yong, Yordan Ivanov Rouskov, Ross Peter Adams, Arieh Bibliowicz, Hagar Romach
-
Publication number: 20170142094Abstract: Single sign-on identity management between local and cloud-based systems is provided. A remote or cloud-based authentication endpoint is registered as a local device, service or resource in a user's local directory services system. A local device and associated user requesting access to cloud-based resources will then see the authentication endpoint as an internal (inside the enterprise) server and may supply an authentication ticket which includes on-premises log-in or sign-on identity for the user. The remote or cloud-based authentication endpoint may then validate the authentication ticket, and the user may then access devices, applications and services operated in association with the remote or cloud-based authentication endpoint without a second or separate log-in or sign-on and without use of additional authentication equipment at the user's enterprise network.Type: ApplicationFiled: November 12, 2015Publication date: May 18, 2017Applicant: Microsoft Technology Licensing, LLC.Inventors: Edan Doitch, Yavor V. Angelov, Shiung-Vei Yong, Yordan Ivanov Rouskov, Ross Peter Adams, Arieh Bibliowicz, Hagar Romach