Pranav Kukreja

US Patent:

20130125199, May 16, 2013

Filed:

Nov 10, 2011

Appl. No.:

13/294162

Inventors:

Mark F. Novak - Newcastle WA, US
Paul Leach - Seattle WA, US
Vishal Agarwal - Bothell WA, US
David McPherson - Bothell WA, US
Sunil Gottumukkala - Redmond WA, US
Jignesh Shah - Redmond WA, US
Arun K. Nanda - Sammamish WA, US
Nir Ben Zvi - Redmond WA, US
Pranav Kukreja - Bellevue WA, US
Ramaswamy Ranganathan - Bellevue WA, US

Assignee:

MICROSOFT CORPORATION - Redmond WA

International Classification:

G06F 21/00

US Classification:

726 1

Abstract:

A policy that governs access to a resource may be tested against real-world access requests before being used to control access to the resource. In one example, access to a resource is governed by a policy, referred to as an effective policy. When the policy is to be modified or replaced, the modification or replacement may become a test policy. When a request is made to access the resource, the request may be evaluated under both the effective policy and the test policy. Whether access is granted is determined under the effective policy, but the decision that would be made under the test policy is noted, and may be logged. If the test policy is determined to behave acceptably when confronted with real-world access requests, then the current effective policy may be replaced with the test policy.

US Patent:

20120167158, Jun 28, 2012

Filed:

Dec 24, 2010

Appl. No.:

12/978451

Inventors:

Paul Leach - Seattle WA, US
David McPherson - Bothell WA, US
Vishal Agarwal - Bothell WA, US
Mark Fishel Novak - Newcastle WA, US
Ming Tang - Redmond WA, US
Ramaswamy Ranganathan - Bellevue WA, US
Pranav Kukreja - Bellevue WA, US
Andrey Popov - Renton WA, US
Nir Ben Zvi - Redmond WA, US
Arun K. Nanda - Sammamish WA, US

Assignee:

MICROSOFT CORPORATION - Redmond WA

International Classification:

G06F 17/00

US Classification:

726 1, 726 21

Abstract:

Resource authorization policies and resource scopes may be defined separately, thereby decoupling a set of authorization rules from the scope of resources to which those rules apply. In one example, a resource includes anything that can be used in a computing environment (e.g., a file, a device, etc.). A scope describes a set of resources (e.g., all files in folder X, all files labeled “Y”, etc.). Policies describe what can be done with a resource (e.g., “read-only,” “read/write,” “delete, if requestor is a member of the admin group,” etc.). When scopes and policies have been defined, they may be linked, thereby indicating that the policy applies to any resource within the scope. When a request for the resource is made, the request is evaluated against all policies associated with scopes that contain the resource. If the conditions specified in the policies apply, then the request may be granted.

US Patent:

20220318363, Oct 6, 2022

Filed:

Jan 7, 2022

Appl. No.:

17/647382

Inventors:

- Redmond WA, US
Anshul RAWAT - Kirkland WA, US
Craig Thomas MCINTYRE - Kirkland WA, US
Guillermo Enrique RUEDA - Seattle WA, US
Peter Gregory DAVIS - Krikland WA, US
Nathan Jeffrey IDE - Bothell WA, US
Ibrahim Mohammad ISMAIL - Krikland WA, US
Pranav KUKREJA - Seattle WA, US

Assignee:

Microsoft Technology Licensing, LLC - Redmond WA

International Classification:

G06F 21/40
G06F 3/0488
G06F 21/57

Abstract:

Aspects of the present disclosure include systems and methods for generating and managing user authentication rules of a computing device. In an example, a computing device may include a memory storing instructions and a processor communicatively coupled with the memory and configured to execute the instructions. The processor may determine a state of the computing device, wherein the state of the computing device is one of a locked state or an unlocked state. The processor may determine a user authentication rule corresponding to the state of the computing device. The processor may also identify whether a combination of signals associated with the user authentication rule of the computing device are received by the computing device. The processor may also change or maintain the state of the computing device based on the combination of signals being received.

US Patent:

20210056190, Feb 25, 2021

Filed:

Aug 22, 2019

Appl. No.:

16/548416

Inventors:

- Redmond WA, US
Anshul RAWAT - Kirkland WA, US
Craig Thomas MCINTYRE - Kirkland WA, US
Guillermo Enrique RUEDA - Seattle WA, US
Peter Gregory DAVIS - Kirkland WA, US
Nathan Jeffrey IDE - Bothell WA, US
Ibrahim Mohammad ISMAIL - Kirkland WA, US
Pranav KUKREJA - Seattle WA, US

International Classification:

G06F 21/40
G06F 3/0488
G06F 21/57

Abstract:

Aspects of the present disclosure include systems and methods for generating and managing user authentication rules of a computing device. In an example, a computing device may include a memory storing instructions and a processor communicatively coupled with the memory and configured to execute the instructions. The processor may determine a state of the computing device, wherein the state of the computing device is one of a locked state or an unlocked state. The processor may determine a user authentication rule corresponding to the state of the computing device. The processor may also identify whether a combination of signals associated with the user authentication rule of the computing device are received by the computing device. The processor may also change or maintain the state of the computing device based on the combination of signals being received.

US Patent:

20160378972, Dec 29, 2016

Filed:

Jun 23, 2015

Appl. No.:

14/748222

Inventors:

- Redmond WA, US
Saurav Sinha - Bellevue WA, US
Pranav Kukreja - Seattle WA, US
Ibrahim Mohammad Ismail - Bellevue WA, US
Jonathan Schwartz - Seattle WA, US
Nathan Ide - Bothell WA, US
Yashar Bahman - Seattle WA, US

Assignee:

MICROSOFT TECHNOLOGY LICENSING, LLC - Redmond WA

International Classification:

G06F 21/45
H04L 9/32
H04L 29/06

Abstract:

In one embodiment, a user device may reestablish access to a user resource while forgoing use of a user credential during a system reboot. The user device may receive the user credential from a user during an initial login to access the user resource. The user device may create an ephemeral entropy to access the user resource. The user device may access the user resource using the ephemeral entropy.