The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Oct. 04, 2022
Filed:
Jun. 11, 2020
Microsoft Technology Licensing, Llc, Redmond, WA (US);
Michael Eugene Stephens, Granite Fall, WA (US);
Mark David Morowczynski, Seattle, WA (US);
Oana Elena Enache, Bellevue, WA (US);
Steven Jay Lieberman, Sammamish, WA (US);
Microsoft Technology Licensing, LLC, Redmond, WA (US);
Abstract
A secure cloud-based privileged access management (CBPAM) service manages on-premise resources. While enrolling an on-premise authentication domain admin group, a secured cloud-based shadow administrating group (SCBSAG) is created; a SCBSAG security identification includes at least part of the enrollee's security identification. The SCBSAG belongs to a clean CBPAM authentication domain which may be secured by defense in depth controls such as time limits on authentication or authorization, password avoidance, least privilege, one-way syncing, and one-way trust. Management via the configured SCBSAG may be fostered by emptying the on-premise admin group, although a break glass account may be kept. CBPAM services direct administrative actions toward on-premise resources through SCBSAGs for cloud tenants, providing secure management control as a service, with broader geographic scope and lower maintenance burdens and costs than privileged access management approaches that are not cloud-based.