logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 8819801 B1

PDFFull Text
Date of Patent:
Aug. 26, 2014

Filed:

Oct. 31, 2011

Secure machine enrollment in multi-tenant subscription environment

Applicants:

Murali Krishna Sangubhatla, Kirkland, WA (US);

Dharshan Rangegowda, Sammamish, WA (US);

Morgan Asher Brown, Redmond, WA (US);

Jiazhen Chen, Bellevue, WA (US);

Anthony S. Chavez, Kenmore, WA (US);

Inventors:

Murali Krishna Sangubhatla, Kirkland, WA (US);

Dharshan Rangegowda, Sammamish, WA (US);

Morgan Asher Brown, Redmond, WA (US);

Jiazhen Chen, Bellevue, WA (US);

Anthony S. Chavez, Kenmore, WA (US);

Assignee:

Microsoft Corporation, Redmond, WA (US);

Attorneys:

Ben Tabor

Kate Drakos

Micky Minhas

Primary Examiner:

David Pearson

Int. Cl.
CPC ...
H04L 29/06 (2006.01); G06F 21/33 (2013.01);
U.S. Cl.
CPC ...
G06F 21/33 (2013.01); H04L 63/102 (2013.01);
Abstract

In a multi-tenant environment, machines across the Internet, belonging to a particular subscription are securely enrolled with the tenant's subscription. Authentication of the machines is delegated to each of the tenant's own on-premise authentication mechanism The trust relationship with the tenant's authentication service is used to validate the security token presented by the machine being authenticated. Once authenticated, the machine has authorization (e.g. SSL machine cert for identity, security token, etc.,) to access the subscription. Each tenant within the multi-tenant environment can provide its own level of authentication. The machine presents the security token to the multi-tenant environment for requests for resources (e.g. services/content) from a user. When a request is received from a machine to access a resource, the multi-tenant environment determines from the issued token whether or not the machine is authorized to access the requested resources.

Find Patent Forward Citations

Loading…