Christopher S Houser

US Patent:

7275259, Sep 25, 2007

Filed:

Jun 18, 2003

Appl. No.:

10/463911

Inventors:

Steve Jamieson - Bellevue WA, US
Anil Balakrishnan - Sammamish WA, US
Christopher Robert Houser - Woodinville WA, US
Rex George Torres - Snohomish WA, US
Joseph W. Sharp - Sammamish WA, US
Guy Paul Larsen - Sannamish WA, US
Douglas R. Carrell - Sammamish WA, US

Assignee:

Microsoft Corporation - Redmond WA

International Classification:

H04L 9/32
G06F 15/16

US Classification:

726 8, 726 9, 726 10

Abstract:

A system that allows a user of a first domain to access a second domain. A request originates in the first domain to perform an action in the second domain. The request indicates a user of the first domain on whose behalf the request was originated. The access request is received by an adapter in the second domain. The adapter requests an access token for a user of the second domain who corresponds to the user of the first domain. A mapping table is used to identify which user in the second domain corresponds to the user in the first domain. Once the correct user of the second domain is identified, an access token for that user is returned to the adapter. The adapter then carries out the requested action by using the access token to impersonate the user of the second domain.

US Patent:

7392536, Jun 24, 2008

Filed:

Jun 18, 2003

Appl. No.:

10/464648

Inventors:

Steve Jamieson - Bellevue WA, US
Anil Balakrishnan - Sammamish WA, US
Hilal Al-Hilali - Seattle WA, US
Christopher Robert Houser - Woodinville WA, US
Rex George Torres - Snohomish WA, US
Joseph W. Sharp - Sammamish WA, US
Jean-Emile Elien - Bellevue WA, US

Assignee:

Microsoft Corporation - Redmond WA

International Classification:

G06F 15/16
G06F 17/30
G06F 7/04
G06F 7/58
G06K 19/00
G06K 9/00
H04L 9/32

US Classification:

726 8, 726 10, 713156, 713168

Abstract:

A mechanism is provided for signing on a user of a first domain into an affiliate application in a second domain. When the user needs access to the affiliate application, the request for access causes a ticket to be generated. The ticket identifies the user and is passed to an adapter. The adapter, which ultimately will perform the sign on in the affiliate application, redeems the ticket for the user's credentials (e. g. , a valid userID/password combination for the affiliate application), and then presents the credentials to the affiliate application. A service is provided that issues tickets, redeems tickets, manages the registration and de-registration of affiliate applications, manages the correlation between a user and the user's credentials with an affiliate application, and manages encryption of stored records.

US Patent:

20040260953, Dec 23, 2004

Filed:

Jun 18, 2003

Appl. No.:

10/464627

Inventors:

Steve Jamieson - Bellevue WA, US
Anil Balakrishnan - Sammamish WA, US
Christopher Houser - Woodinville WA, US
Rex Torres - Snohomish WA, US
Guy Larsen - Sammamish WA, US
Joseph Sharp - Sammamish WA, US

Assignee:

Microsoft Corporation

International Classification:

H04L009/32

US Classification:

713/202000

Abstract:

A mechanism that synchronizes passwords maintained for plural domains. A user maintains accounts in two domains. The first and second domains each maintain tables correlating userIDs with passwords, such that the same user's password can be different in the different domains. A database stores tables that correlate a given user's userID/password combination in the first domain with his corresponding userID/password combination in the second domain. The database is used to sign the user onto one domain when the user is working in the other domain. When the user changes his password in the first domain, the change is reported to the database, so that the database stores the current password. Optionally, the password change may be reported to the second domain, such that the user will have the same password in both domains.