公开(公告)号：US10104071B2

公开(公告)日：2018-10-16

申请号：US15825523

申请日：2017-11-29

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ariel Gordon ,  Samuel Devasahayam ,  Lu Zhao ,  Yordan Rouskov ,  Parmeshwar Miguel Sequeira Arewar ,  Venkatesh Gopalakrishnan ,  Sarat Chandra Subramaniam ,  Titus Constantin Miron

IPC: H04L29/06 ,  H04L29/08

Abstract: Embodiments are directed to revoking user sessions using signaling. In one scenario, an identity platform operating on a computer system receives an indication indicating that a user's login account has been compromised, where the user's login account has an associated login session and corresponding session artifact that is valid for a specified amount of time. The identity platform generates a signal indicating that the login session is no longer trusted and that the user is to be re-directed to the identity platform to re-authenticate and renew the session artifact and provides the generated signal to various relying parties including at least one relying party that is hosting the login session for the user.

公开(公告)号：US20180139200A1

公开(公告)日：2018-05-17

申请号：US15825523

申请日：2017-11-29

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ariel Gordon ,  Samuel Devasahayam ,  Lu Zhao ,  Yordan Rouskov ,  Parmeshwar Miguel Sequeira Arewar ,  Venkatesh Gopalakrishnan ,  Sarat Chandra Subramaniam ,  Titus Constantin Miron

IPC: H04L29/06

CPC classification number: H04L63/083 ,  H04L63/08 ,  H04L63/102 ,  H04L63/1416 ,  H04L67/02 ,  H04L67/14 ,  H04L69/28

Abstract: Embodiments are directed to revoking user sessions using signaling. In one scenario, an identity platform operating on a computer system receives an indication indicating that a user's login account has been compromised, where the user's login account has an associated login session and corresponding session artifact that is valid for a specified amount of time. The identity platform generates a signal indicating that the login session is no longer trusted and that the user is to be re-directed to the identity platform to re-authenticate and renew the session artifact and provides the generated signal to various relying parties including at least one relying party that is hosting the login session for the user.

公开(公告)号：US09537851B2

公开(公告)日：2017-01-03

申请号：US14452726

申请日：2014-08-06

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ariel Gordon ,  Samuel Devasahayam ,  Lu Zhao ,  Yordan Rouskov ,  Parmeshwar Arewar ,  Venkatesh Gopalakrishnan ,  Sarat Chandra Subramaniam ,  Titus Constantin Miron

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/083 ,  H04L63/08 ,  H04L63/102 ,  H04L63/1416 ,  H04L67/02 ,  H04L67/14 ,  H04L69/28

Abstract: Embodiments are directed to revoking user sessions using signaling. In one scenario, an identity platform operating on a computer system receives an indication indicating that a user's login account has been compromised, where the user's login account has an associated login session and corresponding session artifact that is valid for a specified amount of time. The identity platform generates a signal indicating that the login session is no longer trusted and that the user is to be re-directed to the identity platform to re-authenticate and renew the session artifact and provides the generated signal to various relying parties including at least one relying party that is hosting the login session for the user.

Abstract translation: 实施例旨在使用信令撤销用户会话。 在一种情况下，在计算机系统上操作的身份平台接收指示用户的登录帐户已经被泄密的指示，其中用户的登录帐户具有相关联的登录会话以及在指定的时间量内有效的对应的会话伪像。 身份平台产生指示登录会话不再被信任的信号，并且用户将被重定向到身份平台以重新认证和更新会话伪像，并将生成的信号提供给各种依赖方，包括至少 一个为用户托管登录会话的依赖方。

公开(公告)号：US20170085553A1

公开(公告)日：2017-03-23

申请号：US15365726

申请日：2016-11-30

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ariel Gordon ,  Samuel Devasahayam ,  Lu Zhao ,  Yordan Rouskov ,  Parmeshwar Miguel Sequeira Arewar ,  Venkatesh Gopalakrishnan ,  Sarat Chandra Subramaniam ,  Titus Constantin Miron

IPC: H04L29/06

CPC classification number: H04L63/083 ,  H04L63/08 ,  H04L63/102 ,  H04L63/1416 ,  H04L67/02 ,  H04L67/14 ,  H04L69/28

Abstract: Embodiments are directed to revoking user sessions using signaling. In one scenario, an identity platform operating on a computer system receives an indication indicating that a user's login account has been compromised, where the user's login account has an associated login session and corresponding session artifact that is valid for a specified amount of time. The identity platform generates a signal indicating that the login session is no longer trusted and that the user is to be re-directed to the identity platform to re-authenticate and renew the session artifact and provides the generated signal to various relying parties including at least one relying party that is hosting the login session for the user.

公开(公告)号：US09843577B2

公开(公告)日：2017-12-12

申请号：US15365726

申请日：2016-11-30

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ariel Gordon ,  Samuel Devasahayam ,  Lu Zhao ,  Yordan Rouskov ,  Parmeshwar Miguel Sequeira Arewar ,  Venkatesh Gopalakrishnan ,  Sarat Chandra Subramaniam ,  Titus Constantin Miron

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/083 ,  H04L63/08 ,  H04L63/102 ,  H04L63/1416 ,  H04L67/02 ,  H04L67/14 ,  H04L69/28

Abstract: Embodiments are directed to revoking user sessions using signaling. In one scenario, an identity platform operating on a computer system receives an indication indicating that a user's login account has been compromised, where the user's login account has an associated login session and corresponding session artifact that is valid for a specified amount of time. The identity platform generates a signal indicating that the login session is no longer trusted and that the user is to be re-directed to the identity platform to re-authenticate and renew the session artifact and provides the generated signal to various relying parties including at least one relying party that is hosting the login session for the user.

公开(公告)号：US11171948B2

公开(公告)日：2021-11-09

申请号：US16019913

申请日：2018-06-27

Applicant: Microsoft Technology Licensing, LLC

Inventor： Violet Anna Barhudarian ,  George Adrian Drumea ,  Pui-Yin Winfred Wong ,  Radhika Kashyap ,  Titus Constantin Miron ,  Caleb Baker

IPC: H04L29/06 ,  H04L29/08

Abstract: Session lifetime can be adapted based on session reputation. Session reputation can be computed based on sign-in risk and device risk, among other things. Session lifetime corresponds to a length of time a session is valid and can be determined automatically based on the session reputation. Subsequently, a token can be generated and returned in response to successful authentication that identifies a session and is valid for the determined lifetime.

公开(公告)号：US20200007535A1

公开(公告)日：2020-01-02

申请号：US16019913

申请日：2018-06-27

Applicant: Microsoft Technology Licensing, LLC

Inventor： Violet Anna Barhudarian ,  George Adrian Drumea ,  Pui-Yin Winfred Wong ,  Radhika Kashyap ,  Titus Constantin Miron ,  Caleb Baker

IPC: H04L29/06 ,  H04L29/08

Abstract: Session lifetime can be adapted based on session reputation. Session reputation can be computed based on sign-in risk and device risk, among other things. Session lifetime corresponds to a length of time a session is valid and can be determined automatically based on the session reputation. Subsequently, a token can be generated and returned in response to successful authentication that identifies a session and is valid for the determined lifetime.