公开(公告)号：AU1473901A

公开(公告)日：2001-06-06

申请号：AU1473901

申请日：2000-11-08

Applicant: MICROSOFT CORP

Inventor： LISITSA RAFAEL S ,  SHAW GEORGE H J ,  SATHER DALE A ,  WOODRUFF BRYAN A ,  HAGIU COSTIN

IPC: H04N21/4143 ,  H04N21/43 ,  H04N7/52 ,  H04N7/62

Abstract: Frame based streaming data is controlled through a reconfigurable graph of processing modules. A client specifies overall goals for the graph. A graph manager constructs the graph as a sequence of interconnected modules for processing the data, in response to the capabilities of modules within the graph and the overall goals, and divides the graph into time domains each having one or more modules, pipes each having one or more modules, and a control mechanism is used that eliminates components unnecessary to the overall operation of the graph and that provides synchronization between time domains using time translation tables or timing correlation tables. The graph manager adaptively controls graphs that have a low latency requirement.

公开(公告)号：WO2010077446A3

公开(公告)日：2010-08-26

申请号：PCT/US2009064039

申请日：2009-11-11

Applicant: MICROSOFT CORP

Inventor： SCHMIEDER WILHELM R ,  SRINIVAS NELAMANGAL KRISHNASWAMY ,  HAGIU COSTIN ,  ABDO NADIM Y ,  STOYANOV VLADIMIR K ,  TOLBA AHMED M ,  SWAMINATHAN GAUTAM ,  NEERUDU SRINIVASA REDDY

IPC: G06F15/16 ,  G06F9/06 ,  H04L29/06

CPC classification number: G06F9/545

Abstract: Techniques are disclosed for a user-mode based remote desktop protocol (RDP) encoding architecture. A user mode desktop application and user mode virtual channel application run in user-mode session space. Virtual channel data from the virtual channel application is marshaled and sent to a RDP encoder process in user-mode system space. There it is converted to RDP protocol data units (PDU) and sent to a remote client across a communications network. Graphics data from the desktop application is sent to a display driver in kernel-mode session space and then to a graphics reflector that marshals the graphics data and sends it to the RDP encoder for a similar transformation.

Abstract translation: 公开了用于基于用户模式的远程桌面协议（RDP）编码体系结构的技术。 用户模式桌面应用程序和用户模式虚拟频道应用程序在用户模式会话空间中运行。 来自虚拟通道应用程序的虚拟通道数据被编组并发送到用户模式系统空间中的RDP编码器进程。 在那里它被转换成RDP协议数据单元（PDU）并通过通信网络发送到远程客户端。 来自桌面应用程序的图形数据被发送到内核模式会话空间中的显示驱动程序，然后发送到图形反射器，该反射器将图形数据编组并发送给RDP编码器以进行类似的转换。

公开(公告)号：CA2654381C

公开(公告)日：2016-11-01

申请号：CA2654381

申请日：2007-05-25

Applicant: MICROSOFT CORP

Inventor： MEDVINSKY GENNADY ,  ILAC CRISTIAN ,  HAGIU COSTIN ,  PARSONS JOHN E ,  FATHALLA MOHAMED EMAD EL DIN ,  LEACH PAUL J ,  KAMEL TAREK BUHAA EL-DIN MAHMOUD

IPC: G06F15/00 ,  H04L9/32

Abstract: A credential security support provider (Cred SSP) enables any application to securely delegate a user's credentials from the client, via client side Security Support Provider (SSP) software, to a target server, via server side SSP software. The Cred SSP provides a secure solution based in part upon a set of policies. The policies can be for any type of user credentials and the different policies are designed to mitigate a broad range of attacks so that appropriate delegation can occur for given delegation circumstances, network conditions, trust levels, etc. Additionally, only a trusted subsystem, e.g., a trusted subsystem of the Local Security Authority (LSA), has access to the clear text credentials such that neither the calling application of the Cred SSP APIs on the server side nor the calling application of the Cred SSP APIs on the client side have access to clear text credentials.

公开(公告)号：NO20084500A

公开(公告)日：2008-11-26

申请号：NO20084500

申请日：2008-10-27

Applicant: MICROSOFT CORP

Inventor： ILAC CRISTIAN ,  MEDVINSKY GENNADY ,  HAGIU COSTIN ,  PARSONS JOHN E ,  FATHALLA MOHAMED EMAD EL DIN ,  LEACH PAUL J ,  KAMEL TARK BUHAA E-DIN MAHMOUD

IPC: G06F15/00 ,  H04L9/32

CPC classification number: H04L63/0815 ,  H04L9/3273 ,  H04L63/20 ,  H04L2209/80

公开(公告)号：WO2014205131A3

公开(公告)日：2015-02-12

申请号：PCT/US2014043027

申请日：2014-06-18

Applicant: MICROSOFT CORP

Inventor： SAXENA ANUREKH ,  HAGIU COSTIN ,  MAHAJAN RAJNEESH ,  MEHROTRA SANJEEV ,  MEISTER BENJAMIN HOMELSON

IPC: H04L12/819 ,  H04L12/813 ,  H04L12/911 ,  H04L12/923 ,  H04L12/927

CPC classification number: H04L47/70 ,  H04L47/20 ,  H04L47/215 ,  H04L47/72 ,  H04L47/762 ,  H04L47/805 ,  H04L47/823 ,  H04L47/828

Abstract: Embodiments are directed to controlling bandwidth usage using a token-based crediting and debiting scheme and to allowing connections to temporarily exceed bandwidth allocations using token credits. In one scenario, a bandwidth managing service receives a request to establish a connection with a network. The connection is associated with various subscribers that are part of a subscription. The bandwidth managing service assigns tokens to the connection, which are distributed from a pool of tokens that represents a total available bandwidth for the network. The bandwidth managing service receives a data transfer request from a logical user to transfer data over the network connection, where the data transfer request includes at least some of the assigned tokens. The bandwidth managing service also allocates to the connection a specified amount of bandwidth commensurate with the number of assigned tokens provided in the data transfer request.

Abstract translation: 实施例涉及使用基于令牌的积分和记账方案来控制带宽使用，并允许连接使用令牌信用暂时超过带宽分配。 在一种情况下，带宽管理服务接收与网络建立连接的请求。 该连接与作为订阅的一部分的各种订户相关联。 带宽管理服务为连接分配令牌，从代表网络的总可用带宽的令牌池分发。 带宽管理服务从逻辑用户接收数据传输请求，以通过网络连接传输数据，其中数据传输请求至少包括一些分配的令牌。 带宽管理服务还向连接分配与数据传输请求中提供的分配令牌的数量相对应的指定量的带宽。

公开(公告)号：WO2011159442A2

公开(公告)日：2011-12-22

申请号：PCT/US2011037961

申请日：2011-05-25

Applicant: MICROSOFT CORP

Inventor： LOTLIKAR MAHESH ,  SAMPATH SRIRAM ,  BERNARDI ARA ,  HAGIU COSTIN

IPC: G06F9/06 ,  G06F9/44

CPC classification number: G06F9/468 ,  G06F21/6281

Abstract: Techniques are disclosed for enabling a system service executing in an isolated session to access system resources (such as a graphics processing unit) that it is isolated from. In an embodiment, the system service creates a "worker" session that is not isolated, and a "worker" process inside that worker session. Then, the system service is able to access the system resource that it is directly isolated from accessing by passing a request to the worker process to access the system resource on the system service's behalf. The worker process does so, and passes a result to the system service.

Abstract translation: 公开了使得在隔离会话中执行的系统服务能够访问与其隔离的系统资源（诸如图形处理单元）的技术。 在一个实施例中，系统服务创建不隔离的“工作者”会话，以及该工作者会话内的“工作者”进程。 然后，系统服务能够通过将请求传递给工作进程来代表系统服务访问系统资源，从而访问它直接与访问隔离的系统资源。 工作进程执行此操作，并将结果传递给系统服务。

公开(公告)号：WO2007139944A3

公开(公告)日：2008-02-14

申请号：PCT/US2007012512

申请日：2007-05-25

Applicant: MICROSOFT CORP

Inventor： MEDVINSKY GENNADY ,  ILAC CRISTIAN ,  HAGIU COSTIN ,  PARSONS JOHN E ,  FATHALLA MOHAMED EMAD EL DIN ,  LEACH PAUL J ,  KAMEL TAREK BUHAA EL-DIN MAHMO

IPC: G06F15/00 ,  H04L9/32

CPC classification number: H04L63/0815 ,  H04L9/3273 ,  H04L63/20 ,  H04L2209/80

Abstract: A credential security support provider (Cred SSP) enables any application to securely delegate a user's credentials from the client, via client side Security Support Provider (SSP) software, to a target server, via server side SSP software. The Cred SSP provides a secure solution based in part upon a set of policies. The policies can be for any type of user credentials and the different policies are designed to mitigate a broad range of attacks so that appropriate delegation can occur for given delegation circumstances, network conditions, trust levels, etc. Additionally, only a trusted subsystem, e.g., a trusted subsystem of the Local Security Authority (LSA), has access to the clear text credentials such that neither the calling application of the Cred SSP APIs on the server side nor the calling application of the Cred SSP APIs on the client side have access to clear text credentials.

Abstract translation: 凭证安全支持提供商（Cred SSP）使任何应用程序能够通过客户端安全支持提供商（SSP）软件将用户的凭据安全地委派给目标服务器，通过服务器端SSP软件。 Cred SSP提供了一部分基于一组策略的安全解决方案。 这些策略可以用于任何类型的用户凭证，并且不同的策略被设计为减轻广泛的攻击，从而可以针对给定的授权情况，网络条件，信任级别等进行适当的委托。此外，只有可信的子系统，例如 ，本地安全机构（LSA）的受信任的子系统可以访问明文凭据，使得服务器端的Cred SSP API的呼叫应用程序和客户端的Cred SSP API的呼叫应用都不具有访问权限 清除文本凭据。

公开(公告)号：NO20084500L

公开(公告)日：2008-11-26

申请号：NO20084500

申请日：2008-10-27

Applicant: MICROSOFT CORP

Inventor： ILAC CRISTIAN ,  MEDVINSKY GENNADY ,  HAGIU COSTIN ,  PARSONS JOHN E ,  FATHALLA MOHAMED EMAD EL DIN ,  LEACH PAUL J ,  KAMEL TARK BUHAA E-DIN MAHMOUD

IPC: G06F15/00 ,  H04L9/32

Abstract: A credential security support provider (Cred SSP) is provided that enables any application to securely delegate a user's credentials from the client, via client side Security Support Provider (SSP) software, to a target server, via server side SSP software in a networked computing environment. The Cred SSP of the invention provides a secure solution that is based in part upon a set of policies, including a default policy that is secure against a broad range of attacks, which are used to control and restrict the delegation of user credentials from a client to a server. The policies can be for any type of user credentials and the different policies are designed to mitigate a broad range of attacks so that appropriate delegation can occur for given delegation circumstances, network conditions, trust levels, etc. Additionally, only a trusted subsystem, e.g., a trusted subsystem of the Local Security Authority (LSA), has access to the clear text credentials such that neither the calling application of the Cred SSP APIs on the server side nor the calling application of the Cred SSP APIs on the client side have access to clear text credentials.

公开(公告)号：CA2654381A1

公开(公告)日：2007-12-06

申请号：CA2654381

申请日：2007-05-25

Applicant: MICROSOFT CORP

Inventor： PARSONS JOHN E ,  KAMEL TAREK BUHAA EL-DIN MAHMOUD ,  ILAC CRISTIAN ,  FATHALLA MOHAMED EMAD EL DIN ,  MEDVINSKY GENNADY ,  LEACH PAUL J ,  HAGIU COSTIN

IPC: G06F15/00 ,  H04L9/32

Abstract: A credential security support provider (Cred SSP) enables any application to securely delegate a user's credentials from the client, via client side Security Support Provider (SSP) software, to a target server, via server sid e SSP software. The Cred SSP provides a secure solution based in part upon a set of policies. The policies can be for any type of user credentials and t he different policies are designed to mitigate a broad range of attacks so t hat appropriate delegation can occur for given delegation circumstances, net work conditions, trust levels, etc. Additionally, only a trusted subsystem, e.g., a trusted subsystem of the Local Security Authority (LSA), has access to the clear text credentials such that neither the calling application of t he Cred SSP APIs on the server side nor the calling application of the Cred SSP APIs on the client side have access to clear text credentials.

公开(公告)号：AU2007267836A1

公开(公告)日：2007-12-06

申请号：AU2007267836

申请日：2007-05-25

Applicant: MICROSOFT CORP

Inventor： LEACH PAUL J ,  FATHALLA MOHAMED EMAD EL DIN ,  ILAC CRISTIAN ,  PARSONS JOHN E ,  KAMEL TAREK BUHAA EL-DIN MAHMOUD ,  HAGIU COSTIN ,  MEDVINSKY GENNADY

IPC: G06F15/00 ,  H04L9/32

Abstract: A credential security support provider (Cred SSP) is provided that enables any application to securely delegate a user's credentials from the client, via client side Security Support Provider (SSP) software, to a target server, via server side SSP software in a networked computing environment. The Cred SSP of the invention provides a secure solution that is based in part upon a set of policies, including a default policy that is secure against a broad range of attacks, which are used to control and restrict the delegation of user credentials from a client to a server. The policies can be for any type of user credentials and the different policies are designed to mitigate a broad range of attacks so that appropriate delegation can occur for given delegation circumstances, network conditions, trust levels, etc. Additionally, only a trusted subsystem, e.g., a trusted subsystem of the Local Security Authority (LSA), has access to the clear text credentials such that neither the calling application of the Cred SSP APIs on the server side nor the calling application of the Cred SSP APIs on the client side have access to clear text credentials.