公开(公告)号：WO2013085740A1

公开(公告)日：2013-06-13

申请号：PCT/US2012/066565

申请日：2012-11-27

Applicant: MICROSOFT CORPORATION

Inventor： GARG, Neeraj ,  SINGH, Suvarna ,  THATTE, Rahul ,  KALE, Amrut ,  SRIVASTAVA, Ashish ,  V., Devi J. ,  SIDDABATTUNI, Poornima ,  PEDDIBHOTLA, Rajesh ,  RAYAN, Sukumar ,  DOWNES, Aidan ,  RAO, Deepak ,  EYDELMAN, Vadim ,  MEHTA, Bimal

IPC: G06F15/16

CPC classification number: H04L12/1859 ,  H04L63/1408 ,  H04L63/1441

Abstract: Techniques for throttling of rogue entities to push notification servers are described. An apparatus may comprise a processor and a memory communicatively coupled to the processor. The memory may store an application, the application maintaining a monitored domain table, the application maintaining an offending domain table, the application operative to receive an incoming request from a client in a domain, to detect harmful activity based on the request, and to respond to the harmful activity based on one or both of the monitored domain table and the offending domain table. Other embodiments are described and claimed.

Abstract translation: 描述了用于限制流氓实体来推送通知服务器的技术。 设备可以包括处理器和通信地耦合到处理器的存储器。 存储器可以存储应用程序，应用程序维护受监视域表，应用程序维护违规域表，该应用程序可操作以从域中的客户端接收传入请求，以根据请求检测有害活动，并响应 基于受监控域表和违规域表中的一个或两个的有害活动。 描述和要求保护其他实施例。

公开(公告)号：WO2013109556A1

公开(公告)日：2013-07-25

申请号：PCT/US2013/021615

申请日：2013-01-16

Applicant: MICROSOFT CORPORATION

Inventor： EYDELMAN, Vadim ,  KRESS, Brian ,  LEIBMANN, Matthias ,  NOUREDDINE, Moustafa ,  YU, Lei ,  LUO, Haibo

IPC: H04L9/32

CPC classification number: H04L63/0823 ,  H04L9/321 ,  H04L9/3263 ,  H04L61/3065 ,  H04L61/35 ,  H04L63/062 ,  H04L69/22

Abstract: Online and on-premise applications identify trusted authentication providers. The applications are configured with a list of trusted issuers of authentication credentials. When an application receives a request requiring authentication, the application returns a 401 response that includes the trusted issuer list. The requesting application compares the trusted issuer list from the 401 response to its own list of authentication providers. If there is a match between the two lists, then the requesting application creates a self-issued token for the authentication provider. The authentication provider uses the self-issued token to generate an authentication token for the requesting application. The requesting application may also directly create a token for a target partner application, without an authentication provider, if there is a direct trust between the two applications.

Abstract translation: 在线和内部部署应用程序标识可信赖的身份验证提供程序。 这些应用程序配置有可信赖的认证凭证发行者列表。 当应用程序接收到需要认证的请求时，应用程序返回包含受信任发行者列表的401响应。 请求应用将可信发行者列表从401响应与其自己的认证提供者列表进行比较。 如果两个列表之间存在匹配，则请求的应用程序将为身份验证提供程序创建自发证券。 认证提供者使用自发证令牌为请求的应用程序生成认证令牌。 如果两个应用程序之间存在直接的信任，请求应用程序也可以直接为目标伙伴应用程序创建令牌，而不需要身份验证提供程序。

公开(公告)号：WO2008011082A2

公开(公告)日：2008-01-24

申请号：PCT/US2007/016332

申请日：2007-07-18

Applicant: MICROSOFT CORPORATION

Inventor： MAXIMO, Rui Y. ,  KNUDSON, Dan A. ,  EYDELMAN, Vadim ,  SEKARAN, Mahendra

CPC classification number: H04L45/00 ,  H04L45/304 ,  H04L45/308 ,  H04Q3/66 ,  H04Q2213/13138 ,  H04Q2213/13196

Abstract: Directory services schema for telephone call management. The schema facilitates the development of call routing rules as one or more instances of one or more classes. Once created, the rules can be propagated to all other director services servers, and any subsequent updates and system changes are readily propagated to maintain optimum call system management. The rules can be stored in a routing table allowing administrators to define phone routes for various scenarios. System hardware/software changes can be managed using distinguished names and automatically propagated (or replicated) to the other directory services servers on an enterprise network. The architecture includes a schema component for generating a directory services schema, and a call routing component that routes telephone calls according to call routing rules defined by the directory services schema. The rules can be processed in combination with policies of usage attributes and phone number patterns/ranges to manage call routing.

Abstract translation: 用于电话呼叫管理的目录服务模式。 该模式有助于将呼叫路由规则发展为一个或多个类的一个或多个实例。 一旦创建，规则可以传播到所有其他主管服务服务器，并且任何后续更新和系统更改都可以被传播，以保持最佳的呼叫系统管理。 规则可以存储在路由表中，允许管理员为各种场景定义电话路由。 可以使用专有名称来管理系统硬件/软件更改，并自动传播（或复制）到企业网络上的其他目录服务服务器。 该架构包括用于生成目录服务模式的模式组件，以及根据由目录服务模式定义的呼叫路由规则来路由电话呼叫的呼叫路由组件。 规则可以与使用属性和电话号码模式/范围的策略相结合来管理呼叫路由。

公开(公告)号：WO2014134085A1

公开(公告)日：2014-09-04

申请号：PCT/US2014/018465

申请日：2014-02-26

Applicant: MICROSOFT CORPORATION

Inventor： TIDWELL, Paul ,  PITSCH, Yves ,  RAO, Deepak ,  EYDELMAN, Vadim ,  KONDEPUDI, Satya

IPC: H04L29/06 ,  G06F21/33 ,  H04L9/08

CPC classification number: H04L63/0807 ,  G06F21/335 ,  G06F21/57 ,  G06F21/629 ,  H04L65/40 ,  H04L67/02 ,  H04L67/10 ,  H04L67/1095 ,  H04L67/2814 ,  H04L67/327

Abstract: Using a small-size web ticket in connection with authenticating a user of a unified communications system. The web ticket is generated through use of a symmetric key, and is less than two hundred bytes in size. A ticket issuer executing on a first computing device generates the web ticket responsive to receiving authentication data from a client computing device, and transmits the web ticket to such client computing device. The client computing device includes the web ticket in requests for data transmitted to a second server computing device that is in communication with the ticket issuer. The second server computing device includes a validator that validates the web ticket using the symmetric key, which is shared between the first server and the second server.

Abstract translation: 使用与认证统一通信系统的用户相关联的小型网络票据。 网络票据是通过使用对称密钥生成的，小于200字节。 在第一计算设备上执行的票据发行者响应于从客户端计算设备接收认证数据而生成网络票据，并将该网络票据发送到该客户端计算设备。 客户端计算设备包括在发送到与票据发行者通信的第二服务器计算设备的数据请求中的网络票据。 第二服务器计算设备包括验证器，其使用在第一服务器和第二服务器之间共享的对称密钥来验证网络故障单。

公开(公告)号：WO2010126800A2

公开(公告)日：2010-11-04

申请号：PCT/US2010/032303

申请日：2010-04-23

Applicant: MICROSOFT CORPORATION

Inventor： KRANTZ, Anton W. ,  PARANDEKAR, Amey ,  EYDELMAN, Vadim ,  NARAYANAN, Sankaran ,  KUMAR, Namendra ,  SHETH, Sachin

IPC: H04W12/06 ,  H04W60/00

CPC classification number: H04M3/382 ,  H04L63/0823 ,  H04L63/083 ,  H04L63/20 ,  H04M3/42272 ,  H04M2201/16

Abstract: Architecture for a communications system enabling a user to provision a telephone at a new location without network administrative pre-configuring. An input component (e.g., keypad) receives a numeric extension and PIN. The extension is a telephone extension of the user and the PIN can be administratively assigned. A location component provides location information of an enterprise communications server to the telephone based on the extension. The telephone uses the location information to send messages to the enterprise communications server. A registration component registers the telephone with the enterprise communications server based on the numeric extension. A telephony address is returned to the telephone. An authentication component authenticates the telephone based on the PIN. Upon authentication, the extension is assigned to the telephone, and telephone communications can be sent and received from that location.

Abstract translation: 用于通信系统的架构，使用户能够在没有网络管理预配置的情况下在新位置配置电话。 输入组件（例如小键盘）接收数字分机和PIN码。 该分机是用户的电话分机，PIN可以被管理地分配。 位置组件基于该扩展向电话提供企业通信服务器的位置信息。 电话使用位置信息将消息发送到企业通信服务器。 注册组件根据数字分机将电话注册到企业通信服务器。 电话地址返回给电话。 验证组件根据PIN验证电话。 在认证时，将分机分配给电话，并且可以从该位置发送和接收电话通信。

公开(公告)号：WO2008033706A1

公开(公告)日：2008-03-20

申请号：PCT/US2007/077665

申请日：2007-09-05

Applicant: MICROSOFT CORPORATION

Inventor： SEKARAN, Dhigha D. ,  PIERCE, Shaun D. ,  COX, Shaun D. ,  SHOROFF, Srikanth ,  CURTIS, Pavel ,  NICHOLS, David ,  MEHTA, Bimal K. ,  EYDELMAN, Vadim ,  PARTHASARATHY, Vijay Kishen Hampapur ,  LEVIN, Orit ,  KIMCHI, Gur

IPC: H04L12/18 ,  H04L29/06

CPC classification number: H04L29/06414 ,  H04L12/18 ,  H04L12/1813 ,  H04L12/1818 ,  H04L12/1822 ,  H04L29/06027 ,  H04L29/06176 ,  H04L29/06421 ,  H04L29/06428 ,  H04L29/06442 ,  H04L29/12066 ,  H04L61/1511 ,  H04L63/08 ,  H04L63/10 ,  H04L65/403 ,  H04L65/4038 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1034 ,  H04M3/56

Abstract: Architecture for a scalable, pluggable multi-party, and distributed multimedia conferencing. A centralized policy and control conferencing component allows the seamless plug-in of different distributed media components (e.g., data, audio/video, messaging) to accommodate client participation in a conference session. The centralized conference control component includes the following: a conference notification service for accepting subscriptions to the conference state and notifying subscribers about changes to that state; a conference policy and roster control service for storing and manipulating conference policy and rosters; a security service for user authorization/authentication based on user identity information; a scheduling service for conference scheduling; an allocation service for allocating the most available media component(s) for a conference session; and, an MCU management service for conference policy and roster management of the distributed media components.

Abstract translation: 架构可扩展，可插拔的多方和分布式多媒体会议。 集中的策略和控制会议组件允许不同分布式媒体组件（例如，数据，音频/视频，消息传递）的无缝插件以适应客户端参与会议会话。 集中式会议控制组件包括：会议通知服务，用于接受会议状态的订阅，并向用户通知该状态的变化; 会议政策和名册控制服务，用于存储和操纵会议政策和名册; 基于用户身份信息的用户授权/认证的安全服务; 会议调度的调度服务; 分配服务，用于为会议会话分配最可用的媒体组件; 以及用于会议策略的MCU管理服务和分布式媒体组件的名册管理。

公开(公告)号：WO2012170316A2

公开(公告)日：2012-12-13

申请号：PCT/US2012/040638

申请日：2012-06-03

Applicant: MICROSOFT CORPORATION

Inventor： EYDELMAN, Vadim ,  NARAYANAN, Sankaran ,  KUMAR, Namendra ,  MEHTA, Bimal K.

IPC: H04M11/06

CPC classification number: H04L61/1511 ,  H04L51/28 ,  H04L61/1594 ,  H04L61/609 ,  H04L65/1006 ,  H04L65/403 ,  H04L67/02

Abstract: A communication system has a plurality of collections. Each collection comprises a security boundary within which private data is accessible. Each collection is associated with a director. The directors receive messages that specify domains. When a director for a given collection receives a message, the director identifies one of the collections as being a home collection for the domain specified by the message. If the specified domain's home collection is the given collection or another collection within a given privacy boundary, the director forwards the message to a server pool associated with the specified domain's home collection. Otherwise, if the specified domain's home collection is not within the given privacy boundary, the director forwards the message to the director of the specified domain's home collection.

Abstract translation: 通信系统具有多个集合。 每个集合包括可访问私有数据的安全边界。 每个集合都与一个董事有关。 导演收到指定域的邮件。 当给定集合的董事收到消息时，董事将其中一个集合标识为该消息指定的域的归属集合。 如果指定的域的归属集合是给定集合或给定隐私边界内的另一集合，则Director将转发该消息到与指定域的归属集合相关联的服务器池。 否则，如果指定的域的归属地址不在给定的隐私边界内，则导演将该消息转发到指定域的归属地址的主管。

公开(公告)号：WO2011087584A3

公开(公告)日：2011-07-21

申请号：PCT/US2010/057958

申请日：2010-11-24

Applicant: MICROSOFT CORPORATION

Inventor： ANANTHANARAYANAN, Krishnan ,  COX, Shaun D. ,  EYDELMAN, Vadim ,  NARAYANAN, Sankaran

IPC: H04L12/24

Abstract: A resource is located on a server using a distributed resource algorithm that is executing on each server within a cluster of servers. A request for a resource is received at a server in the cluster. The server executes the distributed resource algorithm to determine the server that owns the requested resource. The distributed resource algorithm automatically adapts itself to servers being added or removed within the cluster and is directed at evenly distributing resources across the available servers within the cluster.

公开(公告)号：WO2009061727A2

公开(公告)日：2009-05-14

申请号：PCT/US2008/082346

申请日：2008-11-04

Applicant: MICROSOFT CORPORATION

Inventor： LEVIN, Danny ,  SEKARAN, Mahendra D. ,  MEHTA, Bimal K. ,  SHEN, Li ,  EYDELMAN, Vadim ,  BENNETT, Russell P. ,  TIDWELL, Paul D. ,  RAMANATHAN, Rajesh ,  PALL, Gurdeep Singh

IPC: H04M3/493 ,  H04M3/42

CPC classification number: H04M7/121 ,  H04M3/42263 ,  H04M3/4234 ,  H04M3/465 ,  H04M2203/1091

Abstract: Independent telephony systems are integrated by using symmetric forking from both systems. Calls received by either system are forked to the other system. Thus, a call can be accepted by one of the systems, using its external interfaces, and presented to all devices in both systems. Each system is enabled to leverage internal call control advanced features to enhance overall user experience. Internally inserted parameters to call requests are used between the two systems for preventing endless loop of calls between the integrated systems.

Abstract translation:

独立电话系统通过使用来自两个系统的对称分叉而被整合。 任何一个系统收到的呼叫都被分到另一个系统。 因此，一个呼叫可被其中一个系统接受，使用其外部接口，并被呈现给两个系统中的所有设备。 每个系统都可以利用内部呼叫控制高级功能来增强整体用户体验。 在两个系统之间使用内部插入的调用请求参数来防止集成系统之间的无限循环呼叫。

公开(公告)号：EP2425645A2

公开(公告)日：2012-03-07

申请号：EP10770162.5

申请日：2010-04-23

Applicant: Microsoft Corporation

Inventor： KRANTZ, Anton W. ,  PARANDEKAR, Amey ,  EYDELMAN, Vadim ,  NARAYANAN, Sankaran ,  KUMAR, Namendra ,  SHETH, Sachin

IPC: H04W12/06 ,  H04W60/00

CPC classification number: H04M3/382 ,  H04L63/0823 ,  H04L63/083 ,  H04L63/20 ,  H04M3/42272 ,  H04M2201/16

Abstract: Architecture for a communications system enabling a user to provision a telephone at a new location without network administrative pre-configuring. An input component (e.g., keypad) receives a numeric extension and PIN. The extension is a telephone extension of the user and the PIN can be administratively assigned. A location component provides location information of an enterprise communications server to the telephone based on the extension. The telephone uses the location information to send messages to the enterprise communications server. A registration component registers the telephone with the enterprise communications server based on the numeric extension. A telephony address is returned to the telephone. An authentication component authenticates the telephone based on the PIN. Upon authentication, the extension is assigned to the telephone, and telephone communications can be sent and received from that location.