公开(公告)号：US20170302677A1

公开(公告)日：2017-10-19

申请号：US15637242

申请日：2017-06-29

Applicant: Microsoft Technology Licensing, LLC

Inventor： Rajalakshmi DANI ,  Anand Madhava MENON ,  Paul H. RICH ,  Naveen MADAN ,  Vikas AHUJA ,  Siddhartha MATHUR ,  Liqiang ZHU

IPC: H04L29/06 ,  G06F21/62

CPC classification number: H04L63/104 ,  G06F21/604 ,  G06F21/6218 ,  H04L63/08 ,  H04L63/101 ,  H04L63/102 ,  H04L63/20

Abstract: Tenant approval for operator access to tenant data is provided. In order to grant service personnel operators access to a tenant's data for performing a requested action, a lockbox determines a security group role to which an operator needs to be elevated to perform a requested action, computes a set of internal administrators and tenant administrators authorized to grant a temporary role elevation, and sends an access control request to the administrators. Upon receiving approval of the access control request from an internal administrator and a tenant administrator, the lockbox elevates the operator to the security group role, granting the operator a set of permissions needed in order to allow the operator to perform the requested action. Accordingly, tenants are enabled to control access to their data and scrutinize access requests per their company procedures and compliance needs.

公开(公告)号：US20170264505A1

公开(公告)日：2017-09-14

申请号：US15604184

申请日：2017-05-24

Applicant: Microsoft Technology Licensing, LLC

Inventor： Raghu KOLLURU ,  David Nunez TEJERINA ,  Siddhartha MATHUR ,  James KLEEWEIN ,  Adrian HAMZA ,  Ozan OZHAN

IPC: H04L12/24 ,  H04L29/08 ,  G06F11/34

CPC classification number: H04L41/5035 ,  G06F11/3419 ,  G06F11/3476 ,  G06F2201/865 ,  G06F2201/87 ,  H04L67/22

Abstract: Techniques to track resource usage statistics per transaction across multiple layers of protocols and across multiple threads, processes and/or devices are disclosed. In one embodiment, for example, a technique may comprise assigning an activity context to a request at the beginning of a first stage, where the activity context has an initial set of properties. The values of the properties may be assigned to the properties in the initial set during the first stage. The value of a property may be stored on a data store local to the first stage. The activity context may be transferred to a second stage when the request begins the second stage. The transferred activity context may include a property from the initial set of properties. The stored values may be analyzed to determine a resource usage statistic. Other embodiments are described and claimed.