-
公开(公告)号:US20220215106A1
公开(公告)日:2022-07-07
申请号:US17141542
申请日:2021-01-05
Applicant: VMware, Inc.
Inventor: Simon Brooks , Hemant Sahani , Lucas Chen , Josh Olson
Abstract: Examples for determining access to restricted features of an application are disclosed. A current working status of a user account and an access policy can be analyzed to determine whether access to the restricted feature should be granted or denied. The functionality can be provided by a library bundled within an application.
-
公开(公告)号:US20180157433A1
公开(公告)日:2018-06-07
申请号:US15442239
申请日:2017-02-24
Applicant: VMware, Inc.
Inventor: Kishore Sajja , Lucas Chen , Raghuram Rajan , Anuj Panwar , Sandeep Naga Kaipu , Rajiv Singh
Abstract: To extend a sign on session among applications, an inter-application workflow request can be initiated from a first to a second application. The workflow request can identify one or more memory locations in a shared memory for secure data transfer between the applications. The first application can then monitor the memory locations for the presence of a public key stored in shared memory by the second application in response to the workflow request. Once the public key is present in the shared memory, the first application can retrieve and use it to encrypt an access interval key. The encrypted access interval key can then be stored in the shared memory for retrieval by the second application. The access interval key is associated with a sign on session of the first application, and the second application can retrieve and decrypt it to extend the sign on session to the second application.
-
公开(公告)号:US20200092374A1
公开(公告)日:2020-03-19
申请号:US16133159
申请日:2018-09-17
Applicant: VMware, Inc.
Inventor: Nikhil Mehta , Sanjay Satagopan , Ali Mohsin , Simon Brooks , Ryan Turner , Lucas Chen
Abstract: Examples herein describe systems and methods for on-device, application-specific compliance enforcement. An example method can include receiving, at a user device, an application having a compliance engine. The user device can also store a compliance rule that applies to the received application. The compliance rule can specify a condition and a remedial action for the application. The user device can execute the application. The application can determine, using the compliance engine within the application, whether the condition is present. The determination can be made regardless of whether the device has internet or cellular connectivity. Based on determining that the condition is present, the application can perform the remedial action.
-
公开(公告)号:US10469478B2
公开(公告)日:2019-11-05
申请号:US15442239
申请日:2017-02-24
Applicant: VMware, Inc.
Inventor: Kishore Sajja , Lucas Chen , Raghuram Rajan , Anuj Panwar , Sandeep Naga Kaipu , Rajiv Singh
Abstract: To extend a sign on session among applications, an inter-application workflow request can be initiated from a first to a second application. The workflow request can identify one or more memory locations in a shared memory for secure data transfer between the applications. The first application can then monitor the memory locations for the presence of a public key stored in shared memory by the second application in response to the workflow request. Once the public key is present in the shared memory, the first application can retrieve and use it to encrypt an access interval key. The encrypted access interval key can then be stored in the shared memory for retrieval by the second application. The access interval key is associated with a sign on session of the first application, and the second application can retrieve and decrypt it to extend the sign on session to the second application.
-
公开(公告)号:US20200228528A1
公开(公告)日:2020-07-16
申请号:US16244157
申请日:2019-01-10
Applicant: VMware, Inc.
Inventor: Lucas Chen , Sanjay Satagopan , Raghuram Rajan , Rajiv Singh
Abstract: Software development kit (“SDK”) applications may be implemented with user data on an enterprise end-user or shared device subsequent to a single check-out process on the device. A user profile and a context ID for a user can be accessed based on user provided credentials. An agent application can set a value of an agent context ID to a server context ID corresponding to the context ID for the user profile. A status of a local context ID (“LCID”) of an SDK application can be determined in response to an application launch. Using the LCD, a context ID comparison can be performed on the device with a value of a context ID from one of the SDK application, the server, and the agent application based on the LCID status. The SDK application can be implemented with user specific user data obtained from one of the SDK application and the agent application based on a result of the context ID comparison.
-
Patent Agency Ranking
公开(公告)号:US10447681B2
公开(公告)日:2019-10-15
申请号:US15442175
申请日:2017-02-24
Applicant: VMware, Inc.
Inventor: Kishore Sajja , Lucas Chen , Raghuram Rajan , Anuj Panwar , Sandeep Naga Kaipu , Rajiv Singh
Abstract: To establish a sign on session among single sign on (SSO)-enabled applications, a user can be prompted by an application for an access code. An access interval key can be generated using a key derivative function based on the access code. The access interval key can be considered a session key, and it can be used during a valid SSO session to decrypt a master key stored in a shared memory. In turn, the master key can be used to encrypt and decrypt the contents of the shared memory. To securely distribute the access interval key among the SSO-enabled applications during a current session, individual SSO-enabled applications can each store a public key in the shared memory. The access interval key can then be encrypted, respectively, by the public keys of the SSO-enabled applications and stored in the shared memory to be retrieved securely by the SSO-enabled applications.
-
公开(公告)号:US12093428B2
公开(公告)日:2024-09-17
申请号:US17141542
申请日:2021-01-05
Applicant: VMware, Inc.
Inventor: Simon Brooks , Hemant Sahani , Lucas Chen , Josh Olson
CPC classification number: G06F21/629 , G06F21/51 , G06F21/54 , G06F2221/032 , G06F2221/2141
Abstract: Examples for determining access to restricted features of an application are disclosed. A current working status of a user account and an access policy can be analyzed to determine whether access to the restricted feature should be granted or denied. The functionality can be provided by a library bundled within an application.
-
公开(公告)号:US11818127B2
公开(公告)日:2023-11-14
申请号:US17244629
申请日:2021-04-29
Applicant: VMware, Inc.
Inventor: Lucas Chen , Sanjay Satagopan , Raghuram Rajan , Rajiv Singh
CPC classification number: H04L63/0884 , G06F21/602 , H04L9/0637 , H04L63/0815 , H04L63/0876 , H04L9/50
Abstract: Software development kit (“SDK”) applications may be implemented with user data on an enterprise end-user or shared device subsequent to a single check-out process on the device. A user profile and a context ID for a user can be accessed based on user provided credentials. An agent application can set a value of an agent context ID to a server context ID corresponding to the context ID for the user profile. A status of a local context ID (“LCID”) of an SDK application can be determined in response to an application launch. Using the LCD, a context ID comparison can be performed on the device with a value of a context ID from one of the SDK application, the server, and the agent application based on the LCID status. The SDK application can be implemented with user specific user data obtained from one of the SDK application and the agent application based on a result of the context ID comparison.
-
公开(公告)号:US11799868B2
公开(公告)日:2023-10-24
申请号:US17327176
申请日:2021-05-21
Applicant: VMware, Inc.
Inventor: Lucas Chen , Sanjay Satagopan , Raghuram Rajan , Rajiv Singh
CPC classification number: H04L63/102 , G06F8/70 , H04L9/0637 , H04L9/321 , H04L63/0884 , H04L9/50
Abstract: Software development kit (“SDK”) applications may be implemented with user data on an enterprise end-user or shared device subsequent to a single check-out process on the device. A user profile and a context ID for a user can be accessed based on user provided credentials. An SDK application can be identified as one application of an application cluster including at least two applications. A status of a local context ID (“LCID”) of the SDK application can be determined, and a value for the LCID can be established based on the status and a value of a comparison context ID obtained from a server or an agent application. The LCID and a context ID for a keychain for the application cluster can be compared, and the SDK application can be implemented with user specific user data obtained from the agent application or the keychain based on a result of the comparison.
-
公开(公告)号:US11275858B2
公开(公告)日:2022-03-15
申请号:US16537653
申请日:2019-08-12
Applicant: VMWARE, INC.
Inventor: Lucas Chen , Gaurav Arora , Evan Hurst , Nicholas Grivas , Nicholas Brouillette , Jubin Benny , Jason Ruby , Eugene Liderman , Hemant Sahani
IPC: G06F21/00 , G06F21/62 , G06F21/33 , H04W12/06 , H04L9/00 , G06F40/171 , G06F40/174
Abstract: Disclosed are various approaches for encrypting documents using mobile devices. A first application receives, from a second application a file and an identifier of a user account. The first application then sends a request for a certificate to a certificate authority and receives a certificate in response. The file is then encrypted using the certificate, and the encrypted file is returned to the second application. The second application can identify the user account as the recipient of a file. Then, the second application can send an encryption request that includes the identifier of the user account and the file to the first application. In response to the request, the second application receives the encrypted file and then provides the encrypted file to the recipient.
-
-
-
-
-
-
-
-
-
Search Results
19
records
(took 0.077 seconds)
