-
公开(公告)号:US20180157433A1
公开(公告)日:2018-06-07
申请号:US15442239
申请日:2017-02-24
Applicant: VMware, Inc.
Inventor: Kishore Sajja , Lucas Chen , Raghuram Rajan , Anuj Panwar , Sandeep Naga Kaipu , Rajiv Singh
Abstract: To extend a sign on session among applications, an inter-application workflow request can be initiated from a first to a second application. The workflow request can identify one or more memory locations in a shared memory for secure data transfer between the applications. The first application can then monitor the memory locations for the presence of a public key stored in shared memory by the second application in response to the workflow request. Once the public key is present in the shared memory, the first application can retrieve and use it to encrypt an access interval key. The encrypted access interval key can then be stored in the shared memory for retrieval by the second application. The access interval key is associated with a sign on session of the first application, and the second application can retrieve and decrypt it to extend the sign on session to the second application.
-
公开(公告)号:US20200228528A1
公开(公告)日:2020-07-16
申请号:US16244157
申请日:2019-01-10
Applicant: VMware, Inc.
Inventor: Lucas Chen , Sanjay Satagopan , Raghuram Rajan , Rajiv Singh
Abstract: Software development kit (“SDK”) applications may be implemented with user data on an enterprise end-user or shared device subsequent to a single check-out process on the device. A user profile and a context ID for a user can be accessed based on user provided credentials. An agent application can set a value of an agent context ID to a server context ID corresponding to the context ID for the user profile. A status of a local context ID (“LCID”) of an SDK application can be determined in response to an application launch. Using the LCD, a context ID comparison can be performed on the device with a value of a context ID from one of the SDK application, the server, and the agent application based on the LCID status. The SDK application can be implemented with user specific user data obtained from one of the SDK application and the agent application based on a result of the context ID comparison.
-
公开(公告)号:US10447681B2
公开(公告)日:2019-10-15
申请号:US15442175
申请日:2017-02-24
Applicant: VMware, Inc.
Inventor: Kishore Sajja , Lucas Chen , Raghuram Rajan , Anuj Panwar , Sandeep Naga Kaipu , Rajiv Singh
Abstract: To establish a sign on session among single sign on (SSO)-enabled applications, a user can be prompted by an application for an access code. An access interval key can be generated using a key derivative function based on the access code. The access interval key can be considered a session key, and it can be used during a valid SSO session to decrypt a master key stored in a shared memory. In turn, the master key can be used to encrypt and decrypt the contents of the shared memory. To securely distribute the access interval key among the SSO-enabled applications during a current session, individual SSO-enabled applications can each store a public key in the shared memory. The access interval key can then be encrypted, respectively, by the public keys of the SSO-enabled applications and stored in the shared memory to be retrieved securely by the SSO-enabled applications.
-
公开(公告)号:US10469478B2
公开(公告)日:2019-11-05
申请号:US15442239
申请日:2017-02-24
Applicant: VMware, Inc.
Inventor: Kishore Sajja , Lucas Chen , Raghuram Rajan , Anuj Panwar , Sandeep Naga Kaipu , Rajiv Singh
Abstract: To extend a sign on session among applications, an inter-application workflow request can be initiated from a first to a second application. The workflow request can identify one or more memory locations in a shared memory for secure data transfer between the applications. The first application can then monitor the memory locations for the presence of a public key stored in shared memory by the second application in response to the workflow request. Once the public key is present in the shared memory, the first application can retrieve and use it to encrypt an access interval key. The encrypted access interval key can then be stored in the shared memory for retrieval by the second application. The access interval key is associated with a sign on session of the first application, and the second application can retrieve and decrypt it to extend the sign on session to the second application.
-
公开(公告)号:US20210281574A1
公开(公告)日:2021-09-09
申请号:US17327176
申请日:2021-05-21
Applicant: VMware, Inc
Inventor: Lucas Chen , Sanjay Satagopan , Raghuram Rajan , Rajiv Singh
Abstract: Software development kit (“SDK”) applications may be implemented with user data on an enterprise end-user or shared device subsequent to a single check-out process on the device. A user profile and a context ID for a user can be accessed based on user provided credentials. An SDK application can be identified as one application of an application cluster including at least two applications. A status of a local context ID (“LCID”) of the SDK application can be determined, and a value for the LCID can be established based on the status and a value of a comparison context ID obtained from a server or an agent application. The LCID and a context ID for a keychain for the application cluster can be compared, and the SDK application can be implemented with user specific user data obtained from the agent application or the keychain based on a result of the comparison.
-
Patent Agency Ranking
公开(公告)号:US20210266317A1
公开(公告)日:2021-08-26
申请号:US17244629
申请日:2021-04-29
Applicant: VMware, Inc.
Inventor: Lucas Chen , Sanjay Satagopan , Raghuram Rajan , Rajiv Singh
Abstract: Software development kit (“SDK”) applications may be implemented with user data on an enterprise end-user or shared device subsequent to a single check-out process on the device. A user profile and a context ID for a user can be accessed based on user provided credentials. An agent application can set a value of an agent context ID to a server context ID corresponding to the context ID for the user profile. A status of a local context ID (“LCID”) of an SDK application can be determined in response to an application launch. Using the LCD, a context ID comparison can be performed on the device with a value of a context ID from one of the SDK application, the server, and the agent application based on the LCID status. The SDK application can be implemented with user specific user data obtained from one of the SDK application and the agent application based on a result of the context ID comparison.
-
公开(公告)号:US20200228534A1
公开(公告)日:2020-07-16
申请号:US16245210
申请日:2019-01-10
Applicant: VMware, Inc
Inventor: Lucas Chen , Sanjay Satagopan , Raghuram Rajan , Rajiv Singh
Abstract: Software development kit (“SDK”) applications may be implemented with user data on an enterprise end-user or shared device subsequent to a single check-out process on the device. A user profile and a context ID for a user can be accessed based on user provided credentials. An SDK application can be identified as one application of an application cluster including at least two applications. A status of a local context ID (“LCID”) of the SDK application can be determined, and a value for the LCID can be established based on the status and a value of a comparison context ID obtained from a server or an agent application. The LCID and a context ID for a keychain for the application cluster can be compared, and the SDK application can be implemented with user specific user data obtained from the agent application or the keychain based on a result of the comparison.
-
公开(公告)号:US20200014681A1
公开(公告)日:2020-01-09
申请号:US16571466
申请日:2019-09-16
Applicant: VMware, Inc.
Inventor: Kishore Sajja , Lucas Chen , Raghuram Rajan , Anuj Panwar , Sandeep Naga Kaipu , Rajiv Singh
Abstract: Aspects of providing single sign on (SSO) sessions are described. An access interval key is generated using an access code as a seed to a key derivative function. The access interval key is encrypted using a public key of an SSO-enabled application to generate an encrypted access interval key for a sign on session. The sign on session is established by storing the encrypted access interval key in a memory location of an SSO session map shared by SSO-enabled applications.
-
公开(公告)号:US20180159843A1
公开(公告)日:2018-06-07
申请号:US15442175
申请日:2017-02-24
Applicant: VMware, Inc.
Inventor: Kishore Sajja , Lucas Chen , Raghuram Rajan , Anuj Panwar , Sandeep Naga Kaipu , Rajiv Singh
CPC classification number: H04L63/0815 , G06F3/0622 , G06F3/0659 , G06F3/067 , H04L9/0825 , H04L9/0894 , H04L63/0442
Abstract: To establish a sign on session among single sign on (SSO)-enabled applications, a user can be prompted by an application for an access code. An access interval key can be generated using a key derivative function based on the access code. The access interval key can be considered a session key, and it can be used during a valid SSO session to decrypt a master key stored in a shared memory. In turn, the master key can be used to encrypt and decrypt the contents of the shared memory. To securely distribute the access interval key among the SSO-enabled applications during a current session, individual SSO-enabled applications can each store a public key in the shared memory. The access interval key can then be encrypted, respectively, by the public keys of the SSO-enabled applications and stored in the shared memory to be retrieved securely by the SSO-enabled applications.
-
公开(公告)号:US11818127B2
公开(公告)日:2023-11-14
申请号:US17244629
申请日:2021-04-29
Applicant: VMware, Inc.
Inventor: Lucas Chen , Sanjay Satagopan , Raghuram Rajan , Rajiv Singh
CPC classification number: H04L63/0884 , G06F21/602 , H04L9/0637 , H04L63/0815 , H04L63/0876 , H04L9/50
Abstract: Software development kit (“SDK”) applications may be implemented with user data on an enterprise end-user or shared device subsequent to a single check-out process on the device. A user profile and a context ID for a user can be accessed based on user provided credentials. An agent application can set a value of an agent context ID to a server context ID corresponding to the context ID for the user profile. A status of a local context ID (“LCID”) of an SDK application can be determined in response to an application launch. Using the LCD, a context ID comparison can be performed on the device with a value of a context ID from one of the SDK application, the server, and the agent application based on the LCID status. The SDK application can be implemented with user specific user data obtained from one of the SDK application and the agent application based on a result of the context ID comparison.
-
-
-
-
-
-
-
-
-
Search Results
14
records
(took 0.018 seconds)
