公开(公告)号：US20210126835A1

公开(公告)日：2021-04-29

申请号：US17140593

申请日：2021-01-04

Applicant: VMware, Inc.

Inventor： Stephen Turner ,  Daniel E. Zeck ,  Simon Brooks

IPC: H04L12/24 ,  H04L29/06 ,  H04L29/08

Abstract: Disclosed are various examples for Internet of Things (IoT) device discovery and deployment. In some embodiments, a device identifier is received from an IoT device. The IoT device is determined, based on the device identifier, to be associated with a device account with a management service. An enrollment of the IoT device is performed. A capabilities declaration is received from the IoT device. IoT device instructions are determined based on the capabilities declaration. IoT device instructions are transmitted to the IoT device, causing it to perform a capability specified in the capabilities declaration.

公开(公告)号：US10887180B2

公开(公告)日：2021-01-05

申请号：US16190524

申请日：2018-11-14

Applicant: VMware, Inc.

Inventor： Stephen Turner ,  Daniel E. Zeck ,  Simon Brooks

IPC: H04L12/24 ,  H04L29/06 ,  H04L29/08 ,  G06F3/0484 ,  G06F3/0482

Abstract: Disclosed are various examples for Internet of Things (IoT) device discovery and deployment. In some embodiments, a device identifier is received from an IoT device. The IoT device is determined, based on the device identifier, to be associated with a device account with a management service. An enrollment of the IoT device is performed. A capabilities declaration is received from the IoT device. IoT device instructions are determined based on the capabilities declaration. IoT device instructions are transmitted to the IoT device, causing it to perform a capability specified in the capabilities declaration.

公开(公告)号：US20190068568A1

公开(公告)日：2019-02-28

申请号：US15685094

申请日：2017-08-24

Applicant: VMware, Inc.

Inventor： Eugene Liderman ,  Jonathon Deriso ,  William Thomas Hooper ,  Sagar Date ,  Tejas Mehrotra ,  Stephen Turner ,  Amogh Datar ,  Dipanshu Gupta

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/08

Abstract: Disclosed are various examples for distributed profile and key management. In one example, a management service can generate a partially populated device profile and provide the partially populated device profile to a client application executable on a client device. The client application can generate a credential and insert the credential into the partially populated device profile to generate a fully populated device profile. The credential can be shared with at least one other client application on the client device. The management service can use the fully populated device profile to generate multiple profiles that rely on a single credential, such as a single X.509 security certificate.

公开(公告)号：US20180285172A1

公开(公告)日：2018-10-04

申请号：US15470984

申请日：2017-03-28

Applicant: VMware, Inc.

Inventor： Stephen Turner ,  Sandeep Naga Kaipu ,  Dipanshu Gupta

IPC: G06F9/54 ,  G06F9/445 ,  G06F21/62

Abstract: Disclosed are various examples for exchanging data between applications installed on a mobile device. An app-to-app messaging protocol is provided that an application developer can leverage to exchange information with other applications without the application developer needing to fully implement the protocol.

公开(公告)号：US11443023B2

公开(公告)日：2022-09-13

申请号：US15685299

申请日：2017-08-24

Applicant: VMware, Inc.

Inventor： Eugene Liderman ,  Jonathon Deriso ,  William Thomas Hooper ,  Sagar Date ,  Tejas Mehrotra ,  Stephen Turner ,  Amogh Datar ,  Dipanshu Gupta

IPC: G06F21/34 ,  H04W12/06 ,  H04L9/40 ,  H04L9/32 ,  G06F21/33 ,  H04W12/04

Abstract: Disclosed are various examples for distributed profile and key management. In one example, a client device can include an agent application and a PIV-D application. The agent application can receive a partially populated device profile generated by a management service to configure a setting on the client device. The PIV-D application can generate a derived credential and provide the derived credential to the agent application. The agent application can modify the partially populated device profile to include the credential to create a fully populated device profile and configure the client device in accordance with the fully populated device profile.

公开(公告)号：US10992656B2

公开(公告)日：2021-04-27

申请号：US15685094

申请日：2017-08-24

Applicant: VMware, Inc.

Inventor： Eugene Liderman ,  Jonathon Deriso ,  William Thomas Hooper ,  Sagar Date ,  Tejas Mehrotra ,  Stephen Turner ,  Amogh Datar ,  Dipanshu Gupta

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/08

Abstract: Disclosed are various examples for distributed profile and key management. In one example, a management service can generate a partially populated device profile and provide the partially populated device profile to a client application executable on a client device. The client application can generate a credential and insert the credential into the partially populated device profile to generate a fully populated device profile. The credential can be shared with at least one other client application on the client device. The management service can use the fully populated device profile to generate multiple profiles that rely on a single credential, such as a single X.509 security certificate.

公开(公告)号：US11736529B2

公开(公告)日：2023-08-22

申请号：US17331709

申请日：2021-05-27

Applicant: VMware, Inc.

Inventor： Eugene Liderman ,  Stephen Turner ,  Simon Brooks

IPC: H04L9/40 ,  H04W12/63 ,  G06F21/62

CPC classification number: H04L63/20 ,  G06F21/629 ,  H04L63/0838 ,  H04L63/0861 ,  H04W12/63

Abstract: Disclosed are various examples that relate to adjusting a stringency of offline policy restrictions based on a situational context of a computing device. In one example, a system can receive an offline restriction policy for an application. The system can identify a request to execute an application during the offline period of time. A situational context of the computing device can be determined. A first application restriction can be enforced for the application on the computing device based on the identification of the computing device being in the offline period of time and the situational context. A change in the situational context of the computing device can be identified during the offline period of time based on a detection of a second condition. A second application restriction can be enforced for the application on the computing device during the offline period of time.

公开(公告)号：US11509537B2

公开(公告)日：2022-11-22

申请号：US17140593

申请日：2021-01-04

Applicant: VMware, Inc.

Inventor： Stephen Turner ,  Daniel E. Zeck ,  Simon Brooks

IPC: H04L41/12 ,  H04L9/40 ,  H04L67/12 ,  G06F3/0484 ,  G06F3/0482

Abstract: Disclosed are various examples for Internet of Things (IoT) device discovery and deployment. In some embodiments, a device identifier is received from an IoT device. The IoT device is determined, based on the device identifier, to be associated with a device account with a management service. An enrollment of the IoT device is performed. A capabilities declaration is received from the IoT device. IoT device instructions are determined based on the capabilities declaration. IoT device instructions are transmitted to the IoT device, causing it to perform a capability specified in the capabilities declaration.

公开(公告)号：US20210289002A1

公开(公告)日：2021-09-16

申请号：US17331709

申请日：2021-05-27

Applicant: VMware, Inc.

Inventor： Eugene Liderman ,  Stephen Turner ,  Simon Brooks

IPC: H04L29/06

Abstract: Disclosed are various examples that relate to adjusting a stringency of offline policy restrictions based on a situational context of a computing device. In one example, a system can receive an offline restriction policy for an application. The system can identify a request to execute an application during the offline period of time. A situational context of the computing device can be determined. A first application restriction can be enforced for the application on the computing device based on the identification of the computing device being in the offline period of time and the situational context. A change in the situational context of the computing device can be identified during the offline period of time based on a detection of a second condition. A second application restriction can be enforced for the application on the computing device during the offline period of time.

公开(公告)号：US11050791B2

公开(公告)日：2021-06-29

申请号：US16019950

申请日：2018-06-27

Applicant: VMware, Inc.

Inventor： Eugene Liderman ,  Stephen Turner ,  Simon Brooks

IPC: H04L29/06

Abstract: Disclosed are various examples that relate to adjusting a stringency of offline policy restrictions based on a situational context of a computing device. In one example, a system can receive an offline restriction policy for an application. The offline restriction policy comprises one or more rules that are associated with one or more actions. The system can cause the one or more actions to be performed during an offline period of time in an instance in which one of the rules is satisfied. The offline period of time representing time periods when the system does not have a network connection with a management system. The system can cause a first authentication action to be performed in an instance in which a first condition of the system satisfies a first rule. The system can also cause a second authentication action to be performed in an instance in which a second condition of the system satisfies a second rule.