公开(公告)号：US20140109174A1

公开(公告)日：2014-04-17

申请号：US14029088

申请日：2013-09-17

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  Zhongmin Lang ,  Nitin Desai ,  James Robert Walker

IPC: H04L29/06

CPC classification number: H04L63/0807 ,  G06F21/31 ,  G06F2221/2105 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/0815 ,  H04L63/20 ,  H04W12/06 ,  H04W12/08

Abstract: Various aspects of the disclosure relate to providing a per-application policy-controlled virtual private network (VPN) tunnel. In some embodiments, tickets may be used to provide access to an enterprise resource without separate authentication of the application and, in some instances, can be used in such a manner as to provide a seamless experience to the user when reestablishing a per-application policy controlled VPN tunnel during the lifetime of the ticket. Additional aspects relate to an access gateway providing updated policy information and tickets to a mobile device. Other aspects relate to selectively wiping the tickets from a secure container of the mobile device. Yet further aspects relate to operating applications in multiple modes, such as a managed mode and an unmanaged mode, and providing authentication-related services based on one or more of the above aspects.

Abstract translation: 本公开的各个方面涉及提供每应用程序策略控制的虚拟专用网（VPN）隧道。 在一些实施例中，票据可以用于提供对企业资源的访问，而不需要对应用的单独认证，并且在某些情况下可以以这样的方式使用，以便在重新建立每个应用程序策略时向用户提供无缝体验 在票的生命周期内控制VPN隧道。 另外的方面涉及提供对移动设备的更新的策略信息和故障单的接入网关。 其他方面涉及从移动设备的安全容器中选择性地擦拭票据。 另外的方面涉及在诸如管理模式和非托管模式的多种模式中的操作应用，以及基于上述方面中的一个或多个来提供与认证相关的服务。

公开(公告)号：US20140108794A1

公开(公告)日：2014-04-17

申请号：US14041911

申请日：2013-09-30

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  Zhongmin Lang ,  Nitin Desai ,  James Robert Walker

IPC: G06F21/62

CPC classification number: G06F21/602 ,  G06F21/60 ,  G06F21/6218 ,  G06F21/88 ,  G06F2221/2143 ,  H04L63/0428 ,  H04L67/10 ,  H04W12/06 ,  H04W12/08

Abstract: Various aspects of the disclosure relate to providing secure containers or data vaults for data of one or more managed applications. In some embodiments, each managed application may be assigned its own private data vault and/or may be assigned a shared data vault that is accessible to at least one other managed application. As the managed application executes, calls for access to the data may be intercepted and redirected to the secure containers. Data stored in a secure container may be encrypted according to a policy. Other aspects relate to deleting data from a secure container, such as via a selective wipe of data associated with a managed application. Further aspects relate to configuring and creating the secure containers, retrieving key information required to encrypt/decrypt the data stored in the secure containers, and publishing the managed applications, policy information and key information for download to a mobile device.

Abstract translation: 本公开的各个方面涉及为一个或多个被管理应用的数据提供安全容器或数据保管库。 在一些实施例中，可以向每个被管理的应用分配其自己的专用数据保险库和/或可以分配可由至少一个其他被管理应用访问的共享数据保险库。 随着托管应用程序的执行，对数据访问的调用可能被拦截并重定向到安全容器。 存储在安全容器中的数据可以根据策略进行加密。 其他方面涉及从安全容器中删除数据，例如经由与被管理应用相关联的数据的选择性擦除。 其他方面涉及配置和创建安全容器，检索加密/解密存储在安全容器中的数据所需的密钥信息，以及发布被管理应用，策略信息和用于下载的移动设备的密钥信息。

公开(公告)号：US20140040978A1

公开(公告)日：2014-02-06

申请号：US14044972

申请日：2013-10-03

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  James Robert Walker ,  Nitin Desai ,  Zhongmin Lang

IPC: H04L29/06

CPC classification number: H04L63/20 ,  G06F21/604 ,  G06F21/72 ,  G06F2221/2111 ,  H04W12/06 ,  H04W12/08

Abstract: Improved techniques for managing enterprise applications on mobile devices are described herein. Each enterprise mobile application running on the mobile device has an associated policy through which it interacts with its environment. The policy selectively blocks or allows activities involving the enterprise application in accordance with rules established by the enterprise. Together, the enterprise applications running on the mobile device form a set of managed applications. Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications, such as the user's own personal applications. Policies may be defined to manage data sharing, mobile resource management, application specific information, networking and data access solutions, device cloud and transfer, dual mode application software, enterprise app store access, and virtualized application and resources, among other things.

公开(公告)号：US10965734B2

公开(公告)日：2021-03-30

申请号：US16295273

申请日：2019-03-07

Applicant: Citrix Systems, Inc.

Inventor： Zhongmin Lang ,  Gary Barton ,  Nitin Desai ,  James R. Walker

IPC: H04L29/08 ,  G06F9/46 ,  G06F21/51 ,  H04L29/06 ,  H04W12/08 ,  H04W12/00 ,  H04W12/02

Abstract: A method and system for managing an application with multiple modes are described. A device manager that manages a mobile device may monitor the mobile device. The device manager may detect that a first type of application that runs in a managed mode (or in multiple managed modes) and an unmanaged mode is installed on the mobile device. When the application is executed on the device, the application executes in accordance with the selected application mode, e.g., based on location, user, role, industry presence, or other predefined context.

公开(公告)号：US20200293364A1

公开(公告)日：2020-09-17

申请号：US16887054

申请日：2020-05-29

Applicant: Citrix Systems, Inc.

Inventor： Nitin Desai ,  Zhongmin Lang

IPC: G06F9/46 ,  H04W12/08 ,  H04L29/08

Abstract: Methods, systems, computer-readable media, and apparatuses for providing mobile application management (MAM) functionalities are presented. In some embodiments, a mobile device may initialize a partially managed application associated with a first managed user account and an unmanaged user account. The mobile device may execute first managed tasks associated with the first managed user account in accordance with a first set of MAM policies provided by a first MAM service provider. The mobile device may execute unmanaged tasks associated with the unmanaged account independent of the first set of MAM policies. In some embodiments, the mobile device may initialize the multi-account managed application associated with a second managed user account.

公开(公告)号：US10713087B2

公开(公告)日：2020-07-14

申请号：US15357363

申请日：2016-11-21

Applicant: Citrix Systems, Inc.

Inventor： Nitin Desai ,  Zhongmin Lang

IPC: G06F9/46 ,  H04L29/08 ,  G06F9/48 ,  G06F21/60 ,  H04L29/06 ,  H04W12/08

Abstract: Methods, systems, computer-readable media, and apparatuses for providing mobile application management (MAM) functionalities are presented. In some embodiments, a mobile device may initialize a partially managed application associated with a first managed user account and an unmanaged user account. The mobile device may execute first managed tasks associated with the first managed user account in accordance with a first set of MAM policies provided by a first MAM service provider. The mobile device may execute unmanaged tasks associated with the unmanaged account independent of the first set of MAM policies. In some embodiments, the mobile device may initialize the multi-account managed application associated with a second managed user account.

公开(公告)号：US10545748B2

公开(公告)日：2020-01-28

申请号：US15957642

申请日：2018-04-19

Applicant: Citrix Systems, Inc.

Inventor： James Walker ,  Zhongmin Lang ,  Gary Barton ,  Vipin Aravindakshan

IPC: G06F9/445 ,  G06F8/61 ,  G06F8/52 ,  G06F8/72 ,  G06F8/76 ,  G06F21/33 ,  G06F21/53 ,  G06F21/57 ,  G06F8/30 ,  G06F8/34 ,  G06F3/0484 ,  G06F8/41 ,  G06F8/71 ,  H04W24/02

Abstract: Methods and systems are disclosed for providing approaches to generating managed applications from unmanaged applications on a mobile device. The methods and systems may include storing, by a mobile device in a memory of the mobile device, one or more unmanaged applications each comprising a corresponding application bundle and decoding, by the mobile device, the retrieved application bundle corresponding to the first unmanaged application. The methods and systems may also include modifying, by the mobile device, the decoded application bundle corresponding to the first unmanaged application by adding a set of one or more policy-based control instructions, compiling, by the mobile device, the modified application bundle to generate a first managed application, the first managed application being configured to operate in accordance with the set of one or more policy-based control instructions, and providing, by the mobile device, the first managed application.

公开(公告)号：US10476885B2

公开(公告)日：2019-11-12

申请号：US15057314

申请日：2016-03-01

Applicant: Citrix Systems, Inc.

Inventor： Zhongmin Lang ,  Gary Barton

IPC: H04L29/06 ,  G06F11/30 ,  G06F9/455 ,  H04W12/08 ,  H04W12/00

Abstract: A method and system for operating an application with multiple modes are described. A plurality of applications may be presented to a user on a mobile device and one of the displayed applications may be selected. The selected application may have one or more contexts that are determined based on one or more operational parameters. For example, a context for the selected application may be that the application is configured to access an enterprise account. Based on the context, the selected application may be run on the mobile device in one of a plurality of operations modes. The operation modes may comprise managed, unmanaged, and partially managed modes, among others.

公开(公告)号：US20190208003A1

公开(公告)日：2019-07-04

申请号：US16295273

申请日：2019-03-07

Applicant: Citrix Systems, Inc.

Inventor： Zhongmin Lang ,  Gary Barton ,  Nitin Desai ,  James R. Walker

IPC: H04L29/08 ,  H04W12/08 ,  H04L29/06 ,  G06F9/46 ,  G06F21/51

CPC classification number: H04L67/10 ,  G06F9/468 ,  G06F21/51 ,  H04L63/105 ,  H04L63/20 ,  H04W12/0027 ,  H04W12/02 ,  H04W12/08

Abstract: A method and system for managing an application with multiple modes are described. A device manager that manages a mobile device may monitor the mobile device. The device manager may detect that a first type of application that runs in a managed mode (or in multiple managed modes) and an unmanaged mode is installed on the mobile device. When the application is executed on the device, the application executes in accordance with the selected application mode, e.g., based on location, user, role, industry presence, or other predefined context.

公开(公告)号：US09971585B2

公开(公告)日：2018-05-15

申请号：US14752132

申请日：2015-06-26

Applicant: Citrix Systems, Inc.

Inventor： James Walker ,  Zhongmin Lang ,  Gary Barton ,  Vipin Aravindakshan

IPC: G06F9/44 ,  G06F9/445 ,  G06F9/45 ,  G06F21/33 ,  G06F21/53 ,  G06F21/57 ,  G06F3/0484 ,  H04W24/02

CPC classification number: G06F8/61 ,  G06F3/04842 ,  G06F8/30 ,  G06F8/316 ,  G06F8/34 ,  G06F8/41 ,  G06F8/52 ,  G06F8/62 ,  G06F8/71 ,  G06F8/72 ,  G06F8/76 ,  G06F21/33 ,  G06F21/53 ,  G06F21/57 ,  H04W24/02

Abstract: Methods and systems are disclosed for providing approaches to generating managed applications from unmanaged applications on a mobile device. The methods and systems may include storing, by a mobile device in a memory of the mobile device, one or more unmanaged applications each comprising a corresponding application bundle and decoding, by the mobile device, the retrieved application bundle corresponding to the first unmanaged application. The methods and systems may also include modifying, by the mobile device, the decoded application bundle corresponding to the first unmanaged application by adding a set of one or more policy-based control instructions, compiling, by the mobile device, the modified application bundle to generate a first managed application, the first managed application being configured to operate in accordance with the set of one or more policy-based control instructions, and providing, by the mobile device, the first managed application.