-
公开(公告)号:US20140331297A1
公开(公告)日:2014-11-06
申请号:US13886845
申请日:2013-05-03
Applicant: Citrix Systems, Inc.
Inventor: Andrew Innes , Chris Mayers
IPC: H04L29/06
CPC classification number: H04L63/0884 , H04L47/70 , H04L63/0281 , H04L63/08 , H04L63/0823 , H04L63/12
Abstract: A method of authentication and accessing resources is provided. A client device may send a request to a proxy device to access a resource, such as an enterprise resource. The proxy device may authenticate with one or more servers associated with the resource. During authentication, the proxy device may receive a request for a signature controlled by the client device. In response, the proxy device may send a request to the client device for the signature. The request may also include context information that identify a data structure of authentication information exchanged (or to be exchanged) during the authentication session. If the client device verifies the context information, the client device may send the requested signature.
Abstract translation: 提供了认证和访问资源的方法。 客户端设备可以向代理设备发送请求以访问诸如企业资源的资源。 代理设备可以与与资源相关联的一个或多个服务器认证。 在认证期间,代理设备可以接收由客户端设备控制的签名的请求。 作为响应,代理设备可以向客户端设备发送用于签名的请求。 该请求还可以包括识别在认证会话期间交换(或被交换的)认证信息的数据结构的上下文信息。 如果客户端设备验证上下文信息,则客户端设备可以发送所请求的签名。
-
公开(公告)号:US11683370B2
公开(公告)日:2023-06-20
申请号:US17213578
申请日:2021-03-26
Applicant: Citrix Systems, Inc.
Inventor: Joseph Nord , Chris Mayers
IPC: H04L67/1095 , H04L9/40 , H04L67/306 , H04L67/00
CPC classification number: H04L67/1095 , H04L63/0435 , H04L63/20 , H04L67/306 , H04L67/34
Abstract: A backend computing system may receive first data from a first computing system, where the first data may be an encrypted version of second data that has been generated at the first computing system based on a command at the first computing system. The backend computing system may identify a second computing system different than the first computing system based on a status of the second computing system, and may send the first data to the second computing system to enable the second computing system to decrypt the first data and perform a function with respect to the second data. In some embodiments, the first computing system may generate padded data by adding data to the second data, and send the padded data to the backend computing system. In some embodiments, the first computing system may send random data to the backend computing system.
-
公开(公告)号:US20220311822A1
公开(公告)日:2022-09-29
申请号:US17213578
申请日:2021-03-26
Applicant: Citrix Systems, Inc.
Inventor: Joseph Nord , Chris Mayers
Abstract: A backend computing system may receive first data from a first computing system, where the first data may be an encrypted version of second data that has been generated at the first computing system based on a command at the first computing system. The backend computing system may identify a second computing system different than the first computing system based on a status of the second computing system, and may send the first data to the second computing system to enable the second computing system to decrypt the first data and perform a function with respect to the second data. In some embodiments, the first computing system may generate padded data by adding data to the second data, and send the padded data to the backend computing system. In some embodiments, the first computing system may send random data to the backend computing system.
-
Patent Agency Ranking
14.发明授权公开(公告)号:US11010856B2
公开(公告)日:2021-05-18
申请号:US16684722
申请日:2019-11-15
Applicant: CITRIX SYSTEMS, INC.
Inventor: Chris Mayers
IPC: G06T1/00 , G06F3/14 , G06F9/455 , H04L29/06 , G06F21/62 , G06F21/10 , G06F21/00 , G06F9/451 , H04L29/08
Abstract: A server includes a virtual machine to execute a remote graphics generation protocol. Execution of the remote graphics generation protocol determines a protection label to be inserted within a bitmap that is to be transmitted for display on a client machine associated with the virtual machine, and determines at least one optimization technique to be performed on the bitmap. A determination is made on if the at least one optimization technique, if performed, alters the at least one protection label when inserted within the bitmap. The protection label is inserted within the bitmap.
-
公开(公告)号:US10021088B2
公开(公告)日:2018-07-10
申请号:US14870435
申请日:2015-09-30
Applicant: Citrix Systems, Inc.
Inventor: Andrew Innes , Chris Mayers , Hubert Divoux
CPC classification number: H04L63/0823 , G06F21/33 , H04L9/3228 , H04L9/3234 , H04L9/3263 , H04L63/061 , H04L63/0815 , H04L63/0853 , H04L63/0876
Abstract: Methods and systems for faster and more efficient smart card logon and for giving a client device full domain access in a remote computing environment are described herein. Fast smart card logon may be used to reduce latency and improve security. For example, the system may reduce the number of operations (e.g., interactions) between a server device used for authentication and the client device. These operations may include fetching a user certificate from the smart card or signing data. Fast smart card logon may also improve security by optionally avoiding PIN (or other credential) transmission over networks, and to enable single sign on from an authentication event (e.g., Secure Sockets Layer (SSL) or Transport Layer Security (TLS) authentication) using a smart card to the domain logon without resorting to PIN caching.
-
公开(公告)号:US09531714B2
公开(公告)日:2016-12-27
申请号:US14317795
申请日:2014-06-27
Applicant: Citrix Systems, Inc.
Inventor: Andrew Innes , Chris Mayers , Ajay Soni
CPC classification number: H04L63/0884 , G06F21/31 , G06F21/44 , H04L9/0866 , H04L9/321 , H04L9/3213 , H04L9/3231 , H04L9/3271 , H04L63/08 , H04W12/06
Abstract: Methods and systems are disclosed for providing approaches to enterprise authentication via third party authentication support. The methods and systems may include transmitting, by a computing device to an authentication device, a request to authenticate a client device application via a forms login protocol, and transmitting, by the computing device to the client device application, a first credential form retrieved from an authentication device generated by an extension device. The methods and systems may also include receiving, by the computing device from the client device application, a first authentication credential, and transmitting, by the computing device to the authentication service via the extension device, the first authentication credential. The methods and systems may also include transmitting, by the computing device and in response to a successful validation of the first authentication credential, an approval of the request made by the client device application to authenticate via the forms login protocol.
Abstract translation: 公开了用于通过第三方认证支持为企业认证提供方法的方法和系统。 所述方法和系统可以包括由计算设备向认证设备发送通过表单登录协议来认证客户端设备应用的请求,并且由计算设备向客户端设备应用发送从第一认证表单 由扩展设备生成的认证设备。 所述方法和系统还可以包括由计算设备从客户端设备应用接收第一认证凭证,并且由计算设备通过扩展设备将认证服务发送给第一认证凭证。 方法和系统还可以包括由计算设备发送并且响应第一认证证书的成功验证,通过客户端设备应用程序通过表单登录协议进行认证的请求的批准。
-
公开(公告)号:US20160094546A1
公开(公告)日:2016-03-31
申请号:US14870435
申请日:2015-09-30
Applicant: Citrix Systems, Inc.
Inventor: Andrew Innes , Chris Mayers , Hubert Divoux
IPC: H04L29/06
CPC classification number: H04L63/0823 , G06F21/33 , H04L9/3228 , H04L9/3234 , H04L9/3263 , H04L63/061 , H04L63/0815 , H04L63/0853 , H04L63/0876
Abstract: Methods and systems for faster and more efficient smart card logon and for giving a client device full domain access in a remote computing environment are described herein. Fast smart card logon may be used to reduce latency and improve security. For example, the system may reduce the number of operations (e.g., interactions) between a server device used for authentication and the client device. These operations may include fetching a user certificate from the smart card or signing data. Fast smart card logon may also improve security by optionally avoiding PIN (or other credential) transmission over networks, and to enable single sign on from an authentication event (e.g., Secure Sockets Layer (SSL) or Transport Layer Security (TLS) authentication) using a smart card to the domain logon without resorting to PIN caching.
Abstract translation: 这里描述了用于在远程计算环境中更快更高效地智能卡登录和给予客户端设备完全域访问的方法和系统。 可以使用快速智能卡登录来减少延迟并提高安全性。 例如,系统可以减少用于认证的服务器设备与客户端设备之间的操作次数(例如,交互)。 这些操作可以包括从智能卡获取用户证书或签名数据。 快速智能卡登录还可以通过可选地避免通过网络进行的PIN(或其他凭据)传输,并通过使用认证事件(例如,安全套接字层(SSL)或传输层安全性(TLS)认证)进行单点登录来提高安全性) 一个智能卡到域登录,而不需要使用PIN缓存。
-
公开(公告)号:US20150381621A1
公开(公告)日:2015-12-31
申请号:US14317795
申请日:2014-06-27
Applicant: Citrix Systems, Inc.
Inventor: Andrew Innes , Chris Mayers , Ajay Soni
CPC classification number: H04L63/0884 , G06F21/31 , G06F21/44 , H04L9/0866 , H04L9/321 , H04L9/3213 , H04L9/3231 , H04L9/3271 , H04L63/08 , H04W12/06
Abstract: Methods and systems are disclosed for providing approaches to enterprise authentication via third party authentication support. The methods and systems may include transmitting, by a computing device to an authentication device, a request to authenticate a client device application via a forms login protocol, and transmitting, by the computing device to the client device application, a first credential form retrieved from an authentication device generated by an extension device. The methods and systems may also include receiving, by the computing device from the client device application, a first authentication credential, and transmitting, by the computing device to the authentication service via the extension device, the first authentication credential. The methods and systems may also include transmitting, by the computing device and in response to a successful validation of the first authentication credential, an approval of the request made by the client device application to authenticate via the forms login protocol.
Abstract translation: 公开了用于通过第三方认证支持为企业认证提供方法的方法和系统。 所述方法和系统可以包括由计算设备向认证设备发送通过表单登录协议来认证客户端设备应用的请求,并且由计算设备向客户端设备应用发送从第一认证表单 由扩展设备生成的认证设备。 所述方法和系统还可以包括由计算设备从客户端设备应用接收第一认证凭证,并且由计算设备通过扩展设备将认证服务发送给第一认证凭证。 方法和系统还可以包括由计算设备发送并且响应第一认证证书的成功验证,通过客户端设备应用程序通过表单登录协议进行认证的请求的批准。
-
-
-
-
-
-
-
Search Results
18
records
(took 0.032 seconds)
