公开(公告)号：US11681585B2

公开(公告)日：2023-06-20

申请号：US17079717

申请日：2020-10-26

Applicant: Citrix Systems, Inc.

Inventor： Thomas Michael Kludy ,  Michael Paul Wehniainen

IPC: G06F11/14 ,  G06F16/21 ,  G06F16/23 ,  G06F11/30

CPC classification number: G06F11/1451 ,  G06F11/1461 ,  G06F11/3006 ,  G06F11/3055 ,  G06F16/214 ,  G06F16/2329 ,  G06F2201/80 ,  G06F2201/84

Abstract: Methods and systems for coordinating migration for a database of a service are described herein. Multiple releases of the service may be simultaneously implemented, and these multiple releases may access a shared database. As new releases of the service are activated, the database may be incrementally migrated to a new data schema version. The new data schema version may be compatible with each release of the service that is in use. After a migration has begun, instances of the service may be instructed to perform database operations using methods compatible with the new data schema version. Continuation tokens may be returned during the migration, which indicate portions of the shared database that have not yet been migrated. If an error occurs during the migration, the continuation tokens may be discarded, and the migration may be restarted.

公开(公告)号：US10853091B2

公开(公告)日：2020-12-01

申请号：US15652937

申请日：2017-07-18

Applicant: Citrix Systems, Inc.

Inventor： Steven A. Keller ,  Joel Kevin Lawrence Cardoza ,  Thomas Michael Kludy

IPC: G06F9/44 ,  G06F9/445 ,  H04L29/08

Abstract: Described embodiments provide systems and methods for stateless modification of operating system registry data across network boundaries. The system includes a processor coupled to memory and configured to execute instructions to receive, within a first network, a request to apply a modification to an operating system registry of a second device within a second network different from the first network. The processor queues data describing the requested modification, receives a polling request from the second device, and transmits, to the second device responsive to the polling request, the queued data describing the requested modification for the second device to apply to the operating system registry of the second device. For example, the requested modification may be to create a key, to create a value, to delete a key, or to delete a value.

公开(公告)号：US10749982B2

公开(公告)日：2020-08-18

申请号：US15875424

申请日：2018-01-19

Applicant: Citrix Systems, Inc.

Inventor： Steven A. Keller ,  Thomas J. Hammond ,  Thomas Michael Kludy ,  Ayush Jain ,  Ricardo Fernando Feijoo

IPC: H04L29/08 ,  H04W4/02 ,  H04L12/701

Abstract: Methods and systems for routing a user request for a service to a version of the service in a geographical region associated with the user are described herein. The service may be deployed in multiple geographical regions, and the service may have multiple versions in each of the geographical regions. A user device may send a request for a service to a first server in a geographical region. The first server may determine whether the user is associated with the geographical region. Responsive to determining that the user is not associated with the geographical region, the first server may ask one or more servers in other geographical regions whether the user is associated with any of the other geographical regions.

公开(公告)号：US20200036661A1

公开(公告)日：2020-01-30

申请号：US16592351

申请日：2019-10-03

Applicant: Citrix Systems, Inc.

Inventor： Jose Reyes ,  Thomas Michael Kludy

IPC: H04L12/58

Abstract: A technique increases capacity in a topic-subscription messaging system. The technique involves, during a first time period, operating a first topic structure of the system. The first topic structure includes a first topic and a plurality of first subscriptions coupled with the first topic. The technique further involves, during a second time period, providing a second topic structure which includes a second topic and a plurality of second subscriptions coupled with the second topic. The technique further involves, during a third time period, providing a link from the second topic structure to the first topic structure making (i) the second topic structure a parent to the first topic structure and (ii) the first topic structure a child to the second topic structure, the link conveying messages from a particular second subscription of the second topic structure to the first topic of the first topic structure.

公开(公告)号：US20190386997A1

公开(公告)日：2019-12-19

申请号：US16550656

申请日：2019-08-26

Applicant: Citrix Systems, Inc.

Inventor： Ricardo Fernando Feijoo ,  Thomas Michael Kludy

IPC: H04L29/06

Abstract: A principal database is described in which each entry includes one principal identity, and one or more alias identities that may each have an authorization scope. Principal identity attributes include a principal identifier and login credentials, and alias identity attributes include an authorization scope and login credentials. Responsive to successfully authenticating the user for a first application (a multiple-identity application), based on the alias identity login credentials, an access token containing both the alias identity attributes and the principal identity attributes is transmitted to the first application, causing the first application to grant a scope of access based on the authorization scope. Responsive to a request to authenticate the user for a second application (a single-identity application), the access token is transmitted to the second application without re-authenticating the user, causing the second application to grant a scope of access based on the principal identifier.

公开(公告)号：US20190026124A1

公开(公告)日：2019-01-24

申请号：US15652937

申请日：2017-07-18

Applicant: Citrix Systems, Inc.

Inventor： Steven A. Keller ,  Joel Kevin Lawrence Cardoza ,  Thomas Michael Kludy

IPC: G06F9/445 ,  H04L29/08

Abstract: Described embodiments provide systems and methods for stateless modification of operating system registry data across network boundaries. The system includes a processor coupled to memory and configured to execute instructions to receive, within a first network, a request to apply a modification to an operating system registry of a second device within a second network different from the first network. The processor queues data describing the requested modification, receives a polling request from the second device, and transmits, to the second device responsive to the polling request, the queued data describing the requested modification for the second device to apply to the operating system registry of the second device. For example, the requested modification may be to create a key, to create a value, to delete a key, or to delete a value.

公开(公告)号：US20180262450A1

公开(公告)日：2018-09-13

申请号：US15454486

申请日：2017-03-09

Applicant: Citrix Systems, Inc.

Inventor： Jose Reyes ,  Thomas Michael Kludy

IPC: H04L12/58

CPC classification number: H04L51/04 ,  H04L51/14

Abstract: A technique increases capacity in a topic-subscription messaging system. The technique involves, during a first time period, operating a first topic structure of the system. The first topic structure includes a first topic and a plurality of first subscriptions coupled with the first topic. The technique further involves, during a second time period, providing a second topic structure which includes a second topic and a plurality of second subscriptions coupled with the second topic. The technique further involves, during a third time period, providing a link from the second topic structure to the first topic structure making (i) the second topic structure a parent to the first topic structure and (ii) the first topic structure a child to the second topic structure, the link conveying messages from a particular second subscription of the second topic structure to the first topic of the first topic structure.

公开(公告)号：US11431722B2

公开(公告)日：2022-08-30

申请号：US16793433

申请日：2020-02-18

Applicant: Citrix Systems, Inc.

Inventor： Thomas Michael Kludy

IPC: H04L9/40 ,  G06F21/10 ,  G06F21/62 ,  H04L67/00 ,  H04L9/32 ,  G06F8/61

Abstract: A method of performing operations involving accessing a set of protected computing resources of a computing device includes (a) receiving, by a frontend service, an instruction via a network connection, the instruction directing the computing device to perform an operation involving accessing the set of protected resources, the set of protected computing resources being configured to refuse access to the frontend service, (b) in response to receiving the instruction, sending a request from the frontend service to a backend service, the request instructing the backend service to access the set of protected resources, the backend service being configured to not communicate via the network connection, the set of protected computing resources being configured to permit access to the backend service, and (c) in response to the backend service receiving the request from the frontend service, the backend service accessing the set of protected resources in fulfillment of the operation.

公开(公告)号：US11310340B2

公开(公告)日：2022-04-19

申请号：US16923632

申请日：2020-07-08

Applicant: Citrix Systems, Inc.

Inventor： Steven A. Keller ,  Thomas J. Hammond ,  Thomas Michael Kludy ,  Ayush Jain ,  Ricardo Fernando Feijoo

IPC: H04L29/08 ,  H04W4/02 ,  H04L12/701 ,  H04L67/60 ,  H04L67/1021 ,  H04L67/52 ,  H04L67/568 ,  H04L45/00 ,  H04L67/63

Abstract: Methods and systems for routing a user request for a service to a version of the service in a geographical region associated with the user are described herein. The service may be deployed in multiple geographical regions, and the service may have multiple versions in each of the geographical regions. A user device may send a request for a service to a first server in a geographical region. The first server may determine whether the user is associated with the geographical region. Responsive to determining that the user is not associated with the geographical region, the first server may ask one or more servers in other geographical regions whether the user is associated with any of the other geographical regions.

公开(公告)号：US20210385222A1

公开(公告)日：2021-12-09

申请号：US17410013

申请日：2021-08-24

Applicant: Citrix Systems, Inc.

Inventor： Ricardo Fernando Feijoo ,  Thomas Michael Kludy

IPC: H04L29/06

Abstract: A principal database is described in which each entry includes one principal identity, and one or more alias identities that may each have an authorization scope. Principal identity attributes include a principal identifier and login credentials, and alias identity attributes include an authorization scope and login credentials. Responsive to successfully authenticating the user for a first application (a multiple-identity application), based on the alias identity login credentials, an access token containing both the alias identity attributes and the principal identity attributes is transmitted to the first application, causing the first application to grant a scope of access based on the authorization scope. Responsive to a request to authenticate the user for a second application (a single-identity application), the access token is transmitted to the second application without re-authenticating the user, causing the second application to grant a scope of access based on the principal identifier.