公开(公告)号：US20220029990A1

公开(公告)日：2022-01-27

申请号：US17495239

申请日：2021-10-06

Applicant: VMware, Inc.

Inventor： Eugene Liderman ,  Rahul Parwani ,  Kiran Rohankar ,  Keith Robertson

IPC: H04L29/06 ,  H04L9/32 ,  G06F9/54

Abstract: Disclosed are various embodiments for delegating authentication to certificate authorities. A connector service identifies a certificate request from a messenger service. The certificate request includes a credential identifier for a certificate authority. An authentication credential is retrieved using the credential identifier. A certificate request and the certificate authority authentication credential are transmitted to the certificate authority. A certificate is retrieved and provided as a response to the certificate request.

公开(公告)号：US20210289002A1

公开(公告)日：2021-09-16

申请号：US17331709

申请日：2021-05-27

Applicant: VMware, Inc.

Inventor： Eugene Liderman ,  Stephen Turner ,  Simon Brooks

IPC: H04L29/06

Abstract: Disclosed are various examples that relate to adjusting a stringency of offline policy restrictions based on a situational context of a computing device. In one example, a system can receive an offline restriction policy for an application. The system can identify a request to execute an application during the offline period of time. A situational context of the computing device can be determined. A first application restriction can be enforced for the application on the computing device based on the identification of the computing device being in the offline period of time and the situational context. A change in the situational context of the computing device can be identified during the offline period of time based on a detection of a second condition. A second application restriction can be enforced for the application on the computing device during the offline period of time.

公开(公告)号：US11108556B2

公开(公告)日：2021-08-31

申请号：US16004013

申请日：2018-06-08

Applicant: VMware, Inc.

Inventor： Eugene Liderman ,  Stephen Louis Turner ,  Simon Brooks

IPC: H04L9/30 ,  H04L9/32 ,  H04L9/06 ,  H04L9/08 ,  G06F9/54

Abstract: Aspects of secure inter-application data communications are described. In one example, a first application executing on a computing device obtains an identity certificate. The identity certificate can include a unique identifier of the computing device and a public key of the first application. To obtain the public keys of other applications executing on the computing device, the first application can query a management computing environment using the identity certificate. Once the computing device is authenticated by the management computing environment, the management computing environment can store the public key of the first application and return any public keys of other applications executing on the computing device. Once the public keys have been exchanged between the applications, the applications can encrypt and sign data packages for secure data communications between each other.

公开(公告)号：US11050791B2

公开(公告)日：2021-06-29

申请号：US16019950

申请日：2018-06-27

Applicant: VMware, Inc.

Inventor： Eugene Liderman ,  Stephen Turner ,  Simon Brooks

IPC: H04L29/06

Abstract: Disclosed are various examples that relate to adjusting a stringency of offline policy restrictions based on a situational context of a computing device. In one example, a system can receive an offline restriction policy for an application. The offline restriction policy comprises one or more rules that are associated with one or more actions. The system can cause the one or more actions to be performed during an offline period of time in an instance in which one of the rules is satisfied. The offline period of time representing time periods when the system does not have a network connection with a management system. The system can cause a first authentication action to be performed in an instance in which a first condition of the system satisfies a first rule. The system can also cause a second authentication action to be performed in an instance in which a second condition of the system satisfies a second rule.

公开(公告)号：US20190065725A1

公开(公告)日：2019-02-28

申请号：US15685299

申请日：2017-08-24

Applicant: VMware, Inc.

Inventor： Eugene Liderman ,  Jonathon Deriso ,  William Thomas Hooper ,  Sagar Date ,  Tejas Mehrotra ,  Stephen Turner ,  Amogh Datar ,  Dipanshu Gupta

IPC: G06F21/34 ,  H04W12/06 ,  H04L29/06 ,  H04L9/32 ,  G06F21/33

Abstract: Disclosed are various examples for distributed profile and key management. In one example, a client device can include an agent application and a PIV-D application. The agent application can receive a partially populated device profile generated by a management service to configure a setting on the client device. The PIV-D application can generate a derived credential and provide the derived credential to the agent application. The agent application can modify the partially populated device profile to include the credential to create a fully populated device profile and configure the client device in accordance with the fully populated device profile.