公开(公告)号：US11184346B2

公开(公告)日：2021-11-23

申请号：US16571466

申请日：2019-09-16

Applicant: VMware, Inc.

Inventor： Kishore Sajja ,  Lucas Chen ,  Raghuram Rajan ,  Anuj Panwar ,  Sandeep Naga Kaipu ,  Rajiv Singh

IPC: H04L29/06 ,  H04L9/08 ,  G06F3/06

Abstract: Aspects of providing single sign on (SSO) sessions are described. An access interval key is generated using an access code as a seed to a key derivative function. The access interval key is encrypted using a public key of an SSO-enabled application to generate an encrypted access interval key for a sign on session. The sign on session is established by storing the encrypted access interval key in a memory location of an SSO session map shared by SSO-enabled applications.

公开(公告)号：US11019067B2

公开(公告)日：2021-05-25

申请号：US16245210

申请日：2019-01-10

Applicant: VMware, Inc.

Inventor： Lucas Chen ,  Sanjay Satagopan ,  Raghuram Rajan ,  Rajiv Singh

IPC: H04L29/06 ,  G06F8/70 ,  H04L9/32 ,  H04L9/06

Abstract: Software development kit (“SDK”) applications may be implemented with user data on an enterprise end-user or shared device subsequent to a single check-out process on the device. A user profile and a context ID for a user can be accessed based on user provided credentials. An SDK application can be identified as one application of an application cluster including at least two applications. A status of a local context ID (“LCID”) of the SDK application can be determined, and a value for the LCID can be established based on the status and a value of a comparison context ID obtained from a server or an agent application. The LCID and a context ID for a keychain for the application cluster can be compared, and the SDK application can be implemented with user specific user data obtained from the agent application or the keychain based on a result of the comparison.

公开(公告)号：US11019058B2

公开(公告)日：2021-05-25

申请号：US16244157

申请日：2019-01-10

Applicant: VMware, Inc.

Inventor： Lucas Chen ,  Sanjay Satagopan ,  Raghuram Rajan ,  Rajiv Singh

IPC: H04L29/06 ,  G06F21/60 ,  H04L9/06

Abstract: Software development kit (“SDK”) applications may be implemented with user data on an enterprise end-user or shared device subsequent to a single check-out process on the device. A user profile and a context ID for a user can be accessed based on user provided credentials. An agent application can set a value of an agent context ID to a server context ID corresponding to the context ID for the user profile. A status of a local context ID (“LCID”) of an SDK application can be determined in response to an application launch. Using the LCD, a context ID comparison can be performed on the device with a value of a context ID from one of the SDK application, the server, and the agent application based on the LCID status. The SDK application can be implemented with user specific user data obtained from one of the SDK application and the agent application based on a result of the context ID comparison.

公开(公告)号：US11461451B2

公开(公告)日：2022-10-04

申请号：US16537651

申请日：2019-08-12

Applicant: VMWARE, INC.

Inventor： Lucas Chen ,  Gaurav Arora ,  Evan Hurst ,  Nicholas Grivas ,  Nicholas Brouillette ,  Jubin Benny ,  Jason Ruby ,  Eugene Liderman ,  Hemant Sahani

IPC: G06F21/33 ,  H04L9/32 ,  H04L9/00

Abstract: Disclosed are various approaches for signing documents using mobile devices. A request is sent to a certificate authority for a signing certificate. The signing certificate is then received from the certificate authority. The signing certificate is then stored in the memory. Next, a file is received from a client application executed by the processor of the computing device. Then, the file is signed with the signing certificate to create a signed file. The signed file is then returned to the client application.

公开(公告)号：US20210281574A1

公开(公告)日：2021-09-09

申请号：US17327176

申请日：2021-05-21

Applicant: VMware, Inc

Inventor： Lucas Chen ,  Sanjay Satagopan ,  Raghuram Rajan ,  Rajiv Singh

IPC: H04L29/06 ,  G06F8/70 ,  H04L9/32 ,  H04L9/06

Abstract: Software development kit (“SDK”) applications may be implemented with user data on an enterprise end-user or shared device subsequent to a single check-out process on the device. A user profile and a context ID for a user can be accessed based on user provided credentials. An SDK application can be identified as one application of an application cluster including at least two applications. A status of a local context ID (“LCID”) of the SDK application can be determined, and a value for the LCID can be established based on the status and a value of a comparison context ID obtained from a server or an agent application. The LCID and a context ID for a keychain for the application cluster can be compared, and the SDK application can be implemented with user specific user data obtained from the agent application or the keychain based on a result of the comparison.

公开(公告)号：US20210266317A1

公开(公告)日：2021-08-26

申请号：US17244629

申请日：2021-04-29

Applicant: VMware, Inc.

Inventor： Lucas Chen ,  Sanjay Satagopan ,  Raghuram Rajan ,  Rajiv Singh

IPC: H04L29/06 ,  G06F21/60 ,  H04L9/06

Abstract: Software development kit (“SDK”) applications may be implemented with user data on an enterprise end-user or shared device subsequent to a single check-out process on the device. A user profile and a context ID for a user can be accessed based on user provided credentials. An agent application can set a value of an agent context ID to a server context ID corresponding to the context ID for the user profile. A status of a local context ID (“LCID”) of an SDK application can be determined in response to an application launch. Using the LCD, a context ID comparison can be performed on the device with a value of a context ID from one of the SDK application, the server, and the agent application based on the LCID status. The SDK application can be implemented with user specific user data obtained from one of the SDK application and the agent application based on a result of the context ID comparison.

公开(公告)号：US20200228534A1

公开(公告)日：2020-07-16

申请号：US16245210

申请日：2019-01-10

Applicant: VMware, Inc

Inventor： Lucas Chen ,  Sanjay Satagopan ,  Raghuram Rajan ,  Rajiv Singh

IPC: H04L29/06 ,  H04L9/06 ,  G06F8/70 ,  H04L9/32

Abstract: Software development kit (“SDK”) applications may be implemented with user data on an enterprise end-user or shared device subsequent to a single check-out process on the device. A user profile and a context ID for a user can be accessed based on user provided credentials. An SDK application can be identified as one application of an application cluster including at least two applications. A status of a local context ID (“LCID”) of the SDK application can be determined, and a value for the LCID can be established based on the status and a value of a comparison context ID obtained from a server or an agent application. The LCID and a context ID for a keychain for the application cluster can be compared, and the SDK application can be implemented with user specific user data obtained from the agent application or the keychain based on a result of the comparison.

公开(公告)号：US20200014681A1

公开(公告)日：2020-01-09

申请号：US16571466

申请日：2019-09-16

Applicant: VMware, Inc.

Inventor： Kishore Sajja ,  Lucas Chen ,  Raghuram Rajan ,  Anuj Panwar ,  Sandeep Naga Kaipu ,  Rajiv Singh

IPC: H04L29/06 ,  H04L9/08 ,  G06F3/06

Abstract: Aspects of providing single sign on (SSO) sessions are described. An access interval key is generated using an access code as a seed to a key derivative function. The access interval key is encrypted using a public key of an SSO-enabled application to generate an encrypted access interval key for a sign on session. The sign on session is established by storing the encrypted access interval key in a memory location of an SSO session map shared by SSO-enabled applications.

公开(公告)号：US20180159843A1

公开(公告)日：2018-06-07

申请号：US15442175

申请日：2017-02-24

Applicant: VMware, Inc.

Inventor： Kishore Sajja ,  Lucas Chen ,  Raghuram Rajan ,  Anuj Panwar ,  Sandeep Naga Kaipu ,  Rajiv Singh

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/14 ,  H04L9/30 ,  H04L9/32

CPC classification number: H04L63/0815 ,  G06F3/0622 ,  G06F3/0659 ,  G06F3/067 ,  H04L9/0825 ,  H04L9/0894 ,  H04L63/0442

Abstract: To establish a sign on session among single sign on (SSO)-enabled applications, a user can be prompted by an application for an access code. An access interval key can be generated using a key derivative function based on the access code. The access interval key can be considered a session key, and it can be used during a valid SSO session to decrypt a master key stored in a shared memory. In turn, the master key can be used to encrypt and decrypt the contents of the shared memory. To securely distribute the access interval key among the SSO-enabled applications during a current session, individual SSO-enabled applications can each store a public key in the shared memory. The access interval key can then be encrypted, respectively, by the public keys of the SSO-enabled applications and stored in the shared memory to be retrieved securely by the SSO-enabled applications.