公开(公告)号：US20220239756A1

公开(公告)日：2022-07-28

申请号：US17722769

申请日：2022-04-18

Applicant: Citrix Systems, Inc.

Inventor： Steven A. Keller ,  Thomas J. Hammond ,  Thomas Kludy ,  Ayush Jain ,  Ricardo Fernando Feijoo

IPC: H04L67/60 ,  H04L67/1021 ,  H04L67/52 ,  H04W4/02 ,  H04L67/568 ,  H04L45/00 ,  H04L67/63

Abstract: Methods and systems for routing a user request for a service to a version of the service in a geographical region associated with the user are described herein. The service may be deployed in multiple geographical regions, and the service may have multiple versions in each of the geographical regions. A user device may send a request for a service to a first server in a geographical region. The first server may determine whether the user is associated with the geographical region. Responsive to determining that the user is not associated with the geographical region, the first server may ask one or more servers in other geographical regions whether the user is associated with any of the other geographical regions.

公开(公告)号：US20220200999A1

公开(公告)日：2022-06-23

申请号：US17495030

申请日：2021-10-06

Applicant: Citrix Systems, Inc.

Inventor： Feng Huang ,  Ricardo Fernando Feijoo ,  Tom Kludy ,  John Gavin Ashman

IPC: H04L29/06 ,  G06F21/45 ,  H04L9/30

Abstract: Methods and systems for secure authentication of users based on unique device identifiers are described herein. A computing device may receive, from a user device, a device registration. The device registration may comprise authentication credentials, device information, and/or a public key. Based on the authentication credentials and/or the device information, a unique device identifier may be generated. A token may be generated based on the unique device identifier and sent to the user device. A request for content may be received from the user device. A nonce may be sent to the user device. The token and a signed version of the nonce may be received from the user device. The nonce may have been signed using a private key corresponding to the public key. Access to the content may be provided based on the token, the unique device identifier, and/or the signed version of the nonce.

公开(公告)号：US20200344321A1

公开(公告)日：2020-10-29

申请号：US16923632

申请日：2020-07-08

Applicant: Citrix Systems, Inc.

Inventor： Steven A. Keller ,  Thomas J. Hammond ,  Thomas Michael Kludy ,  Ayush Jain ,  Ricardo Fernando Feijoo

IPC: H04L29/08 ,  H04W4/02 ,  H04L12/701

Abstract: Methods and systems for routing a user request for a service to a version of the service in a geographical region associated with the user are described herein. The service may be deployed in multiple geographical regions, and the service may have multiple versions in each of the geographical regions. A user device may send a request for a service to a first server in a geographical region. The first server may determine whether the user is associated with the geographical region. Responsive to determining that the user is not associated with the geographical region, the first server may ask one or more servers in other geographical regions whether the user is associated with any of the other geographical regions.

公开(公告)号：US20200314088A1

公开(公告)日：2020-10-01

申请号：US16900229

申请日：2020-06-12

Applicant: Citrix Systems, Inc.

Inventor： Ricardo Fernando Feijoo ,  Thomas Kludy

IPC: H04L29/06 ,  G06F21/33 ,  G06F21/41

Abstract: Aspects of the disclosure relate to extending single-sign-on to relying parties for federated logon providers. An enterprise identity provider server may receive a first authentication token previously issued to an enterprise server by the enterprise identity provider server. Subsequently, the enterprise identity provider server may retrieve, from a token store, a second authentication token associated with a federated identity service provided by a federated identity provider server. The enterprise identity provider server may refresh the second authentication token with the federated identity service provided by the federated identity provider server to obtain a refreshed authentication token. Finally, the enterprise identity provider server may send the refreshed authentication token to the enterprise server, which may enable user devices managed by the enterprise server to access one or more resources provided by a third party system using the federated identity service.

公开(公告)号：US10542119B2

公开(公告)日：2020-01-21

申请号：US15834204

申请日：2017-12-07

Applicant: Citrix Systems, Inc.

Inventor： Ricardo Fernando Feijoo ,  Nishil Prajapati

IPC: G06F15/16 ,  H04L29/08 ,  H04L29/06

Abstract: Methods and systems for performing multi-geographical processing of user requests are described herein. An order service computing device may receive a user request associated with a user and, based on the user request, may generate a user account associated with the user. The order service computing device may establish the user account at a geographic computing platform which may provide access to one or more computing resources and/or services. The order service computing device may receive one or more access requests corresponding to one or more computing resources and/or services associated with the geographic computing platform and/or other geographic computing platforms. The order service computing device may generate identifiers based on the one or more access requests which identify the one or more computing resources and/or services.

公开(公告)号：US20170024225A1

公开(公告)日：2017-01-26

申请号：US15286835

申请日：2016-10-06

Applicant: Citrix Systems, Inc.

Inventor： Thomas M. Kludy ,  Ashish Gujarathi ,  Felipe Leon ,  Juliano Maldaner ,  Andrew Ogle ,  Ricardo Fernando Feijoo

IPC: G06F9/44 ,  H04L12/24 ,  H04L29/08

CPC classification number: H04L41/08 ,  G06F9/4405 ,  G06F9/4416 ,  G06F9/45558 ,  G06F9/505 ,  G06F9/5083 ,  G06F11/0706 ,  G06F11/0793 ,  G06F2009/45595 ,  H04L41/0816 ,  H04L67/10 ,  H04L67/1023 ,  H04L67/34 ,  H04L67/42

Abstract: One or more aspects of this disclosure may relate to using a configurable server farm preference for an application, desktop or other hosted resource. Additional aspects may relate to moving server farm workloads based on the configurable server farm preference. Further aspects may relate to performing reboot cycles, a reboot schedule and on-demand rebooting. Yet further aspects may relate to staggering individual machine reboot operations over a specified period of time and performing reboot operations such that some machines are available for user sessions during a reboot cycle.

Abstract translation: 本公开的一个或多个方面可以涉及对应用程序，桌面或其他托管资源使用可配置的服务器场偏好。 其他方面可能涉及到基于可配置的服务器场首选项移动服务器场工作负载。 其他方面可能涉及执行重新启动周期，重新启动计划和按需重新启动。 另外的方面可能涉及在特定时间段内交错的单个机器重新引导操作，并执行重新启动操作，使得一些机器在重新启动周期期间可用于用户会话。

公开(公告)号：US20230403152A1

公开(公告)日：2023-12-14

申请号：US17836277

申请日：2022-06-09

Applicant: Citrix Systems, Inc.

Inventor： Ricardo Fernando Feijoo

IPC: H04L9/32 ,  H04L67/1097

CPC classification number: H04L9/3213 ,  H04L67/1097 ,  H04L9/3226

Abstract: Methods and systems for centralizing disparate authentication servers using scopes are described herein. A computing device may receive, from a client device, a first access request comprising authentication credentials and first scope data. The computing device may then send, to at least one first authentication server associated with the at least one first resource server, a first token request. The computing device may then receive a first token and provide that token to the client device. The computing device may then receive, from the client device, a second access request comprising second scope data. The computing device may send, to at least one second authentication server associated with the at least one second resource server, a second token request. The computing device may then receive a second token and provide that token to the client device.

公开(公告)号：US11843593B2

公开(公告)日：2023-12-12

申请号：US17113874

申请日：2020-12-07

Applicant: Citrix Systems, Inc.

Inventor： Robert Monro ,  Feng Huang ,  Aleksis Sideris ,  Nikolay Paskulov ,  Ricardo Fernando Feijoo

IPC: H04L29/06 ,  H04L9/40

CPC classification number: H04L63/0807 ,  H04L63/0815 ,  H04L63/0884 ,  H04L63/102

Abstract: A method of providing access to digital resources using multiple user identities comprises receiving, from a client application, a first set of authentication tokens that authorize a user to acquire target data provided by a server application. The method further comprises receiving, from the client application, a second set of authentication tokens that authorize the same user to access a connected application. The method further comprises sending, to the server application, a first request to acquire the target data provided by the server application, the first request including the first set of authentication tokens and an identifier of the target data. The method further comprises receiving, from the server application, the target data. The method further comprises sending the target data from the application connector to the connected application in a second request that also includes the second set of authentication tokens.

公开(公告)号：US11722481B2

公开(公告)日：2023-08-08

申请号：US16669992

申请日：2019-10-31

Applicant: Citrix Systems, Inc.

Inventor： Katia Lopez ,  Joel Pineiro ,  Javier Alejandro Figueroa ,  Ricardo Fernando Feijoo

IPC: H04L9/32 ,  H04W12/06 ,  H04L9/40

CPC classification number: H04L63/0853

Abstract: Methods and systems for authentication using multiple identity providers are described herein. A first identity provider may receive, e.g., from a second identity provider, an indication of an authentication request. The first identity provider may retrieve, from a storage device, session information associated with the request. The first identity provider may authenticate, using one or more first functions, based on the session information, and based on authentication credentials received from a user, the user. Based on the authentication, the first identity provider may modify the session information. The second identity provider may authenticate, based on the session information and using one or more second functions, the user. The one or more second functions may comprise providing the user a token based on the session information. The session information may be subsequently deleted.

公开(公告)号：US11669497B2

公开(公告)日：2023-06-06

申请号：US16569906

申请日：2019-09-13

Applicant: CITRIX SYSTEMS, INC.

Inventor： Ricardo Fernando Feijoo

IPC: G06F16/10 ,  G06F16/176 ,  H04L67/06 ,  G06F16/93 ,  H04L67/561

CPC classification number: G06F16/176 ,  G06F16/93 ,  H04L67/06 ,  H04L67/561

Abstract: A computer system includes client devices operated by users collaborating on a project, and a collaboration server. Each client device remotely accesses web applications via a managed browser to be used by the users collaborating on the project. The collaboration server cooperates with the managed browsers to receive from the managed browsers data corresponding to actions performed by each user within the web applications, generate notifications based on the actions performed by the users within the web applications, and cause the managed browsers to display the notifications. The notifications are generated independent from the web applications.