公开(公告)号：US09948657B2

公开(公告)日：2018-04-17

申请号：US15189197

申请日：2016-06-22

Applicant: Citrix Systems, Inc.

Inventor： Kevin Batson ,  Richard Hayton

IPC: H04L29/06 ,  H04L29/08 ,  G06F21/10 ,  G06F21/62 ,  G06F9/445 ,  H04W12/06 ,  H04W12/08

CPC classification number: H04L63/105 ,  G06F9/44505 ,  G06F21/10 ,  G06F21/629 ,  G06F2221/2141 ,  H04L63/08 ,  H04L63/0815 ,  H04L63/20 ,  H04L67/10 ,  H04W12/06 ,  H04W12/08

Abstract: Methods, systems, and computer-readable media for providing an application store are presented. In some embodiments, a request for a software application may be received at an application store. Subsequently, the software application may be configured, at the application store, based on a single sign-on credential. The configured software application then may be provided, by the application store, to at least one recipient device associated with the single sign-on credential.

公开(公告)号：US09942240B2

公开(公告)日：2018-04-10

申请号：US14804705

申请日：2015-07-21

Applicant: Citrix Systems, Inc.

Inventor： Richard Hayton ,  Georgy Momchilov ,  Gary Barton ,  Andrew Innes

IPC: H04L29/06 ,  H04W12/06 ,  H04W12/08 ,  G06F21/10 ,  G06F21/62

CPC classification number: H04L63/105 ,  G06F21/10 ,  G06F21/629 ,  H04L63/0281 ,  H04L63/08 ,  H04W12/06 ,  H04W12/08

Abstract: Methods and systems are disclosed for providing approaches to anonymous application wrapping on a mobile device. The methods and systems may include receiving, by a controller service, a request to associate a first application executing on a client device with the controller service, and obtaining, by the controller service, a first application identifier associated with the first application. The methods and systems may also include receiving, by the controller service from an application service, a request for a first service and a conditional application identifier, and configuring, by the controller service and based on the request for the first service, the first application with a second set of one or more policy instructions used to control the first application.

公开(公告)号：US20170048350A1

公开(公告)日：2017-02-16

申请号：US15244823

申请日：2016-08-23

Applicant: Citrix Systems, Inc.

Inventor： Joseph Nord ,  Richard Hayton

IPC: H04L29/08 ,  H04L12/24

CPC classification number: H04L67/306 ,  H04L41/046 ,  H04L67/06 ,  H04L67/143

Abstract: Just in time delivery of a consistent user profile to overlapping user sessions, where a first user session issues a request for a first file of a user profile to a server agent. Upon receiving the request, the server agent retrieves the first file from a base user profile, and just in time delivers the retrieved first file to the first user session. The user, via a second user session executing simultaneously with the first user session, issues a request to the server agent for the first file and a second file of the user profile. Upon receiving the request, the server agent identifies a modified version of the first file in a provisional user profile, retrieves the modified first file from the provisional user profile and the second file from the base user profile, and just in time delivers both files to the second user session.

Abstract translation: 将一致的用户配置文件及时传递给重叠的用户会话，其中第一用户会话向服务器代理发出用户简档的第一文件的请求。 在接收到请求之后，服务器代理从基本用户简档中检索第一个文件，并且及时将检索到的第一个文件传递给第一个用户会话。 经由与第一用户会话同时执行的第二用户会话的用户向服务器代理发出用于第一文件的请求和用户简档的第二文件。 在接收到请求之后，服务器代理识别临时用户简档中的第一个文件的修改版本，从临时用户配置文件中检索修改后的第一个文件，从基本用户配置文件中检索第二个文件，并且及时将两个文件传递给 第二个用户会话。

公开(公告)号：US20170026383A1

公开(公告)日：2017-01-26

申请号：US14804705

申请日：2015-07-21

Applicant: Citrix Systems, Inc.

Inventor： Richard Hayton ,  Georgy Momchilov ,  Gary Barton ,  Andrew Innes

IPC: H04L29/06 ,  H04W12/06 ,  H04W12/08

CPC classification number: H04L63/105 ,  G06F21/10 ,  G06F21/629 ,  H04L63/0281 ,  H04L63/08 ,  H04W12/06 ,  H04W12/08

Abstract: Methods and systems are disclosed for providing approaches to anonymous application wrapping on a mobile device. The methods and systems may include receiving, by a controller service, a request to associate a first application executing on a client device with the controller service, and obtaining, by the controller service, a first application identifier associated with the first application. The methods and systems may also include receiving, by the controller service from an application service, a request for a first service and a conditional application identifier, and configuring, by the controller service and based on the request for the first service, the first application with a second set of one or more policy instructions used to control the first application.

Abstract translation: 公开了用于提供在移动设备上的匿名应用包装的方法的方法和系统。 方法和系统可以包括由控制器服务接收将在客户端设备上执行的第一应用与控制器服务相关联的请求，以及由控制器服务获得与第一应用相关联的第一应用标识符。 所述方法和系统还可以包括由控制器服务从应用服务接收对第一服务和条件应用标识符的请求，以及由控制器服务并且基于对第一服务的请求来配置第一应用 具有用于控制第一应用的第二组一个或多个策略指令。

公开(公告)号：US20160373445A1

公开(公告)日：2016-12-22

申请号：US15255640

申请日：2016-09-02

Applicant: Citrix Systems, Inc.

Inventor： Richard Hayton ,  Ajay Soni ,  Abhishek Chauhan ,  Rajiv Sinha ,  Minoo Gupta

IPC: H04L29/06 ,  G06F21/41

CPC classification number: H04L63/0884 ,  G06F21/00 ,  G06F21/31 ,  G06F21/41 ,  G06F21/554 ,  H04L63/0815

Abstract: The present disclosure is directed to methods and systems of providing a user-selectable list of disparately hosted applications. A device intermediary to a client and one or more servers may receive a user request to access a list of applications published to the user. The device may communicate to the client the list of published applications available to the user, the list comprising graphical icons corresponding to disparately hosted applications, at least one graphical icon corresponding to a third-party hosted application of the disparately hosted applications, the third party hosted application served by a remote third-party server. The device may receive a selection from the user of the at least one graphical icon. The device may communicate, from the remote third party server to the client of the user, execution of the third party hosted application responsive to the selection by the user.

Abstract translation: 本公开涉及提供不同地托管的应用的用户可选列表的方法和系统。 客户端和一个或多个服务器的设备中介可以接收访问发布给用户的应用的列表的用户请求。 设备可以向客户端通知可用于用户的已发布应用的列表，该列表包括对应于不同托管的应用的图形图标，对应于不同托管的应用的第三方托管应用的至少一个图形图标，第三方 由远程第三方服务器提供的托管应用程序。 设备可以从用户接收至少一个图形图标的选择。 设备可以响应于用户的选择，从远程第三方服务器向用户的客户端通信第三方托管应用的执行。

公开(公告)号：US09424554B2

公开(公告)日：2016-08-23

申请号：US13888689

申请日：2013-05-07

Applicant: Citrix Systems, Inc.

Inventor： Richard Hayton ,  Kevin Batson

IPC: G06F15/16 ,  G06Q10/10

CPC classification number: G06Q10/10

Abstract: Described herein is an enterprise system including an enterprise social platform associated with an application store platform, which is accessible by a computing device in a secure manner. The enterprise social platform stores information indicating user roles within the enterprise and provides at least one social networking feature to a group of users that are associated based on the roles, where the social networking feature is associated with an enterprise application store. An application catalog system of the enterprise application store platform includes sets of enterprise applications that are available for selection by enterprise users, and the application catalog system provides access to selected enterprise applications. An application store storage system includes a plurality of files associated with each one of the plurality of applications, wherein the plurality of files includes enterprise customized application templates, enterprise application usage information, application evaluation information, application recommendations, or an application support forum. An application store management system presents selected ones of the files to a user within the enterprise social platform based on the user's membership in the group of users.

Abstract translation: 这里描述的是包括与应用商店平台相关联的企业社交平台的企业系统，其可由安全的方式由计算设备访问。 企业社交平台存储指示企业内的用户角色的信息，并且向基于角色相关联的一组用户提供至少一个社交网络特征，其中社交网络特征与企业应用商店相关联。 企业应用商店平台的应用程序目录系统包括可供企业用户选择的企业应用程序集，应用程序目录系统提供对所选企业应用程序的访问。 应用商店存储系统包括与多个应用中的每一个相关联的多个文件，其中多个文件包括企业定制应用模板，企业应用使用信息，应用评估信息，应用建议或应用支持论坛。 应用商店管理系统基于用户在用户组中的成员资格向企业社交平台内的用户呈现选定的文件。

公开(公告)号：US09369449B2

公开(公告)日：2016-06-14

申请号：US14015194

申请日：2013-08-30

Applicant: Citrix Systems, Inc.

Inventor： Kevin Batson ,  Richard Hayton

IPC: H04L29/06 ,  H04L29/08 ,  G06F21/10 ,  G06F21/62 ,  G06F9/445

CPC classification number: H04L63/105 ,  G06F9/44505 ,  G06F21/10 ,  G06F21/629 ,  G06F2221/2141 ,  H04L63/08 ,  H04L63/0815 ,  H04L63/20 ,  H04L67/10 ,  H04W12/06 ,  H04W12/08

Abstract: Methods, systems, and computer-readable media for providing an application store are presented. In some embodiments, authentication credentials of an administrative user of an application store may be received at the application store. Based on validating the authentication credentials of the administrative user, a mobile service management interface may be provided via the application store. In addition, the mobile service management interface may include at least one control that is configured to allow the administrative user to define one or more policies to be applied to at least one application that is available in the application store.

Abstract translation: 提出了用于提供应用程序存储的方法，系统和计算机可读介质。 在一些实施例中，可以在应用商店处接收应用商店的管理用户的认证证书。 基于验证管理用户的认证凭据，可以经由应用商店提供移动业务管理接口。 另外，移动服务管理界面可以包括被配置为允许管理用户定义要应用于应用商店中可用的至少一个应用的一个或多个策略的至少一个控制。

公开(公告)号：US20150350168A1

公开(公告)日：2015-12-03

申请号：US14816000

申请日：2015-08-01

Applicant: Citrix Systems, Inc.

Inventor： Richard Hayton

IPC: H04L29/06

CPC classification number: H04L63/0428 ,  G06F21/31 ,  G06F21/32 ,  G06F21/41 ,  H04L63/0815 ,  H04L63/0869

Abstract: Methods and systems for authenticating users of client devices to allow access of resources and services in enterprise systems are described herein. An authentication device may validate a user based on authentication credentials received from a client device. Validation data stored by the authentication device, and a corresponding access token transmitted to the client device, may be used to authenticate the user for future resource access requests. A user secret also may be stored by the authentication device and used to validate the user for future resource access requests. Additionally, after validating a user with a first set of authentication credentials, additional sets of credentials for the user may be retrieved and stored at an access gateway for future requests to access other services or resources in an enterprise system.

Abstract translation: 这里描述了用于验证客户端设备的用户以允许企业系统中的资源和服务的访问的方法和系统。 认证设备可以基于从客户端设备接收到的认证证书来验证用户。 验证设备存储的验证数据和发送到客户端设备的相应的访问令牌可以用于认证用户以备将来的资源访问请求。 用户秘密也可以由认证设备存储，并用于验证用户以备将来的资源访问请求。 另外，在用第一组认证证书验证用户之后，可以检索用户的附加凭证集并将其存储在接入网关中，以供将来请求访问企业系统中的其他服务或资源。

公开(公告)号：US08949617B2

公开(公告)日：2015-02-03

申请号：US13886905

申请日：2013-05-03

Applicant: Citrix Systems, Inc.

Inventor： Richard Hayton

IPC: H04L9/00 ,  G06F21/62 ,  H04L9/08 ,  H04L9/32

CPC classification number: H04L9/0838 ,  G06F21/46 ,  H04L9/0863 ,  H04L9/0894 ,  H04L2209/34

Abstract: Methods and systems for disrupting password attacks using compression are described. A user password may be stored on a mobile computing device. The password may be compressed, for example, using a Huffman compression algorithm, and may be subsequently encrypted using a short secret as a key. The user password may be stored as the compressed and encrypted key. The compressed and encrypted password may be stored such that a brute force password attack, for example, using every possible short secret, would reveal too may possible matches to allow an attacker to select the real password.

Abstract translation: 描述了使用压缩破坏密码攻击的方法和系统。 用户密码可以存储在移动计算设备上。 密码可以被压缩，例如使用霍夫曼压缩算法，并且可以使用短秘密作为密钥进行加密。 用户密码可以存储为压缩和加密的密钥。 可以存储压缩和加密的密码，使得暴力密码攻击（例如，使用每个可能的短秘密）也将显露可能的匹配以允许攻击者选择真实密码。

公开(公告)号：US20140331060A1

公开(公告)日：2014-11-06

申请号：US13886518

申请日：2013-05-03

Applicant: CITRIX SYSTEMS, INC.

Inventor： Richard Hayton

IPC: G06F21/31 ,  G06F21/32

CPC classification number: H04L63/0428 ,  G06F21/31 ,  G06F21/32 ,  G06F21/41 ,  H04L63/0815 ,  H04L63/0869

Abstract: Methods and systems for authenticating users of client devices to allow access of resources and services in enterprise systems are described herein. An authentication device may validate a user based on authentication credentials received from a client device. Validation data stored by the authentication device, and a corresponding access token transmitted to the client device, may be used to authenticate the user for future resource access requests. A user secret also may be stored by the authentication device and used to validate the user for future resource access requests. Additionally, after validating a user with a first set of authentication credentials, additional sets of credentials for the user may be retrieved and stored at an access gateway for future requests to access other services or resources in an enterprise system.

Abstract translation: 这里描述了用于验证客户端设备的用户以允许企业系统中的资源和服务的访问的方法和系统。 认证设备可以基于从客户端设备接收到的认证证书来验证用户。 验证设备存储的验证数据和发送到客户端设备的相应的访问令牌可以用于认证用户以备将来的资源访问请求。 用户秘密也可以由认证设备存储，并用于验证用户以备将来的资源访问请求。 另外，在用第一组认证证书验证用户之后，可以检索用户的附加凭证集并将其存储在接入网关中，以供将来请求访问企业系统中的其他服务或资源。