公开(公告)号：US10075424B2

公开(公告)日：2018-09-11

申请号：US15082070

申请日：2016-03-28

Applicant: AirWatch LLC

Inventor： Kar Fai Tse ,  Chen Lu ,  Erich Stuntebeck

IPC: H04L29/06

CPC classification number: H04L63/0807 ,  H04L63/0428 ,  H04L63/062 ,  H04L63/0884 ,  H04L63/166

Abstract: Disclosed are various approaches for implementing an application authentication wrapper. An authentication request, such as a Kerberos request, is created for authenticating the computing device. The authentication request is encrypted to generate an encrypted authentication request. The encrypted authentication request is then forwarded to a reverse proxy server. An encrypted authentication response is received from the reverse proxy server. The encrypted authentication response, such as a Kerberos response, is then decrypted to generate a corresponding authentication response, which is then forwarded to the computing device that generated the authentication request.

公开(公告)号：US20170220368A1

公开(公告)日：2017-08-03

申请号：US15012820

申请日：2016-02-01

Applicant: AirWatch, LLC

Inventor： Kar Fai Tse ,  Ketan Bhardwaj ,  Erich Stuntebeck

IPC: G06F9/455 ,  G06F9/445

CPC classification number: G06F9/45558 ,  G06F8/61 ,  G06F2009/45562 ,  G06F2009/45575

Abstract: Systems herein include thin clients that operate with managed profile-based virtual machines. This can allow users to utilize personal user devices in an enterprise environment without subjecting sensitive enterprise credentials to the user device. A management server can determine a profile associated with the user device. Based on the profile, a virtual machine can be instantiated at a thin server, remotely from the thin client. The profile-specific virtual machine can include a particular guest operating system, guest applications, security features, or functionality. The instance of the virtual machine can communicate graphics information from a guest application to the thin client, and the thin client can communicate user interface events to the instance for controlling the guest application.

公开(公告)号：US20170061720A1

公开(公告)日：2017-03-02

申请号：US15232280

申请日：2016-08-09

Applicant: AirWatch LLC

Inventor： Kar Fai Tse

IPC: G07C9/00

CPC classification number: G07C9/00309 ,  G07C9/00087 ,  G07C9/00571 ,  G07C2009/00769 ,  G07C2009/0088 ,  H04L63/08 ,  H04L63/10 ,  H04L63/20

Abstract: A method is disclosed for providing physical access credentials to a client device. The method may include receiving a request for a physical access credential, where the first request includes at least one user access credential and at least one physical access point identifier. The method may also include determining whether the request should be granted based at least in part on the at least one user access credential. The method may further include, in response to determining that the request should be granted, sending the physical access credential associated with the physical access point.

Abstract translation: 公开了一种用于向客户端设备提供物理访问凭证的方法。 该方法可以包括接收对物理访问凭证的请求，其中第一请求包括至少一个用户访问凭证和至少一个物理接入点标识符。 该方法还可以包括至少部分地基于至少一个用户访问凭证来确定是否应该授予请求。 该方法还可以包括响应于确定该请求应被授予，发送与物理接入点相关联的物理访问凭证。

公开(公告)号：US20160328895A1

公开(公告)日：2016-11-10

申请号：US15216236

申请日：2016-07-21

Applicant: AirWatch LLC

Inventor： Kar Fai Tse

IPC: G07C9/00

CPC classification number: G07C9/00309 ,  G07C9/00087 ,  G07C9/00571 ,  G07C2009/00769 ,  G07C2009/0088 ,  H04L63/08 ,  H04L63/10 ,  H04L63/20

Abstract: A method is disclosed for providing physical access credentials to a client device. The method may include receiving a request for a physical access credential, where the first request includes at least one user access credential and at least one physical access point identifier. The method may also include determining whether the request should be granted based at least in part on the at least one user access credential. The method may further include, in response to determining that the request should be granted, sending the physical access credential associated with the physical access point.

Abstract translation: 公开了一种用于向客户端设备提供物理访问凭证的方法。 该方法可以包括接收对物理访问凭证的请求，其中第一请求包括至少一个用户访问凭证和至少一个物理接入点标识符。 该方法还可以包括至少部分地基于至少一个用户访问凭证来确定是否应该授予请求。 该方法还可以包括响应于确定该请求应被授予，发送与物理接入点相关联的物理访问凭证。

公开(公告)号：US20160294656A1

公开(公告)日：2016-10-06

申请号：US14673131

申请日：2015-03-30

Applicant: AirWatch LLC

Inventor： Kar Fai Tse ,  Eric Peter Stuntebeck ,  Chen Lu

IPC: H04L12/26 ,  H04L29/08

CPC classification number: H04L43/0888 ,  H04L41/0806 ,  H04L43/08 ,  H04L43/103 ,  H04L43/16 ,  H04L43/50 ,  H04L67/18

Abstract: Disclosed are various examples for facilitating network speed testing on behalf of a client device that is associated with an enterprise. In a client device that can be a managed device managed by a management service, a network testing profile can be obtained which specifies a testing schedule as well as a network testing endpoint with which network testing can be conducted. Results of the network speed test can be transmitted to the management service, which can determine if the network speed implicates a compliance rule associated with the client device or an enterprise with which the client device is associated.

Abstract translation: 公开了用于促进代表与企业相关联的客户端设备的网络速度测试的各种示例。 在可以由管理服务管理的受管设备的客户端设备中，可以获得指定测试计划的网络测试配置文件以及可以进行网络测试的网络测试端点。 网络速度测试的结果可以传输到管理服务，这可以确定网络速度是否涉及与客户端设备或与客户端设备相关联的企业相关联的合规性规则。

公开(公告)号：US20160196414A1

公开(公告)日：2016-07-07

申请号：US15069577

申请日：2016-03-14

Applicant: AirWatch LLC

Inventor： Erich Stuntebeck ,  Kar Fai Tse

IPC: G06F21/30 ,  G01P15/08

Abstract: Advanced multi-factor authentication is disclosed. Data describing a change in a spatial position of a computing device from a first point in time to a second point in time may be captured. Data describing a change in a spatial position of an object within a field of view of the computing device from the first point in time to the second point in time may further be captured. Access to at least one resource may be authorized when the data describing the change in the spatial position of the object within the field of view of the computing device from the first point in time to the second point in time is expected based at least in part on the data describing the change in the spatial position of the computing device from the first point in time to the second point in time.

Abstract translation: 公开了高级多因素认证。 可以捕获描述计算设备从第一时间点到第二时间点的空间位置的变化的数据。 可以进一步捕获描述计算设备的视场内的物体从第一时间点到第二时间点的空间位置变化的数据。 当将至少部分地描述从计算设备的视野内的对象的空间位置的变化从第一时间点到第二时间点的数据预期时，可以授权对至少一个资源的访问 在描述计算设备的空间位置从第一时间点到第二时间点的变化的数据上。

公开(公告)号：US20160182495A1

公开(公告)日：2016-06-23

申请号：US14580653

申请日：2014-12-23

Applicant: AIRWATCH LLC

Inventor： Erich Peter Stuntebeck ,  Kar Fai Tse ,  Chen Lu ,  Chaoting Xuan

IPC: H04L29/06

CPC classification number: H04L9/3234 ,  G06F21/30 ,  G06F21/36 ,  G06F21/6209 ,  H04L9/0863 ,  H04L9/14 ,  H04L9/30 ,  H04L9/3228 ,  H04L63/0428 ,  H04L63/045 ,  H04L63/06 ,  H04L63/068 ,  H04L63/0846 ,  H04L63/0853 ,  H04L2463/062 ,  H04W4/80 ,  H04W12/04 ,  H04W12/06 ,  H04W12/08

Abstract: Disclosed are various embodiments for facilitating the encryption of files as well as facilitating requiring a user to employ an authenticator device in order to access a file that is encrypted or otherwise secured. The authenticator device can provide an authenticator code in which a security key used to access a secured file can be embedded. An additional layer of encryption can also be applied in the authenticator code.

公开(公告)号：US20160094707A1

公开(公告)日：2016-03-31

申请号：US14498253

申请日：2014-09-26

Applicant: AirWatch LLC

Inventor： Erich Peter Stuntebeck ,  Kar Fai Tse ,  Chen Lu

IPC: H04M1/725 ,  H04W64/00

CPC classification number: H04M1/72577 ,  H04M1/6091 ,  H04M2250/10 ,  H04M2250/12 ,  H04M2250/52 ,  H04W64/006

Abstract: Disclosed are various embodiments for restricting usage of a mobile device when a user is driving a vehicle. In one embodiment, it is determined that a mobile device is in use by a driver of an active vehicle. A functionality of the mobile device is then restricted based at least in part on determining that the mobile device is in use by the driver of the active vehicle. For example, a touch screen of the mobile device may be disabled, and the use of a hands-free interface may be made mandatory.

Abstract translation: 公开了当用户驾驶车辆时限制移动设备的使用的各种实施例。 在一个实施例中，确定移动设备正在由主动车辆的驾驶员使用。 至少部分地基于确定移动设备正在由主动车辆的驾驶员使用而限制移动设备的功能。 例如，可以禁用移动设备的触摸屏，并且可以使用免提接口来强制使用。

公开(公告)号：US11503150B2

公开(公告)日：2022-11-15

申请号：US16250363

申请日：2019-01-17

Applicant: AirWatch LLC

Inventor： Erich Peter Stuntebeck ,  Kar Fai Tse ,  Chen Lu

IPC: H04W64/00 ,  H04W4/02 ,  H04M1/72463 ,  H04M1/60

Abstract: Disclosed are various embodiments for restricting usage of a mobile device when a user is driving a vehicle. In one embodiment, it is determined that a mobile device is in use by a driver of an active vehicle. A functionality of the mobile device is then restricted based at least in part on determining that the mobile device is in use by the driver of the active vehicle. For example, a touch screen of the mobile device may be disabled, and the use of a hands-free interface may be made mandatory.

公开(公告)号：US10652124B2

公开(公告)日：2020-05-12

申请号：US16352535

申请日：2019-03-13

Applicant: AirWatch LLC

Inventor： Kar Fai Tse ,  Eric Peter Stuntebeck ,  Chen Lu

IPC: H04L12/26 ,  H04L12/24 ,  H04L29/08

Abstract: Disclosed are various examples for facilitating network speed testing on behalf of a client device that is associated with an enterprise. In a client device that can be a managed device managed by a management service, a network testing profile can be obtained which specifies a testing schedule as well as a network testing endpoint with which network testing can be conducted. Results of the network speed test can be transmitted to the management service, which can determine if the network speed implicates a compliance rule associated with the client device or an enterprise with which the client device is associated.