公开(公告)号：US20220278837A1

公开(公告)日：2022-09-01

申请号：US17747160

申请日：2022-05-18

Applicant: DELL PRODUCTS L.P.

Inventor： Nicholas D. Grobelny ,  Richard M. Tonry ,  Balasingh P. Samuel

IPC: H04L9/08 ,  H04L9/06

Abstract: A system includes a communication channel monitor configured to calculate a hash value of a first encrypted code segment based on a measurement. A security module may derive a first encryption key using a key decryption function operation from the hash value of the first encrypted code segment. A processor decrypts the first encrypted code segment with a seed key retrieved from a storage device, and if the decryption is successful then executes the first decrypted code segment. The processor may retrieve a second one of the encrypted code segments, wherein the second encrypted code segment is a next encrypted code segment for execution after the first encrypted code segment according to a sequence of execution, decrypt the second encrypted code segment with the first encryption key, and if the decryption is successful then execute the second decrypted code segment.

公开(公告)号：US20220191239A1

公开(公告)日：2022-06-16

申请号：US17124324

申请日：2020-12-16

Applicant: Dell Products, L.P.

Inventor： Nicholas D. Grobelny ,  Charles D. Robison ,  Ricardo L. Martinez

IPC: H04L29/06 ,  G06Q10/10 ,  G06Q10/06

Abstract: Systems and methods for providing fleet remediation of compromised workspaces are described. In some embodiments, an Information Handling System (IHS) may include a processor and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution, cause the IHS to: receive, from a first local management agent configured to provide a first workspace in a fleet of workspaces, an indication that the first workspace has suffered a security compromise, where the first workspace is instantiated based upon a first workspace definition; and in response to the indication, transmit a second workspace definition to a second local management agent configured to provide a second workspace in the fleet of workspaces, where the second workspace is instantiated based upon the first workspace definition, and where the second local management agent is configured to instantiate a third workspace based upon the second workspace definition.

公开(公告)号：US20210135943A1

公开(公告)日：2021-05-06

申请号：US16670516

申请日：2019-10-31

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Girish S. Dhoble ,  Nicholas D. Grobelny ,  David Konetski ,  Joseph Kozlowski ,  Ricardo L. Martinez ,  Charles D. Robison

IPC: H04L12/24 ,  H04L29/06 ,  H04L29/08

Abstract: Systems and methods for modernizing workspace and hardware lifecycle management in an enterprise productivity ecosystem are described. In some embodiments, a client Information Handling System (IHS) may include a processor and a memory, the memory having program instructions that, upon execution by the processor, cause the client IHS to: receive, from a workspace orchestration service, one or more files or policies configured to enable the client IHS to instantiate a first workspace based upon a first workspace definition; allow a user to execute a non-vetted application in the first workspace; determine that the first workspace is compromised; and receive, in response to the determination, from the workspace orchestration service, one or more other files or policies configured to enable the client IHS to instantiate a second workspace based upon a second workspace definition, where the second workspace definition allows execution of a vetted application corresponding to the non-vetted application.

公开(公告)号：US10938743B1

公开(公告)日：2021-03-02

申请号：US16670734

申请日：2019-10-31

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Girish S. Dhoble ,  Nicholas D. Grobelny ,  David Konetski ,  Joseph Kozlowski ,  Ricardo L. Martinez ,  Charles D. Robison

IPC: H04L12/911 ,  H04L29/06 ,  H04L12/917 ,  H04L12/801

Abstract: Systems and methods for continuous evaluation of workspace definitions using endpoint context. In some embodiments, an Information Handling System (IHS) of a workspace orchestration service may include a processor and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the IHS to: receive context information from a local management agent of a client device; in response to the context information indicating that a current workspace provided via the local management agent is over-privileged, modify a current workspace definition into a modified workspace definition, where the modified workspace definition outlines fewer resources than the current workspace definition; and transmit, to the local management agent, one or more files configured to enable the local management agent to modify the current workspace based upon the modified workspace definition to reduce a number of resources available to a user of the client device.

公开(公告)号：US10671149B2

公开(公告)日：2020-06-02

申请号：US15852661

申请日：2017-12-22

Applicant: Dell Products, L.P.

Inventor： Nicholas D. Grobelny ,  Jacob Mink ,  Rick C. Thompson ,  Nikhil Manohar Vichare

IPC: G06F1/00 ,  G06F1/3296 ,  G06F1/26 ,  H02J7/04 ,  H02J7/00 ,  G06F1/28 ,  G06F1/3206

Abstract: Systems and methods for remotely applying battery management policies based on local user behavior. In an illustrative, non-limiting embodiment, an Information Handling System (IHS) may include: a processor and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution, cause the IHS to: receive a battery management policy from a remote server; and apply the battery management policy to the IHS, wherein the battery management policy is selected based upon a local user's behavior.

公开(公告)号：US10476858B2

公开(公告)日：2019-11-12

申请号：US15589736

申请日：2017-05-08

Applicant: Dell Products L.P.

Inventor： Abeye Teshome ,  Nicholas D. Grobelny ,  Joseph Kozlowski, Jr. ,  Adolfo S. Montero

IPC: G06F21/45 ,  H04L29/06 ,  G06F21/55

Abstract: In one or more embodiments, one or more systems, methods, and/or processes may receive, independently of a processor of the information handling system (IHS), first credential management information and may modify, independently of the processor and based on the first credential management information, credential information stored via a secure object store of the IHS. For example, modifying the credential information may include modifying the credential information such that the IHS denies access to at least a portion of the IHS based on the credential information. In one instance, denying access to at least the portion of the IHS may include disabling at least one of password, biometric information associated with a user, and an encryption key. In another instance, denying access to at least the portion of the IHS may include remapping, independently of the processor, at least one human interface device.

公开(公告)号：US12236230B2

公开(公告)日：2025-02-25

申请号：US18157120

申请日：2023-01-20

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Jason Kolodziej ,  Girish S. Dhoble ,  Nicholas D. Grobelny

IPC: H04L29/06 ,  G06F8/65 ,  H04L9/40 ,  H04L12/24

Abstract: Systems and methods support updates to an Information Handling System (IHS). A workspace is instantiated on the IHS based upon a received workspace definition, where the workspace identifies an available update to a system operating on the IHS. A request is made for a first credential used for validation of the IHS by a first remote workspace orchestrator. The workspace provides the first credential to a second remote workspace orchestrator that controls access to updates to the system operating on the IHS. The second remote workspace orchestrator uses the first credential to validate the IHS with the first remote workspace orchestrator. The workspace performs the available update to the system operating on the IHS using a second credential provided by the second remote workspace orchestrator upon validation of the IHS by the first remote workspace orchestrator. The IHS maintains separate confidentiality with each remote orchestrator providing credentials for the update.

公开(公告)号：US12223029B2

公开(公告)日：2025-02-11

申请号：US17647796

申请日：2022-01-12

Applicant: Dell Products, L.P.

Inventor： Nicholas D. Grobelny ,  Charles D. Robison

IPC: G06F21/31 ,  G06F21/34 ,  G06F21/44 ,  G06F21/60

Abstract: Systems and methods support transferring control of a workspace that operates on an Information Handling System (IHS). An authorization policy is established on the IHS that is modifiable only by an arbiter of a remote orchestration service. The authorization policy specifies authorized administrators of the workspace. The authorization policy is modified to specify the arbiter and a first remote orchestrator as authorized administrators of the workspace. Administration of the workspace by the first orchestrator is allowed based on credentials that validate it as an authorized administrator specified by the policy. A notification is received of a transfer of orchestration of the workspace to a second remote orchestrator. The authorization policy is modified to specify the arbiter and the second orchestrator as authorized administrators of the workspace. Administration of the workspace by the second orchestrator is allowed based on credentials that validate it as an authorized administrator specified by the policy.

公开(公告)号：US12210643B2

公开(公告)日：2025-01-28

申请号：US18157096

申请日：2023-01-20

Applicant: Dell Products, L.P.

Inventor： Nicholas D. Grobelny ,  Girish S. Dhoble ,  Jason Kolodziej

IPC: G06F21/62 ,  G06F21/54 ,  G06F21/57

Abstract: Systems and methods support operation of primary on an Information Handling System (IHS) and the operation of subordinate workspaces on peripheral devices coupled to the IHS. The IHS receives a primary workspace definition from a remote orchestrator and instantiates a primary workspace based upon the primary workspace definition, where the instantiated primary workspace operates using core resources of the IHS and provides access to a protected resource. The IHS reports, to the remote orchestrator, an inventory of peripheral devices that are detected as coupled to the IHS. In response, one or more subordinate workspace definitions are received from the remote orchestrator, where each of the subordinate workspace definitions are for operation of a subordinate workspace by one of the peripheral devices coupled to the IHS. Based on the received subordinate workspace definitions, operation of subordinate workspaces is initiated on peripheral devices coupled to the IHS.

公开(公告)号：US12105609B2

公开(公告)日：2024-10-01

申请号：US18354912

申请日：2023-07-19

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Girish S. Dhoble ,  Nicholas D. Grobelny ,  David Konetski ,  Joseph Kozlowski ,  Ricardo L. Martinez ,  Charles D. Robison

IPC: G06F11/00 ,  G06F11/30 ,  G06F11/34 ,  G06F21/55 ,  G06F21/57

CPC classification number: G06F11/3055 ,  G06F11/3452 ,  G06F11/3466 ,  G06F21/552 ,  G06F21/577

Abstract: Systems and methods for modernizing workspace and hardware lifecycle management in an enterprise productivity ecosystem are described. In some embodiments, a client Information Handling System (IHS) may include a processor, and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the client IHS to: transmit, by a local management agent to a workspace orchestration service, an access request and context information; receive, at the local management agent from the workspace orchestration service, one or more files or policies configured to enable the local management agent to instantiate a workspace based upon a workspace definition, wherein the workspace orchestration service is configured to: (i) calculate a security target and a productivity target based upon the access request and the context information, and (ii) create the workspace definition based upon the security target and the productivity target; and instantiate the workspace.