公开(公告)号：US20140032691A1

公开(公告)日：2014-01-30

申请号：US14044946

申请日：2013-10-03

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  James Robert Walker ,  Nitin Desai ,  Zhongmin Lang

IPC: H04L29/08 ,  H04L12/58

CPC classification number: H04L63/20 ,  G06F21/335 ,  G06F21/54 ,  G06F21/604 ,  G06F21/6218 ,  G06F21/629 ,  G06F21/72 ,  G06F2221/2101 ,  G06F2221/2111 ,  G06F2221/2137 ,  G06F2221/2143 ,  H04L41/00 ,  H04L41/28 ,  H04L51/08 ,  H04L63/0815 ,  H04L63/0823 ,  H04L63/0853 ,  H04L63/10 ,  H04L63/102 ,  H04L63/104 ,  H04L67/10 ,  H04W12/06 ,  H04W12/08

Abstract: Improved techniques for managing enterprise applications on mobile devices are described herein. Each enterprise mobile application running on the mobile device has an associated policy through which it interacts with its environment. The policy selectively blocks or allows activities involving the enterprise application in accordance with rules established by the enterprise. Together, the enterprise applications running on the mobile device form a set of managed applications. Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications, such as the user's own personal applications. Policies may be defined to manage data sharing, mobile resource management, application specific information, networking and data access solutions, device cloud and transfer, dual mode application software, enterprise app store access, and virtualized application and resources, among other things.

公开(公告)号：US20210218797A1

公开(公告)日：2021-07-15

申请号：US17215892

申请日：2021-03-29

Applicant: Citrix Systems, Inc.

Inventor： Zhongmin Lang ,  Gary Barton ,  Nitin Desai ,  James R. Walker

IPC: H04L29/08 ,  G06F9/46 ,  G06F21/51 ,  H04L29/06 ,  H04W12/08 ,  H04W12/37

Abstract: A method and system for managing an application with multiple modes are described. A device manager that manages a mobile device may monitor the mobile device. The device manager may detect that a first type of application that runs in a managed mode (or in multiple managed modes) and an unmanaged mode is installed on the mobile device. When the application is executed on the device, the application executes in accordance with the selected application mode, e.g., based on location, user, role, industry presence, or other predefined context.

公开(公告)号：US09858428B2

公开(公告)日：2018-01-02

申请号：US15422761

申请日：2017-02-02

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  Zhongmin Lang ,  Nitin Desai ,  James Robert Walker

IPC: G06F21/60 ,  H04L29/06

CPC classification number: G06F21/602 ,  G06F21/60 ,  G06F21/6218 ,  G06F21/88 ,  G06F2221/2143 ,  H04L63/0428 ,  H04L67/10 ,  H04W12/06 ,  H04W12/08

Abstract: Various aspects of the disclosure relate to providing secure containers or data vaults for data of one or more managed applications. In some embodiments, each managed application may be assigned its own private data vault and/or may be assigned a shared data vault that is accessible to at least one other managed application. As the managed application executes, calls for access to the data may be intercepted and redirected to the secure containers. Data stored in a secure container may be encrypted according to a policy. Other aspects relate to deleting data from a secure container, such as via a selective wipe of data associated with a managed application. Further aspects relate to configuring and creating the secure containers, retrieving key information required to encrypt/decrypt the data stored in the secure containers, and publishing the managed applications, policy information and key information for download to a mobile device.

公开(公告)号：US20170147825A1

公开(公告)日：2017-05-25

申请号：US15422761

申请日：2017-02-02

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  Zhongmin Lang ,  Nitin Desai ,  James Robert Walker

IPC: G06F21/60 ,  H04L29/06

CPC classification number: G06F21/602 ,  G06F21/60 ,  G06F21/6218 ,  G06F21/88 ,  G06F2221/2143 ,  H04L63/0428 ,  H04L67/10 ,  H04W12/06 ,  H04W12/08

Abstract: Various aspects of the disclosure relate to providing secure containers or data vaults for data of one or more managed applications. In some embodiments, each managed application may be assigned its own private data vault and/or may be assigned a shared data vault that is accessible to at least one other managed application. As the managed application executes, calls for access to the data may be intercepted and redirected to the secure containers. Data stored in a secure container may be encrypted according to a policy. Other aspects relate to deleting data from a secure container, such as via a selective wipe of data associated with a managed application. Further aspects relate to configuring and creating the secure containers, retrieving key information required to encrypt/decrypt the data stored in the secure containers, and publishing the managed applications, policy information and key information for download to a mobile device.

公开(公告)号：US20170105122A1

公开(公告)日：2017-04-13

申请号：US15386609

申请日：2016-12-21

Applicant: Citrix Systems, Inc.

Inventor： Nitin Desai ,  Jaspreet Singh

IPC: H04W12/08 ,  H04L29/06 ,  G06F9/44 ,  H04L29/08

CPC classification number: G06F9/451 ,  G06F3/0481 ,  G06F9/452 ,  G06F9/453 ,  H04L63/105 ,  H04L67/025 ,  H04W12/08

Abstract: According to some aspects disclosed herein, a system for remote assistance and control of user devices subject to one or more remote assistance policies may be provided. In some embodiments, an administrator may request remote control of a managed user device. A managed application launcher may be provided by the user device and may be modified by the user device to remove managed applications or otherwise prevent access to applications that have a policy indicating that remote assistance is not allowed. The administrator may open a managed application included in the launcher and remotely control that application. In other embodiments, a user of the managed user device may initiate a request for remote assistance from within a managed application and/or the managed application launcher. The administrator's control of the user device and access to other applications on the user device may be limited based on the remote assistance policies.

公开(公告)号：US09563445B2

公开(公告)日：2017-02-07

申请号：US14702954

申请日：2015-05-04

Applicant: Citrix Systems, Inc.

Inventor： Nitin Desai ,  Jaspreet Singh

IPC: G06F17/00 ,  H04L29/06 ,  G06F9/44 ,  G06F3/0481 ,  H04L29/08

CPC classification number: G06F9/451 ,  G06F3/0481 ,  G06F9/452 ,  G06F9/453 ,  H04L63/105 ,  H04L67/025 ,  H04W12/08

Abstract: According to some aspects disclosed herein, a system for remote assistance and control of user devices subject to one or more remote assistance policies may be provided. In some embodiments, an administrator may request remote control of a managed user device. A managed application launcher may be provided by the user device and may be modified by the user device to remove managed applications or otherwise prevent access to applications that have a policy indicating that remote assistance is not allowed. The administrator may open a managed application included in the launcher and remotely control that application. In other embodiments, a user of the managed user device may initiate a request for remote assistance from within a managed application and/or the managed application launcher. The administrator's control of the user device and access to other applications on the user device may be limited based on the remote assistance policies.

Abstract translation: 根据本文公开的一些方面，可以提供用于远程协助和控制受到一个或多个远程协助策略的用户设备的系统。 在一些实施例中，管理员可以请求对被管理用户设备的远程控制。 托管应用启动器可以由用户设备提供，并且可以由用户设备修改以去除被管理的应用，或以其他方式阻止访问具有指示不允许远程协助的策略的应用。 管理员可以打开包含在启动器中的托管应用程序并远程控制该应用程序。 在其他实施例中，被管理用户设备的用户可以从被管理的应用和/或被管理的应用启动器中发起对远程协助的请求。 管理员对用户设备的控制和对用户设备上的其他应用的访问可以基于远程协助策略来限制。

公开(公告)号：US09521117B2

公开(公告)日：2016-12-13

申请号：US14535597

申请日：2014-11-07

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  Zhongmin Lang ,  Nitin Desai ,  James Robert Walker

IPC: H04W12/06 ,  H04L29/06 ,  H04W12/08

CPC classification number: H04L63/0807 ,  G06F21/31 ,  G06F2221/2105 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/0815 ,  H04L63/20 ,  H04W12/06 ,  H04W12/08

Abstract: Various aspects of the disclosure relate to providing a per-application policy-controlled virtual private network (VPN) tunnel. In some embodiments, tickets may be used to provide access to an enterprise resource without separate authentication of the application and, in some instances, can be used in such a manner as to provide a seamless experience to the user when reestablishing a per-application policy controlled VPN tunnel during the lifetime of the ticket. Additional aspects relate to an access gateway providing updated policy information and tickets to a mobile device. Other aspects relate to selectively wiping the tickets from a secure container of the mobile device. Yet further aspects relate to operating applications in multiple modes, such as a managed mode and an unmanaged mode, and providing authentication-related services based on one or more of the above aspects.

公开(公告)号：US09043480B2

公开(公告)日：2015-05-26

申请号：US14045014

申请日：2013-10-03

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  James Robert Walker ,  Nitin Desai ,  Zhongmin Lang

IPC: G06F21/72 ,  H04L29/08 ,  H04L12/58 ,  G06F21/62 ,  H04L29/06 ,  H04W12/06 ,  H04W12/08

CPC classification number: G06F21/72 ,  G06F21/6218 ,  G06F21/629 ,  G06F2221/2111 ,  H04L51/08 ,  H04L63/20 ,  H04L67/10 ,  H04W12/06 ,  H04W12/08

Abstract: Improved techniques for managing enterprise applications on mobile devices are described herein. Each enterprise mobile application running on the mobile device has an associated policy through which it interacts with its environment. The policy selectively blocks or allows activities involving the enterprise application in accordance with rules established by the enterprise. Together, the enterprise applications running on the mobile device form a set of managed applications. Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications, such as the user's own personal applications. Policies may be defined to manage data sharing, mobile resource management, application specific information, networking and data access solutions, device cloud and transfer, dual mode application software, enterprise app store access, and virtualized application and resources, among other things.

公开(公告)号：US08959579B2

公开(公告)日：2015-02-17

申请号：US14041911

申请日：2013-09-30

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  Zhongmin Lang ,  Nitin Desai ,  James Robert Walker

IPC: H04L29/06 ,  G06F21/60 ,  G06F21/62 ,  G06F21/88 ,  H04W12/06 ,  H04W12/08

CPC classification number: G06F21/602 ,  G06F21/60 ,  G06F21/6218 ,  G06F21/88 ,  G06F2221/2143 ,  H04L63/0428 ,  H04L67/10 ,  H04W12/06 ,  H04W12/08

Abstract: Various aspects of the disclosure relate to providing secure containers or data vaults for data of one or more managed applications. In some embodiments, each managed application may be assigned its own private data vault and/or may be assigned a shared data vault that is accessible to at least one other managed application. As the managed application executes, calls for access to the data may be intercepted and redirected to the secure containers. Data stored in a secure container may be encrypted according to a policy. Other aspects relate to deleting data from a secure container, such as via a selective wipe of data associated with a managed application. Further aspects relate to configuring and creating the secure containers, retrieving key information required to encrypt/decrypt the data stored in the secure containers, and publishing the managed applications, policy information and key information for download to a mobile device.

Abstract translation: 本公开的各个方面涉及为一个或多个被管理应用的数据提供安全容器或数据保管库。 在一些实施例中，可以向每个被管理的应用分配其自己的专用数据保险库和/或可以分配可由至少一个其他被管理应用访问的共享数据保险库。 随着托管应用程序的执行，对数据访问的调用可能被拦截并重定向到安全容器。 存储在安全容器中的数据可以根据策略进行加密。 其他方面涉及从安全容器中删除数据，例如经由与被管理应用相关联的数据的选择性擦除。 其他方面涉及配置和创建安全容器，检索加密/解密存储在安全容器中的数据所需的密钥信息，以及发布被管理应用，策略信息和用于下载的移动设备的密钥信息。

公开(公告)号：US20140337528A1

公开(公告)日：2014-11-13

申请号：US14340096

申请日：2014-07-24

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  James Robert Walker ,  Nitin Desai ,  Zhongmin Lang

IPC: H04L29/06 ,  H04L12/24

CPC classification number: H04L63/20 ,  G06F21/335 ,  G06F21/54 ,  G06F21/604 ,  G06F21/6218 ,  G06F21/629 ,  G06F21/72 ,  G06F2221/2101 ,  G06F2221/2111 ,  G06F2221/2137 ,  G06F2221/2143 ,  H04L41/00 ,  H04L41/28 ,  H04L51/08 ,  H04L63/0815 ,  H04L63/0823 ,  H04L63/0853 ,  H04L63/10 ,  H04L63/102 ,  H04L63/104 ,  H04L67/10 ,  H04W12/06 ,  H04W12/08

Abstract: Improved techniques for managing enterprise applications on mobile devices are described herein. Each enterprise mobile application running on the mobile device has an associated policy through which it interacts with its environment. The policy selectively blocks or allows activities involving the enterprise application in accordance with rules established by the enterprise. Together, the enterprise applications running on the mobile device form a set of managed applications. Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications, such as the user's own personal applications. Policies may be defined to manage data sharing, mobile resource management, application specific information, networking and data access solutions, device cloud and transfer, dual mode application software, enterprise app store access, and virtualized application and resources, among other things.

Abstract translation: 本文描述了用于在移动设备上管理企业应用的改进的技术。 在移动设备上运行的每个企业移动应用都具有与其环境交互的相关策略。 该策略根据企业规定有选择性地阻止或者允许涉及企业应用的活动。 一起，在移动设备上运行的企业应用程序组成一组受管应用程序。 管理应用程序通常被允许与其他受管应用程序交换数据，但被阻止与其他应用程序（例如用户自己的个人应用程序）交换数据。 可以定义政策来管理数据共享，移动资源管理，应用程序特定信息，网络和数据访问解决方案，设备云和传输，双模式应用软件，企业应用商店访问以及虚拟化应用和资源等。