公开(公告)号：US20140109172A1

公开(公告)日：2014-04-17

申请号：US14029068

申请日：2013-09-17

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  Zhongmin Lang ,  Nitin Desai ,  James Robert Walker

IPC: H04L29/06

CPC classification number: H04L63/0272 ,  H04L63/0807 ,  H04L63/0884 ,  H04L63/20 ,  H04W12/06 ,  H04W12/08

Abstract: Various aspects of the disclosure relate to providing a per-application policy-controlled virtual private network (VPN) tunnel. In some embodiments, tickets may be used to provide access to an enterprise resource without separate authentication of the application and, in some instances, can be used in such a manner as to provide a seamless experience to the user when reestablishing a per-application policy controlled VPN tunnel during the lifetime of the ticket. Additional aspects relate to an access gateway providing updated policy information and tickets to a mobile device. Other aspects relate to selectively wiping the tickets from a secure container of the mobile device. Yet further aspects relate to operating applications in multiple modes, such as a managed mode and an unmanaged mode, and providing authentication-related services based on one or more of the above aspects.

公开(公告)号：US20140040979A1

公开(公告)日：2014-02-06

申请号：US14044998

申请日：2013-10-03

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  James Robert Walker ,  Nitin Desai ,  Zhongmin Lang

IPC: H04L29/06

CPC classification number: H04L63/20 ,  G06F21/604 ,  G06F21/72 ,  G06F2221/2111 ,  H04W12/0027 ,  H04W12/00503 ,  H04W12/06 ,  H04W12/08

Abstract: Improved techniques for managing enterprise applications on mobile devices are described herein. Each enterprise mobile application running on the mobile device has an associated policy through which it interacts with its environment. The policy selectively blocks or allows activities involving the enterprise application in accordance with rules established by the enterprise. Together, the enterprise applications running on the mobile device form a set of managed applications. Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications, such as the user's own personal applications. Policies may be defined to manage data sharing, mobile resource management, application specific information, networking and data access solutions, device cloud and transfer, dual mode application software, enterprise app store access, and virtualized application and resources, among other things.

公开(公告)号：US20140040977A1

公开(公告)日：2014-02-06

申请号：US14044901

申请日：2013-10-03

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  James Robert Walker ,  Nitin Desai ,  Zhongmin Lang

IPC: H04L29/06

CPC classification number: H04L63/20 ,  G06F21/604 ,  G06F21/72 ,  G06F2221/2111 ,  H04W12/06 ,  H04W12/08

Abstract: Improved techniques for managing enterprise applications on mobile devices are described herein. Each enterprise mobile application running on the mobile device has an associated policy through which it interacts with its environment. The policy selectively blocks or allows activities involving the enterprise application in accordance with rules established by the enterprise. Together, the enterprise applications running on the mobile device form a set of managed applications. Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications, such as the user's own personal applications. Policies may be defined to manage data sharing, mobile resource management, application specific information, networking and data access solutions, device cloud and transfer, dual mode application software, enterprise app store access, and virtualized application and resources, among other things.

公开(公告)号：US20140032759A1

公开(公告)日：2014-01-30

申请号：US14045014

申请日：2013-10-03

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  James Robert Walker ,  Nitin Desai ,  Zhongmin Lang

IPC: H04L29/08

CPC classification number: G06F21/72 ,  G06F21/6218 ,  G06F21/629 ,  G06F2221/2111 ,  H04L51/08 ,  H04L63/20 ,  H04L67/10 ,  H04W12/06 ,  H04W12/08

Abstract: Improved techniques for managing enterprise applications on mobile devices are described herein. Each enterprise mobile application running on the mobile device has an associated policy through which it interacts with its environment. The policy selectively blocks or allows activities involving the enterprise application in accordance with rules established by the enterprise. Together, the enterprise applications running on the mobile device form a set of managed applications. Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications, such as the user's own personal applications. Policies may be defined to manage data sharing, mobile resource management, application specific information, networking and data access solutions, device cloud and transfer, dual mode application software, enterprise app store access, and virtualized application and resources, among other things.

公开(公告)号：US20140032758A1

公开(公告)日：2014-01-30

申请号：US14045005

申请日：2013-10-03

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  James Robert Walker ,  Nitin Desai ,  Zhongmin Lang

IPC: H04L29/08

CPC classification number: H04L63/20 ,  G06F21/335 ,  G06F21/54 ,  G06F21/604 ,  G06F21/6218 ,  G06F21/629 ,  G06F21/72 ,  G06F2221/2101 ,  G06F2221/2111 ,  G06F2221/2137 ,  G06F2221/2143 ,  H04L41/00 ,  H04L41/28 ,  H04L51/08 ,  H04L63/0815 ,  H04L63/0823 ,  H04L63/0853 ,  H04L63/10 ,  H04L63/102 ,  H04L63/104 ,  H04L67/10 ,  H04W12/06 ,  H04W12/08

Abstract: Improved techniques for managing enterprise applications on mobile devices are described herein. Each enterprise mobile application running on the mobile device has an associated policy through which it interacts with its environment. The policy selectively blocks or allows activities involving the enterprise application in accordance with rules established by the enterprise. Together, the enterprise applications running on the mobile device form a set of managed applications. Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications, such as the user's own personal applications. Policies may be defined to manage data sharing, mobile resource management, application specific information, networking and data access solutions, device cloud and transfer, dual mode application software, enterprise app store access, and virtualized application and resources, among other things.

Abstract translation: 本文描述了用于在移动设备上管理企业应用的改进的技术。 在移动设备上运行的每个企业移动应用都具有与其环境交互的相关策略。 该策略根据企业规定有选择性地阻止或者允许涉及企业应用的活动。 一起，在移动设备上运行的企业应用程序组成一组受管应用程序。 管理应用程序通常被允许与其他受管应用程序交换数据，但被阻止与其他应用程序（例如用户自己的个人应用程序）交换数据。 可以定义政策来管理数据共享，移动资源管理，应用程序特定信息，网络和数据访问解决方案，设备云和传输，双模式应用软件，企业应用商店访问以及虚拟化应用和资源等。

公开(公告)号：US20140032733A1

公开(公告)日：2014-01-30

申请号：US14043902

申请日：2013-10-02

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  James Robert Walker ,  Nitin Desai ,  Zhongmin Lang

IPC: H04L12/24

CPC classification number: H04L63/20 ,  G06F21/335 ,  G06F21/54 ,  G06F21/604 ,  G06F21/6218 ,  G06F21/629 ,  G06F21/72 ,  G06F2221/2101 ,  G06F2221/2111 ,  G06F2221/2137 ,  G06F2221/2143 ,  H04L41/00 ,  H04L41/28 ,  H04L51/08 ,  H04L63/0815 ,  H04L63/0823 ,  H04L63/0853 ,  H04L63/10 ,  H04L63/102 ,  H04L63/104 ,  H04L67/10 ,  H04W12/0027 ,  H04W12/00503 ,  H04W12/06 ,  H04W12/08

Abstract: Improved techniques for managing enterprise applications on mobile devices are described herein. Each enterprise mobile application running on the mobile device has an associated policy through which it interacts with its environment. The policy selectively blocks or allows activities involving the enterprise application in accordance with rules established by the enterprise. Together, the enterprise applications running on the mobile device form a set of managed applications. Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications, such as the user's own personal applications. Policies may be defined to manage data sharing, mobile resource management, application specific information, networking and data access solutions, device cloud and transfer, dual mode application software, enterprise app store access, and virtualized application and resources, among other things.

公开(公告)号：US10198143B2

公开(公告)日：2019-02-05

申请号：US14211966

申请日：2014-03-14

Applicant: Citrix Systems, Inc.

Inventor： Nitin Desai ,  Georgy Momchilov

IPC: G06F3/048 ,  G06F3/0481 ,  G06F9/451

Abstract: A local computing device may use a remote computing device to host various resources on behalf of the local computing device. The local computing device may receive data related to a graphical window of the remotely hosted resource and generate a graphical window on the local desktop environment for the remotely hosted resource. The local computing device may also update a taskbar to include the remote hosted resource. Window previews may also be generated by the local computing device and the window previews may include snapshots or dynamic images of the graphical window for the remotely hosted resource. In some instances, the snapshots may be provided to the local computing device from the remote computing device.

公开(公告)号：US09973489B2

公开(公告)日：2018-05-15

申请号：US15347247

申请日：2016-11-09

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  Zhongmin Lang ,  Nitin Desai ,  James Robert Walker

IPC: H04L29/06 ,  H04W12/06 ,  H04W12/08

CPC classification number: H04L63/0807 ,  G06F21/31 ,  G06F2221/2105 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/0815 ,  H04L63/20 ,  H04W12/06 ,  H04W12/08

Abstract: Various aspects of the disclosure relate to providing a per-application policy-controlled virtual private network (VPN) tunnel. In some embodiments, tickets may be used to provide access to an enterprise resource without separate authentication of the application and, in some instances, can be used in such a manner as to provide a seamless experience to the user when reestablishing a per-application policy controlled VPN tunnel during the lifetime of the ticket. Additional aspects relate to an access gateway providing updated policy information and tickets to a mobile device. Other aspects relate to selectively wiping the tickets from a secure container of the mobile device. Yet further aspects relate to operating applications in multiple modes, such as a managed mode and an unmanaged mode, and providing authentication-related services based on one or more of the above aspects.

公开(公告)号：US20170063839A1

公开(公告)日：2017-03-02

申请号：US15347247

申请日：2016-11-09

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  Zhongmin Lang ,  Nitin Desai ,  James Robert Walker

IPC: H04L29/06

CPC classification number: H04L63/0807 ,  G06F21/31 ,  G06F2221/2105 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/0815 ,  H04L63/20 ,  H04W12/06 ,  H04W12/08

Abstract: Various aspects of the disclosure relate to providing a per-application policy-controlled virtual private network (VPN) tunnel. In some embodiments, tickets may be used to provide access to an enterprise resource without separate authentication of the application and, in some instances, can be used in such a manner as to provide a seamless experience to the user when reestablishing a per-application policy controlled VPN tunnel during the lifetime of the ticket. Additional aspects relate to an access gateway providing updated policy information and tickets to a mobile device. Other aspects relate to selectively wiping the tickets from a secure container of the mobile device. Yet further aspects relate to operating applications in multiple modes, such as a managed mode and an unmanaged mode, and providing authentication-related services based on one or more of the above aspects.

Abstract translation: 本公开的各个方面涉及提供每应用程序策略控制的虚拟专用网（VPN）隧道。 在一些实施例中，票据可以用于提供对企业资源的访问，而不需要对应用的单独认证，并且在某些情况下可以以这样的方式使用，以便在重新建立每个应用程序策略时向用户提供无缝体验 在票的生命周期内控制VPN隧道。 另外的方面涉及提供对移动设备的更新的策略信息和票据的接入网关。 其他方面涉及从移动设备的安全容器中选择性地擦拭票据。 另外的方面涉及在诸如管理模式和非托管模式的多种模式中的操作应用，以及基于上述方面中的一个或多个提供与认证相关的服务。

公开(公告)号：US09531796B2

公开(公告)日：2016-12-27

申请号：US14571081

申请日：2014-12-15

Applicant: Citrix Systems, Inc.

Inventor： Nitin Desai ,  Steve Dillon ,  David Stone

IPC: G06F15/16 ,  H04L29/08 ,  H04L12/917 ,  H04L29/06 ,  G06F9/50

CPC classification number: H04L67/1002 ,  G06F9/505 ,  G06F9/5083 ,  H04L29/08144 ,  H04L29/08153 ,  H04L29/08171 ,  H04L47/76 ,  H04L67/1004 ,  H04L67/1008 ,  H04L67/1012 ,  H04L67/1027 ,  H04L67/1029 ,  H04L67/2842 ,  H04L67/42

Abstract: Methods and systems for establishing user sessions between a client and a server or server farm can be carried out by a load balancing agent executing on a computer in communication with the client, server or server farm. The load balancing agent can intercept a connection request generated by an application executing on a client and responsively select a server on which to establish a user session. Selecting the server can be based on overbooking a particular server and choosing a server with a predetermined amount of forecasted load. Forecasted load can be determined by summing the current load on a server with a current load calculated by multiplying: the average load on the user sessions hosted by the server; by the number of cached user sessions stored on the server; and by the probability that a cached user session reconnects.

Abstract translation: 用于在客户机和服务器或服务器场之间建立用户会话的方法和系统可以由在与客户机，服务器或服务器场通信的计算机上执行的负载平衡代理执行。 负载平衡代理可以拦截在客户端上执行的应用程序生成的连接请求，并响应于选择在其上建立用户会话的服务器。 选择服务器可以基于超额预订特定服务器并选择具有预定量的预测负载的服务器。 预测的负载可以通过将服务器上的当前负载与当前负载相加来确定：乘以服务器主持的用户会话的平均负载; 通过存储在服务器上的缓存的用户会话的数量; 以及缓存的用户会话重新连接的概率。