公开(公告)号：US11509603B2

公开(公告)日：2022-11-22

申请号：US17107345

申请日：2020-11-30

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Girish S. Dhoble ,  Nicholas D. Grobelny ,  David Konetski ,  Joseph Kozlowski ,  Ricardo L. Martinez ,  Charles D. Robison

IPC: H04L29/06 ,  H04L47/70 ,  H04L47/76 ,  H04L47/78 ,  H04L9/40

Abstract: Systems and methods adjust workspaces based on available hardware resource of an IHS (Information Handling System) by which a user operates a workspace supported by a remote orchestration service. A security context and a productivity context of the IHS are determined based on reported context information. A workspace definition for providing access to a managed resource is selected based on the security context and the productivity context. A notification specifies a hardware resource of the IHS that is not used by the workspace definition, such as a microphone or camera that has not been enabled for use by workspaces. A productivity improvement that results from the updated productivity context that includes use of the first hardware resource is determined. Based on the productivity improvement, an updated workspace definition is selected that includes use of the first hardware resource in providing access to the managed resource via the IHS.

公开(公告)号：US11475126B2

公开(公告)日：2022-10-18

申请号：US16670848

申请日：2019-10-31

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Girish S. Dhoble ,  Nicholas D. Grobelny ,  David Konetski ,  Joseph Kozlowski ,  Ricardo L. Martinez ,  Charles D. Robison

IPC: G06F11/00 ,  G06F21/55 ,  G06F11/30 ,  G06F21/57 ,  G06F11/34

Abstract: Systems and methods for modernizing workspace and hardware lifecycle management in an enterprise productivity ecosystem are described. In some embodiments, a client Information Handling System (IHS) may include a processor, and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the client IHS to: transmit, by a local management agent to a workspace orchestration service, an access request and context information; receive, at the local management agent from the workspace orchestration service, one or more files or policies configured to enable the local management agent to instantiate a workspace based upon a workspace definition, wherein the workspace orchestration service is configured to: (i) calculate a security target and a productivity target based upon the access request and the context information, and (ii) create the workspace definition based upon the security target and the productivity target; and instantiate the workspace.

公开(公告)号：US20220201009A1

公开(公告)日：2022-06-23

申请号：US17126122

申请日：2020-12-18

Applicant: Dell Products, L.P.

Inventor： Girish S. Dhoble ,  Nicholas D. Grobelny ,  Ricardo L. Martinez ,  Joseph Kozlowski

IPC: H04L29/06 ,  H04L12/24

Abstract: Systems and methods for creating and handling workspace indicators of compromise (IOC) based upon configuration drift are described. In some embodiments, a memory storage device may have program instructions stored thereon that, upon execution by one or more processors of an Information Handling System (IHS) of a workspace orchestration service, cause the IHS to: receive configuration information from a client IHS at a workspace orchestration service, where the configuration information represents a change in a configuration of a workspace executed by the client IHS, and where the workspace is instantiated based upon a workspace definition provided by the workspace orchestration service; determine, by the workspace orchestration service, that the configuration information matches an IOC; and transmit, from the workspace orchestration service to the client IHS, an instruction to perform an action responsive to the IOC.

公开(公告)号：US20220191247A1

公开(公告)日：2022-06-16

申请号：US17123814

申请日：2020-12-16

Applicant: Dell Products, L.P.

Inventor： Girish S. Dhoble ,  Nicholas D. Grobelny ,  Charles D. Robison

IPC: H04L29/06 ,  G06F12/14 ,  H04L9/08 ,  G06F21/79

Abstract: Systems and methods for self-protecting and self-refreshing workspaces are described. In some embodiments, an Information Handling System (IHS) may include a processor and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution, cause the IHS to: receive, from a workspace orchestration service, one or more files or policies configured to enable the client IHS to instantiate a workspace based upon a workspace definition; determine that a context of the client IHS has been modified; in response to the determination, terminate the workspace; and receive, from the workspace orchestration service, one or more files or policies configured to enable the client IHS to re-instantiate the workspace based upon the workspace definition.

公开(公告)号：US11151256B2

公开(公告)日：2021-10-19

申请号：US16410807

申请日：2019-05-13

Applicant: Dell Products, L.P.

Inventor： Ricardo L. Martinez ,  Girish S. Dhoble ,  Nicholas D. Grobelny

IPC: G06F21/57 ,  G06F21/50 ,  G06F21/55 ,  G06F9/4401

Abstract: Systems and methods for detecting IHS attacks by monitoring chains of configuration changes made to Basic Input/Output System (BIOS) or Unified Extensible Firmware Interface (UEFI) attributes are described. In some embodiments, an IHS may include a processor and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the IHS to: monitor a chain of BIOS/UEFI configuration changes; compare the chain of BIOS/UEFI configuration changes against an Indication of Attack (IoA); and report an alert in response to the chain of BIOS/UEFI configuration changes matching the IoA.

公开(公告)号：US20210136115A1

公开(公告)日：2021-05-06

申请号：US16671045

申请日：2019-10-31

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Girish S. Dhoble ,  Nicholas D. Grobelny ,  David Konetski ,  Joseph Kozlowski ,  Ricardo L. Martinez ,  Charles D. Robison

IPC: H04L29/06

Abstract: Methods and system are provided for dynamically securing a workspace based on changes in the security context in which the workspace operates. Upon receiving a request from an IHS for access to a managed resource and receiving attributes of a risk context for the request, a risk score for the request is determined. A workspace definition that provides access to the managed resource is selected based on the risk score. A workspace definition includes security requirements for operation of the workspace by the IHS, where the security requirements are commensurate with the risk score. The workspace definition is transmitted to the IHS for operation of the workspace according to the security requirements. A risk context may include, IHS software, a physical environment in which the IHS is located, a physical location of the IHS, a classification of the requested resource, IHS hardware, and a user of the IHS.

公开(公告)号：US20210133329A1

公开(公告)日：2021-05-06

申请号：US16670796

申请日：2019-10-31

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Girish S. Dhoble ,  Nicholas D. Grobelny ,  David Konetski ,  Joseph Kozlowski ,  Ricardo L. Martinez ,  Charles D. Robison

IPC: G06F21/57 ,  G06F9/455

Abstract: Systems and methods for endpoint context-driven, dynamic workspaces are described. In some embodiments, an Information Handling System (IHS) of a workspace orchestration service, the IHS comprising a processor and a memory coupled to the processor, the memory having program instructions stored thereon that cause the IHS to: receive initial context information from a local management agent; produce a first workspace definition based upon the initial context information, where the local management agent is configured to instantiate a first workspace based upon the first workspace definition; receive updated context information from the local management agent; and in response to the updated context information being noncompliant with attributes of the first workspace definition, select a second workspace definition, where the updated context information complies with the attributes of the second workspace definition, and the local management agent is configured to instantiate a second workspace based upon the second workspace definition.

公开(公告)号：US20210133298A1

公开(公告)日：2021-05-06

申请号：US16670658

申请日：2019-10-31

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Girish S. Dhoble ,  Nicholas D. Grobelny ,  David Konetski ,  Joseph Kozlowski ,  Ricardo L. Martinez ,  Charles D. Robison

IPC: G06F21/12 ,  H04L29/06

Abstract: Systems and methods for dynamic workspace targeting with crowdsourced user context are described. In some embodiments, an Information Handling System (IHS) of a workspace orchestration service may include a processor; and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the IHS to: detect execution of an application in a workspace instantiated by a client IHS; validate the application based upon productivity context information and security context information received from the client IHS; and in response to the validation, distribute the validated application to another workspace instantiated by another client IHS.

公开(公告)号：US20190258309A1

公开(公告)日：2019-08-22

申请号：US15901434

申请日：2018-02-21

Applicant: Dell Products L.P.

Inventor： Nicholas D. Grobelny ,  James T. Gillon ,  Christian L. Critz

IPC: G06F1/32 ,  G06F11/30 ,  G06F11/34 ,  G06F13/40

Abstract: In one or more embodiments, one or more systems, methods, and/or processes may provide low power state entry signals to multiple devices of an information handling system. After providing the low power state entry signals to the multiple devices, the one or more systems, methods, and/or processes may receive a first status signal from a first device of the multiple devices within an amount of time; may determine that the first status signal from the first device was received within the amount of time; may determine that a second status signal from a second device of the multiple devices was not received within the amount of time; may log that the first status signal from the first device was received within the amount of time; and may log that the second status signal from the second device was not received within the amount of time.

公开(公告)号：US20180324162A1

公开(公告)日：2018-11-08

申请号：US15589736

申请日：2017-05-08

Applicant: Dell Products L.P.

Inventor： Abeye Teshome ,  Nicholas D. Grobelny ,  Joseph Kozlowski, JR. ,  Adolfo S. Montero

IPC: H04L29/06

CPC classification number: H04L63/08 ,  G06F21/45 ,  G06F21/554 ,  H04L63/083 ,  H04L63/12

Abstract: In one or more embodiments, one or more systems, methods, and/or processes may receive, independently of a processor of the information handling system (IHS), first credential management information and may modify, independently of the processor and based on the first credential management information, credential information stored via a secure object store of the IHS. For example, modifying the credential information may include modifying the credential information such that the IHS denies access to at least a portion of the IHS based on the credential information. In one instance, denying access to at least the portion of the IHS may include disabling at least one of password, biometric information associated with a user, and an encryption key. In another instance, denying access to at least the portion of the IHS may include remapping, independently of the processor, at least one human interface device.