公开(公告)号：US20150046997A1

公开(公告)日：2015-02-12

申请号：US14140843

申请日：2013-12-26

Applicant: Citrix Systems, Inc.

Inventor： Punit Gupta ,  Bharat Bhushan ,  Jong Kann ,  Pierre Rafiq

IPC: H04L29/06

CPC classification number: H04L63/083 ,  G06F21/31 ,  H04L9/32 ,  H04L63/0272 ,  H04L63/08 ,  H04L63/0815 ,  H04L63/1458

Abstract: A method for accessing enterprise resources while providing denial-of-service attack protection. The method may include receiving, at a gateway from a client device, a request for a resource, the request comprising a location identifier associated with the resource. The method may further include redirecting, by a redirection message, the request to an authentication device that requests credentials for authentication, the redirection message comprising the location identifier. The method may also include retrieving, after authentication of the credentials, the location identifier from the client device. The method may additionally include providing access to the resource based on the location identifier.

Abstract translation: 一种在提供拒绝服务攻击保护的同时访问企业资源的方法。 该方法可以包括在来自客户机设备的网关处接收对资源的请求，所述请求包括与资源相关联的位置标识符。 该方法还可以包括通过重定向消息将请求重定向到请求认证凭证的认证设备，该重定向消息包括位置标识符。 该方法还可以包括在认证凭证之后从客户端设备检索位置标识符。 该方法可以另外包括基于位置标识符提供对资源的访问。

公开(公告)号：US09344426B2

公开(公告)日：2016-05-17

申请号：US14140843

申请日：2013-12-26

Applicant: Citrix Systems, Inc.

Inventor： Punit Gupta ,  Bharat Bhushan ,  Jong Kann ,  Pierre Rafiq

IPC: H04L29/06 ,  G06F21/31 ,  H04L9/32

CPC classification number: H04L63/083 ,  G06F21/31 ,  H04L9/32 ,  H04L63/0272 ,  H04L63/08 ,  H04L63/0815 ,  H04L63/1458

Abstract: Techniques for accessing enterprise resources while providing denial-of-service attack protection may include receiving, at a gateway from a client device, a request for a resource, the request including a location identifier associated with the resource. Techniques may further include redirecting, by a redirection message, the request to an authentication device that requests credentials for authentication, the redirection message including the location identifier. Techniques may also include retrieving, after authentication of the credentials, the location identifier from the client device. Techniques may additionally include providing access to the resource based on the location identifier.

Abstract translation: 在提供拒绝服务攻击保护的同时访问企业资源的技术可包括在客户机设备的网关处接收对资源的请求，所述请求包括与资源相关联的位置标识符。 技术可以进一步包括通过重定向消息将请求重定向到请求验证凭证的认证设备，重定向消息包括位置标识符。 技术还可以包括在凭证认证之后从客户端设备检索位置标识符。 技术可以另外包括基于位置标识符提供对资源的访问。

公开(公告)号：US20140366080A1

公开(公告)日：2014-12-11

申请号：US13910680

申请日：2013-06-05

Applicant: Citrix Systems, Inc.

Inventor： Punit Gupta ,  Bharat Bhushan ,  Jong Kann ,  Pierre Rafiq

IPC: H04L29/06

CPC classification number: H04L63/08 ,  H04L63/0807 ,  H04L63/20 ,  H04W4/60 ,  H04W12/0023 ,  H04W12/0027 ,  H04W12/06

Abstract: A method for providing secure remote access to an enterprise application store with enterprise applications for a service running on a mobile device includes receiving an authentication request with user credentials from an access manager on the mobile device. Authentication and a valid session cookie are provided if user credentials are valid. An access token request is received and an access token is provided in response to the token request if the token request includes the valid session cookie. An access request from the service is received and access to the enterprise application store by the service is allowed if the request includes the access token. The service may then download applications or receive applications delivered via the enterprise application store. The application management service can also access a publicly available application store.

Abstract translation: 用于向企业应用商店提供对用于在移动设备上运行的服务的企业应用的安全远程访问的方法包括从移动设备上的访问管理器接收具有用户凭证的认证请求。 如果用户凭据有效，则提供验证和有效的会话cookie。 如果令牌请求包括有效的会话cookie，则接收访问令牌请求并且响应于令牌请求提供访问令牌。 如果请求包含访问令牌，则接收到来自服务的访问请求，并允许由服务访问企业应用程序存储。 然后，服务可以下载应用程序或接收通过企业应用程序存储提供的应用程序。 应用程序管理服务还可以访问公共可用的应用程序存储。