公开(公告)号：US20220038448A1

公开(公告)日：2022-02-03

申请号：US16940487

申请日：2020-07-28

Applicant: Citrix Systems, Inc.

Inventor： Richard John DeFilippo ,  Raul Planas ,  Prachee Mhatre ,  Padmashri Nonabur Krishnamurthy

IPC: H04L29/06

Abstract: Systems and methods for providing a single sign-on for authenticating a user via multiple client devices in a distributed resource environment are provided. For example, the system includes a processor that receives a first connection request to a remote resource from an untrusted client device. The processor processes the first connection request to identify an enrolled client device that is configured to authenticate a user of the untrusted client device. The processor further verifies whether a user of the enrolled client device is the user of the untrusted client device and determine if the user of the untrusted client device is authorized to access the remote resource. If the processor determines that the user of the untrusted client device is authorized to access the remote resource, the processor provides the untrusted client device access to the remote resource.

公开(公告)号：US20220182385A1

公开(公告)日：2022-06-09

申请号：US17116804

申请日：2020-12-09

Applicant: Citrix Systems, Inc.

Inventor： Anjaneya Padmakar Akondi ,  Sumana Gandur Satyanarayana ,  Liming Wang ,  Raul Planas

IPC: H04L29/06 ,  G06F3/06

Abstract: A computer system to authorize a first endpoint to access enterprise digital resources is provided. The computer system includes the first endpoint, a second endpoint, and an endpoint management service being executed in a server. The endpoint management service communicates with the first endpoint via the second endpoint. For example, the endpoint management service receives authentication credentials from the first endpoint via the second endpoint. Similarly, the endpoint management service, upon verification of the authentication credentials, transmits an authorization token to the first endpoint via the second endpoint. The first endpoint, upon receiving and deploying the authorization token, can execute enterprise managed application programs and can access enterprise digital resources. In some examples, both the first and second endpoints are owned and/or used by a same user.