-
公开(公告)号:US20210042196A1
公开(公告)日:2021-02-11
申请号:US17079717
申请日:2020-10-26
Applicant: Citrix Systems, Inc.
Inventor: Thomas Michael Kludy , Michael Paul Wehniainen
Abstract: Methods and systems for coordinating migration for a database of a service are described herein. Multiple releases of the service may be simultaneously implemented, and these multiple releases may access a shared database. As new releases of the service are activated, the database may be incrementally migrated to a new data schema version. The new data schema version may be compatible with each release of the service that is in use. After a migration has begun, instances of the service may be instructed to perform database operations using methods compatible with the new data schema version. Continuation tokens may be returned during the migration, which indicate portions of the shared database that have not yet been migrated. If an error occurs during the migration, the continuation tokens may be discarded, and the migration may be restarted.
-
公开(公告)号:US20200344321A1
公开(公告)日:2020-10-29
申请号:US16923632
申请日:2020-07-08
Applicant: Citrix Systems, Inc.
Inventor: Steven A. Keller , Thomas J. Hammond , Thomas Michael Kludy , Ayush Jain , Ricardo Fernando Feijoo
IPC: H04L29/08 , H04W4/02 , H04L12/701
Abstract: Methods and systems for routing a user request for a service to a version of the service in a geographical region associated with the user are described herein. The service may be deployed in multiple geographical regions, and the service may have multiple versions in each of the geographical regions. A user device may send a request for a service to a first server in a geographical region. The first server may determine whether the user is associated with the geographical region. Responsive to determining that the user is not associated with the geographical region, the first server may ask one or more servers in other geographical regions whether the user is associated with any of the other geographical regions.
-
公开(公告)号:US20200186537A1
公开(公告)日:2020-06-11
申请号:US16793433
申请日:2020-02-18
Applicant: Citrix Systems, Inc.
Inventor: Thomas Michael Kludy
Abstract: A method of performing operations involving accessing a set of protected computing resources of a computing device includes (a) receiving, by a frontend service, an instruction via a network connection, the instruction directing the computing device to perform an operation involving accessing the set of protected resources, the set of protected computing resources being configured to refuse access to the frontend service, (b) in response to receiving the instruction, sending a request from the frontend service to a backend service, the request instructing the backend service to access the set of protected resources, the backend service being configured to not communicate via the network connection, the set of protected computing resources being configured to permit access to the backend service, and (c) in response to the backend service receiving the request from the frontend service, the backend service accessing the set of protected resources in fulfillment of the operation.
-
公开(公告)号:US10609131B2
公开(公告)日:2020-03-31
申请号:US15869341
申请日:2018-01-12
Applicant: Citrix Systems, Inc.
Inventor: Steven A. Keller , Thomas J. Hammond , Thomas Michael Kludy
IPC: G06F15/177 , H04L29/08 , H04L29/12 , H04L12/24 , H04L12/803
Abstract: Methods, systems, and non-transitory computer-readable media are described herein. In some embodiments, a computing platform may deploy a cloud application comprising a first instance of the cloud application. Further, the computing platform may direct a DNS to the first instance of the cloud application. Next, the computing platform may determine that a second instance of the cloud application should be deployed. Additionally, the computing platform may create a first global traffic manager configured with at least a first endpoint and a second endpoint, where the first endpoint is associated with the first instance and is enabled, and where the second endpoint is associated with the second instance, and is disabled. Subsequently, the computing platform may direct the DNS to the first global traffic manager. The computing platform may then direct the DNS to the first global traffic manager, enable the second endpoint. In addition, the computing device may direct, based on metadata associated with each of a plurality of users, each of the plurality of users to one of the first instance and the second instance, wherein one or more users are directed to each of the first instance and the second instance.
-
公开(公告)号:US20190222638A1
公开(公告)日:2019-07-18
申请号:US15869341
申请日:2018-01-12
Applicant: Citrix Systems, Inc.
Inventor: Steven A. Keller , Thomas J. Hammond , Thomas Michael Kludy
IPC: H04L29/08 , H04L29/12 , H04L12/803 , H04L12/24
CPC classification number: H04L67/101 , H04L41/5051 , H04L41/5096 , H04L47/122 , H04L61/1511 , H04L67/1021
Abstract: Methods, systems, and non-transitory computer-readable media are described herein. In some embodiments, a computing platform may deploy a cloud application comprising a first instance of the cloud application. Further, the computing platform may direct a DNS to the first instance of the cloud application. Next, the computing platform may determine that a second instance of the cloud application should be deployed. Additionally, the computing platform may create a first global traffic manager configured with at least a first endpoint and a second endpoint, where the first endpoint is associated with the first instance and is enabled, and where the second endpoint is associated with the second instance, and is disabled. Subsequently, the computing platform may direct the DNS to the first global traffic manager. The computing platform may then direct the DNS to the first global traffic manager, enable the second endpoint. In addition, the computing device may direct, based on metadata associated with each of a plurality of users, each of the plurality of users to one of the first instance and the second instance, wherein one or more users are directed to each of the first instance and the second instance.
-
Patent Agency Ranking
6.发明授权公开(公告)号:US11962593B2
公开(公告)日:2024-04-16
申请号:US17410013
申请日:2021-08-24
Applicant: Citrix Systems, Inc.
Inventor: Ricardo Fernando Feijoo , Thomas Michael Kludy
IPC: H04L9/40
CPC classification number: H04L63/10 , H04L63/083 , H04L63/0414 , H04L63/102 , H04L63/105
Abstract: A principal database is described in which each entry includes one principal identity, and one or more alias identities that may each have an authorization scope. Principal identity attributes include a principal identifier and login credentials, and alias identity attributes include an authorization scope and login credentials. Responsive to successfully authenticating the user for a first application (a multiple-identity application), based on the alias identity login credentials, an access token containing both the alias identity attributes and the principal identity attributes is transmitted to the first application, causing the first application to grant a scope of access based on the authorization scope. Responsive to a request to authenticate the user for a second application (a single-identity application), the access token is transmitted to the second application without re-authenticating the user, causing the second application to grant a scope of access based on the principal identifier.
-
公开(公告)号:US11134037B2
公开(公告)日:2021-09-28
申请号:US16592351
申请日:2019-10-03
Applicant: Citrix Systems, Inc.
Inventor: Jose Reyes , Thomas Michael Kludy
IPC: H04L12/58
Abstract: A technique increases capacity in a topic-subscription messaging system. The technique involves, during a first time period, operating a first topic structure of the system. The first topic structure includes a first topic and a plurality of first subscriptions coupled with the first topic. The technique further involves, during a second time period, providing a second topic structure which includes a second topic and a plurality of second subscriptions coupled with the second topic. The technique further involves, during a third time period, providing a link from the second topic structure to the first topic structure making (i) the second topic structure a parent to the first topic structure and (ii) the first topic structure a child to the second topic structure, the link conveying messages from a particular second subscription of the second topic structure to the first topic of the first topic structure.
-
8.发明授权公开(公告)号:US10440024B2
公开(公告)日:2019-10-08
申请号:US15482904
申请日:2017-04-10
Applicant: Citrix Systems, Inc.
Inventor: Ricardo Fernando Feijoo , Thomas Michael Kludy
Abstract: A principal database is described in which each entry includes one principal identity, and one or more alias identities that may each have an authorization scope. Principal identity attributes include a principal identifier and login credentials, and alias identity attributes include an authorization scope and login credentials. Responsive to successfully authenticating the user for a first application (a multiple-identity application), based on the alias identity login credentials, an access token containing both the alias identity attributes and the principal identity attributes is transmitted to the first application, causing the first application to grant a scope of access based on the authorization scope. Responsive to a request to authenticate the user for a second application (a single-identity application), the access token is transmitted to the second application without re-authenticating the user, causing the second application to grant a scope of access based on the principal identifier.
-
公开(公告)号:US10439963B2
公开(公告)日:2019-10-08
申请号:US15454486
申请日:2017-03-09
Applicant: Citrix Systems, Inc.
Inventor: Jose Reyes , Thomas Michael Kludy
IPC: H04L12/58
Abstract: A technique increases capacity in a topic-subscription messaging system. The technique involves, during a first time period, operating a first topic structure of the system. The first topic structure includes a first topic and a plurality of first subscriptions coupled with the first topic. The technique further involves, during a second time period, providing a second topic structure which includes a second topic and a plurality of second subscriptions coupled with the second topic. The technique further involves, during a third time period, providing a link from the second topic structure to the first topic structure making (i) the second topic structure a parent to the first topic structure and (ii) the first topic structure a child to the second topic structure, the link conveying messages from a particular second subscription of the second topic structure to the first topic of the first topic structure.
-
公开(公告)号:US20180278620A1
公开(公告)日:2018-09-27
申请号:US15470359
申请日:2017-03-27
Applicant: Citrix Systems, Inc.
Inventor: Thomas Michael Kludy
CPC classification number: H04L63/105 , G06F8/61 , G06F21/10 , G06F21/6218 , H04L9/3247 , H04L63/126 , H04L63/1441 , H04L67/34
Abstract: A method of performing operations involving accessing a set of protected computing resources of a computing device includes (a) receiving, by a frontend service, an instruction via a network connection, the instruction directing the computing device to perform an operation involving accessing the set of protected resources, the set of protected computing resources being configured to refuse access to the frontend service, (b) in response to receiving the instruction, sending a request from the frontend service to a backend service, the request instructing the backend service to access the set of protected resources, the backend service being configured to not communicate via the network connection, the set of protected computing resources being configured to permit access to the backend service, and (c) in response to the backend service receiving the request from the frontend service, the backend service accessing the set of protected resources in fulfillment of the operation.
-
-
-
-
-
-
-
-
-
Search Results
33
records
(took 0.019 seconds)
