-
公开(公告)号:US11457007B2
公开(公告)日:2022-09-27
申请号:US17015567
申请日:2020-09-09
Applicant: Citrix Systems, Inc.
Inventor: Tom Kludy
Abstract: Methods, systems, computer-readable media, and apparatuses method for performing single sign on for a user device to the Internet. User sign-in credentials including an identity token of the user are received by a hosted desktop from the user device, including an indication that the user is attempting to access a website. The website is authorized as a trusted website by a network authorization node, and the website is issued a one-time-use token. A web browser of the hosted desktop receives an application provided by the website to cause the web browser to call the hosted desktop to initiate single sign on. Authenticity of the one-time-use token is requested by a daemon process, and the website's public key is obtained. Upon verifying authenticity of the web site, the identity token of the user is passed to the website, to enable the website to establish single sign on with the user.
-
公开(公告)号:US20190228092A1
公开(公告)日:2019-07-25
申请号:US15875087
申请日:2018-01-19
Applicant: Citrix Systems, Inc.
Inventor: Jose Reyes , Tom Kludy , Ricardo Fernando Feijoo
Abstract: Methods and devices for searching and aggregating data in a distributed cloud computing environment are provided. In some embodiments, a request from a client to perform a data transaction is received by a first server. The first server simultaneously spawns a plurality of threads, each thread sending to a different server of a plurality of servers the request to perform the data transaction. A response indicating whether the data transaction was performed by the server is received by the first server and from each server of the plurality of servers. In response to an indication that the data transaction was performed by one or more servers of the plurality of servers and when the data transaction is a get transaction: data corresponding to the data transaction is received by the first server and from the one more servers, the data received from the one or more servers is aggregated by the first server to form combined data, and the first server sends the combined data to the client. Finally, the first server sends a notification including information indicating a result of the data transaction to the client.
-
3.发明授权公开(公告)号:US10701161B2
公开(公告)日:2020-06-30
申请号:US15688252
申请日:2017-08-28
Applicant: Citrix Systems, Inc.
Inventor: Jose Reyes , Tom Kludy
IPC: H04L29/08 , H04L12/721 , G06F16/25 , H04L12/733
Abstract: Aspects of the disclosure relate to wrapping continuation tokens to support paging for multiple servers across different geolocations. An enterprise server may receive a first request for a plurality of records, and the first request for the plurality of records may request a quantity of records exceeding a page size limit. In response to receiving the first request, the enterprise server may retrieve a first set of records comprising a first number of records equal to the page size limit. The enterprise server may generate a first wrapped continuation token comprising location information identifying a geographic location of a first server where a next set of records is to be retrieved. Finally, the enterprise server may send, to the client device, the first set of records and the first wrapped continuation token, which may cause the client device to process the first set of records.
-
公开(公告)号:US10382293B2
公开(公告)日:2019-08-13
申请号:US15600894
申请日:2017-05-22
Applicant: Citrix Systems, Inc.
Inventor: Tom Kludy , Luis Garcia Menchaca , Jose Reyes , Felipe Leon
Abstract: Methods, systems, computer-readable media, and apparatuses method for integrating a cloud service under development with a production cloud system that includes at least one production service. A first scope is assigned for use in testing the first cloud service under development with the production cloud system, in which the first scope restricts access of the first cloud service under development to the production cloud system. A first user of the production cloud system is assigned to the first scope. A second scope is assigned to services of the production cloud system, which does not restrict access of the services of the production cloud system. Access to the first cloud service under development and to the at least one production cloud service is provided to the first user. Other users of the production cloud system are not provided access to the first cloud service under development.
-
公开(公告)号:US20220200999A1
公开(公告)日:2022-06-23
申请号:US17495030
申请日:2021-10-06
Applicant: Citrix Systems, Inc.
Inventor: Feng Huang , Ricardo Fernando Feijoo , Tom Kludy , John Gavin Ashman
Abstract: Methods and systems for secure authentication of users based on unique device identifiers are described herein. A computing device may receive, from a user device, a device registration. The device registration may comprise authentication credentials, device information, and/or a public key. Based on the authentication credentials and/or the device information, a unique device identifier may be generated. A token may be generated based on the unique device identifier and sent to the user device. A request for content may be received from the user device. A nonce may be sent to the user device. The token and a signed version of the nonce may be received from the user device. The nonce may have been signed using a private key corresponding to the public key. Access to the content may be provided based on the token, the unique device identifier, and/or the signed version of the nonce.
-
Patent Agency Ranking
公开(公告)号:US20190386980A1
公开(公告)日:2019-12-19
申请号:US16010580
申请日:2018-06-18
Applicant: Citrix Systems, Inc.
Inventor: Tom Kludy
Abstract: Methods, systems, computer-readable media, and apparatuses method for performing single sign on for a user device to the Internet. User sign-in credentials including an identity token of the user are received by a hosted desktop from the user device, including an indication that the user is attempting to access a website. The website is authorized as a trusted website by a network authorization node, and the website is issued a one-time-use token. A web browser of the hosted desktop receives an application provided by the website to cause the web browser to call the hosted desktop to initiate single sign on. Authenticity of the one-time-use token is requested by a daemon process, and the website's public key is obtained. Upon verifying authenticity of the web site, the identity token of the user is passed to the website, to enable the website to establish single sign on with the user.
-
7.发明申请公开(公告)号:US20190068725A1
公开(公告)日:2019-02-28
申请号:US15688252
申请日:2017-08-28
Applicant: Citrix Systems, Inc.
Inventor: Jose Reyes , Tom Kludy
IPC: H04L29/08 , H04L12/721
Abstract: Aspects of the disclosure relate to wrapping continuation tokens to support paging for multiple servers across different geolocations. An enterprise server may receive a first request for a plurality of records, and the first request for the plurality of records may request a quantity of records exceeding a page size limit. In response to receiving the first request, the enterprise server may retrieve a first set of records comprising a first number of records equal to the page size limit. The enterprise server may generate a first wrapped continuation token comprising location information identifying a geographic location of a first server where a next set of records is to be retrieved. Finally, the enterprise server may send, to the client device, the first set of records and the first wrapped continuation token, which may cause the client device to process the first set of records.
-
公开(公告)号:US11838285B2
公开(公告)日:2023-12-05
申请号:US17891076
申请日:2022-08-18
Applicant: Citrix Systems, Inc.
Inventor: Tom Kludy
CPC classification number: H04L63/0815 , H04L9/30 , H04L63/0838
Abstract: Methods, systems, computer-readable media, and apparatuses method for performing single sign on for a user device to the Internet. A hosted desktop may monitor activity on one or more ports on a local host interface. The hosted desktop may detect a call to initiate a single-sign-on from the hosted desktop into a website. The website may be associated with a one-time-use token. A public key of the website may be retrieved based on verification of the one-time-use token. An identity token corresponding to a user may be obtained and the identity token may be encrypted based on the public key of the website. The encrypted identity token may be provided to the website to establish the single-sign-on on behalf of the user with the website.
-
公开(公告)号:US20220394027A1
公开(公告)日:2022-12-08
申请号:US17891076
申请日:2022-08-18
Applicant: Citrix Systems, Inc.
Inventor: Tom Kludy
Abstract: Methods, systems, computer-readable media, and apparatuses method for performing single sign on for a user device to the Internet. A hosted desktop may monitor activity on one or more ports on a local host interface. The hosted desktop may detect a call to initiate a single-sign-on from the hosted desktop into a website. The website may be associated with a one-time-use token. A public key of the website may be retrieved based on verification of the one-time-use token. An identity token corresponding to a user may be obtained and the identity token may be encrypted based on the public key of the website. The encrypted identity token may be provided to the website to establish the single-sign-on on behalf of the user with the website.
-
公开(公告)号:US11171964B1
公开(公告)日:2021-11-09
申请号:US17132172
申请日:2020-12-23
Applicant: Citrix Systems, Inc.
Inventor: Feng Huang , Ricardo Fernando Feijoo , Tom Kludy , John Gavin Ashman
Abstract: Methods and systems for secure authentication of users based on unique device identifiers are described herein. A computing device may receive, from a user device, a device registration. The device registration may comprise authentication credentials, device information, and/or a public key. Based on the authentication credentials and/or the device information, a unique device identifier may be generated. A token may be generated based on the unique device identifier and sent to the user device. A request for content may be received from the user device. A nonce may be sent to the user device. The token and a signed version of the nonce may be received from the user device. The nonce may have been signed using a private key corresponding to the public key. Access to the content may be provided based on the token, the unique device identifier, and/or the signed version of the nonce.
-
-
-
-
-
-
-
-
-
Search Results
15
records
(took 0.012 seconds)
