-
公开(公告)号:US09420005B1
公开(公告)日:2016-08-16
申请号:US14221205
申请日:2014-03-20
Applicant: Google Inc.
Inventor: Glenn Wilson , Sumit Gwalani , William Alexander Drewry , Mattias Stefan Nissler
IPC: H04L29/06
CPC classification number: H04L63/20 , H04L63/08 , H04L63/0823 , H04L67/306 , H04L67/34
Abstract: Systems and methods for installing policy settings on a client computing device are provided. In some aspects, the client computing device receives policy data and a public key from a server. The policy data are authenticated based on the public key. Policy settings based on the authenticated policy data are installed on the client computing device. Installing the policy settings based on the authenticated policy data on the client computing device includes storing information based on the policy data in a module on the client computing device. The module is secured by the public key from the server and a signature generated on the client computing device to prevent the stored information from being moved or copied by a user of the client computing device.
Abstract translation: 提供了在客户端计算设备上安装策略设置的系统和方法。 在一些方面,客户端计算设备从服务器接收策略数据和公钥。 策略数据根据公钥进行认证。 基于认证策略数据的策略设置安装在客户端计算设备上。 基于客户端计算设备上的认证策略数据来安装策略设置包括将基于策略数据的信息存储在客户端计算设备上的模块中。 该模块通过来自服务器的公钥和在客户端计算设备上生成的签名来保护,以防止存储的信息被客户端计算设备的用户移动或复制。
-
公开(公告)号:US09065863B1
公开(公告)日:2015-06-23
申请号:US13912105
申请日:2013-06-06
Applicant: Google Inc.
Inventor: Royans Kurian Tharakan , Sumit Gwalani
CPC classification number: H04L63/10 , H04L61/1511
Abstract: A method for determining auto-enrollment eligibility for an electronic device with an enterprise domain is provided. The method includes generating a reverse lookup of the IP address of the host through which an electronic device is requesting initialization in order to determine an associated domain name. The method also includes comparing the associated domain name to a list of enterprise domains and determining if the electronic device is eligible to auto-enroll with the an particular enterprise domain. The method also includes determining if the enterprise domain has an available license for the type of electronic device and sending a request to the electronic device to initiate auto-enrollment. Systems and machine-readable media are also provided.
Abstract translation: 提供了一种用于确定具有企业域的电子设备的自动注册资格的方法。 该方法包括生成电子设备正在请求初始化的主机的IP地址的反向查找,以便确定相关联的域名。 该方法还包括将相关域名与企业域列表进行比较,并确定电子设备是否有资格与特定企业域自动注册。 该方法还包括确定企业域是否具有用于电子设备类型的可用许可,并向电子设备发送请求以启动自动注册。 还提供系统和机器可读介质。
-
公开(公告)号:US09537894B1
公开(公告)日:2017-01-03
申请号:US14487007
申请日:2014-09-15
Applicant: Google Inc.
Inventor: Alexander Friedrich Kuscher , Min Li Chan , Sumit Gwalani
CPC classification number: H04L63/20 , G06F17/30117 , G06F21/31 , H04L63/08 , H04L67/306
Abstract: A non-transitory machine-readable medium embodying instructions that, when executed by a machine, allow the machine to perform a method are provided. In one aspect, a method includes receiving, at a computing device, user account credentials associated with an online user account. The method includes sending the user account credentials to a server. The method includes receiving, in response to sending the user account credentials to a server, a user profile associated with the user account. The method includes configuring an operating system session on the device based on the user profile. The method includes receiving an indication to terminate the operating system session. The method includes, erasing, upon termination of the operating system session, the received user profile and data stored locally on the computing device during the operating system session. Systems and methods are also provided.
Abstract translation: 一种非暂时的机器可读介质,其包含当由机器执行时允许机器执行方法的指令。 一方面,一种方法包括在计算设备处接收与在线用户帐户相关联的用户帐户证书。 该方法包括将用户帐户凭据发送到服务器。 该方法包括响应于将用户帐户凭据发送到服务器,接收与用户帐户相关联的用户简档。 该方法包括基于用户简档在设备上配置操作系统会话。 该方法包括接收终止操作系统会话的指示。 该方法包括:在操作系统会话终止时,擦除所接收的用户简档和在操作系统会话期间本地存储在计算设备上的数据。 还提供了系统和方法。
-
公开(公告)号:US09391980B1
公开(公告)日:2016-07-12
申请号:US14077120
申请日:2013-11-11
Applicant: Google Inc.
Inventor: Darren Krahn , Sumit Gwalani , William Alexander Drewry
CPC classification number: G06F21/57 , H04L63/1433
Abstract: Systems and methods for enterprise platform verification are provided. In some aspects, a computing device includes a trusted platform module (TPM). The TPM includes an endorsement key (EK) physically embedded in the TPM. The TPM includes an attestation identity key (AIK), the AIK being used to verify that at least one TPM-protected key different from the EK and different from the AIK is generated at the TPM and is non-migratable. The TPM includes an enterprise machine key (EMK), the EMK being certified by the AIK, the EMK being uniquely associated with the client computing device, and the EMK being generated during enrollment of the client computing device with an enterprise and remaining active until a factory reset of the client computing device.
Abstract translation: 提供企业级平台验证的系统和方法。 在一些方面,计算设备包括可信平台模块(TPM)。 TPM包括物理上嵌入在TPM中的认可密钥(EK)。 TPM包括认证身份密钥(AIK),AIK用于验证在TPM处生成不同于EK并且不同于AIK的至少一个TPM保护的密钥,并且是不可迁移的。 TPM包括企业机器密钥(EMK),EMK由AIK认证,EMK与客户端计算设备唯一相关,EMK在客户端计算设备与企业注册期间生成,并保持活动状态,直到 出厂复位的客户端计算设备。
-
公开(公告)号:US09191382B1
公开(公告)日:2015-11-17
申请号:US13735556
申请日:2013-01-07
Applicant: Google Inc.
Inventor: Zelidrag Hornung , William A. Drewry , Sumit Gwalani , Christopher Masone
CPC classification number: H04L63/08 , G06F21/31 , H04L9/3226 , H04L29/06755 , H04L63/083 , H04L63/0861 , H04L2463/082 , H04L9/32
Abstract: Methods and apparatus for authenticating computing device users are disclosed. An example method includes, providing, on a display device of a computing device, a graphical user interface (GUI) including a user authentication display portion and receiving, from a remote authentication server, visual content and functional content corresponding with the user authentication display portion. The method further includes receiving, via the user authentication display portion, a set of user credentials and communicating the received user credentials to the remote user authentication server. The method still further includes receiving, from the remote user authentication server; an authorization message indicating whether or not authentication of the user credentials was successful. In the event authentication of the set of user credentials was successful, the user is granted access to the computing device. In the event authentication of the set of user credentials was not successful, the user is denied access to the computing device.
Abstract translation: 公开了用于认证计算设备用户的方法和装置。 一种示例性方法包括:在计算设备的显示设备上提供包括用户认证显示部分的图形用户界面(GUI),并从远程认证服务器接收与用户认证显示部分相对应的可视内容和功能内容 。 该方法还包括经由用户认证显示部分接收一组用户凭证并将接收到的用户凭证传送到远程用户认证服务器。 该方法还包括从远程用户认证服务器接收; 指示用户凭证的认证是否成功的授权消息。 在一组用户凭证的认证成功的情况下,用户被授予访问计算设备的权限。 在一组用户凭证的认证不成功的情况下,用户被拒绝访问计算设备。
-
Patent Agency Ranking
公开(公告)号:US08997174B1
公开(公告)日:2015-03-31
申请号:US13688129
申请日:2012-11-28
Applicant: Google Inc.
Inventor: Glenn Wilson , Sumit Gwalani , William A. Drewry , Mattias Stefan Nissler , Daniel Kenneth Clifford , Christopher Masone
CPC classification number: H04L63/20 , G06F21/6218 , H04L63/08 , H04L63/101
Abstract: Systems and methods for configuring browser policy settings on client computing devices are provided. In some aspects, a method includes receiving login credentials from a client computing device. The client computing device includes a browser. The method also includes transmitting browser policy data associated with the login credentials to the client computing device. The browser policy data identifies browser policy settings to be installed on the browser. The browser policy settings identified by the browser policy data include four or more of: compliance settings, behavioral settings, browser/software applications, permission to access one or more websites, restrictions on accessing one or more websites, read permission in a remote document storage unit accessible via the browser, or write permission in a remote document storage unit accessible via the browser.
Abstract translation: 提供了在客户端计算设备上配置浏览器策略设置的系统和方法。 在一些方面,一种方法包括从客户端计算设备接收登录凭证。 客户端计算设备包括浏览器。 该方法还包括将与登录凭证相关联的浏览器策略数据发送到客户端计算设备。 浏览器策略数据标识要在浏览器上安装的浏览器策略设置。 由浏览器策略数据识别的浏览器策略设置包括以下四个或更多:遵从性设置,行为设置,浏览器/软件应用程序,访问一个或多个网站的权限,访问一个或多个网站的限制,远程文档存储中的读取权限 可通过浏览器访问的单元,或通过浏览器访问的远程文档存储单元的写入权限。
-
7.发明申请Private Third Party Validation of Hardware Identification for Offer Enrollment 审中-公开私人第三方验证报价登记的硬件识别公开(公告)号:US20140095286A1
公开(公告)日:2014-04-03
申请号:US13632901
申请日:2012-10-01
Applicant: GOOGLE INC.
Inventor: William Alexander Drewry , Gaurav Shah , Sumit Gwalani
IPC: G06Q30/02
CPC classification number: G06Q30/02
Abstract: Systems and methods are described herein for validating computer hardware identification information. A validation server can receive a request from an offer provider to validate an instance of computer hardware for enrollment in an offer. The offer may be associated with a service identifier. The validation server can request a hardware identification code from the instance of computer hardware. The validation server can receive the hardware identification code from the instance of computer hardware. The validation server can validate that the hardware identification code is eligible to enroll in the offer associated with the service identifier and then transmit a response to the offer provider indicating the validated status while maintaining privacy of the hardware identification code away from the offer provider.
Abstract translation: 这里描述了用于验证计算机硬件识别信息的系统和方法。 验证服务器可以接收来自报价提供商的请求,以验证计算机硬件的实例以便在报价中注册。 该提议可以与服务标识符相关联。 验证服务器可以从计算机硬件的实例请求硬件识别码。 验证服务器可以从计算机硬件的实例接收硬件识别码。 验证服务器可以验证硬件标识代码是否有资格登记与服务标识符相关联的提供,然后在维护硬件标识码的隐私远离提供提供者的同时向提供商发送指示验证状态的响应。
-
公开(公告)号:US09251336B1
公开(公告)日:2016-02-02
申请号:US14252373
申请日:2014-04-14
Applicant: GOOGLE INC.
Inventor: Luigi Semenzato , William Alexander Drewry , Gaurav Shah , Randall Spangler , Sumit Gwalani
CPC classification number: G06F21/51 , G06F8/65 , G06F21/572
Abstract: To provide a secure installation and execution software environment, locked version numbers are maintained. A locked version number associated with a software program may be stored. When a request is received to update the software program with an update package, a package number of the update package may be compared to the locked version number. The software program may be updated with the update package if the package number is at least as recent as the locked version number, and the updating of the software program with the update package may be restricted if the package number is earlier than the locked version number.
Abstract translation: 为了提供安全的安装和执行软件环境,维护锁定的版本号。 可以存储与软件程序相关联的锁定版本号。 当接收到使用更新包更新软件程序的请求时,可将更新包的包编号与锁定的版本号进行比较。 如果软件包号码至少与锁定版本号码一样,则可以使用更新软件包更新软件程序,并且如果软件包编号早于锁定的版本号,则可以限制具有更新软件包的软件程序的更新 。
-
公开(公告)号:US10127384B2
公开(公告)日:2018-11-13
申请号:US15335101
申请日:2016-10-26
Applicant: GOOGLE INC.
Inventor: Gaurav Shah , William A. Drewry , Randall Spangler , Ryan Tabone , Sumit Gwalani , Luigi Semenzato
Abstract: Methods and apparatus for verifying a boot process of a computing system are disclosed. An example computer-implemented method includes reading, by a computing system during a boot process, a header section of a read-write portion of firmware of the computing system. The example method further includes generating, using a first cryptographic hash algorithm, a message digest corresponding with the header. The example method also includes decrypting, using a first public-key, an encrypted signature corresponding with the header. The example method still further includes comparing the message digest corresponding with the header and the decrypted signature corresponding with the header. In the event the message digest corresponding with the header and the decrypted signature corresponding with the header match, the example method includes continuing the boot process. In the event the message digest corresponding with the header and the decrypted signature corresponding with the header do not match, the example method includes halting the boot process.
-
公开(公告)号:US09135212B2
公开(公告)日:2015-09-15
申请号:US13691635
申请日:2012-11-30
Applicant: Google Inc.
Inventor: Joao Paulo Pagaime da Silva , Kenneth Edward Mixter , Raymond Lo , Glenn Wilson , William Alexander Drewry , Bin Zhao , Sumit Gwalani , Mattias Stefan Nissler
IPC: G06F15/177 , H04L29/06
CPC classification number: H04L63/083 , H04L63/0428 , H04L63/0823
Abstract: A system and a method for registering an electronic device are provided. An auto-enrollment status of an electronic device by an enterprise is determined based on hash information associated with an identifier for the electronic device. In a case where the auto-enrollment status of the electronic device is determined to require auto-enrollment of the electronic device by the enterprise, one or more configuration settings for the electronic device as designated by the enterprise are identified, and the electronic device is requested to adopt the one or more configuration settings as designated by the enterprise in response to providing the auto-enrollment login interface to the electronic device.
Abstract translation: 提供了一种用于登记电子设备的系统和方法。 基于与电子设备的标识符相关联的哈希信息来确定企业的电子设备的自动注册状态。 在电子设备的自动注册状态被确定为要求企业自动注册电子设备的情况下,识别由企业指定的电子设备的一个或多个配置设置,并且电子设备是 响应于向电子设备提供自动注册登录界面,请求采用企业指定的一个或多个配置设置。
-
-
-
-
-
-
-
-
-
Search Results
17
records
(took 0.017 seconds)
