公开(公告)号：US20220231863A1

公开(公告)日：2022-07-21

申请号：US17187940

申请日：2021-03-01

Applicant: VMWARE, INC.

Inventor： AVINASH AGARWAL ,  Akhil Dhananjaya

IPC: H04L9/32 ,  H04L9/08 ,  H04L9/30

Abstract: Systems and methods are described for establishing trust between two devices for secure peer-to-peer communication. In an example, a first and a second device can each possess a digital signature issued by the same certificate authority and a hash function issued by the same trusted entity. The devices can exchange public keys that include their respective digital signatures. The second device can verify the first device's digital signature, encrypt an encryption key with the second device's public key, hash the encryption key using its hash function, and encrypt the hash using its private key. The second device can send the encrypted hash and encryption key to the first device. The first device can verify the second device's digital signature, decrypt the encryption key, and decrypt the encrypted hash. The first device can hash the encryption key using its hashing function and compare the two hashes to verify the second device.

公开(公告)号：US20220224727A1

公开(公告)日：2022-07-14

申请号：US17708250

申请日：2022-03-30

Applicant: VMware, Inc.

Inventor： AVINASH AGARWAL ,  SIVASUBRAMANIAM SIVAKUMAR

IPC: H04L9/40 ,  H04L9/32 ,  H04L9/08

Abstract: Disclosed are various approaches for generating a management token corresponding to a client device. The management token can include one or more device policies that can be installed or enforce on a client device. This can allow a device that might not be enrolled as a managed device to be taken into a facility and comply with the security policies of the facility.

公开(公告)号：US20180337951A1

公开(公告)日：2018-11-22

申请号：US15666619

申请日：2017-08-02

Applicant: VMWARE, INC.

Inventor： AVINASH AGARWAL ,  SIVASUBRAMANIAM SIVAKUMAR

IPC: H04L29/06 ,  H04L9/32

Abstract: Disclosed are various approaches for generating a management token corresponding to a client device. The management token can include one or more device policies that can be installed or enforce on a client device. This can allow a device that might not be enrolled as a managed device to be taken into a facility and comply with the security policies of the facility.