公开(公告)号：US20140289510A1

公开(公告)日：2014-09-25

申请号：US13848333

申请日：2013-03-21

Applicant: VMware, Inc.

Inventor： Harvey TUCH ,  Mark ZEREN ,  Craig F. NEWELL

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L63/102 ,  G06F21/57 ,  G06F21/6281 ,  H04L9/3265 ,  H04L9/3268 ,  H04L63/0272 ,  H04L63/0823 ,  H04L67/34 ,  H04L2209/127 ,  H04L2209/80 ,  H04W12/06

Abstract: An application management agent running on a wireless communications device restricts access to device functionality (e.g., applications and device features) unless the application management agent has determined that a particular configuration profile has been installed on the device (after which the application management agent permits access to device functionality, and an operating system of the device enforces policy settings specified in the configuration profile). The application management agent confirms the presence of the configuration profile by using a validation certificate to validate against a root certificate embedded in a configuration profile installed on the device. The configuration profile is configured to be non-removable, so it cannot be remove or updated, except by another configuration profile signed by the same authority. Validation against the embedded root certificate thereby implicitly confirms the presence of the configuration profile and validates the content of the configuration profile.

Abstract translation: 运行在无线通信设备上的应用管理代理限制对设备功能的访问（例如，应用和设备特征），除非应用管理代理已经确定特定配置简档已经安装在设备上（之后应用管理代理允许访问 到设备功能，并且设备的操作系统实施配置简档中指定的策略设置）。 应用程序管理代理通过使用验证证书来验证配置配置文件的存在，以验证嵌入在设备上安装的配置文件中的根证书。 配置配置文件配置为不可移动，因此不能删除或更新，除了由同一个权限签署的其他配置配置文件外。 针对嵌入式根证书的验证从而隐含地确认配置配置文件的存在并验证配置配置文件的内容。

公开(公告)号：US20240411540A1

公开(公告)日：2024-12-12

申请号：US18330947

申请日：2023-06-07

Applicant: VMware, Inc.

Inventor： Vikas Kumar PANDEY ,  Sandeep SINHA ,  Hakan Sunay HALIL ,  Ivaylo Radoslavov RADEV ,  Mark ZEREN

IPC: G06F8/65

Abstract: A method of upgrading a software service from a first version to a second version, wherein the software service is supported by a file system on which a first archive is mounted, includes the steps of: causing execution of the software service to be stopped, and mounting a second archive onto the file system, wherein the second mounted archive includes a plurality of files for executing the second version of the software service; creating a set of pointers, each of the set of pointers pointing to a respective one of the plurality of files of the second mounted archive; and after creating the set of pointers, causing the second version of the software service to be executed, wherein executing the second version of the software service involves accessing code from the plurality of files of the second mounted archive using the set of pointers and executing the code.

公开(公告)号：US20160028720A1

公开(公告)日：2016-01-28

申请号：US14807187

申请日：2015-07-23

Applicant: VMware, Inc.

Inventor： Harvey TUCH ,  Mark ZEREN ,  Craig F. NEWELL

IPC: H04L29/06

CPC classification number: H04L63/0823 ,  G06F21/33 ,  G06F21/6218 ,  G06F21/6281 ,  H04L9/3265 ,  H04L9/3268 ,  H04L63/0272 ,  H04L63/102 ,  H04L63/168

Abstract: An application management agent running on a wireless communications device restricts access to device functionality (e.g., applications and device features) unless the application management agent has determined that a particular configuration profile has been installed on the device (after which the application management agent permits access to device functionality, and an operating system of the device enforces policy settings specified in the configuration profile). The application management agent confirms the presence of the configuration profile by initiating an SSL handshake with a client certificate request for a client SSL certificate embedded in the configuration profile. Validation against the embedded client SSL certificate implicitly confirms the presence of the configuration profile and validates the content of the configuration profile.

Abstract translation: 运行在无线通信设备上的应用管理代理限制对设备功能的访问（例如，应用和设备特征），除非应用管理代理已经确定特定配置简档已经安装在设备上（之后应用管理代理允许访问 到设备功能，并且设备的操作系统实施配置简档中指定的策略设置）。 应用程序管理代理通过启动与配置配置文件中嵌入的客户端SSL证书的客户端证书请求的SSL握手来确认配置配置文件的存在。 对嵌入式客户端SSL证书的验证隐含地确认配置配置文件的存在并验证配置配置文件的内容。

公开(公告)号：US20140289511A1

公开(公告)日：2014-09-25

申请号：US13848347

申请日：2013-03-21

Applicant: VMware, Inc.

Inventor： Harvey TUCH ,  Mark ZEREN ,  Craig F. NEWELL

IPC: H04L29/06

CPC classification number: H04L63/0823 ,  G06F21/33 ,  G06F21/6218 ,  G06F21/6281 ,  H04L9/3265 ,  H04L9/3268 ,  H04L63/0272 ,  H04L63/102 ,  H04L63/168

Abstract: An application management agent running on a wireless communications device restricts access to device functionality (e.g., applications and device features) unless the application management agent has determined that a particular configuration profile has been installed on the device (after which the application management agent permits access to device functionality, and an operating system of the device enforces policy settings specified in the configuration profile). The application management agent confirms the presence of the configuration profile by initiating an SSL handshake with a client certificate request for a client SSL certificate embedded in the configuration profile. Validation against the embedded client SSL certificate implicitly confirms the presence of the configuration profile and validates the content of the configuration profile.

Abstract translation: 运行在无线通信设备上的应用管理代理限制对设备功能的访问（例如，应用和设备特征），除非应用管理代理已经确定特定配置简档已经安装在设备上（之后应用管理代理允许访问 到设备功能，并且设备的操作系统实施配置简档中指定的策略设置）。 应用程序管理代理通过启动与配置配置文件中嵌入的客户端SSL证书的客户端证书请求的SSL握手来确认配置配置文件的存在。 对嵌入式客户端SSL证书的验证隐含地确认配置配置文件的存在并验证配置配置文件的内容。