User-Aware Datacenter Security Policies
US-2017063927-A1 · Mar 2, 2017 · US
Loading and running virtual working environments in a mobile device management system
US10176008B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10176008-B2 |
| Application number | US-201615264598-A |
| Country | US |
| Kind code | B2 |
| Filing date | Sep 14, 2016 |
| Priority date | May 19, 2016 |
| Publication date | Jan 8, 2019 |
| Grant date | Jan 8, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems herein allow a user to load a virtual work environment on a terminal, such as a workstation, based on authentication mechanisms built into a user device, such as a cell phone. The user device can authenticate with a management server using an SAML token. The management server can track which virtual machines and configurations make up the user's work environment, and can send that information to the user device for loading the virtual machines. When the user wishes to load the virtual machines at a terminal, the user device can send the SAML token to the terminal for use in authenticating with the management server. The management server can then provide the configurations for the virtual machines that the user selects to load at the terminal.
First claim
Opening claim text (preview).
What is claimed is: 1. A non-transitory, computer-readable medium containing instructions executed by at least one processor to perform stages for displaying, on a terminal, a virtual machine associated with a user of a user device, the stages comprising: authenticating the user device at a management server using a token sent from the user device to the management server; sending, from the management server to the user device, a profile and virtual machine information, the virtual machine information identifying the virtual machine and the profile specifying a configuration for the virtual machine; sending the token and the virtual machine information from the user device to the terminal; sending the profile from the management server to the terminal based on the terminal authenticating at the management server with the token; and displaying the virtual machine at the terminal based on the terminal contacting a virtual machine server using the profile and the virtual machine information. 2. The non-transitory, computer-readable medium of claim 1 , the stages further comprising providing a graphical user interface at the user device for selecting among a plurality of virtual machines to operate at the terminal, wherein the terminal receives the virtual machine information corresponding to a selected virtual machine. 3. The non-transitory, computer-readable medium of claim 2 , wherein the graphical user interface indicates which of the plurality of virtual machines are in a sleep mode and allows selection of multiple of the plurality of virtual machines for loading at the terminal. 4. The non-transitory, computer-readable medium of claim 1 , wherein the profile configures functionality available within the virtual machine, and wherein the user device sends the virtual machine information to the terminal. 5. The non-transitory, computer-readable medium of claim 1 , wherein the virtual terminal is remote from the user device, and the user device sends the token to the terminal over a network. 6. The non-transitory, computer-readable medium of claim 1 , wherein the virtual machine information sent from the management server to the user device is part of a larger set of information sent to the user device that identifies multiple virtual machines, wherein the terminal receives less than the entire larger set of information. 7. The non-transitory, computer-readable medium of claim 1 , wherein displaying the virtual machine at the terminal includes receiving graphics frames from the virtual machine server. 8. A system for displaying, on a terminal, a virtual machine associated with a user of a user device, the system comprising: a non-transitory, computer-readable medium that contains instructions; and a processor that executes the instructions to perform stages including: sending a management component for installation at the user device and the terminal, the management component allowing the user device and terminal to authenticate at a management server; receiving, at the management server from a user device, a profile request with a token; sending, from the management server to the user device, a profile and virtual machine information, the virtual machine information identifying the virtual machine and the profile specifying a confirmation for the virtual machine, wherein the management component causes the user device to send the token to the terminal; and sending the profile from the management server to the terminal based on the terminal authenticating at the management server with the token and the virtual machine information, wherein the terminal displays the virtual machine based on the terminal contacting a virtual machine server using the profile and the virtual machine information. 9. The system of claim 8 , wherein the management component executes to cause a graphical user interface to be displayed at the user device, the graphical user interface allowing selection among a plurality of virtual machines to operate at the terminal, wherein the user device sends, to the terminal, the virtual machine information corresponding to a selected virtual machine. 10. The system of claim 9 , wherein the graphical user interface indicates which of the plurality of virtual machines are in a sleep mode and allows selection of multiple of the plurality of virtual machines for loading at the terminal. 11. The system of claim 8 , wherein the profile specifies functionality available within the virtual machine. 12. The system of claim 8 , wherein the virtual machine information identifies the virtual machine server in addition to the virtual machine. 13. The system of claim 8 , wherein the terminal is remote from the user device, and the user device sends the token to the terminal over a network. 14. The system of claim 8 , wherein displaying the virtual machine at the terminal includes receiving graphics frames from the virtual machine server, the virtual machine executing on the virtual machine server. 15. A method for displaying, on a terminal, a virtual machine associated with a user of a user device, the stages comprising: authenticating the user device at a management server using a token; sending, from the management server to the user device, a profile and a virtual machine information, the virtual machine information identifying the virtual machine and the profile specifying a configuration for the virtual machine; sending the token and the virtual machine information from the user device to the terminal; sending the profile from the management server to the terminal based on the terminal authenticating at the management server with the token; and displaying the virtual machine at the terminal based on the terminal contacting a virtual machine server using the profile and the virtual machine information. 16. The method of claim 15 , the stages further comprising providing a graphical user interface at the user device for selecting among a plurality of virtual machines to operate at the terminal, wherein the virtual machine information corresponding to a selected virtual machine is sent to the terminal. 17. The method of claim 16 , wherein the graphical user interface indicates which of the plurality of virtual machines are in a sleep mode and allows selection of multiple of the plurality of virtual machines for loading at the terminal. 18. The method of claim 15 , wherein the profile configures functionality available within the virtual machine. 19. The method of claim 15 , wherein the terminal is remote from the user device, and the user device sends the token to the terminal over a network. 20. The method of claim 15 , wherein displaying the virtual machine at the terminal includes receiving graphics frames from the virtual machine server, the virtual machine executing on the virtual machine server.
Assignees
Inventors
Classifications
Isolation or security of virtual machine instances · CPC title
using an additional device, e.g. smartcard, SIM or a different communication terminal (cryptographic mechanisms or cryptographic arrangements for entity authentication involving additional secure or trusted devices H04L9/3234) · CPC title
Network integration; Enabling network access in virtual machine instances · CPC title
- G06F9/45558Primary
Hypervisor-specific management and integration aspects · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10176008B2 cover?
- Systems herein allow a user to load a virtual work environment on a terminal, such as a workstation, based on authentication mechanisms built into a user device, such as a cell phone. The user device can authenticate with a management server using an SAML token. The management server can track which virtual machines and configurations make up the user's work environment, and can send that infor…
- Who is the assignee on this patent?
- Airwatch Llc, Airwatch Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F9/45558. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jan 08 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).