Quarantine of software based on analysis of updated device data
US-2020285752-A1 · Sep 10, 2020 · US
Peer-to-peer secure mode authentication
US12598182B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12598182-B2 |
| Application number | US-202318115018-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 28, 2023 |
| Priority date | Jan 4, 2023 |
| Publication date | Apr 7, 2026 |
| Grant date | Apr 7, 2026 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The present disclosure relates to peer-to-peer (P2P) secure mode authentication. A secondary client device can request access to an enterprise resource. The secondary client device can establish a P2P communication channel with a primary client device during a P2P secure mode. The secondary client device can determine a proximity of the computing device to the client device and generate proximity data based at least in part on the proximity of the computing device to the client device. The secondary client device can receive an authorization to access the enterprise resource based at least in part on the proximity data and access the enterprise resource by loading the enterprise resource within a sandboxed environment.
First claim
Opening claim text (preview).
What is claimed is: 1 . A system comprising: at least one computing device comprising a processor and a memory, the at least one computing device being identified as a secondary client device by at least one server; and machine-readable instructions stored in the memory that, when executed by the processor, cause the computing device to at least: request access to an enterprise resource stored in the at least one server; establish a P2P communication channel between the secondary client device and a primary client device, which is identified by the at least one server as being an active client device nearest to the secondary client device; determine a first proximity of the at least one computing device to the primary client device based on communication with the primary client device through the P2P communication channel; generate first proximity data based at least in part on the first proximity of the at least one computing device to the primary client device; continually provide the first proximity data to the at least one server, enabling the at least one server to determine whether the P2P communication channel is compliant with a predetermined rule based on the first proximity data and second proximity data that is generated by and continually provided from the primary client device based at least in part of a second proximity of the at least one computing device to the primary client device determined by the primary client device; receive an authorization to access the enterprise resource based at least in part on the proximity data from the at least one server that determined that the P2P communication channel is compliant with the predetermined rule; upon receiving the authorization to access the enterprise resource, cause a content viewing application that runs in the at least one computing device to generate a containerized sandbox environment and load the enterprise resource within the containerized sandbox environment, thereby enabling a user of the at least one computing device to view and edit the enterprise resource stored in the at least one server within the containerized sandbox environment; receive a notification that the authorization to access the enterprise resource has been removed from the at least one server that has determined that the P2P communication channel has become non-compliant with the predetermined rule; and upon receiving the notification, cause the content viewing application to disable the user's ability to view and edit the enterprise resource stored in the at least one server within the containerized sandbox environment while the enterprise resource is still loaded within the containerized sandbox environment. 2 . The system of claim 1 , wherein the machine-readable instructions further cause the at least one computing device to at least: receive a request to authenticate with an authentication service from the at least one server; and provide authentication credentials for the authentication service to the at least one server. 3 . The system of claim 1 , wherein the authorization to access the enterprise resource comprises a command to load the enterprise resource in the containerized sandboxed environment. 4 . The system of claim 1 , wherein the proximity of the at least one computing device to the primary client device is determined based at least in part on at least one of: at least one nearby IEEE 802.11 network, Bluetooth IEEE 802.15 network, Bluetooth Low Energy, near-field communication, or sound detection. 5 . The system of claim 1 , wherein the machine-readable instructions further cause the at least one computing device to at least receive a notification that the primary client device has entered a P2P secure mode, the P2P communication channel being established in response to the primary client device entering the P2P secure mode. 6 . The system of claim 1 , wherein the machine-readable instructions further cause the at least one computing device to at least: receive a second notification that the authorization to access the enterprise resource has been restored from the at least one server that has determined that the P2P communication channel has once again become compliant with the predetermined rule; and upon receiving the second notification, cause the content viewing application to enable the user to view and edit the enterprise resource stored in the at least one server within the containerized sandbox environment while the enterprise resource is still loaded within the containerized sandbox environment. 7 . A method, comprising: requesting access to an enterprise resource stored in at least one server from a secondary client device; establishing a P2P communication channel between the secondary client device and a primary client device, which is identified by the at least one server as being an active client device nearest to the secondary client device; determining, by the secondary client device, a first proximity of the computing secondary client device to the primary client device based on communication with the primary client device through the P2P communication channel; generating, by the secondary client device, first proximity data based at least in part on the first proximity of the computing secondary client device to the primary client device; continually providing, from the secondary client device, the first proximity data to the at least one server; determining, by the primary client device, a second proximity of the secondary client device to the primary client device; generating, by the primary client device, second proximity data based at least in part on the second proximity of the secondary client device to the primary client device; continually providing, from the primary client device, the second proximity data to the at least one server; determining, by the at least one server, whether the P2P communication channel is compliant with a predetermined rule based on the first proximity data and the second proximity data; receiving an authorization to access the enterprise resource based at least in part on the proximity data from the at least one server that determined that the P2P communication channel is compliant with the predetermined rule; upon receiving the authorization to access the enterprise resource, causing a content viewing application that runs in the at least one computing device to generate a containerized sandbox environment and loading the enterprise resource within the containerized sandbox environment, thereby enabling a user of the at least one computing device to view and edit the enterprise resource stored in the at least one server within the containerized sandbox environment; receiving a notification that the authorization to access the enterprise resource has been removed from the at least one server that has determined that the P2P communication channel has become non-compliant with the predetermined rule; and upon receiving the notification, causing the content viewing application to disable the user's ability to view and edit the enterprise resource stored in the at least one server within the containerized sandbox environment while the enterprise resource is still loaded within the containerized sandbox environment. 8 . The method of claim 7 , further comprising: receiving a request to authenticate with an authentication service from the at least one server; and providing authentication credentials for the authentication service to the at least one server. 9 . The method of claim 7 , wherein the authorization to access the enterprise resource comprises a command to load the enterprise resource in the containerized sandboxed environment. 10 . The method of cl
Assignees
Inventors
Classifications
using passwords (cryptographic mechanisms or cryptographic arrangements for entity authentication using a predetermined code H04L9/3226) · CPC title
- G06F21/53Primary
by executing in a restricted environment, e.g. sandbox or secure virtual machine · CPC title
Test or assess software · CPC title
wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals · CPC title
- H04L63/10Primary
for controlling access to devices or network resources · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12598182B2 cover?
- The present disclosure relates to peer-to-peer (P2P) secure mode authentication. A secondary client device can request access to an enterprise resource. The secondary client device can establish a P2P communication channel with a primary client device during a P2P secure mode. The secondary client device can determine a proximity of the computing device to the client device and generate proximi…
- Who is the assignee on this patent?
- Omnissa Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/53. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Apr 07 2026 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).