公开(公告)号：US11720700B2

公开(公告)日：2023-08-08

申请号：US17126073

申请日：2020-12-18

Applicant: Dell Products, L.P.

Inventor： Joseph Kozlowski ,  Ricardo L. Martinez ,  David Konetski ,  Carlton A. Andrews ,  Nicholas D. Grobelny ,  Charles D. Robison ,  Girish S. Dhoble

IPC: H04L29/06 ,  G06F21/62 ,  G06F9/50 ,  G06F21/57 ,  G06F21/44

CPC classification number: G06F21/6218 ,  G06F9/5072 ,  G06F21/44 ,  G06F21/577 ,  G06F2221/2141

Abstract: Systems and methods for securely deploying a collective workspace across multiple local management agents are described. In some embodiments, an Information Handling System (IHS) may include a processor and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution, cause the IHS to: receive, at a workspace orchestration service from a first local management agent, first context information and a first split key; receive, at the workspace orchestration service from a second local management agent, second context information and a second split key; determining, by the workspace orchestration service, that the first and second context information match a collaborative workspace policy; in response to the determination, authenticate the first and second split keys; and in response to the authentication, transmit a collaborative workspace definition to the first and second local management agents.

公开(公告)号：US11657126B2

公开(公告)日：2023-05-23

申请号：US16670658

申请日：2019-10-31

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Girish S. Dhoble ,  Nicholas D. Grobelny ,  David Konetski ,  Joseph Kozlowski ,  Ricardo L. Martinez ,  Charles D. Robison

IPC: G06F21/12 ,  H04L29/06 ,  H04L9/40

CPC classification number: G06F21/123 ,  H04L63/101 ,  H04L63/1425 ,  G06F2221/0797

Abstract: Systems and methods for dynamic workspace targeting with crowdsourced user context are described. In some embodiments, an Information Handling System (IHS) of a workspace orchestration service may include a processor; and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the IHS to: detect execution of an application in a workspace instantiated by a client IHS; validate the application based upon productivity context information and security context information received from the client IHS; and in response to the validation, distribute the validated application to another workspace instantiated by another client IHS.

公开(公告)号：US20230153426A1

公开(公告)日：2023-05-18

申请号：US17455370

申请日：2021-11-17

Applicant: Dell Products, L.P.

Inventor： Nicholas D. Grobelny ,  Charles D. Robison ,  Ricardo L. Martinez

IPC: G06F21/55 ,  G06F21/57 ,  G06F21/54 ,  G06F21/60

CPC classification number: G06F21/554 ,  G06F21/572 ,  G06F21/54 ,  G06F21/602 ,  G06F2221/0751

Abstract: Systems and methods for hardware-based protection of Application Programming Interface (API) keys are described. In some embodiments, an endpoint Information Handling System (IHS) may include a processor and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the IHS to: send an encrypted API key to a trusted controller; and receive a decrypted API key from the trusted controller.

公开(公告)号：US11522883B2

公开(公告)日：2022-12-06

申请号：US17126122

申请日：2020-12-18

Applicant: Dell Products, L.P.

Inventor： Girish S. Dhoble ,  Nicholas D. Grobelny ,  Ricardo L. Martinez ,  Joseph Kozlowski

IPC: H04L9/40 ,  H04L41/0813

Abstract: Systems and methods for creating and handling workspace indicators of compromise (IOC) based upon configuration drift are described. In some embodiments, a memory storage device may have program instructions stored thereon that, upon execution by one or more processors of an Information Handling System (IHS) of a workspace orchestration service, cause the IHS to: receive configuration information from a client IHS at a workspace orchestration service, where the configuration information represents a change in a configuration of a workspace executed by the client IHS, and where the workspace is instantiated based upon a workspace definition provided by the workspace orchestration service; determine, by the workspace orchestration service, that the configuration information matches an IOC; and transmit, from the workspace orchestration service to the client IHS, an instruction to perform an action responsive to the IOC.

公开(公告)号：US11522708B2

公开(公告)日：2022-12-06

申请号：US17126077

申请日：2020-12-18

Applicant: Dell Products, L.P.

Inventor： Nicholas D. Grobelny ,  Ricardo L. Martinez ,  Carlton A. Andrews ,  Charles D. Robison

IPC: H04L9/32 ,  H04L9/08 ,  H04L9/40

Abstract: Systems and methods for providing trusted local orchestration of workspaces are described. In some embodiments, an Information Handling System (IHS) may include a processor and a system memory coupled to the processor, the system memory having program instructions stored thereon that, upon execution, cause the IHS to: receive an orchestration code from a workspace orchestration service; record, using a trusted controller coupled to the processor, a log comprising: the orchestration code, and an indication of a sequence of operations performed during an instantiation of a workspace by the local management agent; provide a copy of the log to the workspace orchestration service; and establish a connection between the workspace and the workspace orchestration service in response to the workspace orchestration service's successful: (i) authentication of the orchestration code, and (ii) verification of the sequence of operations.

公开(公告)号：US11509603B2

公开(公告)日：2022-11-22

申请号：US17107345

申请日：2020-11-30

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Girish S. Dhoble ,  Nicholas D. Grobelny ,  David Konetski ,  Joseph Kozlowski ,  Ricardo L. Martinez ,  Charles D. Robison

IPC: H04L29/06 ,  H04L47/70 ,  H04L47/76 ,  H04L47/78 ,  H04L9/40

Abstract: Systems and methods adjust workspaces based on available hardware resource of an IHS (Information Handling System) by which a user operates a workspace supported by a remote orchestration service. A security context and a productivity context of the IHS are determined based on reported context information. A workspace definition for providing access to a managed resource is selected based on the security context and the productivity context. A notification specifies a hardware resource of the IHS that is not used by the workspace definition, such as a microphone or camera that has not been enabled for use by workspaces. A productivity improvement that results from the updated productivity context that includes use of the first hardware resource is determined. Based on the productivity improvement, an updated workspace definition is selected that includes use of the first hardware resource in providing access to the managed resource via the IHS.

公开(公告)号：US11475126B2

公开(公告)日：2022-10-18

申请号：US16670848

申请日：2019-10-31

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  Girish S. Dhoble ,  Nicholas D. Grobelny ,  David Konetski ,  Joseph Kozlowski ,  Ricardo L. Martinez ,  Charles D. Robison

IPC: G06F11/00 ,  G06F21/55 ,  G06F11/30 ,  G06F21/57 ,  G06F11/34

Abstract: Systems and methods for modernizing workspace and hardware lifecycle management in an enterprise productivity ecosystem are described. In some embodiments, a client Information Handling System (IHS) may include a processor, and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the client IHS to: transmit, by a local management agent to a workspace orchestration service, an access request and context information; receive, at the local management agent from the workspace orchestration service, one or more files or policies configured to enable the local management agent to instantiate a workspace based upon a workspace definition, wherein the workspace orchestration service is configured to: (i) calculate a security target and a productivity target based upon the access request and the context information, and (ii) create the workspace definition based upon the security target and the productivity target; and instantiate the workspace.

公开(公告)号：US20220201009A1

公开(公告)日：2022-06-23

申请号：US17126122

申请日：2020-12-18

Applicant: Dell Products, L.P.

Inventor： Girish S. Dhoble ,  Nicholas D. Grobelny ,  Ricardo L. Martinez ,  Joseph Kozlowski

IPC: H04L29/06 ,  H04L12/24

Abstract: Systems and methods for creating and handling workspace indicators of compromise (IOC) based upon configuration drift are described. In some embodiments, a memory storage device may have program instructions stored thereon that, upon execution by one or more processors of an Information Handling System (IHS) of a workspace orchestration service, cause the IHS to: receive configuration information from a client IHS at a workspace orchestration service, where the configuration information represents a change in a configuration of a workspace executed by the client IHS, and where the workspace is instantiated based upon a workspace definition provided by the workspace orchestration service; determine, by the workspace orchestration service, that the configuration information matches an IOC; and transmit, from the workspace orchestration service to the client IHS, an instruction to perform an action responsive to the IOC.

公开(公告)号：US20220191247A1

公开(公告)日：2022-06-16

申请号：US17123814

申请日：2020-12-16

Applicant: Dell Products, L.P.

Inventor： Girish S. Dhoble ,  Nicholas D. Grobelny ,  Charles D. Robison

IPC: H04L29/06 ,  G06F12/14 ,  H04L9/08 ,  G06F21/79

Abstract: Systems and methods for self-protecting and self-refreshing workspaces are described. In some embodiments, an Information Handling System (IHS) may include a processor and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution, cause the IHS to: receive, from a workspace orchestration service, one or more files or policies configured to enable the client IHS to instantiate a workspace based upon a workspace definition; determine that a context of the client IHS has been modified; in response to the determination, terminate the workspace; and receive, from the workspace orchestration service, one or more files or policies configured to enable the client IHS to re-instantiate the workspace based upon the workspace definition.

公开(公告)号：US11151256B2

公开(公告)日：2021-10-19

申请号：US16410807

申请日：2019-05-13

Applicant: Dell Products, L.P.

Inventor： Ricardo L. Martinez ,  Girish S. Dhoble ,  Nicholas D. Grobelny

IPC: G06F21/57 ,  G06F21/50 ,  G06F21/55 ,  G06F9/4401

Abstract: Systems and methods for detecting IHS attacks by monitoring chains of configuration changes made to Basic Input/Output System (BIOS) or Unified Extensible Firmware Interface (UEFI) attributes are described. In some embodiments, an IHS may include a processor and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the IHS to: monitor a chain of BIOS/UEFI configuration changes; compare the chain of BIOS/UEFI configuration changes against an Indication of Attack (IoA); and report an alert in response to the chain of BIOS/UEFI configuration changes matching the IoA.