Patents by Inventor Tom Kludy

Tom Kludy has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11838285
    Abstract: Methods, systems, computer-readable media, and apparatuses method for performing single sign on for a user device to the Internet. A hosted desktop may monitor activity on one or more ports on a local host interface. The hosted desktop may detect a call to initiate a single-sign-on from the hosted desktop into a website. The website may be associated with a one-time-use token. A public key of the website may be retrieved based on verification of the one-time-use token. An identity token corresponding to a user may be obtained and the identity token may be encrypted based on the public key of the website. The encrypted identity token may be provided to the website to establish the single-sign-on on behalf of the user with the website.
    Type: Grant
    Filed: August 18, 2022
    Date of Patent: December 5, 2023
    Assignee: Citrix Systems, Inc.
    Inventor: Tom Kludy
  • Publication number: 20220394027
    Abstract: Methods, systems, computer-readable media, and apparatuses method for performing single sign on for a user device to the Internet. A hosted desktop may monitor activity on one or more ports on a local host interface. The hosted desktop may detect a call to initiate a single-sign-on from the hosted desktop into a website. The website may be associated with a one-time-use token. A public key of the website may be retrieved based on verification of the one-time-use token. An identity token corresponding to a user may be obtained and the identity token may be encrypted based on the public key of the website. The encrypted identity token may be provided to the website to establish the single-sign-on on behalf of the user with the website.
    Type: Application
    Filed: August 18, 2022
    Publication date: December 8, 2022
    Inventor: Tom Kludy
  • Patent number: 11470169
    Abstract: Aspects of the disclosure relate to wrapping continuation tokens to support paging for multiple servers across different geolocations. An enterprise server may receive a first request for a plurality of records, and the first request for the plurality of records may request a quantity of records exceeding a page size limit. In response to receiving the first request, the enterprise server may retrieve a first set of records comprising a first number of records equal to the page size limit. The enterprise server may generate a first wrapped continuation token comprising location information identifying a geographic location of a first server where a next set of records is to be retrieved. Finally, the enterprise server may send, to the client device, the first set of records and the first wrapped continuation token, which may cause the client device to process the first set of records.
    Type: Grant
    Filed: May 22, 2020
    Date of Patent: October 11, 2022
    Assignee: Citrix Systems, Inc.
    Inventors: Jose Reyes, Tom Kludy
  • Patent number: 11457007
    Abstract: Methods, systems, computer-readable media, and apparatuses method for performing single sign on for a user device to the Internet. User sign-in credentials including an identity token of the user are received by a hosted desktop from the user device, including an indication that the user is attempting to access a website. The website is authorized as a trusted website by a network authorization node, and the website is issued a one-time-use token. A web browser of the hosted desktop receives an application provided by the website to cause the web browser to call the hosted desktop to initiate single sign on. Authenticity of the one-time-use token is requested by a daemon process, and the website's public key is obtained. Upon verifying authenticity of the web site, the identity token of the user is passed to the website, to enable the website to establish single sign on with the user.
    Type: Grant
    Filed: September 9, 2020
    Date of Patent: September 27, 2022
    Assignee: Citrix Systems, Inc.
    Inventor: Tom Kludy
  • Publication number: 20220200999
    Abstract: Methods and systems for secure authentication of users based on unique device identifiers are described herein. A computing device may receive, from a user device, a device registration. The device registration may comprise authentication credentials, device information, and/or a public key. Based on the authentication credentials and/or the device information, a unique device identifier may be generated. A token may be generated based on the unique device identifier and sent to the user device. A request for content may be received from the user device. A nonce may be sent to the user device. The token and a signed version of the nonce may be received from the user device. The nonce may have been signed using a private key corresponding to the public key. Access to the content may be provided based on the token, the unique device identifier, and/or the signed version of the nonce.
    Type: Application
    Filed: October 6, 2021
    Publication date: June 23, 2022
    Inventors: Feng Huang, Ricardo Fernando Feijoo, Tom Kludy, John Gavin Ashman
  • Patent number: 11171964
    Abstract: Methods and systems for secure authentication of users based on unique device identifiers are described herein. A computing device may receive, from a user device, a device registration. The device registration may comprise authentication credentials, device information, and/or a public key. Based on the authentication credentials and/or the device information, a unique device identifier may be generated. A token may be generated based on the unique device identifier and sent to the user device. A request for content may be received from the user device. A nonce may be sent to the user device. The token and a signed version of the nonce may be received from the user device. The nonce may have been signed using a private key corresponding to the public key. Access to the content may be provided based on the token, the unique device identifier, and/or the signed version of the nonce.
    Type: Grant
    Filed: December 23, 2020
    Date of Patent: November 9, 2021
    Assignee: Citrix Systems, Inc.
    Inventors: Feng Huang, Ricardo Fernando Feijoo, Tom Kludy, John Gavin Ashman
  • Patent number: 10885028
    Abstract: Methods and devices for searching and aggregating data in a distributed cloud computing environment are provided. In some embodiments, a request from a client to perform a data transaction is received by a first server. The first server simultaneously spawns a plurality of threads, each thread sending to a different server of a plurality of servers the request to perform the data transaction. A response indicating whether the data transaction was performed by the server is received by the first server and from each server of the plurality of servers. In response to an indication that the data transaction was performed by one or more servers of the plurality of servers and when the data transaction is a get transaction: data corresponding to the data transaction is received by the first server and from the one more servers, the data received from the one or more servers is aggregated by the first server to form combined data, and the first server sends the combined data to the client.
    Type: Grant
    Filed: January 19, 2018
    Date of Patent: January 5, 2021
    Assignee: Citrix Systems, Inc.
    Inventors: Jose Reyes, Tom Kludy, Ricardo Fernando Feijoo
  • Publication number: 20200412710
    Abstract: Methods, systems, computer-readable media, and apparatuses method for performing single sign on for a user device to the Internet. User sign-in credentials including an identity token of the user are received by a hosted desktop from the user device, including an indication that the user is attempting to access a website. The website is authorized as a trusted website by a network authorization node, and the website is issued a one-time-use token. A web browser of the hosted desktop receives an application provided by the website to cause the web browser to call the hosted desktop to initiate single sign on. Authenticity of the one-time-use token is requested by a daemon process, and the website's public key is obtained. Upon verifying authenticity of the web site, the identity token of the user is passed to the website, to enable the website to establish single sign on with the user.
    Type: Application
    Filed: September 9, 2020
    Publication date: December 31, 2020
    Inventor: Tom Kludy
  • Patent number: 10805283
    Abstract: Methods, systems, computer-readable media, and apparatuses method for performing single sign on for a user device to the Internet. User sign-in credentials including an identity token of the user are received by a hosted desktop from the user device, including an indication that the user is attempting to access a website. The website is authorized as a trusted website by a network authorization node, and the website is issued a one-time-use token. A web browser of the hosted desktop receives an application provided by the website to cause the web browser to call the hosted desktop to initiate single sign on. Authenticity of the one-time-use token is requested by a daemon process, and the website's public key is obtained. Upon verifying authenticity of the web site, the identity token of the user is passed to the website, to enable the website to establish single sign on with the user.
    Type: Grant
    Filed: June 18, 2018
    Date of Patent: October 13, 2020
    Assignee: Citrix Systems, Inc.
    Inventor: Tom Kludy
  • Publication number: 20200287979
    Abstract: Aspects of the disclosure relate to wrapping continuation tokens to support paging for multiple servers across different geolocations. An enterprise server may receive a first request for a plurality of records, and the first request for the plurality of records may request a quantity of records exceeding a page size limit. In response to receiving the first request, the enterprise server may retrieve a first set of records comprising a first number of records equal to the page size limit. The enterprise server may generate a first wrapped continuation token comprising location information identifying a geographic location of a first server where a next set of records is to be retrieved. Finally, the enterprise server may send, to the client device, the first set of records and the first wrapped continuation token, which may cause the client device to process the first set of records.
    Type: Application
    Filed: May 22, 2020
    Publication date: September 10, 2020
    Inventors: Jose Reyes, Tom Kludy
  • Patent number: 10701161
    Abstract: Aspects of the disclosure relate to wrapping continuation tokens to support paging for multiple servers across different geolocations. An enterprise server may receive a first request for a plurality of records, and the first request for the plurality of records may request a quantity of records exceeding a page size limit. In response to receiving the first request, the enterprise server may retrieve a first set of records comprising a first number of records equal to the page size limit. The enterprise server may generate a first wrapped continuation token comprising location information identifying a geographic location of a first server where a next set of records is to be retrieved. Finally, the enterprise server may send, to the client device, the first set of records and the first wrapped continuation token, which may cause the client device to process the first set of records.
    Type: Grant
    Filed: August 28, 2017
    Date of Patent: June 30, 2020
    Assignee: Citrix Systems, Inc.
    Inventors: Jose Reyes, Tom Kludy
  • Publication number: 20190386980
    Abstract: Methods, systems, computer-readable media, and apparatuses method for performing single sign on for a user device to the Internet. User sign-in credentials including an identity token of the user are received by a hosted desktop from the user device, including an indication that the user is attempting to access a website. The website is authorized as a trusted website by a network authorization node, and the website is issued a one-time-use token. A web browser of the hosted desktop receives an application provided by the website to cause the web browser to call the hosted desktop to initiate single sign on. Authenticity of the one-time-use token is requested by a daemon process, and the website's public key is obtained. Upon verifying authenticity of the web site, the identity token of the user is passed to the website, to enable the website to establish single sign on with the user.
    Type: Application
    Filed: June 18, 2018
    Publication date: December 19, 2019
    Inventor: Tom Kludy
  • Patent number: 10382293
    Abstract: Methods, systems, computer-readable media, and apparatuses method for integrating a cloud service under development with a production cloud system that includes at least one production service. A first scope is assigned for use in testing the first cloud service under development with the production cloud system, in which the first scope restricts access of the first cloud service under development to the production cloud system. A first user of the production cloud system is assigned to the first scope. A second scope is assigned to services of the production cloud system, which does not restrict access of the services of the production cloud system. Access to the first cloud service under development and to the at least one production cloud service is provided to the first user. Other users of the production cloud system are not provided access to the first cloud service under development.
    Type: Grant
    Filed: May 22, 2017
    Date of Patent: August 13, 2019
    Assignee: Citrix Systems, Inc.
    Inventors: Tom Kludy, Luis Garcia Menchaca, Jose Reyes, Felipe Leon
  • Publication number: 20190228092
    Abstract: Methods and devices for searching and aggregating data in a distributed cloud computing environment are provided. In some embodiments, a request from a client to perform a data transaction is received by a first server. The first server simultaneously spawns a plurality of threads, each thread sending to a different server of a plurality of servers the request to perform the data transaction. A response indicating whether the data transaction was performed by the server is received by the first server and from each server of the plurality of servers. In response to an indication that the data transaction was performed by one or more servers of the plurality of servers and when the data transaction is a get transaction: data corresponding to the data transaction is received by the first server and from the one more servers, the data received from the one or more servers is aggregated by the first server to form combined data, and the first server sends the combined data to the client.
    Type: Application
    Filed: January 19, 2018
    Publication date: July 25, 2019
    Applicant: Citrix Systems, Inc.
    Inventors: Jose Reyes, Tom Kludy, Ricardo Fernando Feijoo
  • Publication number: 20190068725
    Abstract: Aspects of the disclosure relate to wrapping continuation tokens to support paging for multiple servers across different geolocations. An enterprise server may receive a first request for a plurality of records, and the first request for the plurality of records may request a quantity of records exceeding a page size limit. In response to receiving the first request, the enterprise server may retrieve a first set of records comprising a first number of records equal to the page size limit. The enterprise server may generate a first wrapped continuation token comprising location information identifying a geographic location of a first server where a next set of records is to be retrieved. Finally, the enterprise server may send, to the client device, the first set of records and the first wrapped continuation token, which may cause the client device to process the first set of records.
    Type: Application
    Filed: August 28, 2017
    Publication date: February 28, 2019
    Inventors: Jose Reyes, Tom Kludy
  • Publication number: 20180337835
    Abstract: Methods, systems, computer-readable media, and apparatuses method for integrating a cloud service under development with a production cloud system that includes at least one production service. A first scope is assigned for use in testing the first cloud service under development with the production cloud system, in which the first scope restricts access of the first cloud service under development to the production cloud system. A first user of the production cloud system is assigned to the first scope. A second scope is assigned to services of the production cloud system, which does not restrict access of the services of the production cloud system. Access to the first cloud service under development and to the at least one production cloud service is provided to the first user. Other users of the production cloud system are not provided access to the first cloud service under development.
    Type: Application
    Filed: May 22, 2017
    Publication date: November 22, 2018
    Inventors: Tom Kludy, Luis Garcia Menchaca, Jose Reyes, Felipe Leon
  • Patent number: 9244700
    Abstract: The present invention is directed towards methods and systems for delivering applications from a desktop operating system. A delivery module may receive a request from a client device of a user for access to an application, and identify that a desktop session can host the requested application. An agent may extract presentation layer elements of the requested application from presentation layer elements of other components of the desktop session, and provide, via a presentation layer protocol, the isolated presentation layer elements in a first application session to the client device for display. The delivery module may receive a second request from the user for the application, identify that the application is hosted by the desktop session and delivered in the first application session, and provide a second application session of the application from the desktop session to the user responsive to the determination.
    Type: Grant
    Filed: May 6, 2011
    Date of Patent: January 26, 2016
    Assignee: Citrix Systems, Inc.
    Inventors: Ashish Gujarathi, Thierry Duchastel, Xiaodong Huang, Tom Kludy
  • Publication number: 20110276661
    Abstract: The present invention is directed towards methods and systems for delivering applications from a desktop operating system. A delivery module may receive a request from a client device of a user for access to an application, and identify that a desktop session can host the requested application. An agent may extract presentation layer elements of the requested application from presentation layer elements of other components of the desktop session, and provide, via a presentation layer protocol, the isolated presentation layer elements in a first application session to the client device for display. The delivery module may receive a second request from the user for the application, identify that the application is hosted by the desktop session and delivered in the first application session, and provide a second application session of the application from the desktop session to the user responsive to the determination.
    Type: Application
    Filed: May 6, 2011
    Publication date: November 10, 2011
    Inventors: Ashish Gujarathi, Terry Duchastel, Xiaodong Huang, Tom Kludy