Abstract: A provisioning client obtains an identifier from a public server and a one-time password from a trusted server. The provisioning client combines the one-time password with the identifier to create an activation code for a client device and presents the activation code to the client device. The activation code enables the client device to download trusted cryptographic information from the trusted server in a communication session that is secured using the one-time password.

Abstract: A provisioning client obtains an identifier from a public server and a one-time password from a trusted server. The provisioning client combines the one-time password with the identifier to create an activation code for a client device and presents the activation code to the client device. The activation code enables the client device to download trusted cryptographic information from the trusted server in a communication session that is secured using the one-time password.

Abstract: A trusted server receives a request for an activation code, which includes an identifier associated with the trusted server and a one-time password, for a client device. The trusted server obtains the identifier from a public server, generates the one-time password, and combines the one-time password with the identifier to create the activation code. The trusted server provides the activation code to a provisioning client, which presents the activation code to the client device. The trusted server and client device secure a communication session using the one-time password as a shared secret. The trusted server downloads trusted cryptographic information to the client device over the secure communication session.

Abstract: Seamless guest access to spaces and meetings may be provided. A trusted user device may send an identity object and may receive an identifier and an authorization token in response to sending the identity object. Then the trusted user device may send a request to add a guest user associated with the identifier to a collaboration event and may receive, in response to sending the request to add the guest user, location data associated with the collaboration event. The trusted user device may then send collaboration space data to a guest user device associated with the guest user. The collaboration space data may comprise the authorization token, the location data, and an application indicator associated with the collaboration event.

Abstract: An authorized local domain service (ALDS) is deployed in a local network and is authorized to provision endpoints with a cloud-based service on behalf of an organization. The ALDS receives, from a local domain service (LDS) deployed in the local network and configured to connect with and register endpoints in the local network for communications on behalf of the organization, an identity of an endpoint acquired by the LDS when the endpoint registered with the LDS. The ALDS identifies for the organization an account associated with the identity, creates in the cloud-based service for the organization an association between the identity and the account, and notifies the endpoint via the local domain service to onboard against the cloud-based service for access to the cloud-based service.

Abstract: A method includes establishing an application layer transport layer security (ATLS) connection between a network device and a cloud server by sending, from the network device, TLS records in transport protocol (e.g., HTTP) message bodies to the cloud server, the ATLS connection transiting at least one transport layer security (TLS) proxy device, receiving, from the cloud server via the ATLS connection, an identifier for a certificate authority, establishing a connection with the certificate authority associated with the identifier and, in turn, receiving from the certificate authority credentials to access an application service different from the cloud server and the certificate authority, and connecting to the application service using the credentials received from the certificate authority.

Abstract: Seamless guest access to spaces and meetings may be provided. A trusted user device may send an identity object and may receive an identifier and an authorization token in response to sending the identity object. Then the trusted user device may send a request to add a guest user associated with the identifier to a collaboration event and may receive, in response to sending the request to add the guest user, location data associated with the collaboration event. The trusted user device may then send collaboration space data to a guest user device associated with the guest user. The collaboration space data may comprise the authorization token, the location data, and an application indicator associated with the collaboration event.

Abstract: An authorized local domain service (ALDS) is deployed in a local network and is authorized to provision endpoints with a cloud-based service on behalf of an organization. The ALDS receives, from a local domain service (LDS) deployed in the local network and configured to connect with and register endpoints in the local network for communications on behalf of the organization, an identity of an endpoint acquired by the LDS when the endpoint registered with the LDS. The ALDS identifies for the organization an account associated with the identity, creates in the cloud-based service for the organization an association between the identity and the account, and notifies the endpoint via the local domain service to onboard against the cloud-based service for access to the cloud-based service.

Abstract: In one embodiment, a method includes associating a user with a collaboration group at a collaboration server, tracking activity of participants in the collaboration group at the collaboration server, processing a message received in the collaboration group at the collaboration server, assigning a priority to the message for the user based on the activity of the participants in the collaboration group, and presenting a notification of the message to the user based on the priority of the message. An apparatus and logic are also disclosed herein.

Abstract: A trusted server receives a request for an activation code, which includes an identifier associated with the trusted server and a one-time password, for a client device. The trusted server obtains the identifier from a public server, generates the one-time password, and combines the one-time password with the identifier to create the activation code. The trusted server provides the activation code to a provisioning client, which presents the activation code to the client device. The trusted server and client device secure a communication session using the one-time password as a shared secret. The trusted server downloads trusted cryptographic information to the client device over the secure communication session.

Abstract: A client device bootstraps against a trusted server by obtaining an activation code that includes an identifier and a one time password. The client device sends a message to a public server requesting an address of a trusted server associated with the identifier. The client device receives the address of the trusted server from the public server and initiates a communication session with the trusted server at the address provided by the public server. The one time password is used as a shared secret to secure the communication session. The client device downloads cryptographic information from the trusted server.

Abstract: A method includes establishing an application layer transport layer security (ATLS) connection between a network device and a cloud server by sending, from the network device, TLS records in transport protocol (e.g., HTTP) message bodies to the cloud server, the ATLS connection transiting at least one transport layer security (TLS) proxy device, receiving, from the cloud server via the ATLS connection, an identifier for a certificate authority, establishing a connection with the certificate authority associated with the identifier and, in turn, receiving from the certificate authority credentials to access an application service different from the cloud server and the certificate authority, and connecting to the application service using the credentials received from the certificate authority.

Abstract: In one embodiment, a method includes associating a user with a collaboration group at a collaboration server, tracking activity of participants in the collaboration group at the collaboration server, processing a message received in the collaboration group at the collaboration server, assigning a priority to the message for the user based on the activity of the participants in the collaboration group, and presenting a notification of the message to the user based on the priority of the message. An apparatus and logic are also disclosed herein.