Patents by Inventor Richard Hayton

Richard Hayton has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11232190
    Abstract: A method for providing an attestation for enabling a device to attest to an assertion concerning the device, comprising: generating an attestation identifier and a base-secret code corresponding to the attestation identifier; providing the attestation identifier and a validation-secret code to a validation apparatus for storage in conjunction with the assertion, wherein the validation-secret code is based on the base-secret code; providing the attestation identifier and a device-secret code to a manufacturer or adapter for provision to a device, wherein the device-secret code is based on the base-secret code.
    Type: Grant
    Filed: October 4, 2019
    Date of Patent: January 25, 2022
    Assignee: Trustonic Limited
    Inventor: Richard Hayton
  • Patent number: 11153344
    Abstract: To establish a first protected communication channel between a device D and a first server S, a symmetric key KS is derived at the device D, based on a device identifying key KD and public key information dependent on a first server public key Spublic of the first server S. The symmetric key KS is derived in a corresponding way at a second server T. The symmetric key KS is transmitted from the second server T to the first server S on a second protected communication channel. Communication on the first protected communication channel between the device D and the first server S is protected using a communication key KC which is dependent on the symmetric key KS. This can enable a device D lacking support for asymmetric key cryptography to securely enter into communication with the first server S.
    Type: Grant
    Filed: September 12, 2019
    Date of Patent: October 19, 2021
    Assignee: TRUSTONIC LIMITED
    Inventor: Richard Hayton
  • Patent number: 10680812
    Abstract: A method for validating an electronic device 2 includes receiving attestation information provided by the electronic device 2 attesting that the electronic device 2 has received a plurality of event attestations. Each event attestation provides a cryptographically authenticated attestation to the occurrence of a respective event during a lifecycle of the electronic device. A validation result is determined that indicates whether the attestation information is valid. Providing separate cryptographically authenticated attestations for respective events in the lifecycle of the device can simplify manufacturing of the devices in a multistage manufacture process compared to an approach using a single device-specific attestation attesting that the entire process is trusted.
    Type: Grant
    Filed: November 21, 2017
    Date of Patent: June 9, 2020
    Assignee: Trustonic Limited
    Inventors: Richard Hayton, Chris Loreskar, Donald Kenneth Felton
  • Publication number: 20200143031
    Abstract: A method for providing an attestation for enabling a device to attest to an assertion concerning the device, comprising: generating an attestation identifier and a base-secret code corresponding to the attestation identifier; providing the attestation identifier and a validation-secret code to a validation apparatus for storage in conjunction with the assertion, wherein the validation-secret code is based on the base-secret code; providing the attestation identifier and a device-secret code to a manufacturer or adapter for provision to a device, wherein the device-secret code is based on the base-secret code.
    Type: Application
    Filed: October 4, 2019
    Publication date: May 7, 2020
    Inventor: Richard HAYTON
  • Publication number: 20200092330
    Abstract: To establish a first protected communication channel between a device D and a first server S, a symmetric key KS is derived at the device D, based on a device identifying key KD and public key information dependent on a first server public key Spublic, of the first server S. The symmetric key KS is derived in a corresponding way at a second server T. The symmetric key KS is transmitted from the second server T to the first server S on a second protected communication channel. Communication on the first protected communication channel between the device D and the first server S is protected using a communication key KC which is dependent on the symmetric key KS. This can enable a device D lacking support for asymmetric key cryptography to securely enter into communication with the first server S.
    Type: Application
    Filed: September 12, 2019
    Publication date: March 19, 2020
    Inventor: Richard HAYTON
  • Patent number: 10346622
    Abstract: Methods and systems for communicating information between mobile applications are presented. In some embodiments, a mobile device may determine that a plurality of applications are running on the mobile device. The mobile device may determine that each application of the plurality of applications uses a shared passcode to encrypt information about a persistent state. The mobile device may generate a beacon that includes encrypted state information. The mobile device may maintain state information across the plurality of applications beyond the lifetime of any one of the plurality of applications by transmitting the beacon from a first application to a second application before the first application's lifetime is completed.
    Type: Grant
    Filed: June 27, 2017
    Date of Patent: July 9, 2019
    Assignee: Citrix Systems, Inc.
    Inventors: Gary Barton, Richard Hayton, Andrew Carnegie Innes, Georgy Momchilov
  • Patent number: 10277606
    Abstract: Methods and systems are disclosed for providing approaches to anonymous application wrapping on a mobile device. The methods and systems may include receiving, by a controller service, a request to associate a first application executing on a client device with the controller service, and obtaining, by the controller service, a first application identifier associated with the first application. The methods and systems may also include receiving, by the controller service from an application service, a request for a first service and a conditional application identifier, and configuring, by the controller service and based on the request for the first service, the first application with a second set of one or more policy instructions used to control the first application.
    Type: Grant
    Filed: March 2, 2018
    Date of Patent: April 30, 2019
    Assignee: Citrix Systems, Inc.
    Inventors: Richard Hayton, Georgy Momchilov, Gary Barton, Andrew Innes
  • Patent number: 10225363
    Abstract: Just in time delivery of a consistent user profile to overlapping user sessions, where a first user session issues a request for a first file of a user profile to a server agent. Upon receiving the request, the server agent retrieves the first file from a base user profile, and just in time delivers the retrieved first file to the first user session. The user, via a second user session executing simultaneously with the first user session, issues a request to the server agent for the first file and a second file of the user profile. Upon receiving the request, the server agent identifies a modified version of the first file in a provisional user profile, retrieves the modified first file from the provisional user profile and the second file from the base user profile, and just in time delivers both files to the second user session.
    Type: Grant
    Filed: August 23, 2016
    Date of Patent: March 5, 2019
    Assignee: Citrix Systems, Inc.
    Inventors: Joseph Nord, Richard Hayton
  • Patent number: 10050966
    Abstract: The present disclosure is directed to methods and systems of providing a user-selectable list of disparately hosted applications. A device intermediary to a client and one or more servers may receive a user request to access a list of applications published to the user. The device may communicate to the client the list of published applications available to the user, the list comprising graphical icons corresponding to disparately hosted applications, at least one graphical icon corresponding to a third-party hosted application of the disparately hosted applications, the third party hosted application served by a remote third-party server. The device may receive a selection from the user of the at least one graphical icon. The device may communicate, from the remote third party server to the client of the user, execution of the third party hosted application responsive to the selection by the user.
    Type: Grant
    Filed: September 2, 2016
    Date of Patent: August 14, 2018
    Assignee: Citrix Systems, Inc.
    Inventors: Richard Hayton, Ajay Soni, Abhishek Chauhan, Rajiv Sinha, Minoo Gupta
  • Publication number: 20180198604
    Abstract: A method for validating an electronic device 2 comprises receiving attestation information provided by the electronic device 2 attesting that the electronic device 2 has received a plurality of event attestations, each event attestation providing a cryptographically authenticated attestation to the occurrence of a respective event during a lifecycle of the electronic device, and determining a validation result indicating whether the attestation information is valid. By providing separate cryptographically authenticated attestations for respective events in the lifecycle of the device, this can simplify manufacturing of the devices in a multistage manufacture process compared to an approach using a single device-specific attestation attesting that the entire process is trusted.
    Type: Application
    Filed: November 21, 2017
    Publication date: July 12, 2018
    Inventors: Richard HAYTON, Chris LORESKAR, Donald Kenneth FELTON
  • Publication number: 20180191731
    Abstract: Methods and systems are disclosed for providing approaches to anonymous application wrapping on a mobile device. The methods and systems may include receiving, by a controller service, a request to associate a first application executing on a client device with the controller service, and obtaining, by the controller service, a first application identifier associated with the first application. The methods and systems may also include receiving, by the controller service from an application service, a request for a first service and a conditional application identifier, and configuring, by the controller service and based on the request for the first service, the first application with a second set of one or more policy instructions used to control the first application.
    Type: Application
    Filed: March 2, 2018
    Publication date: July 5, 2018
    Inventors: Richard Hayton, Georgy Momchilov, Gary Barton, Andrew Innes
  • Patent number: 9948657
    Abstract: Methods, systems, and computer-readable media for providing an application store are presented. In some embodiments, a request for a software application may be received at an application store. Subsequently, the software application may be configured, at the application store, based on a single sign-on credential. The configured software application then may be provided, by the application store, to at least one recipient device associated with the single sign-on credential.
    Type: Grant
    Filed: June 22, 2016
    Date of Patent: April 17, 2018
    Assignee: Citrix Systems, Inc.
    Inventors: Kevin Batson, Richard Hayton
  • Patent number: 9942240
    Abstract: Methods and systems are disclosed for providing approaches to anonymous application wrapping on a mobile device. The methods and systems may include receiving, by a controller service, a request to associate a first application executing on a client device with the controller service, and obtaining, by the controller service, a first application identifier associated with the first application. The methods and systems may also include receiving, by the controller service from an application service, a request for a first service and a conditional application identifier, and configuring, by the controller service and based on the request for the first service, the first application with a second set of one or more policy instructions used to control the first application.
    Type: Grant
    Filed: July 21, 2015
    Date of Patent: April 10, 2018
    Assignee: Citrix Systems, Inc.
    Inventors: Richard Hayton, Georgy Momchilov, Gary Barton, Andrew Innes
  • Patent number: 9860149
    Abstract: Methods, systems, and computer-readable media for providing monitoring of data servers are presented. In some embodiments, a computing platform may receive, from a computing device, a first polling request associated with a user account, while a client proxy associated with the user account is operating in a passive mode. Subsequently, the computing platform may forward the first polling request to a server associated with the user account. Next, the computing platform may detect that the computing device is asleep. In response to detecting that the computing device is asleep, the computing platform may initiate an active mode of the client proxy. Subsequently, the computing platform may send a second polling request to the server. Thereafter, the computing platform may determine to wake the computing device based on a polling response. In response to determining to wake the computing device, the computing platform may send, to the computing device, a notification.
    Type: Grant
    Filed: August 11, 2015
    Date of Patent: January 2, 2018
    Assignee: Citrix Systems, Inc.
    Inventor: Richard Hayton
  • Publication number: 20170293767
    Abstract: Methods and systems for communicating information between mobile applications are presented. In some embodiments, a mobile device may determine that a plurality of applications are running on the mobile device. The mobile device may determine that each application of the plurality of applications uses a shared passcode to encrypt information about a persistent state. The mobile device may generate a beacon that includes encrypted state information. The mobile device may maintain state information across the plurality of applications beyond the lifetime of any one of the plurality of applications by transmitting the beacon from a first application to a second application before the first application's lifetime is completed.
    Type: Application
    Filed: June 27, 2017
    Publication date: October 12, 2017
    Inventors: Gary Barton, Richard Hayton, Andrew Carnegie Innes, Georgy Momchilov
  • Patent number: 9729520
    Abstract: Methods and systems for communicating information between mobile applications are presented. In some embodiments, a mobile device may determine that a plurality of applications are running on the mobile device. The mobile device may determine that each application of the plurality of applications uses a shared passcode to encrypt information about a persistent state. The mobile device may generate a beacon that includes encrypted state information. The mobile device may maintain state information across the plurality of applications beyond the lifetime of any one of the plurality of applications by transmitting the beacon from a first application to a second application before the first application's lifetime is completed.
    Type: Grant
    Filed: May 5, 2015
    Date of Patent: August 8, 2017
    Assignee: Citrix Systems, Inc.
    Inventors: Gary Barton, Richard Hayton, Andrew Innes, Georgy Momchilov
  • Patent number: 9628448
    Abstract: Methods and systems for authenticating users of client devices to allow access of resources and services in enterprise systems are described herein. An authentication device may validate a user based on authentication credentials received from a client device. Validation data stored by the authentication device, and a corresponding access token transmitted to the client device, may be used to authenticate the user for future resource access requests. A user secret also may be stored by the authentication device and used to validate the user for future resource access requests. Additionally, after validating a user with a first set of authentication credentials, additional sets of credentials for the user may be retrieved and stored at an access gateway for future requests to access other services or resources in an enterprise system.
    Type: Grant
    Filed: August 1, 2015
    Date of Patent: April 18, 2017
    Assignee: Citrix Systems, Inc.
    Inventor: Richard Hayton
  • Patent number: 9584515
    Abstract: Methods and systems are disclosed for providing approaches to authenticating and authorizing client devices in enterprise systems via a gateway device. The methods and systems may include passing, by a computing device to an enterprise device, a request transmitted by a client device for access to an enterprise resource, and transmitting, by the computing device, authentication credentials associated with the client device with a request for authorization information associated with the enterprise resource.
    Type: Grant
    Filed: April 30, 2014
    Date of Patent: February 28, 2017
    Assignee: Citrix Systems, Inc.
    Inventors: Richard Hayton, Andrew Innes
  • Publication number: 20170048350
    Abstract: Just in time delivery of a consistent user profile to overlapping user sessions, where a first user session issues a request for a first file of a user profile to a server agent. Upon receiving the request, the server agent retrieves the first file from a base user profile, and just in time delivers the retrieved first file to the first user session. The user, via a second user session executing simultaneously with the first user session, issues a request to the server agent for the first file and a second file of the user profile. Upon receiving the request, the server agent identifies a modified version of the first file in a provisional user profile, retrieves the modified first file from the provisional user profile and the second file from the base user profile, and just in time delivers both files to the second user session.
    Type: Application
    Filed: August 23, 2016
    Publication date: February 16, 2017
    Inventors: Joseph Nord, Richard Hayton
  • Publication number: 20170048125
    Abstract: Methods, systems, and computer-readable media for providing monitoring of data servers are presented. In some embodiments, a computing platform may receive, from a computing device, a first polling request associated with a user account, while a client proxy associated with the user account is operating in a passive mode. Subsequently, the computing platform may forward the first polling request to a server associated with the user account. Next, the computing platform may detect that the computing device is asleep. In response to detecting that the computing device is asleep, the computing platform may initiate an active mode of the client proxy. Subsequently, the computing platform may send a second polling request to the server. Thereafter, the computing platform may determine to wake the computing device based on a polling response. In response to determining to wake the computing device, the computing platform may send, to the computing device, a notification.
    Type: Application
    Filed: August 11, 2015
    Publication date: February 16, 2017
    Inventor: Richard Hayton