Connection leasing for hosted services

US 9,800,669 B2
Filed: 01/22/2015
Issued: 10/24/2017
Est. Priority Date: 02/16/2012
Status: Active Grant

First Claim

Patent Images

1. A session host apparatus, comprising:

a processor controlling operations of the session host apparatus; and

memory storing computer readable instructions that, when executed by the processor, cause the session host apparatus to establish a session with a session client by;

providing, to the session client and based on a resource assignment of a connection broker apparatus, one or more resources hosted by the session host apparatus;

receiving a lease token associated with the session client, wherein the lease token is a self-sustaining package of cryptographically signed connection lease data from which the session host apparatus can determine, regardless of an outage of the connection broker apparatus, whether the session client is authorized to access one or more resources hosted by the session host apparatus, the lease token configured based on one or more resources previously assigned to the session client by the connection broker apparatus;

determining, based on the lease token, one or more resources, hosted by the session host apparatus, that the session client is authorized to access;

sending connection information to the session client based on the one or more determined resources, after determining that the session client is authorized to access the one or more resources hosted by the session host apparatus; and

establishing a session with the session client to provide access to the one or more determined resources.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Aspects herein describe techniques for brokering hosted resources in a virtual desktop infrastructure (VDI) using connection leases to reduce demand on connection brokers and to allow hosted services to be maintained even in the event of a broker outage. When a client device desires to connect to a hosted resource (e.g., a hosted desktop or a hosted application), the client device may present a lease token to the session host. The lease token is a self-sustaining package of data from which a session host can determine whether the requesting client device is authorized to access one or more resources hosted by that session host. The lease token may be cryptographically signed to ensure its contents have not been altered, and further that the lease token originated from a trusted source. Lease tokens may be stored independently from a connection broker, thereby still being usable if the connection broker goes offline.

21 Citations

View as Search Results

20 Claims

1. A session host apparatus, comprising:
- a processor controlling operations of the session host apparatus; and
  
  memory storing computer readable instructions that, when executed by the processor, cause the session host apparatus to establish a session with a session client by;
  
  providing, to the session client and based on a resource assignment of a connection broker apparatus, one or more resources hosted by the session host apparatus;
  
  receiving a lease token associated with the session client, wherein the lease token is a self-sustaining package of cryptographically signed connection lease data from which the session host apparatus can determine, regardless of an outage of the connection broker apparatus, whether the session client is authorized to access one or more resources hosted by the session host apparatus, the lease token configured based on one or more resources previously assigned to the session client by the connection broker apparatus;
  
  determining, based on the lease token, one or more resources, hosted by the session host apparatus, that the session client is authorized to access;
  
  sending connection information to the session client based on the one or more determined resources, after determining that the session client is authorized to access the one or more resources hosted by the session host apparatus; and
  
  establishing a session with the session client to provide access to the one or more determined resources.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The session host apparatus of claim 1, wherein determining comprises checking a lease token revocation database to determine whether the lease token has been revoked.
  - 3. The session host apparatus of claim 1, wherein the lease token comprises a plurality of data fields, each data field defining a different one of:
    - a lease ID;
      
      a set of one or more clients;
      
      a set of one or more session hosts; and
      
      a set of one or more resources.
  - 4. The session host apparatus of claim 3, wherein the lease token is signed by the connection broker apparatus.
  - 5. The session host apparatus of claim 3, wherein the lease token comprises a plurality of security policy data fields, each security policy data field defining a different one of:
    - a set of one or more access conditions;
      
      a connection limit;
      
      a maximum idle time; and
      
      a maximum disconnect time.
  - 6. The session host apparatus of claim 5, wherein the access conditions depend on a state of anti-malware software on the session client.

7. A connection broker apparatus, comprising:
- a processor controlling operations of the connection broker apparatus; and
  
  memory storing computer readable instructions that, when executed by the processor, cause the connection broker apparatus to administer a connection lease by;
  
  receiving a connection request from a session client;
  
  based on the session client, determining;
  
  one or more session hosts the session client is authorized to establish a session with, andone or more resources the session client is authorized to access on said one or more session hosts;
  
  assigning the one or more determined resources to the session client;
  
  generating, based on one or more resources previously assigned to the session client by the connection broker apparatus, a lease token as a self-sustaining package of cryptographically signed connection lease data from which each of the one or more session hosts can determine, regardless of an outage of the connection broker apparatus, whether the session client is authorized to access one or more resources hosted by that session host, the self-sustaining package having a first data field identifying a lease number, a second data field identifying the one or more session hosts, a third data field identifying one or more resources the session client is authorized to access, and a fourth data field identifying the session client;
  
  cryptographically signing the lease token to verify that the lease token originated at the connection broker apparatus; and
  
  sending the signed lease token to a lease store for storage.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The connection broker apparatus of claim 7, wherein sending the lease token includes sending the lease token to one or more of:
    - the session client for storage on the session client, anda central lease store accessible by the one or more identified session hosts.
  - 9. The connection broker apparatus of claim 7, said instructions further causing the connection broker apparatus to perform:
    - receiving a request to revoke the lease token; and
      
      revoking the lease token by publishing the lease number to a central revocation list.
  - 10. The connection broker apparatus of claim 7, said instructions further causing the connection broker apparatus to perform:
    - receiving a request to revoke the lease token; and
      
      revoking the lease token by sending a revocation message to each of the one or more session hosts identified in the lease token.
  - 11. The connection broker apparatus of claim 7, said instructions further causing the connection broker apparatus to perform:
    - receiving a request to revoke the lease token; and
      
      revoking the lease token by revoking a cryptographic key used to sign the lease token.
  - 12. The connection broker apparatus of claim 7, wherein the lease token further includes a fifth data field identifying a set of one or more access conditions, a sixth data field identifying a connection limit, a seventh data field identifying a maximum idle time, and an eighth data field identifying a maximum disconnect time, wherein each of the fifth through eighth data fields are usable by a session host identified in the second data field to implement a security policy.
  - 13. The connection broker apparatus of claim 7, said instructions further causing the connection broker apparatus to perform:
    - receiving, after the lease token is expired or revoked, a subsequent connection request from the session client; and
      
      assigning, based on the subsequent connection request, one or more resources to the session client.

14. A method comprising:
- providing, to a session client and based on a resource assignment of a connection broker apparatus, one or more resources hosted by a session host apparatus;
  
  receiving, by the session host apparatus, a lease token associated with the session client, wherein the lease token is a self-sustaining package of cryptographically signed connection lease data from which the session host apparatus can determine, regardless of an outage of the connection broker apparatus, whether the session client is authorized to access one or more resources hosted by the session host apparatus, the lease token configured based on one or more resources previously assigned to the session client by the connection broker apparatus;
  
  determining, based on the lease token, one or more resources, hosted by the session host apparatus, that the session client is authorized to access;
  
  sending connection information to the session client based on the one or more determined resources, after determining that the session client is authorized to access the one or more resources hosted by the session host apparatus; and
  
  establishing a session with the session client to provide access to the one or more determined resources.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The method of claim 14, wherein the lease token comprises:
    - a first data field identifying a lease number corresponding to the lease token;
      
      a second data field identifying one or more session hosts;
      
      a third data field identifying one or more resources; and
      
      a fourth data field identifying one or more session clients permitted to access the one or more resources hosted by the one or more session hosts.
  - 16. The method of claim 15, wherein each resource is one of a hosted desktop and a hosted application.
  - 17. The method of claim 15, wherein the lease token further comprises:
    - a fifth data field identifying a set of one or more access conditions that must be met by the one or more session clients in order to access the one or more session hosts;
      
      a sixth data field identifying a connection limit;
      
      a seventh data field identifying a maximum idle time; and
      
      an eighth data field identifying a maximum disconnect time,wherein each of the fifth through eighth data fields are usable by a session host identified in the second data field to implement a security policy.
  - 18. The method of claim 17, wherein the connection limit is usable to constrain when the one or more session clients can access the one or more session hosts.
  - 19. The method of claim 15, wherein the lease token further comprises a fifth data field identifying virtual channel information usable by the one or more session hosts to allow or deny access by the one or more session clients to one or more virtual channels on the one or more session hosts.
  - 20. The method of claim 15, wherein the lease token further comprises a fifth data field storing a signature usable by the one or more session hosts to verify that data structure of the lease token is unaltered, and that the lease token originated from the connection broker apparatus.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citrix Systems, Inc. (Cloud Software Group)
Original Assignee
Citrix Systems, Inc. (Cloud Software Group)
Inventors
Bell, Kenneth Malcolm
Primary Examiner(s)
Pwu, Jeffrey
Assistant Examiner(s)
Woldemariam, Nega

Application Number

US14/602,629
Publication Number

US 20150201027A1
Time in Patent Office

1,006 Days
Field of Search
US Class Current
CPC Class Codes

G06F 9/468   Specific access rights for ...

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/10   for controlling access to d...

H04L 67/131   Protocols for games, networ...

H04L 67/14   Session management for real...

H04L 67/141   Setup of application sessio...

Connection leasing for hosted services

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

21 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Connection leasing for hosted services

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links