Search
Patexia Research
Patent No. US 11019106
Issue Date May 25, 2021
Claim this patent
PDF Unavailable

Patent 11019106 - Remotely accessed controlled contained environment > Claims

  • 1. A remote access system for policy-controlled computing with a client device connected to a remote software environment, the remote access system comprising: a memory;a processor;a local application configured to execute on the client device, the local application comprising: a first policy component with a first plurality of policies, wherein the first plurality of policies specify restrictions for the local application of a client application layer, anda client endpoint coupled to a digitally segregated tunnel;a mid-link server, coupled to the digitally segregated tunnel, the mid-link server comprising: a mid-link endpoint that terminates the digitally segregated tunnel,an operating system and a plurality of applications running on the operating system that collectively are port of the remote software environment, anda second policy component, wherein the second policy component uses a second plurality of policies with the remote software environment to affect the plurality of applications of the mid-link endpoint, wherein the second plurality of policies includes a policy requiring the client endpoint to confirm that no key logging or screen capture is present before the segregated tunnel to the remote software environment is allowed, anda mirror function that emulates sensor input from the client device when authenticated by application of the first plurality of policies and second plurality of policies, wherein emulation causes client endpoint interaction to be passed to the mid-link endpoint to spoof the remote software environment as if it is happening inside the remote software environment.
    • 2. The remote access system for policy-controlled computing with the client device connected to the remote software environment of claim 1, wherein the remote software environment is a virtual machine.
    • 3. The remote access system for policy-controlled computing with the client device connected to the remote software environment of claim 1, wherein the remote software environment is a virtual environment.
    • 4. The remote access system for policy-controlled computing with the client device connected to the remote software environment of claim 1, wherein the operating system is selected from a group consisting of: Windows™, iOS™, Android™, Linux, and Chromebook™.
    • 5. The remote access system for policy-controlled computing with the client device connected to the remote software environment of claim 1, wherein the remote software environment runs on a standalone device dedicated for the client device.
    • 6. The remote access system for policy-controlled computing with the client device connected to the remote software environment of claim 1, wherein a time zone of the client device is synchronized with the remote software environment.
  • 7. A method for policy-controlled computing with a client device connected to a remote software environment, the method comprising: enforcing restrictions for a local application of a client application layer with a first policy component having a first plurality of policies, wherein the first policy component is part of the local application configured to execute on the client device;provisioning a digitally segregated tunnel between a client endpoint and a mid-link endpoint of a mid-link server;provisioning on the mid-link server an operating system and a plurality of applications running on the operating system that collectively are port of the remote software environment;enforcing restrictions on the remote software environment with a second policy component using a second plurality of policies to affect the plurality of applications of the mid-link endpoint, wherein the second plurality of policies includes a policy requiring the client endpoint to confirm that no key logging or screen capture is present before the segregated tunnel to the remote software environment is provisioned; andemulating sensor input from the client device when authenticated by application of the first plurality of policies and second plurality of policies, wherein emulation causes client endpoint interaction to be passed to the mid-link endpoint to spoof the remote software environment as if it is happening inside the remote software environment using a mirror function.
    • 8. The method for policy-controlled computing with the client device connected to the remote software environment of claim 7, wherein the remote software environment is a virtual machine.
    • 9. The method for policy-controlled computing with the client device connected to the remote software environment of claim 7, wherein the remote software environment is a virtual environment.
    • 10. The method for policy-controlled computing with the client device connected to the remote software environment of claim 7, wherein the operating system is selected from a group consisting of: Windows™, iOS™, Android™, Linux, and Chromebook™.
    • 11. The method for policy-controlled computing with the client device connected to the remote software environment of claim 7, wherein the remote software environment runs on a standalone device dedicated for the client device.
    • 12. The method for policy-controlled computing with the client device connected to the remote software environment of claim 7, wherein a time zone of the client device is synchronized with the remote software environment.
  • 13. A remote access system for policy-controlled computing with a client device connected to a remote software environment, the remote access system comprising: a plurality of servers, each having: a memory;a processor;collectively having code for:enforcing restrictions for a local application of a client application layer with a first policy component having a first plurality of policies, wherein the first policy component is part of the local application configured to execute on the client device;provisioning a digitally segregated tunnel between a client endpoint and a mid-link endpoint of a mid-link server;provisioning on the mid-link server an operating system and a plurality of applications running on the operating system that collectively are port of the remote software environment;enforcing restrictions on the remote software environment with a second policy component using a second plurality of policies to affect the plurality of applications of the mid-link endpoint, wherein the second plurality of policies includes a policy requiring the client endpoint to confirm that no key logging or screen capture is present before provisioning the segregated tunnel to the remote software environment; andemulating sensor input from the client device when authenticated by application of the first plurality of policies and second plurality of policies, wherein emulation causes client endpoint interaction to be passed to the mid-link endpoint to spoof the remote software environment as if it is happening inside the remote software environment using a mirror function.
    • 14. The remote access system for policy-controlled computing with the client device connected to the remote software environment of claim 13, wherein the remote software environment is a virtual machine.
    • 15. The remote access system for policy-controlled computing with the client device connected to the remote software environment of claim 13, wherein the remote software environment is a virtual environment.
    • 16. The remote access system for policy-controlled computing with the client device connected to the remote software environment of claim 13, wherein the operating system is selected from a group consisting of: Windows™, iOS™, Android™, Linux, and Chromebook™.
    • 17. The remote access system for policy-controlled computing with the client device connected to the remote software environment of claim 13, wherein the remote software environment runs on a standalone device dedicated for the client Device™.
    • 18. The remote access system for policy-controlled computing with the client device connected to the remote software environment of claim 13, wherein a time zone of the client device is synchronized with the remote software environment.
Menu