US 12,292,963 B2
Automatically grouping applications in a secure workspace environment
Gokul Thiruchengode Vajravel, Bangalore (IN); Srinivasa Ragavan Rajagopalan, Bangalore (IN); and Ankit Kumar, Jharkhand (IN)
Assigned to Dell Products L.P., Round Rock, TX (US)
Filed by Dell Products L.P., Round Rock, TX (US)
Filed on Nov. 1, 2022, as Appl. No. 18/051,664.
Prior Publication US 2024/0143733 A1, May 2, 2024
Int. Cl. G06F 21/51 (2013.01); G06F 15/16 (2006.01); G06F 21/53 (2013.01); H04L 9/32 (2006.01); H04L 9/40 (2022.01); H04L 15/16 (2006.01)
CPC G06F 21/51 (2013.01) [G06F 21/53 (2013.01); G06F 2221/033 (2013.01)] 19 Claims
OG exemplary drawing
 
1. A method for automatically grouping applications in a secure workspace environment, the method comprising:
executing a host agent and secure workspace coordinator on a user computing device;
in response to a user logging in to the user computing device, sending, by the host agent, a first request to a management solution, the first request requesting a list of applications to be made available to the user on the user computing device;
receiving, by the host agent and in response to the first request, the list of applications to be made available to the user on the user computing device;
sending, by the host agent, the list of applications to the secure workspace coordinator;
prior to deploying the applications in the list of applications, evaluating, by the secure workspace coordinator, an import address table of each of the applications to determine from the import address table which peripherals the respective application uses;
based on the evaluation of the import address tables of the applications, selecting a first secure workspace and a second secure workspace for deploying the applications on the user computing device, the first secure workspace comprising a first sandbox and the second secure workspace comprising a second sandbox;
based on the evaluation of the import address tables of the applications, selecting a first set of the applications to be deployed in the first secure workspace and a second set of the applications to be deployed in the second secure workspace, wherein the first set of the applications are selected to be deployed in the first secure workspace in response to determining from the evaluation that each application in the first set of applications uses a first set of one or more peripherals and the second set of the applications are selected to be deployed in the second secure workspace in response to determining from the evaluation that each application in the second set of applications uses a second set of one or more peripherals different from the first set of one or more peripherals;
causing the first secure workspace to be deployed on the user computing device;
causing the first set of one or more peripherals to be accessible within the first secure workspace;
causing the second secure workspace to be deployed on the user computing device;
causing the second set of one or more peripherals to be accessible within the second secure workspace;
causing the first set of applications to be deployed in the first secure workspace to thereby cause each application in the first set of applications to execute in the first sandbox and therefore be isolated from applications and services executing outside the first sandbox while having access to the first set of one or more peripherals; and
causing the second set of applications to be deployed in the second secure workspace to thereby cause each application in the second set of applications to execute in the second sandbox and therefore be isolated from applications and services executing outside the second sandbox while having access to the second set of one or more peripherals.