Real-time mobile security posture
First Claim
Patent Images
1. A non-enterprise computing device for accessing enterprise computing resources, comprising:
- a network interface;
an operating system; and
logic, including at least a processor and a memory, comprising a mobile device management (MDM) agent operable for providing the non-enterprise computing device conditional access to enterprise resources, comprising;
registering with an MDM server of an enterprise the non-enterprise computing device as a non-enterprise computing device lacking enterprise control of software installation, and receiving a certificate configured to provide access to resources of the enterprise;
receiving from the MDM server instructions regarding a security posture to monitor;
registering a security posture event with the operating system;
entering a sleep mode;
waking after receiving from the operating system a notification of a security posture change event;
notifying the MDM server of the security posture change event;
receiving a security modification instruction from the MDM server; and
enforcing the security modification instruction on the computing apparatus.
12 Assignments
0 Petitions
Accused Products
Abstract
In an example, a system and method for real-time mobile security posture updates is provided. A mobile device management (MDM) agent may run on the mobile device, and may register with the operating system one or more mobile security posture change events that may affect the mobile security posture. These may include, for example, installation of an MDM agent, uninstallation of a program, connecting to a secured or unsecured network, or similar. When any such event occurs, the OS lodges the event with the MDM agent, which then communicates with an MDM server engine to potentially receive new security instructions. Lodging the event may include providing a joint user-and-device authentication to the MDM server, such as via SAML.
-
Citations
23 Claims
-
1. A non-enterprise computing device for accessing enterprise computing resources, comprising:
-
a network interface; an operating system; and logic, including at least a processor and a memory, comprising a mobile device management (MDM) agent operable for providing the non-enterprise computing device conditional access to enterprise resources, comprising; registering with an MDM server of an enterprise the non-enterprise computing device as a non-enterprise computing device lacking enterprise control of software installation, and receiving a certificate configured to provide access to resources of the enterprise; receiving from the MDM server instructions regarding a security posture to monitor; registering a security posture event with the operating system; entering a sleep mode; waking after receiving from the operating system a notification of a security posture change event; notifying the MDM server of the security posture change event; receiving a security modification instruction from the MDM server; and enforcing the security modification instruction on the computing apparatus. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. One or more tangible, non-transitory computer-readable storage mediums having stored thereon executable instructions for a computing apparatus to provide a mobile device management (MDM) agent operable for providing the non-enterprise computing device conditional access to enterprise resources, comprising:
-
registering with an MDM server of an enterprise the non-enterprise computing device as a non-enterprise computing device lacking enterprise control of software installation, and receiving a certificate configured to provide access to resources of the enterprise, via a network interface; receiving from the MDM manager server instructions regarding a security posture to monitor; registering a security posture event with an operating system; entering a sleep mode; waking after receiving from the operating system a notification of a security posture change event; notifying the MDM server of the security posture change event via the network interface; receiving a security modification instruction from the MDM server; and enforcing the security modification instruction on the computing apparatus. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A computer-implemented method of providing mobile device management (MDM), comprising:
-
registering with an MDM server of an enterprise a non-enterprise computing device as a non-enterprise computing device lacking enterprise control of software installation, and receiving a certificate configured to provide access to resources of an enterprise, via a network interface; receiving from the MDM server instructions regarding a security posture to monitor; registering a security posture event with the operating system; entering a sleep mode; waking after receiving from the operating system a notification of a security posture change event; notifying the MDM server of the security posture change event via the network interface; receiving a security modification instruction from the MDM server; and enforcing the security modification instruction. - View Dependent Claims (23)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeMusarubra US LLC (Musarubra US SellCo LLC)
-
Original AssigneeMcAfee, LLC
-
InventorsChahal, Sudip, Tatourian, Igor
-
Primary Examiner(s)Gee, Jason K
-
Application NumberUS14/583,687Publication NumberTime in Patent Office1,291 DaysField of SearchUS Class CurrentCPC Class CodesG06F 21/44 Program or device authentic...G06F 21/57 Certifying or maintaining t...G06F 21/6218 to a system of files or obj...H04L 63/0815 providing single-sign-on or...H04L 63/0823 using certificates cryptogr...H04L 63/101 Access control lists [ACL]H04L 63/1416 Event detection, e.g. attac...H04L 63/20 for managing network securi...H04W 12/00 Security arrangements; Auth...H04W 12/06 AuthenticationH04W 12/08 Access securityH04W 12/128 Anti-malware arrangements, ...H04W 12/37 Managing security policies ...
