Federated mobile device management
First Claim
1. A non-transitory computer-readable medium embodying program code executable in at least one computing device, the program code, when executed by the at least one computing device, being configured to cause the at least one computing device to at least:
- cause a client device to be managed by a first management service based on first device management data;
verify an identity certificate associated with a second management service to authenticate the second management service for federated device management;
identify a request for the client device to be managed by the second management service;
cause device identification data for the client device to be accessible to the second management service;
identify second device management data received from the second management service for federated device management of the client device; and
cause the client device to be managed based at least in part on the second device management data received from the second management service.
1 Assignment
0 Petitions
Accused Products
Abstract
In one example of federated mobile device management, a first management server federates with a second management server based on an exchange of one or more identity authentication certificates between them. After the first and second management servers have federated or affiliated, they can exchange mobile device management data, including compliance policies, rules, resources, etc., with each other. Based on a request from a client device for affiliated mobile device management, the first management server can request and receive device management data from the second management device. The first management server can evaluate the device management data received from the second management device for conformity with a baseline management policy. If it conforms, the first management server can use the device management data from the second management server, at least in part, to manage the client device.
12 Citations
20 Claims
-
1. A non-transitory computer-readable medium embodying program code executable in at least one computing device, the program code, when executed by the at least one computing device, being configured to cause the at least one computing device to at least:
-
cause a client device to be managed by a first management service based on first device management data; verify an identity certificate associated with a second management service to authenticate the second management service for federated device management; identify a request for the client device to be managed by the second management service; cause device identification data for the client device to be accessible to the second management service; identify second device management data received from the second management service for federated device management of the client device; and cause the client device to be managed based at least in part on the second device management data received from the second management service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method, comprising:
-
causing, by a first management computing device, a client device to be managed by the first management computing device based on first device management data; verifying, by the first management computing device, an identity certificate associated with a second management computing device to authenticate the second management computing device for federated device management; identifying, by the first management computing device, a request from the client device for affiliated device management by the second management computing device; causing, by the first management computing device, device identification data for the client device to be accessible to the second management computing device; receiving, by the first management computing device, second device management data from the second management computing device for federated device management of the client device; and notifying, by the first management computing device, the client device to check in for a device management update based at least in part on the second device management data. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A method, comprising:
-
federating, by a first management computing device, with a second management computing device based on an exchange of at least one identity certificate; receiving, by the first management computing device, a request from a client device for affiliated device management associated with the second management computing device; requesting and receiving, by the first management computing device, device management data for federated device management of the client device from the second management computing device; and evaluating, by the first management computing device, the device management data for conformity with a baseline management policy. - View Dependent Claims (18, 19, 20)
-
Specification