Secure execution of enterprise applications on mobile devices
First Claim
1. A method comprising:
- receiving, by a web browser configured to be installed on a memory of a mobile device, application data from a web application, wherein the web browser is configured to regulate operation of at least one web application in accordance with one or more enterprise policies, the web browser comprising a secure cache;
encrypting, by the web browser, the application data;
storing the encrypted application data in the secure cache;
providing, by the web browser, an option for displaying a document from the application data stored in the secure cache;
receiving a selection of the option for displaying the document from the application data stored in the secure cache;
based on receiving the selection of the option for displaying the document from the application data stored in the secure cache, decrypting a portion of the application data stored in the secure cache associated with the document;
receiving, from a remote computer system, an instruction to make the application data stored in the secure cache inaccessible; and
deleting, by the web browser, the application data from the secure cache.
8 Assignments
0 Petitions
Accused Products
Abstract
A system is disclosed that includes components and features for enabling enterprise users to securely access enterprise resources (documents, data, application servers, etc.) using their mobile devices. An enterprise can use some or all components of the system to, for example, securely but flexibly implement a BYOD (bring your own device) policy in which users can run both personal applications and secure enterprise applications on their mobile devices. The system may, for example, implement policies for controlling mobile device accesses to enterprise resources based on device attributes (e.g., what mobile applications are installed), user attributes (e.g., the user'"'"'s position or department), behavioral attributes, and other criteria. Client-side code installed on the mobile devices may further enhance security by, for example, creating a secure container for locally storing enterprise data, creating a secure execution environment for running enterprise applications, and/or creating secure application tunnels for communicating with the enterprise system.
756 Citations
20 Claims
-
1. A method comprising:
-
receiving, by a web browser configured to be installed on a memory of a mobile device, application data from a web application, wherein the web browser is configured to regulate operation of at least one web application in accordance with one or more enterprise policies, the web browser comprising a secure cache; encrypting, by the web browser, the application data; storing the encrypted application data in the secure cache; providing, by the web browser, an option for displaying a document from the application data stored in the secure cache; receiving a selection of the option for displaying the document from the application data stored in the secure cache; based on receiving the selection of the option for displaying the document from the application data stored in the secure cache, decrypting a portion of the application data stored in the secure cache associated with the document; receiving, from a remote computer system, an instruction to make the application data stored in the secure cache inaccessible; and deleting, by the web browser, the application data from the secure cache. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A non-transitory computer readable medium storing program instructions that are executable to:
-
receive, by a web browser configured to be installed on a memory of a mobile device, application data from a web application, wherein the web browser is configured to regulate operation of at least one web application in accordance with one or more enterprise policies, the web browser comprising a secure cache; encrypt, by the web browser, the application data; store the encrypted application data in the secure cache; provide, by the web browser, an option for displaying a document from the application data stored in the secure cache; receive a selection of the option for displaying the document from the application data stored in the secure cache; based on receiving the selection of the option for displaying the document from the application data stored in the secure cache, decrypt a portion of the application data stored in the secure cache associated with the document; receive, from a remote computer system, an instruction to make the application data stored in the secure cache inaccessible; and delete, by the web browser, the application data from the secure cache. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification