Managing and Enforcing Policies on Mobile Devices
First Claim
1. A system comprising:
- a server computer executing a server-side policy management process including an interface component configured to allow a system administrator to define and modify action rule sets, and a transmission function to distribute the action rule sets to client devices over one or more networks; and
a mobile client device coupled to the server computer over the one or more networks, and executing a client-side policy management process configured to activate, deactivate, and enforce the action rule sets distributed by the server computer to implement at least one of defining one or more operational characteristics of the mobile client device or allowing access to one or more resources on the mobile client device or accessible by the mobile client device over the one or more networks.
3 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of a system configured to manage policies, including decision policies and active policies, on mobile devices is described. The system is configured to manage policies, including decision policies and active policies, on mobile devices is described that includes a device policy repository, a policy decision point, a decision policy enforcer, and an active policy enforcer. The system includes a method for enforcing policies on mobile devices that proactively monitors the execution environment and automatically triggers active policies. The method further exports an interface and provides functionality to evaluate and enforce decision policies. The system can combine policies from different sources, including detecting and avoiding policy conflicts.
-
Citations
27 Claims
-
1. A system comprising:
-
a server computer executing a server-side policy management process including an interface component configured to allow a system administrator to define and modify action rule sets, and a transmission function to distribute the action rule sets to client devices over one or more networks; and a mobile client device coupled to the server computer over the one or more networks, and executing a client-side policy management process configured to activate, deactivate, and enforce the action rule sets distributed by the server computer to implement at least one of defining one or more operational characteristics of the mobile client device or allowing access to one or more resources on the mobile client device or accessible by the mobile client device over the one or more networks. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for implementing policy management on a mobile device, comprising:
-
a device policy repository storing one or more policies on the mobile device, the policies comprising at least one of a decision policy that dictates user access to operations or resources of the mobile device under defined conditions, and an active policy describing one or more actions to be taken based on an event occurrence; a decision policy enforcer enforcing policies for access control in response to a request from a requesting entity; a policy decision point configured to decide whether or not access to a resource is granted based on attributes of a request from the decision policy enforcer and a decision policy stored in the device policy repository; and an active policy enforcer enforcing active policies in response to an event occurrence. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
-
24. A method of defining and enforcing policies on a mobile client device coupled to a server computer over a computer network, comprising:
-
executing a client-side process on an Open Mobile Alliance Device Management (OMA DM) enabled mobile client device and configured to monitor the execution environment of the mobile device and automatically trigger one or more defined active policies upon the occurrence of an event; and executing a server-side process configured to allow creation, modification and transmission of defined active policies to the mobile client device. - View Dependent Claims (25, 26, 27)
-
Specification