Associating Services to Perimeters

US 20130097316A1
Filed: 10/17/2011
Published: 04/18/2013
Est. Priority Date: 10/17/2011
Status: Active Grant

First Claim

Patent Images

1. A method of accessing a resource, the method comprising:

receiving, by a first device, a request to enable the first device to access, through a wireless connection with a second device, a server resource account of an enterprise, wherein the first device includes a first enterprise perimeter including an internal resource and a first enterprise identifier and being configured to prevent external resources from accessing the internal resource;

wirelessly transmitting, to the second device, a request to the second device for a second enterprise identifier assigned to a second enterprise perimeter included in the second device; and

determining whether to grant access to the internal resource based on a first enterprise identifier assigned to the first device and a second enterprise identifier assigned to the second device.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In some implementations, a method includes receiving, from a user of a first device, a request to enable access, through a second device, to a server resource account of an enterprise. The first device includes a first enterprise perimeter including an internal resource and a first enterprise identifier and configured to prevent external resources from accessing the internal resource. A request is wirelessly transmit, to the second device, to the second device for a second enterprise identifier assigned to a second enterprise perimeter included in the second device. Whether to grant access to the internal resource is determined based on a first enterprise identifier assigned to the first device and a second enterprise identifier assigned to the second device.

40 Citations

View as Search Results

28 Claims

1. A method of accessing a resource, the method comprising:
- receiving, by a first device, a request to enable the first device to access, through a wireless connection with a second device, a server resource account of an enterprise, wherein the first device includes a first enterprise perimeter including an internal resource and a first enterprise identifier and being configured to prevent external resources from accessing the internal resource;
  
  wirelessly transmitting, to the second device, a request to the second device for a second enterprise identifier assigned to a second enterprise perimeter included in the second device; and
  
  determining whether to grant access to the internal resource based on a first enterprise identifier assigned to the first device and a second enterprise identifier assigned to the second device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising:
    - transmitting a request to access the server resource account of the enterprise;
      
      receiving information granting access to the server resource account and the first enterprise identifier; and
      
      generating the first enterprise perimeter including resources for accessing the server resource account and the first enterprise identifier.
  - 3. The method of claim 1, wherein the first enterprise identifier comprises a first email address, and the second enterprise identifier comprises a second email address.
  - 4. The method of claim 1, further comprising:
    - identifying a first user identifier associated with the first device;
      
      transmitting, to the second device, a request to the second device for a second user identifier associated with the second device; and
      
      wherein determining whether to grant access to the internal resource is based on the first enterprise identifier, the first user identifier, the second enterprise identifier, and the second user identifier.
  - 5. The method of claim 1, wherein determining whether to grant access comprises:
    - comparing the first enterprise identifier to the second enterprise identifier; and
      
      in response to the first enterprise identifier matching the second enterprise identifier, granting access to the internal resource in the enterprise perimeter.
  - 6. The method of claim 1, wherein determining whether to grant access comprises:
    - comparing the first enterprise identifier to the second enterprise identifier; and
      
      in response to the first enterprise identifier not matching the second enterprise identifier, generating a separate unknown user perimeter access including resources to access the enterprise service.
  - 7. The method of claim 6, wherein the enterprise service comprises at least one of a data file or an application.

8. A mobile device, comprising:
- one or more processors operable to;
  
  receive, by a first device, a request to enable access, through a wireless connection with a second device, to a server resource account of an enterprise, wherein the first device includes a first enterprise perimeter including an internal resource and a first enterprise identifier and configured to prevent external resources from accessing the internal resource;
  
  wirelessly transmit, to the second device, a request to the second device for a second enterprise identifier assigned to a second enterprise perimeter included in the second device; and
  
  determine whether to grant access to the internal resource based on a first enterprise identifier assigned to the first device and a second enterprise identifier assigned to the second device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The mobile device of claim 8, the one or more processors being further operable to:
    - transmit a request to access the server resource account of the enterprise;
      
      receive information granting access to the server resource account and the first enterprise identifier; and
      
      generate the first enterprise perimeter including resources for accessing the server resource account and the first enterprise identifier.
  - 10. The mobile device of claim 8, wherein the first enterprise identifier comprises a first email address, and the second enterprise identifier comprises a second email address.
  - 11. The mobile device of claim 8, the one or more processors being further operable to:
    - identify a first user identifier associated with the first device;
      
      transmit, to the second device, a request to the second device for a second user identifier associated with the second device; and
      
      wherein the processors operable to determine whether to grant access to the internal resource is based on the first enterprise identifier, the first user identifier, the second enterprise identifier, and the second user identifier.
  - 12. The mobile device of claim 8, wherein the one or more processors operable to determine whether to grant access comprises the one or more processors operable to:
    - compare the first enterprise identifier to the second enterprise identifier; and
      
      in response to the first enterprise identifier matching the second enterprise identifier, grant access to the internal resource in the enterprise perimeter.
  - 13. The mobile device of claim 8, wherein the one or more processors operable to determining whether to grant access comprises the one or more processors operable to:
    - compare the first enterprise identifier to the second enterprise identifier; and
      
      in response to the first enterprise identifier not matching the second enterprise identifier, generate a separate unknown user perimeter access including resources to access the enterprise service.
  - 14. The mobile device of claim 13, wherein the enterprise service comprises one or more files.

15. A computer program product encoded on a tangible, non-transitory storage medium, the product comprising computer readable instructions for causing one or more processors to perform operations comprising:
- receiving, by a first device, a request to enable access, through a wireless connection with a second device, to a server resource account of an enterprise, wherein the first device includes a first enterprise perimeter including an internal resource and a first enterprise identifier and configured to prevent external resources from accessing the internal resource;
  
  wirelessly transmitting, to the second device, a request to the second device for a second enterprise identifier assigned to a second enterprise perimeter included in the second device; and
  
  determining whether to grant access to the internal resource based on a first enterprise identifier assigned to the first device and a second enterprise identifier assigned to the second device.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The computer program product of claim 15, instructions for causing one or more processors to further perform operations comprising:
    - transmitting a request to access the server resource account of the enterprise;
      
      receiving information granting access to the server resource account and the first enterprise identifier; and
      
      generating the first enterprise perimeter including resources for accessing the server resource account and the first enterprise identifier.
  - 17. The computer program product of claim 15, wherein the first enterprise identifier comprises a first email address, and the second enterprise identifier comprises a second email address.
  - 18. The computer program product of claim 15, instructions for causing one or more processors to further perform operations comprising:
    - identifying a first user identifier associated with the first device;
      
      transmitting, to the second device, a request to the second device for a second user identifier associated with the second device; and
      
      wherein the instructions for causing one or more processors to perform operations comprising determining whether to grant access to the internal resource is based on the first enterprise identifier, the first user identifier, the second enterprise identifier, and the second user identifier.
  - 19. The computer program product of claim 15, wherein the instructions for causing one or more processors to perform operations comprising determining whether to grant access comprises the instructions for causing one or more processors to perform operations comprising:
    - comparing the first enterprise identifier to the second enterprise identifier; and
      
      in response to the first enterprise identifier matching the second enterprise identifier, granting access to the internal resource in the enterprise perimeter.
  - 20. The computer program product of claim 15, wherein the instructions for causing one or more processors to perform operations comprising determining whether to grant access comprises the instructions for causing one or more processors to perform operations comprising:
    - comparing the first enterprise identifier to the second enterprise identifier; and
      
      in response to the first enterprise identifier not matching the second enterprise identifier, generating a separate unknown user perimeter access including resources to access the enterprise service.
  - 21. The computer program product of claim 20, wherein the enterprise service comprises one or more files.

22. A system, comprising:
- a first mobile device configured to receive a request to enable access, through a wireless connection with a second device, to a server resource account of an enterprise, wherein the first mobile device includes a first enterprise perimeter including an internal resource and a first enterprise identifier and configured to prevent external resources from accessing the internal resource, wirelessly transmit a request to the second device for a second enterprise identifier assigned to a second enterprise perimeter included in the second mobile device, and determine whether to grant access to the internal resource based on a first enterprise identifier assigned to the first mobile device and a second enterprise identifier assigned to the second mobile device; and
  
  the second mobile device configured to connect the first mobile device to the cellular network.
- View Dependent Claims (23, 24, 25, 26, 27, 28)
- - 23. The system of claim 22, the first mobile device further configure to:
    - transmit a request to access the server resource account of the enterprise;
      
      receive information granting access to the server resource account and the first enterprise identifier; and
      
      generate the first enterprise perimeter including resources for accessing the server resource account and the first enterprise identifier.
  - 24. The system of claim 22, wherein the first enterprise identifier comprises a first email address, and the second enterprise identifier comprises a second email address.
  - 25. The system of claim 22, the first mobile device further configure to:
    - identify a first user identifier associated with the first device;
      
      transmit, to the second device, a request to the second device for a second user identifier associated with the second device; and
      
      wherein the first mobile device configured to determine whether to grant access to the internal resource is based on the first enterprise identifier, the first user identifier, the second enterprise identifier, and the second user identifier.
  - 26. The system of claim 22, wherein the first mobile device configure to determine whether to grant access comprises the first mobile device configure to:
    - compare the first enterprise identifier to the second enterprise identifier; and
      
      in response to the first enterprise identifier matching the second enterprise identifier, grant access to the internal resource in the enterprise perimeter.
  - 27. The system of claim 22, wherein the first mobile device configure to determine whether to grant access comprises the first mobile device configure to:
    - compare the first enterprise identifier to the second enterprise identifier; and
      
      in response to the first enterprise identifier not matching the second enterprise identifier, generate a separate unknown user perimeter access including resources to access the enterprise service.
  - 28. The system of claim 27, wherein the enterprise service comprises at least one of a data file or an application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Bender, Christopher Lyle, Russell, Graham, Silvanovich, Natalie Michelle

Granted Patent

US 9,161,226 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/225
CPC Class Codes

H04L 63/0209   Architectural arrangements,...

H04L 63/102   Entity profiles

H04L 67/12   specially adapted for propr...

H04W 12/08   Access security

H04W 12/086   using security domains

H04W 76/14   Direct-mode setup

H04W 84/12   WLAN [Wireless Local Area N...

Associating Services to Perimeters

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

40 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Associating Services to Perimeters

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links