SECURE EXECUTION OF ENTERPRISE APPLICATIONS ON MOBILE DEVICES
First Claim
1. A method of providing a secure environment for the execution of enterprise applications on a mobile device, the method comprising:
- installing a secure launcher on the mobile device, said secure launcher being separate from a general launcher included within an operating system of the mobile device, said general launcher providing functionality for launching non-enterprise applications installed on the mobile device; and
installing enterprise applications on the mobile device such that the enterprise applications are capable of being launched only with the secure launcher, and not with the general launcher, said enterprise applications including functionality for accessing an enterprise system;
wherein the secure launcher is configured to enforce an authentication policy in which a user must enter valid authentication information when launching an enterprise application.
8 Assignments
0 Petitions
Accused Products
Abstract
A system is disclosed that includes components and features for enabling enterprise users to securely access enterprise resources (documents, data, application servers, etc.) using their mobile devices. An enterprise can use some or all components of the system to, for example, securely but flexibly implement a BYOD (bring your own device) policy in which users can run both personal applications and secure enterprise applications on their mobile devices. The system may, for example, implement policies for controlling mobile device accesses to enterprise resources based on device attributes (e.g., what mobile applications are installed), user attributes (e.g., the user'"'"'s position or department), behavioral attributes, and other criteria. Client-side code installed on the mobile devices may further enhance security by, for example, creating a secure container for locally storing enterprise data, creating a secure execution environment for running enterprise applications, and/or creating secure application tunnels for communicating with the enterprise system.
590 Citations
20 Claims
-
1. A method of providing a secure environment for the execution of enterprise applications on a mobile device, the method comprising:
-
installing a secure launcher on the mobile device, said secure launcher being separate from a general launcher included within an operating system of the mobile device, said general launcher providing functionality for launching non-enterprise applications installed on the mobile device; and installing enterprise applications on the mobile device such that the enterprise applications are capable of being launched only with the secure launcher, and not with the general launcher, said enterprise applications including functionality for accessing an enterprise system; wherein the secure launcher is configured to enforce an authentication policy in which a user must enter valid authentication information when launching an enterprise application. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A mobile device comprising a processor and a memory, said mobile computing device having installed thereon:
-
a plurality of enterprise applications that are configured to communicate over a network with an enterprise system; and a secure launcher that provides a user interface for launching the enterprise applications on the mobile device, said secure launcher being separate from a general launcher used to launch non-enterprise applications on the mobile device, said general launcher being a part of an operating system of the mobile device and said secure launcher being separate from the operating system, said enterprise applications capable of being launched on the mobile device only with the secure launcher, not the general launcher; wherein the secure launcher is configured to authenticate a user of the mobile device when the user attempts to launch an enterprise application, and is configured to block execution of the enterprise applications when the user fails to provide valid authentication information. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method of providing a secure environment for the execution of enterprise applications on a mobile device that includes non-enterprise applications installed thereon, the method comprising:
-
installing a secure virtual machine on the mobile device, said secure virtual machine being separate from a virtual machine included within an operating system of the mobile device; and configuring the mobile device to cause at least one enterprise application, but none of the non-enterprise applications, to run in the secure virtual machine, whereby the non-enterprise applications continue to use the virtual machine included within the operating system; wherein the secure virtual machine includes functionality for implementing an encryption policy in which data stored on the mobile device by the enterprise application is encrypted. - View Dependent Claims (18, 19, 20)
-
Specification