Policy-Based Application Management
First Claim
1. A method of providing a secure storage location on an electronic mobile device, comprising:
- receiving, by an electronic mobile device, a managed application from an application server during a first communication, the managed application being constructed to operate in accordance with a set of one or more policy files;
receiving, by the device, the set of one or more policy files from the application server during a second communication which is different than the first communication, the set of one or more policy files being stored on the electronic mobile device separately from the managed application;
running, by the processor, the managed application on the mobile device, the managed application operating in accordance with the set of one or more policy files;
storing and executing multiple managed applications on the device;
associating each managed application with an application group;
associating each application group with a different secure persistent storage area; and
providing access to each secure persistent storage area only to those managed applications in the associated application group.
1 Assignment
0 Petitions
Accused Products
Abstract
Improved techniques for managing enterprise applications on mobile devices are described herein. Each enterprise mobile application running on the mobile device has an associated policy through which it interacts with its environment. The policy selectively blocks or allows activities involving the enterprise application in accordance with rules established by the enterprise. Together, the enterprise applications running on the mobile device form a set of managed applications. Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications, such as the user'"'"'s own personal applications. Policies may be defined to manage data sharing, mobile resource management, application specific information, networking and data access solutions, device cloud and transfer, dual mode application software, enterprise app store access, and virtualized application and resources, among other things.
-
Citations
20 Claims
-
1. A method of providing a secure storage location on an electronic mobile device, comprising:
-
receiving, by an electronic mobile device, a managed application from an application server during a first communication, the managed application being constructed to operate in accordance with a set of one or more policy files; receiving, by the device, the set of one or more policy files from the application server during a second communication which is different than the first communication, the set of one or more policy files being stored on the electronic mobile device separately from the managed application; running, by the processor, the managed application on the mobile device, the managed application operating in accordance with the set of one or more policy files; storing and executing multiple managed applications on the device; associating each managed application with an application group; associating each application group with a different secure persistent storage area; and providing access to each secure persistent storage area only to those managed applications in the associated application group. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. One or more non-transitory computer readable media storing computer instructions that, when executed, provide a secure storage location on an electronic mobile device by:
-
receiving, by an electronic mobile device, a managed application from an application server during a first communication, the managed application being constructed to operate in accordance with a set of one or more policy files; receiving, by the device, the set of one or more policy files from the application server during a second communication which is different than the first communication, the set of one or more policy files being stored on the electronic mobile device separately from the managed application; and running, by the processor, the managed application on the mobile device, the managed application operating in accordance with the set of one or more policy files, wherein the set of one or more policy files act to provide access by the managed application to a secure persistent storage area of the electronic mobile device, said secure persistent storage area accessible by an enterprise administrator, and usable to store a plurality of discrete data files. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. An electronic mobile device, comprising:
-
a processor; and memory storing computer readable instructions that, when executed by the processor, cause the device to provide a secure storage location by; receiving, by an electronic mobile device, a managed application from an application server during a first communication, the managed application being to operate in accordance with a set of one or more policy files; receiving, by the device, the set of one or more policy files from the application server during a second communication which is different than the first communication, the set of one or more policy files being stored on the electronic mobile device separately from the managed application; running, by the processor, the managed application on the mobile device, the managed application operating in accordance with the set of one or more policy files; storing and executing multiple managed applications on the device; associating each managed application with an application group; associating each application group with a different secure persistent storage area; and providing access to each secure persistent storage area only to those managed applications in the associated application group. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification