Providing Virtualized Private Network tunnels
First Claim
1. A method, comprising:
- storing, by a mobile device, a ticket in a secure container usable to store data related to a managed application being provided by the mobile device, wherein the ticket is configured to provide authentication in connection with creating a virtual private network (VPN) tunnel for the managed application to at least one resource accessible through an access gateway;
providing the managed application with access to the at least one resource based on the ticket, the VPN tunnel, and policy information that describes one or more policies for providing the managed application of the apparatus with access to the at least one resource;
determining to perform a selective wipe;
determining that the ticket is stored by the mobile device; and
deleting the ticket from the secure container.
1 Assignment
0 Petitions
Accused Products
Abstract
Various aspects of the disclosure relate to providing a per-application policy-controlled virtual private network (VPN) tunnel. In some embodiments, tickets may be used to provide access to an enterprise resource without separate authentication of the application and, in some instances, can be used in such a manner as to provide a seamless experience to the user when reestablishing a per-application policy controlled VPN tunnel during the lifetime of the ticket. Additional aspects relate to an access gateway providing updated policy information and tickets to a mobile device. Other aspects relate to selectively wiping the tickets from a secure container of the mobile device. Yet further aspects relate to operating applications in multiple modes, such as a managed mode and an unmanaged mode, and providing authentication-related services based on one or more of the above aspects.
-
Citations
20 Claims
-
1. A method, comprising:
-
storing, by a mobile device, a ticket in a secure container usable to store data related to a managed application being provided by the mobile device, wherein the ticket is configured to provide authentication in connection with creating a virtual private network (VPN) tunnel for the managed application to at least one resource accessible through an access gateway; providing the managed application with access to the at least one resource based on the ticket, the VPN tunnel, and policy information that describes one or more policies for providing the managed application of the apparatus with access to the at least one resource; determining to perform a selective wipe; determining that the ticket is stored by the mobile device; and deleting the ticket from the secure container. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 16)
-
-
10. An apparatus, comprising:
-
at least one processor; and memory storing executable instructions configured to, when executed by the at least one processor, cause the apparatus to; store a ticket in a secure container usable to store data related to a managed application being provided by the apparatus, wherein the ticket is configured to provide authentication in connection with creating a virtual private network (VPN) tunnel for the managed application to at least one resource accessible through an access gateway, provide the managed application with access to the at least one resource based on the ticket, the VPN tunnel, and policy information that describes one or more policies for providing the managed application of the apparatus with access to the at least one resource, determine to perform a selective wipe, determine that the ticket is stored by the mobile device, and delete the ticket from the secure container. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
17. One or more non-transitory computer-readable media storing instructions configured to, when executed, cause at least one computing device to:
-
store a ticket in a secure container usable to store data related to a managed application being provided by the apparatus, wherein the ticket is configured to provide authentication in connection with creating a virtual private network (VPN) tunnel for the managed application to at least one resource accessible through an access gateway; provide the managed application with access to the at least one resource based on the ticket, the VPN tunnel, and policy information that describes one or more policies for providing the managed application of the apparatus with access to the at least one resource; determine to perform a selective wipe; determine that the ticket is stored by the mobile device; and delete the ticket from the secure container. - View Dependent Claims (18, 19, 20)
-
Specification