POLICY-BASED DEVELOPMENT AND RUNTIME CONTROL OF MOBILE APPLICATIONS
First Claim
1. A method of policy-based development and runtime control of mobile applications that comprises:
- a processor of a computer system receiving a request to launch an enhanced application, wherein the enhanced application comprises an application policy descriptor, wherein the application policy descriptor identifies a global policy and an API policy;
the processor ensuring that the application policy descriptor is current and valid;
the processor extracting the global policy from the application policy descriptor;
the processor concluding that the global policy permits the enhanced application to launch;
the processor launching the enhanced application;
the processor determining that the application implements the API policy;
the processor extracting the API policy from the application policy descriptor; and
the processor enforcing the API policy.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, process, and associated systems for policy-based development and runtime control of mobile applications. Security objects that describe or enforce security policies are embedded into the source code of an enhanced application while the application is being developed. When a user attempts to launch the enhanced application on a mobile device, the security objects are updated to match a latest valid version of the objects stored on an enterprise server. The security objects may be further updated at other times. Global security policies, which affect the entire enterprise and which may deny the application permission to launch, are enforced by a global security policy stored within one of the updated security objects. If the application does run, application-specific security policies contained in the updated security objects modify application behavior at runtime in order to enforce application-specific security policies.
-
Citations
24 Claims
-
1. A method of policy-based development and runtime control of mobile applications that comprises:
-
a processor of a computer system receiving a request to launch an enhanced application, wherein the enhanced application comprises an application policy descriptor, wherein the application policy descriptor identifies a global policy and an API policy; the processor ensuring that the application policy descriptor is current and valid; the processor extracting the global policy from the application policy descriptor; the processor concluding that the global policy permits the enhanced application to launch; the processor launching the enhanced application; the processor determining that the application implements the API policy; the processor extracting the API policy from the application policy descriptor; and the processor enforcing the API policy. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer program product, comprising a computer-readable hardware storage device having a computer-readable program code stored therein, said program code configured to be executed by a processor of a computer system to implement a method of policy-based development and runtime control of mobile applications that comprises:
-
the processor receiving a request to launch an enhanced application, wherein the enhanced application comprises an application policy descriptor, wherein the application policy descriptor identifies a global policy and an API policy; the processor ensuring that the application policy descriptor is current and valid; the processor extracting the global policy from the application policy descriptor; the processor concluding that the global policy permits the enhanced application to launch; the processor launching the enhanced application; the processor determining that the application implements the API policy; the processor extracting the API policy from the application policy descriptor; and the processor enforcing the API policy. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer system comprising a processor, a memory coupled to said processor, and a computer-readable hardware storage device coupled to said processor, said storage device containing program code configured to be run by said processor via the memory to implement a method of policy-based development and runtime control of mobile applications that comprises:
-
the processor receiving a request to launch an enhanced application, wherein the enhanced application comprises an application policy descriptor, wherein the application policy descriptor identifies a global policy and an API policy; the processor ensuring that the application policy descriptor is current and valid; the processor extracting the global policy from the application policy descriptor; the processor concluding that the global policy permits the enhanced application to launch; the processor launching the enhanced application; the processor determining that the application implements the API policy; the processor extracting the API policy from the application policy descriptor; and the processor enforcing the API policy. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A process for supporting computer infrastructure, said process comprising providing at least one support service for at least one of creating, integrating, hosting, maintaining, and deploying computer-readable program code in a computer system, wherein the program code in combination with said computer system is configured to implement a method of policy-based development and runtime control of mobile applications that comprises:
-
a processor of a computer system receiving a request to launch an enhanced application, wherein the enhanced application comprises an application policy descriptor, wherein the application policy descriptor identifies a global policy and an API policy; the processor ensuring that the application policy descriptor is current and valid; the processor extracting the global policy from the application policy descriptor; the processor concluding that the global policy permits the enhanced application to launch; the processor launching the enhanced application; the processor determining that the application implements the API policy; the processor extracting the API policy from the application policy descriptor; and the processor enforcing the API policy. - View Dependent Claims (20, 21, 22, 23, 24)
-
Specification