FETCHING A POLICY DEFINITION LIBRARY FROM A POLICY SERVER AT MOBILE DEVICE RUNTIME OF AN APPLICATION PACKAGE TO CONTROL ACCESS TO MOBILE DEVICE RESOURCES
First Claim
1. A method comprising:
- performing operations as follows on a processor of a mobile device;
responsive to occurrence of a defined event associated with an application package, fetching a policy definition library from a policy server through a data network, the policy definition library containing policies defining resources of the mobile device that the application package is permitted to access;
executing the wrapped application package containing application executable code and application wrapper executable code that is called by each execution of an agnostic wrapper function residing at each of a plurality of locations in the application executable code; and
responsive to execution of the agnostic wrapper function at any of the plurality of locations in the application executable code, executing the application wrapper executable code to control whether access by the application executable code is granted to resources of the mobile device based on the policies contained in the policy definition library.
1 Assignment
0 Petitions
Accused Products
Abstract
A mobile device fetches a policy definition library from a policy server responsive to occurrence of a defined event associated with an application package. The policy definition library contains policies defining resources of the mobile device that the application package is permitted to access. The mobile device executes the wrapped application package containing application executable code and application wrapper executable code that is called by each execution of an agnostic wrapper function residing at each of a plurality of locations in the application executable code. Responsive to execution of the agnostic wrapper function at any of the plurality of locations in the application executable code, the mobile device executes the application wrapper executable code to control whether access by the application executable code is granted to resources of the mobile device based on the policies contained in the policy definition library.
-
Citations
20 Claims
-
1. A method comprising:
-
performing operations as follows on a processor of a mobile device; responsive to occurrence of a defined event associated with an application package, fetching a policy definition library from a policy server through a data network, the policy definition library containing policies defining resources of the mobile device that the application package is permitted to access; executing the wrapped application package containing application executable code and application wrapper executable code that is called by each execution of an agnostic wrapper function residing at each of a plurality of locations in the application executable code; and responsive to execution of the agnostic wrapper function at any of the plurality of locations in the application executable code, executing the application wrapper executable code to control whether access by the application executable code is granted to resources of the mobile device based on the policies contained in the policy definition library. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
performing operations as follows on a processor of a policy server; receiving a request message through a data network from a mobile device, the request message containing an identifier of an application package on the mobile device and which requests delivery of one of a plurality of policy definition libraries accessible through the policy server that is associated with the identifier of the application package; fetching the one of the plurality of policy definition libraries based on the identifier of the application package; and communicating the one of the plurality of policy definition libraries to the mobile device via the data network. - View Dependent Claims (12, 13)
-
-
14. A mobile device, comprising:
-
a processor; and a memory coupled to the processor and storing computer readable program code that when executed by the processor causes the processor to perform operations comprising; responsive to occurrence of a defined event associated with an application package, fetching a policy definition library from a policy server through a data network, the policy definition library containing policies defining resources of the mobile device that the application package is permitted to access; executing the wrapped application package containing application executable code and application wrapper executable code that is called by each execution of an agnostic wrapper function residing at each of a plurality of locations in the application executable code; and responsive to execution of the agnostic wrapper function at any of the plurality of locations in the application executable code, executing the application wrapper executable code to control whether access by the application executable code is granted to resources of the mobile device based on the policies contained in the policy definition library. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification