Using Derived Credentials for Enrollment with Enterprise Mobile Device Management Services
First Claim
1. A method comprising:
- receiving, by a mobile computing device, a command to enroll with an enterprise mobile device management server;
in response to receiving the command to enroll with the enterprise mobile device management server, launching, by the mobile computing device, an enrollment application;
sending, by the mobile computing device, using the enrollment application, an enrollment request message to the enterprise mobile device management server;
switching, by the mobile computing device, from the enrollment application to a certificate management system application on the mobile computing device;
requesting, by the mobile computing device, using the certificate management system application, one or more derived credentials from a certificate management system server;
storing, by the mobile computing device, using the certificate management system application, the one or more derived credentials in a shared vault on the mobile computing device;
switching, by the mobile computing device, from the certificate management system application to the enrollment application;
retrieving, by the mobile computing device, using the enrollment application, a derived credential of the one or more derived credentials stored in the shared vault on the mobile computing device; and
providing, by the mobile computing device, using the enrollment application, the derived credential of the one or more derived credentials retrieved using the enrollment application to the enterprise mobile device management server to enroll the mobile computing device with at least one mobile device management service provided by the enterprise mobile device management server.
7 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and computer-readable media for using derived credentials to enroll a mobile computing device with an enterprise mobile device management system are described herein. In various embodiments, a mobile computing device, responsive to a command to enroll with an enterprise mobile device management server, may launch an enrollment application; send an enrollment request message to the enterprise mobile device management server; switch to a certificate management system application on the mobile computing device; request one or more derived credentials from a certificate management system server; store the one or more derived credentials in a shared vault on the mobile computing device; switch to the enrollment application; retrieve a derived credential of the one or more derived credentials stored in the shared vault; and, provide the derived credential to the enterprise mobile device management server to enroll the mobile computing device with at least one mobile device management service.
83 Citations
20 Claims
-
1. A method comprising:
-
receiving, by a mobile computing device, a command to enroll with an enterprise mobile device management server; in response to receiving the command to enroll with the enterprise mobile device management server, launching, by the mobile computing device, an enrollment application; sending, by the mobile computing device, using the enrollment application, an enrollment request message to the enterprise mobile device management server; switching, by the mobile computing device, from the enrollment application to a certificate management system application on the mobile computing device; requesting, by the mobile computing device, using the certificate management system application, one or more derived credentials from a certificate management system server; storing, by the mobile computing device, using the certificate management system application, the one or more derived credentials in a shared vault on the mobile computing device; switching, by the mobile computing device, from the certificate management system application to the enrollment application; retrieving, by the mobile computing device, using the enrollment application, a derived credential of the one or more derived credentials stored in the shared vault on the mobile computing device; and providing, by the mobile computing device, using the enrollment application, the derived credential of the one or more derived credentials retrieved using the enrollment application to the enterprise mobile device management server to enroll the mobile computing device with at least one mobile device management service provided by the enterprise mobile device management server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system, comprising:
-
at least one processor; and at least one memory storing computer executable instructions that, when executed by the at least one processor, cause the system to; receive a command to enroll with an enterprise mobile device management server; in response to receiving the command to enroll with the enterprise mobile device management server, launch an enrollment application; send, using the enrollment application, an enrollment request message to the enterprise mobile device management server; switch from the enrollment application to a certificate management system application; request, using the certificate management system application, one or more derived credentials from a certificate management system server; store, using the certificate management system application, the one or more derived credentials in a shared vault; switch from the certificate management system application to the enrollment application; retrieve, using the enrollment application, a derived credential of the one or more derived credentials stored in the shared vault; and provide, using the enrollment application, the derived credential of the one or more derived credentials retrieved using the enrollment application to the enterprise mobile device management server to enroll with at least one mobile device management service provided by the enterprise mobile device management server.
-
-
20. One or more non-transitory computer-readable medium storing computer-executable instructions that, when executed by a computer system comprising at least one processor, and least one memory, cause the computer system to perform a method comprising:
-
receiving a command to enroll with an enterprise mobile device management server; in response to receiving the command to enroll with the enterprise mobile device management server, launching an enrollment application; sending, using the enrollment application, an enrollment request message to the enterprise mobile device management server; switching from the enrollment application to a certificate management system application; requesting, using the certificate management system application, one or more derived credentials from a certificate management system server; storing, using the certificate management system application, the one or more derived credentials in a shared vault; switching from the certificate management system application to the enrollment application; retrieving, using the enrollment application, a derived credential of the one or more derived credentials stored in the shared vault; and providing, using the enrollment application, the derived credential of the one or more derived credentials retrieved using the enrollment application to the enterprise mobile device management server to enroll with at least one mobile device management service provided by the enterprise mobile device management server.
-
Specification