×

Mobile gateway for secure extension of enterprise services to mobile devices

  • US 7,289,788 B2
  • Filed: 05/26/2004
  • Issued: 10/30/2007
  • Est. Priority Date: 05/26/2004
  • Status: Active Grant
First Claim
Patent Images

1. An apparatus for use in controlling access to an enterprise service of an enterprise network from a mobile device in a communication system, the apparatus comprising:

  • a gateway having a first server and a second server;

    the first server of the gateway being arranged behind a firewall of the enterprise network and being coupled between the second server and one or more enterprise servers of the enterprise network;

    the second server being arranged in front of the firewall and being configured for communication with an operator network associated with the mobile device;

    wherein the gateway controls interaction between the mobile device and the one or more enterprise servers such that access to one or more associated enterprise services is provided in a secure manner;

    wherein the gateway is configured to provide access control based on a stored multi-dimensional service access control matrix comprising at least a user dimension, a service dimension and a device dimension, the device dimension identifying mobile devices assigned to users identified by the user dimension, the service dimension identifying services accessible to said users via the mobile devices identified by the device dimension, a given entry in the service access control matrix comprising a particular permissible combination of a user identifier, a service identifier and a device identifier;

    the gateway is configured to create at least one mobile service image based at least in part on the service access control matrix;

    the gateway is configured to update the at least one mobile service image upon receipt of at least one of a notification or a service request; and

    wherein the gateway is configured to deny a given access attempt initiated by one of the users identified by the user dimension from one of the mobile devices identified by the device dimension unless a combination of its associated user identifier, service identifier and device identifier corresponds to an entry in the service access control matrix.

View all claims
  • 24 Assignments
Timeline View
Assignment View
    ×
    ×