Method of customizing a standardized IT policy

US 8,332,906 B2
Filed: 02/27/2006
Issued: 12/11/2012
Est. Priority Date: 02/27/2006
Status: Active Grant

First Claim

Patent Images

1. A method of providing an IT policy to configure a plurality of mobile devices associated with a group of users, the IT policy comprising a set of rules that dictate the functionality or specific values for configuration settings of the plurality of mobile devices, wherein the IT policy comprises IT policy data that is customizable on a per-user basis and the method is implemented by a processor, and the method comprises:

checking for a change made to a global IT policy;

noting a first group of users for which the change in the global IT policy applies;

checking for at least one special user in the first group of users that have per-user IT policy rules;

generating global IT policy data based on settings in a first data structure associated with global IT policy rules that are applicable to all users within the group of users;

generating per-user IT policy data based on settings in a second data structure associated with the per-user IT policy rules that are applicable to the at least one special user within the group of users;

generating merged IT policy data for the at least one special user by merging the global IT policy data with the per-user IT policy data, wherein the per-user IT policy data in the merged IT policy data defines at least one of a modification or an exception to the global IT policy data, and wherein the merged IT policy data is generated before being sent to the at least one special user;

sending the merged IT policy data to the mobile device associated with the at least one special user within the group;

receiving an acknowledgement from the mobile device associated with the at least one special user within the group, wherein the acknowledgment confirms that the merged IT policy data is received and applied;

writing a status of the merged IT policy data to an IT policy table in a management database when the acknowledgement is received; and

sending a notification to at least one application residing on the mobile device associated with the at least one special user within the group that received the merged IT policy data when the at least one application is affected by the merged IT policy data.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method are described herein for standardizing an IT policy that is used to configure devices operating on a network. An IT policy can be generated that applies to a group of users or to one or more special users without having to define and store a new IT policy for each special user. This can be achieved by specifying global and per-user IT policy rules and merging these rules as needed to produce IT policy data.

Citations

23 Claims

1. A method of providing an IT policy to configure a plurality of mobile devices associated with a group of users, the IT policy comprising a set of rules that dictate the functionality or specific values for configuration settings of the plurality of mobile devices, wherein the IT policy comprises IT policy data that is customizable on a per-user basis and the method is implemented by a processor, and the method comprises:
- checking for a change made to a global IT policy;
  
  noting a first group of users for which the change in the global IT policy applies;
  
  checking for at least one special user in the first group of users that have per-user IT policy rules;
  
  generating global IT policy data based on settings in a first data structure associated with global IT policy rules that are applicable to all users within the group of users;
  
  generating per-user IT policy data based on settings in a second data structure associated with the per-user IT policy rules that are applicable to the at least one special user within the group of users;
  
  generating merged IT policy data for the at least one special user by merging the global IT policy data with the per-user IT policy data, wherein the per-user IT policy data in the merged IT policy data defines at least one of a modification or an exception to the global IT policy data, and wherein the merged IT policy data is generated before being sent to the at least one special user;
  
  sending the merged IT policy data to the mobile device associated with the at least one special user within the group;
  
  receiving an acknowledgement from the mobile device associated with the at least one special user within the group, wherein the acknowledgment confirms that the merged IT policy data is received and applied;
  
  writing a status of the merged IT policy data to an IT policy table in a management database when the acknowledgement is received; and
  
  sending a notification to at least one application residing on the mobile device associated with the at least one special user within the group that received the merged IT policy data when the at least one application is affected by the merged IT policy data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein merging comprises overriding settings in the global IT policy data with settings in the per-user IT policy data for conflicting IT policy rules in the global and per-user IT policy data.
  - 3. The method of claim 1, wherein both the global and per-user IT policy rules comprise grouped IT policy rules with associated sub-IT policy rules, and during merging, the global and per-user IT policy data corresponding to sub-IT policy rules associated with one of the grouped IT policy rules are grouped together.
  - 4. The method of claim 1, wherein the method comprises storing IT policy rules in an IT policy table, the IT policy rules comprising the global IT policy rules and the per-user IT policy rules, and the method further comprises using a field in the IT policy table to indicate whether a given IT policy rule is settable on a per-user basis.
  - 5. The method of claim 1, wherein the method further comprises storing global IT policy data for a global IT policy, and storing per-user IT policy data for a per-user IT policy.
  - 6. The method of claim 1, wherein the sending comprises sending the global IT policy data to all of the users in the group that do not have any applicable per-user IT policy data.
  - 7. The method of claim 1, wherein the method comprises using tag-length-value encoding for generating IT policy data based on IT policy rules.
  - 8. The method of claim 1, wherein the sending comprises adding a header to the merged IT policy data to add security data, and to format the merged IT policy data for transmission to the mobile devices.
  - 9. The method of claim 1, wherein the sending comprises sending the merged IT policy data to the mobile devices via one of a wireless connection for a wireless network, and a wired connection for a wired network.
  - 10. The method of claim 1, wherein the generating of the merged IT policy data is based on a change in at least one of the global IT policy data and the per-user IT policy data.

11. A computer program product comprising a non-transitory computer readable medium embodying program code means executable by a processor for performing a method for providing an IT policy to configure a plurality of mobile devices associated with a group of users on a network, the IT policy comprising a set of rules that dictate the functionality or specific values for configuration settings of the plurality of mobile devices, wherein the IT policy comprises IT policy data that is customizable on a per-user basis and the method comprises:
- checking for a change made to a global IT policy;
  
  noting a first group of users for which the change in the global IT policy applies;
  
  checking for at least one special user in the first group of users that have per-user IT policy rules;
  
  generating global IT policy data based on settings in a first data structure associated with global IT policy rules that are applicable to all users within the group of users;
  
  generating per-user IT policy data based on settings in a second data structure associated with the per-user IT policy rules that are applicable to the at least one special user within the group of users;
  
  generating merged IT policy data for the at least one special user by merging the global IT policy data with the per-user IT policy data, wherein the per-user IT policy data in the merged IT policy data defines at least one of a modification or an exception to the global IT policy data, and wherein the merged IT policy data is generated before being sent to the at least one special user;
  
  sending the merged IT policy data to the mobile device associated with the at least one special user within the group;
  
  receiving an acknowledgement from the mobile device associated with the at least one special user within the group, wherein the acknowledgment confirms that the merged IT policy data is received and applied;
  
  writing a status of the merged IT policy data to an IT policy table in a management database when the acknowledgement is received; and
  
  sending a notification to at least one application residing on the mobile device associated with the at least one special user within the group that received the merged IT policy data when the at least one application is affected by the merged IT policy data.
- View Dependent Claims (12)
- - 12. The computer program product of claim 11, wherein the program code means executable by the processor is operable to generate the merged IT policy data based on a change in at least one of the global IT policy data and the per-user IT policy data.

13. An IT policy server for providing an IT policy to configure a plurality of mobile devices associated with a group of users on a network, the IT policy comprising a set of rules that dictate the functionality or specific values for configuration settings of the plurality of mobile devices, wherein the IT policy comprises IT policy data that is customizable on a per-user basis and the IT policy server comprises:
- a processor adapted to generate the IT policy data;
  
  a network interface connected to the processor, the network interface being adapted to allow the IT policy server to communicate with the network; and
  
  a memory unit connected to the processor, the memory unit being adapted to store applications and data related to the IT policy, wherein, the processor is configured to check for a change made to a global IT policy, to note a first group of users for which the change in the global IT policy applies, to check for at least one special user in the first group of users that have per-user IT policy rules, to generate global IT policy data based on settings in a first data structure associated with global IT policy rules that are applicable to all users within the group of users, to generate per-user IT policy data based on settings in a second data structure associated with the per-user IT policy rules that are applicable to the at least one special user within the group of users, to generate merged IT policy data for the at least one special user by merging the global IT policy data with the per-user IT policy data, wherein the per-user IT policy data in the merged IT policy data defines at least one of a modification or an exception to the global IT policy data, and wherein the merged IT policy data is generated before being sent to the at least one special user, to send the merged IT policy data to the mobile device associated with the at least one special user within the group, to receive an acknowledgement from the mobile device associated with the at least one special user within the group, the acknowledgment confirming that the merged IT policy data is received and applied, and to write a status of the merged IT policy data to an IT policy table in a management database when the acknowledgement is received,wherein the mobile device associated with the at least one special user within the group that received the merged IT policy data is configured to send a notification to at least one application residing on the mobile device when the at least one application is affected by the merged IT policy data.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
- - 14. The IT policy server of claim 13, wherein during merging, the IT policy server overrides settings in the global IT policy data with settings in the per-user IT policy data for conflicting IT policy rules in the global and per-user IT policy data.
  - 15. The IT policy server of claim 13, wherein both the global and per-user IT policy rules comprise grouped IT policy rules with associated sub-IT policy rules, and during merging, the IT policy server groups together global and per-user IT policy data corresponding to sub-IT policy rules associated with one of the grouped IT policy rules.
  - 16. The IT policy server of claim 13, wherein the IT policy server stores IT policy rules in an IT policy table, the IT policy rules comprise the global IT policy rules and the per-user IT policy rules, and the IT policy table comprises a field to indicate whether a given IT policy rule is settable on a per-user basis.
  - 17. The IT policy server of claim 13, wherein the IT policy server stores global IT policy data for a global IT policy, and per-user IT policy data for a per-user IT policy.
  - 18. The IT policy server of claim 13, wherein the IT policy server sends the global IT policy data to all of the users in the group that do not have any applicable per-user IT policy data.
  - 19. The IT policy server of claim 13, wherein the IT policy server uses tag-length-value encoding for generating IT policy data based on IT policy rules.
  - 20. The IT policy server of claim 13, wherein the IT policy server adds a header to the appropriate IT policy data to add security data, and to format the appropriate IT policy data for transmission to the mobile devices.
  - 21. The IT policy server of claim 13, wherein the processor is configured to generate the merged IT policy data based on a change in at least one of the global IT policy data and the per-user IT policy data.

22. A communications system for providing an IT policy to configure a plurality of mobile devices associated with a group of users of the system, the IT policy comprising a set of rules that dictate the functionality or specific values for configuration settings of the plurality of mobile devices, wherein the IT policy comprises IT policy data that is customizable on a per-user basis and the system comprises:
- an IT policy server comprising;
  
  a processor adapted to generate the IT policy data;
  
  a network interface connected to the processor, the network interface being adapted to allow the IT policy server to communicate with the network; and
  
  a memory unit connected to the processor, the memory unit being adapted to store applications and data related to the IT policy,wherein, the processor is configured to check for a change made to a global IT policy, to note a first group of users for which the change in the global IT policy applies, to check for at least one special user in the first group of users that have per-user IT policy rules, to generate global IT policy data based on settings in a first data structure associated with global IT policy rules that are applicable to all users within the group of users, to generate per-user IT policy data based on settings in a second data structure associated with the per-user IT policy rules that are applicable to the at least one special user within the group of users, to generate merged IT policy data for the at least one special user by merging the global IT policy data with the per-user IT policy data, wherein the per-user IT policy data in the merged IT policy data defines at least one of a modification or an exception to the global IT policy data, and wherein the merged IT policy data is generated before being sent to the at least one special user, to send the merged IT policy data to the mobile device associated with the at least one special user within the group, and to receive an acknowledgement from the mobile device associated with the at least one special user within the group, the acknowledgment confirming that the merged IT policy data is received and applied, and to write a status of the merged IT policy data to an IT policy table in a management database when the acknowledgement is received; and
  
  a plurality of mobile devices connected to the network,wherein the mobile device associated with the at least one special user within the group that received the merged IT policy data is configured to send a notification to at least one application residing on the mobile device when the at least one application is affected by the merged IT policy data.
- View Dependent Claims (23)
- - 23. The communications system of claim 22, wherein the processor is configured to generate the merged IT policy data based on a change in at least one of the global IT policy data and the per-user IT policy data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Research In Motion Limited (Blackberry Limited)
Inventors
Roberts, Phillip, Rawlins, Rudy, Hanson, Ron
Primary Examiner(s)
Hoffman, Brandon
Assistant Examiner(s)
TRUONG, THONG P

Application Number

US11/362,481
Publication Number

US 20070204324A1
Time in Patent Office

2,479 Days
Field of Search

726/1, 709/223, 709/203, 713/1
US Class Current

726/1
CPC Class Codes

G06F 21/31   User authentication

H04L 41/0893   Assignment of logical group...

H04L 41/0894   Policy-based network config...

H04L 63/102   Entity profiles

H04L 63/104   Grouping of entities

H04L 63/20   for managing network securi...

H04W 8/245   from a network towards a te...

Method of customizing a standardized IT policy

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Method of customizing a standardized IT policy

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links