Defining and implementing policies on managed object-enabled mobile devices
First Claim
1. A system to define and enforce policies on an Open Mobile Alliance Device Management (OMA DM) enabled mobile client device coupled to a server computer over a computer network, comprising:
- a mobile client device comprising a processor and a non-transitory memory;
a server-side process configured to allow creation, modification and transmission of defined policies including decision policies and active policies to the mobile client device, wherein the decision policies control access to mobile client device resources using one or more of a role of a user requesting access and a circumstance of the request, wherein the active policies associate one or more operations of the client device with an occurrence; and
a client-side process executed on the mobile client device and configured to store the defined policies in an OMA DM management tree in the memory of the mobile client device as management objects, wherein each policy of the defined policies is represented as a subnode of the management tree, wherein a policy conflict module determines a set of the defined policies relating to at least one of the occurrence and the one or more of a role of a user and a circumstance of the request, identifies conflicts between defined polices of the set before application of any defined policy of the set, and resolves the conflicts using a priority.
3 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of a system configured to manage policies, including decision policies and active policies, on an Open Mobile Alliance Device Management (OMA DM) enabled mobile client devices is described. The system is configured to manage policies, including decision policies and active policies, on mobile devices. The system includes a device policy repository, a policy decision point, a decision policy enforcer, and an active policy enforcer. The system includes a server-side process configured to allow creation, modification and transmission of defined policies to the mobile client device, and a client-side process executed on the mobile client device and configured store the defined policies in an OMA DM management tree in the mobile client device as management objects, wherein each policy of the defined policies is represented as a subnode of the management tree.
-
Citations
16 Claims
-
1. A system to define and enforce policies on an Open Mobile Alliance Device Management (OMA DM) enabled mobile client device coupled to a server computer over a computer network, comprising:
-
a mobile client device comprising a processor and a non-transitory memory; a server-side process configured to allow creation, modification and transmission of defined policies including decision policies and active policies to the mobile client device, wherein the decision policies control access to mobile client device resources using one or more of a role of a user requesting access and a circumstance of the request, wherein the active policies associate one or more operations of the client device with an occurrence; and a client-side process executed on the mobile client device and configured to store the defined policies in an OMA DM management tree in the memory of the mobile client device as management objects, wherein each policy of the defined policies is represented as a subnode of the management tree, wherein a policy conflict module determines a set of the defined policies relating to at least one of the occurrence and the one or more of a role of a user and a circumstance of the request, identifies conflicts between defined polices of the set before application of any defined policy of the set, and resolves the conflicts using a priority. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of defining and enforcing policies on an Open Mobile Alliance Device Management (OMA DM) enabled mobile client device coupled to a server computer over a computer network, comprising:
-
executing a server-side process that is operable to allow creation, modification and transmission by a system administrator of defined policies including decision policies and active policies to the mobile client device, wherein the decision policies control access to mobile client device resources using one or more of a role of a user requesting access and a circumstance of the request, wherein the active policies associate one or more operations of the client device with an occurrence; and executing a client-side process on the mobile client device that is operable to store the defined policies in an OMA DM management tree in the mobile client device as management objects, wherein each policy of the defined policies is represented as a subnode of the management tree, and further wherein the management tree comprises a root node defining a policy group that has one or more policy instance subnodes, wherein a policy conflict module determines a set of the defined policies relating to at least one of the occurrence and the one or more of a role of a user and a circumstance of the request, identifies conflicts between defined polices of the set before application of any defined policy of the set, and resolves the conflicts using a priority. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification