Policy configuration for mobile device applications
First Claim
1. A method comprising:
- retrieving, using a processor, an access privilege associated with an application that is executable on a mobile device, and a list of trusted certificate authorities, from a removable memory device communicatively coupled with the mobile device, the access privilege indicating whether the application is permitted to access a network interface of the mobile device;
determining, using the processor, whether a digital certificate associated with the application has been signed by a first trusted certificate authority, the first trusted certificate authority being included in the list of trusted certificate authorities; and
when the digital certificate is determined to have been signed by the first trusted certificate authority, configuring the application based on at least the access privilege to have restricted access to the network interface of the mobile device, the access restricted to be through a virtual private network client that is on the mobile device and in communication with the network interface of the mobile device via a virtual private network tunnel established on the mobile device between the virtual private network client and the network interface.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, articles of manufacture, and apparatus to perform policy configuration for mobile device applications are disclosed. A disclosed example method includes determining whether a digital certificate associated with a application executable on a mobile device has been signed by a first trusted certificate authority, the first trusted certificate authority being included in a list of trusted certificate authorities hard-coded in the mobile device, and when the digital certificate is determined to have been signed by the first trusted certificate authority, configuring the application for execution on the mobile device based on an access privilege indicating a physical interface of the mobile device the application is permitted to access, and execution configuration information associated with the application.
111 Citations
20 Claims
-
1. A method comprising:
-
retrieving, using a processor, an access privilege associated with an application that is executable on a mobile device, and a list of trusted certificate authorities, from a removable memory device communicatively coupled with the mobile device, the access privilege indicating whether the application is permitted to access a network interface of the mobile device; determining, using the processor, whether a digital certificate associated with the application has been signed by a first trusted certificate authority, the first trusted certificate authority being included in the list of trusted certificate authorities; and when the digital certificate is determined to have been signed by the first trusted certificate authority, configuring the application based on at least the access privilege to have restricted access to the network interface of the mobile device, the access restricted to be through a virtual private network client that is on the mobile device and in communication with the network interface of the mobile device via a virtual private network tunnel established on the mobile device between the virtual private network client and the network interface. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A mobile device comprising:
-
a set of physical interfaces including a network interface; a first memory having machine readable instructions stored thereon; a processor to execute the instructions to perform operations comprising retrieving a set of access privileges that indicate which ones of the set of physical interfaces a first application executing on the mobile device is permitted to access, the processor to have access to a list of trusted certificate authorities authorized to sign digital certificates associated with applications, a first one of the access privileges to indicate that the first application is to have restricted access to the network interface, the access to be restricted to be through a virtual private network client that is on the mobile device and in communication with the network interface via a virtual private network tunnel established on the mobile device between the virtual private network client and the network interface; and a removable memory device to store the list of trusted certificate authorities and the set of access privileges, the processor to retrieve the list of trusted certificate authorities and the set of access privileges from the removable memory device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A tangible computer readable storage device comprising machine readable instructions that, when executed, cause a machine to perform operations comprising:
-
retrieving an access privilege associated with an application that is executable on a mobile device, and a list of trusted certificate authorities, from a removable memory device communicatively coupled with the mobile device, the access privilege indicating whether the application is permitted to access a network interface of the mobile device; determining whether a digital certificate associated with the application has been signed by a first trusted certificate authority, the first trusted certificate authority being included in the list of trusted certificate authorities; and when the digital certificate is determined to have been signed by the first trusted certificate authority, configuring the application based on at least the access privilege to have restricted access to the network interface of the mobile device, the access restricted to be through a virtual private network client that is on the mobile device and in communication with the network interface of the mobile device via a virtual private network tunnel established on the mobile device between the virtual private network client and the network interface. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification