Unified policy over heterogenous device types
First Claim
1. A method of enforcing a policy on a client device, comprising:
- receiving, in a client device, a policy definition from a network, wherein the policy definition is a generic definition that is applicable to disparate device types having different hardware and software platforms;
evaluating the received policy definition in a client policy engine located on the client device by comparing the policy definition to use or functionality available on the client device, wherein the evaluating includes determining a mode in which a user is using the client device, the mode depending on whether the user logs in as a work mode or a play mode; and
enforcing the policy by modifying the functionality available on the client device based on the evaluation, including the mode, wherein the client policy engine adapts the generic policy definition to a specific platform on the client device.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method are disclosed for enforcing a normalized set of policy-based behaviors across two or more disparate client devices. The policy definition can be a common description of expected behavior, while a client-side policy engine interprets and implements platform specific details associated with the client. In one embodiment, a client device receives a generic policy definition from a network. The generic policy definition is applicable to disparate device types having different hardware and/or software platforms. A client policy engine can analyze the generic policy definition, compare it to client-side applications or functions and make intelligent decisions on how to apply the policy for the specific client.
19 Citations
17 Claims
-
1. A method of enforcing a policy on a client device, comprising:
-
receiving, in a client device, a policy definition from a network, wherein the policy definition is a generic definition that is applicable to disparate device types having different hardware and software platforms; evaluating the received policy definition in a client policy engine located on the client device by comparing the policy definition to use or functionality available on the client device, wherein the evaluating includes determining a mode in which a user is using the client device, the mode depending on whether the user logs in as a work mode or a play mode; and enforcing the policy by modifying the functionality available on the client device based on the evaluation, including the mode, wherein the client policy engine adapts the generic policy definition to a specific platform on the client device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of enforcing a policy across disparate client devices, comprising:
-
receiving, in a first client device, a policy definition from a network; receiving, in a second client device, which is a different device type from the first client device, the same policy definition from the network; enforcing the policy across the first and second client devices by modifying the functionality available on the first and second client devices based on the same policy definition, the policy definition defining functionality available on the first and second client devices based on a mode in which a user is logged into the first client device, wherein the mode is controlled by whether the user logs into the first client device in a work mode or a play mode. - View Dependent Claims (11, 12, 13, 14)
-
-
15. An apparatus for enforcing a policy on a client device, comprising:
-
a policy service client for receiving a policy definition from a network; at least one hardware processor executing a client policy agent located on the client device for collecting information about the client device including a usage log stored in memory on the client device; and a client policy engine coupled to both the policy service client and the client policy agent for receiving the policy definition from the policy service client and the information from the client policy agent, and for determining whether functionality available on the client device conforms with the policy definition, wherein the policy definition changes based on a user mode, which is a work or play mode. - View Dependent Claims (16, 17)
-
Specification