Method and apparatus for protecting access to corporate applications from a mobile device

US 9,246,947 B2
Filed: 04/02/2014
Issued: 01/26/2016
Est. Priority Date: 04/03/2013
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method performed by a computerized device, comprising:

receiving a security policy associated with usage of an application by a user using a mobile device, the security policy comprising at least one vulnerability indication, wherein the security policy is determined based upon the application and an identity of a user of the mobile device;

receiving at least partial code of the application;

identifying at least one JavaScript instruction in the code, the at least one JavaScript instruction associated with the security vulnerability; and

adding additional JavaScript instructions to the code for handling the security vulnerability, wherein adding the additional JavaScript instructions to the code is performed for the application prior to downloading the application to the mobile device.

View all claims

17 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method, apparatus and computer program product for providing secure consumption of applications from mobile devices, The method comprises receiving a security policy associated with usage of an application by a user using a mobile device, the security policy comprising at least one vulnerability indication; receiving at least partial code of the application; identifying at least one JavaScript instruction in the code, the at least one JavaScript instruction associated with the security vulnerability; and adding additional JavaScript instructions to the code for handling the security vulnerability.

5 Citations

15 Claims

1. A computer-implemented method performed by a computerized device, comprising:
- receiving a security policy associated with usage of an application by a user using a mobile device, the security policy comprising at least one vulnerability indication, wherein the security policy is determined based upon the application and an identity of a user of the mobile device;
  
  receiving at least partial code of the application;
  
  identifying at least one JavaScript instruction in the code, the at least one JavaScript instruction associated with the security vulnerability; and
  
  adding additional JavaScript instructions to the code for handling the security vulnerability, wherein adding the additional JavaScript instructions to the code is performed for the application prior to downloading the application to the mobile device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The computer-implemented method of claim 1, wherein the at least partial code is a web page or a resource of the application.
  - 3. The computer-implemented method of claim 1, wherein the security vulnerability relates to storing information received from the application on the mobile device.
  - 4. The computer-implemented method of claim 1, further comprising identifying a second security vulnerability associated with at least one item selected from the group consisting of:
    - handling cookies on the mobile device; and
      
      accessing external URLs from the mobile device.
  - 5. The computer-implemented method of claim 1, further comprising:
    - identifying a second security vulnerability associated with an attempt to download a file to the mobile device; and
      
      protecting the file by presenting the file to a user using a secure application or a web browser without downloading the file to the mobile device, in accordance with the security policy.
  - 6. The computer-implemented method of claim 1, wherein the security policy is further determined based upon a geographic location of the mobile device.
  - 7. The computer-implemented method of claim 1, wherein the method is performed by a gateway server, and wherein the mobile device and an application server communicate through the gateway server when the mobile device executes the application.

8. A computerized apparatus comprising:
- a hardware processor, the hardware processor being adapted to perform the steps of;
  
  receiving a security policy associated with usage of an application by a user using a mobile device, the security policy comprising at least one vulnerability indication, wherein the security policy is determined based upon the application and an identity of a user of the mobile device;
  
  receiving at least partial code of the application;
  
  identifying at least one JavaScript instruction in the code, the at least one JavaScript instruction associated with the security vulnerability; and
  
  adding additional JavaScript instructions to the code for handling the security vulnerability, wherein adding the additional JavaScript instructions to the code is performed for the application prior to downloading the application to the mobile device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The apparatus of claim 8, wherein the at least partial code is a web page or resource of the application.
  - 10. The apparatus of claim 8, wherein the security vulnerability relates to storing information received from the application on the mobile device.
  - 11. The apparatus of claim 8, wherein the processor is further adapted to identify a second security vulnerability associated with at least one item selected from the group consisting of:
    - handling cookies on the mobile device; and
      
      accessing external URLs from the mobile device.
  - 12. The apparatus of claim 8, wherein the security policy is further determined based upon a geographic location of the mobile device.
  - 13. The apparatus of claim 8, wherein the computerized apparatus is a gateway server, and wherein the mobile device and an application server communicate through the gateway server when the mobile device executes the application.
  - 14. The apparatus of claim 8, wherein the processor is further adapted to:
    - identify a second security vulnerability associated with an attempt to download a file to the mobile device; and
      
      protect the file by presenting the file to a user using a secure application without downloading the file to the mobile device.

15. A non-transitory computer readable medium comprising:
- instructions that when executed cause a computer to perform a process;
  
  a first program instruction for receiving a security policy associated with usage of an application by a user using a mobile device, the security policy comprising at least one vulnerability indication, wherein the security policy is determined based upon the application and an identity of a user of the mobile device;
  
  a second program instruction for receiving at least partial code of the application;
  
  a third program instruction for identifying at least one JavaScript instruction in the code, the at least one JavaScript instruction associated with the security vulnerability; and
  
  a fourth program instruction for adding additional JavaScript instructions to the code for handling the security vulnerability, wherein adding the additional JavaScript instructions to the code is performed for the application prior to downloading the application to the mobile device,wherein said first, second, third and fourth program instructions are stored on said non-transitory computer readable medium.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ivanti, Inc. (Ivanti Software, Inc.)
Original Assignee
Crimson Corporation
Inventors
Livne, Eran
Primary Examiner(s)
Nalven, Andrew
Assistant Examiner(s)
Li, Mary

Application Number

US14/243,119
Publication Number

US 20140304766A1
Time in Patent Office

664 Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/1433 Vulnerability analysis

H04L 63/20 for managing network securi...

Method and apparatus for protecting access to corporate applications from a mobile device

First Claim

17 Assignments

0 Petitions

Accused Products

Abstract

5 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for protecting access to corporate applications from a mobile device

First Claim

17 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

5 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links