Providing an enterprise application store

US 9,369,449 B2
Filed: 08/30/2013
Issued: 06/14/2016
Est. Priority Date: 03/29/2013
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving, at an application store associated with an enterprise organization, authentication credentials of an administrative user of the application store;

based on validating the authentication credentials of the administrative user, providing a mobile service management interface via the application store, wherein the mobile service management interface comprises at least one control configured to allow the administrative user to define one or more policies to be applied to at least one application available in the application store, and wherein the one or more policies are configured to control functionalities of the at least one application during execution of the at least one application on at least one mobile device;

after validating the authentication credentials of the administrative user, receiving a new application at the application store from the administrative user;

prompting the administrative user to define one or more policies to be applied to the new application, wherein prompting the administrative user to define one or more policies to be applied to the new application comprises;

identifying, by the application store, a set of policies for the new application, the set of policies for the new application comprising one or more default policies used by the enterprise organization; and

updating the mobile service management interface to include at least one control configured to allow the administrative user to manage the set of policies identified for the new application;

receiving at least one policy to be applied to the new application at the application store from the administrative user;

receiving, at the application store, a single sign-on (SSO) credential associated with a non-administrative user of the application store, the SSO credential comprising data enabling access to the application store and one or more other enterprise resources;

determining, at the application store, whether the SSO credential is valid;

based on determining that the SSO credential is valid, providing, by the application store, an enterprise application store interface;

receiving, by the application store, via the enterprise application store interface, a request for the new application;

configuring the new application at the application store by;

establishing, at the application store, one or more user-specific settings for the new application based on the SSO credential; and

applying, at the application store, one or more management policies to the new application based on the SSO credential and based on policy information that is maintained by the application store and created by the application stored based on input received via the mobile service management interface provided by the application store; and

providing, by the application store, the configured application to at least one recipient device associated with the SSO credential.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems, and computer-readable media for providing an application store are presented. In some embodiments, authentication credentials of an administrative user of an application store may be received at the application store. Based on validating the authentication credentials of the administrative user, a mobile service management interface may be provided via the application store. In addition, the mobile service management interface may include at least one control that is configured to allow the administrative user to define one or more policies to be applied to at least one application that is available in the application store.

471 Citations

20 Claims

1. A method, comprising:
- receiving, at an application store associated with an enterprise organization, authentication credentials of an administrative user of the application store;
  
  based on validating the authentication credentials of the administrative user, providing a mobile service management interface via the application store, wherein the mobile service management interface comprises at least one control configured to allow the administrative user to define one or more policies to be applied to at least one application available in the application store, and wherein the one or more policies are configured to control functionalities of the at least one application during execution of the at least one application on at least one mobile device;
  
  after validating the authentication credentials of the administrative user, receiving a new application at the application store from the administrative user;
  
  prompting the administrative user to define one or more policies to be applied to the new application, wherein prompting the administrative user to define one or more policies to be applied to the new application comprises;
  
  identifying, by the application store, a set of policies for the new application, the set of policies for the new application comprising one or more default policies used by the enterprise organization; and
  
  updating the mobile service management interface to include at least one control configured to allow the administrative user to manage the set of policies identified for the new application;
  
  receiving at least one policy to be applied to the new application at the application store from the administrative user;
  
  receiving, at the application store, a single sign-on (SSO) credential associated with a non-administrative user of the application store, the SSO credential comprising data enabling access to the application store and one or more other enterprise resources;
  
  determining, at the application store, whether the SSO credential is valid;
  
  based on determining that the SSO credential is valid, providing, by the application store, an enterprise application store interface;
  
  receiving, by the application store, via the enterprise application store interface, a request for the new application;
  
  configuring the new application at the application store by;
  
  establishing, at the application store, one or more user-specific settings for the new application based on the SSO credential; and
  
  applying, at the application store, one or more management policies to the new application based on the SSO credential and based on policy information that is maintained by the application store and created by the application stored based on input received via the mobile service management interface provided by the application store; and
  
  providing, by the application store, the configured application to at least one recipient device associated with the SSO credential.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein the at least one control is further configured to allow the administrative user to define different policies for different users of the at least one application.
  - 3. The method of claim 2, wherein the different policies are defined for different user roles.
  - 4. The method of claim 1, further comprising:
    - receiving a policy change for a first application via the mobile service management interface; and
      
      providing, by the application store, information associated with the policy change to at least one mobile device having the first application.
  - 5. The method of claim 4, further comprising:
    - prior to providing the information associated with the policy change to the at least one mobile device having the first application;
      
      receiving, at the application store, from a first policy agent on a first mobile device of the at least one mobile device having the first application, a request for updated policy information for the first application; and
      
      based on receiving the request for the updated policy information for the first application, determining, at the application store, whether one or more policies for the first application have been updated based on the policy information that is maintained by the application store and created by the application store based on the input received via the mobile service management interface provided by the application store.
  - 6. The method of claim 4, further comprising:
    - prior to providing the information associated with the policy change to the at least one mobile device having the first application, determining, by the application store, that the first application is present on one or more devices.
  - 7. The method of claim 6, wherein determining that the first application is present on one or more devices comprises determining that the first application is present on a first mobile device based on version history information maintained by the application store for a plurality of users of the application store.
  - 8. The method of claim 6, wherein determining that the first application is present on one or more devices comprises determining that the first application is present on a first mobile device based on on-device monitoring information received by the application store for a plurality of users of the application store.
  - 9. The method of claim 6, wherein determining that the first application is present on one or more devices comprises determining that the first application is present on a first mobile device based on download history information maintained by the application store for a plurality of users of the application store.
  - 10. The method of claim 9, wherein the download history information maintained by the application store for the plurality of users of the application store comprises a plurality of user-keyed application download records that indicate, for each user of the plurality of users of the application store, device identifying information, version information, and name information of each application that has been downloaded from the application store by a corresponding user of the application store.
  - 11. The method of claim 1, wherein the mobile service management interface is provided in response to receiving the at least one application at the application store.
  - 12. The method of claim 1, wherein configuring the new application further comprises:
    - accessing, by the application store, one or more enterprise resources using the SSO credential;
      
      obtaining, by the application store, user-specific information from the one or more enterprise resources based on the SSO credential; and
      
      using the user-specific information in establishing the one or more user-specific settings for the new application.
  - 13. The method of claim 1,wherein the configured application provided to the at least one recipient device is a stub application that corresponds to a virtualized application,wherein the application store stores data indicating that the stub application was configured based on the SSO credential, andwherein a virtualization platform associated with the virtualized application uses the stored data in authenticating a user of the stub application when the stub application is launched.
  - 14. The method of claim 13, wherein execution of the virtualized application is enabled by the SSO credential.

15. An apparatus, comprising:
- at least one processor; and
  
  memory storing computer-readable instructions that, when executed by the at least one processor, cause the apparatus to;
  
  receive, at an application store associated with an enterprise organization, authentication credentials of an administrative user of the application store;
  
  based on validating the authentication credentials of the administrative user, provide a mobile service management interface via the application store, wherein the mobile service management interface comprises at least one control configured to allow the administrative user to define one or more policies to be applied to at least one application available in the application store, and wherein the one or more policies are configured to control functionalities of the at least one application during execution of the at least one application on at least one mobile device;
  
  after validating the authentication credentials of the administrative user, receive a new application at the application store from the administrative user;
  
  prompt the administrative user to define one or more policies to be applied to the new application, wherein prompting the administrative user to define one or more policies to be applied to the new application comprises;
  
  identifying, by the application store, a set of policies for the new application, the set of policies for the new application comprising one or more default policies used by the enterprise organization; and
  
  updating the mobile service management interface to include at least one control configured to allow the administrative user to manage the set of policies identified for the new application;
  
  receive at least one policy to be applied to the new application at the application store from the administrative user;
  
  receive, at the application store, a single sign-on (SSO) credential associated with a non-administrative user of the application store, the SSO credential comprising data enabling access to the application store and one or more other enterprise resources;
  
  determine, at the application store, whether the SSO credential is valid;
  
  based on determining that the SSO credential is valid, provide, by the application store, an enterprise application store interface;
  
  receive, by the application store, via the enterprise application store interface, a request for the new application;
  
  configure the new application at the application store by;
  
  establishing, at the application store, one or more user-specific settings for the new application based on the SSO credential; and
  
  applying, at the application store, one or more management policies to the new application based on the SSO credential and based on policy information that is maintained by the application store and created by the application stored based on input received via the mobile service management interface provided by the application store; and
  
  provide, by the application store, the configured application to at least one recipient device associated with the SSO credential.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The apparatus of claim 15, wherein the at least one control is further configured to allow the administrative user to define different policies for different users of the at least one application.
  - 17. The apparatus of claim 16, wherein the different policies are defined for different user roles.
  - 18. The apparatus of claim 15, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, further cause the apparatus to:
    - receive a policy change for a first application via the mobile service management interface; and
      
      provide, by the application store, information associated with the policy change to at least one mobile device having the first application.
  - 19. The apparatus of claim 15, wherein the mobile service management interface is provided in response to receiving the at least one application at the application store.

20. One or more non-transitory computer-readable media storing instructions that, when executed, cause at least one computing device to:
- receive, at an application store, authentication credentials of an administrative user of the application store associated with an enterprise organization;
  
  based on validating the authentication credentials of the administrative user, provide a mobile service management interface via the application store, wherein the mobile service management interface comprises at least one control configured to allow the administrative user to define one or more policies to be applied to at least one application available in the application store, and wherein the one or more policies are configured to control functionalities of the at least one application during execution of the at least one application on at least one mobile device;
  
  after validating the authentication credentials of the administrative user, receive a new application at the application store from the administrative user;
  
  prompt the administrative user to define one or more policies to be applied to the new application, wherein prompting the administrative user to define one or more policies to be applied to the new application comprises;
  
  identifying, by the application store, a set of policies for the new application, the set of policies for the new application comprising one or more default policies used by the enterprise organization; and
  
  updating the mobile service management interface to include at least one control configured to allow the administrative user to manage the set of policies identified for the new application;
  
  receive at least one policy to be applied to the new application at the application store from the administrative user;
  
  receive, at the application store, a single sign-on (SSO) credential associated with a non-administrative user of the application store, the SSO credential comprising data enabling access to the application store and one or more other enterprise resources;
  
  determine, at the application store, whether the SSO credential is valid;
  
  based on determining that the SSO credential is valid, provide, by the application store, an enterprise application store interface;
  
  receive, by the application store, via the enterprise application store interface, a request for the new application;
  
  configure the new application at the application store by;
  
  establishing, at the application store, one or more user-specific settings for the new application based on the SSO credential; and
  
  applying, at the application store, one or more management policies to the new application based on the SSO credential and based on policy information that is maintained by the application store and created by the application stored based on input received via the mobile service management interface provided by the application store; and
  
  provide, by the application store, the configured application to at least one recipient device associated with the SSO credential.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citrix Systems, Inc. (Cloud Software Group)
Original Assignee
Citrix Systems, Inc. (Cloud Software Group)
Inventors
Batson, Kevin, Hayton, Richard
Primary Examiner(s)
Paliwal, Yogesh

Application Number

US14/015,194
Publication Number

US 20140298401A1
Time in Patent Office

1,019 Days
Field of Search

726/1
US Class Current

1/1
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/629   to features or functions of...

G06F 2221/2141   Access rights, e.g. capabil...

G06F 9/44505   Configuring for program ini...

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

H04L 67/10   in which an application is ...

H04L 67/34   involving the movement of s...

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

H04W 12/086   using security domains

H04W 12/088   using filters or firewalls

H04W 12/37   Managing security policies ...

Providing an enterprise application store

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

471 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Providing an enterprise application store

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

471 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links