Provisioning work environments on personal mobile devices
First Claim
1. A method of provisioning a business mobile device on a personal mobile device comprising:
- binding a mobile application for provisioning the business mobile device to a privileged component of a host operating system of the personal mobile device, wherein the binding enables a software virtualization layer and a management service component of the mobile application to execute in a privileged mode;
downloading, through the mobile application, a virtual phone image for the business mobile device and security-related policy settings relating to use of the business mobile device from a mobile management server managed by an employer of a user of the personal mobile device, wherein the software virtualization layer is able to launch a virtual machine for the business mobile device based on the virtual phone image; and
permanently removing the virtual phone image of the business mobile device without affecting a personal use of the personal mobile device upon expiration of an auto-wipe time period specified in the security-related policy settings, wherein the management service component is configured to prevent the user of the personal mobile device from terminating the management service component.
1 Assignment
0 Petitions
Accused Products
Abstract
A virtual business mobile device can be provisioned on a personal mobile device, by binding a mobile application for provisioning the business mobile device to a privileged component of a host operating system of the personal mobile device, wherein the binding enables a software virtualization layer and a management service component of the mobile application to execute in a privileged mode. The mobile application is then able to download a virtual phone image for the business mobile device and security-related policy settings relating to use of the business mobile device from a mobile management server, wherein the software virtualization layer is able to launch a virtual machine for the business mobile device based on the virtual phone image. Once the virtual phone image has been downloaded, the management service component initiates a periodic attempt to establish a connection with the mobile management server to comply with the downloaded security-related policy settings.
61 Citations
33 Claims
-
1. A method of provisioning a business mobile device on a personal mobile device comprising:
-
binding a mobile application for provisioning the business mobile device to a privileged component of a host operating system of the personal mobile device, wherein the binding enables a software virtualization layer and a management service component of the mobile application to execute in a privileged mode; downloading, through the mobile application, a virtual phone image for the business mobile device and security-related policy settings relating to use of the business mobile device from a mobile management server managed by an employer of a user of the personal mobile device, wherein the software virtualization layer is able to launch a virtual machine for the business mobile device based on the virtual phone image; and permanently removing the virtual phone image of the business mobile device without affecting a personal use of the personal mobile device upon expiration of an auto-wipe time period specified in the security-related policy settings, wherein the management service component is configured to prevent the user of the personal mobile device from terminating the management service component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A mobile device configured to support a virtual business mobile device comprising a processor configured to perform the steps of:
-
binding a mobile application for provisioning the virtual business mobile device to a privileged component of a host operating system of the mobile device, wherein the binding enables a software virtualization layer and a management service component of the mobile application to execute in a privileged mode; downloading, through the mobile application, a virtual phone image for the virtual business mobile device and security-related policy settings relating to use of the virtual business mobile device from a mobile management server managed by an employer of a user of the mobile device, wherein the software virtualization layer is able to launch a virtual machine for the virtual business mobile device based on the virtual phone image; and permanently removing the virtual phone image of the business mobile device without affecting a personal use of the personal mobile device upon expiration of an auto-wipe time period specified in the security-related policy settings, wherein the management service component is configured to prevent the user of the personal mobile device from terminating the management service component. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A non-transitory computer readable storage medium including instructions that cause a processor of a mobile device to provision a virtual business mobile device by perform the steps of:
-
binding a mobile application for provisioning the virtual business mobile device to a privileged component of a host operating system of the mobile device, wherein the binding enables a software virtualization layer and a management service component of the mobile application to execute in a privileged mode; downloading, through the mobile application, a virtual phone image for the virtual business mobile device and security-related policy settings relating to use of the virtual business mobile device from a mobile management server managed by an employer of a user of the mobile device, wherein the software virtualization layer is able to launch a virtual machine for the virtual business mobile device based on the virtual phone image; and permanently removing the virtual phone image of the business mobile device without affecting a personal use of the personal mobile device upon expiration of an auto-wipe time period specified in the security-related policy settings, wherein the management service component is configured to prevent the user of the personal mobile device from terminating the management service component. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification