Using derived credentials for enrollment with enterprise mobile device management services
First Claim
1. A method comprising:
- receiving, by a mobile computing device, a command to enroll with an enterprise mobile device management server;
in response to receiving the command to enroll with the enterprise mobile device management server, launching, by the mobile computing device, an enrollment application;
requesting, by the mobile computing device, using the enrollment application, configuration information for the enterprise mobile device management server from an automatic discovery service;
after requesting the configuration information for the enterprise mobile device management server from the automatic discovery service, receiving, by the mobile computing device, a message comprising the configuration information for the enterprise mobile device management server from the automatic discovery service;
sending, by the mobile computing device, using the enrollment application, an enrollment request message to the enterprise mobile device management server, wherein the enrollment request message comprises the configuration information for the enterprise mobile device management server received from the automatic discovery service;
switching, by the mobile computing device, from the enrollment application to a certificate management system application on the mobile computing device;
requesting, by the mobile computing device, using the certificate management system application, one or more derived credentials from a certificate management system server;
storing, by the mobile computing device, using the certificate management system application, the one or more derived credentials in a shared vault on the mobile computing device;
switching, by the mobile computing device, from the certificate management system application to the enrollment application;
retrieving, by the mobile computing device, using the enrollment application, a derived credential of the one or more derived credentials stored in the shared vault on the mobile computing device; and
providing, by the mobile computing device, using the enrollment application, the derived credential of the one or more derived credentials retrieved using the enrollment application to the enterprise mobile device management server to enroll the mobile computing device with at least one mobile device management service provided by the enterprise mobile device management server.
7 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and computer-readable media for using derived credentials to enroll a mobile computing device with an enterprise mobile device management system are described herein. In various embodiments, a mobile computing device, responsive to a command to enroll with an enterprise mobile device management server, may launch an enrollment application; send an enrollment request message to the enterprise mobile device management server; switch to a certificate management system application on the mobile computing device; request one or more derived credentials from a certificate management system server; store the one or more derived credentials in a shared vault on the mobile computing device; switch to the enrollment application; retrieve a derived credential of the one or more derived credentials stored in the shared vault; and, provide the derived credential to the enterprise mobile device management server to enroll the mobile computing device with at least one mobile device management service.
19 Citations
18 Claims
-
1. A method comprising:
-
receiving, by a mobile computing device, a command to enroll with an enterprise mobile device management server; in response to receiving the command to enroll with the enterprise mobile device management server, launching, by the mobile computing device, an enrollment application; requesting, by the mobile computing device, using the enrollment application, configuration information for the enterprise mobile device management server from an automatic discovery service; after requesting the configuration information for the enterprise mobile device management server from the automatic discovery service, receiving, by the mobile computing device, a message comprising the configuration information for the enterprise mobile device management server from the automatic discovery service; sending, by the mobile computing device, using the enrollment application, an enrollment request message to the enterprise mobile device management server, wherein the enrollment request message comprises the configuration information for the enterprise mobile device management server received from the automatic discovery service; switching, by the mobile computing device, from the enrollment application to a certificate management system application on the mobile computing device; requesting, by the mobile computing device, using the certificate management system application, one or more derived credentials from a certificate management system server; storing, by the mobile computing device, using the certificate management system application, the one or more derived credentials in a shared vault on the mobile computing device; switching, by the mobile computing device, from the certificate management system application to the enrollment application; retrieving, by the mobile computing device, using the enrollment application, a derived credential of the one or more derived credentials stored in the shared vault on the mobile computing device; and providing, by the mobile computing device, using the enrollment application, the derived credential of the one or more derived credentials retrieved using the enrollment application to the enterprise mobile device management server to enroll the mobile computing device with at least one mobile device management service provided by the enterprise mobile device management server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A system, comprising:
-
at least one processor; and at least one memory storing computer executable instructions that, when executed by the at least one processor, cause the system to; receive a command to enroll with an enterprise mobile device management server; in response to receiving the command to enroll with the enterprise mobile device management server, launch an enrollment application; request, using the enrollment application, configuration information for the enterprise mobile device management server from an automatic discovery service; after requesting the configuration information for the enterprise mobile device management server from the automatic discovery service, receiving a message comprising the configuration information for the enterprise mobile device management server from the automatic discovery service; send, using the enrollment application, an enrollment request message to the enterprise mobile device management server, wherein the enrollment request message comprises the configuration information for the enterprise mobile device management server received from the automatic discovery service; switch from the enrollment application to a certificate management system application; request, using the certificate management system application, one or more derived credentials from a certificate management system server; store, using the certificate management system application, the one or more derived credentials in a shared vault; switch from the certificate management system application to the enrollment application; retrieve, using the enrollment application, a derived credential of the one or more derived credentials stored in the shared vault; and provide, using the enrollment application, the derived credential of the one or more derived credentials retrieved using the enrollment application to the enterprise mobile device management server to enroll with at least one mobile device management service provided by the enterprise mobile device management server.
-
-
18. One or more non-transitory computer-readable medium storing computer-executable instructions that, when executed by a computer system comprising at least one processor, and least one memory, cause the computer system to perform a method comprising:
-
receiving a command to enroll with an enterprise mobile device management server; in response to receiving the command to enroll with the enterprise mobile device management server, launching an enrollment application; requesting, using the enrollment application, configuration information for the enterprise mobile device management server from an automatic discovery service; after requesting the configuration information for the enterprise mobile device management server from the automatic discovery service, receiving a message comprising the configuration information for the enterprise mobile device management server from the automatic discovery service; sending, using the enrollment application, an enrollment request message to the enterprise mobile device management server, wherein the enrollment request message comprises the configuration information for the enterprise mobile device management server received from the automatic discovery service; switching from the enrollment application to a certificate management system application; requesting, using the certificate management system application, one or more derived credentials from a certificate management system server; storing, using the certificate management system application, the one or more derived credentials in a shared vault; switching from the certificate management system application to the enrollment application; retrieving, using the enrollment application, a derived credential of the one or more derived credentials stored in the shared vault; and providing, using the enrollment application, the derived credential of the one or more derived credentials retrieved using the enrollment application to the enterprise mobile device management server to enroll with at least one mobile device management service provided by the enterprise mobile device management server.
-
Specification