Generic server framework for device authentication and management and a generic framework for endpoint command dispatch
First Claim
1. A method of initializing a user'"'"'s electronic device for secure connection to an enterprise computer network, the method comprising:
- sending, to an electronic device, a uniform resource locator (URL) that links to an enterprise computer network;
authenticating a user of the electronic device to the enterprise computer network, the user connecting the electronic device to the enterprise computer network using the URL;
installing a profile on the electronic device in response to the authenticating, the profile associated with the user;
posting, on a server of the enterprise computer network, an enrollment notification for the electronic device;
detecting, on the enterprise computer network, an inquiry for notifications from the electronic device;
pushing, from the enterprise computer network to the electronic device, a secure workspace application and a configuration for the secure workspace application in response to the detecting, the secure workspace application selected based on a device identifier of the electronic device and the profile; and
automatically enrolling the secure workspace application with the enterprise computer network as a child of the electronic device upon the secure workspace application being started on the electronic device.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, devices, and systems are described for enrolling a user'"'"'s bring-your-own-device for secure connection to a company'"'"'s enterprise computer network. From her mobile device, user clicks on a uniform resource locator (URL) to connect with the login web page on the enterprise network. After authentication, checks are performed to verify that the user has authorization to enroll the type of electronic device, and the profile is installed on the device. A notification is sent to the device by a server on the enterprise network, and a secure workspace application is pushed to the device along with configuration data that automatically links the workspace with the parent device enrollment. Once the user launches the secure workspace application the workspace access configuration data and initializes enrollment with the enterprise network, resulting in a linking of the secure workspace application with its parent device enrollment. The workspace is registered as a child of the parent device, and the lifecycle of the workspace is thus linked to that of the parent.
83 Citations
20 Claims
-
1. A method of initializing a user'"'"'s electronic device for secure connection to an enterprise computer network, the method comprising:
-
sending, to an electronic device, a uniform resource locator (URL) that links to an enterprise computer network; authenticating a user of the electronic device to the enterprise computer network, the user connecting the electronic device to the enterprise computer network using the URL; installing a profile on the electronic device in response to the authenticating, the profile associated with the user; posting, on a server of the enterprise computer network, an enrollment notification for the electronic device; detecting, on the enterprise computer network, an inquiry for notifications from the electronic device; pushing, from the enterprise computer network to the electronic device, a secure workspace application and a configuration for the secure workspace application in response to the detecting, the secure workspace application selected based on a device identifier of the electronic device and the profile; and automatically enrolling the secure workspace application with the enterprise computer network as a child of the electronic device upon the secure workspace application being started on the electronic device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A non-transitory computer-readable medium for initializing a user'"'"'s electronic device for secure connection to an enterprise computer network, the medium comprising instructions stored thereon, that when executed on a processor, perform operations comprising:
-
sending, to an electronic device, a uniform resource locator (URL) that links to an enterprise computer network; authenticating a user of the electronic device to the enterprise computer network, the user connecting the electronic device to the enterprise computer network using the URL; installing a profile on the electronic device in response to the authenticating, the profile associated with the user; posting, on a server of the enterprise computer network, an enrollment notification for the electronic device; detecting, on the enterprise computer network, an inquiry for notifications from the electronic device; pushing, from the enterprise computer network to the electronic device, a secure workspace application and a configuration for the secure workspace application in response to the detecting, the secure workspace application selected based on a device identifier of the electronic device and the profile; and automatically enrolling the secure workspace application with the enterprise computer network as a child of the electronic device upon the secure workspace application being started on the electronic device. - View Dependent Claims (13, 14, 15)
-
-
16. A computer system executing instructions for initializing a user'"'"'s electronic device for secure connection to an enterprise computer network, the computer system comprising:
-
at least one processor; and a memory operatively coupled with the at least one processor, the processor executing a computer program including; program code for sending, to an electronic device, a uniform resource locator (URL) that links to an enterprise computer network; program code for authenticating a user of the electronic device to the enterprise computer network, the user connecting the electronic device to the enterprise computer network using the URL; program code for installing a profile on the electronic device in response to the authenticating, the profile associated with the user; program code for posting, on a server of the enterprise computer network, an enrollment notification for the electronic device; program code for detecting, on the enterprise computer network, an inquiry for notifications from the electronic device; program code for pushing, from the enterprise computer network to the electronic device, a secure workspace application and a configuration for the secure workspace application in response to the detecting, the secure workspace application selected based on a device identifier of the electronic device and the profile; and program code for automatically enrolling the secure workspace application with the enterprise computer network as a child of the electronic device upon the secure workspace application being started on the electronic device. - View Dependent Claims (17, 18, 19, 20)
-
Specification