Validating the identity of an application for application management
First Claim
Patent Images
1. A computer-implemented method comprising:
- installing an application at a first location of a computing device, at least one token being embedded in the application;
storing, at a second location of the computing device and separately from the application, application metadata comprising at least one corresponding token, wherein each of the at least one corresponding token corresponds to one of the at least one token embedded in the application;
challenging the application to provide a response prior to granting the application access to a computing resource;
obtaining the at least one corresponding token from the application metadata stored at the computing device;
generating an expected response that is based, at least in part, on the at least one corresponding token obtained from the application metadata;
comparing the expected response to the response received from the application; and
either granting or denying the application access to the computing resource based on whether the expected response matches the response received.
8 Assignments
0 Petitions
Accused Products
Abstract
A method of managing access to enterprise resources is provided. An access manager may operate at a mobile device to validate a mobile application installed at that mobile device. If the access manager does not successfully validate the mobile application, the access manager may prevent the mobile application from accessing computing resource. If the access manager does successfully validate the mobile application, then the access manager may identify the mobile application as a trusted mobile application. The access manager may thus permit the trusted mobile application to access the computing resource.
-
Citations
20 Claims
-
1. A computer-implemented method comprising:
-
installing an application at a first location of a computing device, at least one token being embedded in the application; storing, at a second location of the computing device and separately from the application, application metadata comprising at least one corresponding token, wherein each of the at least one corresponding token corresponds to one of the at least one token embedded in the application; challenging the application to provide a response prior to granting the application access to a computing resource; obtaining the at least one corresponding token from the application metadata stored at the computing device; generating an expected response that is based, at least in part, on the at least one corresponding token obtained from the application metadata; comparing the expected response to the response received from the application; and either granting or denying the application access to the computing resource based on whether the expected response matches the response received. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-implemented method comprising:
-
receiving, at an application installed at a first location of a computing device, a challenge to provide a response prior to obtaining access to a computing resource; generating, by the application, a response that is based, at least in part, on a token embedded in the application; providing, by the application, the response for comparison to an expected response that has been generated based, at least in part, on a corresponding token obtained from application metadata stored at a second location of the computing device separately from the application installed at the computing device, wherein the corresponding token obtained from the application metadata corresponds to the token embedded in the application; and obtaining, by the application, access to the computing resource responsive to a determination that the expected response matches the response provided by the application. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A computer-implemented method comprising:
-
embedding a token in an application; providing, to a computing device for storage at a first location of the computing device, application metadata comprising a corresponding token that corresponds to the token embedded in the application; including, in the application, a management framework that configures the application to; (i) generate, in response to receiving a challenge, a response that is based, at least in part, on the token embedded in the application, and (ii) provide the response for comparison to an expected response that has been generated at the computing device based, at least in part, the corresponding token that has been obtained from the application metadata stored at the computing device; and providing the application to the computing device for installation at a second location of the computing device and separately from the application metadata. - View Dependent Claims (19, 20)
-
Specification