Application program as key for authorizing access to resources

US 9,847,986 B2
Filed: 11/17/2015
Issued: 12/19/2017
Est. Priority Date: 03/15/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

determining, in a client device, whether the client device complies with at least one distribution rule associated with at least one resource;

in response to determining that the client device complies with the at least one distribution rule, transmitting a request for access to a resource, the request including an indication that the client device complies with the at least one distribution rule, wherein the distribution rule requires installation of a key application on the client device as a prerequisite to accessing the resource and the request includes a key application identifier identifying the key application;

authorizing the client device to access the resource; and

in response to a receiving the authorization to access the requested resource, accessing the requested resource on the client device.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a networked environment, a client side application executed on a client device may transmit a request to an authorization service for access to a resource. The authorization service may authenticate the user of client device and/or the client device based on user credentials and/or a device identifier. In response to authenticating the user and/or the client device, the authorization service may send to the client side application a request for confirmation that the client device complies with a distribution rule associated with the resource, where the distribution rule requires a specific application or specific type of application to be installed, enabled and/or executing on the client device as a prerequisite to accessing the resource. If the client device complies with the distribution rule, the client side application accesses the resource. Accessing the resource may include receiving an authorization credential required for access to the resource.

152 Citations

17 Claims

1. A method comprising:
- determining, in a client device, whether the client device complies with at least one distribution rule associated with at least one resource;
  
  in response to determining that the client device complies with the at least one distribution rule, transmitting a request for access to a resource, the request including an indication that the client device complies with the at least one distribution rule, wherein the distribution rule requires installation of a key application on the client device as a prerequisite to accessing the resource and the request includes a key application identifier identifying the key application;
  
  authorizing the client device to access the resource; and
  
  in response to a receiving the authorization to access the requested resource, accessing the requested resource on the client device.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the request further comprises at least one of a set of user credentials or a device identifier identifying the client device.
  - 3. The method of claim 1, wherein determining whether the client device complies with the at least one distribution rule further comprises:
    - receiving, from an authorization service, a device profile, the device profile including the at least one distribution rule; and
      
      storing the device profile on the client device.
  - 4. The method of claim 3, wherein the determination that the client device complies with the distribution rule is performed by a client side application based upon the device profile.
  - 5. The method of claim 1, wherein the authorization to access the resource comprises an authorization credential required for access to the resource.
  - 6. The method of claim 1, wherein the distribution rule further requires the key application to be executing on the client device as the prerequisite to accessing the resource.

7. A client device comprising:
- a network connectivity interface for enabling communication between the client device and an authorization service via a network;
  
  a memory for storing a client side application and a key application;
  
  a processor communicatively coupled to the memory for executing said client side application, wherein the client side application is configured to cause the client device to at least;
  
  determine whether the client device complies with at least one distribution rule associated with at least one resource accessible through an authorization service;
  
  in response to determining that the client device complies with the at least one distribution rule, transmit a request to the authorization service for access to a resource, the request including an indication that the client device complies with the at least one distribution rule, wherein the distribution rule requires installation of a key application on the client device as a prerequisite to accessing the resource and the request includes a key application identifier identifying the key application;
  
  receive, from the authorization service, authorization to access the resource; and
  
  in response to a receiving the authorization to access the requested resource, access the requested resource on the client device.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The client device of claim 7, wherein the request further comprises at least one of a set of user credentials or a device identifier identifying the client device.
  - 9. The client device of claim 7, wherein the client device determines whether the client device complies with the at least one distribution rule by:
    - receiving, from the authorization service, a device profile, the device profile including the at least one distribution rule; and
      
      storing the device profile on the client device.
  - 10. The client device of claim 9, wherein the determination that the client device complies with the distribution rule is performed by the client side application based upon the device profile.
  - 11. The client device of claim 7, wherein the authorization to access the resource comprises an authorization credential required for access to the resource.
  - 12. The client device of claim 7, wherein the distribution rule further requires the key application to be executing on the client device as the prerequisite to accessing the resource.

13. A non-transitory computer-readable medium embodying a program executable in a client device, the program, when executed, causing the client device to at least:
- determine whether the client device complies with at least one distribution rule associated with at least one resource accessible through an authorization service;
  
  in response to determining that the client device complies with the at least one distribution rule, transmit a request to the authorization service for access to a resource, the request including an indication that the client device complies with the at least one distribution rule, wherein the distribution rule requires installation of a key application on the client device as a prerequisite to accessing the resource and the request includes a key application identifier identifying the key application;
  
  receive, from the authorization service, authorization to access the resource; and
  
  in response to a receiving the authorization to access the requested resource, access the requested resource on the client device.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The non-transitory computer-readable medium of claim 13, wherein the program, when executed, causes the client device to determine whether the client device complies with the at least one distribution rule by:
    - receiving, from the authorization service, a device profile, the device profile including the at least one distribution rule; and
      
      storing the device profile on the client device.
  - 15. The non-transitory computer-readable medium of claim 14, wherein the determination that the client device complies with the distribution rule is performed by a client side application based upon the device profile.
  - 16. The non-transitory computer-readable medium of claim 15, wherein the authorization to access the resource comprises an authorization credential required for access to the resource.
  - 17. The non-transitory computer-readable medium of claim 13, wherein the request further comprises at least one of a set of user credentials or a device identifier identifying the client device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AirWatch LLC (Broadcom, Inc.)
Original Assignee
AirWatch LLC (Broadcom, Inc.)
Inventors
Stuntebeck, Erich
Primary Examiner(s)
LE, CHAU D

Application Number

US14/943,293
Publication Number

US 20160072790A1
Time in Patent Office

763 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/335   for accessing specific reso...

G06F 21/6218   to a system of files or obj...

H04L 63/08   for authentication of entit...

H04L 63/105   Multiple levels of security

H04L 67/303   Terminal profiles

Application program as key for authorizing access to resources

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

152 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Application program as key for authorizing access to resources

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

152 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links