Application program as key for authorizing access to resources
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-029/06
G06F-021/10
G06F-021/33
G06F-021/62
출원번호
US-0842623
(2013-03-15)
등록번호
US-9203820
(2015-12-01)
발명자
/ 주소
Stuntebeck, Erich
출원인 / 주소
AirWatch LLC
대리인 / 주소
Thomas | Horstemeyer, LLP
인용정보
피인용 횟수 :
1인용 특허 :
84
초록▼
In a networked environment, a client side application executed on a client device may transmit a request to an authorization service for access to a resource. The authorization service may authenticate the user of client device and/or the client device based on user credentials and/or a device ident
In a networked environment, a client side application executed on a client device may transmit a request to an authorization service for access to a resource. The authorization service may authenticate the user of client device and/or the client device based on user credentials and/or a device identifier. In response to authenticating the user and/or the client device, the authorization service may send to the client side application a request for confirmation that the client device complies with a distribution rule associated with the resource, where the distribution rule requires a specific application or specific type of application to be installed, enabled and/or executing on the client device as a prerequisite to accessing the resource. If the client device complies with the distribution rule, the client side application accesses the resource. Accessing the resource may include receiving an authorization credential required for access to the resource.
대표청구항▼
1. A method performed by a client side application executed on a client device comprising: transmitting a request to an authorization service for access to a resource;receiving from the authorization service a request for confirmation that the client device complies with a distribution rule associat
1. A method performed by a client side application executed on a client device comprising: transmitting a request to an authorization service for access to a resource;receiving from the authorization service a request for confirmation that the client device complies with a distribution rule associated with the resource, wherein the distribution rule requires a previous installation of a key application to be installed on the client device as a prerequisite to accessing the resource and the request for confirmation includes a key application identifier identifying the key application; andin response to a determination that the client device complies with the distribution rule, accessing the resource. 2. The method of claim 1, wherein the resource is stored on an enterprise server. 3. The method of claim 1, wherein the resource is stored on the client device. 4. The method of claim 1, further comprising receiving the distribution rule along with the request for confirmation. 5. The method of claim 1, wherein the determination that the client device complies with the distribution rule is performed by the client side application. 6. The method of claim 1, wherein the determination that the client device complies with the distribution rule is performed by the authorization service. 7. The method of claim 1, wherein accessing the resources further comprises receiving authorization to access the resource, and the authorization comprises an authorization credential required for access to the resource. 8. A client device comprising: a network connectivity interface for enabling communication between the client device and an authorization service via a network;a memory for storing a client side application and a key application;a processor communicatively coupled to the memory for executing said client side application, wherein said client side application comprises executable instructions for: transmitting to an authorization service, via the network connectivity interface, a request for access to a resource;receiving from the authorization service, via the network connectivity interface, a request for confirmation that the client device complies with a distribution rule associated with the resource, wherein the distribution rule requires a previous installation of a key application to be installed on the client device as a prerequisite to accessing the resource and the request for confirmation includes a key application identifier identifying the key application;in response to determining that the client device complies with the distribution rule, receiving an authorization credential from the key application; andusing the authorization credential to access the resource. 9. The client device of claim 8, wherein the authorization credential comprises at least one of a PIN, a key, a password, a certificate, and a token. 10. The client device of claim 8, wherein the distribution rule further requires the key application to be enabled on the client device as the prerequisite to accessing the resource. 11. The client device of claim 8, wherein the distribution rule further requires the key application to be executing on the client device as the prerequisite to accessing the resource. 12. The client device of claim 8, wherein the client side application further comprises executable instructions for receiving the resource from the authorization service and storing the resource in the memory. 13. The client device of claim 8, wherein the resource is stored in the memory. 14. A network server comprising: a network connectivity interface for enabling communication between the network server and a client side application executed by a client device via a network;a memory for storing a resource, an authorization service, and at least one distribution rule;a processor communicatively coupled to the memory for executing said authorization service, wherein said authorization service comprises executable instructions for: receiving from a client side application, via the network connectivity interface, a request for access to the resource;determining that the distribution rule is associated with the resource, wherein the distribution rule requires a previous installation of a key application to be installed on the client device as a prerequisite to the client side application accessing the resource;transmitting, to the client side application, a request for confirmation that the client device complies with the distribution rule, the request for confirmation including a key application identifier identifying the key application; andin response to a determination that the client device complies with the distribution rule, providing the client side application authorization to access the resource. 15. The network server of claim 14, wherein the authorization service further comprises executable instructions for receiving from the client device information to allow the authorization service to make the determination that the client device complies with the distribution rule. 16. The network server of claim 14, wherein the authorization service further comprises executable instructions for authenticating at least one of user credentials and a device identifier received from the client side application. 17. The network server of claim 14, wherein authenticating the at least one of user credentials and a device identifier comprises determining that at least one of the user credentials and the device identifier is associated with the resource. 18. The network server of claim 14, wherein providing the client side application authorization to access the resource comprises providing an authorization credential to the client side application, wherein the authorization credential is required for access to the resource. 19. The network server of claim 14, wherein providing the client side application authorization to access the resource comprises providing an authorization credential to a distribution service on behalf of the client side application, wherein the distribution service provides the client side application access to resources in response to authenticating the authorization credential.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (84)
Wright,Michael; Boucher,Peter; Nault,Gabe; Smith,Merrill; Jacobson,Sterling K; Wood,Jonathan; Mims,Robert, Administration of protection of data accessible by a mobile device.
Bhaskaran,Harikrishnan, Communication system and method for compressing information sent by a communication device to a target portable communication device.
Johnson, David Nephi; Nielson, Dustin Lance; Griffis, Jr., Jerry E.; Beus, David Kent; Jensen, Nathan Blaine; Street, William; Sherman, Paul Erik; Cook, Michael William; Carter, Stephen R, Credential mapping.
Mendez, Daniel J.; Riggins, Mark D.; Wagle, Prasad; Bui, Hong Q.; Ng, Mason; Quinlan, Sean Michael; Ying, Christine C.; Zuleeg, Christopher R.; Cowan, David J.; Aptekar-Strober, Joanna A.; Bailes, R. Stanley, Global server for authenticating access to remote services.
Craft, David John; Dubey, Pradeep K.; Hofstee, Harm Peter; Kahle, James Allan, Method and system for controlled distribution of application code and content data within a computer network.
Craft, David John; Dubey, Pradeep K.; Hofstee, Harm Peter; Kahle, James Allan, Method and system for controlled distribution of application code and content data within a computer network.
Maurya, Sanjiv; Tse, Benson Wei-Ming; VanZile, Frank; Bonham, Larry Dean; Peterson, Phil; Friend, John, Method and system for distributing and updating software in wireless devices.
Bruton, III, David Aro; Overby, Jr., Linwood H.; Rodriguez, Adolfo Francisco, Methods, systems and computer program products for selectively allowing users of a multi-user system access to network resources.
Laird,David; Jones,Martin Kelly, Notification systems and methods enabling user entry of notification trigger information based upon monitored mobile vehicle location.
Wright,Michael; Boucher,Peter; Nault,Gabe; Smith,Merrill; Jacobson,Sterling K; Wood,Jonathan; Mims,Robert, Protection of data accessible by a mobile device.
Mann, Dwayne R.; Heard, Robert W.; Burchett, Christopher D.; Gordon, Ian R., Server, computer memory, and method to support security policy maintenance and distribution.
Wolovitz, Lionel; Collins, Tim, Service management system and associated methodology of providing service related message prioritization in a mobile client.
Ng, Mason; Mendez, Daniel J.; Quinlan, Sean Michael, System and method for automatically forwarding email and email events via a computer network to a server computer.
Heard, Robert W.; Mann, Dwayne R.; Burchett, Christopher D.; Gordon, Ian R., System and method for distribution of security policies for mobile devices.
Riggins Mark D. ; Bailes R. Stanley ; Bui Hong O. ; Cowan David I. ; Mendez Daniel I. ; Ng Mason ; Quinlan Sean Michael ; Wagle Prasad ; Ying Christine C. ; Zuleeg Christopher R. ; Aptekar-Strober Jo, System and method for globally accessing computer services.
Mendez, Daniel J.; Riggins, Mark D.; Wagle, Prasad; Bui, Hong Q.; Ng, Mason; Quinlan, Sean Michael; Ying, Christine C.; Zuleeg, Christopher R.; Cowan, David J.; Aptekar-Strober, Joanna A.; Bailes, R., System and method for globally and securely accessing unified information in a computer network.
Mendez,Daniel J.; Riggins,Mark D.; Wagle,Prasad; Bui,Hong Q.; Ng,Mason; Quinlan,Sean Michael; Ying,Christine C.; Zuleeg,Christopher R.; Cowan,David J.; Aptekar Strober,Joanna A.; Bailes,R. Stanley, System and method for globally and securely accessing unified information in a computer network.
Mendez Daniel J. ; Riggins Mark D. ; Wagle Prasad ; Ying Christine C., System and method for securely synchronizing multiple copies of a workspace element in a network.
Ng Mason ; Quinlan Sean Michael ; Ruan Tom ; Mendez Daniel J. ; Zhu Jing ; Cheng ; Jr. Martin ; Williams Matt ; Riggins Mark D., System and method for updating a remote database in a network.
Mendez Daniel J. ; Riggins Mark D. ; Wagle Prasad ; Ying Christine C., System and method for using a global translator to synchronize workspace elements across a network.
Piccionelli, Greg A.; Rittmaster, Ted R., System and process for limiting distribution of information on a communication network based on geographic location.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.